Responsible for the data processing, which we describe here, are the contacts listed below. If you have concerns regarding data protection, you can contact us at the following address:
Sickingerstrasse 10 3014 Bern
Ph. +41 31 370 22 20
Data Protection Officer
We have appointed a data protection officer in our firm. You can contact him via email at: firstname.lastname@example.org
Collection and Processing of Personal Data
We primarily process the personal data that we receive through our website or other applications or in the context of the business relationship with our customers and other business partners from these and other individuals involved.
We primarily collect personal data directly from you. In certain circumstances, we receive personal data about you from third parties. This information can fall into the following categories:
¬ Information from publicly available sources (e.g. media, Internet)
¬ Information from public registries (e.g. trade register, debt collection register, land register)
¬ Information in connection with regulatory and judicial procedures
¬ Information relating to your professional functions and activities
¬ Information about you in correspondence and meetings with third parties
¬ Creditworthiness information (as far as we conduct personal business with you)
¬ Information about you provided by people from your environment, so that we can conclude or handle contracts with you (e.g. references, your delivery address, authorizations, information on compliance with legal requirements, information from banks, insurances, sales and other contractual partners)
¬ Information about you from the media and the Internet (as far as this is necessary in the specific case, e.g. in the context of a job application, press review, marketing, sales, etc.)
¬ Data related to the use of the website (e.g. IP address, MAC address of the smartphone or computer, details of your device and settings, cookies, date and time of visit, pages and content accessed, features used, the website that directed you to our website, location information).
Purposes of and Legal Bases of Data Processing
We process your information only for defined purposes and only in cases in which the law permits us to do so. In the following, you will find the individual data processing operations on our website as well as the purposes and legal bases for data processing. The following reasons can serve as a legal basis: ¬ Your consent; ¬ The execution of a contract or precontractual measures; ¬ The fulfilment of legal provisions; ¬ Our legitimate interests as long as your interests and fundamental rights do not override ours; ¬ Safeguarding your vital interest or those of another individual or the execution of a task carried out in public interest; ¬ Other relevant legal bases. You will find a reference to the relevant legal basis in the given act of data processing. If you have given us permission to process your personal data for specific purposes, we process your personal data within the framework of and on the basis of this consent unless we do not have another legal basis for doing so. Consent can be withdrawn at any time, but this has no effect on data already processed.
In the context of providing our services as well as the website, we may have to rely on third-party services in certain circumstances. In this context, it is possible that we will charge a third party with the processing of personal information. In such a case, we ascertain by contract that this third party will fulfil the requirements of data protection. In certain circumstances, we might also be obliged to release your data to the authorities or other third parties. We only pass on your personal data when you of the following conditions applies: ¬ You have given your consent; ¬ There is a legal obligation; ¬ It is necessary for the exercising of our rights, in particular for the execution of demands stemming from a contractual relationship; ¬ It is necessary for the fulfilment of the contract or the execution of pre-contractual measures; ¬ In case we have a legitimate interest in doing so and your opposing interests do not override ours; ¬ In cases in which there is another form of legal basis for the data transfer. Under certain circumstances, your personal data may be passed on to companies abroad. These companies, however, are bound by the same data protection standards as us. In case the level of data protection in the country where the recipient company is based does not correspond to the level of data protection in Switzerland or the European Union, we will ensure by means of a contract that data protection standards equivalent to those of Switzerland or the European Union will be adhered to. This may be achieved by means of adopting standard data protection clauses of the European Commission or a supervising authority, an accredited and approved code of conduct in combination with binding and enforceable obligations on the side of the recipient or the accredited certification mechanisms in combination with binding and enforceable obligations on the side of the recipient. In case of data being transmitted to a company based in the US, we will ensure that the company in question is certified according to the Swiss or the EU-US Privacy Shield agreement to ensure that the high level of data protection in Switzerland and the EU is guaranteed. If a certification is lacking, we will ascertain the necessary guarantees by contract.
We only retain your personal data for as long as it is required in order to fulfil the purposes for which the data was collected in the first place. We retain contractual data for a longer period of time as we are obliged to do so by law. Such retention obligations are dictated by the codes relating to mandatory reporting, financial reporting and tax law. According to these codes, business communications, finalized contracts and accounting records need to be kept for a period up to 10 years. Whenever we do not require such information for the provision of our services, this data will be blocked. In such a case, we only use the data for invoicing and tax-related purposes.
We take data security very seriously and take appropriate technical as well as organizational security measures in order to protect your personal data from accidental or intended manipulation, loss, destruction or unauthorized access by third parties. We continually improve our security measures in keeping with technological developments. The SSL procedure (Secure Socket Layer) is used for the transmission of data on our website in connection with the highest encryption level of your browser. You can recognize that a page of our website is transmitted securely if the symbol of a closed lock appears in the status bar of your browser.
Obligation to provide certain personal data
In certain circumstances, you might be obliged to provide personal data in order to enter into a business relation. This includes personal data necessary for the initiation and realization of a business relationship and the fulfilment of relevant contractual obligations. Without this data, we generally will be unable to enter into or execute a contract with you (or the entity or person you represent). Also, the website cannot be used if certain data traffic security information (such as IP address) is not disclosed.
In part, the processing of your personal data will be automated with the aim to evaluate certain things about an individual (so-called profiling). In particular, we use profiling to provide you with targeted information and advice on products. For this purpose, we use evaluation tools that enable us to communicate with you and advertise as required, including market and opinion research.
You have the right to request information about which of your personal data is retained. Additionally, you can demand the rectification of false data or request the deletion of personal data as long as regulations about the retention of data or a legal basis that allows for the processing of the data do not apply. Moreover, in certain circumstances you may have the right to restrict the processing of your personal data or object to your data being processed altogether. You have the additional right to receive the personal data concerning you which you have previously provided to us (the right to data portability). You have the right to receive the data in a common file format. We have already informed you about your right to revoke your consent above as well as in the relevant data processing operations. We advise you that legal restrictions may impact the exercising of your rights. We reserve the right to enforce these restrictions, e.g. when we are obliged to retain or process certain data or have an overriding interest in doing so (as long as we are allowed to invoke these interests) or require the data for the enforcement of claims. Please note that the exercising of your rights may be in conflict with contractual obligations in certain cases and thereby may impact the fulfilment of the contract (e.g. premature termination of the contract or financial consequences). Wherever this is not already regulated in the contract, we will notify you in advance. The exercising of your rights presupposes that you can prove your identity (e.g. with a copy of your ID card if your identity cannot be confirmed by other means). If this would incur costs for you, we will notify you in advance. If you are the subject of the processing of personal data, you have the right to enforce your rights in a court of law or to submit a complaint with the relevant regulatory authority. The relevant authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
Individual Data Processing Operations
Provision of the Website and the Creation of Logfiles
If you visit our website, the provider of the pages automatically collects and retains information in so-called Server Logfiles, which are sent to us by your browser. These are: ¬ Name of the server ¬ IP address ¬ Operating system ¬ Device type ¬ Name and version of the browser ¬ Date and time of the server request This data cannot be assigned to a particular person and no collection of this data with other data sources occurs. The saving of the logfiles ensures the functionality of the website and the security of our IT systems. Our legitimate interest in this matter accords with Article 6, Paragraph 1, Letter f of the GDPR. Data will only be retained as long as they are required for the fulfilment of the purpose for which they were collected in the first place. In accordance with this, the data will be deleted after the termination of each session. The saving of the logfiles is necessary for the running of the website, which is why you do not have the opportunity to file an objection against it.
Right to Object
You can get in touch with us with the help of the electronic contact form on our website. In doing so, the data required by the form, such as name, email address etc. will be sent to us and retained.
The data provided by you in this context will only be used for the solving of your query. The legal basis for this operation are the precontractual measures in accordance with Article 6, Paragraph 1, Letter b of the GDPR as well as our justified interest in the solving of the query in accordance with Article 6, Paragraph 1, Letter f of the GDPR.
We retain your data only as long as required for the solving of your query or as long as we are obliged by law to retain your data.
Contact via email. You have the opportunity to contact us by sending us an email. If you choose this avenue of communication, the following data will be processed:
¬ Email address
¬ Content of your email
¬ Subject of your email
Contact data provided by you (e.g. first name, last name, phone number and address if applicable) The data you provide will be retained for the purpose of solving your query and in case of follow-up questions. The legal basis for this operation according to Article 6, Paragraph 1, Letter b of the GDPR are pre-contractual measures or our legitimate interest in the solving of the query according to Article 6, Paragraph 1, Letter f of the GDPR. We retain your data only as long as required for the solving of your query or as long as we are obliged by law to retain your data. We advise you that emails can be read or changed without detection during transmission. Emails can be rejected by the spam filter if they exhibit certain characteristics that result in their categorization as spam.
Distribution of the Newsletter