Streiff von Kaenel | Privacy Notice

Privacy Notice

Streiff von Kaenel AG (hereinafter also "we", "us", etc.) is a law firm with its registered office in Wetzikon (Canton of Zurich, Switzerland). In the course of our business activities, we collect and process personal data, in particular personal data about our clients, associated persons, counterparties, courts and authorities, correspondent law firms, professional and other associations, visitors to our website, participants in events, recipients of newsletters and other contacts or their contact persons and employees (hereinafter also "you"). In this privacy notice, we provide information about these data processing activities. In addition to this privacy notice, we may inform you separately about the processing of your data (e.g. within the scope of forms or contractual terms).

If you disclose to us data about other individuals (such as family members, representatives, counterparties, or other associated persons), we will assume that you are authorized to do so, that the relevant data is accurate, and that you have ensured that such individuals are aware of such disclosure to the extent that a legal duty to inform applies (e.g., by bringing this privacy notice to their attention in advance).

2. WHO IS THE CONTROLLER FOR PROCESSING YOUR DATA AND HOW DO I REACH THIS CONTROLLER?

Controller for the processing of data under this privacy notice is:

Streiff von Kaenel AG
Bahnhofstrasse 67
P.O. Box
8620 Wetzikon ZH
mail@streiffvonkaenel.ch
+41 44 933 50 90

3. WHAT CATEGORIES OF DATA DO WE PROCESS?

Personal data that we process about you include (for the purposes of processing, see para. 4):

General personal data (within the scope of all data processing)
Financial data (e.g., in the context of communication, administration and processing of contracts)
Health data (e.g., in the context of communication, administration and processing of contracts and other data processing).
Location data (e.g., in the context of improvements to electronic services)
Data concerning private and intimate sphere (e.g., within the scope of administration and processing of contracts and other data processing)

4. FOR WHAT PURPOSES DO WE PROCESS WHICH OF YOUR DATA?

When you use our services, use the website www.streiffvonkaenel.ch (hereinafter "website") or otherwise deal with us, we collect and process various categories of your personal data (for the categories of this data, see para. 3). In principle, we may collect and otherwise process this data in particular for the following purposes:

· Communication: We process personal data so that we can communicate with you as well as with third parties, such as parties to proceedings, courts or authorities, by e-mail, telephone, letter or otherwise (e.g., to answer inquiries, in the context of legal advice and representation as well as the initiation or execution of contracts). This also includes that we may send our clients, contractual partners and other interested persons information about events, changes in the law, news about our law firm or similar. This may take, e.g., the form of newsletters and other regular contact (electronic, postal, telephone). You may refuse such communications at any time, or refuse or withdraw consent to such communications. For this purpose, we process in particular the content of the communication, your contact data and the marginal data of the communication.

· Initiation and conclusion of contracts: With regard to the conclusion of a contract, such as in particular a contract in order to enter into an attorney-client relationship, with you or your client or employer, which also includes the clarification of any conflicts of interest, we may in particular obtain and otherwise process your name, contact details, powers of attorney, declarations of consent, information about third parties (e.g., contact persons, family details as well as counterparties), contract contents, date of conclusion, creditworthiness data as well as all other data which you make available to us or which we collect from public sources or third parties (e.g., commercial register, credit agencies, sanctions lists, media, legal protection insurances or from the Internet).

· Administration and processing of contracts: We collect and process personal data so that we can comply with our contractual obligations to our clients and other contractual partners (e.g., suppliers, service providers, correspondence law firms, project partners) and, in particular, so that we can provide and demand contractual performances. This also includes data processing for mandate execution (e.g. legal advice and representation of our clients before courts and authorities and correspondence) as well as data processing for the enforcement of claims and other rights and obligations (debt collection, legal proceedings, etc.), accounting and public communication (if permitted). For this purpose, we process in particular the data which we receive or have collected in the course of the initiation, conclusion and execution of the contract, as well as data which we generate in the course of our contractual services or which we collect from public sources or other third parties (e.g., courts, authorities, counterparties, information services, media, detective agencies or from the Internet). Such data may include, in particular, minutes of conversations and consultations, notes, internal and external correspondence, contractual documents, documents that we create and receive in the course of proceedings before courts and authorities (e.g., statements of claim, appeals and complaints, judgments and decisions), background information about you, counterparties or other persons, as well as other mandate-related information, performance records, invoices, and financial and payment information.

