Privacy statement


CeDe-Shop AG, Mattenbachstrasse 8, 8400 Winterthur, Switzerland, is the operator of the, and websites and the services offered on them and is therefore responsible for the collection, processing and use of your personal data and the compatibility of data processing with applicable data protection law.

Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate security. Naturally, we observe the legal provisions of the Federal Data Protection Act (DSG), the Ordinance on the Federal Data Protection Act (VDSG), the Telecommunications Act (FMG) and other applicable data protection provisions of Swiss or EU law, in particular the Basic Data Protection Ordinance (DSGVO).

Please take note of the following information so that you know which personal data we collect from you and for which purposes we use it.

The contact details of our data protection representative in the EU:

e-comtrust international ag
c/o Mr Alessandro Fritsche
EU Data Protection Representative
Walter-Wetzelweg 8
D-79639 Grenzach-Wyhlen
Tel: +49 157 56245375
E-Mail: [email protected]

Accessing our websites

When you visit our websites, our servers temporarily store each access in a log file. The following technical data is collected without your intervention, as is the case with every connection to a web server, and stored by us until automated deletion after 12 months at the latest:

  • the IP address of the requesting computer
  • the name of the owner of the IP address range (usually your Internet access provider)
  • the date and time of the access
  • the website from which the access was made (referrer URL), if applicable with the search word used
  • the name and URL of the retrieved file
  • the status code (for example, error message)
  • the operating system of your computer
  • the browser you are using (type, version and language)
  • the transmission protocol used (for example, HTTP/1.1)
  • Your user name from a registration/authentication, if applicable

The collection and processing of this data is carried out for the purpose of enabling the use of our websites (establishing a connection), ensuring system security and stability over the long term and enabling the optimisation of our Internet offering as well as for internal statistical purposes. This constitutes our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f DSGVO.

Opening of a customer account and newsletter registration

To place orders in the online shop or to subscribe to our newsletter, you must open a customer account. We collect the following data when you register for a customer account:

  • Username*
  • Password*
  • Salutation*
  • First name and surname*
  • firm
  • division
  • Postal address (street, country, postcode, city)*
  • Phone
  • fax
  • Mobile
  • date of birth
  • E-mail address*
  • Subscribe to Newsmail*
  • Language of correspondence*

The fields marked with * are mandatory.

For registered customers we also collect the following data:

  • Registration date
  • Status (New customer with / without purchase order, Normal customer, Normal customer with limit, Locked, Inactive)
  • Permitted payment method

The data is collected for the purpose of providing the customer with password-protected direct access to the basic data stored by us. The customer can view his completed and open orders.

The legal basis for the processing of the data for this purpose lies in the consent given by you in accordance with Art. 6 Para. 1 lit. a EU-DSGVO.

In addition, we need this information to send you the newsletter, if the delivery of the newsletter is desired.

By registering and activating the corresponding dropdown box for the newsletter, you give us your consent to process the data provided for the regular dispatch of the newsletter to the address you specify. This consent represents our legal basis for the processing of your data within the meaning of Art. 6 para. 1 lit. a DSGVO.

Purchasing in the online shop

If you would like to place orders in our online shop, we need the following data for the processing of the contract:

  • First name and surname*
  • Billing address* (street, P.O. box, city)
  • firm
  • division
  • Country*
  • email*
  • Payment method*
  • delivery address
  • ID number / copy ID when buying a game
  • Partner ID, if applicable, if the customer accesses our website via a partner website

Unless otherwise stated in this privacy policy or unless you have specifically consented to it, we will use the above data only to process the contract, namely to process your orders, deliver the products ordered and ensure correct payment.

The legal basis of the data processing for this purpose lies in the fulfilment of a contract according to art. 6 para. 1 lit. b EU-DSGVO.

