Legal notice page

impatto ag
Waisenhausplatz 22
3011 Bern
+41 31 511 54 80

Commercial register No.: CH-
Registered company name: impatto ag
Registration court: Bern

VAT number: CHE-388.537.424

The author assumes no liability with regard to the correctness, accuracy, validity, reliability and completeness of the information presented. Liability claims against the author for damage of a material or immaterial nature resulting from access or use or non-use of the published information, through abuse of the connection or through technical faults, are not permissible. All offers are non-binding. The author expressly reserves the right to change, supplement or delete parts of the pages or the entire offer without separate announcement or to halt publication temporarily or permanently.

Liability for links
References and links to third-party websites do not fall under our area of responsibility. We reject any responsibility for these websites. Access to and use of these websites is at the user's own risk.

The copyright and all other rights to content, images, photos or other files on this website belong exclusively to impatto ag or to the specifically named owners of rights. The written consent of the respective copyright holders must be obtained before reproduction of any elements.

Design: Sandro Wicki, LinkedIn
Development: Michael Stucki,

Movie and Pictures
Joel Burger, LinkedIn, Instagram
Bild im Headerbereich: Photo by Matteo Vistocco on Unsplash
Angebot-1: Photo by Pawel Chu on Unsplash
Angebot-2: Photo by Josh Beech on Unsplash
Angebot-3: Photo by Brooke Cagle on Unsplash
Referenz-1: Photo by Kvalifik on Unsplash
Referenz-2: Photo by LinkedIn Sales Solutions on Unsplash
Referenz-3: Photo by Josh Beech on Unsplash
Social-Image 1: Photo by Charles Deluvio on Unsplash
Social-Image 2: Photo by Redd on Unsplash
Social-Image 3: Photo by Priscilla Du Preez on Unsplash

Data Protection
This privacy statement explains the nature, scope and purpose of the processing of personal data (hereinafter referred to as “data”) within our online offer and the associated websites, functions and content as well as external online sites such as our social media profile (hereinafter collectively referred to as the “online offer”). With regard to the terms used, such as “personal data” or the “processing” thereof, we refer you to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Responsible person

Data protection officer

Types of data processed
Personal data (e.g. name, address)
Contact details (e.g. e-mail, telephone numbers)
Content data (e.g. text entries, photographs, videos)
Usage data (e.g. visited websites, content interest, access times)
Meta/communication data (e.g. device information, IP addresses)

Categories of persons concerned by the processing
Customers / prospects / suppliers
Visitors and users of the online offer: In the following, we also summarise those persons concerned as “users”

Purpose of processing
Providing the online offer as well as the content and functions thereof. Providing contractual services and customer care. Answering contact requests and communicating with users. Marketing, advertising and market research.

Date of validity: 01/11/2021

1. Relevant legal grounds
In accordance with Art. 13 of GDPR, we hereby inform you of the legal basis of our data processing. Unless the legal basis is stated in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 a) and Art. 7 of GDPR; the legal basis for processing to fulfil our services and to implement contractual measures and answering inquiries is Art. 6 para. 1 b) of GDPR; the legal basis for processing to fulfil our legal obligations is Art. 6 para. 1 c) of GDPR; and the legal basis for processing to protect our legitimate interests is Art. 6 para. 1 f) of GDPR. In the event that the vital interests of the person concerned or of another natural person require the processing of personal data, Art. 6 para. 1 d) of GDPR serves as the legal basis.

2. Changes and updates to the Data Protection Declaration
Please regularly check the content of our privacy policy. We will adjust the Data Protection Declaration if any changes we make to data processing require us to do so. We will inform you as soon as the changes require action on your part (e.g. consent) or if any other individual notification is required.

3. Security measures
3.1. In accordance with Art. 32 of GDPR, taking into account the state of the art, the costs of implementation and the nature, extent, circumstances and purposes of the processing and the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we will take the appropriate technical and organisational measures to ensure a level of protection appropriate to the risk. These measures include, in particular, ensuring the confidentiality, integrity and availability of the data by controlling physical access to the data, including the related use thereof, as well as inputting, sending and ensuring the availability and separation of the said data. Furthermore, we have established procedures to protect the data of the persons concerned, to delete data, and to react to threats to data. Furthermore, we take into account the protection of personal data when developing or selecting hardware, software and procedures, according to the principle of data protection, through technical design and settings that are conducive to data protection (Art. 25 of GDPR).

