Data Protection Notice

The protection of your personal data is of great importance to us. With the following data protection notice, we would like to inform you in a general manner about the collection and processing of personal data carried out by us during your access to our website and your various interactions with us.

In this data protection notice we sometimes refer to information and data protection notices on external websites through links at various points. We are committed to keeping such links up to date. However, due to the constant updating of websites, it is possible that links may not function correctly. If you notice such a non-functioning link, we would appreciate it if you could inform us so that we can update the link.

Contents of the following data protection notices:

1. Name and Address of the Controller

2. General Information

2.1 Scope of Data Processing

2.2 Processing Principles, Legal Bases

2.3 Data Deletion and Storage Duration

3. Data Processing During the Visit to our Website

3.1 Log files

3.2 Cookies

3.3 Special Note on the Use of Google Analytics

3.4 Icon Links to our Social Media Presences

4. Data Processing when Contacting Us

4.1 Contacting Us by E-mail, Telephone or Mail

4.2 Application via E-mail or Online Application Form

4.3 Newsletter (E-Mail Service / Job Bulletin)

5. Data Security

6. Cooperation with Our Processors / Transfer of Data to Third Parties

7. Your Rights

8. Changes to this Data Protection Notices

1. Name and Address of the Controller

The Controller within the meaning of the Swiss Data Protection Act (DSG), the EU General Data Protection Regulation (GDPR) and other applicable data protection regulations is:

Stettler Consulting AG
Burgstrasse 29
CH-8706 Meilen

Phone: +41 43 288 43 43
E-mail: info@stettlerconsulting.ch
Website: https://stettlerconsulting.ch/

2. General Information

2.1 Scope of Data Processing

Personal data is any data and information relating to an identified or identifiable or an identified or identifiable natural person. A data subject is a person whose personal data is processed. Processing means any handling of personal data, irrespective of the means and procedures used, in particular the collection, storage, keeping, use, modification, disclosure, archiving, deletion or destruction of data.

We process personal data of our users only to the extent necessary to provide a functional website and our content and services. Any further processing of personal data of our users and customers will only be carried out with the consent of the users and customers. An exception is made in cases where it is not possible to obtain prior consent for factual reasons or where the processing of the data is permitted by legal provisions. Finally, we reserve the right to process data on the basis of legal obligations or in order to defend or assert claims.

2.2 Processing Principles, Legal Bases

We process personal data in accordance with Swiss data protection law and the processing principles specified therein. In addition, we process personal data – insofar as the GDPR is applicable – in accordance with the following legal bases specified in each case in this data protection notice:

  • Where we obtain the data subject’s consent for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
  • In the processing of personal data required to fulfil a contract whose contracting party is the data subject, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
  • Where the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
  • Where the processing of personal data is necessary to protect the vital interests of the data subject or another natural person, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
  • If the processing is necessary to protect the legitimate interests of our company or a third party, and such legitimate interests are not overridden by the interests or fundamental rights or freedoms of the data subject, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing.

2.3 Data Deletion and Storage Duration

We store personal data for the duration that is necessary for the respective purposes of the processing and delete or block the data as soon as the purpose of the processing no longer applies. In the case of longer retention obligations due to legal and other obligations to which we are subject, we restrict the processing accordingly.

3. Data Processing During the Visit to our Website

3.1 Log files

During each visit to our website, the following data and information about the computer system of the accessing device are automatically collected:

  • Information about the user’s browser type and the version used
  • Operating system of the user
  • Internet service provider of the user
  • IP address of the user
  • Date and time of access
  • Websites from which the user’s system accessed our website (referrer URL)
  • Websites accessed by the user’s system through our website
  • Message indicating whether the access was successful (access status/http status code)
  • GMT time zone difference

The collection and storage of the above data in log files is absolutely necessary for the provision, secure operation and functional optimization of our website. Consequently, there is no possibility for you to object.

