Data Privacy

Date: January 2025

1. General

This privacy policy describes the data processing carried out by the following subsidiaries of Goldbach Group AG:

  • Goldbach Media AG
  • Swiss Radioworld AG
  • Goldbach Audience AG
  • dreifive (Switzerland) AG, dreifive AG and dreifive GmbH
  • Goldbach Manufaktur AG
  • Goldbach Premium Publishing AG
  • Goldvertise Media GmbH
  • Goldbach Austria GmbH

(hereinafter collectively referred to as ‘Goldbach’) as part of the provision of its services. Goldbach Group AG, based in Küsnacht, Switzerland, is a sub-holding company of TX Group AG, based in Zurich. Goldbach is a technology-based media service provider whose customers include both advertisers and operators of media channels such as TV stations (including connected TV and HbbTV applications), online platforms (websites and mobile apps), (online) radio stations, DOOH and print media (collectively ‘publishers’). We offer innovative products and services that enable advertisers to better reach their target audience and publishers to promote, grow and monetise their online platforms through the sale of ads.

Note: This privacy policy describes the data processing operations of Goldbach in the context of its above-mentioned services. For the data processing operations that take place when you visit the Goldbach website, i.e. Goldbach.com, or when you contact the companies of the Goldbach Group, please consult the data protection declaration of Goldbach Group AG.

The protection of personal data is of particular concern to Goldbach. We believe that safe, secure and respectful practices in handling consumer information are fundamental to the success of our business and the growth and viability of the internet as a whole. We are a member of IAB-Europe, the trade association of the European digital and interactive marketing industry (‘IAB’).

The Goldbach Group is a registered member of the IAB Transparency and Consent Framework 2.2 (Vendor ID 580) and adheres to its guidelines. The IAB TCF 2.2 is an industry standard that enables all digital market participants (publishers, advertisers, technology service providers, etc.) to inform end users about the processing of their personal data and to give them the opportunity to consent to or object to this. You will find a Consent Management Platform at all operators of online platforms that participate in the framework: A control interface, usually in the form of a cookie or privacy centre, within which you can make your data protection settings. These settings are taken into account by all participants in the framework, including the companies of the Goldbach Group.

Goldbach processes your personal data (hereinafter ‘data’) on the basis of the statutory provisions of the Swiss Federal Act on Data Protection of 25 September 2020, SR 231.1 (hereinafter ‘FADP’) and, where applicable, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter ‘GDPR’).

In the following, we provide you with an overview of the most important aspects of data processing in the context of our services, offers and products. We inform you about your rights and explain which decisions you can make with regard to the collection of your data. You will then find a contact point to which you can turn if you have any questions or concerns regarding data protection.

2. Technologies we use for data collection

Goldbach delivers adverts (e.g. banners, video spots) from hundreds of advertisers on a variety of media channels (websites, mobile apps, DooH screens, HbbTV applications) (hereinafter referred to as ‘Goldbach services’). A list of the websites and apps on which Goldbach delivers adverts can be found here.

As part of Goldbach’s services, Goldbach – on its own responsibility and independently of the website operator – uses innovative target group products that enable Goldbach to reach its target audience more precisely and to promote websites and apps by selling adverts. These target group products can also be created by using data that Goldbach collects and processes.

2.1 Cookies – Definition and Purpose

Goldbach uses so-called cookies for the purpose of creating these target group products. These are small text files that are stored on the hard drive of the end device of a visitor to a website or app (hereinafter referred to as ‘user’) with the help of the browser and are stored there for data collection purposes. When you as a user visit one of the websites or apps of the Goldbach network, the automated systems of its service providers (e.g. ad servers, data management platforms) collect usage data with the help of cookies in relation to the visit to this website and apps or, by means of third-party cookies, also beyond the specific domian. Information can be written in these text files that can be read again at a later date.

Some cookies remain stored on your end device until you as the user delete them. For example, they enable Goldbach to recognise your browser the next time you visit. Other cookies are only stored for the duration of your visit to a website.

If you do not wish data to be collected using cookies, you can set up your browser so that it informs you when cookies are set and you only authorise this in individual cases. You can find out more about this under point 2.1.3 ‘Handling cookies’.

