Privacy policy

Privacy Policy – last updated: 17.11.2025

I. General Information

1. Introductory Remarks

We, RAM Swiss Watches AG, operate the website https://ram-watches.com/ which provides information and offers related to high-quality watches from the RAM collection. With this privacy policy, we aim to explain how we collect and process personal data of website visitors, customers, suppliers, and other individuals with whom we have a business relationship (collectively referred to as “users”).

The responsible handling and protection of your personal data is very important to us.

You may only provide us with personal data of third parties if you are authorized to do so and if the data is accurate. Please ensure that the affected individuals are aware of this privacy policy.

This privacy policy is designed to comply with the requirements of the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). Under Section III at the end of this privacy policy, you will also find further information regarding US data protection law (“Information on US data protection law”). Whether and to what extent these laws apply depends on the individual case.

We may amend this privacy policy at any time without prior notice. The version currently published on our website applies.

2. Responsible for Data Protection Matters

Responsibility for the content of this privacy policy and for the data processing described herein lies with:

RAM Swiss Watches AG
Riedstrasse 1
6343 Rotkreuz
Switzerland
Email: dataprotection@ram-watches.com
Phone: +41 41 741 01 71

3. EU Data Protection Representative

For individuals residing in countries of the European Economic Area (EEA), including the European Union (EU) and the Principality of Liechtenstein, as well as for the country-specific supervisory authorities provided for under the GDPR, we appoint the following entity as our EU data protection representative in accordance with Article 27 of the GDPR:

VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Deutschland
Email: info@datenschutzpartner.eu
Website: https://www.datenschutzpartner.eu/

4. Terminology

To improve clarity and understanding, we would like to explain the key terms used in this privacy policy. These definitions follow the terminology used in the Swiss Federal Act on Data Protection:

• Personal data (GDPR: personal data): any information relating to an identified or identifiable natural person.
• Data subjects: natural persons whose data is processed.
• Processing (GDPR: processing): any handling of personal data, regardless of the methods and procedures used—particularly the collection, storage, retention, use, modification, disclosure, archiving, deletion, or destruction of data.
• Controller: a private person or federal body who alone or jointly with others determines the purpose and means of the processing of personal data.
• Processor (GDPR: processor): a private person or federal body who processes personal data on behalf of the controller.

5. Legal Basis for Data Processing

This privacy policy complies with the requirements of the Swiss Federal Act on Data Protection (“FADP”), its associated ordinance (“DPO”), as well as the General Data Protection Regulation of the European Union (“GDPR”). The applicable laws and the extent of their application depend on the individual case. Foreign data protection laws only apply to the extent that the applicable legal framework requires it and only for the specific data processing activities and individuals concerned.

We comply with the applicable data protection regulations when processing personal data.

The processing of personal data must not unlawfully infringe on the privacy of the data subjects. Therefore, such processing must adhere to the principles of data protection law and/or be justified by a legitimate legal basis. In particular, we are authorized to process personal data if the processing:

• is based on a legal obligation. The processing of personal data may be required or legitimized by law.
• The processing of personal data may be required or legitimized by law.
• is necessary for the performance of a contract with the data subject or for pre-contractual measures. Most of the personal data processing takes place in the context of fulfilling contractual obligations (e.g., the sale of goods and services via our webshop).
• is necessary for the protection of legitimate interests of ours or third parties
• A legitimate interest exists especially when personal data is processed for the purposes stated in section 8 below, as well as for data disclosures according to section 10 and the associated objectives.
• is based on consent. Where the processing of personal data is based on your consent, we will inform you separately and transparently. You may withdraw your consent at any time with effect for the future via the appropriate functions (e.g., unsubscribe link in newsletters) or by sending a written notice to us (see contact information in sections 2 and 3 above). Upon receipt of your withdrawal, we will stop the processing of the affected data unless we can rely on another legal basis.
• is necessary for compliance with domestic or foreign legal obligations. 