Usually, the data is only temporarily stored for the duration of the session and deleted again as soon as you leave our website. When storing and evaluating this general data and information, we neither draw any conclusions about any data subject use the data for marketing purposes or profiling.

We reserve the right to store the aforementioned log file data for up to (3) months, insofar as this is necessary to detect, limit or eliminate malfunctions or errors or to defend against attempted attacks on our website and the information technology behind it or to detect and defend against malware and unlawful use. You can object to the use of your personal data for this purpose at any time with effect for the future.

The legal basis for the temporary storage of log file data for the secure operation of our website is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

3.2 Cookies

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser or the device used to be uniquely identified when the website is accessed again.

We use the following types of cookies:

  • Essential Cookies (also called technically necessary cookies) enable basic functions and are necessary for the proper functioning of the website. These cookies do not store information about you for marketing purposes, nor do they store which web pages you have visited.
NameBorlabs Cookie
ProviderOwner of this website
PurposeStores the cookie preferences of visitors selected in the cookie box by Borlabs Cookie.
Cookie nameborlabs-cookie
Cookie storage time1 year
  • Statistics Cookies (also called performance cookies or technically not necessary cookies) help us to statistically record and analyse how our website is used by visitors (e.g. frequency and origin of page views) without establishing a personal link to a specific visitor.
NameGoogle Analytics
ProviderGoogle LLC
PurposeCookie from Google for website analytics. Generates statistical data about how the visitor uses the website.
Data Privacy Noticehttps://support.google.com/analytics/answer/6004245?hl=en#zippy=%2Ccookies-und-kennzeichnungen-von-google-analytics%2Cdatenschutzerkl%C3%A4rung-von-google
Cookie name_ga,_gat,_gid
Cookie storage time2 years

The legal basis for the processing of personal data using technically necessary cookies within the scope of the GDPR is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the functioning of our website and the logging of the user’s cookie consent decision.

The legal basis for the processing of personal data using technically not necessary cookies in the scope of the GDPR is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.

When visiting our website, the user is informed about the use and functionality of these cookies and, if applicable, asked whether he wishes to give his consent to the use of individual or all of the above-mentioned technically not necessary cookies. In this context, there is also a reference to this data protection notice.

You can withdraw your consent to the use of individual or all technically not necessary cookies at any time. Please use one of the following options for this purpose:

  • You can change your cookie preferences for the use of cookies for our website yourself at any time by accessing the cookie preferences via the following link: Adjust cookie preferences here
  • You can generally prevent the storage of all cookies on your system (not only those used on our website) by changing the cookie settings of your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of our website to their full extent.

The following links provide information on how to change the cookie settings of the most common internet browsers:

Internet Explorer: http://windows.microsoft.com/en-GB/windows7/Block-enable-or-allow-cookies

Google Chrome: https://support.google.com/chrome/bin/answer.py?hl=en-GB&answer=95647&p=cpn_cookies

Firefox: http://support.mozilla.org/en-US/kb/Blocking%20cookies

Safari: https://support.apple.com/kb/ph19214?locale=en_US

Opera: http://www.opera.com/help/tutorials/security/privacy/

For more information about managing cookies in the browser settings, please visit: www.allaboutcookies.org.

  • With regard to the Google Analytics statistics cookies: You can generally prevent the processing of your data by Google Analytics by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

3.3 Special Note on the Use of Google Analytics

We sometimes use the Google Analytics analysis tool to analyse our website. This is a service provided by Google Ireland (based in Ireland), with which we can measure and evaluate the use of the website (not on a person-related basis). Google Ireland relies on Google LLC (based in the USA) as a processor (both „Google“), see https://policies.google.com/privacy/frameworks?hl=en. For the use of Google Analytics, the statistics cookies described above in section 3.2 are used, which Google sets. We have configured the service so that the IP addresses of visitors are shortened by Google in Europe before being forwarded to the USA and thus cannot be traced („anonymize IP“). We have switched off the „data forwarding“ and „signals“ settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can draw conclusions about the identity of visitors from this data for its own purposes, create personal profiles and link this data to the Google accounts of these individuals. Insofar as you have registered with Google itself, Google also knows you. The processing of your personal data by the Google is then the responsibility of Google in accordance with Google’s privacy policy. Google only tells us how our respective website is used (no information about you personally).