3.2. Security measures include in particular encrypting data that is transferred between your browser and our server. As with every connection to a web server, the server of our web hosting provider, Hostpoint in Rapperswil-Jona, Switzerland, logs and stores certain technical data. This data includes the IP address and operating system of your device, dates, access time, the type of browser and the browser request including the origin of the request (referrer). This is necessary for technical reasons to make our website available to you. Hostpoint uses technical and organisational measures to protect this data from unauthorised access and will not pass it on to third parties. We process personal data as necessary in our interest to provide you with the best possible user experience and to ensure the security and stability of our systems.

4. Cooperation with contract processors and third parties
4.1. If, for data processing purposes, we disclose data to other persons and companies (contract processors or third parties), transfer it to these parties or otherwise grant them access to the data, this is done only on a lawful basis (e.g. if data has to be transferred to third parties to pay a service provider, in accordance with Art. 6 para. 1 b) of GDPR, in order to fulfil the contract), if you have consented thereto, if there is a legal obligation to do so, if our legitimate interests are involved (e.g. when using agents, web hosting companies, etc.).

4.2. If we commission third parties to process data by way of an “order processing contract”, this is done of the basis of Art. 28 of GDPR.

5. Sending data to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)), or if we do so to avail ourselves of third-party services, to disclose or send data to third parties, we do so only if this is required to fulfil our (pre)contractual obligations, based on your consent, to meet a legal obligation or on the grounds of our legitimate interests. Subject to legal or contractual permissions, we only process or deposit data in a third country if the special conditions of Art. 44 et seq. of GDPR are met. This means that data is processed, for example, based on special guarantees, where, for example, an officially recognised level of data protection is satisfied that corresponds to that of the EU (e.g. for the USA by the “Privacy Shield”) or compliance with officially recognised special contractual obligations is ensured (referred to as “standard contractual clauses”).

6. Rights of the persons concerned
You have the right to request confirmation of whether or not the data in question is processed and to request information about the data, to ask for additional information and for copy of the data, in accordance with Art. 15 of GDPR.

6.2. In accordance with Art. 16 of GDPR, you have the right to request that data concerning you be supplemented or corrected if data about you is incorrect.

6.3. In accordance with Art. 17 of GDPR, you have the right to request that relevant data be deleted immediately, or alternatively, in accordance with the provisions of Art. 18 of GDPR, to request that the processing of your data be restricted.

6.4. In accordance with Art. 20 of GDPR, you have the right to ask to receive the data concerning you and that you provided us with and that it be sent to other responsible persons.

6.5. Furthermore, in accordance with Art. 77 of GDPR, you also have the right to lodge a complaint with the competent supervisory authority.

7. Right to withdraw
You have the right to withdraw consent in accordance with Art. 7 para. 3 of GDPR, with effect for the future.

8. Right to object
In accordance with Art. 21 of GDPR, you can object at any time to the data concerning you being processed in the future. You may oppose, in particular, your information being processed for direct advertising purposes.

9. Cookies and the right to object to direct advertising
We use temporary and permanent cookies, i.e. small files that are stored on the users' devices. (For an explanation of the term cookie and the function of cookies, see the last section of this data protection declaration.) In some cases, cookies are used for security purposes or are necessary for the operation of our online offer (e.g., for the presentation of the website) or to save the user's decision when confirming the cookie banner. We or our technology partners also use cookies to measure our audience reach and for marketing purposes. Users are informed of this in the data protection declaration.

10. Deletion of data
10.1. Data processed by us will be deleted or the processing thereof will be restricted in accordance with Art. 17 and Art. 18 of GDPR. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its purpose and providing there are no legal obligations to keep the data. If the data is not deleted because it is necessary for other legally permissible purposes, its processing will be restricted. This means that the data is blocked and will not be processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.

10.2. In accordance with statutory regulations, all accounting and business correspondence is kept for 10 years, in accordance with Art. 957 to 963 of the Code of Obligations. (Accounts books, inventories, opening balance sheets, annual accounts, commercial papers, accounting documents, books, records, management reports, trade and business letters, electronic data exchange, tax-related documents, etc.).

11. Collection of access data and log files
11.1. We collect data on the basis of our legitimate interests within the meaning of Art. 6 para. 1 f) of GDPR each time the server on which this service is located is accessed (referred to as server log files). This access data includes the name of the retrieved website, file, date and time it was retrieved, the amount of data transferred, notification of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

11.2. Log file information is stored for security reasons (e.g. for investigating abuse or fraud) for a maximum of seven days and then deleted. Data required to be further retained for evidence purposes will not be deleted until the incident concerned has been resolved.

