Ramus & Company Data Protection Statement
Version effective as of February 5, 2019
With this Data Protection Statement we, Ramus & Company AG (hereinafter R&Co, we or us), describe how we collect and further process personal data. This Data Protection Statement is not necessarily a comprehensive description of our data processing. It is possible that other data protection statements or General Terms and Conditions, Conditions of Participation or similar documents are applicable to specific circumstances.
The term “personal data” in this Data Protection Statement to shall mean any information that identifies, or could reasonably be used to identify any person.
If you provide us with personal data of other persons (such as work colleagues), please make sure the respective persons are aware of this Data Protection Statement and only provide us with their data if you are allowed to do so and such personal data is correct.
This Data Protection Statement is in line with the EU General Data Protection Regulation (GDPR). Although the GDPR is a regulation of the European Union (EU), it may be relevant for us. The Swiss data protection legislation (FADP) is heavily influenced by the law of the European Union. In addition, companies outside of the European Union or the European Economic Area (EEA) must comply with the GDPR in certain cases.
1. Controller / Data Protection Officer / Representative
The “controller” of data processing as described in this data protection statement (i.e. the responsible person) is Ramus & Company AG, unless we have informed you differently in certain cases. You can notify us of any data protection related concerns using the following contact details: Dufourstrasse 101, 8008 Zürich, Switzerland, Tel: +41 44 344 11 22, firstname.lastname@example.org
2. Collection and Processing of Personal Data
We primarily process personal data that we obtain from our clients and other business partners as well as other individuals in the context of our business relationships with them or that we collect from users when operating our websites, apps and other applications.
Insofar as it is permitted to us, we obtain certain personal data from publicly accessible sources (e.g.commercial registers, press, internet) or we may receive such information from our clients and their employees, from authorities or other third parties. Apart from data you provided to us directly, the categories of data we receive about you from third parties include, but are not limited to, information from public registers, information about you found in the media or internet (insofar as indicated in the specific case, e.g. in connection with job applications, media reviews, marketing/sales, etc.), your address and any interests and other socio-demographic data (for marketing purposes), data in connection with your use of our websites (e.g., IP address, MAC address of your smartphone or computers, information regarding your device and settings, cookies, date and time of your visit, sites and content retrieved, applications used, referring website, localization data).
3. Purpose of Data Processing and Legal Grounds
We primarily use collected data in order to conclude and process contracts with our clients and business partners, in particular in connection with providing consulting and advisory services to our clients.
We use personal information in the maintenance of our relationship with you and for communication purposes, including sending newsletters, invitations to events, presentations and managing our contact list. We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise the purposes pursued with the processing. We do not sell your personal data and do not pass them on to third parties in any other way. Nevertheless, certain of our domestic and foreign partners and service providers, in particular for the operation, maintenance and servicing of our IT systems, may have access to certain personal data.
4. Cookies / Tracking and Other Techniques Regarding the Use of our Website
We may use Google Analytics or similar services on our website. These are services provided by third parties, which may be located in any country worldwide (in the case of Google Analytics Google LLC is in the U.S., www.google.com) and which allow us to measure and evaluate the use of our website (on an anonymized basis). For this purpose, permanent cookies are used, which are set by the service provider. The service provider does not receive (and does not retain) any personal data from us, but the service provider may track your use of the website, combine this information with data from other websites you have visited and which are also tracked by the respective service provider and may use this information for its own purposes (e.g. to controlling of advertisements). If you have registered with the service provider, the service provider will also know your identity. In this case, the processing of your personal data by the service provider will be conducted in accordance with its data protection regulations. The service provider only provides us with data on the use of the respective website (but not any personal information of you).
5. Datatransfer and Transfer of Data Abroad
In the context of our business activities and in line with the purposes of the data processing set out in Section 3, we may transfer data to third parties, insofar as such a transfer is permitted and we deem it appropriate, in order for them to process data for us or, as the case may be, their own purposes. In particular, the following categories of recipients may be concerned:
- other members (mainly in the context of the same transaction or business opportunity);
- credit reference agents;
- regulatory authorities;
- law enforcement agencies in connection with any investigation to help prevent unlawful activity; and/or
- in the context of the possible sale or restructuring of our members’ business.
All our third-party service providers are required to take appropriate security measures to protect your personal information.
6. Retention Periods for your Personal Data
We process and retain your personal data as long as required for the performance of our contractual obligation and compliance with legal obligations or other purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, during the performance of the contract until it is terminated) as well as beyond this duration in accordance with legal retention and documentation obligations.
Personal data may be retained for the period during which claims can be asserted against our company or insofar as we are otherwise legally obliged to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymized, to the extent possible. In general, shorter retention periods of no more than twelve months apply for operational data (e.g., system logs).
7. Data Security
We have taken appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse such as IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions.
8. Obligation to Provide Personal Data To Us
In the context of our business relationship you must provide us with any personal data that is necessary for the conclusion and performance of a business relationship and the performance of our contractual obligations (as a rule, there is no statutory requirement to provide us with data). Without this information, we will usually not be able to enter into or carry out a contract with you (or the entity or person you represent). In addition, the website cannot be used unless certain information is disclosed to enable data traffic (e.g. IP address).
9. Your Rights
In accordance with and as far as provided by applicable law (as is the case where the GDPR is applicable), you have the right to access, rectification and erasure of your personal data, the right to restriction of processing or to object to our data processing in addition to right to receive certain personal data for transfer to another controller (data portability). Please note, however, that we reserve the right to enforce statutory restrictions on our part, for example if we are obliged to retain or process certain data, have an overriding interest (insofar as we may invoke such interests). Please further note that the exercise of these rights may be in conflict with your contractual obligations and this may result in consequences such as premature contract termination or involve costs. If this is the case, we will inform you in advance unless it has already been contractually agreed upon.
In general, exercising these rights requires that you are able to prove your identity (e.g., by a copy of identification documents where your identity is not evident otherwise or can be verified in another way). In order to assert these rights, please contact us at the addresses provided in Section 1 above.
In addition, every data subject has the right to enforce his/her rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
10. Amendments of this Data Protection Statement
We may amend this Data Protection Statement at any time without prior notice. The current version published on our website shall apply. If the Data Protection Statement is part of an agreement with you, we will notify you by e-mail or other appropriate means in case of an amendment.
This declaration has been used, adapted and published free of charge under the Creative Commons licence by means of http://dsat.ch/kontakt/, insofar as it is protected by copyright.