Data protection

1. person responsible and content of this privacy policy
2. data collection, storage, security and disclosure
3. your rights
4. which data we process
5. how we process data
6. final provisions
7. glossary

1. person responsible and content of this privacy policy

line_all_color
We are Lederer & Partner AG and operate the website www.ledererpartner.com. We are responsible for the collection, processing and use of your Personal Data, which is disclosed when you visit our website, use our services or products, as part of a contract or otherwise. To ensure that the processing of your data is comprehensible for you as the data subject, we provide you with an overview of our handling of data in this privacy policy. We also inform you about your rights as a data subject under the Swiss Federal Act on Data Protection (FADP) and, where applicable, under the European General Data Protection Regulation (GDPR). We ensure that the processing of Personal Data is compatible with the applicable data protection law and that your data is protected.

 1.1 Contact
 We are responsible for our data processing. For questions, suggestions and further information or to assert your rights, please contact us at Lederer & Partner AG Aeschengraben 20 CH-4051 Basel info@ledererpartner.com


1.2 Legal basis We process Personal Data in accordance with the applicable law, in particular the Swiss Federal Data Protection Act (FADP) and the Data Protection Ordinance (DPO). Insofar as the General Data Protection Regulation (GDPR) of the European Union (EU) is applicable, we process Personal Data only based on Art. 6 para. 1 GDPR. However, whether and to what extent these laws are applicable depends on the individual case.

2. data collection, storage, security and disclosure

line_all_color
2.1 Data collection We primarily process personal data that is required to ensure that our services are permanent, secure and reliable. We need these above all

  • for processing and managing contractual relationships with customers, employees, applicants, suppliers, etc,
  • to provide, maintain, protect and optimize the services and information we offer;
  • for communication and maintaining contacts;
  • for administrative purposes;
  • to offer new services and information and, based on the profile, to suggest customized services and information that may be of interest;
  • for marketing purposes and relationship management;
  • for market research, to improve our services and operations and for product development;
  • for security purposes, for access control;
  • to comply with laws, directives and recommendations from authorities and internal rules (compliance);
  • for our risk management and in the context of prudent corporate governance, including business organization and corporate development, or
  • for other lawful purposes, if this processing is evident from the circumstances or was indicated at the time of collection.
On our website, we process personal data in particular in order to
  • to enable the display, operation and functionality of the portal;
  • ensure the stability and security of the system;
  • to offer the best possible user experience;
  • to improve and protect our services and
  • for statistical purposes in the event of attacks on the network infrastructure on which the website is made available.
We provide prior notification of our data collection if it is not clearly recognizable due to the circumstances or required by law. If we intend to continue processing the personal data for purposes other than those originally specified, we will inform you in advance of the new purposes plus all other relevant information and, if necessary, obtain your consent. If the GDPR is applicable, we process personal data with your consent; for the performance of a contract to which you are a party or at your request for the implementation of pre-contractual measures; to comply with a legal obligation or if the processing is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests or fundamental rights and freedoms, which require the protection of personal data, prevail (Art. 6 para. 1 GDPR). 2.2 Storage We only store personal data for as long as is necessary for the purpose for which it was collected. Longer storage is necessary to fulfill legal obligations (in particular commercial or tax regulations such as retention and documentation obligations), to fulfill contractual or pre-contractual obligations or to fulfill our legitimate business interests. The data will be deleted or anonymized as soon as there are no longer any legal or contractual retention obligations. 2.3 Data security We design our data processing in such a way that we can guarantee data security appropriate to the risk. Together with our hosting providers, we endeavor to protect the databases as well as possible against unauthorized access, loss, misuse or falsification. We take appropriate technical and organizational measures to protect the confidentiality, integrity and availability of personal data, in particular to protect the data against unauthorized or unlawful processing and to counteract the risks of loss, unintentional modification, unwanted disclosure or unauthorized access. Our security measures are adapted to technical developments. Nevertheless, we cannot guarantee absolute data security. We can only secure areas that we control ourselves. Security gaps can generally never be completely ruled out and residual risks are unavoidable. 2.3.1 SSL/TLS encryption This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. 2.4 Disclosure of Personal Data In order to provide our services in the best possible way, we require the support of other companies or so-called third parties. In order to be able to use their services, it is also necessary to disclose personal data to a certain extent. Disclosure to third parties only takes place if it is necessary in the context of an order. Third parties are in particular
  • Specialized providers whose services we use, such as hosting, maintenance and support of IT systems, marketing measures or file and data destruction
  • Mail order companies and delivery services, banks, insurance companies, etc.
  • Contractual partners with whom we cooperate and customers of ours, because this data transfer results from these contracts
  • authorities in Switzerland and abroad if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The authorities process data about you that they receive from us on their own responsibility.
  • other persons, where the inclusion of third parties arises from the purpose.
The third parties commissioned by us are obliged to comply with data protection and to process the data only for the purpose specified by us. These recipients may in turn refer to third parties, so that your data may also become accessible to them. We can restrict the processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities, banks, etc.). 2.5 Data disclosure abroad In principle, we process personal data in Switzerland and the European Economic Area (EEA). However, we may also transfer personal data to other countries, provided that the law there guarantees adequate data protection. This is mainly done for processing by third parties. We only transfer data to countries whose laws do not guarantee adequate data protection if data protection is guaranteed for other reasons, in particular through suitable guarantees in the form of standard data protection clauses. Exceptionally, we may export personal data to countries without adequate or appropriate data protection if the special data protection requirements are met, such as the express consent of the data subjects.