2.1.1 Third Party Cookies resp. Cookies of our service providers

Third party cookies are cookies that originate from a domain other than that of the website. Third-party cookies are usually used by technology providers or advertising networks. For example, as some online or mobile advertisers (‘advertisers’) and website and app operators (‘publishers’) do not want to run campaigns on just one domain or website, third-party cookies enable them to recognise users on different domains and store information in the third-party cookie. For example, if a user visits a website, a third-party cookie is placed on the user’s computer by the advertising network from which an advert is provided. The cookie can be used to track user data such as page visits and length of stay. If the user later visits another website on which there is an advert from the same advertising network, the same cookie is used despite the different website – because it is the same third-party provider. In this way, the advertising network can track a user across domains and deliver targeted advertising.

Goldbach uses technologies from service providers or their sub-service providers that contain cookies to optimise the provision of its services. These are third party cookies.

Our most important service provider is Goldbach neXT AG, a subsidiary of the Goldbach Group, which in turn uses third-party technology providers that use third-party cookies on behalf of Goldbach. More information can be found here: Datenschutzerklärung von Goldbach neXT.

Insofar as your service providers process personal data on behalf of Goldbach (including Goldbach neXT), they have each concluded an order processing contract with Goldbach. Such a contract guarantees that the provider will only process the personal data transmitted to it in accordance with Goldbach’s instructions and not for its own purposes, and that it will take suitable technical and organisational measures to ensure the legally compliant protection of your data. The providers’ own data protection declarations can be found in the links above. Please note: Cookies are used on the websites of the aforementioned providers and therefore personal data is processed by the providers and, where applicable, by their partners and service providers.

In addition, advertising customers may also store third-party cookies on users’ end devices via the advertising spaces provided in the Goldbach network. In this case, the advertising clients contractually undertake to participate in the IAB Transparency and Consent Framework (see section 1) and to comply with all data protection provisions, whereby they are specifically responsible to the user for their data processing.

2.1.2  First Party Cookies

First party cookies are cookies that are linked to a specific domain (e.g. website). Only this domain can write information to the cookie and read it again at a later time. First party cookies are mainly used to provide the user with a better and faster surfing experience on a website, as, for example, certain user preferences are stored in the cookie and do not have to be re-entered by the user on each visit.

First party cookies are also used on Goldbach.com. More information can be found here: Datenschutzerklärung der Goldbach Group.

2.1.3 Handling of cookies

You can change the settings of your web browser and block all cookies. However, as cookies are widely used, blocking cookies in your web browser may restrict your use of different websites.

You will find a Consent Management Platform on all operators of online platforms that participate in the IAB Transparency and Consent Framework – including this website: A control interface, usually in the form of a (cookie) banner, in which you can make your data protection settings. Here you can authorise or prohibit the use of cookies for various purposes. If we use cookies on an online platform that you use, you will find us in the Consent Management Platform there. The settings you make there will be taken into account by all participants in the framework, including Goldbach.

Please note that the storage of your data protection settings made in this way may be based on cookie technology (this may vary depending on the operator of the online portal). For users of multiple computers or browsers, this means that they must deactivate the receipt of cookies on each computer or for each browser. Even if users change computers or delete cookies from their computer, they must repeat the deactivation process.

2.2 API Interface

An API interface is a programming interface that allows software to communicate with other software. Similar to cookies, this is a technology that can be used to collect usage data and is usually used in conjunction with apps. Specifically, this means that information about the use of a mobile or HbbTV app, for example, can be transmitted via such an interface to our service providers, who process the information for the above-mentioned purposes on our behalf.

You can generally consent to or object to the collection of data via the API interface within the corresponding application (mobile, HbbTV apps, etc.), depending on the legal basis of the processing (see section 4). Similar to cookies, this is done on a consent management platform that complies with the IAB TCF standards.

