Privacy Policy

Scope

Data protection, data security and the responsible handling of personal data are important to Martinez Lopez - IT Consulting, Schweighofweg 16, 6010, Switzerland (“Martinez Lopez - IT Consulting”, “we”, “us”). In most cases, the provisions of the Swiss Federal Act on Data Protection (FADP) and the corresponding Ordinance (OFADP) apply to our processing of personal data. Some occasional processing can also be directly subject to the provisions of the EU’s General Data Protection Regulation (GDPR).

In this privacy policy, we describe how we collect and process personal data (information that relates to a person and identifies this person directly or indirectly) if you visit our website, use our applications, comment on our blog entries, enter into contracts with us or utilize our services or have anything else to do with us.

In some cases, in particular in connection with our services, we process personal data on behalf of our customers. In this context, we are exclusively considered the processor; our customers are responsible for the lawful data processing. If you have any questions about the processing of your data or would like to assert your data protection rights, please contact our customers or consult their privacy policies.

The categories of data we process

We process various categories of your personal data. The most important categories are as follows:

Master data: This includes basic details such as your name, contact details, personal details, customer history, declarations of consent, your relationship to us (e.g. customer, supplier, partner) as well as information about third parties (e.g. contact persons).

Contractual data: This is data which we collect in the course of providing our services as well as in general for the conclusion or the execution of contracts (both with customers, suppliers, service providers, partners, etc.), such as contractual services we owe you or you owe us, data concerning the provision of services, data from before concluding the contract (e.g. references), information about reactions (e.g. information about satisfaction) and financial data (e.g. payment information but also data about creditworthiness).

Communication data: This is data that we collect when we communicate with you or with third parties (e.g. by e-mail, telephone, mail or via other means of communication), such as content of e-mails or letters or your comments on our blog entries, your contact details as well as marginal data from communication. This also includes audio recordings from telephone calls.

Registration data: This is data that we collect in the context of a registration (e.g. online, newsletter), of competitions or when redeeming vouchers, or which you provide to us (e.g. user name, e-mail). This also includes access details in the context of admission controls.

Technical data: This is data that we collect when you use our electronic resources (e.g. website), such as IP address, information about the operating system of your end device, the region and the time of use. In general, technical data does not allow any conclusions to be drawn about your identity.

Behavior and preference data: This is data about your behavior and your preferences, such as responses to electronic messages, navigation on the website, interactions with our social media profiles, participation in competitions or events, etc.), potentially supplemented by information from third parties (including from publicly accessible sources). See the section on “How we use cookies, other tracking technologies and social media plugins” with regard to tracking.

Other data: This includes data that we collect in connection with official or legal proceedings (e.g. files, evidence, etc.), data collected on the basis of health protection (e.g. as part of protection concepts), access details or rights (e.g. visitor lists), participation in events.

Where we collect your personal data

From you: You provide much of the above data yourself (e.g. in connection with our services for you or your employer or client or when communicating with us). You are not obligated to provide your data, except for in individual cases (e.g. because of legal requirements). However, if you conclude contracts with us or want to use our services, for example, you have to disclose certain data.

From third parties: We can also collect data from publicly accessible sources or receive it from authorities and from other third parties. In particular, this includes the following categories: master data, contractual data and other data, but also all other above-mentioned data categories as well as data from correspondence and meetings with third parties. If you work for an employer or client or someone else who has a business relationship with us or other dealings, they may also make data about you accessible to us.

Which purposes we collect and process your personal data for

In general, we collect and process your personal data for the following purposes in particular:

Operating our website: You can visit our website and obtain information about our services without telling us who you are. In order to be able to operate our website in a secure and stable manner, we collect technical data that at least allow us to recognize you. We also use cookies and similar technologies (see below).

Initiation, administration and execution of contracts: We process personal data in connection with providing our services (e.g. if you use registration, order or contact forms on our website, inquire by phone or via communication apps concerning our offerings and services or contact our support via communication services). This applies not only in connection with the conclusion and execution of contracts with our customers, but also with our suppliers, service providers, project partners and others. Among other things, this also includes processing for the purpose of checking creditworthiness, for consulting, for customer support as well as for providing and demanding contractual services (which also includes the involvement of third parties). This also includes the enforcement of legal claims resulting from contracts (debt collection, legal proceedings, etc.), accounting, termination of contracts and public communication.

Communication: We process your data in order to be able to communicate with you (e.g. in order to respond to inquiries, in the context of consulting as well as the execution of contracts). We also collect additional data if we need to or want to determine your identity (e.g. a copy of an ID).

