Data Privacy Statement
Weber schaub ltd (hereinafter weber schaub & partner, we or us) attaches great importance to the privacy of the individuals whose data it processes and is committed to the protection of this personal data – i.e. all information on the basis of which someone can be identified as an individual person.
With this Data Privacy Statement we therefore would like to inform you about
- who is responsible for the processing (controller) of personal data (Section 2);
- which personal data is collected and processed (Section 3);
- how and from whom the personal data is collected and processed (Section 4);
- the purpose and the legal grounds for our processing of personal data
- to whom we transfer the personal data (Section 6);
- how long we retain the personal data (Section 7); and
- what your rights as a data subject (affected person) are (Section 8).
While collecting, processing, transferring and retaining personal data, we and our employees not only comply with this Data Privacy Statement but also with the applicable data protection provisions – mainly the Swiss Data Protection Act (DPA) and its ordinance. Since we also maintain business relationships with partners established in the European Union (EU) or in the European Economic Area, we have aligned our Data Privacy Statement with the requirements according to the EU General Data Protection Regulation (GDPR).
If you provide us with personal data of other persons (such as employees, family members, work colleagues), please make sure the respective persons are aware of this Data Privacy Statement and only provide us with their data if you are allowed to do so and if such personal data is correct.
2. Controller of the Data Processing
The controller (i.e. the responsible person) of the data processing as described in this Data Privacy Statement is weber schaub & partner unless indicated otherwise. If you have concerns regarding data protection, you can contact us via e-mail (firstname.lastname@example.org) or via postal service to the following address: weber schaub & partner ag, Mühlebachstrasse 2, Postfach 22, 8024 Zurich.
3. Collection and Processing of Personal Data
We primarily process personal data that we obtain in the course of our relationships with our clients and their employees, from authorities, courts as well as further third parties (such as counterparties and business partners of our clients). Certain personal data we also collect if you use our website (weber-schaub.ch) or – as far as indicated and permitted – from publicly accessible sources (e.g. internet, press, debt registers, land registries or commercial registers).
The categories of personal data that we collect and process include amongst others
- personal (contact) information as name, sex, date of birth, address, telephone number, country or place of residence and religion (the latter mainly in connection with tax declarations) as well as health data in the course of an estate planning or inheritance dispute;
- personal data in connection with communication such as correspondence with you or business partners by letter, e-mail, telephone or other means of communication;
- information about you that we obtain from your personal environment (family, advisors, deputies, persons entrusted with another's care and other representatives etc.);
- occupational and tax data such as contact details of your employer, salary and estate details or information about occupational functions and activities as well as (if need be) solvency checks if we personally transact business with you;
- information from banks, insurances and other business partners of us for service processing (e.g. debt collection);
- automatically transmitted or collected personal data in connection with the use of our website (e.g. date and time of use, previous and accessed page, IP address, data on the browser used, device identification, current location, insofar as this information has been released);
- information about you in the media and the internet (as far as necessary in the individual case, e.g. in the course of a job application, press review, marketing) and possibly your interests and other socio-demographic factors (for marketing).
4. Purposes of Processing and Legal Grounds
We primarily use collected personal data for identification purposes and in order to conclude and process our contracts with you and business partners, in particular in the course of legal and tax advice. We also process personal data while benefiting from services of our auxiliary persons (in particular legal and tax adivsors/experts in Switzerland and abroad) and purchasing products from our distributors. The processing of personal data also serves to fulfil our legal obligations in Switzerland and abroad. If you work for one of our customers or business partners, you may also be affected in this function with your personal data.
In addition, we process personal data of customers and other persons, as far as it is permitted and appears to be indicated to us, also for the following purposes in which we (and sometimes also third parties) have a legitimate interest corresponding to the purpose:
- developing our services, products and website, and other means of communication, on which we are active;
- communication with third parties and the processing of their requests (e.g., reference inquiries);
- advertising and marketing (including organizing events), provided that you have not objected to the use of your personal data for this purpose (if you are part of our customer base and you receive our advertisement, you may object at any time and we will place you on a list against further advertising mailings);
- asserting legal claims and defense in legal disputes and official proceedings;
- ensuring our business operations, in particular our IT, our website, and other platforms;
- possible corporate transactions and the transfer of personal data related thereto as well as measures for business management and compliance with legal and regulatory obligations as well as internal regulations of weber schaub & partner.
If you have given us your consent to process your personal data for certain purposes (for example for rendering an offer or by filling out a contact form), we will process your personal data within the scope of and based on this consent, unless we have another legal basis and require to have one. Consent given can be withdrawn at any time, but this does not affect data processed prior to withdrawal.
