Privacy Policy

Version of May 25, 2018

With this data protection declaration, we, Steven Epprecht Entertainment, Gerichtsstrasse 3, CH-8610 Uster, Managing Director: Steven Epprecht, e-mail:, explain how we collect and further process personal data. This data protection declaration explains to you the type, scope and purpose of the processing of this data within our online offer and the websites, functions and contents connected to it as well as external online presences such as our social media channels. This is not a final description; other data protection declarations or similar documents may regulate specific issues. Personal data means any information relating to an identified or identifiable natural person as defined in Article 4(1) of the GDPR; an identifiable person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more specific characteristics which express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. For example, your name or e-mail address are considered personal. Some of this data will be passed on to third parties in accordance with this data protection declaration. We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

If you provide us with personal data of other persons (e.g. family members, data of work colleagues), please ensure that these persons are familiar with this data protection declaration and only provide us with their personal data if you are permitted to do so and if these personal data are correct.

This data protection declaration is based on the EU General Data Protection Regulations (GDPR). Although the GDPR is a regulation of the European Union, it is important to us. The Swiss Data Protection Act is strongly influenced by EU law, and companies outside the European Union and the EEA must comply with the GDPR under certain circumstances.

1. Representative/Data protection officer

Steven Epprecht Entertainment (Gerichtsstrasse 3, CH-8610 Uster) is responsible for the data processing described here, unless otherwise stated in individual cases. If you have any data protection concerns, you can inform us at the following contact address: Gerichtsstrasse 3, CH-8610 Uster and The imprint can be retrieved on

2. Collection and processing of personal data

We primarily process the personal data that we receive from our customers and other business partners or that we collect from their users when operating our websites, apps and other applications. This includes the following data:

  • Inventory data (e.g., names, addresses).
  • Contact details (e.g., e-mail, telephone numbers).
  • Content data (e.g., text input, photographs, videos).
  • Usage data (e.g., visited websites, interest in content, access times).
  • Meta/communication data (e.g., device information, IP addresses).

As far as this is permitted, we also take certain data from publicly accessible sources (e.g. press, Internet) or receive information from other companies. In addition to the data you provide us directly, the categories of personal data we receive about you from third parties including information about you in correspondence and meetings with third parties, credit information (if we do business with you personally),  information about you from people in your environment (superiors, employees, etc.), and information about you in general, so that we can conclude or process contracts with you or with your involvement (e.g. references, your address for deliveries, sales and other contractual partners of us for the use or provision of services by you (e.g. payments made, purchases made), information from the media and the Internet about you (as far as this is indicated in the specific case, e.g. as part of an application, press review, marketing/sales, etc.), your addresses and any interests and other socio-demographic data (for marketing), data in connection with the use of the website (e.g. IP address, MAC address of the smartphone or computer, information about your device and settings, cookies, date and time of visit, pages accessed and contents, functions used, referring website, location information).

3. Purposes of data processing and legal bases

We use the personal data we collect primarily to complete and process our orders with our customers and business partners, in particular in the context of influencer activities and blog posts with our customers and to comply with our legal obligations at home and abroad. If you work for such a customer or business partner, you can of course also be affected in this function with your personal data. The purpose of the processing includes the following aspects:

  • Provision of the online offer, its functions and contents.
  • Answer contact requests and communicate with users.
  • Security measures.
  • Reach measurement/marketing

In addition, we process personal data of you and other persons, to the extent permitted and deemed appropriate, also for the following purposes in which we (and sometimes also third parties) have a justified interest corresponding to the purpose:

  • Offer and further development of our offers, services and websites, apps and other platforms on which we are present;
  • Communication with third parties and processing of their inquiries (e.g. applications, media inquiries);
  • Review and optimization of procedures for needs analysis for direct customer approach and collection of personal data from publicly available sources for customer acquisition;
  • Advertising and marketing (including the organization of events), provided that you have not objected to the use of your data (if we send you as an existing customer advertising from us, you can object to this at any time; we will then place you on a blacklist against further advertising mailings);
  • Market and opinion research, media observation;
  • Enforcement of legal claims and defence in connection with legal disputes and official proceedings;
  • Prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud);
  • Warranties for our operations, especially IT, our websites, apps and other platforms

If you have given us your consent to process your personal data for specific purposes (for example when registering to receive newsletters or carrying out a background check), we will process your personal data within the scope of and based on this consent, unless we have another legal basis and require one. A given consent can be revoked at any time, but this has no effect on data processing that has already taken place.