6. Categories of personal data

Depending on the services you use and the relationship between you and us, we process the following categories of personal data in particular:

• Master data: e.g., title, first name, last name, gender, date of birth, age, address and contact details such as postal and billing addresses, phone numbers, email addresses, customer number; for suppliers and business partners, details of contact persons within the company, supplier numbers, usernames, language, nationality, profession, usernames, financial information, and information about your status with us (e.g., account inactivity or blocking).
• Contract data: e.g., information related to the initiation, conclusion, execution, administration, and termination of contracts between you and us; information related to job applications (see also section 16); interaction history; financial and payment information such as creditworthiness; information related to the enforcement of claims; bank details; information and data stored by you in your user account.
• Communication data: e.g., master data, contract data, content exchanged through the respective communication channel, type, time, and possibly location of the communication, metadata, information on linked websites and social media profiles, preferences and interests, language preferences, etc.
• Behavioral data: e.g., information about attendance at events, participation in contests and competitions, information on usage and behavior on our websites and applications (see also section 14), use of our infrastructure (website, digital communication channels, etc.).
• Technical data: e.g., IP addresses, general information about the operating system and browser, information about visits to our websites and applications (date, time, duration, number of views, content accessed), referrer website, device identifiers, login data, cookies (see also section 14.2).
• Marketing data: e.g., information about personal preferences and interests, newsletter subscriptions and unsubscriptions, content of marketing communications.
• Image and audio recordings: e.g., recordings of phone and video conference calls (only after prior notice and, where required, with your consent), recordings related to customer or staff events.
• Compliance data: e.g., data related to investigations, assessments, and measures in the area of compliance (including compliance incidents).

7. Source of the Data

We collect personal data primarily directly from you as the data subject. This includes, in particular, master data, contract data, communication data, and behavioral data. Such data is collected in the course of initiating and conducting business relationships, as well as through the use of our services and offerings.

If you provide us with data about other individuals (e.g., business partners), you must ensure that you are authorized to do so and that the data is accurate. In addition, those individuals must be informed of this privacy policy beforehand.

We may also collect personal data about you ourselves, either manually or automatically, or derive it from existing data. This includes, in particular, behavioral, preference, and technical data.

Such third-party sources may include individuals from your personal or professional environment, service providers, business partners, distribution partners, intermediaries, insurance companies, banks, online service providers, authorities, government agencies, courts, legal parties, and their legal representatives in the context of legal proceedings, etc. We may also obtain personal data from public sources (e.g., credit agencies).

8. Purpose of Data Processing

We process the collected data to fulfill our legal and contractual obligations to you and third parties. This includes, in particular, initiating, managing, and executing contractual relationships, as well as presenting and marketing our offerings on our website.

In addition, we process the data to ensure communication with you, provide and improve the products, services, and offerings you request, and manage your use of and access to our products, services, and information. We also use the data to maintain and develop our business relationship with you, to conduct advertising and marketing activities (where authorized, for example through your consent), and to monitor and enhance the performance of our services.

Data processing also supports the enforcement or defense of legal claims, the detection, prevention, or investigation of illegal activities, and compliance with applicable laws and recommendations from domestic and foreign authorities, as well as internal regulations (“compliance”). Furthermore, it ensures effective risk management, the general operation of our business—particularly in IT and website management—and the smooth running of administrative processes such as data archiving, accounting, master data maintenance, and quality assurance.

9. Duration of Personal Data Processing

We process your personal data for as long as we are legally required to do so (e.g., due to retention and archiving obligations), or as long as our legitimate business interests require it (e.g., for the enforcement or defense of legal claims, ensuring IT security), or as long as necessary for the purpose for which the data was collected, or when technical conditions require retention.

In certain cases, we may retain your personal data for a longer period based on your consent (e.g., pending job applications).

Within the context of contractual relationships, data is generally retained for the duration of the contract and for the applicable statutory retention periods thereafter. This may result in your personal data—or parts thereof—being stored for several years after the termination of the contractual relationship between you and us.

If your personal data is no longer required for the purposes mentioned above, it will, as a rule and where possible, be deleted or anonymized.

10. Disclosure of Personal Data to Third Parties

To the extent permitted by law and where necessary, we may disclose certain personal data to third parties in the course of our business activities. Where permissible, these third parties may process your personal data either on our behalf (as processors), under joint responsibility with us, or under their own responsibility as controller. This includes, among others:

• Group companies
• Our service providers, such as banks, insurance companies, IT providers, shipping companies, debt collection agencies, credit rating agencies, cleaning companies, advertising service providers, event organizers, lawyers, external consultants, etc.
• Business partners, such as suppliers, distribution partners, and intermediaries
• Domestic and foreign authorities, government agencies, and courts
• Other parties involved in administrative and legal proceedings
• Participants in corporate transactions, such as the purchase, sale, or merger of companies or business units
• Other third parties necessary for achieving the purpose of the respective data processing activity

Where necessary, we have entered into appropriate agreements with these third parties. In cases where processors are engaged, they are contractually obligated to comply with data protection and data security regulations. Furthermore, they may only process personal data in accordance with our instructions. They also grant us comprehensive audit and control rights, as well as rights to information, correction, and deletion.

