1. INTRODUCTION
We at Bauwerk Group (“Bauwerk Group”, “we” or “us”) are committed to protecting and respecting your privacy. This Privacy Policy describes your rights and how we collect and use personal data about our potential, current and former customers, suppliers, business partners, as well as job applicants and visitors of websites, and social networks.
Bauwerk Group owns these well- known brands in the wood flooring industry: Bauwerk, Boen and Somerset. This Privacy Policy applies to our brands globally with respect to the specifics of the activities of relevant companies (local regulation, specific of business operations, etc.).
When processing your personal data, we comply with applicable regulations of the countries in which we operate, the General Data Protection regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP) which applies in Swiss jurisdiction (where our parent company is based). When your personal data is processed by our US companies, the regulation of US also applies to the relevant data processing operations.
This Privacy Policy is primarily intended for our websites and other digital platforms that we use to conduct our business operations and process the relevant categories of personal data. Therefore, the Privacy Policy doesn’t provide the definitive list of data processing operations that we carry out in our activities, since part of data processing operations are exclusively related to our internal environment (for example data processing operations related to our employment relationship; to communication within the Group and to others), where specific data processing rules set out in our internal regulation apply.
It should be emphasized that companies of Bauwerk Group may provide you with additional privacy notices related to the performance of specific operations, in which the content of personal data processing operations may differ from those described in this Privacy Policy. For example, we intend to invite you to participate in our new product launch survey, which cannot be completed without processing your personal data (name, surname, age, etc.). Consequently, for this purpose we’ll provide you with a separate data processing notice (depending on the situation, it could be a consent form, an information notice on data processing regarding this operation, etc.) by explaining the purpose, legal background for data processing, retention period, and other required information.
2. WHO IS THE CONTROLLER AND WHOM TO CONTACT IN CASE OF QUESTIONS?
Bauwerk Group Schweiz AG, Neudorfstrasse 49, 9430 St. Margrethen (Switzerland), acts as the data controller for Group-level data processing activities, including centrally managed systems, digital platforms and other Group-wide processing operations where it determines the purposes and means of processing personal data.
Individual companies within the Bauwerk Group may also process your personal data in connection with their own business activities. Where a local Bauwerk Group company independently determines the purposes and means of processing — for example in relation to video surveillance at its premises or its internal payroll administration — that company acts as the data controller for those specific processing activities.
In certain situations, Bauwerk Group Schweiz AG and the relevant local company may jointly determine the purposes and means of processing. In such cases, they act as joint controllers in accordance with applicable data protection laws
If you have any questions about how your personal data is processed or which Bauwerk Group entity is responsible in a specific case, please contact us at dataprotection@bauwerk-group.com
3. WHAT PERSONAL DATA DO WE PROCESS, HOW AND HOW LONG AND WHAT ARE OUR LEGAL GROUNDS FOR PROCESSING PERSONAL DATA?
We process your personal data for the following purposes and based on the following legal basis:
Personal data processed
| Purpose |
Legal basis |
Term of processing | |
|
Our potential, current and former customers, suppliers, and business partners |
|||
| To communicate with you |
Name, surname, position, represented legal person, address, email address, phone number, information contained within your communications with us, such as the contents of emails, messages provided via website’s contact form. |
Performance of our contract with you or your employer or for our legitimate interest in effective communication. | Up to 10 years from the last contact (further storage can take place in individual cases if this is legally stipulated). |
| To market our products and services | Name, surname, address, email address, phone number will be used to send newsletters, emails with information about our products, services or events. | This processing is based on our legitimate interest in being able to market our products and services to our existing customers or the processing is based on your consent, as you have shown an interest in our products and services. |
If you are an existing customer, we will process your personal data until you let us know that you no longer want to get direct marketing from us and/or will unsubscribe from this.
For those who have issued us a consent for direct marketing – we will process personal data for 3 years (further storage can take place in individual cases if this is legally stipulated) unless you withdraw your consent. At the end of the 3-year period, we’ll remind you about the expiration of your consent.
