Version effective as of 04.07.2025
We are pleased that you are visiting the website www.heule.com and thank you for your interest in our company.
With this Data Protection Statement we, the HEULE Werkzeug AG (hereinafter HEULE), describe how we collect and further process personal data. This Data Protection Statement is not necessarily a comprehensive description of our data processing. It is possible that other data protection statements or General Terms and Conditions are applicable to specific circumstances. The term "personal data" in this Data Protection Statement to shall mean any information that identifies, or could reasonably be used to identify any person. If you provide us with personal data of other persons (such as work colleagues), please make sure the respective persons are aware of this Data Protection Statement and only provide us with their data if you are allowed to do so and such personal data is correct.
This Privacy Notice is aligned with the EU General Data Protection Regulation («GDPR»), the Swiss Data Protection Act («DPA») and the revised Swiss Data Protection («revDPA»). However, the application of these laws depends on each individual case.
1. Controller / Data Protection Officer
The "controller" of data processing as described in this data protection statement (i.e. the responsible person) is HEULE Werkzeug AG, Wegenstrasse 11, 9436 Balgach, Switzerland. You can notify us of any data protection related concerns using the following contact details: datenschutz@heule.com / +41 71 726 38 38.
2. Collection and Processing of Personal Data
We primarily process personal data that we obtain from our clients and other business partners as well as other individuals in the context of our business relationships with them or that we collect from users when operating our website. Insofar as it is permitted to us, we obtain certain personal data from publicly accessible sources (e.g. press, internet) or we may receive such information from affiliated companies of HEULE. Apart from data you provided to us directly, we receive data in connection with your use of our website (e.g., IP address, information regarding your device and settings, cookies, date and time of your visit, sites and content retrieved, applications used, referring website, localization data). This data is collected automatically as soon as you enter this website.
3. Purpose of Data Processing and Legal Grounds
We primarily use collected data in order to conclude and process contracts with our clients and business partners, to process the procurement of products and services from our suppliers, as well as in order to comply with our domestic and foreign legal obligations. In addition, in line with applicable law and where appropriate, we may process your personal data and personal data of third parties for the following purposes, which are in our (or, as the case may be, any third parties') legitimate interest, such as:
- providing and developing our products, services and websites and other platforms, on which we are active;
- communication with third parties and processing of their requests (e.g., job applications, media inquiries);
- obtaining personal data from publicly accessible sources for customer acquisition;
- advertisement and marketing, provided that you have not objected to the use of your data for this purpose.
If you have given us your consent to process your personal data for certain, we will process your personal data within the scope of and based on this consent, unless we have another legal basis, provided that we require one. Consent given can be withdrawn at any time, but this does not affect data processed prior to withdrawal.
4. Cookies / Tracking and Other Techniques Regarding the Use of our Website
We typically use "cookies" and similar techniques on our website, which allow for an identification of your browser or device. A cookie is a small text file that is sent to your computer and automatically saved by the web browser on your computer or mobile device, when you visit our website. If you revisit our website, we may recognize you, even if we do not know your identity. Besides cookies that are only used during a session and deleted after your visit of the website ("session cookies"), we may use cookies in order to save user configurations and other information for a certain time period ("permanent cookies"). Notwithstanding the foregoing, you may configure your browser settings in a way that it rejects cookies, only saves tem for one session or deletes them prematurely. Most browsers are preset to accept cookies. If you block cookies, it is possible that certain functions (such as, e.g., language settings) are no longer available to you. By using our website you agree to our use of such techniques. If you object, you must configure your browser accordingly.
- Google Tag Manager: This website uses Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is a tool that helps us integrate tracking or statistics tools and other technologies on our website. Google Tag Manager itself does not create user profiles, does not store cookies, and does not perform independent analyses. It serves only to manage and deploy the tools integrated through it. However, Google Tag Manager does collect your IP address, which may also be transmitted to Google's parent company in the United States. The use of Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and management of various tools on their website. Consent can be revoked at any time. The company has certification under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to comply with these data protection standards. You can obtain further information about this from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780
- Google Ads: This website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on user data available at Google (e.g., location data and interests) (audience targeting). We as website operators can evaluate this data quantitatively by, for example, analyzing which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks. The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://business.safety.google/controllerterms/. The company has certification under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to comply with these data protection standards. You can obtain further information about this from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.
- Google Conversion-Tracking: This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. With the help of Google Conversion Tracking, Google and we can recognize whether the user has performed certain actions. For example, we can evaluate which buttons on our website are clicked how often and which products are viewed or purchased particularly frequently. This information serves to create conversion statistics. We learn the total number of users who clicked on our advertisements and which actions they performed. We do not receive information that allows us to personally identify the user. Google itself uses cookies or comparable recognition technologies for identification. The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. More information about Google Conversion Tracking can be found in Google's privacy policy: https://policies.google.com/privacy?hl=de. The company has certification under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to comply with these data protection standards. You can obtain further information about this from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.