11. Disclosure of Personal Data Abroad

As a rule, we process and store personal data in Switzerland and within the European Economic Area (EEA). In certain cases, however, we may also disclose personal data to service providers and recipients located outside this area or who process personal data outside this area—potentially in any country worldwide. In particular, you should expect that personal data may be disclosed to all countries where the service providers and their subcontractors engaged by us are located (especially the USA; see also sections 14 and 15 below).

By implementing appropriate measures, we ensure compliance with legal requirements in such cases. Specifically, this means that an adequacy decision has been issued by the relevant authority. If no such decision exists, the transfer of personal data takes place based on suitable safeguards (especially standard contractual clauses approved by the European Commission and the Swiss Federal Data Protection and Information Commissioner [FDPIC]). In certain situations, exceptions may apply (e.g., contract execution, legal enforcement abroad), or we obtain your explicit consent.

12. Data Security

To protect your data, we maintain technical and organizational security measures in accordance with the current state of the art.

Communication via our website is encrypted using the SSL/TLS encryption protocol. However, we would like to point out that even encrypted data transmission over the internet always carries certain security risks. Complete protection of data from third-party access cannot be guaranteed.

13. Your Rights as a Data Subject

Provided the requirements of the applicable data protection laws are met and no legal exceptions apply, you generally have the following rights in connection with the processing of your personal data:

• to request information about whether and, if so, which personal data we process about you;
• to request the correction of incorrect or incomplete personal data;
• to request the deletion or anonymization of your personal data;
• to request data portability;
• to withdraw any consent you have given for the processing of your personal data with effect for the future;
• to object to the processing of your personal data (in particular with regard to direct marketing).

Please note that these rights may be restricted or excluded in specific cases (e.g., to protect third parties or trade secrets).

To exercise your rights as a data subject, or if you have questions about this privacy policy or the data processing activities described herein, you may contact the data protection officer mentioned above (see section 2) or our EU data protection representative (see section 3) at any time.

If you believe that your data has been processed unlawfully, we would appreciate you contacting us directly. Alternatively, you may file a complaint with the supervisory authority responsible for you. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC). A list of authorities in the EEA can be found here.

 

II. Additional Information Related to Specific Data Processing Activities

14. Data Processing in Connection with the Use of Our Website

14.1. Website and WebshopHosting-Provider

Our website and web shop (hereinafter also collectively referred to as the "shop system") are operated by Shopify International Limited (hereinafter "Shopify"), located at Victoria Buildings, 1-2 Harrington Road, Dublin 4, DO4 XN32, Ireland. In this context, the shop system processes your personal data (in particular, master data, contract data, communication data, behavioral data, technical data, marketing data, and compliance data) and transfers it to Shopify for processing. Your personal data is processed for the following purposes:

• Operation of the shop system and provision of our services
• Support and processing of inquiries and orders
• Risk and fraud detection
• Authentication and payment processing
• Improvement of our services and the customer experience

Shopify may share your data with affiliated companies based in Canada and the USA as part of subcontracting. To this end, Shopify has taken appropriate measures to comply with legal requirements.

Further information on data protection at Shopify can be found here: https://www.shopify.com/ch/legal/datenschutz.

We have concluded a data processing agreement with Shopify. It can be viewed here: https://www.shopify.com/ch/legal/impressum.

Within the scope of the GDPR, this data is processed based on our legitimate interests (Art. 6(1)(f) GDPR) for the purposes listed above, to fulfill our contractual and legal obligations (Art. 6(1)(b) and (c) GDPR), or with your consent (Art. 6(1)(a) GDPR). 

 

14.2. Cookies

Our website uses so-called “cookies.” Cookies are small text files that do not cause any harm to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your device until you delete them yourself or your web browser deletes them automatically.

In some cases, cookies from third-party companies (third-party cookies) may also be stored on your device when you use our website. These allow us or you to use certain services provided by the third party (e.g., cookies for processing payment services).

Cookies serve various purposes. Many cookies are technically necessary, as certain website functions would not work without them (e.g., displaying videos). Other cookies are used to analyze user behavior or to display advertisements.

When you first visit our website, you can choose your preferences regarding cookie use via the cookie banner; however, the storage of technically necessary cookies cannot be disabled. If you do not agree to the use of such cookies, we kindly ask you not to visit our website. You can adjust your selected preferences regarding cookie use at any time via the "Cookie Settings" link in the footer of our website.

