Privacy policy

What is the purpose of this privacy policy?

The DTI Group consistingconsisting of DTI Schweiz AG, DTI GmbH andand DTI Srl (hereinafter referred to as “DTI “, “we” or “us”) are affiliated IT companies based in Wil (DTI Schweiz AG), CologneCologne (DTI GmbH) andand Verona (DTI Srl). As part of our online presence, we deal with the collection and processing of personal data. This applies in particular to visitors to our website, participants in events, recipients of our newsletters and all other interested parties in our company and the services offered, including their respective contact persons and employees (hereinafter also referred to as “you”). In this privacy policy, we would like to inform you about the processing of this data.

If you provide us with data about other persons (e.g. family members, representatives, contractual partners or other related persons), we assume that you are authorized to do so, can guarantee the accuracy of this data and ensure that these data subjects are informed about the data transfer. If there are legal obligations to provide information, for example by providing this privacy policy in advance, you are obliged to ensure this.

Responsible body for data processing

The operator of this website is responsible under data protection law for the data processing described in this privacy policy and the data protection responsibility for the processing of your personal data within the framework of the GDPR:

DTI Schweiz AG
Flawilerstrasse 27
9500 Wil
Switzerland

T +41 71 929 77 77
info@dti.ch

Internal company data protection consultant:

DTI Schweiz AG
Stefan Schmid
Flawilerstrasse 27
9500 Wil
Switzerland

T +41 71 929 77 77
privacy@dti.ch

External company data protection consultant:

Attorney Lukas Fässler
FSDZ Rechtsanwälte & Notariat AG
Zugerstrasse 76b
6340 Baar
Switzerland

T +41 41 727 60 80
faessler@fsdz.ch, www.fsdz.ch

EU data protection representative pursuant to Art. 27 GDPR:

DTI Srl
Via Francia, 21/C
37135 Verona VR
Italy

T +39 366 298 4320

For what purposes do we process your data?

When you visit our website, contact us, use our services or otherwise interact with us, whether at www.dti.ch or www.dti.group (hereinafter “Website”) or in other ways, we collect and process various categories of your personal data. In principle, we may collect and otherwise process this data for the following purposes in particular:

• Communication: We process personal data to enable communication with you and third parties by e-mail, telephone, in writing or in other ways (e.g. to answer inquiries, in the context of legal advice and representation and to initiate or execute contracts). This also includes the possibility of providing customers and other interested parties with information about events, news about our company and similar content. This communication may take the form of newsletters and other regular contacts (electronically, by post, by telephone), for example. You have the option to refuse such communication or to refuse or withdraw your consent at any time. For this purpose, we process in particular the content of the communication, your contact details and the metadata of the communication. In addition, image and audio recordings of video or telephone calls may also be made. In the case of audio or video recordings, we will inform you separately and you have the option of informing us if you do not wish to be recorded or wish to end the communication. If we need or want to verify your identity, additional data may be collected, such as a copy of your ID.
• Initiation and conclusion of contracts: In the context of initiating and concluding contracts, whether with you personally or with your client or employer, we may in particular collect and otherwise process your name, contact details, contract content, date of conclusion and any other data that is either provided by you or collected from public sources or third parties.
• Administration and processing of contracts: We collect and process personal data in order to fulfill our contractual obligations to customers and other contractual partners (such as suppliers, service providers and project partners). This includes data processing for contract enforcement (including debt collection and legal proceedings). For this purpose, we process in particular the data collected or created by us in the context of contract initiation, contract conclusion and contract processing, as well as data that we receive from public sources or other third parties (e.g. from the Internet). This data may include, among other things, minutes of meetings, consultation notes, internal and external correspondence and contract documents.
• Operation of our website: For the secure and stable provision of our website, we collect technical data, including the IP address, information about the operating system and settings of your end device, the region, the time and type of use. We also use cookies and similar technologies. Further information can be found in section 8.
• Improving our digital services: To continuously improve our website and other digital offerings, we collect data about your behavior and preferences. This is done by analyzing your navigation on our website and your interactions with our social media profiles.
• Security purposes and access controls: We collect and process personal data to ensure and continuously improve the appropriate security of our IT systems and other infrastructures. This includes monitoring and controlling electronic access to our IT systems and physical access to our premises, analyzing and testing our IT infrastructures, system and error checks and creating backup copies. We keep access logs for our premises for documentation and security purposes, both preventively and to investigate incidents.
• Risk management and corporate governance: We obtain and process personal data as part of risk management, for example to protect against criminal activities, and for corporate governance. This includes our business organization, such as resource planning, and corporate development, such as the acquisition and sale of business units or companies.
• Job application: If you apply for a job with us, we collect and process the relevant data to review your application, to carry out the application process and, in the case of successful applications, to prepare and conclude a corresponding contract. For this purpose, in addition to your contact details and the information from the communication, we also process the data in your application documents as well as additional information that we can obtain about you, for example from job-related social networks, the Internet, the media and references, provided that you consent to references being obtained. Data processing in connection with the employment relationship is subject to a separate privacy policy.
• Other purposes: Other purposes include, for example, training and education purposes and administrative purposes such as accounting. We may listen to or record telephone or video conferences for training, verification and quality control purposes. In such cases, we will inform you separately (e.g. through a display during the relevant video conference) and you are free to let us know if you do not wish to be recorded or wish to end the communication (if you only do not wish your image to be recorded, please deactivate your camera). Furthermore, we may process personal data for the organization, implementation and follow-up of events, including participant lists and content of presentations and discussions, as well as for the creation of image and sound recordings made during these events. The protection of other legitimate interests is also a purpose that cannot be listed exhaustively.