12. Cookies and audience reach measurement
12.1. Cookies contain information that is sent from our web server or from the web servers of third parties to users’ web browsers and stored there for subsequent retrieval. Cookies can be small files or other types of information storage.

12.2. We use “session cookies”, which are only stored for the duration of the current visit to our online presence (e.g. to store your login status or for the shopping basket function so that our online offer can be used). A randomly generated unique identification number, referred to as a session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted once you leave our online offer or, for example, log out or close your browser.

12.3. Users are informed about the use of cookies in pseudonymised form for public reach measurement purposes in this data protection declaration.

12.4. If users do not wish cookies to be stored on their computer, they are requested to deactivate the relevant option in their browser settings. Stored cookies can be deleted in the browser's system settings. The exclusion of cookies may lead to the functionality of this online offer being limited.

13. Google Analytics
13.1. Based on our legitimate interests (i.e. interest in the analysis, optimisation and the business operation of our online offer within the meaning of Art. 6 para. 1 f) of GDPR), we use Google Analytics, a web analytics service of Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by users is usually sent to a Google server in the USA and stored there.

13.2 Google is certified under the Privacy Shield Agreement, thereby providing a guarantee of compliance with European data protection law (

13.3. Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports about the activities within this online offer and to provide us with additional services associated with the use of this online offer and Internet usage. In this case, pseudonymised usage profiles of users may be created from the processed data.

13.4. We use Google Analytics to display advertisements placed within Google's advertising services and its partners solely to those users who have also shown an interest in our online offer or who have certain characteristics (e.g. they are interested in certain topics or products as determined by the websites visited). We then send this information to Google (referred to as “remarketing”, or “Google Analytics audiences”). With the help of remarketing audiences, we also strive to ensure that our advertisements match the potential interests of users and are not a nuisance to them.

13.5. We use Google Analytics only if IP anonymisation is enabled. This means that the IP address of users is shortened by Google within a Member State of the European Union or in a signatory state to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and truncated there.

13.6. The IP address submitted by the user's browser will not be pooled with other Google data. Users can prevent the storage of cookies by adjusting their browser software settings accordingly; users can also prevent Google from collecting the data generated by the cookie and related to their use of the online offer and the processing of this data by Google by downloading and installing the browser plugin available at the following link:

13.7. For more information about Google's data usage and preference and objection options, visit Google's website: (“Use of data by Google when using websites or apps of our partners”), (“Use of data for advertising purposes”) and (“Managing information that Google uses to show you advertisements”).

17.8. Personal data will be anonymised or deleted after a period of 14 months.

14. Inclusion of services and third-party content
14.1. On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and business operation of our online offer within the meaning of Art. 6 para. 1 f) of GDPR), within our online offer, we use content or service offers from third parties to include their contents and services, such as videos or fonts (hereinafter referred to as “content”). For this, the third-party providers of this content always require access to the IP address of users, since without the IP address they would not be able to send the content to their browser. The IP address is, therefore, required to display this content. We endeavour to use such content solely in the case of providers who use the IP address only to deliver the content. Third parties may also use what are referred to as pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. These “pixel tags” provide information that enables traffic to the pages of this website to be evaluated. The pseudonymised information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, visiting times as well as further information about the use of our online offer and information from other sources.

14.2. Below is an overview of third-party providers and their contents, along with links to their data protection declarations, which contain additional information on the processing of data and, in some cases, as already mentioned here, the possibility of opposing its processing (referred to as opting out):

External fonts from Google, LLC., (“Google fonts”). Google fonts are included through making a request to a Google server (usually in the USA). Privacy Policy:; opt-out:

Maps from the “Google Maps” service of the third-party provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA may be used. Privacy policy:; opt-out:

Web analysis and optimisation using the Hotjar service from the third-party provider Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe. With Hotjar, movements on the web pages on which Hotjar is used can be traced (referred to as heatmaps). For example, it is possible to see how far users scroll and which buttons users click and how often. Technical data such as the selected language, system, screen resolution and browser type are also recorded. This enables a (temporary) user profile to be generated during the visit to our website. Using Hotjar, it is also possible to obtain feedback directly from website users. This enables us to obtain valuable information to make our websites even faster and more customer-friendly. Privacy policy: Opt-out: