Personal Data Protection Statement
SWIBECO SA makes protection of privacy a priority, particularly data protection. SWIBECO SA therefore endeavours to treat all data provided with the utmost care and complies with the provisions of Swiss legislation on the protection of personal data. This statement also informs you of your personal data protection rights related to data processing by SWIBECO SA. User data is collected during the user’s visits to our website and their potential interactions with the services and features we offer. This statement has been drawn up in accordance with the provisions of the Federal Law on the Protection of Personal Data (“LPD”) of September 25, 2020, the Data Protection Ordinance (“DPO”) of August 31, 2022, and is inspired by the best practices indicated in the General Data Protection Regulation (EU) 2016/679 (“GDPR”).1. Website: Data Controller
The Data Controller is: SWIBECO SA , Chemin de Primerose 11, 1007 Lausanne, Switzerland This website is hosted by: Exoscale SA, Boulevard de Grancy 19A, Lausanne, Switzerland2. Platform and Lunch Card: Who is the Data Controller?
The Data Controller defines the purposes and methods of processing personal data, while the Data Processor processes the data in accordance with specific data protection guidelines, acting under the authority of the Data Controller. Depending on the activities involved, our role may vary from Data Processor to Data Controller for the client company:- In general, Swibeco SA acts as a Data Processor for its client companies (who then act as Data Controllers) with regard to the Personal Data collected under the service contract with Swibeco SA.
- However, Swibeco SA acts as the Data Controller for Personal Data collected for services provided, in particular during (1) creation and management of the Professional user administrator account; (2) purchase by users of online services.
Host
The host of the Platform and Lunch Card is: Exoscale SA, Boulevard de Grancy 19A, Lausanne, Switzerland This Privacy Policy does not govern how client companies (your employer), for example, handle your Personal Data. You should refer to the relevant client companies, particularly your employer, for information on how your data is processed by them. Whether as Data Controller or Data Processor, we implement measures to guarantee the security and confidentiality of the Personal Data we manage, in compliance with the laws in force.3. Collecting your personal data
When you consult and navigate on the website www.swibeco.chHow? | In what context? |
The data you send us | Contact: for example, to ask us a question or when you request information about a product or service (sex, first name, last name, e-mail, company telephone number, job title). |
Data from third parties, including information about your use of www.swibeco.ch | We collect basic information relating to your connection to our website, which you provide when you browse the www.swibeco.ch website. This includes IP address, device type, browser type, date, and time of connection, as well as information on visitor behaviour (pages visited, duration). We use Google Analytics to collect this information, but it is only processed in a way that does not personally identify individuals. |
How? | In what context? |
Data provided by the employer | Employee account creation: sex, first name, last name, language, e-mail, date of birth, address. In this context, Swibeco acts as a Data Processor and not as a Data Controller. |
The data you send us | Administrator account creation: first name, last name, e-mail, telephone, address. Please note that compulsory data to be provided is indicated by an asterisk at the time of collection. |
Contact: for example, to ask us a question or when you request information about a product or service (gender, first name, last name, e-mail, company telephone number, job title). | |
Placing an order: first name, last name, e-mail, telephone, delivery, and billing address. | |
Data from third parties, including information about your use of www.swibeco.swibeco.ch | We collect basic information relating to your connection to our website, which you provide when you
|
How? | In what context? |
Data provided by the employer | Employee account creation: sex, first name, last name, language, e-mail, nationality, date of birth, card delivery address. In this context, Swibeco acts as a Data Processor and not as a Data Controller. |
The data you send us | Employee account creation on our Lunch Card mobile application: phone number. |
Data from third parties, including information about your use of the Lunch Card | We collect basic information relating to your use of the Lunch Card to be able to assist you if necessary, including:
|
4. Use of your personal data
The personal information collected by SWIBECO SA is used for commercial and marketing purposes and is treated as strictly confidential. We process your personal data for the following purposes:On what basis? | Purposes |
When we have your consent | – SWIBECO SA may process your personal data for marketing purposes, to send you promotional information, product information and company news by e-mail, SMS, MMS, and push notifications. – We place cookies and other trackers in accordance with our cookie policy. – Occasionally and with your consent, we will use your personal data for the purposes described at the time of collection. |
When processing is necessary to comply with a legal obligation | – This includes disclosing information to law enforcement agencies, in the exercise of legal rights, or for regulatory purposes. |
