Privacy Policy

PRIVACY POLICY

 

V1.0 – [4 July 2019]

 

1. INTRODUCTION

 

KSquared GmbH, c/o Nicolo Angerer, Konradstrasse 71, 8005 Zurich, Switzerland (“KSquared“, “we“, “our” or “us“) is strongly committed to the protection of the privacy of its website visitors and customers (“you” or “your“). We comply with the applicable data protection regulations including in particular the Swiss Federal Act on Data Protection (FADP) and, to the extent applicable, the EU General Data Protection Regulation (GDPR).

 

KSquared acts both as a processor and as a controller as defined in the FADP and the GDPR. This privacy policy (the “Privacy Policy“) explains the types of personal data we collect, how we use, disclose, protect and process that information and who we share it with in the context of our services (the “Services“) and the KSquared website (http://ksquared.ch/ or the “Website“), as well as certain rights and options you have in this respect. Please read the following carefully to understand our practices.

 

For any requests relating to this Privacy Policy, please write to kevin@ksquared.ch.

 

This Privacy Policy applies to your use of our Website and any of the Services that are accessible via the Website, unless the specific terms and conditions applicable to an individual service specify that a separate privacy policy applies instead.

 

The following table contains a brief summary of this Privacy Policy. Full detail is provided below.

 



 

2. PERSONAL DATA WE PROCESS

 

When you access the Website or use any of our Services, we may collect and process all or a part of the following types of personally identifiable information about you or your business (the “Personal Data“):

 

  • Identity and contact data (e.g. name, date of birth, passport number, work and mobile telephone numbers, work and personal email and postal address);
  • Professional details (e.g. company name, job title, job and career history, educational background and professional memberships);
  • Financial and payment data (e.g. bank details);
  • Profile, usage and website interaction, including password to our Website, your preferences in receiving marketing information from us, your communication preferences and information about how you use our Website, including the Services that you viewed or searched for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks, and mouse-overs);
  • Technical data, including information collected during your visits to our Website, login data, browser type and version, device type, time zone setting, browser plug–in types and versions, operating system and platform.

 

Our intention is not to seek any sensitive information through our website unless legally required for recruiting purposes. Sensitive information includes a number of types of data relating to race or ethnic origin, political opinions, religious or other similar beliefs, trade union membership, physical or mental health, sexual life or criminal records. We suggest that you do not provide sensitive information of this nature. If you do wish to provide sensitive information for any reason, we assume your explicit consent to use that information in the ways described in this Privacy Policy or as described at the point where you choose to disclose this information.

 

3. LEGAL GROUNDS FOR PROCESSING PERSONAL DATA

 

We may rely on the following lawful reasons when we collect and use personal data to operate our business and provide our Services:

 

  • Contract – We may process personal data in order to perform our contractual obligations or take steps linked to a contract with you or your organisation. This includes:
    • To register you as a client of KSquared;
    • To provide and administer Services as instructed by you or your organisation;
    • To process payments, billing and collection; and
    • To process applications for employment.

 

  •  Consent – We may rely on your freely given consent at the time you provided your personal data to us.
    • To provide you with information about our company and Services.

 

  • Legitimate interests – We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. These include:
    • To administer and manage our relationship with you, including accounting, auditing, and taking other steps linked to the performance of our business relationship including identifying persons authorised to represent our clients, suppliers or service providers;
    • To carry out background checks, where permitted;
    • To analyse and improve our Services and communications and other systems and communications and to monitor compliance with our policies and standards;
    • To protect the security of our communications and other systems and to prevent and detect security threats, frauds or other criminal or malicious activities;
    • To collect information about your preferences to personalise and improve the quality of our communications with you; and
    • To seek for qualified candidates.

 

  • Legal obligations and public interest – We may process personal data in order to meet regulatory and public interest obligations, including maintaining records, compliance checks or screening and recording (e.g. anti–money laundering, financial and credit checks, fraud and crime prevention and detection, trade sanctions and embargo laws). This can include automated checks of personal data you provide about your identity against relevant databases and contacting you to confirm your identity or making records of our communications with you for compliance purposes.