Central storage

We store the data indicated in the above-mentioned paragraphs in a central electronic data processing system. The data concerning you is systematically recorded, linked and evaluated for the purpose of processing your bookings and processing the contractual services. For this purpose we use the services of Nexellent AG, Sägereistrasse 33, CH-8152 Glattbrugg, which ensures the technical processing. This processing is based on our legitimate interest in customer-friendly and efficient customer data management within the meaning of Art. 6 para. 1 lit. f DSGVO. In addition, we base the processing of this data on the fulfilment of the contract within the meaning of Art. 6 para. 1 lit. b DSGVO.

Passing on data to third parties

We will only disclose your personal data if you have expressly consented, if there is a legal obligation to do so, or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship.

In addition, we pass on your data to third parties insofar as this is necessary within the framework of the use of the website and the execution of the contract, namely the provision of the services requested by you as well as the analysis of your user behaviour. The use of the data passed on for this purpose by third parties is strictly limited to the stated purposes.

Different third-party service providers are explicitly mentioned in this privacy statement (e.g. in the "Tracking Tools" sections). Other service providers are:

  • Cloudflare Inc., 101 Townsend St., CA-94107 San Francisco, USA (DDoS protection)
  • Open Systems AG, Räffelstrasse 29, 8045 Zurich (Network technology and network security)

If we make an advance payment, e.g. in the case of a purchase on account, we may, in order to safeguard our legitimate interests, obtain a credit report based on mathematical-statistical procedures from a credit agency. For this purpose, we transmit the personal data required for a credit assessment to the credit agency Intrum AG, Eschenstrasse 12, CH-8603 Schwerzenbach and use the information received on the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) which have been calculated on the basis of scientifically recognised mathematical-statistical procedures and which include address data, among other things, in their calculation. Their interests worthy of protection are taken into account in accordance with the legal provisions. Our legitimate interest in data processing within the meaning of Art. 6 Para. 1 lit. f EU-DSGVO exists for the purposes described above.

Finally, when you pay by credit card on the Website, we forward your credit card information to your credit card issuer and the credit card acquirer. If you choose to pay by credit card, you will be asked to enter all of the information that is required. The legal basis for the passing on of the data lies in the fulfilment of a contract according to art. 6 para. 1 lit. b EU-DSGVO. Regarding the processing of your credit card information by these third parties, we ask you to also read the General Terms and Conditions as well as the privacy policy of your credit card issuer.

We use services from the following providers in connection with payments:

  • Six Saferpay, Pfingstweidstrasse 110, CH-8005 Zurich
  • Datatrans AG, Kreuzbühlstrasse 26, CH-8008 Zurich
  • Postfinance, Mingerstrasse 20, CH-3030 Bern

Transmission of data abroad

We are entitled to transfer your personal data to third companies (contracted service providers) abroad for the purpose of the data processing described in this data protection declaration. These are obligated to the same extent as we ourselves to data protection. If the level of data protection in a country does not correspond to that in Switzerland or Europe, we contractually ensure that the protection of your personal data corresponds to that in Switzerland or the EU at all times.


Cookies help in many ways to make your visit to our websites easier, more enjoyable and more meaningful. Cookies are information files that your web browser automatically stores on your computer's hard drive when you visit our website.

We use cookies, for example, to offer you the shopping cart function over several pages and to temporarily save your entries when filling out a form on the website so that you do not have to repeat the entry when calling up another subpage. Cookies may also be used to identify you as a registered user after you have registered on the website, without you having to log in again when you call up another subpage.

Most Internet browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears when you receive a new cookie. On the following pages you will find explanations on how to configure the processing of cookies in the most common browsers:


a. Google Analytics

The website uses Google (Universal) Analytics, a web analytics service provided by Google Inc. ( Google (Universal) Analytics uses methods to analyse website usage, such as cookies (see section 7 above). The information generated by the cookie about your use of the website, such as

  • navigation path followed by a visitor on the site
  • duration of stay on the site or subpage
  • the subpage on which the site is left
  • the country, region or city from which access is provided
  • the device (type, version, color depth), resolution, width and height of the browser window)
  • Recurrent or new visitor
  • Type/version
  • Type of browser used
  • Operating system used
  • Refer URL (the page previously visited)
  • Name of the accessing computer (IP address)
  • Time of the request server
  • Time of the server request

are transferred to the servers of Google Inc, a company of the holding company Alphabet Inc, in the United States and are stored there. The IP address is shortened by activating IP anonymization ("IP anonymization") on this website before transmission in the Member States of the European Union or in other Contracting States of the Agreement on the European Economic Area or Switzerland. The anonymous IP address provided by your browser as part of Google Analytics is not merged with other Google data. Only in exceptional cases is the complete IP address transmitted to a Google server in the United States and shortened there. In such cases, we provide contractual guarantees to ensure that Google Inc. complies with a sufficient level of data protection.