Additionally, you can configure your browser so that no cookies are stored on your device, or so that a notification appears each time a cookie is set. The following pages provide instructions on how to manage cookie settings for the most common browsers:

• Microsoft Windows Internet Explorer
• Microsoft Windows Internet Explorer Mobile
• Mozilla Firefox
• Google Chrome for Desktop
• Google Chrome for Mobile
• Apple Safari for Desktop
• Apple Safari for Mobile

Disabling cookies may limit the functionality of this website. We use cookies to facilitate electronic communication processes, provide certain functionalities, and optimize our website (technically necessary cookies).

Within the scope of the GDPR, technically necessary cookies are stored based on our legitimate interest (Article 6(1)(f) GDPR). If consent has been requested for the storage of cookies or similar recognition technologies, processing is carried out based on your consent (Article 6(1)(a) GDPR). Consent can be withdrawn at any time with future effect. 

 

14.3. Communication Options

14.3.1. General Information

On our website, we offer various ways for you to contact us, primarily by email, telephone, post, or contact form.

Regardless of the communication channel used, your inquiry—including all personal data you provide—is stored and processed by us for the purpose of handling your request. You are responsible for the content you submit.

Within the scope of the GDPR, this data is processed either for the purpose of initiating or fulfilling a contract (Article 6(1)(b) GDPR), based on our legitimate interest in processing incoming inquiries (Article 6(1)(f) GDPR), or based on your consent (Article 6(1)(a) GDPR). 

 

14.3.2. Contact Form

On our website, users have the option to contact us via a contact form. To use the contact form, you are required to enter your name, email address, and the subject of your inquiry. The personal data submitted via the online form is processed for the purpose of addressing you personally, forwarding the inquiry to the appropriate contact person, and processing and responding to your request. By using the contact form, you consent to the processing of the personal data you provide.

The contact form is part of our shop system and is provided by Shopify (see section 14.1 above).

 

14.4. Embedded Videos

We embed videos and visual content (collectively referred to as “videos”) on our website. These videos are hosted on third-party servers (see below for details).

Within the scope of the GDPR, the processing of this data is based on our legitimate interest (Article 6(1)(f) GDPR) in enhancing your user experience and providing clear, up-to-date information about our products and services, or on your consent (Article 6(1)(a) GDPR).

 

14.4.1. YouTube

We maintain a profile on YouTube and may embed videos from there on our website or in our apps. The operator of the pages is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode, which, according to YouTube, only initiates the storage of user information once a video is played. However, the extended data protection mode does not necessarily exclude the transfer of data to YouTube partners.

As soon as you start a YouTube video on our website or in our apps, a connection is established with YouTube's servers (potentially also in the USA). In this context, YouTube becomes aware of which of our pages you have visited. If you are logged into your YouTube account, you also enable YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

In addition, after starting a video, YouTube may store various cookies on your device or use similar recognition technologies (e.g., device fingerprinting). According to YouTube, this serves, among other things, to collect video statistics, improve user-friendliness, and prevent abusive behavior.

Further data processing operations may be triggered once a YouTube video starts, over which we have no control.

We have entered into a data processing agreement with Google. More information is available here: https://www.youtube.com/t/terms_dataprocessing
You can also find more information about data protection on YouTube in their privacy policy: https://policies.google.com/privacy?hl=en

 

14.4.2. Vimeo

We operate a Vimeo channel and embed videos from the Vimeo platform on our website. The platform is operated by Vimeo.com, Inc., 330 West 34th Street, 5th Floor, New York, New York 10001, USA ("Vimeo").

We use Vimeo in extended data protection mode, which, according to Vimeo, only initiates the storage of user information once a video is played. However, the extended data protection mode does not necessarily exclude the transfer of data to Vimeo partners.

As soon as you start a Vimeo video on our website, a connection is established with Vimeo’s servers (including in the USA and globally). In this context, Vimeo may learn which of our pages you have visited. If you are logged into your Vimeo account, you also allow Vimeo to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.

In addition, after starting a video, Vimeo may store various cookies on your device or use similar recognition technologies (e.g., device fingerprinting). In this way, Vimeo can obtain information about you. According to Vimeo, this serves purposes such as collecting video statistics, improving user experience, and preventing abuse.

Further data processing operations may be triggered once a Vimeo video starts, over which we have no control.

Where necessary, we have concluded a data processing agreement with Vimeo. More information is available here: https://www.vhx.tv/data-processing.