- Google Analytics: This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, dwell time, operating systems used, and origin of the user. This data is assigned to the respective end device of the user. No assignment to a user ID takes place. Furthermore, we can record your mouse and scroll movements and clicks with Google Analytics, among other things. Google Analytics also uses various modeling approaches to supplement the collected data sets and employs machine learning technologies in data analysis. Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there. The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
The company has certification under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to comply with these data protection standards. You can obtain further information about this from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.
- YouTube components: On our website, we use videos that are uploaded to www.youtube.com by YouTube LLC, a company of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and can be played directly from our website. These videos are displayed on our websites via a preview image. Only when you press the play button of the videos, a connection to the YouTube servers is established and the content is displayed on the website by notifying your browser.
- LinkedIn Insight Tag: This website uses the Insight Tag from LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. With the help of the LinkedIn Insight Tag, we receive information about visitors to our website. If a website visitor is registered with LinkedIn, we can analyze, among other things, the professional key data (e.g., career level, company size, country, location, industry, and job title) of our website visitors and thus better align our site to the respective target groups. Furthermore, we can use LinkedIn Insight Tags to measure whether visitors to our websites make a purchase or perform another action (conversion measurement). Conversion measurement can also be cross-device (e.g., from PC to tablet). LinkedIn Insight Tag also offers a retargeting function, with which we can show targeted advertising to visitors of our website outside the website, whereby according to LinkedIn, no identification of the advertising addressee takes place. LinkedIn itself also collects so-called log files (URL, referrer URL, IP address, device and browser properties, and time of access). IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data is then deleted within 180 days. The data collected by LinkedIn cannot be assigned to specific individuals by us as website operators. LinkedIn will store the collected personal data of website visitors on its servers in the USA and use it within the framework of its own advertising measures. Details can be found in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig. Insofar as consent has been obtained, the use of the service is based exclusively on Art. 6 para. 1 lit. a GDPR. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs. The company has certification under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to comply with these data protection standards. You can obtain further information about this from the provider at the following link: https://www.dataprivacyframework.gov/participant/5448. You can object to the analysis of usage behavior and targeted advertising by LinkedIn at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To avoid linking data collected on our website by LinkedIn with your LinkedIn account, you must log out of your LinkedIn account before visiting our website.
- CookieHub: We use CookieHub functions on our website from the company CookieHub ehf, Hafnargata 18, 230 Reykjanesbæ, Iceland. The software automatically creates a DSGVO-compliant (or DSG-compliant) cookie notice for our website visitors. This allows us to show you exactly what is going on on our website and which of your data is being stored. In addition, the technology scans, controls and evaluates all cookies and tracking measures on our website. By using this feature, data from you may be sent to CookieHub, stored and processed. Cookiehub does not collect any personal data about its end users and does not track any activity, except for anonymous consent logs used to demonstrate user choice in the event of a complaint, as required by Article 7.1 of the GDPR.
- SalesViewer® technology: This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes. In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally. The data stored by Salesviewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them. The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.
5. Retention Periods for your Personal Data
We process and retain your personal data as long as required for the performance of our contractual obligation and compliance with legal obligations or other purposes pursued with the processing, i.e. for the duration of the entire business relationship as well as beyond this duration in accordance with legal retention and documentation obligations.
6. Data Security
By way of contract data processing, your data will be stored on the servers at the headquarters in Balgach, Switzerland. HEULE uses technical and organisational security measures to protect the collected data against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. We point out that the transmission of data on the Internet may be unsecured and that there is therefore a risk that third parties may intercept and use the data. Our security measures are continuously improved according to technological developments.
7. Obligation to Provide Personal Data to us
In the context of our business relationship you must provide us with any personal data that is necessary for the conclusion and performance of a business relationship and the performance of our contractual obligations. Without this information, we will usually not be able to enter into or carry out a contract with you (or the entity or person you represent). In addition, the website cannot be used unless certain information is disclosed to enable data traffic (e.g. IP address).
8. Your Rights
In accordance with and as far as provided by applicable law, you have the right to access, rectification and erasure of your personal data, the right to restriction of processing or to object to our data processing and in addition the right to receive certain personal data for transfer to another controller.
We have already informed you of the possibility to withdraw consent in Section 3 above. Please further note that the exercise of these rights may be in conflict with your contractual obligations and this may result in consequences such as premature contract termination or involve costs. If this is the case, we will inform you in advance unless it has already been contractually agreed upon. In general, exercising these rights requires that you are able to prove your identity (e.g., by a copy of identification documents where your identity is not evident otherwise or can be verified in another way). In order to assert these rights, please contact us at the addresses provided in Section 1 above.
In addition, every data subject has the right to enforce his/her rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
9. Amendments of this Data Protection Statement
We may amend this Data Protection Statement at any time without prior notice. The current version published on our website shall apply.