· Operation of our website: In order to operate our website in a secure and stable manner, we collect technical data, such as IP address, information about the operating system and settings of your terminal device, the browser, the region, the time (including time zone difference from the GMT zone), content of the request and internet page from which the request comes, access status/http status code, and the type and extent of use. In addition, we use cookies and similar technologies. For more information, see para. 9. Our Internet pages use SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

· Improving our electronic offerings: In order to continuously improve our website, we collect data about your behavior and preferences by, for example, analyzing how you navigate through our website.

· Registration: In order to use certain offers and services (e.g. free WLAN, newsletter), you must register (directly with us or via our external login service providers). For this purpose, we process the data disclosed during the respective registration. Furthermore, we may also collect personal data about you during the use of the offer or service; if necessary, we will provide you with further information about the processing of this data.

· Security purposes as well as access controls: We collect and process personal data to ensure and continuously improve the appropriate security of our IT and other infrastructure (e.g., buildings). This includes, for example, monitoring and controlling electronic access to our IT systems , analyzing and testing our IT infrastructures, system and error checks, and creating security copies.

· Compliance with laws, directives and recommendations of authorities and internal regulations ("Compliance"): We collect and process personal data to comply with applicable laws (e.g., anti-money laundering, tax obligations or our professional duties), self-regulations, certifications, industry standards, our corporate governance, as well as for internal and external investigations to which we are a party (e.g., by a law enforcement or regulatory agency or an appointed private entity).

· Risk management and corporate governance: We collect and process personal data as part of risk management (e.g., to protect against tortious activities) and corporate governance. This includes, among other things, our operational organization (e.g., resource planning) and corporate development.

· Job application: If you apply for a job with us, we obtain and process the relevant data for the purpose of reviewing the application, carrying out the application process and, in the case of successful applications, for the preparation and conclusion of a corresponding contract. For this purpose, in addition to your contact data and the information from the corresponding communication, we also process in particular the data contained in your application documents and the data as we can additionally obtain about you, for example from job-related social networks, the internet, the media and from references, if you consent to us obtaining references. Data processing in connection with the employment relationship is the subject of a separate privacy notice.

· Other purposes: Other purposes include, for example, training and educational purposes and administrative purposes (e.g., accounting). We may listen to or record telephone or video conferences for training, evidence, and quality assurance purposes. In such cases, we will notify you separately (e.g., by displaying a notice during the video conference in question) and you are free to tell us if you do not want to be recorded or to stop the communication (if you just do not want your image recorded, please turn off your camera). In addition, we may process personal data for the organization, implementation and follow-up of events, such as, in particular, lists of participants and the content of presentations and discussions, but also image and audio recordings made during these events. The protection of other legitimate interests is also one of the further purposes, which cannot be named exhaustively.

5. WHERE DOES THE DATA COME FROM?

From you: The majority of the data we process is provided by you (or your terminal device) (e.g., in connection with our services, the use of our website and apps, or communication with us). You are not obliged to disclose your data, with exceptions in individual cases (e.g., legal obligations). However, if you want to conclude contracts with us or use our services, for example, you must disclose certain data to us . The use of our website is also not possible without data processing.
From third parties: We may also obtain or receive data from publicly available sources (e.g. debt collection registers, land registers, commercial registers, media or the internet including social media) from (i) public authorities, (ii) your employer or client who is either in a business relationship with us or otherwise dealing with us, and (iii) other third parties (e.g. clients, counterparties, legal protection insurers, credit agencies, address dealers, associations, contractual partners, internet analysis services). This includes, in particular, the data we process in the course of initiating, concluding and executing contracts, as well as data from correspondence and discussions with third parties, but also all other categories of data pursuant to para. 3 et seqq.

6. WHO DO WE DISCLOSE YOUR INFORMATION TO?

In connection with the provisions set forth in para. 3 we transfer your personal data in particular to the categories of recipients listed below. If necessary, we obtain your consent for this or have our professional duty of confidentiality released by our supervisory authority.

· Service providers/auxiliary persons: We work with service providers and auxiliary persons in Switzerland and abroad who (i) on our behalf (e.g., IT providers, providers for our office and data management system), (ii) under joint responsibility with us or (iii) on their own responsibility process data that they have received from us or collected for us. These service providers include, for example, IT providers, providers for office and data management systems, banks, insurance companies, debt collection agencies, credit reporting agencies, address checkers, interpreters, other law firms and experts or consulting firms. We generally agree on contracts with these third parties regarding the use and protection of personal data.