You can find Vimeo’s privacy policy here: https://vimeo.com/privacy.

 

14.5. Analytics

14.5.1. General Information

We use services provided by third-party companies on our website to analyze how our website is used, compile reports on website activity, and gather insights for improving our services. This helps us gain a better understanding of our users' experiences (e.g., how much time users spend on which pages, which links they click, what they like or dislike, etc.).

In particular, the following data may be collected: the IP address of the device (captured and stored in anonymized form), screen resolution, device type (unique device identifiers), information about the browser used, the location (country only), and the preferred language used to view our website. Information may also be gathered about mouse and keyboard usage, the date and time of the visit, and the pages visited. We have a legitimate interest in this processing.

We only use these services with IP anonymization enabled. This means IP addresses are processed in a shortened form, and a direct personal reference is excluded.

We use the services of the following providers:

 

14.5.2. Google Inc.

Our website uses functions and services provided by Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services.

In addition to the explanations provided below, you can find more information about data protection at Google in their privacy policy: https://policies.google.com/privacy.

Within the scope of the GDPR, the processing of this data is based on our legitimate interest (Article 6(1)(f) GDPR) in maintaining an attractive online presence and expanding our reach, or on your consent (Article 6(1)(a) GDPR).

Our website uses features of the web analysis and marketing tools Google Fonts, Google Analytics, Google Tag Manager, and Google Ads.

Our website uses Google Fonts to ensure a consistent display of fonts. These fonts are dynamically loaded from Google servers. In this context, the user's IP address is transmitted to Google. Within the scope of the GDPR, the processing of this data is based on your consent (Article 6(1)(a) GDPR).

Google Analytics uses cookies that enable an analysis of your use of the website. The information generated by the cookies about your use of our website is transmitted to Google servers (possibly also in the USA) and stored there. You can prevent the collection of your data by Google Analytics by clicking the following link: https://tools.google.com/dlpage/gaoptout?hl=de. This sets an opt-out cookie that prevents data collection on future visits to this website.

Google Tag Manager is a tool that allows us to manage website tags via an interface. Google Tag Manager itself is a cookie-free domain that does not collect personal data. It only triggers other tags, which may in turn collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains in effect for all tracking tags implemented via Google Tag Manager.

In addition, we use Google Ads to promote our website. For this purpose, we use Google's "Conversion Tracking" analytics service. If you reach our website via a Google ad, a cookie is placed on your device. These so-called "conversion cookies" expire after 30 days and are not used to personally identify you. If you visit certain pages of our website and the cookie has not yet expired we and Google can recognize that you, as a user, clicked on one of our ads placed on Google and were redirected to our website. The information collected through the conversion cookies is used by Google to create visit statistics for our website. These statistics tell us the total number of users who clicked on our ad and which pages of our website were subsequently accessed by the respective users. However, we do not receive any information that could personally identify users.

 

14.5.3. Meta

Our website uses the following Meta services: Meta Business Tools (such as Meta Ads Manager, Meta Pixel, and Meta Conversions API), Facebook Analytics Tools, Instagram Analytics Tools, Meta Attribution Tool, and Meta SDK (Software Development Kit).

These tools allow us to present our offerings to individuals who are likely to be interested in them. In addition, we receive insights into how our services, products, and website are used. This helps us to optimize the user experience. To achieve this, Meta analyzes visitor behavior on our website through relevant data processing activities (e.g., cookies). Meta may link this data with other personal data (e.g., name, address, phone number, IP address), typically originating from users' profiles on Meta platforms. This enables us to deliver personalized advertising.

You can opt out of receiving personalized ads by visiting: www.facebook.com/settings?tab=ads.

Individuals who have a Meta profile can only have the data collected about them deleted by deleting their respective Meta profile. Instructions for doing so can be found here:

• Delete Meta Profile
• Delete Facebook Profile
• Delete Instagram Profile

Individuals who do not have a Meta profile can find more information about how Meta handles their data and their related rights at: https://www.facebook.com/help/637205020878504.

For certain data processing activities (e.g., Facebook fan pages, Page Insights), Facebook and we are considered joint controllers. Where required, we have entered into appropriate agreements with Facebook to define the mutual rights and obligations as joint controllers (see www.facebook.com/legal/terms/page_controller_addendum).

