Swissvia.com Privacy Policy

Version dated April 2, 2024

As we operate internationally and process sensitive data, this text is somewhat lengthy. We apologize for that!

In this Privacy Policy, we, Swissvia.com, explain how we collect and process personal data. This is not an exhaustive description; other privacy policies may cover specific matters. Personal data includes all information that relates to a specific or identifiable person. If you provide us with personal data of other individuals (e.g., family members, colleagues), please ensure they are aware of this Privacy Policy and only share their data if you are authorized to do so and if the data is accurate.

This Privacy Policy is designed to comply with the requirements of the EU General Data Protection Regulation (“GDPR”), the Swiss Federal Act on Data Protection (“FADP”), and the revised Swiss Data Protection Act (“revFADP”). Whether and to what extent these laws are applicable depends on the individual case.

1. Controller / Data Protection Officer / Representative

The controller responsible for the data processing described here is Swissvia.com, unless otherwise stated in individual cases.

If you have any data protection concerns, you can contact us at:

Swissvia.com
Neugrubenstrasse 24
CH-9500 Wil
Email: john@baillie.ch

Our representative in the EEA pursuant to Art. 27 GDPR is:

John Baillie
Email: john@baillie.ch

2. Application Process

To effectively process your application, we collect and store the following personal data:

Salutation, Name, First Name, Address, City
Date of Birth, Place of Origin
Phone Number, Email Address
Resume, Photo, Certificates, References
Education and Training
Professional Experience, Skills, Roles, Specializations
Expectations
Language Skills
Salary Expectations
Credit and Criminal Record Excerpts
Health Information
Any other information you provide us

Health and/or criminal background information is only collected and stored if required to assess your suitability for the job position, in compliance with legal requirements.

We process your personal data to assess your suitability for a job position and to correctly handle the application process (Art. 6(1)(b) / Art. 6(1)(f) GDPR). With your consent, your data may be forwarded to clients/employers as part of job placement. Your data will neither be sold nor made available to unauthorized third parties.

If you provide us with information about third parties (e.g., referees), we assume they have consented to the forwarding of their data (including its collection and storage by us) and that you are not violating any contractual or legal obligations by forwarding it. Before contacting any third parties, especially referees, we will obtain your consent.

When personal data is processed by external processors, we ensure compliance with legal requirements. Data is generally only shared with third parties if necessary for contract execution with you, permissible based on a balance of interests, legally required, or if you have consented. Your data will never be sold.

3. Collection and Processing of Personal Data

We primarily process personal data that we obtain in the course of our business relationships with our customers and other business partners, or that we collect from users when operating our websites, apps, and other applications.

Where permitted, we may also retrieve certain data from publicly accessible sources (e.g., debt registers, land registers, commercial registers, press, internet) or receive such information from other companies within Swissvia.com, authorities, and other third parties (such as credit agencies, address brokers). In addition to the data you provide us directly, the categories of personal data we receive about you from third parties include:

Information from public registers
Data related to legal and regulatory requirements
Information in connection with your professional roles and activities
Credit reports (insofar as we conduct business with you personally)
Data from persons in your environment (e.g., family, advisors)
Information for compliance with legal requirements like anti-money laundering laws
Data from banks, insurance companies, and other business partners
Information from media and internet about you (if appropriate, e.g., in the context of job applications)
Your addresses, interests, and other socio-demographic data (for marketing)
Data in connection with the use of the website (e.g., IP address, device information, cookies)

4. Purposes of Data Processing and Legal Basis

We primarily use the personal data we collect to conclude and execute our contracts with our customers and business partners, specifically for the placement of job seekers with potential employers, and to comply with our legal obligations both domestically and abroad.

Additionally, we process personal data where permitted and appropriate for the following purposes, which are in our (and sometimes third parties’) legitimate interests:

Offering and developing our services, products, and websites, apps, and other platforms
Communication with third parties and processing their requests (e.g., applications, media inquiries)
Reviewing and optimizing procedures for needs assessment for direct customer engagement
Advertising and marketing, provided you have not objected to the use of your data
Market and opinion research, media monitoring
Assertion of legal claims and defense in legal disputes and official proceedings
Prevention and investigation of crimes and other misconduct
Ensuring our operations, especially IT, websites, apps, and other platforms
Video surveillance for safeguarding domiciliary rights and other security measures
Business transactions such as the purchase and sale of business units, companies, or parts of companies
Measures for business management and compliance with legal and regulatory obligations

If you have given us consent to process your personal data for specific purposes (e.g., applications, newsletter subscriptions), we process your data within the scope of and based on this consent, unless we have another legal basis and need one. Consent can be withdrawn at any time, but this does not affect data processing already carried out.

