A. Person responsible
Properti AG, Flurstrasse 62, 8048 Zurich, Switzerland, is responsible for the processing of personal data and therefore the controller in accordance with this privacy policy. The person responsible for data protection at our company can be contacted at the above postal address, by email at [email protected] or by telephone on +41 44 244 32 00.
B. Personal data and terms
Personal data is information relating to an identified or identifiable natural person, such as name, address, telephone number, e-mail address, date of birth, etc. (“personal data”).
Any handling of personal data, regardless of the means and procedures used, in particular the collection, procurement, storage, use, processing, disclosure, archiving or deletion of data, is considered processing (“processing” or “processed”). A data subject is any natural person about whom personal data is processed (“data subject”).
The controller is any private person or federal body that alone or jointly with others decides on the purposes and means of processing (“controller”).
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller (“processor”).
C. Obtaining personal data
You or the persons concerned provide us with some of the personal data yourself by making it available to us, using our services or contacting us by e-mail or telephone. This includes, for example, name, contact details, date of birth, professional function, photos, etc. We also process personal data that we receive from job applicants. We may also collect personal data ourselves, e.g. if you or the company you work for make use of our services, participate in our events or we obtain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, press, internet, media, social media), data (e.g. information from the media and internet, creditworthiness information, your addresses and, if applicable, interests and other socio-demographic data). We may also receive data from other companies (including those within our group of companies), from authorities and other third parties (credit agencies, address dealers) or your environment, or if you use our website (see lit. I). We collect the data specified in this paragraph for the purposes specified in section D, unless otherwise stated.
If you have given us your consent to process your personal data for specific purposes (e.g. when you register to receive newsletters), we will process your personal data within the set framework and based on this consent. We may also base the processing of personal data on other legal grounds, if necessary. These include the fulfilment of a contract, the implementation of pre-contractual measures or the protection of other legitimate interests (see D).
If you are acting on behalf of a third party or providing us with information about a third party, you represent that you are an authorised representative or agent of that third party and/or that you have obtained all necessary consents from that third party to the collection, processing, use and disclosure of their personal data to us or by us in accordance with the terms of this Privacy Policy.
D. Purpose of the processing
We use the personal data in particular to fulfil the purposes of our organisation, to provide our services and to initiate and process agreements with our customers and business partners, as well as to comply with our legal obligations. If you work for our members, customers or business partners, your personal data may also be affected in this capacity.
In addition, we also process personal data of you and other persons for the following purposes, insofar as this is permitted and appears appropriate to us:
- Provision and further development of our offers, services and websites, apps and other platforms on which we are present;
- Communication with third parties and processing their inquiries (e.g. applications, media inquiries);
- Customer acquisition;
- Credit or creditworthiness checks;
- Advertising and marketing (including the organization of events);
- Market and opinion research, media monitoring;
- Assertion of legal claims and defense in connection with legal disputes and official proceedings;
- Prevention and investigation of criminal offenses and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud);
- Guarantees of our operations, in particular IT, our websites, apps and other platforms;
- Video surveillance to safeguard domiciliary rights and other measures for IT, building and facility security and protection of our employees and other persons and assets belonging to or entrusted to us (such as access controls, visitor lists, network and mail scanners, telephone recordings);
- Purchase and sale of business divisions, companies or parts of companies and other transactions under company law and the associated transfer of personal data.
E. Duration of storage
Unless an explicit retention period is specified at the time of collection or in this privacy policy, we process and store personal data until it is no longer required to fulfil the purpose, unless statutory retention obligations (e.g. retention obligations under commercial and tax law) prevent deletion. Personal data may also be stored for the period in which claims can be asserted and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes).
F. Rights of the data subject
Consent that has been given can be revoked at any time, but this has no effect on data processing that has already taken place. In addition, depending on the circumstances and the applicable data protection law, you have the right to information, correction, deletion or restriction of the processing of personal data, the right to object to the processing and the right to portability (data portability). Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature cancellation of the contract or cost consequences. We will inform you in advance if this is not already contractually regulated. We are also authorised to assert the statutory restrictions on your rights as a data subject, for example if we are obliged to store or process certain data, have an overriding interest in doing so or need it to assert claims.
Every data subject also has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
With regard to your rights and any other questions, suggestions and comments on the subject of data protection, please contact the person responsible for data protection using the contact details given at the beginning (see A).
G. Security
We take appropriate measures to protect personal data against loss, misuse, unauthorised access, disclosure, alteration or destruction. To this end, we use suitable technical and organisational measures. However, we cannot guarantee the absolute security of the data.
Unless otherwise agreed, we accept no liability for breaches of these safety regulations unless they are intentional or due to gross negligence.