3. your rights

line_all_color
If the legal requirements are met, you can assert the following rights as a person affected by our data processing. 3.1 Right of Access You have the right to request information from us at any time and free of charge as to whether and what personal data about you is being processed. 3.2 Right to rectification and completion You have the right to demand the immediate correction or completion of Personal Data concerning you if it proves to be incorrect, unless this is impossible or involves disproportionate effort. 3.3 Right to erasure You can request the deletion of your data if the conditions are met. The right to erasure may be excluded, particularly in the case of statutory retention obligations. 3.4 Right of objection You have the right to object to the processing of your Personal Data for legitimate reasons, particularly for data processing in direct advertising (e.g. email or newsletter). 3.5 Right to restriction of processing You have the right to request the restriction of processing if the conditions are met. 3.6 Right to data Portability You have the right to receive the Personal Data concerning you, which you have provided to us, in a readable format and to transmit those data to another controller. 3.7 Right to withdraw consent You have the right to withdraw your consent at any time. The withdrawal of consent has no retroactive effect, which means that processing based on your consent in the past does not become unlawful by the withdrawal. 3.8 Right of appeal You also have the right to lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC). 3.9 How you can assert your rights Your request must be submitted to us in writing. It will be processed within 30 days of receipt. We will provide information in writing. Verbal information is possible if you agree. With our consent, your data can be inspected on site. If the provision of information involves a disproportionate effort, we may require the person concerned to make a reasonable contribution to the costs. 3.10 Right not to be the subject of an automated decision in individual cases You also have the right not to be subject to a decision based solely on automated processing (including profiling) if this produces legal effects concerning you or significantly affects you in a similar way. This means that the decision is made on base of automated machine processing without the involvement of a natural person, such as in the case of automatic rejection in the online application process. An exception, in which such a procedure is permissible, only exists in the following cases:
  • Such a decision is necessary for the conclusion of a contract;
  • this is permitted under applicable law; or
  • with your express consent.
In this case, we will take appropriate measures to safeguard your rights and freedoms and legitimate interests and give you the opportunity to contest the decision and present your point of view to a natural person.