Marketing purposes and in order to maintain relationships: We process data for marketing purposes and for relationship management, for example to send our customers, other contractual partners and other interested parties personalized advertising (e.g. by e-mail or other electronic channels) concerning products, services and other news from us, in connection with free services or as part of individual marketing campaigns. You can reject this type of contact at any time or refuse or withdraw consent to being contacted for advertising purposes by sending a message to the address shown at the end.

Market research, improvement of our services and operations, and product development: In order to continuously improve our products and services (incl. our website and other electronic offerings), we analyze how you navigate through our website or which products are used by which groups of people in which way, for example.

Registration: In order to be able to use certain offerings and services (e.g, login areas, newsletters), you need to register (directly with us or via our external login service providers). We process data for this purpose. Furthermore, we can also collect other personal data about you during use of the offering or the service.

Security purposes as well as technical and physical access controls: We process your data in order to continuously improve the appropriate security of our IT and our other infrastructure. This is, for example, for monitoring, analyzing and testing IT infrastructure, for system and error checks, for documentation purposes and in the context of backup copies.

Compliance with laws, instructions and recommendations from authorities and internal regulations: We may process personal data in the context of complying with laws (e.g. anti-money laundering, tax law obligations and for implementing health and safety concepts). Data may also be processed during internal and external investigations (e.g. by law enforcement or supervisory authorities or a commissioned private body). Legal obligations may be Swiss law or also foreign regulations which we are subject to as well as self-regulation, industry standards, in-house “corporate governance” and official instructions and requests.

Risk and corporate management: We can process personal data as part of risk management (e.g. to protect against criminal activities) and corporate management, including our company organization (e.g resource planning) and company development (e.g. aquisition and sale of parts of the business or company).

Other purposes: These other purposes include, for example, training and educational purposes, administrative purposes (e.g. accounting), to safeguard our rights and to evaluate and improve internal processes. We may record telephone calls for training and quality assurance purposes. In such cases, we separately point this out (e.g. by means of a corresponding announcement before the telephone call) and you are free to end the communication. In general, these types of recordings may only be made and used according to our internal guidelines. Safeguarding of other legitimate interests is also one of the other purposes which cannot be listed exhaustively.

The legal basis on which we process your personal data

We automatically assess some of your personal characteristics for the purposes specified in the section “Which purposes we collect and process your personal data for” based on your data (“profiling”) if we want to determine your preference data and in order to perform statistical evaluations. We can also create profiles for the same purposes.

How we process and protect personal data; how long we store it

We collect and process your personal data in a trustworthy, responsible manner. For this purpose, we take appropriate security measures to ensure the confidentiality, integrity and availability of your personal data in order to protect against unauthorized or unlawful processing and to counteract the risk of loss, unintentional changes, unwanted disclosure or unauthorized access. However, the security risks cannot generally be completely excluded and a certain remaining level of risk is unavoidable.

We store personal data only for the duration required to fulfill the purposes for which the personal data was collected, if we have a legitimate interest in storing the data or are required to do so by law or storage is required for technical reasons (e.g. in the case of backups or document management systems). If no legal or contractual obligations run contrary, we erase or anonymize your data once the storage or processing period has elapsed as part of our usual processes.

If there are no legal retention regulations in individual cases, we generally process personal data for the duration of the business relationship or contract period and then, depending on the applicable legal basis, for an additional five, ten or more years. This corresponds to the duration within which we can assert legal claims against third parties or third parties can do so against us. Ongoing or forthcoming legal proceedings may result in processing over and beyond this period.

To whom we forward your personal data

To perform the contract, to pursue our legitimate interests or comply with statutory requirements, it might be necessary to forward your personal data to the following categories of recipients: Group companies, contractual partners, registries, registration partners, SSL providers, third-party service providers, credit inquiry agencies, address management companies or debt collection agencies, communication service providers or courts and authorities as well as other recipients insofar as this is necessary for fulfilling the purposes described above, such as third parties as part of agency relationships (e.g. your lawyer or your bank).

For the purposes described above, we may also share your personal data with our third-party service providers who process your data on our behalf or as joint controllers with us or who receive data about you from us as separate controllers.

For the purpose of address verification, credit assessment or for debt collection purposes, we may pass on your personal data to credit inquiry agencies, address management companies or debt collection agencies, if necessary and as described above.

To the extent that courts or authorities request and we are legally required, we will pass on your personal data to them or other third parties.

When we disclose your personal data abroad

We mainly process and store personal data in Switzerland and the European Economic Area (EEA), but, in exceptional cases – for example via subcontractors of our service providers – potentially in every country around the world.

