This data protection declaration explains how we process personal data.
“Personal data“ means all details related to a specific or identifiable natural or legal person. „Processing“ means all ways of dealing with personal data, irrespective of the means and procedures used, in particular procuring, storing, using, revising, disclosing, archiving and destroying of personal data.
In connection with specific kinds of data processing, e.g. the entry into contracts, additional provisions might apply. Such provisions are available in the respective contracts.
We undertake to protect your privacy in accordance with the applicable laws, especially the code of conduct and data protection law. For this reason, we take a number of precautions, such as implementing technical and organisational security measures (e.g. access restrictions, firewalls, personal passwords such as encryption and authentication technologies, staff training).
We can process the following categories of personal data while limiting the processing to the necessary minimum.
Client data such as:
Data of interested parties and visitors (i.e. our visitors or visitors of our website) such as:
Supplier data such as:
For the purposes of section 5, we can collect personal data from the following sources:
We can process personal data for the provision of own services and for own or legally prescribed purposes. In particular, the purposes of our data processing are the following:
We may disclose client data to the following third parties in the following cases:
In particular in connection with certain products or services, personal data must also be disclosed to third parties domiciled in countries which do not have an appropriate level of data protection (e.g. the United States). If data has to be transferred to such a country, we will take measures for a continuous appropriate protection of personal data.
We are outsourcing certain business units and services, wholly or partially, to third parties, in particular to Aquila AG (such as legal and compliance, accounting, CRM system, IT).
We carefully select any contractors who process personal data on our behalf. Where possible, we use service providers domiciled in Switzerland. The service providers might be entitled to outsource certain services to other third parties.
The services providers are only permitted to process the data received to the extent that we do ourselves. Additionally, they are contractually required to guarantee confidentiality and the security of personal data.
We reserve the right to process client data in the future in an automated manner, in particular to identify significant personal characteristics of the clients, to predict developments and to create client profiles.
This is used, in particular, to review and develop our offering and to improve our services.
Client profiles may, in the future, also lead to automated individual decisions (e.g. automated receipt and execution of client orders in our CRM system).
We ensure that a suitable contact person is available to the client if the client wishes to express a view on any automated individual decision where such opportunity to express a view is required by law.
The duration of storage for personal data depends on the purpose of the data processing and/or statutory storage provisions (depending on the applicable legal basis, five, ten or more years).
You can ask us whether personal data about you is being processed. You have the right to object to the data processing, the right to restriction of processing, and, if applicable, the right to data portability. You also have the right of rectification and, provided that there are no compelling statutory or regulatory requirements (such as storage provisions) or technical barriers, the right to erasure. The erasure of your personal data may lead to the result that we cannot provide certain services any longer. Furthermore, if applicable, there is also a right to lodge a complaint with an appropriate data privacy supervisory authority. Where we process personal data based on your granted consent, you may revoke your consent at any time.
To help us reply to your request, please send us a clear message. We will examine your issue and reply in good time.
We are responsible for the processing of personal data. If you have any questions relating to data protection, please contact the following address:
Toledo Capital AG