When it is necessary for the legitimate interests of SWIBECO SA and when these interests prevail over your data protection rights. | – We monitor user accounts to prevent, investigate and/or report any fraud, security incidents or criminal actions, in accordance with applicable laws. – We use the information you provide to investigate any complaints or claims you make about www.swibeco.ch or our services. – We analyse the use of www.swibeco.ch and use your information to help us improve, analyse and protect our content, products, and services. – We use the information you provide to personalize the services we provide on the platform. – We protect the rights of SWIBECO SA. This includes any use for legal, compliance, audit, investigative or regulatory purposes (including disclosure of such data in connection with legal proceedings or litigation). |
5. Data transfer / Retention period
In principle, your personal data will not be transferred to third parties, unless required by law, or if the execution of your order requires the use of one of our partner service providers (commercial partner, payment service providers, carriers, solvency check service providers). In all cases, SWIBECO SA and any subcontractors who process or access your personal data will do so from Switzerland or the EEA. In the event that data is processed outside Switzerland or the EEA, and in accordance with the DPA, the DPO and EU Regulation 2018/1725, Swibeco SA will ensure in advance that an adequate level of protection of individuals’ fundamental right to data protection is provided, such as by adopting the European Commission’s Standard Contractual Clauses.- Subcontractors public website www.swibeco.ch:
Supplier name | Location | Service category | Type of task performed | Guarantees for transfers outside Switzerland |
EXOSCALE | Switzerland | Hosting | Swibeco data hosting service | N/A |
AXEPTIO | European Union | Consent management platform | Helps Swibeco manage cookie consent | Approved countries |
ZOHO | European Union | CRM | Swibeco client management tool | Approved countries |
- The list of subcontractors for the Platform and the Lunch Card can be consulted upon request at privacy@swibeco.ch.
- 2 years for contact (via our contact forms on Swibeco.ch),
- 60 days after the end of the contract for all contractual relationships;
6. Rectification of your personal data
We attach great importance to the accuracy of the data we hold about you. At any time:- You may request access to and modification of your personal data,
- You may request the deletion of your personal data,
- You may also restrict the processing of your personal data,
- If at any time we have asked for your consent, you may withdraw it at any time,
- You may request to receive your personal data in a structured, machine-readable format (portability),
- You may object to processing in certain situations.
7. Data security
We take appropriate security measures (both organizational and technological) to protect your information against unauthorized access, alteration, disclosure, or destruction.8. Payment security
Your credit card data is always stored and transmitted in encrypted form. The use of SSL (Secure Socket Layer) encryption technology ensures that your data is protected from outside access.9. Use of cookies (see cookie policy)
To make access to swibeco.ch more convenient and to provide you with the best possible experience, we use cookies. Cookies are small files that only record information related to your browsing preferences and never contain sensitive information. The purpose of these files is to identify you more quickly on your next visit and personalize certain aspects of the website, such as language, to improve your user experience. On the www.swibeco.ch website, Swibeco SA uses various categories of cookies to improve the interactivity of the website and its services. These cookies may be used both by Swibeco SA and by third-party technical service providers, to optimize your user experience and offer advanced functions. For more information, please consult the cookie policy.10. Right to file a claim
You also have the right to notify the Swiss Federal Data Protection and Information Commissioner (FDPIC) at Feldeggweg 1 – CH-3003 Bern of any claims relating to the way in which Swibeco SA collects and processes your data.11. Data Protection Officer
Swibeco SA has appointed a Data Protection Officer and declared them to the Federal Data Protection Commissioner in accordance with Art. 10, line 3, let. d of the LPD. E-mail address: privacy@swibeco.ch12. Changes
This data protection statement may be amended by SWIBECO SA at any time. Consult it regularly.Cookie policy
To make access to swibeco.ch more convenient and to provide you with the best possible experience, we use cookies. Cookies are small files that only record information related to your browsing preferences and never contain sensitive information. The purpose of these files is to identify you more quickly on your next visit and personalize certain aspects of the website, such as language, in order to improve your user experience. On the www.swibeco.ch website, Swibeco SA uses various categories of cookies to improve the interactivity of the website and its services. These cookies may be used both by Swibeco SA and by third-party technical service providers, to optimize your user experience and offer advanced functions. Please note that this cookie policy is an essential part of our privacy policy for the website, demonstrating our commitment to the protection of your personal information.1. What is a cookie?