In addition to the information above, you can find further details about data protection in the privacy policies of the respective social networks:

• Meta: https://de-de.facebook.com/privacy/policy/
• Facebook: https://www.facebook.com/policy.php
• Instagram: https://instagram.com/about/legal/privacy/

Within the scope of the GDPR, the processing of this data is based on our legitimate interest (Article 6(1)(f) GDPR) in maintaining an attractive online presence and increasing our reach, or on your consent (Article 6(1)(a) GDPR).

14.5.4. Microsoft

Our website uses Microsoft Advertising (“Microsoft Ads”). The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

Microsoft Ads stores a cookie on your device if you have accessed our website via a Microsoft Ads advertisement. This allows Microsoft Ads and us to recognize that someone has clicked on an ad, been redirected to our website, and reached a previously defined target page (conversion page). We only receive information about the total number of users who clicked on a Microsoft Ads advertisement and were redirected to the conversion page. No personal information about the identity of individual users is shared with us.

For more information on data protection at Microsoft, please visit: https://help.ads.microsoft.com/#apex/ads/en/60226/0

Within the scope of the GDPR, the processing of this data is based on our legitimate interest (Article 6(1)(f) GDPR) in maintaining an attractive online presence and increasing our reach, or on your consent (Article 6(1)(a) GDPR).

14.6. Payment service providers

When you make a payment, your payment details are sent through an interface on our web shop to the appropriate payment service provider for processing. Purchases made via our web shop are subject to the terms of use and privacy policy of Shopify Inc., which can be found at https://www.shopify.com/legal/terms and https://www.shopify.com/legal/privacy, respectively.

The data processed by payment service providers includes master data, such as names and addresses, as well as bank details (including account and credit card numbers), passwords, TANs, checksums, and contract data. This information is necessary to carry out transactions. However, only the payment service providers process and store the data entered. As the operator, we do not receive any information about bank accounts or credit cards, only confirmation of payment acceptance or rejection.

The payment service providers adhere to the PCI-DSS standards, administered by the PCI Security Standards Council. This council is a joint effort by brands such as Visa, Mastercard, American Express, and Discover. PCI DSS requirements help ensure the secure handling of payment information.

We use the following payment service providers:

·      Shopify Pay: The provider is Shopify International Limited, located at Victoria Buildings, 1-2 Harrington Road, Dublin 4, DO4 XN32, Ireland. For more information about their privacy practices, please visit https://www.shopify.com/ch/legal/datenschutz.

·      PayPal: The provider is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. For more information about their privacy practices, please visit https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

·      Twint: The provider is TWINT AG (in cooperation with your chosen bank). Further information on their data protection practices can be obtained from your bank.

Within the scope of the GDPR, your data is transferred to the aforementioned payment service providers on the basis of contract processing (Art. 6 (1) (b) GDPR) and on the basis of our legitimate interest (Art. 6 (1) (f) GDPR) in reliable, secure payment processes.

14.7. Links to Third-Party Websites

Our website, products, applications, and services may contain links to third-party websites, products, and services. This includes, in particular, links to the online shops of our distribution partners. Personal data collected and processed by these third parties is subject to their own privacy practices. This privacy policy does not apply to third-party websites that can be accessed via our website.

We recommend reviewing the privacy notices of these third-party providers. We have no influence over how these companies comply with data protection requirements and accept no responsibility for their content or privacy practices.

 

15. Processing of Personal Data in Connection with Our Social Media Channels

15.1. General Information

We maintain publicly accessible profiles on the social networks listed below. You will find linked icons for these networks on our website. By clicking on one of these icons, you will be redirected to the selected social network.

When visiting our social media profiles, personal data about you may be collected. For example, if you are logged into your social network account while visiting our profile, the platform operator may associate your visit with your user account. Even if you are logged out of your account or do not have an account with the respective network, personal data may still be collected—such as through cookies or web beacons. Based on the collected data, platform operators may create user profiles and show you interest-based advertising. For further information, please refer to the respective privacy policies of the social network providers.

The purpose and scope of data collection, as well as the further processing and use of data by the respective social network, and your rights and options for protecting your privacy, are set out in the privacy policies of the individual networks.

We also use social plugins ("plugins") from various social networks listed below. When you visit a website that includes such plugins, your browser establishes a direct connection with the servers of the respective social network. The content of the plugin is transmitted directly from the social network to your browser and integrated into the website. Through this integration, the social network receives information about how the device you are using accessed our website. If you are logged into the social network, your visit to our website can be assigned to your account on that platform. If you interact with the plugins—such as clicking the Facebook "Like" button or leaving a comment—that information is transmitted directly to the social network and stored there.

