Privacy Policy

PRIVACY POLICY AND COOKIE POLICY

INFORMATION ON THE PROCESSING OF PERSONAL DATA

 

INTRODUCTION

This document describes the personal data processing policy of FCK CONSULENZE SA, a Swiss company based in Novazzano (CH), in relation to the use by the user of the fckconsulenze.ch site and the resources it contains. connected (hereinafter the “Site”).

This document informs the user, pursuant to and for the purposes of Articles 4 para. 5 of the Federal Data Protection Act (LPD) and, where applicable, of art. 13 and 14 of the European Regulation (EU) 679/2016 (GDPR), that the personal data provided or otherwise acquired as part of the Site’s activity will be processed, in compliance with the principles set out in the aforementioned regulations.

It should be noted that the GDPR, in accordance with art. 3, applies only in the case of:

  1. offering goods or services to individuals in the EU;
  2. monitoring the behavior of individuals in the EU.

Paragraphs A and B specify the ownership of the Site, the coordinates for communications and describe the mechanism of acceptance and revision of this document. Paragraphs C and D describe the Site’s policy relating to the processing of users’ personal data. Finally, paragraph E regulates the material law applicable to the legal relationship between the parties and establishes the competent court in the event of a dispute related to this relationship.

The conditions governing the use of the Site are described in a separate document, accessible at this link. The same is understood here fully reproduced and integrated.

 

  1. SITE OWNER AND PERSONAL DATA PROCESSING NOTICES

The Site is owned by FCK CONSULENZE SA, Novazzano (CH).

All communications shall be in writing and shall be deemed validly and effectively executed upon receipt thereof, if effected by ordinary mail, or upon receipt of confirmation of reading, if effected by electronic mail.
Contact:

  • FCK CONSULENZE SA, Via Marcetto 13, 6883 Novazzano (CH)
  • Tel. +41 (0)91 697 59 59
  • E-mail: fabienne.kayar@fckconsulenze.ch

 

  1. ACCEPTANCE AND MODIFICATION OF TERMS AND CONDITIONS

By using the Site, the user accepts the terms and conditions in force at the time of access. It is the user’s responsibility to carefully check the status of the terms and conditions before accessing the Site, as the owner reserves the right to update this document at any time and at his own discretion, in particular according to the evolution of applicable law.

 

  1. ACCEPTANCE AND AMENDMENT OF THE TERMS AND CONDITIONS DATA PROTECTION POLICY

Data controller

The data controller is FCK CONSULENZE SA, Via Marcetto 13, 6883 Novazzano, represented by the member of the Board of Directors in accordance with the signature rights established by the Board of Directors and resulting from the Trade Register of the Canton of Ticino. The owner may be contacted using the contact details specified in section A above.

Responsible for data protection

The Data Protection Officer can be contacted in writing by regular mail at the following address: c/o FCK CONSULENZE SA, Via Marcetto 13, 6883 Novazzano.

Any communication relating to the protection of personal data can be sent to the following e-mail address: fabienne.kayar@fckconsulenze.ch

Legal regime applicable to data processing

The owner, as a legal person under Swiss law with registered office in Switzerland active in the private sphere, processes the personal data of users in accordance with the Federal Law on the protection of personal data (“LPD”, RS 235.1).

Given that FCK CONSULENZE SA in principle does not process personal data falling within the scope of the GDPR (see section A above), should the Regulation be exceptionally applicable, FCK CONSULENZE SA grants the data subjects the protections provided for by the GDPR itself (in particular the rights provided for in Articles 12 – 23). The text of the GDPR can be consulted by activating this link.

Notions and categories of personal data

Personal data means any information concerning an identified or identifiable natural person (Personal Data). Personal data deserving special protection include sensitive information such as those relating to the intimate sphere, social welfare measures, racial and ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, biometric data or data relating to health, mental, mental or physical state, as well as data relating to criminal convictions and offences or related security measures.

The owner does not require or request the provision of personal data deserving of special protection. The user is therefore advised not to spontaneously transmit information of this nature via the Site and related resources (e-mail, contact form and online application).

