Privacy​

Privacy

This privacy notice (the “Privacy Notice“) informs you about how OTT Investments GmbH (Pk. Höchi Allee 6, 6353 Weggis, Switzerland), (“we“, “us” or “Company“), treats your personal data (“Data“) according to the Swiss Federal Act on Data Protection (“DPA“) and the EU General Data Protection Regulation (“GDPR“), as applicable, when using our website (the “Website“), any of the services provided on or through the Website (the “Services“), or in any of the other situations set out in Section 3.

1. Controller, Representative and Contact Details

Controller is OTT Investments GmbH, Pk. Höchi Allee 6, 6353 Weggis, Switzerland (E-Mail: contact@ott-investments.com).

2. Obligation to Provide Data and Your Sharing of Third Party Data

You are in general under no obligation to provide us with any Data. However, if you do not provide the required information regarding certain use cases set out in Section 3 (in particular Registration Data, as defined in Section 3.4), we may not be able to process your corresponding request, provide the related services or get in contact with you.

If you share with us personal data regarding any other individual (e.g. regarding your relatives, family members, colleagues, etc.) we assume that this data is correct. By sharing such data with us, you confirm that you are authorized to share such data with us and that you have informed the affected individuals about this Privacy Notice.

3. Processed Data, Purpose and Legal Basis

We may process various categories of Data, depending on the circumstances as set out hereinafter. We may process your Data for security and access control purposes (GDPR 6.1.1.f) or in order to comply with legal obligations, directive and recommendations from authorities (GDPR 6.1.1.c) and internal regulations, including such purposes as compliance, risk management, corporate governance and business organization (GDPR 6.1.1.f).

To the extent required under the GDPR, our processing is generally based on (a) the need for performance of our contract with you or for processing your request for a contract (GDPR 6.1.1.b); (b) the need for compliance with legal obligations to which we are subject (GDPR 6.1.1.c); (c) legitimate interests in fulfilling the purposes mentioned below (GDPR 6.1.1.f) and/or as otherwise specified in the following Sections hereinafter.

3.1 Website Use

The Data processing related to your use of our website is limited to Data that is required to operate, provide and secure the website and the services provided thereon (“Website Use Data“) and for web analysis purposes (“Website Analysis Data“).

Categories of Data: When accessing our Website (and through our Website the Services), the following information about your device may be collected automatically: server name, IP address, operating system, type of device, browser name and version, date and time of access, address of the website from which you were redirected to our Website (if applicable). We may analyze your use of our Website with web analysis tools, including  Google Analytics (with IP anonymization activated). Further information on the use of data by Google and configuration options can be found here: https://www.google.com/intl/en/policies/privacy/partners.

Purpose and Legal Basis: The processing regarding Website use is based on our legitimate interest to operate and secure our Website and our Services, in particular for security reasons to ensure the stability and integrity of our systems (GDPR 6.1.1.f). In addition, we may perform basic web analysis based on our legitimate interest (GDPR 6.1.1.f) to optimize the Website regarding usability and to gain insights about the use of our Website and Services. The collected data will not be merged with other personal data or disclosed to third parties. Enhanced web analysis using cookies is, within the scope of applicability of the GDPR, based on your consent (GDPR 6.1.1.a), cf. below Section 3.3.

3.2 Communication

We may be in contact with you by use of different channels, e.g. if you fill out forms on our Website, send us e-mails, or by using other electronic (or hardcopy) communication means, whereby Data may be exchanged (“Communication Data“).

Categories of Data: If you fill out our contact forms, send us an e-mail or another form of electronic message (or hardcopy message, e.g. a letter), we may collect such information as your name, e-mail address (or other form of communication identifyer, e.g. messenger nickname), phone number, subject matter, corresponding message content, related metadata and any other information you choose to disclose in your communication to us.

Purpose and Legal Basis: We use Communication Data to process your inquiry and any possible further questions you might have in relation to the performance of our Services (GDPR 6.1.1.b) and any other related questions and matters based on the content of your communication with us (GDPR 6.1.1.a). We may also keep this data to document our communication with you, for training purposes, for quality assurance and for follow-up inquiries (GDPR 6.1.1.f).

