Privacy Policy

Treuhand and Revisionsgesellschaft Mattig-Suter and Partner (hereinafter «MSuP», «we» or «us») operate the website «Treuhand- und Revisionsgesellschaft Mattig-Suter und Partner» (hereinafter the «Website») and process personal data in connection with the Website and in the context of rendering its services.

Your trust is important to us, which is why we take the protection of data seriously and ensure appropriate security. We observe the statutory provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (OFADP), the Telecommunications Act (TCA) and other applicable data protection provisions of Swiss and international law, in particular where applicable EU law.

1. Who is responsible for data processing and to whom can I reach out?

The controller for the data processing activities described in this Privacy Policy is:

Treuhand- und Revisionsgesellschaft Mattig-Suter und Partner
Bahnhofstrasse 28
P.O. Box 556
CH-6431 Schwyz
Tel +41 (0)41 819 54 00

If you have any questions about data protection, you can contact us at the following email address:
it_support@mattig.ch

2. What data do we collect from you when you access the Website?

In order to enable you to establish a connection to the Website and to ensure its secure use (in particular, system security and system stability), our servers temporarily save each access through our web hosting provider (OptimaNet Schweiz AG) to a log file when you visit the Website. As is generally the case with every connection to a web server, the following technical data is automatically recorded without your intervention and stored until automated deletion:

• IP address of the requesting computer;
• Name of the owner of the IP address range (usually your Internet access provider);
• Date and time of access;
• Website from where the access was made (referrer URL), if applicable with the search word used;
• Name and URL of the file accessed;
• Status code (e.g. error message);
• Operating system of your computer;
• Browser used by you (type, version and language);
• Transmission protocol used by you (e.g. HTTP/1.1).

For the avoidance of unauthorized access, and unless already deleted automatically, the IP address of the requesting computer may be evaluated together with other data in the event of attacks on the network infrastructure or other unauthorized use of the Website and may be used in related criminal or civil proceedings against the users concerned. In this case, the data may be stored for as long as they are necessary for the civil or criminal proceedings.

The web hosting provider stores this data for thirty calendar days. It is possible that some of this data is also collected via tracking tools used by us and is therefore stored for longer.

3. Which personal data do we process when contacting or working with MSuP?

We process personal data that we receive from you as a client or from third parties involved as part of the client relationship, or that we collect ourselves in order to manage a mandate that may have been granted to us. In particular, this is case if:

• You contact us;
• You engage third parties to provide us with information;
• You enter a contract with us; or
• You are our counterparty, and we process personal data about you as part of a mandate.

In addition to the personal data provided to us in the context of a contractual relationship, we also collect data (i) from publicly accessible sources (e.g. public registers, press, internet databases), (ii) from authorities and courts or (iii) from third parties involved in the provision of our services. We process the aforementioned types of personal data in order to provide, document and invoice our services.

Please note that you are responsible for personal data that you provide to us (e.g. personal data of employees of your company) and that you must fulfil your own information obligations in this regard.

4. What personal data do we collect when you contact us via the contact form?

You have the option of using a contact form to get in touch with us. We require the following information for this:

• Last name;
• First name;
• Telephone number;
• Email address;
• Content of the message.

If you contact us using the contact form, your contact enquiry will be converted into an email. The enquiry is then stored on our web server and not via the Website.

We only use this data and any additional data you provide (in particular address information and membership information) to answer your contact enquiry in the best possible and most personalised manner. The processing of this data to answer your query is therefore in our legitimate interest.

5. What personal data do we process when you register for an event?

We regularly organise and take part in events. For this purpose, we may need the following information for the organisation of such events:

• Last name;
• First name;
• Email address.

We only use this data and any additional data provided by you to enable you to take part in an unforgettable event. We only process this data if you send it to us for participation in the event.

6. What personal data do we process when you apply for a job with us?

We are always looking for motivated employees and would be delighted to receive your application. So that we can keep the application process as simple as possible, we particularly process the following information about you:

• Salutation;
• Last name;
• First name;
• Street;
• Postcode;
• City;
• Country;
• Telephone number;
• E-mail address;
• Curriculum vitae;
• Diplomas / certificates;
• Letter of motivation.

We only use this data and other data you provide voluntarily (e.g. date of birth, link to LinkedIn profile) to review your application and the associated application process. If your application is successful, we will keep this information in your personnel file. If, & 4 unfortunately, an employment relationship is not established, we will retain your application data for a period of 3 months and then delete it, unless we have agreed otherwise with you individually.

7. What personal data is processed through the integration of links to third party websites?

We have included links on our Website to the websites of some of our partners, professional organisations and publications provided by them, social media and other relevant websites. If you access such links from our Website, data may be passed on to the owner of the website you are accessing. We have no influence on the data processing by the operators of such websites. Please read the respective privacy policy of the operators of the relevant website.

