About us
This Privacy Policy explains how we process and protect your personal data when you use this website or our services offered through https://www.kapsadvisory.com (together the “Website”).
The Website is operated by KAPS Advisory, Batt. de Bellesdonnes 1730, 1936 Verbier (the “COMPANY”, “we”, “our” or “us”). The COMPANY is the data controller for the data processing described below.
Unless otherwise defined in this Privacy Policy or our Terms and Conditions, the definitions used in this Privacy Policy have the same meaning as in the Swiss Federal Data Protection Act (“DPA”) or the EU General Data Protection Regulation (“GDPR”).
1 Personal information we collect
When you use our website or services, we may collect or receive personal data for many purposes related to our business operations. This may include the following:
– Enquiry and engagement data (e.g. details of your enquiry and substantive communication).
– Contact details (e.g. name, address, email addresses, telephone numbers)
– Application data (e.g. CVs, letters of motivation)
– Website visitor data (e.g. IP addresses, log files)
2 How we collect personal information
We collect information about our users when they use our website or services, including specific actions on the website.
Directly
– When you or your organisation offer or provide services to us.
– When you or your organisation use our services.
– When you or your organisation browse our website, fill in a form, make an enquiry or otherwise interact with us.
Indirectly
– Through public sources; from public registers (e.g. trade registers), news articles and internet searches.
– From third parties such as social media plugins and third-party cookies.
– When our business clients engage us to provide professional services where, as part of that engagement, they share with us personal data that they control.
3 Legal basis and purposes of data processing
Our legal basis for collecting and using the personal data described in this Privacy Policy depends on the personal data we collect and the specific purposes for which we collect it.
Contract: To fulfil our contractual obligations or take action in relation to a contract with you. Specifically:
– To provide our services.
– To recruit you.
Consent: We may rely on your consent given voluntarily at the time you provide us with your personal data. In particular:
– To provide users with news, special offers, newsletters and general information about the goods and services we offer.
– To use cookies and similar technologies for the purpose of analytics and statistical analysis.
Legitimate interests: We may rely on legitimate interests based on our assessment that the processing is fair and reasonable and does not override your interests or fundamental rights and freedoms. Specifically:
– To maintain and improve our website and services.
– To develop new services.
Need to comply with legal obligations: To comply with legal and public interest obligations. Specifically:
– To comply with applicable regulations and laws.
– For the judicial enforcement of claims and rights.
4 External Service Providers
The Company may engage third-party companies (“Service Providers”) to facilitate the operation of our Website, assist in analysing the use of the Website or provide services related to the Website and our offerings to you, such as payment and the provision of IT infrastructure services. These third parties only have access to the user’s personal data to the extent necessary to perform these tasks on behalf of the company.
Categories of service providers who may access your personal data:
– Tax advisors and insurance companies.
– Banks and payment service providers.
– Professional advisors we use, such as accountants and lawyers.
– Third-party service providers who help us analyse customer insights, such as marketing service providers or Google Analytics.
– Government or regulatory agencies.
– IT service providers.
5 Data transfers to third countries
We and/or service providers may transfer your personal data to and process it in the following places:
– EU/EEA
– USA
We may use service providers, some of which are located in or process personal data in so-called third countries (outside the European Union or the European Economic Area or Switzerland), i.e. countries whose level of data protection does not correspond to that of the EU or Switzerland.
We protect your personal data in accordance with our contractual obligations and applicable data protection laws when we transfer data abroad.
Such protections may include:
Transfer to countries that provide an adequate level of protection according to the country lists published by the Federal Data Protection and Information Commissioner, as well as countries for which an adequacy decision has been issued by the European Commission;
– Application of standard contractual clauses, binding corporate rules or other standard contractual obligations that ensure adequate data protection.
Where a third-country transfer takes place and there is no adequacy decision or appropriate safeguards, it is possible and there is a risk that authorities in the third country (e.g. intelligence services) may gain access to the transferred data and that the enforceability of data subjects’ rights cannot be guaranteed.