3. What data does Goldbach process?

3.1. Data that we process about you as a contractual partner, interested party and enquirer

We collect your personal data when you contact us, e.g. as an interested party, enquirer or contractual partner. This is particularly the case if you are interested in our products, make enquiries, request quotations or contact us by e-mail or telephone and if you have an existing business relationship with us. We process the following personal data for the initiation and fulfilment of contracts and for the purposes of customer contact:

  • Personal identification data, e.g. first and last name, address, date of birth, nationality, e-mail address, telephone number
  • Company data, e.g. industry and commercial register data
  • Order and payment data, e.g. product details; means of payment; customer number

3.2. Data that we collect about you as an end user of online platforms marketed by Goldbach

In the course of offering its services and products, Goldbach does not process any personal information that directly identifies you as an end user (such as names, residential addresses, e-mail addresses). The identification of end users is not necessary for the purposes of data collection and, in line with the principle of data minimisation, is not sought. Instead, user information (see next section) is linked to pseudonymised data points such as IP addresses or device identification numbers. These cannot be assigned to an individual person without additional great effort. IP addresses are pseudonymised immediately after collection (e.g. by deleting the last 8 bits). This means that only a rough determination of the user’s location (at postcode level) is possible.

The usage data collected by Goldbach from end users includes information such as websites visited, date and time at which websites or apps were viewed, interactions between content and adverts, location data (only with explicit consent). The technologies used to collect this data include cookies or similar technologies, which are deleted after a certain period of time (see section 7 below).

In addition to the collected usage behaviour of end users, Goldbach enriches the data pool with characteristics estimated by them or their service providers in order to derive interest profiles. These essentially include segment identifiers such as football fan, smart shopper, adventure traveller or similar. Under no circumstances does Goldbach determine probabilities for ‘sensitive’ characteristics such as creditworthiness, susceptibility to illness, political orientation or similar for individual persons.

3.3. Where does the data processed by Goldbach come from?

Goldbach collects and processes your data as described in section 3.2 when you interact with online platforms – this may be a website, a mobile or HbbTV app, for example – which are marketed by Goldbach.

4. On what legal basis does Goldbach process your data?

We always treat personal data in accordance with the strict provisions of the applicable data protection regulations (namely the GDPR and the DSG). We only collect and store personal or usage-related data if

  • we have your consent to do so or
  • this is necessary for the fulfilment of a contractual or legal obligation or
  • we have an overriding legitimate interest in processing your personal data.

Data collection after consent

Where required by law, Goldbach will ask for your consent when processing your data. If you have given Goldbach your consent to process your data (for example via a Consent Management Platform in the IAB Transparency and Consent Framework, see section 1), this processing will be based on your consent. You can withdraw your consent at any time.

  • Data collection for the fulfilment of our contractual obligations

In order to fulfil any contracts with you, we must process your data. This also applies to pre-contractual information and contacts that you make to us as part of an enquiry. The purposes of data processing depend primarily on the respective service or product. To fulfil the contractual relationship, for example, we need your address, your telephone number or your e-mail address in order to be able to contact you.

Details on the respective purposes of data processing can be found in the contract documents, our General Terms and Conditions and the product and service descriptions in addition to these data protection guidelines.

  • Data collection for the fulfilment of our legal obligations

The processing of your data may be necessary due to legal obligations to which we are subject (in particular for the storage of business letters and contract documents). Such obligations may arise, for example, from the Swiss Code of Obligations (OR) or tax law.

  • Data collection to protect overriding legitimate interests

Goldbach may process your data if this is necessary to safeguard its legitimate interests, unless the interests of the users outweigh this or consent is required under applicable law. A legitimate interest of Goldbach may, for example, lie in the customisation of the advertisements that users of the online platforms of the Goldbach network see. The user benefits from better customised advertising placements and the resulting increase in the general quality of advertising. The processing helps advertisers to play out campaigns to the appropriate target groups. We also have a legitimate interest in processing your data for our own marketing purposes, for customer retention or for legally permissible direct advertising by means of newsletters. In addition, we have a legitimate interest in processing your data in the context of (potential) legal prosecution and for purposes related to the accounting and auditing obligations of the companies within the Goldbach Group.

5. Who receives your data processed by Goldbach?

Your data will be transmitted to the following recipients:

  • Service providers and partners used by Goldbach, such as the providers under section 2.1.1, insofar as they require your data to fulfil their respective tasks. These service providers are contractually obliged to treat your data confidentially and to process it only to the extent necessary for the provision of services. In particular, they are not authorised to process the data received beyond the provision of their services for their own purposes. In this respect, your data remains within the sphere of Goldbach. A list of the current service providers of the Goldbach Group companies can be found here.
  • Within the Goldbach Group and its parent company TX Group AG, those employees and departments receive your data that need it to fulfil the respective contractual and legal obligations and the above-mentioned legitimate interests.
  • In the case of data transfers outside the Goldbach Group and the TX Group, it is particularly important to us that the protection of your data is guaranteed. As a rule, such a transfer does not take place or takes place under the strictest conditions. For example, we may have to pass on personal data to public bodies and authorities on request because we are legally obliged to do so. In addition, data may only be passed on in aggregated, anonymised form – so that no conclusions can be drawn about an individual person – or in such a way that you always retain control over the processing of your data (e.g. via the Consent Management Platform in the IAB Transparency and Consent Framework).
  • Finally, it is possible for an advertising client of Goldbach to equip its advertising material with additional tags that enable it to collect data at the time of delivery of this advertising material. However, this is not a transfer of data collected by Goldbach. The advertiser is responsible for this data collection and Goldbach cannot influence the use of such tags, nor is it involved in their technically successful implementation. Should this be the case, such an advertising client will be listed in the Consent Management Platform of the publisher on whose website the advert is placed and you can object to this data collection. As a rule, Goldbach only works with advertising clients that are registered in the IAB Transparency and Consent Framework.

6. How do we protect your personal data?

We and our service providers have technical and organisational security procedures in place to protect the security of your personal data and to protect your session data and personal data against unauthorised or unlawful processing and/or against accidental loss, alteration, disclosure or access.

7. How do we delete your data?

Goldbach does not store your data for longer than is necessary for the respective processing purposes.

We store your personal data for a maximum period until the end of the contractual relationship with you or as long as our legitimate interest in processing exists. The latter is the case, for example, if legal claims can be asserted from the contractual relationship or as long as statutory retention and documentation obligations exist. Reasons for this may be, for example

  • The fulfilment of retention obligations under company and tax law: in particular under the Code of Obligations and tax law.
  • The preservation of evidence for legal disputes within the framework of statutory limitation periods.

Temporary or permanent cookies remain stored on your computer or mobile device for between one month and ten years, depending on the type of cookie, and are automatically deactivated after the programmed time has expired. However, we only process the information resulting from the cookies for a maximum of 90 days. Depending on the decision of the website operator, providers other than Goldbach may also use cookies on the basis of consent. The deletion of data within the meaning of section 14.2 below can be requested at any time via oba@ch.goldbach.com.

8. Are you obliged to make your data available to Goldbach?

We require the following personal data from you in order to fulfil our contracts and for our business relationships as well as for processing and responding to contact enquiries:

  • Data needed for the establishment and execution of a business relationship or contact enquiry (e.g.: name, address, telephone number or e-mail address)
  • Data required for the fulfilment of the associated contractual obligations

Without this personal data, we are generally unable to enter into or fulfil a contractual relationship with you.

If you do not want Goldbach to collect your data by means of cookies, you can set this accordingly in the Consent Management Platform of the Goldbach website and the online platforms in the Goldbach partner network. However, this may restrict the functionality of the websites or apps in question.

9. Why and how does Goldbach create profiles about your user behaviour?

To enable Goldbach to create and continuously optimise services and products (target group products), the technical possibility of automated profiling is used, in particular to analyse or predict aspects relating to personal preferences, interests, behaviour, location or change of location.

In some cases, Goldbach processes your data in order to evaluate certain personal aspects (profiling). This applies, for example, in the following cases:

  • Through targeted marketing, Goldbach only wants to make you offers that are tailored to your needs.
  • Goldbach uses characteristics derived from cookie data to assess the interests of website and app users. This involves calculating the probability with which a user corresponds to a certain category of interest. This calculation is based on statistical methods. The calculated interests support Goldbach in the allocation of its services and products.

10. Data Processing Outside the EU/EEA by Goldbach

You acknowledge that your data processed by Goldbach may be processed outside the country in which you reside. Goldbach assures its contractual partners and all users whose data is collected that data will only be processed in countries where an equivalent level of data protection to that in Switzerland or the EU is ensured.

If data is processed by service providers (processors) outside the EEA, Goldbach ensures that the affected company provides adequate protection for your data (for example, through Binding Corporate Rules) or is required to do so via mechanisms such as the EU Commission’s Standard Contractual Clauses (SCC). If these measures do not provide sufficient protection, additional steps will be taken. Where possible and necessary, an alternative service provider will be chosen.