H. Data transmission
As part of our business activities, we also disclose personal data to third parties, insofar as this is permitted and appears appropriate to us, either because they process data for us or because they use the data for their own purposes. This applies in particular to the following organisations:
- Service providers of ours (e.g. banks, insurance companies), including processors (such as IT providers);
- Dealers, suppliers, subcontractors and other business partners;
- Members or customers;
- domestic and foreign authorities, official bodies or courts;
- Media;
- The public, including visitors to websites and social media;
- Competitors, industry organizations, associations, organizations and other bodies;
- Acquirers or parties interested in acquiring business divisions, companies or other parts of our group of companies;
- other parties in potential or actual legal proceedings;
- Other companies in our group of companies.
In this context, your personal data may be stored in Switzerland as well as in other countries in Europe and the USA, where the service providers we use are located. If personal data is processed outside Switzerland or the European Economic Area, we will take the steps required by applicable data protection law to ensure that your personal data is treated as safely and securely as in Switzerland or within the European Economic Area, unless we can rely on an exception. An exception may apply in the case of legal proceedings abroad, but also in cases of overriding public interests, if the fulfilment of a contract requires such disclosure or if you have given your consent.
I. Data processing through use of the website
During your visit to the website, general information is automatically collected (e.g. date of your visit, time zone, type of web browser and its settings, version and language, your IP address, MAC address of the end device (e.g. computer or mobile phone), the operating system used, content accessed and the domain name of your Internet service provider). We use this data for the purposes stated in section D, in particular for marketing and administrative purposes and to ensure the functionality of the website. This data is also required to correctly provide and optimise the content of the website, to ensure the long-term functionality of our IT systems and the website and to provide law enforcement authorities with the information they need for criminal prosecution in the event of a cyber attack.
We have integrated various services (e.g. marketing, analysis, pixels, cookies, etc.) on our website. Data processing by these services only takes place after you have given your consent. We use a so-called Consent Management Tool (“CMT”) for this purpose. Consent is not required for services that are necessary for the functioning of the website. If consent has not been given for non-essential services, these will not be used when you enter the website.
1. SSL encryption
This website uses SSL encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://”.
2. server log files
The provider of this website automatically collects and stores information in so-called “server log files”, which your browser automatically transmits to us. In particular, the information listed under I above is transmitted.
3. use of cookies
3.1 Definition
Cookies are small files that are stored on your end device when you use our website.
3.2 Necessary and non-necessary cookies
Necessary cookies are files that are sent to the browser on your computer’s hard disk to ensure the functionality of the website and to enable us to offer you certain functions. You do not need the consent of the users of the website.
We use non-essential cookies to collect information about visits to the website. We also use non-essential cookies to improve the user-friendliness of the website, for example to ensure the shopping cart functionality, to adapt our offer to customer requirements and to make surfing the website as convenient as possible for you. We also use cookies to optimize our advertising. Non-essential cookies require the consent of the website user.
3.3 Session cookies and permanent cookies
So-called “session cookies” are automatically deleted at the end of your visit. For example, we may use session cookies to save your shopping cart, completed online forms or language settings across different pages of an Internet session. We also use permanent cookies. These remain stored on your end device after the end of the browser session until you delete them. When you visit our website again, it will automatically recognize which entries and settings you prefer. Depending on the type of cookie, these cookies remain stored on your end device for a certain period of time (e.g. two years) and are automatically deactivated after the programmed time has expired. They serve to make our website more user-friendly, effective and secure. Thanks to these cookies, for example, you will be shown information on the site that is specifically tailored to your interests.
3.4 Activation, deactivation and deletion of cookies
All web browsers allow you to activate, deactivate or delete the use of cookies by configuring the browser settings or options accordingly. If cookies are completely or partially deactivated or deleted, not all functions of the website may be available.
3.5 Cookies and personal data
As a rule, the cookies we use do not store any personal data. However, personal data that we or third-party providers commissioned by us store about you (e.g. if you have a user account with us or these providers) may be linked to the technical data or to the information stored in and obtained from cookies and thus possibly to your person.
4. services
All of the following services are not necessary for the functionality of the website and therefore require consent in our CMT when entering the website.
It cannot be ruled out that data collected by the services may also be transmitted to a server of a provider in a third country – in particular in the USA – and stored there. We have agreed EU standard data protection clauses with the respective provider to safeguard the transfer to third countries. According to their own information, the respective providers ensure compliance with the data protection agreements. Nevertheless, the transfer of personal data to the USA is associated with particular risks for data subjects.