If you no longer want direct marketing from us, please feel free to follow the unsubscribe instructions contained in the email received from us or contact us directly. |
| To identify you, conclude and perform the contract |
If you are a sole trader natural person, we will process your name, surname, position, customer/supplier ID, address, email address, phone number, personal identification number or date of birth, bank and bank account details (including credit card details when requires), signature.
If you are not a sole trader and represent your employer but contact us in the role of representative of a company, we process your name, surname, email address, phone number, company name, position, workplace and sometimes information regarding your right to represent your company, customer/supplier ID signature. |
To conclude and perform contract with you or your employer. | 10 years (further storage can take place in individual cases if this is legally stipulated) |
| To fulfil our legal obligations, e.g., related to bookkeeping |
If you are a sole trader, natural person, we will process your name, surname, position, customer ID, address, email address, phone number, personal identification number, bank and bank account details, signature.
If you are not a sole trader and represent your employer but contact us in the role of representative of a company, we process your name, surname, email address, phone number, company name, position, workplace, address and sometimes information regarding your right to represent your company, customer/supplier ID, signature. |
Legal obligations for bookkeeping, archiving of documents. | Up to 10 years (further storage can take place in individual cases if this is legally stipulated). |
| To protect our legal rights and interests |
Examples of personal data processed for this purpose is your communication with us, invoices, and agreements (personal data are used in aforementioned sources, i.e. name, surname, email address, phone number, company name, position, workplace, address and other data provided by you). |
Legitimate interest to protect and enforce our legal rights and interests, e.g. in connection with legal claims, compliance, regulatory and audit functions. | 10 years (further storage can take place in individual cases if this is legally stipulated). |
| In connection with a merger or acquisition | In connection with, due to strategical or business-oriented reasons, a potential merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company, the personal data we retain about you (name, surname, email address, phone number, company name, position, workplace, address) may be processed, shared, or transferred, to parties involved in the process. | Legitimate interest in being able to develop our business. | Up to 10 years (Further storage can take place in individual cases if this is legally stipulated). |
| In connection with app “My room” |
Images of your room you upload to our app from which we may have a theoretical possibility to identify you. |
Consent |
30 days
After 30 days of non-usage, the images are typically deleted. It is possible that we store individual images for a limited amount of time in order to train and improve our recognition algorithm. Thus, if you do not agree to this, please delete your uploaded pictures in our application immediately after usage or contact us for assistance. |
|
In connection with app “Roomvo” |
Their online activity, including the functions, features, and resources that are used, the dates and times of usage, details about how Consumer's access Roomvo such as IP address, operating system, and browser version. Products that you share or identify as favorites, images and names of rooms, email addresses with whom you share your rooms. |
Consent |
Up to 45 days Any other personal information is kept in anonymized form for statistical purposes and will no longer refer to you. |
We would like to point out that this is not the exhaustive list of data processing operations that we carry out in the course of our business, and you will be informed about the specific operation related to your personal data processing as required by the applicable regulation. Furthermore, as it has been already mentioned, the relevant data processing operations carried out in the companies of Bauwerk Group may differ (depending on the specifics of the company’s activities) in purpose, content, nature, retention period, etc., therefore if you fall within the scope of these operations, you will be notified by additional notice (if required according to the regulation).
4. FROM WHERE DO WE RECEIVE DATA?
Most of the personal data we process about you is received from you directly. You may directly or indirectly give us information about yourself in different ways, for example when you visit our showrooms or fill in forms on our websites. You can always choose not to provide us with certain information. However, some personal data is necessary for us to provide you with our products and/or services. Not providing such personal data may prevent us from providing the products and/or performing the services you expect from us.
We may also obtain personal data about you from your employer, the website of your employer or other external public sources.