· Clients and other contractual partners: First of all, this refers to clients and other contractual partners of ours (including companies affiliated with them) for whom a transfer of your data arises from the contract (e.g., because you work for a contractual partner or he provides services for you). This category of recipients also includes contacts with which we cooperate, such as other law firms in Switzerland and abroad or legal protection insurance companies. The recipients process the data under their own responsibility.

· Authorities and courts: We may disclose personal data to public offices, courts and other authorities in Switzerland and abroad if this is necessary for the fulfilment of our contractual obligations and in particular for the conduct of our mandate, or if we are legally obliged or entitled to do so, or if this appears necessary to protect our interests. These recipients process the data under their own responsibility.

· Counterparties and persons involved: To the extent necessary for the fulfilment of our contractual obligations, in particular for the execution of the mandate, we also disclose your personal data to counterparties and other involved persons (e.g., guarantors, financiers, affiliated companies, other law firms, respondents or experts, etc.).

· Other persons: This refers to other cases where the inclusion of third parties arises from the purposes under para. 3. This concerns, for example, delivery addressees or payment recipients specified by you, third parties in the context of agency relationships (e.g., your lawyer or your bank) or persons involved in official or legal proceedings. We may also disclose your personal data to our supervisory authority, in particular if this is necessary in individual cases to release you from our professional duty of confidentiality. If we cooperate with the media and transmit material to them (e.g., photos), you may also be affected. In the course of business development, we may sell or acquire businesses, parts of businesses, assets or companies, or enter into partnerships, which may also result in the disclosure of data (including data about you, e.g., as a client or supplier or as their representative) to the persons involved in these transactions. Communications with our competitors, industry organizations, associations and other bodies may also involve the exchange of data relating to you.

All these categories of recipients may in turn involve third parties, so that your data may also become accessible to them. We can restrict processing by certain third parties (e.g., IT providers), but not by other third parties (e.g., authorities, banks, etc.).

7. IS YOUR PERSONAL DATA ALSO DISCLOSED ABROAD?

We process and store personal data mainly in Switzerland and the European Economic Area (EEA), but potentially in any country in the world, depending on the case – for example, via subcontractors of our service providers or in proceedings before foreign courts or authorities. In the course of our activities for clients, your personal data may also be proceeded in any country in the world.

If a recipient is located in a country without adequate data protection, we contractually oblige the recipient to comply with an adequate level of data protection (for this purpose, we use the revised standard contractual clauses of the European Commission, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?, including the supplements necessary for Switzerland), unless the recipient is already subject to a legally recognized set of rules to ensure data protection. We may also disclose personal data to a country without adequate data protection without entering into a separate contract for this purpose if we can rely on an exemption provision for this purpose. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the performance of a contract that is in your interest requires such disclosure (e.g., if we disclose data to our correspondence offices), if you have consented or it is not possible to obtain your consent within a reasonable period of time and the disclosure is necessary to protect your life or physical integrity or that of a third party, or if it concerns data that you have made generally available and you have not objected to its processing. We may also rely on the exception for data from a register provided for by law (e.g., commercial register) to which we have been legitimately given access. We may also rely on the exception for data from a register provided for by law (e.g., commercial register) to which we have been legitimately given access.

8. WHAT ARE YOUR RIGHTS?

You have certain rights in connection with our data processing. In accordance with applicable law, you may, in particular, request information about the processing of your personal data, have incorrect personal data corrected, request the deletion of personal data, object to data processing, have data processing restricted, request the release of certain personal data in a standard electronic format or its transfer to other data controllers.

If data processing is based on your consent, you can revoke your consent at any time for the future without giving reasons. The revocation is to be sent to the controller via the contact details in para. 2 of this declaration.

If you wish to exercise your rights against us, please contact us; you will find our contact details in para. 2. In order to exclude misuse, we will have to identify you (e.g., with a copy of your identity card, if necessary).

Please note that these rights are subject to requirements, exceptions or restrictions (e.g., in order to protect third parties or business secrets or due to our professional duty of confidentiality). We reserve the right to black out copies or to supply only excerpts for reasons of data protection or confidentiality.

9. HOW ARE COOKIES AND SIMILAR TECHNOLOGIES USED ON OUR WEBSITE?

When using our website (incl. newsletter and other digital offers), data is generated that is stored in logs (especially technical data). In addition, we may use cookies and similar technologies (e.g., pixel tags or fingerprints) to recognize website visitors, evaluate their behavior and recognize preferences. A cookie is a small file that is transmitted between the server and your system and enables the recognition of a specific device or browser.

