Privacy policy

24. August 2023

The privacy policy describes how and for what purpose we (IGORA-Genossenschaft für Aluminium-Recycling, hereinafter "IGORA", "we" or "us") collect, process and use personal data. The responsible processing of data is an important matter for us. We are continually adjusting in order to protect the data of our stakeholders even better.

This privacy policy explains how we collect and otherwise process personal data. This is not an exhaustive description; general terms and conditions, conditions of participation or similar documents may govern specific matters. Personal data means any information relating to an identified or identifiable individual. If you do not agree to these terms and conditions, please do not access or use the IGORA websites or the services offered. We reserve the right to change the privacy policy from time to time, at our sole discretion and without individual notification. Any changes to the privacy policy will be published on our homepage. Material changes to the terms of the privacy policy will be posted on the homepage 30 (thirty) days prior to their effective date. Any use of the IGORA websites is subject to the latest version of the privacy policy.

If you provide us with personal data of other persons (e.g. family members, data of work colleagues), please make sure that these persons are aware of this privacy policy and only share their personal data with us if you are allowed to do so and if this personal data is correct. 

This privacy policy is designed to meet the requirements of the EU General Data Protection Regulation ("GDPR"), the Swiss Data Protection Act ("DSG") and the revised Swiss Data Protection Act ("revDSG"). However, whether and to what extent these laws are applicable depends on the individual case.

1.         Responsibility / data protection officer 

The management of IGORA is responsible for the data processing that we carry out. If you have any data protection concerns, you can inform us accordingly at the following contact address: IGORA-Genossenschaft für Aluminium-Recycling, Data Protection, Hohlstrasse 532, 8048 Zurich or via e-mail at:

2.         Collection and processing of personal data 

We primarily process the personal data that we receive from our customers and other business partners in the course of our mutual business relationship and other persons involved in it, or that we collect from their users when operating our websites, apps and other applications. 

To the extent permitted, we also take certain data from publicly accessible sources (e.g. enforcement registers, land registers, commercial registers, press, internet) or receive such data from authorities and other third parties (such as credit rating agencies or address dealers). In addition to the personal data that you give us directly, the categories of personal data that we receive about you from third parties include, in particular, information from public registers, information that we learn in connection with official and legal proceedings, information in connection with your professional functions and activities (e.g. so that we can conclude and process transactions with your employer by your help), information about you in correspondence and discussions with third parties, creditworthiness information (insofar as we process transactions with you personally), information about you received by people close to you (family, advisors, legal representatives, etc.) in a matter that allows us to conclude or process contracts with you or involving you (e.g. references, your address for deliveries, powers of attorney, information on compliance with legal requirements such as anti-money laundering and export restrictions, information from banks, insurance companies, sales and other contractual partners of ours on the utilisation or provision of services by you (e.g. payments made, purchases made), information from the media and Internet on your person (insofar as this is appropriate in the specific case, e.g. in the context of a job application, press review, marketing/sales, etc.), your addresses and, if applicable, interests and other socio-demographic data (for marketing), data in connection with the use of the website (e.g. IP address, MAC address of the smartphone or computer, details of your device and settings, cookies, date and time of the visit, pages and content accessed, functions used, referring website, location details)). 

3.         Purposes of data processing and legal basis 

We use the personal data we collect primarily to conclude and process our contracts with our customers and business partners, thus in particular in the context of the collection of aluminium packaging with our customers as well as the purchase of products and services from our suppliers and subcontractors, as well as to comply with our legal obligations in Switzerland and abroad. If you work for such a customer or business partner, your personal data may of course also be affected in this capacity.

In addition, where permitted and deemed appropriate, we also process personal data about you and other persons for the following purposes in which we (and sometimes third parties) have a legitimate interest: 

Insofar as you have given us consent to process your personal data for certain purposes (e.g. when you register to receive newsletters), we process your personal data within the scope of and based on this consent, insofar as we have no other legal basis and we require such a basis. Consent which has been given can be revoked at any time, but this has no effect on data processing that has already taken place.

We will not sell, disclose or otherwise share your personal data without your consent. However, personal data may occasionally be disclosed to third parties who act for or on behalf of us or who process data on our behalf in accordance with the original purpose for which it was collected. When disclosing this personal data to third parties, we will require them to ensure that the processing is carried out in accordance with and within the scope of the purpose stated at the time of collection.