4. which data we process

line_all_color
We primarily process Personal Data to ensure the permanent, secure and reliable provision of our services. We primarly process Data for contractual services, billing and customer service. The data is either automatically collected or directly from you. We may also process Personal Data received from third parties, obtained from publicly accessible sources or collected in the course of our activities and operations. 4.1 General contact and master data Contact and master data are needed to process our business relationships or for marketing and advertising purposes. We collect specifically data depending on the processing purpose. Master data may include
  • Name, address, e-mail address, telephone number and other contact details, gender, date of birth, nationality, title, AHV number, details of associated persons, websites, social media profiles, photos and videos, copies of ID cards
  • For companies: Company name, registered office, contact details, legal form, founding documents, branches, details of share capital, auditors, details of shareholders and managing directors, etc.
  • Payment information with bank details, account number and credit card details,
  • Consent or blocking notices
  • Information about third parties, e.g. contact persons, recipients of services, advertising recipients or representatives
We store this data for 10 years from the last exchange, but at least from the end of the contract. This period may be longer for reasons of proof or to comply with legal or contractual requirements or for technical reasons. 4.2 Data for processing the mandate For the provision and administration of our projects and for communication with our clients, we process:
  • General contact and master data (see above)
  • Financial data
  • Personal data with social data
  • Project data
The data is mainly processed in project management services relating to our customers. However, it may also concern third parties, such as employees, contact persons or persons with contractual relationships with our customers. Our customers can therefore refer to this data protection declaration, but must also take measures themselves to comply with the provisions on data protection. 4.3 Application data With an application for a position ot with a spontaneous application, you provide us with Personal Data. The following data will be stored for the purpose of processing your application:
  • Name and contact details
  • Curriculum vitae
  • Application materials such as letters of motivation, professional, training and further education certificates and job references
The application-related data will only be processed as part of your application. Under no circumstances will your application-related data be passed on to companies or persons outside our company or used for other purposes. 4.4 Contract data We generally collect data arising with the conclusion or execution of a contract. This data is collected from the data subject themselves, from contractual partners, from third parties involved in the execution of the contract, but also from third-party sources (e.g. providers of credit worthiness data) and from publicly accessible sources. Contract Data may include
  • Information about the conclusion of the contract, about the contracts, e.g. type and date of conclusion of the contract, information from the application process and information about the contract in question and the processing and administration of the contracts.
  • Information on defects, complaints and adjustments to a contract, as well as information on customer satisfaction, which we can collect by means of surveys, for example.
  • Financial data such as information on creditworthiness (i.e. information that allows conclusions to be drawn about the likelihood that claims will be settled), on reminders and on debt collection. We receive some of this data from the data subject themselves (e.g. when you make payments), but also from credit agencies and debt collection agencies and from publicly accessible sources (e.g. a commercial register).
We store this data for 10 years from the last contractual activity, but at least from the end of the contract. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or for technical reasons. 4.5 Communication data We collect contact details and the marginal data of communication exchanged by the parties by contact form, email, phone or chat, by mail, in person or other means of communication. We collect identification data to establish an identity or collect identification data (such as a copy of an ID card). Communication Data may include
  • Name and contact details
  • The manner, place and time of communication
  • Content of e-mails, letters, etc.
  • ID number or password in the case of identification
This data may also contain information about third parties. Emails in personal mailboxes and written correspondence are generally stored for at least 10 years. 4.6 Registration data Certain offers and services can only be used with a user account or registration, made directly with us or our external login service providers. This allows us to collect data on the use of the offer or service. Registration data may also be collected by access controls to certain facilities, including biometric data depending on the control system. Registration Data may include
  • the information provided when an account is created on our website (such as user name, password, name, e-mail) and
  • Data that we may require before certain services can be used, such as our WLAN service; the redemption of vouchers or subscription to our newsletter.
  • Access codes in badges and biometric data for access control, among other things
The retention period of this data depends on the purpose and is limited to what is necessary. 4.7 Behavioral and preference data We collect and use behavioural and preference data to tailor our products, services and offers. We collect this data by evaluating information about behaviour in our area and we may supplement this information with information from third parties and publicly available sources.
  • Behavioural Data is information about certain actions, e.g. about the reaction to electronic messages (e.g. whether and when an email was opened) or about the location as well as about the interaction with our social media profiles and about participation in competitions, contests and similar events.
  • • Preference Data provides us with information about needs, products or services that might meet with interest or when and how people are likely to respond to messages from us. We obtain this information from the analysis of existing data, such as behavioural data, to get to know the user, tailor our advice and offers more precisely and generally improve our offers. To improve the quality of our analyses, we link this data with data that we obtain from third parties such as address dealers, government agencies and publicly accessible sources such as the Internet, e.g. with information on your household size, income bracket and purchasing power, shopping behaviour and contact details of relatives and anonymous information from statistical offices.
We indicate the collection of anonymous movement profiles at the relevant locations by means of appropriate signs; a personalized movement profile is only created with consent. We anonymize or delete this data if it is no longer meaningful for the purposes pursued or if it is no longer required for reasons of proof or to comply with legal or contractual requirements or for technical reasons. 4.8 Other data We collect other data, e.g. in connection with official or legal proceedings, or for reasons of health protection (e.g. as part of protection concepts). We may receive or produce photos, videos and sound recordings in which the user may be recognizable (e.g. at events, through security cameras, etc.). We may also collect data about who enters certain buildings or has access rights to them and when (including during access controls, based on registration data or visitor lists, etc.), who takes part in events or campaigns (e.g. competitions) and when, or who uses our infrastructure and systems. Finally, we collect and process data about our shareholders and other investors; in addition to Master Data, this includes information for the relevant registers, regarding the exercise of their rights and the holding of events (e.g. general meetings). The retention period for this data depends on the purpose and is limited to what is necessary.

