Privacy Policy

Burkhalter Management AG, Hohlstrasse 475, CH-8048 Zurich (CHE‑103.740.080), is the operator of the website www.burkhalter.ch and is therefore responsible for collecting, processing and using your personal data, handling it in accordance with applicable data protection law.

Your trust is important to us which is why we take the issue of data protection seriously and are vigilant about providing an appropriate level of security. We do, of course, respect the legal provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (DPO), the Telecommunications Act (TCA) and any other applicable provisions relating to data protection law. Data processing carried out by Burkhalter Management AG is subject to Swiss substantive law. The place of jurisdiction for any claims is Zurich (Canton of Zurich).

Please be aware of the information below advising you what personal data we collect from you and the purpose for which we use it.

1. Visiting our website

Every time you visit our website, our servers temporarily store each access in a log file. During this process, the technical data listed below is collected without any action on your part, as is generally the case for every connection to an online server, and is stored by us until it is automatically erased after 12 months at the latest:

the IP address of the requesting computer
the date and time of access
the name and URL of the retrieved file
the status code (e.g. error message)
the browser used by you (type, version and language) and
the transmission protocol used (e.g. HTTP/1.1)

This data is collected and processed in order to enable the use of our website (to establish a connection), guarantee the security and stability of the system on a long-term basis, allow us to optimise our Internet offering and for internal statistical purposes. Herein lies our legitimate interest in data processing.

The IP address is also evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorised or improper use of the website for information and defence purposes and, where appropriate, used in criminal proceedings for identification purposes and in civil and criminal proceedings against the users concerned. Herein lies our legitimate interest in data processing.

2. Using our contact form

You can use a contact form to get in touch with us. To do this, we require the following information:

Your message*
Surname*
First name*
Company
Telephone
Street
Postcode, town
E-mail*

The details marked with * are mandatory.

We only use this data to be able to answer your contact request in the best and most personal way possible. The processing of this data is therefore required for the performance of pre-contractual measures or is in our legitimate interest.

3. Cookies

In many respects, cookies help to make your visit to our website more simple, pleasant and useful. Cookies are information files that your web browser automatically stores on your computer’s hard drive when you visit our website.

For example, we place cookies in order to temporarily store your selected services and entries when filling in a form on the website so that you do not need to repeat your entry when visiting another subpage.

Most Internet browsers accept cookies automatically. You can, however, configure your browser so that no cookies are stored on your computer or so that a notification always appears when you receive a new cookie. The pages below explain how you can configure the processing of cookies on the most common browsers.

Deactivating cookies can lead to you not being able to use all of the functions on our website.

4. Tracking-Tools

With a view to providing a needs-based design and continuing to optimise our website, we use Google Analytics, a web analysis service provided by Google Inc.1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Inc. is part of the holding company Alphabet Inc., based in the USA.

In this context, pseudonymised user profiles are created and small text files that are stored on your computer (“cookies”) are used. The information generated by cookies about your use of this website, such as

browser type/version
operating system used
referrer URL (the page previously visited)
hostname of the accessing computer (IP address)
time of server query
and device

is sent to Google servers in the USA and stored there. During this process, the IP address is truncated by activating IP anonymisation (“anonymiseIP”) on this website before it is transferred within the Member States of the European Union or other signatory states to the Agreement on the European Economic Area or Switzerland. Google does not associate the anonymised IP address transmitted by your browser through Google Analytics with any other data held by Google. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. In these cases, we apply contractual guarantees to ensure that Google observes a sufficient level of data protection.

The information is used to evaluate the use of the website, compile reports on website activity and provide other services related to website activity and Internet usage for the purposes of market research and tailoring of the website. Google may also transfer this information to third parties, provided it is required to do so by law or if third parties process the data on behalf of Google. According to Google, under no circumstances will the IP address be linked to other data concerning the user.

