Data privacy policy
1. General information
In accordance with the duty of information incumbent upon us, this data privacy policy specifies the way in which Fiduconsult SA, Fiduconsult Conseils & Gestion SA, Fiduconsult Fribourg SA, Fiduconsult Audit SA, Fiduconsult Bulle SA, Fiduconsult Lausanne SA, Fiduconsult Fidyver SA, Fiduconsult Neuchâtel SA, FIDUCONSULT ACTA SA, Fiduconsult Jura S.A. and Verifid Révision SA handle your personal data. It also governs the transmission of data, the retention period and your rights.
2. Identity and details of the data controller
This data privacy policy applies to data processing carried out by
- Fiduconsult SA, rue des Pilettes 3, 1700 Fribourg;
- Fiduconsult Conseils & Gestion SA, rue des Pilettes 3, 1700 Fribourg;
- Fiduconsult Fribourg SA, rue des Pilettes 3, 1700 Fribourg;
- Fiduconsult Audit SA, rue des Pilettes 3, 1700 Fribourg;
- Fiduconsult Bulle SA, rue de la Lécheretta 1, 1630 Bulle;
- Fiduconsult Lausanne SA, place de la Gare 4, 1003 Lausanne;
- Fiduconsult Fidyver SA, En Chamard 35, 1442 Montagny-Yverdon;
- Fiduconsult Neuchâtel SA, rue du Temple-Neuf 4, 200 Neuchâtel;
- FIDUCONSULT ACTA SA, rue Fritz-Courvoisier 40, 2301 La Chaux-de-Fonds;
- Fiduconsult Jura S.A., rue de la Gruère 5, 2350 Saignelégier;
- Verifid Révision SA, rue de la Fontaine 7, 1204 Geneva
You can contact us using the details below to share your concerns on data privacy for any of the above companies (please specify which company you are referring to if possible):
Fiduconsult SA
Data privacy
Rue des Pilettes 3
1700 Fribourg
privacy@fiduconsult.ch
3. Purpose of processing
We only collect from our clients the personal data necessary for the provision of the agreed service (conclusion and execution of a contract with the client or an associate), if a legal regulation demands it (in particular if we are acting as an administrator or management in a trustee capacity for a company or as an auditing body for a company), to preserve our interests or with your agreement (for example, to send you newsletters).
We collect personal data in a transparent manner and in accordance with the principles of proportionality and purpose. The data is only processed as necessary and for as long as necessary to complete our work and fulfil our obligations.
4. Categories of personal data collected
Depending on the objective of the data processing, the client sector and the area of service, we collect different types of personal data, including sensitive data in some circumstances.
Firstly, for all contacts, discussion partners, contract partners and clients, we process at least the following personal contact details: forename, surname, sex, address, e-mail address and telephone number of the contact person(s).
Next, depending on the type of services provided, other personal data can be transmitted to us, specifically:
- other personal information (job and position, nationality, religion, residence permit, languages spoken, marital status, information on children, date of birth, family situation, professional situation, passport or ID card number, AHV number, etc.),
- financial information (bank details, investments, property owned, shareholdings, extract from the debt collection register, etc.),
- tax information (taxpayer number, for example),
- accounting information.
In addition, we also collect some sensitive personal data when we provide services relating to payroll, tax returns, drawing up accounts, company auditing or various legal and tax consultations.
As a general rule, data is communicated and provided directly by the clients. However, depending on the nature and the scope of the mandate, they may also come from official authorities, courts or third parties. In some circumstances, data can also be collected directly from the employer of the affected persons. Our clients are responsible for informing third parties that we are processing their personal data for the purpose of executing a contract. In order to do this, our clients can refer to this data privacy policy.
It is also possible that we would use information in the public domain in the media and online where there is a need to do so in a specific circumstance.
5. Internet
Our website can be used without necessarily sharing extensive personal data. However, our host does collect information about the user at every session. This is temporarily stored in files. However, it is not possible to attribute this information to a specific person. The log files contain the following information:
- the date and time of access and the volume of data,
- the browser used and the operating system,
- the domain name of the supplier,
- the page from which you arrived on our site (referred URL)
- the search term entered,
- the IP address.
This data collection is required for technical reasons, it helps the stability and security of the website and the data is used to analyse the use of the website and improve it. It also allows accurate checks if there is any suspicion that our website is being used illegally.
We also collect your personal data when you sign up to our newsletter or fill in our contact form (‘request a quote’) or our bexio package quote request on our website.
We also use Google Maps on our website to help you find the offices for our various companies. The moment you browse pages with Google Maps built in, information on your use of our website (such as your IP address) can be sent to Google servers in Switzerland or abroad.
6. Monitoring technologies (‘cookies’)
We use limited cookies on our website in order to optimise your browsing experience. These are little files that your browser creates automatically and which are saved on your computer or mobile phone when you visit our website. The cookies used relate to user preferences (accepting or refusing cookies, preferred language) and generating statistics on visits to our website.
7. Categories of recipients to which personal data is sent
We only transmit your personal data to third parties if it is necessary in order for us to provide our service, if we are bound to by law or by the authorities, if we have an overwhelming interest in sending data of this kind or if you ask us to.
The categories of recipients to which we are likely to send your personal data are as follows:
- to some of our suppliers, IT service-providers, hosts, insurance companies, solicitors, etc.
- to other persons within the framework of our legal or contractual obligations (authorities, public organisations, courts, etc.).
The suppliers who process the personal data on our behalf undertake to guarantee the privacy of the personal data and only to treat your personal data for the purpose we have indicated to them.
Except when you browse our websites that have Google Maps displayed in them, your personal data will not be transmitted abroad.
8. Retention period for your personal data
Your personal data is kept for the period necessary to complete our brief, which was the original reason why your personal data was collected.
We will keep it longer if there are legal obligations or overwhelming interests requiring this. The retention period is generally at least ten years, for example, to meet the archiving requirements under fiscal law and the accounting regulations or to guarantee that rights can be exerted.
At the end of this retention period, the personal data is deleted or anonymised.
9. Data security
We take the appropriate technical and organisational security measures to protect personal data: against any unauthorised access or misuse. These measures include IT and network security solutions, access restrictions, encrypting of data storage and transmission, instruction, training and checks. The data is backed up in the software and applications we use.
If third parties have access to our data, special measures are defined in the sub-contractor contract (see section 9) and implemented.
10. Your rights
With respect to the handling of your personal data, your rights are as follows:
- right of access (art. 25 ff DPA), right to request additional information from the data controller specified in article 1 of this statement to the data to which this statement relates,
- right to the forwarding or transmission of personal data (art. 28 DPA) in accordance with the terms of the article specified,
- right of correction if your data is not correct or complete (art. 32 para. 1 DPA), providing the amendment is permitted by law,
- right to restriction of processing of personal data (art. 32 para 2 let. a and b DPA): specifically, the right to demand the prevention of a specific processing of personal data or a specific communication of personal data to third parties,
- right to demand the deletion or destruction of your personal data (art. 32 para. 2 let. c DPA),
- right to demand the addition of a mention of the disputed nature of the personal data if the accuracy or inaccuracy of a piece of personal data cannot be established (art. 21 para. 3 DPA),
- right to request the communication to third parties or the publication of the correction, the deletion or destruction of your personal data, or the block on processing or communication to third parties (art. 31 para. 4 DPA),
- right to submit an objection to the competent supervisory body (art. 49 DPA)
You can assert these rights to the body responsible, details of which can be found in Article 2 of this statement.
11. Amendments to the data privacy policy
We explicitly reserve the right to amend this data privacy policy at any time by publishing it on our website.
Version 1.0, 11 October 2023