REAS Suisse data policy
In this privacy policy, we explain how we collect and process personal data. Personal data is understood to mean any information relating to an identified or identifiable person.
If you provide us with personal data of other people, please ensure that these people are aware of this privacy policy, and only provide us with their personal data if you are allowed to do so and if this personal data is correct.
This privacy policy is designed to meet the requirements of the EU’s General Data Protection Regulation (“GDPR”), the Swiss Federal Act on Data Protection (“FADP”) and the new Swiss Federal Act
on Data Protection (“nFADP”). However, whether and to what extent these laws are applicable depends on the individual case.
1. Controller / data protection officer / representative
The contact named in the website information is responsible for the data processing described here.
2. Collection and processing of personal data
We primarily process the personal data that we collect in the course of our business activities. However, personal data may also be collected if you contact us as a service provider, prospective customer, applicant, website user or in other capacities. We also process data that is generated when you use our website or that you provide to us on our website (e.g. by filling out a contact form).
3. Purposes of data processing and legal bases
Personal data is processed for the following purposes:
- To conduct our business
- In the course of weighing up interests
- On the basis of your consent
- On the basis of legal requirements or public interest
4. Cookies / tracking and other technologies in connection with the use of our website
On our website we typically use so-called cookies and similar technologies that can be used to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored by the web browser you are using on your computer or mobile device when you visit our website. If you revisit this website, we can recognize you again, even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your visit to the website (session cookies), cookies can also be used to store user settings and other information over a certain period of time (e.g. two years) (permanent cookies). However, you can set your browser to reject cookies, to store them only for one session or to delete them prematurely.
By using our website, you consent to the use of these technologies. If you do not want this, you must set your browser or email program accordingly.
Google Analytics
We sometimes use Google Analytics or similar services on our websites. These are third-party services that may be located in any country in the world (in the case of Google Analytics, Google Ireland (based in Ireland); Google Ireland relies on Google LLC (based in the USA) as the processor (both “Google”), www.google.com)), with which we can measure and evaluate the use of the website (not personal). For this purpose, permanent cookies set by the service provider are also used. We have configured the service so that the IP addresses of visitors to Google in Europe are truncated before being forwarded to the USA and thus cannot be traced back. We have disabled the “Data sharing” and “Signals” settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google may use this data to draw conclusions about the identity of visitors for its own purposes, create personal profiles, and link this data to the Google accounts of these individuals. If you have registered with the service provider yourself, the service provider also knows you. In this case, the service provider is responsible for processing your personal data in accordance with its data privacy provisions. The service provider only informs us how our respective website is used (no information about you personally).
5. Data transfer and transmission abroad
In the course of our activities under Section 3, we also disclose personal data to third parties – insofar as this is permitted and we deem it appropriate – either because they process this data for us or because they wish to use it for their own purposes. This particularly concerns the following parties:
- Our service providers (such as IT providers);
- Other business partners
Some of these recipients are located in Switzerland, but they may be anywhere in the world. In particular, you must expect your data to be transferred to all the countries in which we operate.
If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with the applicable data protection (for this we use the revised standard contractual clauses of the European Commission, which can be found here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj), provided that the recipient is not already subject to a legally recognized set of rules for ensuring data privacy and we are unable to rely on an exception. An exception may apply in the case of legal proceedings abroad, but also in cases of overriding public interests or if a contract requires such disclosure, if you have consented or if the data in question is data that you have made generally accessible and the processing of which you have not objected to.
6. Duration of storage of personal data
We process and store your personal data for as long as is necessary to fulfill our contractual and legal obligations or otherwise for the purposes for which the data is processed. As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymized as far as possible.
7. Data security
We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse.
8. Rights of the data subject
You have the right to information, correction, erasure, the right to restrict data processing and otherwise to object to our data processing and further legitimate interests in the processing as well as to the surrender of certain personal data for the purpose of transfer to another location (so-called data portability) within the scope of the data protection law applicable to you and to the extent provided for therein (as in the case of the GDPR). Please note, however, that we reserve the right to enforce the restrictions provided by law, for example if we are obliged to store or process certain data, have an overriding interest in it (insofar as we may invoke it) or need it to assert claims. If you incur costs, we will inform you in advance. We have already informed you about the possibility of withdrawing your consent in Section 3.
As a rule, the exercise of such rights requires that you provide clear proof of your identity (e.g. by means of a copy of your ID if your identity is otherwise not clear or cannot be verified). To exercise your rights, you can contact us at the address given in Section 1.
Each data subject also has the right to enforce their claims in court or to file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/en/home.html).
9. Amendments
We may amend this privacy policy at any time without prior notice. The current version published on our website applies. If the privacy policy is part of an agreement with you, we will notify you of the amendment by email or other suitable means in the event of an update.