A cookie is a small file stored by a server on a user’s terminal (computer, telephone, etc.) and associated with a web domain (i.e., in most cases with all the pages of a single website). This file is automatically sent when you contact the same domain again. The purpose of cookies is to identify you more quickly on your next visit and personalize certain aspects of the website, such as language, in order to improve your user experience. Some of these uses are strictly necessary for the functions expressly requested by the user, or to establish communication, and are therefore exempt from consent. Others, which do not meet these criteria, require user consent before reading or writing. The distinction between “third-party” and “first-party” cookies is technical.- “First-party” cookies are deposited by the website visited by the user, more precisely on the website’s domain. They may be used for proper operation of the website or to collect personal data to track user behavior and for advertising purposes;
- “Third-party” cookies are cookies deposited on domains other than that of the main website, generally managed by third parties who have been asked to do so by the website visited and not by the user themselves. These cookies may also be necessary for the website to function properly, but their main purpose is to enable the third party to see which pages have been visited on the website in question by a user, and to collect information about them, mainly for advertising purposes.
2. Cookie management
You can manage your cookie preferences at any time by clicking on “Cookie Management”. This will allow you to accept, refuse or modify your choice of cookies according to your preferences. If you refuse cookies, some aspects of the website and platform may not function on your device, and you may not be able to access certain areas of the www.swibeco.ch website or platform. This is why we recommend that you accept cookies.3. Cookies we use
3.1. Required cookies
Required cookies are essential for using the website and its functions. They are therefore deposited without your consent. These cookies enable the website to function optimally. List of required cookiesRequired cookies | |||
Cookie name | Supplier | Purposes | Expiration |
_zcsr_tmp | crm.zoho.eu | Zoho CRM connection on the website. | Session |
_zcsr_tmp | maillist-manage.com | Zoho Campaigns connection on the website. | Session |
_zcsr_tmp | salesiq.zohopublic.eu | Zoho Salesiq connection on the website. | Session |
bscookie | linkedin.com | Login to connect to a website via LinkedIn. | 1 year |
hex (10) | crm.zoho.eu | Records which zoho crm server group serves the visitor in order to optimize the user experience. | Session |
hex (10) | forms.zoho.eu | Records which zoho form server group serves the visitor in order to optimize the user experience. | Session |
hex (10) | ma.zoho.com | Records which zoho ma server group serves the visitor in order to optimize the user experience. | Session |
hex (10) | maillist-manage.com | Records which zoho Campaigns server group serves the visitor in order to optimize the user experience. | Session |
hex (10) | salesiq.zoho.eu | Records which zoho Salesiq server group serves the visitor in order to optimize the user experience. | Session |
hex (10) | salesiq.zohopublic.eu | Records which zoho Salesiq server group serves the visitor in order to optimize the user experience. | Session |
JSESSIONID | maillist-manage.com | Preserves user settings through page requests. | Session |
li_gc | linkedin.com | Stores permission to use cookies. | 180 days |
test_cookie | doubleclick.net | Cookie test for Doubleclick. | 1 day |
zc_consent | Swibeco | Determines whether the user has accepted the cookie consent box. | 1 year |
