1. What are we doing?

Boutique TOPS (Augustinergasse 21, 8001 Zurich) operates the website (hereinafter referred to as “we”). On this website you can find out more about our organization and get in touch with us.

The protection of your personal data is very important to us. In this data protection declaration, we inform you transparently and comprehensibly about what data we collect via our website and how we handle it.


2. What do we inform you about?

  • What data is collected on;
  • Under what conditions we process your data and for what purpose;
  • How long we keep your data;
  • When disclosure to third parties is permitted;
  • How we process your data (“individual data processing operations”);
  • When and how you can object to data processing;
  • What rights you have and how you can exercise them.


3. Definitions of terms


3.1 What is personal data?

Personal data is all information that relates to an identified or identifiable natural person. This includes, for example, name, address, date of birth, email address or telephone number. Data about personal preferences such as leisure activities or memberships also count as personal data.


3.2 What is particularly sensitive personal data?

Data about religious, philosophical, political or trade union views or activities; Data on health and, if applicable, information on administrative or criminal prosecutions and sanctions as well as data on social assistance measures are considered to be particularly sensitive personal data. If necessary and appropriate, we can request and process particularly sensitive personal data. In this case, their processing is subject to stricter confidentiality.


3.3 What is editing personal data?

Processing means any handling of personal data, regardless of the means and procedures used, in particular the acquisition, storage, retention, use, modification, disclosure, archiving, deletion or destruction of data.


3.4 What is disclosing personal data?

This is the transmission or making available of personal data, for example publication or disclosure to a third party.


4. How can you get in touch with us?
If you have any questions or concerns about how we protect your data, you can contact us at any time by email at Responsible for the data processing carried out via this website is:


Boutique TOPS
Michèle Hodel
Augustinergasse 21
8001 Zürich


5. Our data protection declaration always remains the same?
We may change this privacy policy at any time. The changes will be published on, you will not be informed separately.


6. General principles


6.1 What data do we collect from you and from whom do we receive this data

We primarily process personal data that you provide to us or that we collect when operating our website. We may also receive personal information about you from third parties. These can be the following categories:

  • Online identifiers (e.g. cookie identifiers, IP addresses)
  • Personal master data (name, address, dates of birth, etc.)
  • Contact details (mobile phone number, email address, etc.)
  • Online identifiers (e.g. cookie identifiers, IP addresses)


6.2 Under what conditions do we process your data?

We process your data in good faith and for the purposes set out in this privacy policy. We ensure that processing is transparent and proportionate.

If, in exceptional cases, we are unable to comply with these principles, data processing may still be lawful because there is a justification. The following can be considered as justification:

  • Your consent;
  • The implementation of a contract or pre-contractual measures;
  • Our legitimate interests, unless your interests outweigh them.


6.3 How can you revoke your consent?

If you have given us your consent to process your personal data for specific purposes, we will process your data within the scope of this consent unless we have other justification.

You can revoke your consent at any time and send an email to the address given in the legal notice. Data processing that has already taken place is not affected by this.


6.4 In which cases can we pass on your data to third parties?

a. Principle
We may be dependent on using the services of third parties or affiliated companies and commissioning them to process your data (so-called processors). Categories of recipients are:

  • Accounting, fiduciary and auditing companies;
  • Consulting companies (legal advice, taxes, etc.);
  • IT service providers (web hosting, support, cloud services, website design, etc.);
  • Payment service providers;
  • Provider of tracking, conversion and advertising services.

We ensure that these third parties and our affiliates comply with data protection requirements and treat your personal data confidentially.

Under certain circumstances we are also obliged to disclose your personal data to authorities.


b. Passing on to partners and cooperation companies

We sometimes work with different companies and partners who place their offers on our website. You can see that this is a third-party offer (marked as “advertising”).

If you take advantage of such an offer, we will transmit your personal data to the relevant partner or cooperation company (e.g. name, function, communication, etc.) whose offer you want to take advantage of. These partners and cooperation companies are independently responsible for the personal data received. After the data has been transmitted, the data protection regulations of the respective partner apply.


c. Visit our social media channels
We have embedded links to our social media channels on our website. This is clear to you in each case (typically via corresponding symbols). If you click on the symbols, you will be redirected to our social media channels.