In general, there is no statutory requirement to provide us with your personal data. However, in the context of our client/business relationship, you frequently must provide us with any personal data that is necessary for the conclusion and performance of a business relationship and the performance of our contractual obligations. Without this information, we will usually not be able to enter into or carry out a contract with you (or the entity or person you represent). In addition, the website cannot be used unless certain information is disclosed (e.g., IP address) or certain functions are activated (e.g., cookies).
5. Use of our Website: Cookies, tracking and other technologies
We use Google Analytics or similar services on our website. These are services provided by third parties, which may be located in any country worldwide (it is the U.S. in the case of Google Analytics Google LLC, www.google.com) and which allow us to measure and evaluate the use of our website (on an anonymized basis). For this purpose, permanent cookies are used, which are set by the service provider. The service provider does not receive (and does not retain) any personal data from us, but the service provider may track your use of the website, combine this information with data from other websites you have visited and which are also tracked by the respective service provider, and may use this information for its own purposes (e.g., controlling advertisements). If you have registered yourself with the service provider, the service provider will also know your identity. In this case, the processing of your personal data by the service provider will be conducted in accordance with its own data protection regulations. The service provider only provides us with data on the use of the respective website (but not with any personal information on you).
6. Disclosure of Personal Data
In the context of our business activities and in line with the purposes of the data processing set out in Section 4, we may transfer your personal data to third parties, insofar as such a transfer is permitted and we deem it appropriate. Grounds for such a transfer primarily are that third parties process your personal data for us or require them for their own purposes. In particular, the following categories of recipients may be concerned:
clients and affiliated companies and their counterparties in Switzerland and abroad;
other parties of potential or actual legal or tax proceedings;
domestic and foreign authorities or courts as well as arbitral tribunals, distributors and auxiliary persons of us (such as in particular legal and tax advisors in Switzerland and abroad);
service providers of us, including data processors (e.g. IT providers);
possible opposing parties or parties interested in connection with corporate transactions;
· other parties in possible or pending legal proceedings;
(all together “Recipients”).
These Recipients may be within Switzerland but they may be located in any country worldwide. In particular, personal data may be transferred to countries, in which our clients, their affiliated companies or business partners and service providers are located. If we transfer personal data to a country without adequate legal data protection, we ensure an appropriate level of protection as legally required by way of using appropriate contracts (in particular on the basis of the standard contract clauses of the European Commission) or binding corporate rules or we rely on the statutory exceptions of consent, performance of contracts, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the persons concerned. You can obtain a copy of the above-mentioned contractual guarantees at any time from the contact person named under Section 2 above. However, we reserve the right to redact copies for data protection reasons, reasons of secrecy or to produce excerpts only.
7. Retention and Security of Personal Data
We retain your personal data in Switzerland and have enacted appropriate technical and organizational security means in order to protect them from unauthorized access and misuse (e.g., IT and network security solutions, encryption of communication or data carriers, issuance of instructions and implementation of training). We store your personal data as long as required for the performance of our contractual obligations and compliance with legal obligations or other purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, during the performance of a mandate until it is terminated) as well as beyond this duration in accordance with legal retention and documentation obligations. As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymized, as far as possible. In general, shorter retention periods, of no more than twelve months, apply for operational data (e.g. system logs).
8. Your Rights as a Data Subject
Your rights as a data subject (affected person) arise out of the data protection law applicable to your case. In accordance with the Swiss Data Protection Act you have the right to access, rectify, suspend and erase your personal data as well as the right to restrict the data processing. If the GDPR is applicable, you have the additional rights to object to our data processing or to receive certain personal data for transfer to another controller (data portability).
However, statutory restrictions exist on our part regarding these rights if we, for example, are obliged to retain or process certain data, have an overriding interest (insofar as we may invoke such interests) or need the personal data in order to assert claims. Therefore, we reserve the right to refer to such statutory restrictions. If exercising certain rights incurs costs for you, we will notify you thereof in advance.
We have already informed you of the possibility to withdraw consent in Section 4 above. Please note that the exercise of these rights may be in conflict with your contractual obligations and this may result in consequences such as premature contract termination or involve costs for you. If this is the case, we will inform you in advance unless it has already contractually been agreed upon.
In general, exercising your rights requires that you are able to unambiguously prove your identity (e.g. by a copy of identification documents when your identity is not evident otherwise or cannot be verified in another way). In order to assert these rights, please contact us at the addresses provided in Section 2 above.
In addition, you have the right to enforce your rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch).
We may amend this Data Privacy Statement at any time without prior notice. The current version published on our website shall apply. If the Data Privacy Statement is part of an agreement with you, we will notify you by e-mail or other appropriate means if there is an amendment.