6 Disclosure of data
We may disclose your personal data if we believe in good faith that such action is necessary:
– To comply with a legal obligation (i.e. when required to do so by law or in response to a legitimate request from an authority such as a court or government agency);
– To protect the security of the website and defend our rights or property;
– To prevent or investigate possible wrongdoing in connection with us;
– To defend against legal liability.
7 Data security
We use appropriate technical and organisational security measures to protect your stored data from manipulation, loss or unauthorised access by third parties. Our security measures are continuously adapted in line with technological developments.
We also take internal data protection very seriously. Our employees and the service providers commissioned by us are obliged to maintain confidentiality and to comply with the applicable data protection laws. Furthermore, they are only given access to personal data to the extent that this is necessary to fulfil their respective tasks or assignment.
The security of your personal data is important to us, but please remember that no method of transmission over the internet or electronic storage is 100% secure. Although we strive to protect your personal information using commercially reasonable means, we cannot guarantee absolute security. We recommend using anti-virus software, a firewall and other similar software to protect your system.
8 Your rights
You have the following data protection rights. To exercise these rights, contact us at the address above or email: mail@rentapr.ch. Please note that we may ask you to verify your identity before responding to such requests.
– Right of access: You have the right to request a copy of your personal data, which we will provide in electronic form.
– Right to rectification: You have the right to ask us to correct our records if you believe they contain incorrect or incomplete information about you.
– Right to withdraw consent: If you have consented to processing your personal data, you have the right to withdraw that consent with future effect. This also applies if you wish to unsubscribe from marketing communications. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose(s) to which you originally consented, unless there is another legal basis for the processing.
– Right to erasure: You have the right to request that we erase your personal data if it is no longer necessary for the purposes for which it was collected or if it has been unlawfully processed.
– Right to restriction of processing: You have the right to request restriction of the processing of your personal data if you consider that the data is inaccurate, the processing is unlawful or we no longer need to process the data for the original purpose but we cannot erase it due to a legal obligation or because you do not wish us to do so.
– Right to data portability: You have the right to request that we transfer your personal data in a standard format such as Excel to another data controller, provided that it is data that you have provided to us and we are processing it on the legal basis of your consent or to fulfil our contractual obligations.
– Right to object to processing: If the legal basis for processing your personal data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will comply with your request unless we have a compelling legal basis for the processing that overrides your interests or we need to further process the personal data to exercise or defend a legal claim.
– Right to complain to a supervisory authority: You have the right to complain to a data protection supervisory authority if you believe that the processing of your personal data violates data protection law. You are entitled to contact the competent supervisory authority – in Switzerland, the Federal Data Protection and Information Commissioner, Feldeggweg 1, CH-3003 Bern, info@edoeb.admin.ch. If you are visiting us from the EU or the EEA, you can also assert this right, for example, with a supervisory authority in the member state of your residence, your workplace or the place of the alleged infringement.
9 Links to third-party apps and website
Our website may contain links to websites or apps that are not operated by us. When you click on a third-party link, you will be directed to that third party’s website or app. We have no control over, and assume no responsibility for, the content, privacy policies or practices of any third-party websites or services.
We maintain online presence on social networks to, among other things, communicate with customers and prospects and provide information about our products and services. If you have an account on the same network, it is possible that your information and media made available there may be seen by us, for example, when we access your profile. In addition, the social network may allow us to contact you. The content communication via the social network and the processing of the content data is thereby subject to the responsibility of the social network. As soon as we transfer personal data to our own system, we are responsible for this independently. This is then done in order to carry out pre-contractual measures and to fulfil a contract.
