DATA PROTECTION

This privacy notice ("Notice") describes how Apices Industries AG, Blegistrasse 15, 6340 Baar (“we”, “us”, “our” or “Apices”) may use, process, store and disclose Personal Data that we may collect about individuals, including if you interact with us through this website (“Site”) and from other sources, such as when joining a webinar that is hosted by us or when applying for a job with us. This Notice informs you how we collect, use and protect your Personal Data and informs you about your privacy rights. The Information is provided in a layered format so that you can click through the specific sections set out below. If you want to know the types of Personal Data we collect, they are described in the section ‘Personal Data, how we collect it, and the purposes for which we process it’.

We act as a data controller and we are responsible for the Personal Data we process.

It is important that you read this Notice together with any other Privacy Notice we may provide on specific occasions when we are collecting or processing your Personal Data, such as when subscribe to KnowledgeLeader. This Notice supplements other Privacy Notices you may receive from us and is not intended to override them.

This Site is not intended for children and we do not knowingly collect Personal Data relating to children. If we become aware that we have done so, we will delete that data as soon as possible.

In addition to the information obligations under the Federal Act on Data Protection (FADP), this data protection declaration also includes the information obligations under the General Data Protection Regulation (GDPR).  For ease of reading, this data protection statement uses the terms from the FADP, whose definitions are equivalent in the GDPR. Since in Switzerland, apart from consent, no legal basis is required for the processing of personal data, the other statements on legal basis, in particular for processing on the basis of an existing contract or on the basis of the so-called legitimate interest, only apply to you (if applicable, additionally) if you are in the EU/EEA and use services from us.

We may collect Personal Data that you provide through our Site, for example, when completing online forms, using the “contact us” function, downloading documents, subscribing to receive marketing communications from us , participating in surveys, registering for events and when you provide feedback. Depending on the nature of your enquiry or activities on our Site we collect the following categories of Personal Data from you:

• your name;
• your contact details;
• professional business information, such as job title, professional areas of interest, the company employer and the industry you’re active in;
• Other Personal Data that you voluntarily choose to provide to us, including in your enquiry, emails and/or through customer survey responses. 

We process the above data, depending on the nature of your interaction with us to: develop our business and services; administer events and webinars; allow for content download and lead capturing; provide for the effective delivery of services, information and marketing communications and to provide the functionalities offered by the Site.

If you register on our Site, your Personal Data will be stored in our CRM system.

We collect limited Personal Data automatically from your device when you visit our Site, such as IP address, Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and other technical information. We also collect information about how devices interact with our Site, including browsing activity, Site cookies, links clicked on the Site, referring URL, geolocation data and internet activity.

This information enables us to better understand how visitors use our Site, where they come from and what content on our Site is of interest. We use this information to administer and manage our Site; to conduct benchmarking and data analysis; to improve the quality and relevance of the content on our Site and to personalize and enrich the visitor’s browsing experience. This information is collected through Cookies, please also see our Cookie Policy for further details.

The legal grounds for the processing of Personal Data from website visitors are:

• Our legitimate interests in growing our business, in developing and improving our products/services/Site and keeping them up to date, in developing our marketing strategy, in the effective delivery of information and our services, and in maintaining the effective and lawful operation of our site and businesses.
• Your consent to receive marketing messages and, if we have a pre-existing business relationship, we send marketing based on the ‘soft opt in’ principle. 

We may engage contractors to assist in the delivery of our services. We will collect name and business contact details and financial data so that we can pay invoices. We may perform additional background checking and verification services or ask third parties to perform these checks on our behalf e.g. criminal background, sanctions and terrorism checks if these are requirements for the engagement. We will obtain prior written explicit consent and process this special category Personal Data to the extent that it is necessary and relevant.

The legal grounds for the processing of Personal Data from contractors are:

• Your consent. By applying for employment with us as a contractor, or accepting a direct engagement you consent to us processing your Personal Data for these purposes. You have the right to withdraw your consent at any time. Please note that if you withdraw your consent, we will not be able to continue with your application or engagement.
• Fulfillment of a contract.
• Our legitimate interests in attracting, identifying and sourcing talent; in processing and managing job applications for roles at Protiviti, including the screening and selecting of applicants and contractors; in hiring and onboarding employees and contractors and administering and managing these relationships.
• Compliance with a legal or regulatory obligation (e.g. when carrying out eligibility to work, criminal convictions, sanctions and terrorism verification checks).

We process Personal Data about former, existing and potential clients and individuals appointed as business contacts for such clients in connection with the promotion and provision of consultancy services, to fulfill our contractual obligations, issue invoices and collect payments, to develop our business, for accounting and tax purposes and to administer our business relationship.

Usually the Personal Data we process is limited to name, job title/position, business contact data, company name and industry. If APICES is engaged to provide consultancy services, additional Personal Data might be collected, the nature of which depends on the services provided.

We may also process identification and background information as part of our client acceptance, finance and administration processes, including audit independence, anti-money laundering, conflicts of interest checks, reputational and financial checks, and to fulfill any other legal or regulatory requirements to which we are subject.

The source of the business contact data may be the individual themselves, or their name and business details may be provided to us by a member of their organisation or an existing business contact. We may also obtain these details from websites, social media such as LinkedIn, public and other sources. 

Your Personal Data will be stored in our Customer Relationship Management systems e.g. Salesforce, Pro Connect, iShare and other databases (“CRM”) which are globally accessible by our staff and hosted in the US.

