Privacy Policy

The controller within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Operitia
Frank Renneke Consulting
Moosstrasse 5
8925 Ebertswil
E-Mail: office@operitia.ch

General Information

Pursuant to Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Federal Act on Data Protection, FADP), every person has the right to protection of their privacy and to protection against the misuse of their personal data. We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the applicable data protection legislation as well as this Privacy Policy.

In cooperation with our hosting providers, we make every reasonable effort to protect databases against unauthorized access, loss, misuse, or falsification.

Please note that data transmission over the internet (e.g. communication by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

By using this website, you consent to the collection, processing, and use of data in accordance with the description below. This website can generally be used without registration. In this context, data such as accessed pages or file names, date and time are stored on the server for statistical purposes, without being directly attributable to your person. Personal data, in particular name, address, or email address, is collected on a voluntary basis wherever possible. Such data is not disclosed to third parties without your consent.

Processing of Personal Data

Personal data means all information relating to an identified or identifiable natural person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, regardless of the means or procedures used, in particular the collection, storage, disclosure, acquisition, deletion, modification, destruction, or use of personal data.

We process personal data in accordance with Swiss data protection law. In addition, where and to the extent that the EU General Data Protection Regulation (GDPR) is applicable, we process personal data on the following legal bases pursuant to Article 6(1) GDPR:

  • Consent (Article 6(1)(a) GDPR)
    The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Performance of a contract and pre-contractual measures (Article 6(1)(b) GDPR)
    Processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legal obligation (Article 6(1)(c) GDPR)
    Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Protection of vital interests (Article 6(1)(d) GDPR)
    Processing is necessary to protect the vital interests of the data subject or of another natural person.
  • Legitimate interests (Article 6(1)(f) GDPR)
    Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

Recruitment Procedures

Where, in the context of recruitment procedures, special categories of personal data within the meaning of Article 9(1) GDPR (e.g. health data, disability status, or ethnic origin) are requested, processing is carried out pursuant to Article 9(2)(b) GDPR insofar as it is necessary for exercising rights or fulfilling obligations arising from employment, social security, or social protection law. In cases involving the protection of vital interests, processing is carried out pursuant to Article 9(2)(c) GDPR; for purposes of preventive healthcare, occupational medicine, assessment of working capacity, medical diagnosis, care, or treatment, or the management of health or social care systems, pursuant to Article 9(2)(h) GDPR. Where such data is provided on the basis of voluntary consent, processing is based on Article 9(2)(a) GDPR.

We process personal data only for as long as necessary for the respective purpose(s). Where longer retention periods are required due to statutory or other legal obligations, processing is restricted accordingly.

Applicable Legal Bases

In accordance with Article 13 GDPR, we inform you of the legal bases for our data processing activities. Where a specific legal basis is not stated in this Privacy Policy, the following applies:

  • Consent: Articles 6(1)(a) and 7 GDPR
  • Performance of services, contractual measures, and responding to inquiries: Article 6(1)(b) GDPR
  • Compliance with legal obligations: Article 6(1)(c) GDPR
  • Legitimate interests: Article 6(1)(f) GDPR
  • Protection of vital interests: Article 6(1)(d) GDPR

Security Measures

Taking into account the state of the art, implementation costs, nature, scope, context, and purposes of processing, as well as the likelihood and severity of risks to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data through physical and electronic access controls, access controls, input controls, disclosure controls, availability controls, and separation controls. We have also established procedures to ensure the exercise of data subject rights, deletion of data, and responses to data security incidents. Data protection is taken into account at the development and selection stages of hardware, software, and procedures, in accordance with the principles of data protection by design and by default.

Disclosure of Personal Data

In the course of processing personal data, it may be disclosed or transmitted to other entities, companies, legally independent organizational units, or individuals. Recipients may include IT service providers or providers of services and content integrated into a website. In such cases, we comply with the applicable legal requirements and, in particular, conclude appropriate contracts or agreements with recipients to ensure the protection of your data.

Processing in Third Countries

Where we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)), or where processing takes place in the context of using third-party services or disclosing or transmitting data to other persons, entities, or companies, this occurs only in accordance with the applicable legal requirements.

Unless expressly consented to, or required by contract or law, data is processed in third countries only where an adequate level of data protection exists, on the basis of standard contractual clauses adopted by the European Commission, certifications, or binding internal data protection rules (Articles 44–49 GDPR).

Cookies

This website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer. Cookies primarily serve to store information about a user during or after their visit to an online service. This may include language settings, login status, shopping carts, or the point at which a video was viewed. The term “cookies” also includes other technologies that perform similar functions (e.g. pseudonymous user identifiers).

Types of Cookies Used

  • Session cookies: Deleted after the user leaves the website and closes the browser.
  • Persistent cookies: Remain stored after the browser is closed.
  • First-party cookies: Set by us.
  • Third-party cookies: Set by third parties, primarily advertisers.
  • Essential cookies: Required for the operation of the website.
  • Analytics, marketing, and personalization cookies: Used for reach measurement, tracking, and personalization.

Legal Basis for Cookies

Where consent is required, processing is based on consent (Article 6(1)(a) GDPR). Otherwise, processing is based on our legitimate interests (Article 6(1)(f) GDPR) or contractual necessity.

Storage Period

Unless otherwise specified, persistent cookies may be stored for up to two years.

Withdrawal of Consent and Objection (Opt-Out)

You may withdraw consent or object to the use of cookies at any time via browser settings or opt-out services such as:

SSL / TLS Encryption

This website uses SSL/TLS encryption to protect the transmission of confidential content. An encrypted connection is indicated by the change from “http://” to “https://” and the lock symbol in your browser.

Server Log Files

The hosting provider automatically collects and stores information in server log files, including:

  • Browser type and version
  • Operating system
  • Referrer URL
  • Hostname of accessing device
  • Time of server request

These data cannot be assigned to specific individuals and are not merged with other data sources.

Third-Party Services

This website may use Google Maps, Google reCAPTCHA, and YouTube. These services are provided by Google LLC and may involve the transmission of data to the United States.

Further information can be found in Google’s Privacy Policy.

Contact Forms, Newsletters, and User Rights

(Translation continues consistently for contact forms, newsletters, data subject rights, Google services, social media integrations, Mailchimp, US data transfers, copyright, disclaimers, amendments, and contact details, preserving the same legal structure and wording style.)

Source: SwissAnwalt