In addition, you can find more detailed information about the information processed by Google at https://www.google.com/intl/en/policies/privacy/#infocollect under „Information we collect as you use our services“, as well as at https://privacy.google.com/businesses/adsservices/.

For more information specifically about Google’s privacy practices with respect to Google Analytics, please visit: https://support.google.com/analytics/answer/6004245?hl=en&sjid=4446134280363022915-EU

Information on Google’s privacy settings can be found at https://myaccount.google.com/data-and-privacy

Furthermore, we have concluded an agreement for the provision of processor services with Google for the use of Google Analytics (Art. 28 GDPR, Art. 9 DSG), see, s. https://business.safety.google/intl/en/adsprocessorterms.

3.4 Icon links to Our Social Media Presences

In addition to this website, we also maintain presences in various social media, which you can access via corresponding buttons (icons) on our website. If you visit such a presence from our website, personal data may be transmitted to the provider of the social network.

We would like to point out that user data may also be transmitted to a server in a third country and thus processed outside the European Union.

It is possible that, in addition to the storage of the data specifically entered by you in such social network, further information is also processed by the provider of the social network in its own responsibility. In doing so, the provider of the social network may process the most important data of the computer system from which you visit the social network – for example, your IP address, the processor type and browser version used, including plug-ins.

If you are logged in with your personal user account of the respective network while visiting such a website, this network can assign the visit to your account.

The purpose and scope of the data collection by the respective social network, the further processing of your data there as well as your rights in this regard can be found in the respective provisions of the respective social network being the responsible controller, e.g. under:

  • Facebook (Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA):
  • Google and YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA):
  • LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland)

We would also like to point out that our website may contain further links to external third-party websites, whereby we have no influence on the processing of data on these third-party websites.

4. Data Processing when Contacting Us

4.1 Contacting Us by E-mail, Telephone or Mail

Contacting us is possible via the contact details published on our website by e-mail, telephone or post.

If you use one of these contact methods, the data you send us (e.g., surname, first name, address, telephone number, e-mail address), as well as the information contained in your message, together with any personal data you may have provided, will be stored by us for the purpose of contacting you and processing your request. In addition, depending on the contact option, the following data is collected by our system: IP address of the calling computer; date and time of the e-mail or telephone call or incoming mail.

The legal basis for the processing of your personal data in the context of communication with you is Art. 6 para. 1 lit. f GDPR (legitimate interest). If the purpose of contacting you is to conclude a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. You can object to the storage and processing of your personal data at any time. In such a case, the conversation and the processing of your request cannot be continued. The storage due to legal obligations or for the defence or assertion of claims remains reserved.

4.2 Application via E-mail or Our Online Application Form

On our website, you have the option of sending us a spontaneous application by e-mail or via an online application form, or of applying for a position advertised with or through us and sending us the required data and application documents.

We collect and process the personal data you send us in the course of your application in order to evaluate your application, to contact you for interviews and, if applicable, to present you to the advertising company as a suitable candidate. The legal basis for this is Art. 88, 6 para. 1 lit. b GDPR and the Swiss Employment Agency Act (AVG) and your implicit consent by sending us your application.

Before we forward your application with your personal data to the respective company advertising the job, we will first contact you and obtain your consent.

If you agree, we will also store and process your application data in our candidate pool beyond a specific application process in order to contact you in the future about new positions that suit your profile. When you submit your online application, your consent to the processing of your personal data in the candidate pool will be obtained (legal basis is Art. 6 para. 1 lit. a GDPR) and reference will be made to this data protection notice. Storage then takes place for as long as the purpose of a possible successful placement between you and a potential employer exists. You can also withdraw your consent to the processing and storage of your data in our candidate pool at any time with effect for the future.