The purpose and scope of data collection and the further processing and use of data by the respective social network, as well as your rights and privacy protection options, are governed by the privacy policy of the respective provider (see below).

If you have a user account with a given social network, you can interact with us via that platform. As part of this interaction, we process the personal data you provide to us. The respective social network may also process various visitor data (e.g., IP address, device information, advertising ID, user behavior). We may also receive statistical insights based on this data (e.g., number of profile views, follower information, data related to our videos).

Within the scope of the GDPR, the use of social networks (including plugins) is based on our legitimate interest (Article 6(1)(f) GDPR) in presenting our online offerings in an engaging way, expanding our reach, and promoting our services. If consent has been obtained, processing is carried out on the basis of Article 6(1)(a) GDPR. Consent can be revoked at any time with future effect.

 

15.2. Facebook

We use selected tools from Facebook (e.g., Facebook Fan Page, Meta Business Suite). These tools are provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

You can opt out of receiving personalized ads via the following link: www.facebook.com/settings?tab=ads.

For certain data processing activities (e.g., Facebook Fan Page, Page Insights), Facebook and we are considered joint controllers. Where necessary, we have entered into appropriate agreements with Facebook to define the mutual rights and obligations of joint controllers (see: www.facebook.com/legal/terms/page_controller_addendum).

Further information on Facebook’s data protection practices can be found here: https://www.facebook.com/policy.php

 

15.3. Pinterest

We use features of the Pinterest service. The responsible entity is Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

You can opt out of data collection for interest-based advertising on Pinterest in your account settings. Instructions can be found here: https://help.pinterest.com/en/article/personalization-and-data#info-ad.

For more information about data protection at Pinterest, please refer to their privacy policy: https://policy.pinterest.com/en/privacy-policy

 

15.4. Instagram

We use features of the Instagram service. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

For more information about data protection on Instagram, please refer to their privacy policy: https://instagram.com/about/legal/privacy/

 

15.5. TikTok

We use features and services provided by TikTok, including the TikTok Pixel tool for conversion tracking in advertising campaigns. The provider is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.

For more information about data protection at TikTok, please refer to their privacy policy: https://www.tiktok.com/legal/page/eea/privacy-policy/en

 

15.6. LinkedIn

We maintain a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

For more information on how LinkedIn handles your personal data, please refer to their privacy policy: https://www.linkedin.com/legal/privacy-policy

LinkedIn uses advertising cookies. If you wish to disable them, please follow this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

 

15.7. YouTube

We maintain a profile on YouTube and may also embed videos from this platform on our website or in our apps. The operator of the platform is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

For more information on the use of YouTube, please refer to section 14.4.1 above.

15.8. Vimeo

We maintain a profile on Vimeo and may also embed videos from this platform on our website or in our apps. The platform is operated by Vimeo.com, Inc., 330 West 34th Street, 5th Floor, New York, New York 10001, USA.

For more information on the use of Vimeo, please refer to section 14.4.2 above.

16. Processing of Personal Data from Applicants

We accept applications via email. During the recruitment process, we may also work with external partners (e.g., job portals and recruitment agencies). In such cases, please also refer to the privacy policies of these partners.

We treat your data with strict confidentiality. Your personal data will only be shared within our company or group with individuals involved in processing your application.

We process the personal data you submit as part of your application, as well as any data collected during the recruitment process, insofar as this is necessary for making a decision about entering into and executing an employment contract. This includes:

• Master data (e.g., first name, last name, address, contact details, date of birth, marital status, etc.)
• Information about your educational, professional, and personal qualifications
• Information collected during the application process (e.g., as part of assessments)
• Any other information you have submitted to us or disclosed in connection with your application

We process your personal data related to the application for as long as necessary to make a decision regarding your application. Your data will be deleted no later than six months after the conclusion of the application process, unless a longer retention period is required or permitted by law, or you have consented to a longer retention period.

If the application process results in an employment relationship, your application documents will be transferred to your personnel file.

 

III. Information on US data protection law

17. Disclosures Regarding U.S. State Data Privacy and Protection Acts

Several United States jurisdictions, including California and others, provide users with certain rights regarding their personal information, including the right to access, delete, correct, and/or opt out of the “sale” or "sharing" of their personal information (“State Laws”).

Based on the size of the Company and/or our activities, we are not currently subject to these State Laws but may become subject to them in the future. Nonetheless, the different State Laws, if applicable, would provide certain rights to residents of those states. While not subject to those laws, we are committed to transparency with respect to the collection and use of your personal data, so we provide the information below so that residents of those states, and all of our Users, understand how we interact with their personal information in the context of what would be required under those laws.