Client contacts in our CRM systems may be sent newsletters, marketing materials, learning opportunities, surveys notifications and invitations to events in accordance with marketing preference and local marketing laws. Client contacts can unsubscribe from marketing at any time by clicking the ‘unsubscribe’ link included in our marketing emails or by contacting: unsubscribe@protiviti.ch.

The legal grounds for the processing of Personal Data from client contacts are:

• To fulfill a contract.
• Our legitimate interests in growing our business, in developing and improving our business, in developing and improving our products and services and our marketing strategy, in administering our relationship, in the effective delivery of services, and in maintaining the effective and lawful operation of our businesses.
• Compliance with a legal or regulatory obligation.
• Your consent in order to receive marketing messages (except in circumstances where we have a pre-existing business relationship and we are email marketing based on the ‘soft opt in’’ principle).

We process Personal Data about our suppliers in order to manage our business relationship, contract and to receive goods and services.

The Personal Data we process is generally limited to name and business contact data including company name, phone, business email and other contact details, and financial and transaction data.

We also process data about suppliers to check whether we have a conflict of interest or audit independence restriction to appointing a supplier. Before we engage new supplier, we also carry out background checks required by law or regulation, for example, adverse media, compliance with bribery and corruption and modern slavery legislation, and financial crime checks.

Legal grounds for processing Personal Data of our suppliers are:

• Fulfillment a contract.
• Compliance with a legal or regulatory obligation.
• Our legitimate interest in managing payments and supplier management.

We will only use your Personal Data for the purposes for which we collected it as described above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to process your Personal Data for a purpose unrelated to the original purposes, we will notify you and explain the legal basis which allows us to do so and obtain your consent if needed.

We may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law or where your Personal Data is anonymized to the extent where we can no longer identify you.

APICES is operating globally. We may share Personal Data with our group of companies,  and our ultimate partner network, and other group companies located within or outside Switzerland, the European Economic Area (EEA), the UK and countries with laws that have not been determined to provide an adequate level of protection for the processing of Personal Data under the laws of Switzerland/the EU, who may use and process your Personal Data for similar purposes as described in this Notice.

Apices consultancy engagements may span more than one jurisdiction, and in these circumstances Personal Data may be accessed by the APICES and Member Firms working on the specific project/engagement.

The data protection laws outside Switzerland/ EEA/UK may not provide an equivalent level of protection to those inside Switzerland, Europe and the UK and in these circumstances, we will take steps to ensure that your Personal Data is adequately protected, secure, kept confidential and that we have a lawful basis for the transfer. This means we require the 3rd party recipient to sign the issued and recognised by the Federal Data Protection and Information Commissioner (FDPIC) standard contractual clauses also approved by the European Commission and UK as providing Personal Data with the same protection that Personal Data has when it is processed within Switzerland/EEA/UK. Where required, we will ensure supplementary technical and organizational security measures are imposed on the 3rd party recipients to protect Personal Data from surveillance and monitoring by public authorities in the third country where the recipient is located.

We will ensure these recipients will be subject to appropriate contractual, security, confidentiality and other applicable obligations and we will only permit them to process Personal Data in accordance with the law and our instructions. 

You can contact us if you require further information on the mechanism we use when transferring Personal Information out of Switzerland/EEA/UK.

To the extent necessary or appropriate and without notifying you, APICES may disclose Personal Data to external 3rd Parties (who are not members of the Protiviti group of companies) located both within and outside Switzerland/EEA/UK in the following circumstances:

• to companies and individuals we employ to perform business functions and services on our behalf. Examples of such business functions include: hosting our Web servers; marketing automation platforms; providing IT services; analyzing data; counting ad impressions to unique visitors; detecting security incidents; protecting against malicious, deceptive, fraudulent, and illegal activity; providing legal, accounting and marketing services; customer relationship management services; performing employment verification screening, sanctions and terrorism checks; credit reference agencies; customer satisfaction surveys; processing payment; and providing other support services. 
• to government agencies including: tax authorities, Police and other law enforcement agencies and regulatory and supervisory authorities (such as the competent data protection authority).
• to comply with applicable laws, the service of legal process, or if we reasonably believe that such action is necessary to: (a) comply with the law requiring such disclosure; (b) protect the rights or property of Protiviti and/or its group companies; (c) prevent a crime, protect national security or for fraud detection or prevention; or (d) protect the personal safety of individuals using our site or members of the public.
• to 3rd parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, we will let you know.

Where applicable, we will impose appropriate contractual, security, confidentiality and other obligations on the 3rd party service providers and processors we have appointed, based on the nature of the services they provide to us. We will only permit them to process your Personal Data in accordance with the law and our instructions. We do not allow them to use your Personal Data for their own purposes and when our relationship ends we will ensure your Personal Data is securely returned or destroyed.

Some of these 3rd parties are also controllers responsible for processing Personal Data for their purposes, for example, the local tax authority is a controller for tax purposes. We may not be able to impose obligations or restrictions on these controllers in connection with how they process Personal Data.

The legal grounds for transferring Personal Data to 3rd parties are:

• Fulfillment of a contract.
• Our legitimate interests in growing our business, in developing and improving our business, in developing and improving our products and services and our marketing strategy, in administering our relationship, in the effective delivery of services, and in maintaining the effective and lawful operation of our businesses. 

 In addition, we would like to point out that, without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you consider that the processing of data relating to you infringes the GDPR. 

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this site may become inaccessible or not function properly. For more information about the cookies we use, and to manage your cookie settings please see our Cookies Policy.

The legal grounds for processing Personal Data obtained from the use of non essential cookies,  tracking your activities on our websites and during events and collecting analytics data is:

• Your consent.