You can set your browser to automatically reject, accept or delete cookies. You can also disable or delete cookies on a case-by-case basis. You can find out how to manage cookies in your browser in the help menu of your browser.

Both the technical data we collect and cookies generally do not contain any personal data.

10. HOW DO WE PROCESS PERSONAL DATA ON OUR PAGES IN SOCIAL NETWORKS?

We operate pages and other online presences on social networks and other platforms operated by third parties and process data about you in this context. In doing so, we receive data from you (e.g., when you communicate with us or comment on our content) and from the platforms (e.g., statistics). The providers of the platforms may analyze your usage and process this data together with other data they have about you. They also process this data for their own purposes (e.g., marketing and market research purposes and to manage their platforms), and act as their own data controllers for this purpose. For more information on processing by the platform operators, please refer to the privacy notices of the respective platforms.

We currently use the following platforms, whereby the identity and contact details of the platform operator are available in the corresponding privacy notice:

www.linkedin.com
Privacy notice: https://de.linkedin.com/legal/privacy-policy

We are entitled, but not obliged, to check third-party content before or after it is published on our online presences, to delete content without notice and, if necessary, to report it to the provider of the relevant platform.

Some of the platform operators may be located outside of Switzerland. Information on data disclosure abroad can be found under para. 7.

11. WHAT ELSE NEEDS TO BE CONSIDERED?

We do not assume that the EU General Data Protection Regulation ("GDPR") is applicable in our case. However, if this should exceptionally be the case for certain data processing, then exclusively for the purposes of the GDPR and the data processing subject to it, the following section applies.

We base the processing of your personal data in particular on the fact that

it as described in para. 3 is necessary for the initiation and conclusion of contracts and their administration and enforcement (Art. 6 para. 1 lit. b GDPR);
it is necessary for the protection of legitimate interests of us or of third parties as described in para. 3 namely for communication with you or third parties, to operate our website, to improve our electronic offers and registration for certain offers and services, for security purposes, for compliance with Swiss law and internal regulations for our risk management and corporate governance and for other purposes such as training and education, administration, evidence and quality assurance, organization, implementation and follow-up of events and to safeguard other legitimate interests (see section 3) (Art. 6 para. 1 lit. f GDPR);
it is required or permitted by law on the basis of our mandate or position under the law of the EEA or a member state (Art. 6(1)(c) GDPR) or is necessary to protect your vital interests or those of other natural persons (Art. 6(1)(d) GDPR);
you have separately consented to the processing, e.g., via a corresponding declaration on our website (Art. 6 para. 1 lit. a and Art. 9 para. 2 lit. a GDPR).

We use technical and organizational measures to help protect your personal information from unauthorized access, use, disclosure, alteration or destruction.

We would like to point out that we process and store your data for as long as it is necessary for our processing purposes (cf. para. 3), the legal retention periods and our legitimate interests, in particular for documentation and evidence purposes, require it or storage is technically necessary (e.g., in the case of backups or document management systems). If there are no legal or contractual obligations or technical reasons to the contrary, we generally delete or anonymize your data after the storage or processing period has expired as part of our usual processes and in accordance with our retention notice.

If you do not provide certain personal data, this may mean that the provision of related services or the conclusion of a contract is not possible. We generally indicate where personal data requested by us is mandatory.

If you provide Personal Data to us through a third party (e.g., through your employees or other contacts), it is up to you to inform them in a general way about the processing by legal service providers (such as us) or other external service providers (e.g., in a privacy notice for employees).

We then use certain IT services as well as means of communication which may be associated with data security risks (e.g., e-mail, video conferencing). It is your responsibility to inform us of your desire for special security measures. Electronic communications (especially e-mails) may contain information that is confidential and/or subject to attorney-client privilege and protected by criminal law. If you correspond with Streiff von Kaenel AG via e-mail, please note that messages sent by e-mail may be intercepted, altered or read by unauthorized persons. For this reason, we recommend that you send confidential information by encrypted e-mail, regular mail or courier service. If you send us communications by unencrypted e-mail, we will consider this as an instruction to communicate with you on the relevant matter by unsecured e-mail and will infer your consent to this. Any liability for the completeness and timeliness of electronic communications is excluded. Virus-free, undamaged or uninfected transmission cannot be guaranteed.

The procedure described in para. 8 applies in particular to data processing for the purpose of direct marketing.

12. CAN WE AMEND THIS PRIVACY NOTICE?

This privacy notice is not part of any contract with you. We may amend this privacy notice at any time. The version published on this website is the current version.