5. how we process data

line_all_color
Each time you access our website, we automatically collect a range of technical data and information to ensure the functionality and security of these offers and to provide the best possible user experience. We use techniques such as cookies, web beacons and other technologies to collect other types of information that enable us to personalize the user experience, improve the performance, usability and functionality of our online presence and measure the effectiveness of our marketing activities. We also use other techniques to control online advertising on other websites and thereby reduce wastage. We may transmit the email addresses of our users, customers and other persons to whom we wish to display advertising to operators of advertising platforms (e.g. social media). If these people are registered with the same email address (which the advertising platforms determine by means of a comparison), the operators will display the advertising we have placed to these people in a targeted manner. The operators do not receive personal email addresses of people who are not already known. In the case of known email addresses, we learn that these persons are in contact with us and what content they have accessed. Our website also includes third-party offers, particularly from social media providers. These offers are deactivated by default. As soon as they are activated (e.g. by clicking a button), the corresponding providers can determine that the user is on our website. Social media accounts can also be assigned and the use of online services tracked. Social media providers process this data on their own responsibility. We currently use the services of the providers and advertising contract partners listed below. 5.1 Server log files Every time our website is accessed, server log files are automatically collected to ensure the functionality and security of these offers and to provide the best possible user experience. Server log files may include: Date and time with time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including amount of data transferred, last website accessed in the same browser window (referrer) and other similar data and information used for security purposes in the event of attacks on our IT systems. 5.2 Cookies We use cookies on our website. Cookies help us to identify the browser used and to recognize it by our web server. We may use the following cookies:
  • Functional cookies help to improve the presentation, functionality and performance and in particular the user-friendliness of the website. They are used to remember information already provided, such as access data, location or language selection, and offer visitors improved, more personalized functions. These cookies cannot track the user's movements on other websites. If the functional cookies are blocked, the website may not function fully.
  • Performance cookies are used to monitor the level of activity on the website and to improve the performance of the website. They allow us to record and analyze the use of our website (e.g. how a website is used, how visitors arrived at our website, which pages a visitor opens most frequently, how they navigated our website during their visit and whether they receive error messages from a page. The use of performance cookies requires the user's consent. This consent can be revoked at any time in the settings.
  • Marketing cookies are used to accurately target advertising, evaluate the effectiveness of advertising and are used to promote sales. They allow us or our advertising contractors to serve ads on our website or on third party websites with products that the user likes, so that the ads the user sees may be more relevant to the user's preferences or interests. Opting out of these cookies does not mean less advertising, just different advertising.
The approval or rejection of cookies comes up in a notification banner. Functional cookies are not blocked by the selection on the banner. Cookies can be completely or partially deactivated or deleted at any time in the browser settings. If you reject all cookies, you may not be able to use the full range of our website functions. Further information on cookies can be found on the browser help pages and on websites such as www.allaboutcookies.org to find. 5.3 Google 5.3.1 Google Maps We use the Google Maps service on this website. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently. When you visit the website, Google receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in your Google account, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and the needs-based design of its website. Such an evaluation is carried out particulary to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. For more information on the purpose and scope of data collection and it’s processing by Google, as well as further information on your rights in this regard and settings options to protect your privacy, please visit: policies.google.com/privacy. 5.3.2 Google reCAPTCHA We use "Google reCAPTCHA" on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google". The purpose of reCAPTCHA is to check whether the data input on our websites is made by a human or by an automated program. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically with the visit of the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place. Further information on Google reCAPTCHA and Google's privacy policy can be found in the following links: policies.google.com/privacy and policies.google.com/terms. 5.3.3 Google Web Fonts On this website, we use web fonts provided by Google for the uniform display of fonts. Gy accessing this page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font will be used by your computer. You can find more information about Google Web Fonts at developers.google.com/fonts/faq and in Google's privacy policy: policies.google.com/privacy 5.4 LinkedIn 5.4.1 LinkedIn profile LinkedIn Ireland Unlimited Company (Ireland/EU - "LinkedIn"), Wilton Plaza, Wilton Place, Dublin 2, Ireland is the sole controller for the processing of Personal Data when visiting our LinkedIn page. You can find more information at en.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy. 5.4.2 LinkedIn plug-ins The LinkedIn plug-in is used on our website. The data is only sent to the provider when the user activates the plug-ins by clicking on the selected plug-in. The user can therefore choose when to activate them. In this case, LinkedIn can establish a direct connection to the user during your visit to the website, which allows LinkedIn to know the user's visit and to analyse the corresponding information. The further processing of Personal Data is in the responsibility of LinkedIn (Ireland/EU - "LinkedIn") at  en.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy to receive. 5.4.3 LinkedIn Analytics We use LinkedIn marketing services within our online offering. These use cookies, i.e. text files that are stored on your computer. This enables us to analyse your use of the website. For example, we can measure the success of our advertisements and show users products in which they have previously shown an interest. For example, information about the operating system, the browser, the website you previously visited (referrer URL), which websites the user visited, which offers the user clicked on, and the date and time of your visit to our website are recorded. The information generated by the cookie about your use of this website is transmitted in pseudonymized form to a LinkedIn server in the USA and stored there. LinkedIn therefore does not store the name or email address of the respective user. Rather, the above-mentioned data is only assigned to the person for whom the cookie was generated. This does not apply if the user has allowed LinkedIn to process the data without pseudonymization or has a LinkedIn account. You can prevent the storage of cookies by setting your browser software accordingly. In this case you may not be able to use all the functions of this website to their full extent. You can also object to the use of your data directly at LinkedIn: www.linkedin.com/psettings/guest-controls/retargeting-opt-outWe use LinkedIn Analytics to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. All LinkedIn companies have adopted the standard contractual clauses to ensure that the data traffic to the USA and Singapore necessary for the development, implementation and maintenance of the services takes place in a lawful manner. Information from the third-party provider: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2 Ireland; en.linkedin.com/legal/privacy-policy.