5. TO WHOM DO WE DISCLOSE DATA, AND DO WE TRANSFER DATA OUTSIDE THE EU OR EEA?
Your personal information is shared with:
|
Our employees and business partners |
Your personal data will be shared with some of our employees (including employees across Bauwerk Group where necessary) and business partners. However, we will restrict access to those employees and business partners who need it to perform their jobs. Our employees and business partners are subject to strict confidentiality.
|
|
Our service providers |
We transfer to or share your personal data with our suppliers who help us to provide our products and/or service to you, which require them to process personal data (e.g., IT service providers, cloud service providers, couriers, insurance, credit agencies etc.).
|
|
Public authorities |
Sometimes legal obligations may require us to share information about you, e.g., to respond to lawful requests from law enforcement agencies, regulatory agencies, and other public and government authorities. We may also disclose information if needed in connection with a legal process, e.g., to enforce our agreements or to protect our rights, you or others.
|
|
Parties involved in mergers and acquisitions |
We may share or transfer your personal data in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business, to the counter party and advisors involved in the process.
|
Bauwerk group companies have offices, facilities, and a distribution network all over the world. Transfers to each of these countries will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission and the use of binding corporate rules.
The hosting facilities for our websites are situated in Switzerland, Germany, and Norway. The European Commission has made an "adequacy decision" with respect to the data protection laws of this country.
Here is a list of some of our service providers:
|
Google Analytics |
Google LLC (Wordwide) |
We have integrated Google Universal Analytics (UA) and Google Analtytics 4 (GA4) on our website.
|
|
|
Google Ads |
Google LLC (Wordwide) |
We run advertisements on the Google search network. For this purpose, we use the "Google Ads" service and have connected it with our Google Analytics instances (conversion tracking). |
|
|
Google Tag Manager |
Google LLC (Wordwide)
|
We use Google Tag Manager to embed various code snippets on our website. |
|
|
YouTube |
Google LLC (Wordwide) |
We use the video platform "YouTube" to embed videos on our website. |
|
|
Facebook & Facebook Pixel |
Meta Platforms Inc. (Worldwide)
|
We use the "Facebook Pixel" on our website. For this purpose, we have implemented a JavaScript code snippet on our website. |
|
|
|
Meta Platforms Inc. (Worldwide)
|
We use the social network "Instagram" to inform users about our products and activities. |
https://help.instagram.com/519522125107875
|
|
|
LinkedIn Corporation (Worldwide)
|
We use the social network "LinkedIn" to inform users about our products and activities. |
|
|
|
Pinterest Inc. (Worldwide) |
We use the social network "Pinterest" to inform users about our products and activities. |
|
|
Mailchimp |
The Rocket Science Group, LLC |
We use Mailchimp from The Rocket Science Group, LLC, to send our newsletters.
|
https://www.intuit.com/privacy/statement/#3._Privacy_for_Contacts |
|
Customer Relationship Management (CRM) |
Salesforce, Inc. (Worldwide) |
Cloud-based enterprise platform used as CRM tool for Bauwerk Group in the following markets (countries): US, UK, IT, LT, DE, AT, LT, CH, FR. |
https://www.salesforce.com/company/legal/privacy/ |
|
Content Management System (CMS) |
Umbraco US office: |
We use the open-source content application platform "Umbraco" as our content management system. Basically, anyone can participate in further development (open source). Within the project, the Umbraco team takes care of the further development. For the development of the service Github is used. We do not transmit any data to Github or the Umbraco team. |
|
|
Web agency |
Netlab AS Kartheia 5 4626 Kristiansan |
"Netlab" is our web agency and responsible for maintaining, observing and the technical development of our branded website. |
|
|
Matterport |
Matterport, Inc
352 E Java Dr, Sunnyvale, CA 94089, United States |
We have a virtual showroom, where Materport collects users' engagement data on the tool. |
|
|
Issuu |
Issuu Inc
131 Lytton Ave Palo Alto, CA 94301, United States |
Issuu.com is a digital publishing platform that allows creators to share, discover, and monetize digital magazines, catalogs, and other publications with a global audience. Issuu.com provide engagement data of users. |
|
|
VEEUZE |
VEEUZE GMBH
Warmbuchenstr. 17, Hannover, Germany |
InteriorStudio tool allow to present Boen products in a natural room environment. Web users can upload their room pictures, and we can see the main analytical data which floor, color they selected. |
https://veeuze.com/en/privacy-policy/
|
|
Crazy Egg |
Crazy Egg, Inc.