4. Cookies

We typically use "cookies" and similar techniques to identify your browser or device on our websites. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by your web browser when you visit our website. If you visit this website again, we can recognize you, even if we don't know who you are. In addition to cookies that are only used during a session and deleted after your visit to the website ("session cookies"), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) ("permanent cookies"). However, you can set your browser to reject cookies, save them only for one session or otherwise delete them prematurely. Most browsers are preset to accept cookies. We use permanent cookies so that you can save user settings (e.g. language) so that we can better understand how you use our offers and content. If you block cookies, certain functionalities (e.g. language selection) may no longer work.

In our newsletters and other marketing e-mails we partly and as far as permitted also include visible and invisible picture elements, by whose retrieval from our servers we can determine whether and when you have opened the e-mail, so that we can also measure here and better understand how you can use our offers and tailor them to you. You can block this in your email program; most are set to do so by default.

By using our websites and consenting to receive newsletters and other marketing e-mails, you consent to the use of these techniques. If you do not want this, you must set your browser or e-mail program accordingly.

5. Tracking and other technologies

Google Analytics

We may use Google Analytics or similar services on our websites. This is a service provided by third parties who may be located in any country of the world (in the case of Google Analytics it is Google LLC in the USA,, with which we can measure and evaluate the use of the website (non-personal). For this purpose, permanent cookies are also used, which are set by the service provider. The Service Provider does not receive (and does not retain) any personal information from us, but may track your use of the Website, combine this information with information from other websites you have visited and which are also tracked by Service Providers, and use this information for its own purposes (e.g., to control advertising). If you have registered yourself with the service provider, the service provider also knows you. The processing of your personal data by the service provider is then the responsibility of the service provider in accordance with its data protection regulations. The service provider merely informs us how our respective website is used (no information about you personally).

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link:

For more information on handling user data at Google Analytics, see Google's data protection statement:

We have concluded a contract with Google for order data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

This website uses the "demographic features" function of Google Analytics. This allows reports to be created that contain information on the age, gender and interests of site visitors. This data comes from interest-related advertising by Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can disable this feature at any time from your Google Account ad preferences or opt-out of Google Analytics collecting your information as described in the "Opt-out of data collection" section.

Hosting Provider & Server LogFiles

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • IP address
  • browser type and browser version
  • operating system used
  • Referrer URL
  • host name of the accessing computer
  • time of the server request

These data cannot be directly assigned to specific persons. These data are not combined with other data sources. We reserve the right to check these data subsequently if we become aware of concrete indications of an illegal use. These data as well as all data of this website are stored at our hosting provider

Hostpoint AG, Neue Jonastrasse 60, CH-8640 Rapperswil, whose data protection declaration you will find here.


This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as a site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Social Plugins

We also use plug-ins from social networks such as Facebook, Instagram, Youtube or Twitter on our websites. This can be seen for you in each case (typically via corresponding symbols). We have configured these elements to be disabled by default. If you activate them (by clicking), the operators of the respective social networks can register that you are on our site and where and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator according to its data protection regulations. We do not receive any information about you from him.


If you would like to subscribe to the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. We use these data exclusively for the dispatch of the requested information. You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one can log in with other e-mail addresses. Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the login and confirmation time, as well as the IP address. Also the changes of your data stored with MailChimp are logged.

You can cancel our newsletter at any time, i.e. revoke your consent. At the same time your consents to its dispatch via MailChimp and the statistical analyses expire. A separate cancellation of the dispatch via MailChimp or the statistical evaluation is unfortunately not possible. You will find a link to cancel the newsletter at the end of each newsletter.