California “Shine the Light” Law.

Under California Civil Code Section 1798.83, California customers are entitled to request information relating to whether a business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes. This code section applies to businesses with 20 or more full or part-time employees. At this time, the Company does not need to comply with this law, but does so voluntarily in an effort to assure you that we value your privacy.

You may request and obtain from us once a year, free of charge, certain information about the Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of Personal Information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to dataprotection@ram-watches.com. 

California Consumer Privacy Act

Organizations who are subject to the California Consumer Privacy Act (CCPA) must provide a clear and conspicuous link titled “Do Not Sell My Personal Information” on their homepage and in their privacy policy in order to meet the requirements of the new CA privacy law effective as of January 1, 2020. The law applies to businesses with over $25 million in revenue, those handling information from 100,000 consumers, or deriving 50%+ annual revenue from selling consumer personal information. At this time, the Company does not need to comply with this law, but does so voluntarily in an effort to assure you that we value your privacy.

You may opt out of the Company’s sale of your personal information at any time by emailing us at dataprotection@ram-watches.com. Under the CCPA, “personal information” is defined to include information that identifies or relates to a particular consumer or household including, but not limited to, name, postal address, email address, IP address, social security number, personal property records, purchasing histories, biometric information, internet activity such as browsing or search history, geolocation data, employment information, education information, and inferences drawn from this information, in so far as it is not publicly available information. The Company’s “sale” of personal information is broadly defined by the law to include selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration. In other words, most business-to-business transfers of personal information will fall within the definition of a sale.

The Company has provided visitors to our Website with a link to an Internet Web page on our Website enabling visitors to opt out of the “sale” of their “personal information.” Our Website also contains a recognizable and uniform opt-out logo or button to promote consumer awareness of the option to opt out. Please feel free to access both for more information and to effectively opt out.

Additionally, if you are a California resident age 16 or older, as of January 1, 2020, the CCPA gives you certain rights with respect to the processing of your personal information.

• (1) RIGHT TO KNOW REQUEST – Under the CCPA, you may have a right to request information about our collection, use, and disclosure of your personal information over the prior 12 months, and ask that we provide you with the following information:
• Categories of and specific pieces of personal information we have collected about you.
• Categories of sources from which we collect personal information.
• Purposes for collecting, using, or selling personal information.
• Categories of third parties with which we share personal information.
• Categories of personal information disclosed about you for a business purpose.
• If applicable, categories of personal information sold about you and the categories of third parties to which the personal information was sold, by category or categories of personal information for each third party to which the personal information was sold.
• (2) RIGHT TO DELETE REQUEST – You may also have a right to request that we delete personal information, subject to certain exceptions. They can be invoked if it is necessary for the Company to maintain the personal information pursuant to the exception.
• Transactional: Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’s ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
• Security: Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
• Errors: Debug to identify and repair errors that impair existing intended functionality.
• Free Speech: Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
• CalECPA Compliance: Comply with the California Electronic Communications Privacy Act.
• Research in the Public Interest: Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the business’s deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
• Expected Internal Uses: To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.
• Legal Compliance: Comply with a legal obligation.
• Other Internal Uses: Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.

Absent an exception, under the CCPA, we have 45 days to comply with your request.

• (3) DISCLOSURES OF PERSONAL INFORMATION FOR BUSINESS PURPOSE – We may have disclosed certain personal information to the categories of recipients listed in Section III of this Privacy Policy for one or more business purposes. If you are a California resident 16 years of age or older and would like to make a verifiable request for information about the personal information we have collected about you or a request for deletion of such personal information, please submit your request in writing to dataprotection@ram-watches.com.

18. Children

The Children’s Online Privacy Protection Act of 1998 (COPPA) and its accompanying FTC regulation protects the privacy of American children aged 13 and under, who are using the Internet.

The Website and our related Services are not intended for anyone under 16 or the applicable age of majority based on your province of residence, and we do not knowingly collect information from anyone under the age of 16.  Anyone aged 16 or under should not submit any Personal Information without the permission of their parents or guardians and you represent that you have the consent of a parent or legal guardian (if applicable) to use our Services and to provide any personal information.  Parents or guardians may, on behalf of their children, submit their children’s Personal Information.  By using the Website and our related Services, you are representing that you are at least 16 years old and that you have the relevant legal authority to submit your Personal Information or that of a third-party minor, to the Company or on the Company’s Website.