If a recipient is located in a country without appropriate data protection, we contractually oblige the recipient to comply with a sufficient level of data protection (for this purpose, we use the amended standard contractual clauses from the European Commission, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?, including the amendments necessary for Switzerland), unless the recipient is subject to a legally accepted set of rules to ensure data protection and we cannot rely on a derogation clause. In particular, a derogation may apply in the event of legal proceedings abroad, but also in cases of overriding public interest if the performance of a contract which is in your interest requires this type of disclosure, if you have consented or obtaining your consent within an appropriate period is not possible and the disclosure is necessary in order to protect your life or your physical integrity or that of a third party, or if it concerns data made generally accessible by you whose processing you have not objected to.

Your rights in relation to your personal data

You have certain rights in connection with our data processing. Depending on the applicable law, you can, in particular, request access to information about the processing of your personal data, have incorrect personal data rectified, request the erasure of personal data, object to data processing (whereby this right to objection, applies in particular but not exclusively, to data processing for the purpose of direct marketing), request the release of certain personal data in a common electronic format or its transmission to other controllers or withdraw consent, insofar as our processing is based on your consent.

Please note that exceptions or restrictions apply to these rights. In particular, we might have to process and forward your personal data in order to perform a contract with you, pursue our own legitimate interests such as the assertion, exercise or defense of legal claims or to comply with statutory requirements. To the extent legally permissible, in particular in order to safeguard the rights and freedoms of persons concerned and protect our legitimate interests (e.g. nondisclosure and security interest as well as consideration of our business resources and opportunities) we can therefore also reject your data protection-related requests, e.g. information or deletion requests, or only partially comply with your requests. However, you do have the right to lodge a complaint with a competent supervisory authority.

If you would like to exercise your data subject rights as the user of a website or application of one of our customers, please address these directly to the respective operator of the website or application. We are only the order processor in relation to these. The customer responsible for processing must uphold the data subject rights.

How we use cookies, other tracking technologies

When using our website (incl. newsletter and additional digital offerings), data comes about which is stored in logs (in particular technical data). In addition, we can use cookies and similar technologies (e.g. pixel tags or fingerprints) in order to recognize website visitors, evaluate your behavior and identify preferences. A cookie is a small text file which is transmitted between the server and your system and enables a certain device or browser to be recognized.

You can set your browser such that it automatically rejects, accepts or deletes these cookies. You can also deactivate or delete cookies on a case-by-case basis. You can find out how you can manage cookies in your browser by looking at your browser’s help menu. Continue

Neither the technical data we collect nor cookies generally contain any personal data. However, your personal data which we store or third-party providers commissioned by us store (e.g. if you have a user account with us or these providers) can be linked to the technical data or the information stored in the cookies and obtained from them and thus possibly to your person.

We also use social media plugins; these are small software modules that establish a link between your visit to our website and a third-party provider. The social media plugin informs the third-party provider that you visited our website and can transmit cookies which it previously placed on your web browser to the third-party provider. You can find further information about how these third-party providers use your personal data collected via your social media plugins in their respective privacy policies.

In addition, we use tools and services from third-party providers (which, on their part, can use cookies) on our website, in particular to improve the functionality or the content of our website (e.g. integration of videos or maps), to create statistics and to display advertising.

In particular, we can currently use services from the following service providers and advertising partners, whereby their contact details and additional information on the individual data processing measures can be accessed in the relevant privacy policy:

Google Analytics
Provider: Google Ireland Ltd.
Privacy policy: https://support.google.com/analytics/answer/6004245

Several of the third-party providers used by us may be located outside Switzerland. Information on data disclosure abroad can be found in the section “When we disclose your personal data abroad”. In respect of data protection law, they are, in some cases, “only” our processors and, in some cases, controllers. You can find further information on this in the privacy policies.

How we process personal data on our pages on social networks

We operate pages and other online presences on social networks and other platforms operated by third parties and process data about you in this context. In this process, we receive data from you (e.g. if you communicate with us or comment on our content) and from the platforms (e.g. statistics). The providers of the platforms can analyze your usage and process this data together with other data they have about you. They also process this data for their own purposes (e.g. marketing and market research purposes and for managing their platforms) and act as their own controllers for this purpose. Please find additional information on processing by the platform operators in the privacy policies of the relevant platforms. Continue

We currently use the following platforms, whereby the identity and contact details of the platform operator can be accessed in the respective privacy policies:

LinkedIn
www.linkedin.com
Privacy policy: https://www.linkedin.com/legal/privacy-policy

How to contact us

If you have any questions about the data processing described in this privacy policy, please reach out to us at [email protected]. For inquiries regarding your data subject rights under applicable data protection laws or any general questions about data protection, you can also contact us at the same email address.

If the GDPR applies, Martinez Lopez - IT Consulting has designated the following representative in the EU: Martinez Lopez - IT Consulting, Schweighofweg 16, 6010, Switzerland.

How we can change this privacy policy

We reserve the right to change this privacy policy at any time. The version published on our website at the respective time applies.