Data Protection Statement

2. Basic principles of data processing

This data protection declaration describes how we process personal data, in particular which personal data we collect and for what purposes. It also governs the transmission of data, the retention period as well as your rights.

Personal data (hereinafter also referred to as data) means any information relating to an identified or identifiable natural person. The notion of data processing must be understood depending on the situation and includes any operation relating to personal data, whatever the means and processes used, in particular collection, conservation, use, modification, communication, archiving or destruction of data.

We collect and process personal data in order to carry out our professional tasks, in accordance with legal and contractual provisions. The collection, processing and use of personal data are subject to the legal provisions in force in Switzerland [1] and, where applicable, in Europe [2] .

We collect personal data in a transparent manner and in compliance with the principles of proportionality and finality. Data is only processed to the extent and for the duration necessary to fulfill our tasks and obligations.

4. What personal data do we process?

4.1 Contact data and general master data

Depending on the purpose of data processing, customer segment and service areas, we collect different types of personal data, including, in certain circumstances, sensitive data.

We process at least the following personal data for all contacts, interlocutors, contractual partners and customers:

• name, first name, email address and, where applicable, gender, address, telephone number, title, date of birth, nationality, profession, employer information, title, AVS number;
• electronic and written correspondence (mail).

Furthermore, depending on the purpose of data processing, customer segment and service area, we collect and process additional data in accordance with the descriptions set out in the following paragraphs :

4.2 Data relating to mandate management

For the management and administration of our mandates and for communication with our customers, we process the following personal data:

• Contact data and general master data according to ch. 4.1;
• For businesses:
  • Legal form, share capital and paid-up capital, year of foundation of the company, external auditor, turnover in Switzerland and abroad, annual turnover achieved by field of activity, register number ;
  • Branches : Branch location, company name, address, telephone, Internet, e-mail, language of correspondence;
  • Information on the workforce: professional areas, number of employees resp. of managers, percentage of positions;
• Financial information;
• Risk assessment data:
  • Extracts from the prosecution register;
  • Management and control of the company:
    • Data on natural persons / partners and members of management involved in the company: surname, first name, year of birth, nationality, function, percentage of votes, information on activity in the company;
    • Data on companies and foundations holding a stake in the company: company name, headquarters, domain, degree of participation;
    • Contact person data: surname, first name, date of birth, email and telephone;
  • Information relating to the engagement of people exercising a managerial function with third-party companies and, where applicable, surname, first name, company, sector of activity, function and occupancy rate of the position;
  • Data on participation reports
• Payment-related information;
• Data relating to mandates such as:
  • statutes, minutes, contracts,
  • data on employees (salary, social insurance),
  • accounting and tax information,
  • sensitive personal data [such as data relating to the receipt of social assistance, prosecutions or bankruptcies].

These data are mainly processed in the context of services in our field of activity [auditing, consulting, taxes, salary processing or accounting]. This mainly concerns data relating to our customers. But they may also concern third parties, such as employees, contact persons or people who have a (contractual) relationship with our customers. Our customers can therefore also refer to this data protection declaration, but they must take measures to comply with data protection law.

Data processing is used for the management and administration of mandates, creditworthiness checks, prevention of conflicts of interest and quality control. It also meets legal and contractual requirements.

As a rule, data is communicated and made available directly by customers. However, depending on the nature and scope of the mandate, they may also come from authorities, courts or third parties. In certain circumstances, data may also be collected directly from the employer of the data subject.

4.3 Data for mailings and newsletters

For sending information about events, publications, etc. (for marketing purposes) as well as for sending newsletters, we process the following personal data:

• Contact data and general master data according to ch. 4.1;

This data is necessary for the provision of the service, for communication or for the management of our customer base. Information relating to marketing, mailings and newsletters is also subject to statistical analysis in order to constantly improve our services. You can object to the use of your personal data for marketing purposes or unsubscribe from the newsletter at any time.

4.4 Data for the organization and execution of events

The following personal data is processed for the organization and execution of events:

• Contact data and general master data according to ch. 4.1;
• Information about the employer (such as company name, address, email address), participants and speakers;

4.5 Data related to direct communication

(telephone, email or chat, online meetings, video conferences and/or webinars, etc.)

The online meetings, videoconferences and/or webinars that we organize are carried out using Zoom. For direct communication by telephone, e-mail, through a collaboration solution or chat, we, and if necessary our corresponding service providers, may process the following personal data:

• Contact data and general master data according to ch. 4.1;
• Other personal data contained in the email;
• Data relating to communication such as IP address, time and duration of communication;
• Videoconference recordings, if necessary;

We process this personal data in order to provide and improve our services to our customers and other interested third parties.

4.6 Personnel data

The following data is processed for personnel management:

• Contact data and general master data according to ch. 4.1;
• Data relating to social insurance / AVS number;
• Information about children;
• Information about the position within our company, such as date of hire, position, salary, employment contract;
• Information relating to the application such as cover letter, CV, work certificates, diplomas, job interview evaluation, assessments, references;
• Financial information and banking details;
• For employees taxed at source: confession, residence permit, information on other professional activities, income acquired as compensation and information on the partner;
• Information on the periodic assessment interview;
• Time and vacation registration;
• Information on illnesses, accidents, maternity or paternity leave, military service or civil protection;
• Extracts from the criminal record and/or the prosecution register;

Application files that do not result in employment are deleted/destroyed at the end of the application procedure, unless we have obtained permission to retain them.

The data is used for correct processing in the field of human resources, for the execution of the contractual relationship (employment contract) and is mainly provided by employees.

4.7 Suppliers and other contractual partners

We process the following personal data of business partners who perform services or deliveries for us:

• Contact data and general master data according to ch. 4.1;
• Financial information such as bank details;
• Information available in the contract (such as data on responsible employees, advisors, information on the service provided, etc.);

We process this data in execution of a contract and in application of legal retention periods under commercial and tax law. If our contractual partners have access to our personal data as part of the execution of their mission [p. ex. IT companies], we conclude a corresponding subcontracting agreement with them.

4.8 Operation, improvement and control of the website, other electronic channels

4.8.1 Server log files

Our website can be used without the need to disclose extensive personal data. However, the server collects information about the user during each consultation. These are temporarily saved in server log files. However, it is not possible to attribute this information to a specific person. Log files contain the following information:

• the date, time of access and quantity of data,
• the browser used and the operating system,
• the domain name of the provider,
• the page from which you arrived on our site (Referred-Url),
• the search query,
• the IP address.

The collection of this data is technically necessary: ​​it serves the stability and security of the website and is used to analyze the use of the website and improve it. They also enable precise monitoring in the event of suspected illegal use of our website.

4.8.2 Cookies

Our website uses cookies and similar technologies. If your device settings allow it, we use cookies and similar tools to provide you with an optimal browsing experience on our website.

Cookies are text files that are stored on your computer and which enable your use of the website to be analyzed. They facilitate the presentation of our website and help you navigate our site. Cookies collect data such as:

• the IP address,
• the website from which you visit us,
• the type of device you are using,
• how you use our search function (so-called Search-Log),

Further information on the use of cookies can be found in the information on the use of web analysis tools (sections 7.1 to 7.3).

It is also possible to visit our website without cookies, by setting the browser to prevent the storage of cookies. However, this setting may restrict the possibilities of using the website. Under no circumstances do we use cookies to install malware or spyware on your computer.

4.9 Guarantee of security, compliance with legal obligations and exercise of claims

We may process the above-mentioned personal data in order to guarantee security and assert your rights, if necessary, and, for this purpose, transmit them to third parties such as courts or offices.

5. Data entry, retention period, security measures

5.1 Data entry

As a general rule, we obtain the personal data mentioned in point 4 directly from you from the moment you benefit from one of the services. In certain circumstances, data may also be collected directly from the employer of the data subject.

However, in the case of mandates, the data may also come from authorities, courts or third parties, depending on the nature and scope of the mandate.

We also use publicly available information in the media and on the Internet to the extent that this is indicated in a concrete case (e.g. as part of an application, when selecting teachers and speakers). , as well as data relating to the use of the website (see section 4.8).

5.2 Retention period

We retain personal data for as long as it is necessary for the purposes for which it was collected, for legal or contractual retention periods, and for as long as we have an overriding interest in retaining it. The data is then deleted.

5.3 Data security

We take appropriate technical and organizational security measures to protect personal data against unauthorized access and misuse. These measures include IT and network security solutions, access restrictions, encryption of data carriers and their transmission, instructions, training and controls.

The data is saved in the applications and software we use. The data is saved on servers located in Switzerland. If the data is saved abroad (Teams, logs, etc.), the rules set out in point 7 apply.

If third parties have access to our data, special measures, which are governed by the subcontracting contract (see section 8), are taken.

6. Social Media Networks

Our website uses sharing buttons to enable you, by clicking, to use third-party social plug-ins, e.g. ex. Twitter or LinkedIn. We therefore enable visitors to our website to share content on the respective social media networks. When you click on a share button, usage data is transmitted to the corresponding social media provider.

The plug-ins are identified by the provider’s logo. The content of the plug-in is transmitted directly to your browser by the provider and linked to the website. By linking the plug-ins or opening the corresponding channel via the link, the provider receives the information that you have visited our website. If you are connected to the service provider at the same time, the service provider can associate the visit with your profile. If you interact with the plugins, e.g. ex. by clicking on the button or leaving a comment, the corresponding information is transmitted directly from your browser to the provider and saved there.

We (additionally) refer to our respective social media networks by means of links. This is only a static referral to the channel in question. When you connect to our social media networks, we receive information that is stored in your profile (contact information) and possible information on the profiles of your friends.

You will find the purpose and scope of the data collection and the further processing of your data by the provider, as well as your related rights and setting options to protect your privacy in the data protection information providers.

• Facebook Ireland Ltd. resp. Facebook Inc: https://www.facebook.com/policy.php
• LinkedIn Corporation:  https://www.linkedin.com/legal/privacy-policy»
• Google Ireland Limited resp. You Tube: https://policies.google.com/privay

7. Tracking Technologies and Third Party Tools

7.1 Google Analytics

This website uses “Google Analytics”, a website analysis tool of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses “cookies”, i.e. text files which are stored on your computer and which enable your use of the website to be analyzed. The information generated by the cookie about your use of our website is generally transferred to and stored on a Google server in the United States.

If you activate the anonymization of your IP address on our website, this address will be abbreviated by Google in Switzerland, in member states of the European Union (EU) or in other contracting states. on the European Economic Area. This means that no identification of your identity is possible.

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to analyze your use of the website, to compile reports on website activity and to provide us with other services relating to the use of the website. and the Internet.

You can prevent the storage of cookies by setting your browser accordingly. However, we would like to point out that in this case not all functions of our site may be fully available.

In addition, you can prevent the transfer to Google of data generated by cookies and data relating to your use of the site (including your IP address), as well as the processing of this data by Google, by downloading and installing the plug -in browser available.

You can also prevent the collection of data by Google Analytics by installing an opt-out cookie which will prevent your data from being recorded the next time you visit our website: deactivate Google Analytics .

Further information on this can be found at https://marketingplatform.google.com/about/analytics/terms/en/ and on data protection at https://marketingplatform.google.com/about/ .

7.2 Google Maps

For our website we use Google Maps (API) from Google Inc. (1600 Amphitheater Parkway, Mountain View, California, USA; of which Google Limited Ireland “Google” is responsible for Europe). Google Maps is a web service that offers interactive maps allowing the visualization of geographic information. Using this service allows us to locate our offices and facilitates possible travel.

As soon as you visit pages in which Google Maps is integrated, information about your use of our website (such as your IP address) will be transmitted to Google servers in the USA and stored there. This transfer takes place regardless of whether or not you have a user account provided by Google and whether you are logged in. When you are logged in to Google, your data is directly assigned to your account. If you do not want your profile to be associated with Google, you must log out before activating the button. Google saves your data (even those of users who are not logged in) as usage profiles and evaluates them.

Regarding the transfer of data to the United States, Google has committed to signing and respecting the EU standard contractual clauses.

In the future, if you do not want the data collected during your use of Google Maps to be transmitted to Google, it is possible to deactivate Google Maps completely by deactivating the JavaScript application in your browser. It is therefore no longer possible to use Google Maps and therefore the display of maps on this website.

Additional terms of use for Google Maps can be found at https://www.google.com/intl/fr_US/help/terms_maps.html

You will find detailed information on data protection in connection with the use of Google Maps under: http://www.google.fr/intl/fr/policies/privacy/.

7.3 Use of plug-ins

7.3.1 Plug-in Facebook

Our website uses “social plug-ins” from the social network Facebook, operated by “Facebook” (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland). These plug-ins can be identified by the Facebook logo or the words “Facebook Social Plugin” or “Facebook Social Plugin” .

If you visit a page of our website that contains such a plug-in, your browser establishes a direct link to the Facebook servers. The content of the plug-in is transmitted directly by Facebook to your browser and linked to the page. Via this link, Facebook is informed that your browser has visited the corresponding page of our website, even if you do not have a Facebook profile or are not logged in there. This information (including your IP address) is transmitted by your browser directly to a Facebook server located in the United States and stored there. If you are connected to Facebook, it can directly associate the visit to our site with your Facebook profile. If you interact with the plugins, e.g. ex. by pressing the “Like” button or leaving a comment, this information is also transmitted directly to a Facebook server to be saved there. Additionally, this information is published on your Facebook profile and your Facebook friends can see it. You will find the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your related rights and setting options to protect your privacy in the Facebook data protection information.

If you do not want Facebook to associate the data collected via our website directly with your Facebook profile, you must log out of Facebook before visiting our website. You can also block the download of Facebook plug-ins by using add-ons in your browser.

7.3.2 Plug-in LinkedIn

Our website uses functions from the LinkedIn network. The service provider is LinkedIn Ireland Unlimited, Company Wilton Plaza, Wilton Place, Dublin 2 Ireland. Each time a page of our site containing LinkedIn functions is viewed, a connection to the LinkedIn servers is established. LinkedIn is informed that you have visited one of our pages via your IP address. If you click on the “Recommend button” and are logged into your LinkedIn account, LinkedIn can then link your visit to our website to you and your user account. Further information can be found in the LindedIn privacy policy …