Headquarters 16220 E Ridgeview Ln, La Mirada, California, 90638, United States |
Crazy Egg is an online analytics application that provides heatmaps based on where people clicked on our website, record sessions of users, allow publish surveys on website. |
https://www.crazyegg.com/privacy
|
|
Web Hosting |
Netlab AS (through Azure)
Kartheia 5 4626 Kristiansan
|
"Netlab" is our web agency and responsible for maintaining, observing and the technical development of our branded website. Webpage is being hosted on their Azure tenant |
|
We maintain online presences on the following social networks: LinkedIn, Xing, Twitter, Instagram, Facebook, YouTube, Pinterest. When you visit these platforms, their privacy policies apply. For information about social networking privacy policies and practices, please visit the following links:
- https://www.linkedin.com/legal/privacy-policy
- https://privacy.xing.com/
- https://twitter.com/privacy
- https://www.facebook.com/policy.php
- https://help.instagram.com/519522125107875
- https://policies.google.com/privacy
- https://policy.pinterest.com/en/privacy-policy
6. WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?
You have the following rights:
|
Right to access your data
|
You have the right to request a transcript of personal data processed by us, and additional information on how the data has been collected, processed, shared, etc. The first transcript may be requested free of charge, however if you make repeated and unreasonable requests, we might charge you an administrative fee.
|
|
Right to rectification
|
You have the right to correct inaccurate or incomplete information about yourself.
|
|
Right to erasure (‘right to be forgotten’)
|
You have the right to request that we delete personal data about you, e.g., if the data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or if there is no legal basis for processing the data.
|
|
Right to object
|
You have the right to object to processing based on legitimate interest. This means that we may no longer process personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests. You can always contact us for more information on the balance test that has been done. You may also object to your personal data being processed for direct marketing purposes.
|
|
Right to transfer your data
|
You have the right to transfer your personal data to another controller under certain conditions.
|
|
Right to restriction
|
You are entitled to request that the processing of your personal data should be limited until inaccurate or incomplete information about you has been corrected, or until an objection from you has been handled.
|
|
Right to withdraw your consent
|
You may at any time withdraw any consent you have given us. However, please note that it will not affect any processing that has already taken place.
|
|
Right to complain
|
You have the right to lodge a complaint to the Supervisory Authority in the country you live or work in, if you believe that we have not complied with our obligations regarding your personal data.
|
7. HOW DO WE PROTECT PERSONAL DATA?
To protect personal data, we apply the following organizational and technical data security measures:
- We apply access control measures.
- We ensure proper management of hardware and software we use.
- We track personal data security breaches and security incidents.
- We train our staff in training on personal data protection and cybersecurity threats.
- We ensure the protection of the workplace.
- We ensure security of network and communication.
- We take care of backups.
- We take care of the protection of mobile devices.
- We maintain the procedure for proper destruction and deletion of data.
- We also take care of physical security.
8. CHANGES IN PERSONAL DATA PROCESSING RELATED TO THE NEW SWISS FEDERAL ACT ON DATA PROTECTION (FADP)
Since before the entry into force of FADP (Swiss Federal Act on Data Protection), we processed your personal data in accordance with a provision of GDPR, that are very similar in terms of data subjects’ rights, legal basis for data processing and other requirements related to data processing, therefore the changes in FADP does not change our Privacy policy in essence. If in the course of processing, we face the situation where FADP requires substantially different way of data processing we’ll update our Privacy policy accordingly, for example, we’ll inform you and ask for your consent in case we process sensitive data relating to religious, ideological, political or trade union-related views or activities; health, one's intimate life or racial origin; social security measures; administrative or criminal proceedings and sanctions.
9. CHANGES IN THIS PRIVACY POLICY
In the light of continuous development of our business processes (digitalization and other areas) it‘s inevitably that data processing operations will be the subject to change from time to time, accordingly our privacy policy will be changed. Should we make amendments to this privacy policy, we will place the amended policy on our websites, with an indication of the amendment date. If the amendments are significant, we may also inform you about this by other means, for example by sending an email or placing a bulletin on our homepage. We recommend that you review this privacy policy from time to time to ensure you are aware of any amendments made.
For detailed information about our use of cookies and how you can manage your preferences, please refer to our dedicated Cookies Policy page.
Updated: 2025-12-15