Data protection is a matter of trust and your trust is important to us. Although we have not changed the way we handle our personal data, due to the entry into force of the revised Data Protection Act on September 1, 2023, we are publishing a privacy statement on our website not only for our website visitors, but also for our customers. It is important to us that you are fully informed about the processing of your personal data. It is important to us that you understand
- what personal data we process about you;
- for what purpose we use your personal data
- who has access to your personal data
- how long we will retain your personal data
- what happens to your personal data after the end of our business relationship or after the legal retention period.
2 Who is responsible for the processing of your data?
A specific company is responsible under data protection law for data processing in accordance with this data protection declaration. This means that this company determines how the processing is carried out, for what purpose it is carried out and which principles are to apply. In principle, the following company is responsible for data processing in accordance with this data protection declaration:
Veriduna Treuhand AG
For inquiries regarding data protection, you can reach us as follows:
+41 44 802 10 20
3 What is "personal data" and what does "processing" mean?
"Personal data" refers to data that relate to an identified or identifiable person, i.e. that allow conclusions to be drawn about that person's identity.
"Particularly sensitive personal data" are categories of personal data that are particularly sensitive, which is why their processing may be subject to special requirements. Particularly sensitive personal data includes, for example, data revealing religion or political opinions, health data and data relating to criminal or administrative sanctions and social assistance.
In section 5 you will find details of the data that we process within the scope of this data protection declaration. Processing" means any handling of personal data, in particular obtaining, storing, using, disclosing and deleting.
4 Who is affected by our data processing?
Our data processing activities may affect the following persons ("data subjects") in particular:
-Persons who use a service from us;
-Third parties (such as family members in the case of tax returns, suppliers of customers in the case of FiBu, etc.) who are legally related to the persons who use a service from us;
-Contact persons of our business Partners
5. What data do we process about you and for what purpose?
Which data we process about you depends on your relationship with us. Depending on the occasion and purpose, we process different data from different sources. We primarily collect this data directly from you, e.g. when you place an order with us for our services or when you communicate with us. We process personal data exclusively for the purpose of fulfilling contracts and in doing so we comply with the legal requirements.
We primarily process the categories of data described below, although this list is not exhaustive. If data changes over time (e.g. in the event of a change of address or other mutation), we may retain the previous status in addition to the current status.
As master data we refer to the basic data that we require in addition to the contractual data (name, address, e-mail address, telephone number) for the processing of our contractual and other business relationships or, if necessary, for marketing and advertising purposes (invitation to events, newsletter, etc.). In the case of customers and other contractual partners who are companies, we process data on our contact persons, e.g. name and address, details of titles, function in the company, qualifications and, where applicable, details of supervisors and employees.
We prepare tax returns for individuals, sole proprietorships and legal entities. We receive the information required for this exclusively from you.
Financial accounting data
Our services also include financial accounting. For this purpose, we process data on your debtors and creditors, any employees and executive bodies.
We receive the information required for this from you, your suppliers and service providers, etc.
Payroll accounting data
We also carry out payroll accounting for our customers. For this purpose, we process data about employees, which may also include data that provides information about social security procedures or involves any administrative sanctions or social assistance measures.
We receive the information for the processing of the payroll accounting of your employees exclusively from you as well as from the competent authorities.
We also collect data from you in other situations which we cannot describe exhaustively in this data protection declaration. For example, data is collected in connection with official or judicial proceedings (such as requests for files from tax authorities).
6. to whom is your data disclosed?
Our employees have access to your personal data, act according to instructions and are bound to confidentiality and secrecy when handling your personal data.
Furthermore, the following institutions may gain knowledge of your data:
Where necessary for the fulfillment of an order, data will be passed on to authorities.
We mainly work with service providers in Switzerland in order to be able to provide our services. These services include, for example, IT services and marketing services.
We provide service providers with the data required for their services and ensure through our contractual agreements and appropriate instructions that data protection is also observed by the service providers during the entire processing time.
7. will your data be disclosed abroad?
As explained in section 6, not only we process your personal data, but also our service providers, which are generally located in Switzerland.
Due to the use of the latest technologies (e.g. cloud solution), it cannot be ruled out that your data may be transferred abroad - also outside the EU or the EEA.
The corresponding countries may not have laws that protect your personal data to the same extent as in Switzerland or in the EU or EEA area (e.g. USA). We therefore take contractual precautions (or oblige our service providers to do so) to contractually compensate for the weaker legal protection. For this purpose, we generally use the standard contractual clauses issued or recognized by the European Commission and the Swiss Data Protection and Information Commissioner (FDPIC) (for further details and a copy of these clauses, see (Standard contractual clauses for controllers and processors in the EU/EEA (europa.eu).
8. how long will your data be stored?
The statutory retention period for our records is generally ten years. In certain cases prescribed by law, even longer (e.g. tax records, documents related to real estate).
9. what rights do you have?
In connection with our data processing, you have the right:
- To request information as to whether and what data we are processing from you;
- To request corrections if data is incorrect;
- to object to and demand the restriction or deletion of data, unless we are obliged or entitled to continue processing it;
- Request the release of certain personal data in a commonly used electronic format or the transfer to another controller;
- Revoke consent, insofar as our processing is based on your consent.
Please note that certain conditions must be met in order to exercise these rights and that exceptions or limitations may apply (e.g., to protect third parties or trade secrets). We will inform you accordingly if necessary.
If you wish to exercise any rights against us, please contact us in writing (see Section 2).
10. can this data protection declaration be changed?