These data will also be enriched by us with the following data:

  • order number
  • article number
  • article name
  • cost
  • article categories
  • total order amount
  • total amount

The information is used to evaluate website usage, compile reports on website activity and provide other services related to the use of the website and the Internet for market research and demand-driven website design. This information may also be passed on to third parties if required by law or if third parties process this data on behalf of third parties. According to Google Inc., the IP address will not be associated with any other data about the user.

The user may prevent Google from collecting data generated by the cookie relating to the use of the website by the user concerned (including the IP address) and Google from processing this data by downloading and installing the browser plugin available at the following link:

As an alternative to the browser plugin, users can click on this link to prevent Google Analytics from capturing data on the site in the future. An exclusion cookie is stored on the user's device. If the user deletes cookies (see section 7 above), the link must be clicked again.

b. DoubleClick

In addition, we use DoubleClick by Google, a service provided by Google Inc. to serve ads based on the use of previously visited websites. Google uses the DoubleClick cookie, which allows your browser to be recognized when you visit other websites. The information generated by the cookie about your visit to these websites (including your IP address) will be transmitted to and stored by Google on servers in the United States.

You can prevent retargeting at any time by refusing or disabling the corresponding cookies in the menu bar of your web browser (see section 7 above).

Note on data transfers to the USA

We draw the attention of users residing or domiciled in Switzerland to the fact that US authorities have taken surveillance measures in the USA which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without differentiation, limitation or exception based on the objective pursued and without an objective criterion that would allow the US authorities to restrict access to the data and subsequent use to very specific, strictly limited purposes that could justify the interference associated with both access to and use of the data. Furthermore, we would like to point out that in the United States there are no legal remedies available to data subjects from Switzerland that would allow them to access, rectify or delete their data, or that there is no effective legal protection against general access rights of US authorities. We explicitly draw the attention of the data subject to this legal and factual situation in order to make an informed decision to consent to the use of his/her data.

Right of access, rectification, cancellation and limitation of processing; right to data transferability

You have the right to request information about the personal data we store about you. In addition, you have the right to correct incorrect data and the right to delete your personal data, insofar as there is no legal obligation to retain or an act of permissibility which allows us to process the data, to the contrary.

You also have the right to demand that we return the data you have provided to us (right to data portability). Upon request, we will also pass on the data to a third party of your choice. You have the right to receive the data in a common file format.

You can contact us for the aforementioned purposes via the e-mail address [email protected]. For the processing of your requests, we may, at our own discretion, require proof of identity.

Data security

We use suitable technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially if you share your computer with others.

We also take internal data protection very seriously. Our employees and the service companies commissioned by us have been obligated by us to secrecy and compliance with data protection regulations.

Data retention

We only store personal data for as long as is necessary to use the above tracking and analysis services and further processing in the context of our legitimate interest. Contract data will be stored by us for a longer period of time, as this is prescribed by statutory storage obligations. Obligations to store data, which oblige us to store data, result from accounting regulations and tax regulations. According to these regulations, business communication, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.

Right to complain to a data protection supervisory authority

You have the right to complain to a data protection supervisory authority at any time.

Contact us

If you have any questions about data protection on our websites, would like to request information or request the deletion of your data, please contact our contact person for data protection law by sending an e-mail to [email protected].

Alternatively, you can write us a letter:

CeDe-Shop AG, Mattenbachstrasse 8, 8400 Winterthur, Switzerland.

Last Update: 29.05.2018