Purpose and lawfulness of the processing

The owner processes Personal Data in relation to the purposes summarized in the following table:

Purpose of processing
 Legal basis
 Data retention period
Browsing this website Legitimate interest | fulfilment of contractual obligations 1 year maximum
See cookies policy
Contact request or information request or job application filing Legitimate interest | request concerned 1 year
Activities of an organisational, administrative, financial and accounting nature and customer/user data management, regardless of the nature of the data processed. In particular, internal organisational activities pursue these purposes. Legitimate interest | fulfilment of contractual obligations General: 10 years
See special information for applications

 

The owner collects and processes the Personal Data necessary to enable, respectively optimise navigation on the Site. This data includes information concerning the use of the Site, such as the IP address of the user’s device, the user’s location, the unique identifier of the user’s mobile device, the duration of the stay on the Site, the links activated, the browser characteristics (type, language, plug-ins installed etc.), cookies etc.). This data is processed automatically exclusively to allow navigation on the Site, to evaluate the introduction of new functions, to improve the quality of the services offered, to measure the use of the Site and to optimise its usability.

The Site processes Personal Data transmitted by the user, in particular by means of an online form or electronic mail, for the purpose of communicating or making available the information requested by the user.

The Site does not process or transmit content or advertising messages designed based on online behavior, does not profile the user, does not monitor the use of web resources or e-mails. The Site does not sell, rent, trade and/or lend Personal Data to third parties.

It is recommended not to transmit information and/or documents containing personal and/or confidential information (in particular: medical information) by e-mail, as this is an insecure means of communication that does not guarantee the protection of confidentiality. The Site owner is willing to provide, at the user’s request, secure electronic communication channels for transmitting sensitive data.

 

Obligation to provide data

Apart from what is specified for navigation data, the user is free to provide Personal Data.

The provision of data is optional or necessary depending on the specific purpose for which the data is processed. Failure to provide the requested data will make it impossible to obtain what has been requested or to use the services of the data controller.

 

Data transfer to a third country and / or an international organization

Personal Data may be transferred abroad (with respect to Switzerland), however, limited to the European Union or to countries that provide adequate protection of personal data (with respect to Swiss law) as per the List established by the Federal Authority, respectively the European Authority responsible for data processing subject to the GDPR.

 

The interested party has the right to obtain a copy of such data.

In case of transfer to non-European countries, in particular the United States, whose data protection level has not been deemed adequate, personal data may only be transferred to individuals, entities and companies that have adhered to specific agreements. and / or international instruments concerning the protection of personal data (for example: Swiss / EU – US Privacy Shield). The data subject may obtain information on the safeguards adopted for the transfer of Personal Data by writing to FCK CONSULENZE SA.

 

Retention period of personal data

The Site retains Personal Data as long as its retention is necessary in view of the purpose for which the data was collected, respectively to the extent that there is a legal obligation to retain it (normally 10 years). Once the purpose for which the Personal Data was collected has lapsed, respectively the retention obligation established by law has expired, the Data Controller shall permanently and securely delete the data or, alternatively, anonymise them. The detailed policy on the conservation of personal data can be requested from the data controller by e-mail or viewed at the registered office.

 

Newsletter

The owner offers a free update service on his activities through the newsletter.

The Newsletter is sent exclusively to those who have registered for this purpose by providing their e-mail address. Immediate deletion from the recipient list is possible at any time and with immediate effect by activating the “unsubscribe” link at the bottom of each e-mail.

Not subscribing to the Newsletter or unsubscribing from the list of recipients does not affect or in any way reduce the usability of the Site.

The owner does not monitor the behavior and does not profile in any way the recipients of the Newsletter and does not transfer any data to third parties, except for the newsletter service provider, which receives the e-mail addresses of the recipients functionally for the management of the Newsletter. The latter must be established in Switzerland, the EU or the USA (in the latter case only if it has joined the US – CH/EU Privacy Shield).