4.1 Pixel
We include visible and invisible image elements on our website and in our newsletters and other marketing e-mails in some cases and to the extent permitted. By retrieving these from our servers, we can determine whether and when you have opened the website or e-mail so that we can also measure and better understand how you use our offers and tailor them to you. When you register for the newsletter, you consent to the use of these pixels; when you enter the website, as mentioned at the beginning, you consent to the use of these pixels in our CMT.
4.2 Google services
We use Google services on our website: Tag Manager, Analytics, Usercontent, Ads, Ads Remarketing and Maps. The Google company in question is based in Ireland. Google Ireland relies on Google LLC (based in the USA) as processor (both “Google”). Although we can assume that the data that Google retrieves and stores when you use our website is not personal data, it is possible that Google may use this data in conjunction with data collected by Google itself to draw conclusions about the identity of visitors for its own purposes and link this data to the Google accounts of these persons. If you have registered with Google yourself, Google may also be able to recognize you. Google will then be responsible for processing your personal data in accordance with its data protection provisions. For further information on data protection (in particular the scope, type and purpose of data processing), please refer to the relevant Google privacy policy.
By using Google Analytics, we can measure and evaluate the use of the website (not on a personal basis). Permanent cookies are used for this purpose, which Google sets itself. For Google Analytics, we have configured the service so that the IP addresses of visitors are shortened by Google in Europe before any forwarding to the USA and therefore cannot be traced back. We have switched off the “Data transfer” and “Signals” settings. Google only tells us how our website is used (no information about you personally).
4.3 Further services
We have integrated various marketing services on our website. In particular, the services collect the following information about your end device and your visit to our website: (dynamic) IP address, geographical location, browser type and version as well as language, operating system and version, screen resolution, domain accessed, previously visited website and date and time of access. The service also collects usage data, mouse movements and click behavior on our website. We can use it to place advertisements with the individual providers and their services in order to draw attention to our offers. For this purpose, the providers use the information collected to analyze your surfing behavior on our website and provide us with statistics on our website visitors and which content they interact with most frequently.
The other services we use:
Hotjar
Pardot
Salesforce
Microsoft Advertising
LinkedIn Marketing Solutions
Meta Pixel
We are jointly responsible with some providers (Meta, LinkedIn) for the exchange of data that these providers collect or receive via their integrations on our website, for the display of advertising information that matches the interests of users, the improvement of ad delivery and personalization of functions and content (but not further processing). We have therefore concluded a corresponding additional agreement with the providers concerned. Users can therefore address requests for information and other data subject requests in connection with joint responsibility directly to these providers.
5. links to other websites
The website contains links to other websites. We have no influence on whether their operators comply with the applicable data protection regulations. We exclude any responsibility or liability for the websites of third parties that can be accessed via the links.
6. social media plugins and presence
Apart from our processing of your personal data on social media platforms, these platforms also process your personal data independently. For further information on the processing of the platform operators, please refer to the data protection notices of the platforms. There you can also find out in which countries they process your data, what rights of access, erasure and other data subject rights you have and how you can exercise these or obtain further information.
6.1 Plugins
Our website contains social media plugins from social networks such as Facebook, YouTube, LinkedIn, TikTok and Instagram. These are usually integrated into the website as graphic files. We have configured these elements so that they are deactivated by default. If you activate them (by clicking on them), the operators of the respective social networks can register that you are on our website and where and can use this information for their purposes. The processing of your personal data will then be the responsibility of this operator in accordance with its data protection provisions. We do not receive any information about you from him.
You can prevent third-party providers from collecting information about you during your visit by logging out of your social network pages and deleting cookies (see section 3.4 above).
6.2 Presence
We may operate online presences on social networks and other platforms operated by third parties. We receive data from you and the platforms when you come into contact with us via our online presence (e.g. when you communicate with us, comment on our content or visit our presence). At the same time, the platforms evaluate your use of our online presences and link this data with other data about you known to the platforms (e.g. about your behavior and preferences). They also process this data for their own purposes under their own responsibility, in particular for marketing purposes and to control their platforms (e.g. what content they show you).
We may redistribute content published by you (e.g. comments) ourselves (e.g. in our advertising on the platform or elsewhere). We or the operators of the platforms may also delete or restrict content from or about you in accordance with the usage guidelines (e.g. inappropriate comments).
We currently use the following platforms:
LinkedIn
Instagram
Facebook
YouTube
TikTok
J. Final provisions
This privacy policy is not part of a contract with you. We reserve the right to change the content of this privacy policy at any time and without notice. The current version published on our website applies. It is therefore recommended that you consult this privacy policy regularly. In addition to this data protection declaration, we may inform you separately about the processing of your data, for example by means of further separate data protection declarations concerning special relationships (e.g. customer or applicant relationships).
This privacy policy has been translated by machine translation. The authoritative, legally binding privacy policy in German can be found here.