1. GENERAL NOTES
This data protection declaration explains how and for what purpose we, Thommen Law & Risk Management GmbH, collect and process personal data. Personal data is any information that relates to an identified or identifiable person. You will also be informed about your rights.
This data protection declaration is based on the EU General Data Protection Regulation (GDPR). Although the GDPR is an EU regulation, it is relevant in this case because the Swiss Data Protection Act (DPA) is closely based on it. In addition, certain companies outside the EU are subject to the GDPR under certain circumstances. This privacy statement is therefore based on their standards.
1.2 Use of this website
We treat personal data confidentially and in accordance with the statutory data protection regulations.
By using our website and its links, you consent to the collection, processing and use of data in accordance with the provisions below. If you do not agree with the following provisions, please leave or refrain from accessing our website.
If you are redirected to other sites via links on our website, please inform yourself there about the respective handling of your data. We have no influence on these websites and accordingly assume no responsibility for their accuracy, completeness or legality.
2. CONTACT PERSON FOR ENQUIRIES REGARDING DATA PROTECTION LAW
If you have a data protection concern arising out of or in connection with the use of this website and/or this privacy statement, you can contact us at the following address:
Thommen Law & Risk Management GmbH
D4 Business Village Lucerne, Square 10
CH-6039 Root D4
3. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
4. SCOPE OF THE PROCESSING OF PERSONAL DATA
As a matter of principle, we only collect and process personal data that we receive from customers and other business partners as well as other persons involved in our business relationships with them in accordance with this section 4 and section 5 or that we collect from their users when operating our website and other applications.
4.1 SSL/TLS encryption
For security reasons and to protect the transmission of confidential content, our website uses SSL/TLS encryption. This prevents third parties from reading the data you transmit to us, namely enquiries via the contact form.
4.2 Data collection when visiting our website
Our website can be visited without registration. In particular, the following information may be registered in a file (log file) on our provider’s server:
- IP address
- Date and time of access
- Name of the called file
- Access status (OK, partial content, document not found, etc.)
- Page from which the access was made
- Web browser used
- Operating system used
The collection of this data is technically necessary to ensure the stability, security and comfortable use of our website. The data collected is not personalised, but is evaluated exclusively for internal statistical purposes in order to make our website even more user-friendly.
4.4 Google Maps
4.5 Google reCAPTCHA
4.6 Contact form and e-mail
If you contact us via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
If you contact us by email, please note that unencrypted communication via email is neither secure nor confidential. E-mails may be intercepted, modified or deleted, lost, arrive late or incomplete and contain viruses. We expressly exclude liability for this.
4.7 Contract initiation and execution
Your personal data, such as title, name, address, e-mail address and telephone number, will be collected and processed to the extent necessary for the establishment, content or amendment of the contractual relationship with you as a customer, supplier, subcontractor or other third party involved and for the performance of the contract.
We do not pass on your personal data to third parties outside the processing of the contract without your express consent or on a legal basis. Section 5 provides more details on this.
5. DISCLOSURE OF DATA TO THIRD PARTIES AND TRANSMISSION ABROAD
To the extent permitted by law, we also disclose your data to third parties in the course of our business activities and for the purposes listed in section 4, either because they process it for us or because they need it to provide their services to us. The following recipients are considered third parties in this sense:
- Service providers and subcontractors of ours, i.e. external partners such as lawyers, notaries, trustees, including order processors such as IT hosters or IT consultants.
- dealers, suppliers and other business partners. This does not apply to customers as data subjects.
- domestic and foreign authorities, offices or courts in the case of legal obligation, necessity for the execution of the contract or to protect our own interests
- in the event of legal obligation or necessity for the performance of the contract to other parties in possible or actual non-contentious or contentious matters.
- Parties interested in acquiring or acquiring Thommen Law & Risk Management GmbH
The third parties listed above are located in Switzerland and partly abroad. Should data be transferred to a country without adequate data protection, we will only transfer your data after an appropriate risk analysis and on the basis of so-called standard contractual clauses of the European Commission, model contracts of the Swiss Federal Data Protection and Information Commissioner, Binding Corporate Rules for an adequate level of protection or on the basis of the statutory exceptional circumstances of consent, contract performance, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the data subjects.
6. STORAGE PERIOD AND DELETION OF DATA
- information about the collected data
- correction of inaccurate data
- deletion of the data stored with us
- restriction of processing
- objection to the processing
All requests in connection with this clause must be addressed in writing to the person responsible in accordance with clause 2 of this data protection declaration.
8. OBJECTION TO ADVERTISING
We hereby object to the use of contact data published within the scope of the imprint obligation to send advertising and information material that has not been expressly requested. In the event of the unsolicited sending of advertising information, for example by spam e-mails, we expressly reserve the right to take legal action.
Root D4, 6 July 2023