In this case, the social media providers learn that you are accessing their platform from our website. The social media providers can use the data collected in this way for their own purposes. We would like to point out that we have no knowledge of the content of the transmitted data or its use by the operators.


d. Transfer abroad

Under certain circumstances, your personal data may be transferred to companies abroad as part of order processing. These companies are committed to data protection to the same extent as we are. The transfer can take place worldwide.

If the level of data protection does not correspond to that of Switzerland, we carry out a prior risk assessment and contractually ensure that the same protection as in Switzerland is guaranteed (e.g. by means of the EU Commission’s new standard contractual clauses or other legally required measures). If our risk assessment is negative, we will take additional technical measures to protect your data. You can access the EU Commission’s standard contractual clauses here.


6.5 How long do we keep your data?

We only retain personal information for as long as necessary to fulfill the individual purposes for which the information was collected.

Data that we store when you visit our website will be retained for twelve months. An exception applies to analysis and tracking data, which can be retained for longer periods.

We store contract data for longer because we are obliged to do so by legal regulations. In particular, we must store business communications, concluded contracts and booking documents for up to 10 years. If we no longer need such data from you to carry out the services, the data will be blocked and we will only use it for accounting and tax purposes.


6.6 How do we protect your data?

We will keep your information secure and take all reasonable measures to protect your information from loss, access, misuse or alteration.

Our contractual partners and employees who have access to your data are obliged to comply with data protection regulations. In some cases it will be necessary for us to pass on your requests to companies affiliated with us. Even in these cases, your data will be treated confidentially.


6.7 What rights do you have?

a. Right of providing information

You can request information about the data we have stored about you at any time. We ask you to send your request for information together with proof of identity to

You also have the right to receive your data in a common file format if we process your data automatically, and if

  • you have given your consent for the processing of this data; or
  • you have disclosed data in connection with the conclusion or processing of a contract.

We may restrict or refuse to provide information or data release if this conflicts with our legal obligations, legitimate own or public interests or the interests of a third party.

The processing of your application is subject to the statutory processing period of 30 days. However, we may extend this deadline due to a high volume of inquiries, for legal or technical reasons or because we need further information from you. You will be informed about the extension of the deadline in a timely manner, at least in text form.


b. Deletion and correction

You have the option to request the deletion or correction of your data at any time. We can reject the request if legal regulations require us to store it for a longer period of time or without changes or if there is a permit that conflicts with your request.

Please note that exercising your rights may conflict with contractual agreements and may have corresponding effects on the execution of the contract (e.g. premature termination of the contract or cost consequences).


c. Legal recourse

If you are affected by the processing of personal data, you have the right to enforce your rights in court or to submit a report to the responsible supervisory authority. The responsible supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner:


7. Individual data processing operations


7.1 Providing the website and creating log files

What information do we receive and how do we use it?

By visiting, certain data is automatically stored on our servers or on servers of services and products that we purchase and / or have installed for system administration purposes, for statistical or backup purposes or for tracking purposes. It is about:

    • the name of your internet service provider;
    • your IP address (under certain circumstances);
    • the version of your browser software;
      the operating system of the computer used to access the URL;
    • the date and time of access;
    • the website from which you are visiting URL;
    • the search words you used to find the URL.


Why are we allowed to process this data?

This data cannot be assigned to a specific person and this data is not merged with other data sources. The log files are stored to guarantee the functionality of the website and to ensure the security of our information technology systems. This is our legitimate interest.


How can you prevent data collection?

The data is only stored for as long as is necessary to achieve the purpose for which it was collected. Accordingly, the data will be deleted at the end of each session. The storage of log files is absolutely necessary for the operation of the website, so you have no opportunity to object to this.


7.2 Tracking pixels

How do tracking pixels work?

We may use web beacons on our website. Web beacons are also known as web beacons. Web beacons – including those from third parties whose services we use – are small, usually invisible images that are automatically retrieved when you visit our website. Web beacons can be used to collect the same information as server log files. We use them for the same purposes as log files – you cannot prevent data collection.