 

Data relating to minors

The treatment justified by the consent of the interested party is lawful where the minor who has given consent is at least 16 years old. If the minor is under the age of 16, the processing of personal data is lawful only and to the extent that consent is given or authorized by the legal representative. The holder shall make every reasonable effort, having regard to available technology, to verify that the consent given by the legal representative is effective. However, he will not be in any way responsible for any false declarations that may be provided by the minor and, in any case, if he ascertains the falsity of the declaration, he will immediately delete any personal data and any material acquired. The owner will facilitate requests regarding the personal data of minors from the legal representative.

 

Data processors, recipients or categories of recipients, access to data

The Personal Data provided by the user may be disclosed to recipients who will process the data as appointed data controllers and/or as natural persons acting under the authority of the data controller or data processor. Where they operate autonomously, the subjects will assume the position of separate data controllers.
Subject to the transmissions of data provided for by law, the data may be communicated to recipients belonging to the following categories:

  • subjects that provide services for the management of information and telecommunication systems used by the data controller for the provision of the Site and for the organization, programming, implementation and execution of the activities related to the Site;
  • companies and freelancers providing services to the data controller, e.g. in the legal, accounting, administrative and tax fields

 

As part of the management of the Site and related resources (in particular: e-recruiting, e-mailing, back-up, web-design, graphics, maintenance, translation, hosting and Internet access), FCK CONSULENZE SA yes makes use of external suppliers of goods and / or services established and active in Switzerland or in the European Union (EU). External suppliers have access to the data only to the extent strictly necessary for the proper and efficient performance of their tasks, subject to an obligation of confidentiality and non-use in relation to Personal Data.

The complete list of data processors is available at the registered office.

 

E-mail communications, risks

The user is aware that (i) the use of e-mail does not ensure the confidentiality and integrity of data in transit, (ii) numerous e-mail service providers are located or hold their data in countries that do not guarantee adequate protection of personal data (for example the USA) (iii) the use of such an e-mail service results in the transfer and storage of data in a country that does not guarantee adequate protection of such data.

The user authorises the holder (and its auxiliaries) to transmit documents and/or information, including those containing personal and/or confidential data, by ordinary (non-certified and encrypted) electronic mail, using the e-mail address provided by the user in response to user requests received by telephone or e-mail. The user, being fully aware of the above-mentioned risks, releases the holder from any liability in the event of unauthorised access by third parties to the documents and/or personal and/or confidential information transmitted or received by e-mail by the holder and/or its organs and auxiliaries.

 

Links to Third Party Resources

The Site contains links to sites, services and other Internet resources referable to third parties. The owner is in no way responsible for the content, safety and usability of such sites and resources; in particular, the owner does not verify the policy, nor does he issue guarantees regarding the protection of privacy and personal data by said third parties.

 

Safety

The Site implements the security measures reasonably imposed by the circumstances and proportionate to the risks against unauthorized access, use, transmission, alteration, loss or destruction of Personal Data. These measures include measures of a technical, physical and organizational nature. However, given the nature of the Internet as an “open network”, the owner cannot guarantee, nor does it guarantee, that the data will not be intercepted or acquired by unauthorized third parties.

 

User rights

Within the limits established by the LPD, the interested party may in particular:

  • obtain rectification of inaccurate personal data (Art. 5(2) DPA);
  • request, free of charge and in writing, whether data concerning him are processed (Art. 8 para. 1 DPA);
  • have consent to the processing of personal data interrupted or revoked (Art. 12(2)(b) DPA);
  • stop unlawful processing of personal data (Art. 12(2)(a) DPA);
  • prevent, in the absence of justification, the disclosure to third parties of personal data worthy of special protection or personality profiles (Article 12(2)(c) DPA);
  • request that data processing be stopped, that disclosure to third parties be prevented, or that personal data be rectified or destroyed (Art. 15 para. 1 DPA);
  • if neither the correctness nor the inaccuracy of the personal data can be proved, request that a note be added to the data to indicate their disputed nature (Art. 15(1) DPA);
  • requesting that the rectification, destruction, blocking, in particular the communication to third parties, as well as the mention of the disputed character or the judgment be communicated to third parties or published (Art. 15(3) DPA);
  • have personal data collected, stored or used illegally destroyed;
  • have the illegality of processing personal data established;
  • file a criminal complaint in the event of a breach of the obligations to inform, notify and co-operate (Art. 34 DPA), as well as of discretion (Art. 35 DPA).