Users can prevent Google from collecting and processing the data generated by cookies and relating to their use of the website (including their IP address) by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en

For the sake of completeness, we would like to mention that under US law, the US authorities can carry out surveillance measures that enable the general storage of all data transferred from the European Union to the USA. This is done without distinction, restriction or exemption on the basis of the aim pursued and without objective criteria that would make it possible for the US authorities to access personal data and limit its subsequent use for specific, strictly limited purposes that would justify access to that data.

We advise users residing in an EU member state that, from the European Union’s perspective, the USA does not have a sufficient level of data protection, due to the issues mentioned in this section among other things. Provided we have explained in this Privacy Policy that data recipients (such as Google) are based in the USA, we will ensure that your data is protected to a reasonable degree by our partners, either through contractual arrangements with these companies or by ensuring their certification under the EU-US Privacy Shield.

5. Disclosing data to third parties

We will only disclose your personal data if you have given your explicit consent, if there is a legal obligation to do so or if it is necessary to uphold our rights, in particular to enforce claims arising from the contractual relationship.

We also disclose your data to third parties insofar as this is required in the context of the use of the website and the execution of the contract, namely the provision of the services you would like to receive and the analysis of your user behaviour. Third-party use of the data disclosed for these reasons is strictly limited to the aforementioned purposes.

Various third-party providers are explicitly mentioned in this Privacy Policy (e.g. in the “Tracking tools” section).

Service providers that receive, have access to or could have access to the personal data collected via the website are our web agency and our web host RTP GmbH, Josefstrasse 92, 8005 Zürich. Data is disclosed for the provision and maintenance of the functionality of our website. Herein lies our legitimate interest.

6. Transmitting personal data abroad

We have the right to pass on your data to third-party companies abroad, provided this is required in connection with processing your enquiries or providing services and marketing campaigns. These third-party companies are obliged to safeguard the user’s privacy to the same extent as the provider itself does so. If the data protection level in a country is considered inadequate compared with Swiss standards and/or the EU General Data Protection Regulation, we ensure by way of contract that your personal data are at all times protected in accordance with Swiss guidelines and/or the EU General Data Protection Regulation.

Various third-party providers and their registered offices have already been mentioned in the previous section (“Disclosing data to third parties”). Individual third-party providers named in this Privacy Policy are headquartered in the USA (see “Tracking tools”). You can find further information on transferring data to the USA under “Tracking tools”.

7. Retention period

We only store personal data for as long as it is required to use the above-mentioned tracking services and the further processing within the scope of our legitimate interest. We store contract data for a longer period of time as this is required by statutory retention obligations. Retention obligations that oblige us to store data are set out in the provisions governing financial reporting and in tax law. In accordance with these provisions, business communication, concluded contracts and accounting records are stored for up to ten years. If we no longer require the data for the performance of services for you, the data will be locked. This means that the data may only be used for the purposes of financial reporting and for tax purposes.

8. Right of access, right to rectification, erasure and restriction of processing; right to data portability

You have the right to gain access to the personal data we have stored upon request. In addition, you have the right to the rectification of incorrect data and to the erasure of your personal data, provided there is no statutory retention obligation or regulated permission allowing us to process the data.

You also have the right to request that the data you have transferred to us be given back to you (right to data portability). On request, we will also pass on the data to third parties of your choice. You have the right to receive the data in a common file format.

You can reach us for the aforementioned purposes using the following contact details:

Burkhalter Management AG
Zeno Böhm
Hohlstrasse 475
8048 Zurich
info@burkhalter.ch

In order to process your requests, we may ask for proof of identity at our own discretion.

9. Data security

We deploy suitable technical and organisational security measures in order to protect your personal data stored by us against manipulation, partial or total loss and unauthorised third-party access. Our security measures are constantly improved in line with technological developments.

You should always handle your login details in a confidential manner and close the browser window when you have finished communicating with us, particularly if you share the computer with others.

We also take internal data protection very seriously. Our employees and the service providers commissioned by us have been sworn to secrecy and compliance with the statutory data protection provisions.

10. Right to lodge a complaint with a data protection supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority at any time.

Zurich, October 2018