We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (FADP).

We process personal data - if and to the extent that the General Data Protection Regulation (GDPR) is applicable - in accordance with at least one of the following legal bases:

4.         Cookies / tracking and other technologies related to the use of our website 

In the case of mere informational use of the website, e.g. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security:

IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request came, browser, operating system and its interface, language and version of the browser software.

4.1       Cookies

In addition to the data mentioned above (section 4.), cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive with respect to the browser you are using and which provide certain information to the party setting the cookies (in this case, us). Cookies cannot execute programs or transfer viruses to your computer. They serve to make the overall internet offer more user-friendly and effective.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

a) This website uses the following types of cookies, the scope and functionality of which are explained below:

- Transient cookies (b)

- Persistent cookies (see c).

b) Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a session ID, with which various requests from your browser can be assigned to the joint session. This enables your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.

c) Persistent cookies are automatically deleted after a predefined period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

d) You can configure your browser settings according to your preferences and e.g. refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all the functions of this website.

4.2       Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

4.2.1    IP anonymisation

We have activated the IP anonymisation function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

4.2.2    Browser Plugin

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on the handling of user data at Google Analytics in Google's privacy policy

4.3.      Further functions and offers of our website

In addition to the purely informational use of our website, we offer various services that you can use if you are interested, such as registering as a collection point or obtaining collection containers or information material via our webshop. For this purpose, you usually have to provide further personal data which we use to provide the respective service and for which the above mentioned data processing principles apply.

In some cases, we use external service providers to process your data. These have been carefully selected by us, checked and commissioned with regard to the data protection standards which are applicable to the external providers. They are bound by our instructions and are regularly monitored.

Furthermore, we may transmit your personal data to third parties if services are offered by us together with partners. You will receive further information while you are providing your personal data in the order process and in the confirmation of the collection point registration.

4.4.      Market research and satisfaction analysis

We may transmit your personal data to an external market research institute for satisfaction analysis. The market research institute will pseudonymise your data and transmit it to us anonymously. The personal data obtained from the market research will not be used for advertising and marketing purposes. The satisfaction analysis serves to enable us to make our service and our offer more customer-friendly.

4.5.      Use of our webshop

If you would like to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need for the processing of your order. Mandatory information required for the processing of contracts has been marked separately, further information (not mandatory) is voluntary. We process the data you provide to process your order. We may also process the data you provide to inform you of relevant changes to our services. We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. To prevent unauthorised access to your personal data by third parties, the ordering process is encrypted using SSL technology.

4.6.      Use of social media plug-ins

We currently use Facebook and Twitter social media plug-ins. We use the so-called two-click solution. This means that when you visit our site, no personal data is transmitted to the providers of the plug-ins. You can recognise the provider of the plug-in via the "Share function" listed in our news articles with the name "Facebook" or "Twitter". We give you the opportunity to communicate directly with the provider of the plug-in through the link. Only when you click on the link and thereby activate it, does the plug-in provider receive the information that you have accessed the corresponding website. In addition, the data mentioned under section 4.1 (Cookies) of this declaration are transmitted.

By activating the plug-in, your personal data is transmitted to the respective plug-in provider and stored there (in the case of US providers, in the USA). Since the plug-in provider collects the data in particular via cookies, we recommend that you delete all cookies from your browser's security settings before clicking on the link. We have no influence on the data collected and data processing procedures, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods. We also have no information on the deletion of the collected data by the plug-in provider. The plug-in provider stores the data collected about you as a usage profile and uses this for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular for the display of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Via the plug-ins, we offer you the opportunity to interact with the social networks and other users so that we can improve our offer and make it more interesting for you as a user. The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, the data we collect is directly assigned to your account with the plug-in provider. If you click the activated button and, for example, link to the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this will help you to avoid an assignment to your profile with the plug-in provider. Futher information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the privacy policy of these providers provided below. There you will also receive further information on your rights in this regard and setting options for protecting your privacy.

Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084

Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Twitter, Inc, 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

4.7.      Integration of YouTube videos

We have integrated YouTube videos into our online offer, which are stored on http://www.YouTube.com and can be played directly from our website. By visiting the website, YouTube receives the information that you have accessed on the corresponding sub-page of our website. In addition, the data mentioned under section 4.1 of this declaration is transmitted. This occurs regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or designing its website in line with requirements. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.