 

4. HOW WE COLLECT PERSONAL DATA

 

4.1 Directly

 

We obtain personal data directly from individuals in a variety of ways, including:

 

  • When you or your organization seek advice from us or use any of our online Services;
  • When you or your organization offer to provide, or provides, services to us;
  • When you correspond with us by using our Website;
  • When you or your organization browse, complete a form or make enquiry or otherwise interact on our Website.

 

4.2 Indirectly

 

We obtain personal data indirectly about individuals from a variety of sources, including recruitment services and our clients. We may attach Personal Data to our customer relationship management records to better understand and serve our business clients, prospects, subscribers and individuals, satisfy a legal obligation, or pursue our legitimate interests.

 

  • Public sources – Personal data may be obtained from public registers (such as commercial registers), news articles, sanctions lists, and Internet searches.
  • Social and professional networking sites – If you register or login to our Website using social media (e.g., LinkedIn, Google, or Twitter) to authenticate your identity and connect your social media login information with us, we will collect information or content needed for the registration or login that you permitted your social media provider to share with us. That information may include your name and email address and, depending on your privacy settings, additional details about you, so please review the privacy controls on the applicable service to set how much information you want shared with us.
  • Business clients – Our business clients may engage us to perform Services which involve sharing personal data they control as part of that engagement.
  • Recruitment services – We may obtain personal data about candidates from an employment agency, and other parties including former employers, and credit reference agencies.

 

5. PURPOSES OF PROCESSING PERSONAL DATA

 

We may use the Personal Data for the following purposes:

 

  • To provide and protect the Website and our Services;
  • To administer, manage and develop our business and Services;
  • To maintain and improve the Website and our Services;
  • To develop new services;
  • To provide you with information about us and our Services;
  • To comply with any requirement of law, regulation or a professional body of which we are a member; and
  • For other purposes described in this Privacy Policy or that we may indicate to you when we collect your Personal Data.

 

With your explicit consent, we may also use your Personal Data to send newsletters and other marketing communication to you about our products and Services. Your consent to receiving such communication can be withdrawn at any time by clicking ‘unsubscribe’ in the respective communication or by contacting our business via email.

The Personal Data will be processed and used by us and any subcontractors we may engage in accordance with applicable data protection legislation. Where possible, your Personal Data will be shared in an anonymized and aggregated form to protect your privacy.

We will retain Personal Data only for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

 

6. PERSONAL DATA SECURITY

 

We have implemented technical and organizational measures in an effort to safeguard the Personal Data in our custody. Such measures include:

 

  • restricting access to Personal Data to staff and service providers on a need–to–know basis;
  • setting up high security specifications on our Website.

 

While we endeavor to always protect our Website against unauthorized access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe.

 

7. DISCLOSURE TO THIRD PARTIES AND CROSS-BORDER TRANSFERS

 

7.1 Recipients

 

In the context of our business activities and in line with the purposes of the data processing set out in Section 5, we may transfer data to third parties, insofar as such a transfer is permitted and we deem it appropriate, in order for them to process data for us or, as the case may be, their own purposes. In particular, the following categories of recipients (together the “Recipients“) may be concerned:

 

  • Other members of our group of companies which includes our subsidiaries and holding companies, solely for the purpose of providing the Services and assessing the performance, functionality and any improvements to the Services;
  • Our service providers (such as e.g. banks, insurance companies, IT providers);
  • Domestic and foreign authorities or courts as well as arbitral tribunals if required by law;

 

7.2  Where your data is stored and cross-border transfers

 

We store your Personal Data in Switzerland. If and to the extent your Personal Data is transferred to and stored at a destination outside of Switzerland, we will take all steps reasonably necessary to ensure that such transfer and storage is in accordance with this Privacy Policy and the applicable data protection legislation to safeguard your privacy. Unfortunately, the transmission of information via the internet cannot be completely secure. Whilst we do our best to protect your Personal Data, we cannot guarantee the security of data that is being transmitted.