For the legal basis of the data processing carried out by the social networks under their own responsibility, please refer to their data protection declarations. The following is a list of social networks on which we operate an online presence:
– Facebook: Privacy policy
– Instagram: Privacy policy
– LinkedIn: Privacy Policy
– Twitter: Privacy Policy
– YouTube: Privacy policy
– TikTok: Privacy policy
10 YouTube
Our website uses the YouTube video service offered to persons from Switzerland and the European Economic Area by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland. When you visit a page on our website with an embedded YouTube video, your browser establishes a connection to YouTube’s servers, as a result of which your personal data – e.g. IP address, technical information about your browser type and operating system, activities you perform on our website – is transferred to YouTube servers, which may also be located in the USA, regardless of whether you have a YouTube account or not. In addition, YouTube can track your behaviour as soon as you start watching the videos. If you watch YouTube videos on our website while logged into your YouTube profile, your behaviour while watching our embedded YouTube video may also be linked to your YouTube account. If you do not want this to be associated with your YouTube profile, you must log out of YouTube before visiting our respective website.
You can find more information in Google’s privacy policy.
11 Microsoft Teams
We use “Teams” to conduct online meetings. Teams is software provided by Microsoft Ireland Operations Limited, South County Business Park, Leopardstown, Dublin 18, Ireland (“Microsoft”). The legal basis for processing data to conduct meetings through Teams is our legitimate interest in conducting online meetings, discussion sessions and presentations effectively and easily. Furthermore, we carry out this data processing on a contractual basis insofar as the meetings take place within the framework of existing contractual relationships with you. We are not responsible for any further data processing on the Teams product website where the desktop software can be downloaded and the web app can be used. During a meeting, participant data (e.g. display name, first name, last name, phone), metadata (e.g. meeting topic and description, IP address, time of the participant’s last activity on Teams), chat or channel messages, microphone and video recording data and phone usage may be processed. You can disable microphone and camera transmissions anytime via the relevant settings. We only record meetings or log text data with your consent and prior notification. Microsoft stores and uses the metadata to analyse and evaluate the use of Teams. Microsoft may become aware of the above data as part of its contract with us. For more information, please see Microsoft’s privacy policy at https://privacy.microsoft.com/en-gb/privacystatement.
12 Zoom
We use Zoom to conduct online meetings. Zoom is software provided by Zoom Video Communications, Inc, 55 Almaden Blvd, Suite 600 San Jose, CA 95113 (“Zoom”). The legal basis for processing data to conduct meetings via Zoom is our legitimate interest in conducting online meetings, discussion sessions and presentations effectively and easily. In addition, we carry out this data processing on a contractual basis insofar as the meetings take place within the framework of existing contractual relationships with you. We are not responsible for any further data processing on the Zoom product page where the desktop software can be downloaded and the web app can be used.
During a meeting, the following data is processed, among others: participant identification (e.g. name, display name, picture, email address, phone number, job information, specified location, voice, picture, user ID and other information provided by the user), preferences and settings (e.g. audio and video settings, recording file location, screen sharing settings), device information (e.g. speaker, microphone, camera information, operating system version, hard drive ID, PC name, MAC address, IP address, operating system and battery status, Wi‑Fi information), content generated in Zoom meetings (e.g. audio, video, in-video and video data, in-meeting messages and whiteboards, survey and Q&A responses, files, and associated context such as invitation details and meeting/chat name and meeting agenda) and attendee interaction with Zoom (e.g. time the attendee joined/left the meeting, performance data, tracking data such as mouse movements, clicks and other actions during the meeting).
You can deactivate the transmission via microphone and camera at any time via the corresponding settings. We only record meetings or log text data with your consent and prior notification.
For more information, please see Zoom’s privacy policy.
13 Cookies
This website uses cookies and similar technologies (collectively, “Tools”) provided either by us or by third parties.
A cookie is a small text file that is stored by the browser on your device. Similar technologies include but are not limited to, web storage (local/session storage), fingerprints, tags or pixels. Most browsers are set by default to accept cookies and similar technologies. However, you can usually set your browser to reject tools or to store them only with your prior consent. If you reject Tools, you may not be able to use all of our services without problems.
You can object to the use of specific Tools at any time. To do so, write to us at mail@rentapr.ch or deselect the relevant technologies in our Cookie Banner under Settings. Alternatively, you can directly assert your revocation for specific Tools with the provider.