If you do not consent to the storage and processing of your application data within the scope of our candidate pool beyond the specific application procedure, then we will only store your application data for as long as this is necessary for the processing of the respective application procedure or the placement with the advertising company, unless longer storage is legally required or permitted.

You can withdraw your consent to the processing of your application data at any time. However, this will mean that you can no longer be considered by us for the respective position.

4.3 Newsletter (E-Mail Service / Job Bulletin)

On our website, you have the option of subscribing to a free newsletter (e-mail service / job bulletin), through which you will be regularly informed about the latest job vacancies. When you subscribe to the newsletter, the data you enter in the input mask is transmitted to us.

The data you enter are processed for the purpose of sending the newsletter. As part of the registration for our newsletter, your consent to the processing of your personal data is obtained (legal basis is Art. 6 para. 1 lit. a GDPR) and reference is made to this data protection notice. The data will be deleted or no longer used for sending the newsletter as soon as you unsubscribe to the newsletter.

In addition, the following data is automatically collected during newsletter registration:

  • IP address of the accessing computer
  • Date and time of the newsletter subscription

The automatic collection of this data as part of the registration process serves to prevent misuse of the services or the e-mail address used (legal basis is our legitimate interest pursuant to Art. 6 para 1 lit. f GDPR).

For the registration to our newsletter, we use the so-called double opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter. The purpose of this procedure is to be able to prove your registration and, if necessary, to prevent a possible further misuse of your personal data.

You can withdraw your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the withdrawal by clicking on the link provided in each newsletter e-mail, or by sending a message to the contact details provided in the imprint.

5. Data Security

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties (e.g., TLS encryption for our website), taking into account the state of the art, implementation costs and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including its probability and impact) for the data subject. Our security measures are continuously improved in line with technological developments.

6. Cooperation with Processors / Transfer of Data to Third Parties

We use external service providers in the course of our business operations (e.g. in the area of IT for hosting/operation/maintenance/administration of our website, data centre services, database services, security services, telecommunications, sales and marketing). These will only act on our instructions and have been contractually obligated to comply with data protection regulations when processing personal data on our behalf (conclusion of a data processing agreements pursuant to Art. 28 GDPR or Art. 9 DSG). Furthermore, the legal basis for the transfer is Art. 6 para. 1 lit. b (contract performance/initiation) or lit. f (legitimate interest) GDPR, insofar as our external service providers are qualified as processors.

In addition, the following categories of recipients, may receive access to your personal data:

  • Government agencies/authorities, insofar as this is necessary for the fulfilment of a legal obligation. The legal basis for the disclosure is then Art. 6 para. 1 lit. c GDPR;
  • Persons we rely on to perform our business operations who are not qualified as processors (e.g. auditors, banks, insurance companies, legal advisors, trustees).

7. Your Rights

If personal data is processed by us as controller, you as data subject have certain rights depending on the legal basis and purpose of the processing, in particular, if applicable, the

  • Right to information (Art.15 GDPR; Art. 25 DSG),
  • Right to rectification (Art.16 GDPR; Art. 32 DSG),
  • Right to deletion (Art. 17 GDPR; Art. 32 DSG),
  • Right to restriction of processing (Art. 18 GDPR; Art. 32 DSG),
  • Right to data portability (Art. 20 GDPR, Art. 28 DSG),
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7 III DSGVO)

To assert your data subject rights in relation to the data processed in accordance with this privacy notice, please contact the contact details of the controller set out at the beginning of this privacy notice.

If you are in the EU or Switzerland, you also have the right to complain to the data protection supervisory authority in your country if you believe that your personal data is not being processed lawfully by us. In Switzerland, the competent supervisory authority is the Swiss Federal Data Protection and Information Commissioner (EDÖB).

8. Changes to this Data Protection Notice

In the context of the further development of data protection law as well as technological or organizational changes, this data protection notice is regularly reviewed for the need for changes or additions and adapted accordingly. The version published on this website is the current version.