 

Certain Recipients may be within Switzerland, but they may be located in any country worldwide. In particular, Personal Data may be transferred to countries, in which our service providers, their affiliates, or business partners are located as well as countries in which service providers (such as experts, IT service providers, and law firms) are located. If we transfer data to a country without adequate legal data protection, we ensure an appropriate level of protection as legally required by way of using appropriate contracts or binding corporate rules or we rely on the statutory exceptions of consent, performance of contracts, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the persons concerned.

 

8. YOUR DATA PROTECTION RIGHTS

 

You have rights that you can exercise under certain circumstances with respect to your Personal Data that we hold. To exercise your rights, please send an email to kevin@ksquared.ch.

 

8.1  Right to Access to Your Personal Data

 

You have a right to request a copy of the Personal Data held by us as a data controller, which we will provide to you in an electronic form. At our discretion we may require you to prove your identity before providing the requested information.

 

We aim to respond to any requests for information promptly and, in any event, within the legally required time limit. No fee is required to make a request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds.

 

8.2  Right to Amendment of Your Personal Data

 

You have the right to ask us to correct our records if you believe they contain incorrect or incomplete information about you.

 

When feasible in practice, once we are informed that any personal data processed by us is no longer accurate, we shall make appropriate corrections based on your updated information.

 

8.3  Right to Withdraw Consent

 

If you have provided your consent to the collection, processing and transfer of your Personal Data, you have the right to fully or partly withdraw your consent at any time, free of charge. This includes cases where you wish to opt out from marketing messages that you receive from us. The withdrawal of your consent will not affect the lawfulness of any processing carried out before you withdraw your consent.

 

Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing. To stop receiving emails from a KSquared marketing list, please click on the ‘unsubscribe’ link in the email you received from us or use our contact form. Opting out of receiving marketing communications will not affect the processing of personal data for the provision of our Services.

 

8.4  Right to Erasure of Your Personal Data

 

You have the right to request that KSquared deletes your Personal Data when the Personal Data is no longer necessary for the purposes for which it was collected, or when, among other things, your Personal Data have been unlawfully processed.

 

8.5 Right to Restriction of Processing

 

You have the right to request that we restrict our processing of your Personal Data where you believe such data to be inaccurate, our processing is unlawful, or where we no longer need to process such data for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it.

 

8.6 Right to Portability of Your Personal Data

 

You have the right to request that we transmit the Personal Data we hold in respect of you to another data controller, where this is personal information which you have provided to us and where we are processing that data on the basis of your consent or in order to perform our obligations under contract to you (such as to provide our Services).

 

8.7  Right to Object to Processing

 

Where the legal justification for our processing of your Personal Data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation.  We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defense of a legal claim.

 

8.8 Right to Lodge a Complaint with a Supervisory Authority

 

You have the right of appeal to a data protection supervisory authority if you believe that the processing of your personal data violates data protection law.

 

If you have provided your consent to the collection, processing and transfer of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so.

 

9. COOKIES

 

This Website uses cookies to improve the user experience and ensure that it is functioning effectively. Cookies are small text files that are downloaded to your device by visiting the Website. We use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your device for a set period of time or until you delete them). You may change your browser settings to delete and block cookies. We use the following types of cookies for the purposes explained:

 

 

 

 

10. MODIFICATIONS AND ADDITIONS TO THIS PRIVACY POLICY

 

 

We may provide you with additional privacy notices where we believe that it is appropriate to do so. Those additional notices supplement and should be read together with this Privacy Policy.

 

We reserve the right to update and change this Privacy Policy from time to time in order to reflect any changes to the way in which we process your Personal Data or changing legal requirements. The effective date of our Privacy Policy is posted above, and we encourage you to visit our Website periodically to stay informed about our privacy practices.

 

 

 

 

Cookie consent

We use cookies (incl. third-party cookies) to ensure that our Website is functioning effectively, improve the user experience, personalize content and ads, provide social media features and to analyze our traffic. For more information, you may refer to our Privacy Policy.