Origin of the data

From you: The majority of the data processed by us is disclosed by you (or your end device) (e.g. in the context of our services, the use of our website or communication with us). In individual cases, you are not obliged to disclose your data unless there is a legal obligation to do so. However, certain data is required if, for example, you wish to conclude contracts with us or make use of our services. The use of our website is also only possible with data processing.

To whom do we disclose your data?

Within the scope of the purposes listed in section 3, we transfer your personal data in particular to the categories of recipients listed below. If necessary, we will obtain your consent or have our supervisory authority release us from our duty of professional secrecy.

• Service providers: We work with service providers in Germany and abroad who (i) process data on our behalf (e.g. IT providers, cloud services for electronic signatures, etc.), (ii) on our joint responsibility or (iii) on their own responsibility, which they have received from us or collected for us. These service providers include IT providers, banks, insurance companies, debt collection agencies, public authorities, address verifiers and consulting firms. We generally conclude contracts with these third parties to regulate the use and protection of personal data.
• Software providers: We use third-party software to provide our services and for administrative purposes. These services may be relevant in the context of data processing.
• Hosting service providers: The hosting infrastructure of our website and other digital platforms is provided by hosting service providers (DTI Group). These service providers may have access to personal data in order to ensure the stable operation and security of our online platforms.

We also allow certain third parties to collect personal data from you on their own responsibility on our website and at events organized by us. Examples of this are media photographers and providers of tools that are integrated into our website. Insofar as our involvement in this data collection is not significant, these third parties bear sole responsibility for it. If you have any concerns or wish to exercise your data protection rights, please contact these third parties directly. Your data protection rights are listed in section 7. Information on the activities on our website can be found in section 8.

Will your personal data be transferred abroad?

We process and store personal data mainly in Switzerland and the European Economic Area (EEA). However, depending on the situation, for example through sub-processors of our service providers, personal data may potentially be transferred to any country worldwide. This may also be the case in the context of our work for clients, which means that your personal data may be transferred to any country in the world.

Your rights

You have certain rights in connection with the processing of your personal data. Under applicable law, you have the right to:

• to request information about the processing of your personal data;
• Correction of incorrect personal data;
• to request the deletion of your personal data;
• to object to the processing of your personal data;
• to request the disclosure of certain personal data in a commonly used electronic format or transfer to another controller;

If you wish to exercise your rights in relation to your personal data, please contact us. Our contact details can be found in section 2. To prevent misuse, we must verify your identity, if necessary by providing a copy of your ID.

Please note that certain conditions, exceptions or restrictions may apply to the exercise of these rights, for example for the protection of third parties, business secrets or due to our professional duty of confidentiality.

Cookies, similar technologies and social media plug-ins on our website

When using our website, including our newsletters and other digital offers, data is generated that is stored in logs, in particular technical data. In addition, we may use cookies and similar technologies such as pixel tags or fingerprints to recognize visitors to our website, analyze their behavior and record preferences. A cookie is a small file that is transferred between the server and your device and enables the identification of a specific device or browser.

You have the option of setting your browser so that it automatically rejects, accepts or deletes cookies. You can also specifically deactivate or delete cookies. Information on managing cookies in your browser can be found in the help menu of your browser.

As a rule, neither the technical data we collect nor cookies contain any personal information. Nevertheless, personal data that we or third-party providers commissioned by us receive from you may be associated with the technical data or the information stored in cookies and may reveal your identity.