If personal data is transferred to third countries, we refer you to point 5 of this Privacy Policy and the associated risks.
Real Cookie Banner
Our website uses the Real Cookie Banner consent technology to obtain your consent to the storage of certain cookies on your terminal device or to the use of specific technologies and to document this consent following data protection law. The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling, Germany (hereinafter “Real Cookie Banner”).
Real Cookie Banner is installed locally on our servers so that no connection is established to the servers of the provider of Real Cookie Banner. Real Cookie Banner stores a cookie in your browser to be able to allocate the consents granted to you or their revocation. The data collected in this way is stored until you request us to delete it, delete the Real Cookie Banner cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.
Change privacy settingsGoogle Analytics 4
Our website uses the web analytics service Google Analytics 4, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google Analytics 4”). If you have not consented to using the analytics tools, your data will not be collected as part of Google Analytics 4.
Google Analytics 4 uses JavaScript and pixels to read information on your terminal device and cookies to store information on your terminal device. This serves to analyse your usage behaviour and to improve our website. The access data is compiled by Google on our behalf into pseudonymous usage profiles and transferred to a Google server in the USA. We will process the information obtained to evaluate your website use and compile reports on website activities.
The data collected as part of the usage analysis of Google Analytics 4 is enriched with data from the Google Search Console and linked with data from Google Ads, in particular to measure the success of our advertising campaigns (so-called conversions).
The following data can be processed by Google Analytics 4: IP address; user ID and device ID; referrer URL (previously visited page); pages viewed (date, time, URL, title, time spent); files downloaded; links clicked to other websites; achievement of specific goals (conversions); technical information (operating system; browser type, version and language; device type, brand, model and resolution); approximate location (country, region and, if applicable, city, based on the anonymised IP address).
This tool uses the following cookies:
– “_ga” (2 years): This cookie is a persistent Google Analytics cookie that distinguishes individual users.
– “_gid” (1 day): The cookie stores information about how visitors use a website and helps create an analytics report on website performance.
– “_gat” (1 year): This cookie is used to throttle the request rate. We use this information to generate reports and help us improve the website.
– “AMP_TOKEN” (1 year): Contains a token that can be used to retrieve a client ID from the AMP client ID service. Other possible values are opt-out, inflight request or an error retrieving a client ID from the AMP Client ID service.
– “_gac_*” (90 days): This cookie is set when a user arrives on the website via a click on a Google ad. It contains information about which ad was clicked, so that successes achieved, such as orders or contact requests, can be assigned to the ad.
– “_gat_gtag_*” (1 minute): This cookie is used to store a unique user ID.
If you would like to learn more about Google’s use of cookies, read the privacy policy here.
Spotify
“Our website uses Spotify, which Spotify AB, Regenringsgatan 19, SE-111 53 Stockholm (“Spotify”) provides. Spotify is a digital music, podcast and video service that provides access to millions of songs and other content from artists worldwide. We embed Spotify embeds on our website to share interactive content from Spotify. This allows us to add podcasts, albums or other audio content to our website for users to listen to. For this purpose, cookies are installed on your device, which allows Spotify to collect data about how visitors use its services to measure and improve the performance of its services. Spotify may also collect information about browsing habits to provide more relevant recommendations.
This tool uses the following cookies:
– “sp_landing” (1 day): This cookie is set by Spotify to implement audio content from Spotify on the website and register information about user interaction related to the audio content.
– “sp_t” (1 year): This cookie is set by Spotify to implement audio content from Spotify on the website and register information about user interaction related to the audio content.
To learn more about Spotify’s use of cookies, please read the privacy .”
14 Changes to this Privacy Policy
We may update our Privacy Policy from time to time. We, therefore, recommend that you check this Privacy Policy regularly for changes.
Changes to this Privacy Policy will take effect when they are posted on this page.
15 Contacting us
If you have any questions about this Privacy Policy, please do not hesitate to contact us at Brigitte@kapsadvisory.com
Change privacy settings