For more information on the purpose and scope of data collection and processing by YouTube, please see the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

4.8.      Integration of Google Maps

On this website we use the offering of Google Maps. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently. By visiting the website, Google receives the information that you have called up the corresponding sub-page of our website. In addition, the data mentioned under section 4.1 of this declaration will be transmitted. This occurs regardless of whether Google provides a user account by which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right.

For more information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the provider's privacy policy. There you will also find further information on your rights in this regard and setting options for protecting your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

4.9.      Google reCAPTCHA

With the aim of ensuring that our website is protected and secure, we use "Google reCAPTCHA" on our website. The provider of the service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

The purpose of reCAPTCHA is to check whether data entries on our website, for example in a contact form, are made by a human or by an automated program.

For this purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on our website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not made aware that an analysis is taking place.

For more information on Google's privacy policy, please see the following link: https://policies.google.com/privacy?hl=de

5.         Data transfer and data transmission to abroad 

We process personal data in Switzerland and in the European Economic Area (EEA). However, we may also export or transfer personal data to other countries, in particular in order to process it or have it processed there.

We may export personal data to all states and territories on earth as well as elsewhere in the universe, provided that the law there ensures adequate data protection according to assessment of the Federal Data Protection and Information Commissioner (FDPIC) or according to the decision of the Swiss Federal Council and - if and insofar as the General Data Protection Regulation (GDPR) is applicable - according to decision of the European Commission . 

We may transfer personal data to countries whose law does not guarantee adequate data protection, provided that data protection is guaranteed for other reasons, in particular on the basis of standard data protection clauses or with other appropriate guarantees. For exceptional reasons, we may export personal data to countries without adequate or appropriate data protection if the special data protection law requirements are met, for example the express consent of the data subjects or a direct connection with the conclusion or performance of a contract. We will be happy to provide data subjects with information about any guarantees or a copy of any guarantees on request.

6.         Duration of the retention of personal data 

We process and store your personal data for as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise the purposes pursued with the processing, e.g. for example for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) as well as beyond that in accordance with the statutory retention and documentation obligations. In this context, it is possible that personal data will be retained for the time during which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as a matter of principle and as far as possible. For operational data (e.g. system logs, logs), shorter retention periods of twelve months or less generally apply. 

7.         Data security 

We take appropriate technical and organisational security measures to protect your personal data from unauthorised access and misuse, such as issuing instructions, training, IT and network security solutions, access controls and restrictions or encryption of data carriers and transmissions. 

8.         Obligation to provide personal data

In the context of our business relationship, you must provide such personal data as is necessary for the establishment and performance of a business relationship and the fulfilment of the associated contractual obligations (you do not generally have a legal obligation to provide us with data). Without this data, we will generally not be able to enter into or perform a contract with you (or the entity or person you represent). Also, the website cannot be used if certain information to secure traffic (such as IP address) is not disclosed.

9.         Profiling and automated decision making

For the establishment and implementation of the business relationship and also otherwise, we generally do not use any fully-automated decision-making (such as regulated in Art. 22 DSGVO). Should we use such procedures in individual cases, we will inform you individually about this, insofar as this is required by law, and inform you about the associated rights.

10.       Rights of the data subject 

Within the framework of the data protection law applicable to you and to the extent provided for therein (such as in the case of the GDPR), you have the right to information, correction, deletion, the right to restriction of data processing and otherwise the right to object to our data processing, in particular that for the purposes of direct marketing and other legitimate interests in processing, as well as to the release of certain personal data for the purpose of transfer to another body (so-called data portability). Please note, however, that we reserve the right to enforce the restrictions provided for by law, for example if we are obliged to retain or process certain data, have an overriding interest in doing so (insofar as we are entitled to rely on this) or require it for the assertion of claims. If you incur costs, we will inform you in advance. We have already informed you about the possibility of revoking your consent in section 3. Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or costs. We will inform you in advance if this is not already contractually regulated. 

The exercise of such rights usually requires that you clearly prove your identity (e.g. by a copy of your ID card where your identity is otherwise not clear or cannot be verified). To exercise your rights, you can contact us at the address given in section 1.

Every data subject also has the right to enforce his or her claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).