6. final provisions

line_all_color
6.1 Copyrights The copyright and all other rights to content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. The written consent of the copyright holder must be obtained in advance for the reproduction of all files. Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and may be liable for damages. 6.2 General exclusion of liability All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and topicality of information, even of a journalistic or editorial nature. Liability claims arising from material or immaterial damage caused by using the information provided are excluded, unless there is evidence of wilful intent or gross negligence. We may change or delete texts at our own discretion and without prior notice and are not obliged to update the content of this website. Use of or access to this website is at your own risk. We are not responsible for damages, such as direct, indirect, accidental, pre-determined or consequential damages, which are allegedly caused by visiting this website and therefore accept no liability for them. We also accept no responsibility or liability for the content and availability of third-party websites that can be accessed by external links on this website. The operators of the linked pages are solely responsible for their content. We expressly distance ourselves from all third-party content that may be relevant under criminal or liability law or offend common decency. 6.3 German Version In the event of any conflict or difference in interpretation between the different language versions of this privacy policy, the German version shall prevail. 6.4 Changes We may amend this privacy policy at any time without prior notice. The current version published on our website shall apply. If the privacy policy is part of an agreement with you, you will be informed of the change by e-mail or other suitable means in the event of an update. Last update: November 2024

7. glossary

line_all_color
Personal Data means any information relating to an identified or identifiable natural person Data Subject means a natural person whose personal data is processed Sensitive personal data means
  • Data on religious, ideological, political or trade union views or activities,
  • Data relating to health, privacy or racial or ethnic origin,
  • genetic data,
  • biometric data that uniquely identifies a natural person,
  • data relating to administrative and criminal proceedings or sanctions,data relating to social assistance measures;
  • Data on social assistance measures;
  • data relating to administrative and criminal proceedings or sanctions,data relating to social assistance measures;
Processing A data subject is any natural person about whom personal data is processed. Disclosure means transmitting personal data or making such data accessible; Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements; High risk profiling means profiling that poses a high risk to the data subject's personality or fundamental rights by matching data that allow an assessment to be made of essential aspects of the personality of a natural person; Breach of data security means a breach of security that leads to the accidental or unlawful loss, deletion, destruction or modification or unauthorised disclosure or access to personal data; Controller means a private person who or federal body which, alone or jointly with others, determines the purpose and the means of processing personal data; Processor means a private person or federal body that processes personal data on behalf of the controller. Person responsible Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
WordPress Cookie Notice by Real Cookie Banner