If the data processing falls within the territorial scope referred to in art. 3 GDPR, the interested party can assert the rights as expressed in articles 15, 16, 17, 18, 19, 20, 21, 22 GDPR, by contacting the owner or the data processor. You have the right, at any time, to ask the data controller for access to your personal data, to rectify, erase or restrict the processing of your personal data or to object to their processing, as well as to exercise your right to the portability of such data. If the processing is based on article 6, paragraph 1, letter a) or on article 9, paragraph 2, letter a) GDPR, the user has the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on on the consent given before the revocation. The user has the right to lodge a complaint with the supervisory authority. In the event of a request for data portability, the data controller shall provide the user, in a structured, commonly used and machine-readable format, with the personal data concerning him, subject to paragraphs 3 and 4 of Art. 20 GDPR.

 

  1. COOKIES Introduction

This chapter describes the Site’s policy in relation to the processing of users’ personal data in connection with so-called “cookies”.

Technical notions

Cookies are text files placed in the user’s browser by sites / apps or servers while browsing the web. Thanks to cookies, these sites or servers are able to recognize the browser during navigation and subsequently. Cookies help to improve the user’s online experience, for example by preserving user preferences over time or by preventing the user from having to log in at every page change. Cookies can also be used to monitor user behavior online, with a consequent impact on user privacy.

The types of cookies

Cookies can be divided into various types.

Considering the person who deposits the cookie on the user’s terminal, if it coincides with the owner of the site visited, the cookie is called “first party”, while if it is a third party site / server, the cookie is called ” Part Three”.

Considering the duration of the cookie, “session” cookies are stored as a function of access to the site and are therefore deleted when the browser is closed. “Persistent” cookies, on the other hand, remain stored in the device after the browser is closed (and until the expiry date set by the cookie). Considering the purpose of the cookie, a distinction must be made between “technical” and “profiling” cookies. Technical cookies make it possible to browse the web, respectively, to provide the service requested by the user. They are not used for other purposes and are generally managed by the owner of the site visited. Analytics‘ or ’statistical” cookies are assimilated to technical cookies where they are used directly by the site owner to collect information, in aggregate form, on the number of users and how they interact with the site. Profiling cookies are generally third-party cookies used to build up a profile of the user based on his/her online behaviour and habits in order to send him/her personalised advertising messages.

 

Statements of the owner regarding cookies

The Site only implements a technical session cookie, in particular for the purpose of customizing the configuration of the Site, keeping browsing active, analyzing the flow of traffic and use by users, as well as for the purposes of system administration. The data collected is treated anonymously and is not disclosed to third parties.

The Site implements third-party site traffic analysis software that does not store any cookies on the visitor’s browser and does not transmit any data to third parties.
Possibility of deactivating or deleting cookies, technical consequences

The user has the ability to set his browser to inform him of the receipt of a cookie or to block cookies (generally or by type of cookie or by site of origin). The generalised blocking of cookies, since the same also applies to technical cookies, may lead to severe limitations in the use of the Site.

The user has the possibility to delete cookies from the browser’s memory, as well as to set the browser to automatically delete cookies when the program is closed (recommended).

By default, browsers automatically accept cookies. Instructions for deactivating or deleting cookies can be found on the website of the developer of your browser; we refer to the following instructions for the most common browsers: Microsoft Internet Explorer and Edge; Google Chrome; Apple Safari; Mozilla Firefox and Opera.

There are additional ways to reduce the risk of online tracking, including:

  • activate the DoNotTrack option on the browser (if available);
  • use the “private” or “anonymous” browsing functionality of the browser (if available), which prevents cookies from being kept on the device after browsing.

 

  1. APPLICABLE LAW AND JURISDICTION

The legal relationship between the user and the owner of the Site with reference to access and use of the Site (and related resources) is governed by Swiss material law, excluding the rules of private international law.

The parties choose the District Court of Lugano (TI) as the exclusive competent Court in the event of a dispute arising or simply connected with the use of the Site. The owner of the Site reserves the right to bring proceedings before the competent court at the seat, branch or domicile of the user.

Effective date: 29 November 2021