Privacy statement

A. Responsible person

IFBC AG, Riedtlistrasse 19, 8006 Zurich, Switzerland (“IFBC”) is responsible for the processing of personal data and therefore the person responsible in accordance with this privacy policy. The person responsible for data protection at the above postal address, by e-mail to datenschutz@ifbc.ch or can be reached by telephone at +41 43 255 14 55.

B. Personal data and terms

Personal data is information relating to a specific or identifiable (i.e. identified or identifiable) natural person, such as name, address, telephone number, email address, date of birth, etc. (“personal data”).

Any handling of personal data, regardless of the means and procedures used, in particular the collection, procurement, storage, use, processing, disclosure, archiving or deletion of data, is considered processing (“processing” or “processed”).

Contract processor is a natural or legal person, authority, agency or other body that processes personal data on behalf of the person responsible (“processor”).

C. Procurement of personal data

You or the persons concerned provide us with some of the personal data yourself by providing it to us, using our services or contacting us by e-mail or telephone. This includes, for example, name, contact details, date of birth, professional function, etc. We also process personal data that we receive from job applicants. We may also collect personal data ourselves, e.g. when you or the company for which you work make use of our services, or we extract data from publicly available sources (e.g. debt collection registers, land registers, commercial registers, press, Internet, media, social media) (e.g. information from media and Internet, credit information, your addresses and, if applicable, interests and other socio-demographic data). We may also receive data from other companies, from authorities and other third parties (credit agencies, address dealers) or your environment, or when they use our website (see point I). We collect the data mentioned in this paragraph for the purposes set out in point D, unless otherwise referred to.

If you have given us consent to process your personal data for specific purposes (for example when you register to receive newsletters), we will process your personal data within the limits set and based on this consent. If necessary, we can also base the processing of personal data on other legal bases. This includes the fulfilment of a contract, implementation of pre-contractual measures or the protection of further legitimate interests (cf. lit. D).

If you are acting on behalf of a third party or provide us with information about a third party, you represent that you are an authorized representative or agent of that third party and/or that you have obtained all necessary consents from that third party to collect, process, use and disclose their personal information to us or by us in accordance with the terms of this Privacy Policy.

D. Purpose of processing

In particular, we use personal data to fulfill the purposes of our organization, to perform our services and to initiate and process agreements with our customers and business partners, and to comply with our legal obligations. If you work for our customers or business partners, your personal data may also be affected in this function.

In addition, we also process personal data from you and other persons for the following purposes, as far as is permitted and appears appropriate to us:

E. Retention period

Insofar as no express storage period is specified at the time of collection or in this privacy policy, we process and store personal data until it is no longer required to fulfill the purpose, unless legal storage obligations (e.g. commercial and tax storage obligations) preclude deletion. It is possible that personal data may also be stored for the time during which claims can be made and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes).

F. Rights of the person concerned

A given consent can be withdrawn at any time, but this has no effect on data processing that has already been carried out. In addition, depending on the circumstances and applicable data protection law, you have in particular the right to information, correction, deletion or restriction of processing of personal data, the right to object to processing and to portability (data portability). Please note that the exercise of these rights may conflict with contractual agreements and this may have consequences such as early termination of the contract or cost consequences. In this case, we will inform you in advance where this is not already contractually agreed. We are also entitled to assert the statutory restrictions on your data subject rights, for example if we are obliged to store or process certain data, have an overriding interest in doing so, or need them to assert claims.

Every data subject also has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

With regard to your rights and further questions, suggestions and comments on the subject of data protection, please contact the person responsible for data protection using the contact details given above (see point A).

G. Safety

We take appropriate measures to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, or destruction. For this purpose, we use appropriate technical and organizational measures. However, we cannot guarantee the absolute security of the data.

Unless otherwise agreed, we assume no liability for breaches of these safety regulations, unless they are intentional or grossly negligent.

H. Data transfer

As part of our business activities and for the purposes mentioned above, we also disclose personal data to third parties, to the extent permitted and appropriate, whether because they process data for us or because they use the data for their own purposes. This concerns in particular the following positions:

In this context, your personal data may be stored in Switzerland as well as in other countries in Europe and the USA, where the service providers we use (such as Microsoft) are located. If personal data is processed outside Switzerland or the European Economic Area, we take the steps required by applicable data protection law to ensure that your personal data is treated as securely and securely as in Switzerland or within the European Economic Area, unless we can rely on an exemption provision. An exception may apply to legal proceedings abroad, but also in cases of overriding public interests, if the execution of a contract requires such notification or if you have given your consent.

I. Data processing through use of the website

During your visit to the website, general information is automatically collected (e.g. date of your visit, time zone, type of web browser and its settings, version and language, your IP address, MAC address of the device (e.g. computer or mobile phone), the operating system used, content retrieved and the domain name of your Internet service provider). We use this data for marketing and administrative purposes and to ensure the functionality of the website. This data is also required to correctly provide and optimize the content of the website, to ensure the long-term functioning of our IT systems and the website, and to provide law enforcement authorities with the information they need for criminal prosecution in the event of a cyber attack.

1. SSL encryption

This website uses SSL encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection when the browser's address line changes from “http://” to “https://”.