7.3 Evaluations

In some cases, your personal data is processed automatically in order to evaluate certain personal aspects.

We use such reviews in particular to provide you with targeted information and advice about certain services or products we offer. For this purpose, we use evaluation tools that enable us to communicate as needed and take appropriate advertising measures, including market and opinion research.


7.4 Contact


What information do we receive and how do we use it?

You have the option of contacting us by email. If you contact us by email, the following data will be processed:

  • E-mail address;
  • Content, subject and date of your email;
  • Contact details provided by you (e.g. name, telephone number if applicable, address).

Why are we allowed to process this data?

Your details will be stored by us in order to process your request and in case of follow-up questions. Pre-contractual measures or our legitimate interests in completing the request serve as justification.

Safety notice

We would like to point out that emails can be read or changed during transmission without authorization and without being noticed. The spam filter can be used to reject emails if they have been identified as spam by certain characteristics.


7.5 Success and reach measurement


How does success and reach measurement work?

Our notifications and communications may contain web links or web beacons that record whether an individual communication has been opened and which web links were clicked. Such web links and web beacons can also record the use of notifications and messages on a personal basis.


Why are we allowed to process this data?

We need this statistical recording of usage to measure success and reach in order to be able to offer notifications and messages based on the needs and reading habits of the recipients effectively and user-friendly as well as permanently, securely and reliably.


What information do we pass on to third parties and how is this data used?

Your data will be treated confidentially and will only be passed on to third parties as part of the contract processing and as necessary. In order to process the delivery of your order, your name and address must be sent to the carrier.

Ticket sales are processed by the third party provider. The payment and contact details you provide will be passed on to the freight forwarder for the purpose of processing payments and carrying out the dunning process. The freight forwarder works on our behalf and may not use the transmitted data for its own purposes.


7.6 Cookies


How do cookies work?

Our website uses cookies. Cookies are data sets that are stored on your device’s operating system using the browser when you access our website. Cookies do not cause any damage to your computer and do not contain viruses.


What information do we receive and how do we use it?

Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit. This allows us to save certain settings (such as language settings or location information) so that you do not have to re-enter them when you visit the website again.


Why are we allowed to use cookies?

We use cookies so that we can make our website more user-friendly, effective and secure. The use of cookies and the related processing of your data is based on our legitimate interests in the stated purposes.


How can you prevent data collection via cookies?

The cookies are stored on your computer. You therefore have full control over the use of cookies. You can delete these completely or deactivate or restrict transmission by changing the settings in your browser. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.


7.7 Google Analytics

On our website we use Google Analytics, a service provided by Google Ireland Ltd., Google Building Gordon House, Barrow St, Dublin 4, Ireland with headquarters at Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA, both together “Google”.


What data do we process?

Google Analytics is an analysis service for websites to collect information about the use of the website. In particular, the following information may be recorded:

  • IP address
  • Technical information such as browser, operating system or screen resolution
  • Interactions on the website
  • Duration of the visit
  • Time and date of the website access
  • Referrer URL


The IP address is anonymized by Google Analytics so that personal reference is no longer possible. When a visitor visits our website for the first time, Google Analytics can generate an identifier to recognize the visitor when they visit the website again. If you are logged in with your Google account, data processing can also take place across devices.


For what purpose do we process the data?

Your IP address is used to determine your approximate location. We can use the information gained from this to measure the relevance of our offers in different regions. We also use the IP address to determine where website visitors came to our website from. The technical information is processed so that the website can be viewed satisfactorily on any device. The interactions, duration, time and date are collected so that we can use this data to evaluate and optimize our marketing campaigns and offers. We can also use this data to determine how visitors interact with our website, i.e. which content is popular with which visitors. The referrer URL is processed for the purpose of measuring the effectiveness and analysis of various marketing channels.


Who do we pass on the data to?

The transfer of data by us is based on our statements on data transfer. Because Google is a transnational company, your data may be transferred by Google anywhere in the world. In particular, you may be transferred to Google’s headquarters in the USA. A country where legislation does not ensure adequate data protection.