We also use social media plug-ins, small software components that establish a connection between your visit to our website and a third-party provider. These social media plug-ins inform the third-party provider that you have visited our website and may send the third-party provider cookies that were previously placed in your web browser. For more information on how these third-party providers use your personal data collected through their social media plug-ins, please refer to their respective privacy policies.

In addition, we use our own tools and third-party services (which may also use cookies) on our website, in particular to improve the functionality or content of our website (e.g. integration of videos or maps), to compile statistics and to display advertising.

We currently use offers from the following service providers and advertising partners in particular. The contact details and further information on the individual data processing can be found in the respective data protection declarations:

• Google Analytics
  www.google.com , Google IrelandIreland
  Privacy policy: https://support.google.com/analytics/answer/6004245
• LinkedIn
  www.linkedin.com, Ireland
  Privacy policy: https://de.linkedin.com/legal/privacy-policy
• Meta
  www.facebook.com, Ireland
  Privacy policy: www.facebook.com/privacy/policy
• WordPress
  https://wordpress.com/de/, Ireland
  Privacy policy: https://automattic.com/de/privacy/

Some of the third-party providers we use are located outside Switzerland. Information on the transfer of data abroad can be found in section 6. With regard to data protection, they can either be “only” processors of ours or independent controllers. Further information on this can be found in the privacy policies of the respective third-party providers.

Data security

Our website is accessed via transport encryption (SSL/TLS). You can recognize an encrypted connection by the “https://” address in the browser line and the lock symbol in the browser bar.

Your personal data is stored securely on our own servers or the servers of our contract data processors by taking appropriate security measures. The website is protected by technical and organizational measures to prevent data loss, destruction and manipulation, as well as to prevent unauthorized access, modification or distribution by third parties. We have also taken appropriate measures to safeguard data protection within our company. Our employees and service providers commissioned by us are obliged to maintain confidentiality and comply with data protection regulations.

Please note that we accept no liability for the content and data protection of third-party websites linked to our website. We would like to point out that when you leave our website, you should consult the data protection declarations of the other websites and find out how your personal data is handled.

Further comments

We assume that the European General Data Protection Regulation (GDPR) is applicable in our case. However, should this exceptionally apply to certain data processing operations, the provisions of this Section 10 shall additionally apply exclusively for the purposes of the GDPR and the data processing operations covered by it.

We base the processing of your personal data in particular on the following principles:

• The processing is necessary for the initiation and conclusion of contracts as well as their administration and enforcement, as described in section 3 (Art. 6 para. 1 lit. b GDPR).
• Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, as described in section 3. This includes communication with you or third parties, the operation of our website, the improvement of our electronic offers, registration for certain offers and services, security purposes, compliance with Swiss laws and internal regulations, risk management and corporate governance as well as other purposes mentioned in section 3 (Art. 6 para. 1 lit. f GDPR).
• The processing is carried out on the basis of our mandate or our position under the law of the European Economic Area (EEA) or a Member State, whether required or permitted by law (Art. 6 para. 1 lit. c GDPR), or it is necessary to protect your vital interests or the vital interests of other natural persons (Art. 6 para. 1 lit. d GDPR).
• If you have separately consented to the processing, for example by a corresponding declaration on our website (Art. 6 para. 1 lit. a and Art. 9 para. 2 lit. a GDPR).

We would like to inform you that we generally process your data for as long as is necessary for our processing purposes (see section 3), provided that this does not conflict with any statutory retention periods or our legitimate interests, in particular for documentation and evidence purposes, or if storage is necessary for technical reasons (e.g. in the case of backups or document management systems). If there are no legal or contractual obligations or technical reasons to the contrary, we generally delete or anonymize your data after the storage or processing period has expired as part of our usual processes and in accordance with our retention policy.

It is important to note that failure to provide certain personal data may mean that it is not possible to provide the associated services or conclude a contract. We will always inform you if the provision of certain personal data is mandatory.

The right to object to the processing of your data set out in section 7 applies in particular to data processing for the purpose of direct marketing.

If you do not agree with our handling of your rights or data protection, please let us know (see contact details in section 2). If you are in the European Economic Area (EEA), you also have the right to lodge a complaint with the data protection supervisory authority in your country.

Our representative in the EEA pursuant to Article 27 of the General Data Protection Regulation (GDPR) is indicated in Section 1.

Changes to the data protection declaration

This privacy policy is not part of any contract with you. We reserve the right to amend this privacy policy at any time. The version published on this website corresponds to the current version.

Last update: November 2023