General privacy policy

With this Privacy Policy, we, FERI (Schweiz) AG (hereinafter: the Company), describe how the Company collects and processes personal data. This Privacy Policy is not necessarily a comprehensive description of data processing. It is possible that other privacy statements or general terms and conditions, conditions of participation or similar documents may apply to certain circumstances.

In this Privacy Policy, the term "personal data" means any information that identifies an identified or identifiable natural person (data subject) or could reasonably be used to identify a natural person.

If you provide the Company with personal data of other persons (e.g. family members, work colleagues), please ensure that the persons concerned are aware of this Privacy Policy and that you only provide the Company with their data if you are authorized to do so and this personal data is correct.

This Privacy Policy complies with applicable law, in particular the Swiss Data Protection Act (hereinafter "DPA") and, where applicable, the European General Data Protection Regulation (hereinafter "GDPR"). However, the application of these laws depends on the individual case.

A. Data controller

The "controller" of the data processing as described in this Privacy Policy is

FERI (Schweiz) AG 
Tödistrasse 48 
8002 Zurich 
datenschutz@feri.ch 
www.feri.ch 

If you have any questions about the processing of your personal data or other data protection concerns, you can contact the company using these contact details.

B. Purpose of data processing and legal basis

The Company uses the collected data primarily to conclude and fulfill contracts with customers and business partners, in particular in connection with the provision of financial services and the purchase of products and services from suppliers and subcontractors, as well as to fulfill domestic and foreign legal obligations.

In addition, the company may, in accordance with applicable law and where appropriate, process personal data for the following purposes, which are in the interest of the company (or, where applicable, in the legitimate interest of a third party), such as 

• Providing and developing products, providing our services to you, operating our website, using software/apps in our business operations;
• Communication with third parties and processing their inquiries (e.g. job applications, media inquiries);
• Advertising and marketing (including the organization of events), provided that you have not objected to the use of your data for this purpose (if you are part of the customer base and receive advertising, you can object at any time and the company will put you on a blacklist against further advertising mailings);
• Assertion of legal claims and defense in legal disputes and official proceedings;
• Prevention and investigation of criminal offenses and other misconduct;
• Ensuring operations, including IT systems, websites, apps and other applications;
• Measures for IT, building and asset security and protection of employees and other persons and assets belonging to or entrusted to the company (e.g. access controls, visitor lists, network and mail scanners, telephone recordings);
• Acquisition and disposal of business divisions, companies or parts of companies and other corporate transactions and the associated transfer of personal data as well as measures for corporate governance and compliance with legal and regulatory obligations and the company's internal regulations;
• regulatory audits

If you have given the company your consent to process your personal data for certain purposes (e.g. when registering to receive newsletters), the company will process your personal data within the scope of and on the basis of this consent, unless the company has another legal basis, if the company requires one. Consent that has been given can be withdrawn at any time, but this does not affect the data processed prior to the withdrawal.

C. Collection and processing of personal data

The Company primarily processes personal data that the Company receives from customers and other business partners as well as from other persons in the course of its business relationships with them or that the Company collects from users when operating the website.

Insofar as the company is permitted to do so, it obtains certain personal data from publicly accessible sources (e.g. debtor register, land register, commercial register, press, Internet) or the company receives such information from affiliated companies of FERI (Schweiz) AG, from authorities or other third parties (e.g. sales partners, custodian banks). Apart from the data that you have provided directly to the company, the categories of data that the company may receive about you from third parties include information from public registers, data that the company may receive in connection with administrative or court proceedings, information in connection with your professional role and activities (e.g. for the conclusion and execution of contracts with your employer), information about you in correspondence and in discussions with third parties, information about you that the company receives from persons associated with you (family members, advisors, legal representatives, etc.) for the conclusion or execution of contracts. ) for the conclusion or execution of contracts with you or with your cooperation (e.g. powers of attorney), information on legal regulations such as anti-money laundering, bank details, information about you that can be found in the media or on the Internet (if specified in individual cases, e.g. in connection with job applications, media reports, marketing/sales, etc.), your address and any interests you may have. ), your address and any interests and other socio-demographic data (for marketing purposes), data in connection with your use of the website (e.g. IP address, MAC address of your smartphone or computer, information about your device and your settings, cookies, date and time of your visit, pages and content accessed, applications used, referring website, localization data). You can find the cookie policy here.

The company processes and stores your personal data for the entire duration of the business relationship, unless there are shorter mandatory deletion obligations for certain data. Data may be stored beyond this if this is provided for by applicable law. If your data is no longer required for the fulfilment of contractual or legal obligations or for the protection of legitimate interests (achievement of purpose) or if a given consent is revoked, it will be deleted or anonymized as far as possible.

D. Disclosure of data to third parties

As part of its business activities and in accordance with the aforementioned purposes of data processing, the Company may transfer data to third parties insofar as such a transfer is permitted and the Company deems it appropriate so that they can process the data for the Company or, if applicable, for their own purposes.

E. Duration of data storage

Your data, which also includes personal data, will only be processed and stored for as long as is necessary to fulfill contractual and legal obligations or the purposes otherwise pursued with the processing, i.e. for the duration of the entire business relationship, if applicable, and beyond that due to statutory retention and documentation obligations. It is possible that personal data may be stored for the period during which claims can be asserted against the company and insofar as the company is otherwise legally obliged to do so or if legitimate business interests require this (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the aforementioned purposes, it will be deleted or anonymized, insofar as this is possible. Shorter retention periods apply to operational data (e.g. system protocols, logs).

F. Data security

The Company has taken appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse. These measures include issuing instructions, training, IT and network security solutions, access controls and restrictions, encryption of passwords, data storage and transmission, pseudonymization and controls.

The company cannot guarantee the security of data transmission on the Internet. In particular, there is a certain risk of access by third parties when data is transmitted by e-mail.

G. Your rights

In accordance with applicable law, you have the right to access, rectify and erase your personal data, the right to restrict processing or to object to data processing, in particular for the purposes of direct marketing, profiling and other legitimate interests in processing, as well as the right to receive certain personal data for transmission to another controller (data portability). Please note, however, that the Company reserves the right to assert legal restrictions, e.g. if the Company is obliged to store or process certain data, has an overriding interest (insofar as the Company can invoke such interests) or requires the data to assert claims.

The company has already informed you of the possibility of objecting to/revoking your consent at any time. Please also note that exercising these rights may conflict with your contractual obligations and this may have consequences such as premature termination of the contract and may incur costs. Should this be the case, the company will inform you in advance, unless this has already been contractually agreed. 

In general, the exercise of these rights requires that you can prove your identity (e.g. by providing a copy of identification documents if your identity is not otherwise apparent or cannot be verified in any other way). To exercise these rights, please contact the Company using the details provided above.

In addition, every data subject has the right to assert their rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch/edoeb/en/home.html). 

H. Changes to this Privacy Policy

The Company may amend this Privacy Policy at any time without prior notice. The current version published on the website shall apply. If the Privacy Policy is part of an agreement with you, the Company will notify you by e-mail or other appropriate means in the event of a change.