2. Server log files

The provider of this website automatically collects and stores information in so-called “server log files”, which your browser automatically transmits to us. In particular, the information listed under point I above is transmitted.

3. Use of cookies

3.1 Definition
Cookies are small files that are stored on your device when you use our website.

3.2 Necessary and unnecessary cookies
Necessary cookies are files that are sent to the browser on your computer's hard drive so that the website works and we can offer you certain functions. They do not require the consent of the users of the website.

With the help of cookies that are not necessary, we collect information about visits to the website. We also use unnecessary cookies to improve the usability of the website, for example to adapt our offer to customer requirements and to make browsing the website as convenient as possible for you. We also use cookies to optimize our advertising. Depending on applicable law, cookies that are not necessary require the consent of users of the website.

3.3 Session cookies and persistent cookies
So-called “session cookies” are automatically deleted at the end of your visit. For example, we may use session cookies to save online forms or language settings that have already been completed across different pages of an Internet session. We also use persistent cookies. These remain stored on your device after the end of the browser session until you delete them. When you visit our website again, it will automatically recognize which inputs and settings you prefer. Depending on the type of cookie, these cookies remain stored on your device for a certain period of time (e.g. two years) and are automatically deactivated after the programmed period has elapsed. They are used to make our website more user-friendly, effective and secure. Thanks to these cookies, for example, you will be shown information on the page that is specifically tailored to your interests.

3.4 Activating, Deactivating and Deleting Cookies
All web browsers have the option to activate, deactivate, or delete the use of cookies by configuring the browser settings or options accordingly. If cookies are completely or partially deactivated or deleted, all functions of the website may no longer be available.

3.5 Cookies and personal data
Apart from IP addresses (which themselves do not necessarily represent personal data in full form), the cookies we use do not store any personal data. However, personal data that we or third-party providers commissioned by us store about you (e.g. if you have a user account with us or these providers) may be linked to the technical data or with the information stored in and obtained from cookies and thus possibly with your person.

4. Integration of Google services

On our website, we use services from Google: maps and web fonts. Google is based in Ireland. Google Ireland relies on Google LLC (based in the USA) as an order processor (both “Google”). Although we can assume that the data that Google retrieves and stores when using our website is not personal data, it is possible that Google can draw conclusions about the identity of visitors from this data in conjunction with data specifically collected by Google for its own purposes and link this data to the Google accounts of these people. If you have registered yourself with Google, Google may also be able to recognize you. Google is then responsible for processing your personal data in accordance with its privacy policy. For further information on data protection (in particular the scope, type and purpose of data processing), we refer to the relevant Google privacy policy.

When using Google Analytics, we can measure and evaluate (non-personal) use of the website. Permanent cookies, which Google itself sets, are used for this purpose. For Google Analytics, we have configured the service so that the IP addresses of visitors to Google in Europe are abbreviated before any redirection to the USA and can therefore not be traced back. We have switched off the “Data Transfer” and “Signals” settings. Google only tells us how our respective website is used (no information about you personally).

5. Links to other websites

The website contains links to other websites. We have no influence on whether their operators comply with the applicable data protection regulations. We exclude any responsibility or liability for third-party websites available under the links.

6. Plug-ins and social media presence

6.1 Plug-ins
Our website contains plugins, including from LinkedIn, Vimeo or Instagram. These are usually integrated into the website as graphics files. We've configured these items to be disabled by default. If you activate it (by clicking on it), the operators of the respective social networks can register that you are on our website and where and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator in accordance with its data protection regulations. We do not receive any information about you from him.

For further information on data protection (in particular on the scope, type and purpose of data processing), we refer to the privacy policies of the respective plug-in providers. There you will also find further information about your rights and settings options to protect your privacy.

By logging out of the pages of the providers concerned beforehand and deleting cookies set (see section 3.4 above), you can prevent third parties from collecting information about you during your visit.

6.2 Presence
We may have online presences on social networks and other platforms operated by third parties. We receive data from you and the platforms when you contact us via our online presence (e.g. when you communicate with us, comment on our content or visit our presence). At the same time, the platforms evaluate your use of our online presence and link this data with other data about you known to the platforms (e.g. about your behavior and preferences). They also process this data for their own purposes on their own responsibility, in particular for marketing purposes and to control their platforms (e.g. what content they display to you).

We can distribute content published by you yourself (e.g. comments) ourselves (e.g. in our advertising on the platform or elsewhere). We or the operators of the platforms can also delete or restrict content from or about you in accordance with the usage guidelines (e.g. inappropriate comments).

For more information on the processing carried out by platform operators, please refer to the platforms' privacy policies. There you can also find out in which countries they process their data, what information, deletion and other data subject rights you have and how you can exercise them or obtain further information. We currently use the following platforms:

LinkedIn (https://ch.linkedin.com/)
Instagram (https://www.instagram.com/)

J. Final provisions

This privacy statement is not part of a contract with you. We reserve the right to change the content of this privacy policy at any time and without notice. The current version published on our website applies. It is therefore recommended that you consult this privacy statement regularly. In addition to this privacy policy, we may inform you separately about the processing of your data, for example through further separate data protection declarations regarding specific relationships (e.g. customer, mandate or applicant relationship).

Status: 29.08.2023