5. Cookies, Tracking, and Other Technologies

We use “cookies” and similar techniques on our websites and apps to identify your browser or device. A cookie is a small file sent to your computer or automatically stored by your web browser when you visit our website or install our app. When you revisit our website or use our app, we can recognize you, even if we don’t know who you are.

We use both session cookies (which are deleted after your visit) and permanent cookies (which remain for a set period). Permanent cookies allow us to save user settings (e.g., language, autologin), understand how you use our services and content, and display tailored offers and advertising.

You can configure your browser to reject cookies, save them for a single session, or delete them prematurely. Most browsers are preset to accept cookies. Blocking cookies may result in some functionalities not working correctly.

By using our websites and consenting to receive newsletters and other marketing emails, you agree to the use of these techniques. If you do not wish to do so, you must configure your browser or email program accordingly or uninstall the app.

We may use Google Analytics or similar services on our websites. These are services provided by third parties, which may be located in any country worldwide (in the case of Google Analytics, it’s Google Ireland and Google LLC in the USA). We have configured the service to anonymize IP addresses within the EU before forwarding them to the USA.

We may also use social media plugins like Facebook, Twitter, YouTube, Pinterest, or Instagram on our websites. They are deactivated by default. If you activate them, the operators of these platforms may record that you are on our website and where, and may use this information for their purposes.

6. Data Disclosure and Transfer Abroad

In the course of our business activities and for the purposes outlined in Section 4, we may disclose data to third parties, insofar as permitted and deemed appropriate. This includes:

Service providers (within Swissvia.com and externally, e.g., banks, insurers)
Dealers, suppliers, subcontractors, and other business partners
Customers
Domestic and foreign authorities, offices, or courts
Media outlets
The public, including website visitors and social media users
Competitors, industry organizations, associations, and other bodies
Acquirers or prospective buyers of business units, companies, or parts of Swissvia.com
Other parties in potential or actual legal proceedings

These recipients may be located domestically or abroad. Data may be transferred to any country where Swissvia.com is represented by group companies, branches, or offices, as well as other countries in Europe and the USA where our service providers are located (e.g., Microsoft, Amazon).

If a recipient is located in a country without adequate legal data protection, we ensure data protection through contractual obligations, specifically using the revised standard contractual clauses of the European Commission, which can be found here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj.

7. Duration of Data Retention

We process and store your personal data as long as necessary to fulfill our contractual and legal obligations or for the purposes for which they are processed. This may include the entire duration of our business relationship, from initiation and execution to termination of a contract, and beyond in accordance with legal retention and documentation obligations.

Data may also be retained as long as claims can be made against our company or we are otherwise legally obliged to do so, or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). Once your personal data is no longer needed, it will be deleted or anonymized wherever possible.

Operational data like system logs are generally kept for a shorter period, usually twelve months or less.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse. These measures include issuing directives, conducting training, implementing IT and network security solutions, and restricting access to personal data.

9. Obligation to Provide Personal Data

In the context of our business relationship, you must provide the personal data necessary to establish and conduct a business relationship and fulfill the associated contractual obligations. Generally, there is no legal obligation to provide us with data. However, without this data, we may not be able to conclude or execute a contract with you or the entity you represent. Additionally, using the website may not be possible if certain information to secure data traffic (e.g., IP address) is withheld.

10. Profiling

We may process your personal data automatically to evaluate certain personal aspects (profiling). We use profiling particularly to inform and advise you about products in a targeted manner. This allows us to provide needs-based communication and advertising, including market and opinion research.

We generally do not use fully automated decision-making processes as defined in Article 22 GDPR to establish and conduct the business relationship or otherwise. Should we use such processes in individual cases, we will inform you separately if required by law and explain your rights in connection with it.

11. Rights of the Data Subject

Under applicable data protection law, you have the right to access, rectify, erase, restrict processing, and object to our data processing. This includes processing for direct marketing purposes, profiling related to direct advertising, and other legitimate interests in processing.

You also have the right to receive certain personal data for transfer to another entity (data portability). Please note that we may invoke legal exceptions, for example, if we are obliged to retain or process certain data, have an overriding interest, or need the data to assert claims. We will inform you in advance of any potential costs.

The exercise of such rights usually requires you to prove your identity unequivocally (e.g., by providing a copy of your ID). To assert your rights, please contact us at the address provided in Section 1.

Every data subject also has the right to take legal action or lodge a complaint with the competent data protection authority. In Switzerland, the competent authority is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

12. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy at any time without prior notice. The current version published on our website applies. If the Privacy Policy is part of an agreement with you, we will inform you of any updates via email or other appropriate means.