8. Which cookies / tracking and other technologies are integrated on our Website?

We use «cookies» on our Website, which may be used to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our Website. This enables us to recognise you when you visit this Website again, even if we do not know who you are. In particular, we use technically necessary cookies that speed up the loading of the Website. These include a CDN cookie («Content Delivery Network» or «Content Distribution Network» cookie) from Google LLC and jQuery. We have also installed an advertising cookie from Google LLC, which may collect personal data for analysis and advertising purposes. We also use Google Analytics.

The provider of Google Analytics is Google Inc, a company of the holding company Alphabet Inc, based in the USA. Before the data is transmitted to the provider, the IP address is shortened by activating IP anonymisation («anonymizeIP») on this Website. The anonymised IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. In these cases, we use contractual guarantees to ensure that Google Inc. complies with an adequate level of data protection. According to Google Inc., under no circumstances will the IP address be associated with other data relating to the user.

Further information about the web analysis service used can be found on the Google Analytics website. You can find instructions on how to prevent the processing of your data by the web analysis service at https://tools.google.com/dlpage/gaoptout?hl=en.

If you block cookies, certain functions may no longer work.

9. Do we pass on your personal data to third parties?

We only pass on your personal data to third parties if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce rights, in particular to enforce claims arising from a contractual relationship.

In addition, we pass on your personal data to third parties insofar as this is necessary in the context of using the Website and to fulfil our legal and contractual obligations.

These are the following categories of possible recipients: external service providers, employees, partners, authorities and courts.

10. What personal data is processed when using Google Maps on our Website?

We use the Google Maps product from Google Inc. By using our Website, you consent to the collection, processing and use of the automatically collected data by Google Inc, its representatives and third parties.

You can find the terms of use of Google Maps at https://www.google.com/intl/en/help/terms_maps/.

11. Are personal data being transferred abroad?

Data is transferred to bodies in countries outside Switzerland (third countries) insofar as this is described in this Privacy Policy, it is necessary for the fulfilment of our contractual obligations, it is required by law or you have given us your consent.

In particular, personal data is processed by third-party service providers in Albania and Switzerland as part of the operating of the Website (e.g. securing and functions of the Website). We have concluded contractual arrangements with such third parties to ensure an appropriate level of data protection.

12. How will my personal data be protected if it is transferred to the USA?

For the sake of completeness, we would like to point out to Website visitors residing or domiciled in Switzerland that there are surveillance measures in place in the USA by US authorities that generally allow the storage of all personal data of all persons, whose data has been transferred from Switzerland to the USA. This is done without differentiation, restriction or exception on the basis of the objective pursued and without an objective criterion that makes it possible to restrict the US authorities’ access to the data and its subsequent use to very specific, strictly limited purposes that justify the interference associated with both access to this data and its use. We would also like to point out that there are no legal remedies available in the USA for data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective legal protection against general access rights of US authorities. We explicitly draw your attention to this legal and factual situation in order to enable you to make an appropriately informed decision to consent to the use of your data.

We would like to point out to users residing in a member state of the EU or Switzerland that, from the perspective of Switzerland and the European Union, the USA does not have an adequate level of data protection, partly due to the issues mentioned in this section. Insofar as we have explained in this Privacy Policy that recipients of data (such as Google Analytics or Google Maps) are based in the USA; we will ensure by means of suitable guarantees and technical and organisational measures that your data is protected with an adequate level of data protection by our partners.

13. How secure is your personal data?

We use suitable technical and organisational security measures to protect your personal data stored by us against manipulation, partial or complete loss and unauthorised access by third parties. Our security measures are continuously reviewed and improved in line with technological developments.

We would like to point out that we may use electronic means of communication. If you use such means of communication with us, we assume that you accept the associated data security risks. Should you require special security measures, please inform us accordingly.

14. How long do we store personal data?

In principle, we only store your personal data for as long as is necessary for the purposes described in the Privacy Policy or for as long as there is a statutory or officially ordered retention or documentation obligation. We may also store your data for as long as we have an overriding interest in doing so. For example, we have an overriding private interest if we store your contact details in our contact database in order to work with you again in the future or to stay in touch for other reasons.

15. What are your rights as a data subject?

You have the right to receive information about your personal data processed by us upon request. In addition, you have the right to have incorrect personal data corrected and to have your personal data deleted, provided that this does not conflict with any statutory or officially mandated retention or documentation obligations or authorisation (e.g. an overriding private interest). You also have the right to have an objection notice attached. You also have the right to request that we return the personal data that you have transmitted to us. On your instruction, we will also pass on your personal data to a third party of your choice. You also have the right to receive the digitally transmitted personal data in a standard file format.

You can contact us for the aforementioned purposes at the above-mentioned email address. Please note that legal and/or contractual requirements and exceptions apply to these rights. To the extent permitted or required by law, we may refuse requests to exercise these rights. For example, we may have to retain or otherwise continue to process personal data for legal reasons despite requests to erase or restrict processing.

16. Can this Privacy Policy be amended?

This Privacy Policy provides information about the type, scope and purpose of the use of personal data by us. We reserve the right to unilaterally amend the content of the aforementioned Privacy Policy at any time and without prior notice. This Privacy Policy was last amended on 20 October 2023.