#_zldp | Swibeco | Sets a unique identifier for the user. | 1 year |
#_zldt | Swibeco | Sets a unique identifier for the user. | 1 day |
ln_or | Swibeco | Records user behavior. | 1 day |
siqlsdb | Swibeco | Sets a unique identifier for the user. | Persistent |
utsdb | Swibeco | Records visitor behavior data. | Persistent |
3.2. Preference cookies
Preference cookies enable a website to remember information that modifies the way the website behaves or displays, such as your preferred language or the region in which you are located. Preference cookie listPreference cookies | |||
Cookie name | Supplier | Purposes | Expiration |
_icl_visitor_lang_js | Swibeco | Saves the user’s preferred language. | 2 days |
lidc | linkedin.com | Records which LinkedIn server group serves the visitor in order to optimize it. | 1 day |
LS_CSRF_TOKEN | salesiq.zohopublic.eu | Identifies the user through devices. | Session |
wpml_browser_redirect_test | Swibeco | Saves the user’s preferred language. | Session |
wp-wpml_current_language | Swibeco | Designates the country code according to the user’s IP address. | Session |
3.3. Statistical cookies
Statistical cookies help website owners, by collecting and communicating information anonymously, to understand how visitors interact with websites. Statistics cookies listCookies de statistiques | |||
Cookie name | Supplier | Purposes | Expiration |
AnalyticsSyncHistory | linkedin.com | Synchronization of analysis data. | 30 days |
ZCAMPAIGN_CSRF_TOKEN | maillist-manage.com | Distinguishes between humans and robots. | Session |
_ga | Google Analytics | Stores a unique identifier used to generate statistical data on how the visitor uses the website. | 2 years |
_ga_# | Google Analytics | Used by Google Analytics to collect data on the number of times a user has visited the website as well as the dates of the first and most recent visits. | 2 years |
3.4. Marketing cookies
Marketing cookies are used to track visitors through websites. The aim is to display ads that are relevant and interesting to the individual user, and therefore more valuable to third-party publishers and advertisers. Marketing cookies listCookies marketing | |||
Cookie name | Supplier | Purposes | Expiration |
_fbp | Facebook ad tracking. | 3 months | |
_gcl_au | Google Ads | Google advertising effectiveness. | 3 months |
_uetsid | Bing.com | Tracks users on the website. | Persistent |
_uetsid | Bing.com | Collects user data. | 1 day |
_uetsid_exp | Bing.com | Contains the expiration date of the cookie with identical name. | Persistent |
_uetvid | Bing.com | Tracks users on the website. | 1 year |
_uetvid_exp | Bing.com | Contains the expiration date of the cookie with identical name. | Persistent |
bcookie | linkedin.com | Tracks use of services. | 1 year |
crmcsr | crm.zoho.eu | Collects user preference data. | Session |
gclid | Google Ads | Collects user data. | 30 days |
li_sugr | linkedin.com | Collects user data. | 3 months |
MUID | Bing.com | Creates a unique user ID. | 1 year |
pagead/1p-user-list/# | Google Ads | Session | |
uesign | salesiq.zohopublic.eu | Creates a unique user ID. | 30days |
UserMatchHistory | linkedin.com | Guarantees visitor security | 30 days |
utm_medium | Google Ads | Collects user preference data. | 7 days |
utm_source | Google Ads | Determines how users access the website. | 7 jours |
zc_show | maillist-manage.com | Collects user preference data. | 1 year |
3.5. Unclassified cookies
Unclassified cookies are cookies that are in the process of being classified, as well as those from individual cookie providers. List of unclassified cookiesCookies non classés | |||
Cookie name | Supplier | Purposes | Expiration |
B-CapG | Swibeco | – | 1 day |
cDPdRvQNgwuysiL | Swibeco | – | 1 day |
DfCYnE | Swibeco | – | 1 day |
JnCr_itlVPhd | Swibeco | – | 1 day |