The newsletter is sent via "MailChimp", a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The e-mail addresses of our newsletter recipients, as well as their further data described in the context of these notes, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, MailChimp can use this data according to its own information to optimize or improve its own services, e.g. to technically optimize the sending and presentation of the newsletter or for economic purposes, in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write them down or pass them on to third parties. We trust in the reliability and IT and data security of MailChimp. MailChimp is certified under the US-EU data protection agreement "Privacy Shield" and thus commits itself to comply with EU data protection regulations. Furthermore, we have concluded a "DataProcessing Agreement" with MailChimp. This is a contract in which MailChimp undertakes to protect the data of our users, to process them on our behalf in accordance with their data protection regulations and in particular not to pass them on to third parties. The data protection regulations of MailChimp can be viewed here.

6. Data transfer and data transmission

We also disclose data within the framework of our business activities and the purposes pursuant to Section 3 to third parties, to the extent permitted and deemed appropriate, either because they process it for us or because they wish to use it for their own purposes. In particular, the following posts are concerned:

  • service providers from us including order processors (such as IT providers);
  • dealers, suppliers, subcontractors and other business partners;
  • customers;
  • domestic and foreign authorities, official bodies or courts;
  • media;
  • the public, including visitors to websites and social media;
  • competitors, industry organisations, associations, organisations and other bodies;

all common “recipients”.

These recipients are partly inland, but can be anywhere on earth. In particular, you must expect your data to be transmitted to all countries in which Steven Epprecht is active as a result of the aforementioned business activity and to other countries in Europe and the USA where the service providers we use are located (e.g. Apple, Mailchimp). If we transfer data to a country without adequate legal data protection, we ensure an appropriate level of protection as provided for by law by using appropriate contracts or so-called binding corporate rules or rely on the statutory exceptions of consent, contract execution, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the persons concerned. You can obtain a copy of the mentioned contractual guarantees at any time from the contact person named under point 1. However, we reserve the right to black out copies for data protection reasons or reasons of secrecy or to deliver only excerpts.

7. Duration and retention of personal data

We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, processing up to the termination of a contract) as well as beyond that in accordance with the legal storage and documentation obligations. It is possible that personal data may be stored for the period during which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or justified business interests require this (e.g. for evidence and documentation purposes). As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or made anonymous as far as possible. For operational data (e.g. system logs), shorter retention periods of twelve months or less generally apply.

8. Data integrity

We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse, such as the issuance of instructions, IT and network security solutions and encryption of data carriers (https).

9. Obligation to provide personal data

As part of our business relationship, you must provide the personal data that is necessary for the establishment and execution of a business relationship and the fulfilment of the associated contractual obligations (as a rule, you do not have a statutory obligation to provide us with data). Without this information, we will generally not be able to enter into or process a contract with you (or the entity or person you represent). The website cannot be used either if certain information is not disclosed to ensure data traffic (e.g. IP address).

10. Rights of the data subject

You have the right to information, correction, deletion, the right to restriction of data processing and otherwise the right to object to our data processing and to the surrender of certain personal data for transmission to another location (so-called data portability) within the scope of the data protection law applicable to you and to the extent provided for therein (such as in the case of the GDPR). Please note, however, that we reserve the right to enforce the statutory restrictions, for example if we are obliged to store or process certain data, have an overriding interest in it (as we may invoke it) or need it for asserting claims. If there are costs for you, we will inform you in advance. We have already informed you of the possibility of revoking your consent in Section 3. Note that the exercise of these rights can conflict with contractual agreements and this can have consequences such as premature contract termination or cost consequences. In this case we will inform you in advance where this is not already contractually regulated.

The exercise of such rights usually requires that you clearly prove your identity (e.g. by a copy of your identity card, where your identity is otherwise not clear or can be verified). To assert your rights, you can contact us at the address given in paragraph 1.

Furthermore, every data subject has the right to enforce his claims in court or to lodge a complaint with the competent data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (

11. Adjustments

We may revise this Privacy Policy at any time without notice. The current version published on our website applies. If the Privacy Policy is part of an agreement with you, we will notify you of the change by e-mail or other appropriate means in the event of an update.

Last update: Mai 25, 2018