11. Data Transfer within the Group

Data collected by us for our own purposes or on behalf of our clients may be stored and processed in any country where Goldbach Group subsidiaries, branches, representatives, or client facilities are located. The user acknowledges and accepts that information provided by the user may be transferred outside the country of residence and to all companies belonging to Goldbach’s parent company, the Goldbach Group, and its ultimate parent company, TX Group AG. Goldbach assures its clients and all users whose data is collected that data will only be processed in countries where an equivalent level of data protection to that in Switzerland or the EU is ensured. If data is processed by a company in another country, the data transfer will take place in accordance with the criteria outlined in Section 10.

12. Data Transfer due to Change of Control

If another company acquires all or substantially all of our company’s assets due to consolidation, merger, acquisition of assets, or other transactions, we reserve the right to transfer all data (including personal data) in our possession or under our control to the acquiring entity.

13. Changes to This Privacy Policy

We reserve the right to make changes to this Privacy Policy by publishing an updated version on this page. The date of the current Privacy Policy will always be indicated at the top of this page. Any changes to this Privacy Policy will be made in compliance with applicable data protection laws.

14. What Are Your Rights Regarding Goldbach?

Goldbach strives to answer your questions and concerns as quickly as possible. However, in some cases, it may take up to one month before you receive a response. If we need more than a month, we will inform you in advance.

In some cases, Goldbach may not be able or allowed to provide information. Where legally permitted, Goldbach will always inform you of the reason for the refusal in a timely manner. You have the right to file a complaint (see below).

14.1 Right to Access, Information, and Rectification

You may request information about the data processed by Goldbach. If your data is incomplete, you may request completion. If your data is incorrect (or no longer accurate), you may request correction. If Goldbach has shared your data with third parties, those third parties will be informed of the correction where legally required.

14.2 Right to Deletion of Your Personal Data

You may request the immediate deletion of your data if:

  • Your data is no longer needed for the purposes for which it was collected,
  • You withdraw your consent and there is no other legal basis for processing by Goldbach,
  • You object to the processing and there are no overriding legitimate reasons for continued processing,
  • Your data has been unlawfully processed,
  • Your data must be deleted to comply with legal requirements, or
  • Your data was collected in connection with information society services (e.g., advertising offers) targeted at children (as defined in Art. 8 GDPR).

14.3 Right to Restrict the Processing of Your Personal Data

You have the right to request a restriction (similar to a freeze) on the processing of your data if:

  • You dispute the accuracy of your data for the period Goldbach needs to verify its accuracy,
  • The processing is unlawful, but you request restriction of use instead of deletion,
  • Goldbach no longer needs your data for processing purposes, but you require it for the establishment, exercise, or defense of legal claims, or
  • You have objected to the processing, and it has not yet been determined whether your interests outweigh ours.

14.4 Right to Object

You have the right to object to the processing of your personal data at any time for reasons arising from your particular situation, if the processing is based on legitimate interest or the performance of a task carried out in the public interest; this also applies to profiling. Goldbach will then cease processing your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if processing is necessary for the establishment, exercise, or defense of legal claims.

Goldbach Group is a registered member of the IAB Transparency and Consent Framework 2.0 (Vendor ID 580) and adheres to its guidelines. The IAB TCF 2.0 is an industry standard that enables all digital market participants (publishers, advertisers, technology providers, etc.) to inform end users about the processing of their personal data and give them the option to consent or object. You will find a Consent Management Platform with all online platform operators participating in the framework: a control interface, usually in the form of a cookie or privacy center, where you can manage your privacy settings. If we process your data, you will find us listed in the Consent Management Platform of the websites, mobile apps, and HbbTV apps you use. The settings you choose there will be respected by all participants in the framework, including Goldbach Group companies.

If personal data is processed for direct marketing purposes (via newsletter or telephone), you have the right to object at any time to the processing of personal data for such advertising. Contact details can be found below.

15. Contact

If you have any questions, concerns, or comments regarding the processing of your personal data by Goldbach, please contact us via email or post:

Goldvertise Media GmbH
Beta-Straße 10H
85774 Unterföhring, Germany

Email: info.de@goldvertise.com

If you contact us via the website form or email, your provided data will be stored for six months for processing your request and potential follow-up questions. This data will not be shared without your consent.

Corporate Data Protection Officer:

ePrivacy GmbH
Burchardstrasse 14
20095 Hamburg
Germany
www.eprivacy.eu