3.3 Cookies

Website Analysis Data may also be collected via the use of cookies. Cookies are small files that are managed by your browser and are directly stored on your device whenever you visit our Website. You can disable the use of cookies in the preferences of your browser, but this might have as a consequence that not all functions of our Website or Services will be available to you or function properly anymore.

Categories of Data: Website Use Data, Website Analysis Data and such further Data as specified in the [Cooky Policy / Consent Management Tool].

Purpose and Legal Basis: We may use cookies on our Website to ensure a user-friendly experience (e.g. session cookies), as they allow us to recognize your browser on your next visit in order to provide you a user-friendly experience based on our legitimate interest (GDPR 6.1.1.f). Enhanced web analysis using cookies is, within the scope of applicability of the GDPR, based on your consent (GDPR 6.1.1.a). For further information please see our [Cooky Policy / Consent Management Tool].

3.4 Services

When using our Services, you may be required to register, e.g. by opening an account or create a login, and when using our Services based on your login or account, we may collect further Service related Data, including Contract Data (as defined in Section 3.7) in relation to the Services (altogether “Service Data“, including Registration Data and Usage Data as defined hereinafter).

Categories of Data: When registering for our Services, you may be required to open an account or create a login, for which we may require such information as for example first name, last name, username, password, e-mail, etc. (“Registration Data“). This may also include further information we require from you in order to be able to provide you with the Services (e.g., depending on the Service, such further information as name, e-mail, phone number, address, contact details, profession, role and function, bank details, date of birth, customer history, etc.). Furthermore, when using our Services, we may analyze your use of our Services in order to get to know you better and tailor our Services to you, by collecting data about your behavior and preferences, including supplementing such data with third-party information, including from public sources (altogether “Usage Data“).

Purpose and Legal Basis: In general, Service Data will be used to provide our Services, in particular the Services related to our Innspire data platform accessible through our Website (GDPR 6.1.1.b). We may also process Service Data, in particular Usage Data, for market research, to improve our services and operations, and for product development, based on our legitimate interest (GDPR 6.1.1.f). We may also use Service Data to document our Service delivery, for training purposes or for quality assurance, based on our legitimate interest (GDPR 6.1.1.f).

3.5 Marketing and Newsletters

We may process your Data for marketing purposes and relationship management, in particular newsletters (altogether “Marketing Data“).

Categories of Data: Marketing Data may in particular include your contact information (e.g. first name, last name, company type and name, business function / title, e-mail, address, etc.) and such further data categories as your preferences (e.g. your areas of interest), Communication Data, Service Data and Contract Cata.

Purpose and Legal Basis: We process Marketing Data for marketing purposes and relationship management, for example to send our customers and other contractual partners personalized advertising for our services and products or for such from third parties, e.g. in the form of newsletters or other regular contacts either in person, via e-mail or other electronic form, by phone or any other communication channel for which we have contact information from you and by any other marketing means (e.g. through contests, events, fairs, etc.). We do so based on our legitimate interest to keep you informed about our products and services (GDPR 6.1.1.f), to the extent permitted by applicable marketing regulation, or, where required, based upon your consent in this regard (GDPR 6.1.1.a). In either case, you can object at any time or refuse or withdraw your consent to be contacted for marketing purposes.

3.6 Job Applications

We may process such of your Data as you provide to us in connection with an application for a job opening (“Application Data“).

Categories of Data: Application Data may in particular include your contact information, information about your working permit situation, your education and professional experience, and any other information you choose to provide to us in connection with your application.

Purpose and Legal Basis: We process Application Data for the assessment of your application and potential negotiation, preparation, conclusion and performance of an employment contract with you (GDPR 6.1.1.b). In case no employment contract is concluded, but you provide your consent to us to retain your application for further job openings, we may do so based on your consent (GDPR 6.1.1.a).

3.7 Contracts

If we enter into a contract with you, or into negotiations regarding such contract, we may collect Data in relation to the conclusion or performance of such a contract (“Contract Data“). In general, we collect this Data from you or other contractual partners and from third parties involved in the performance of the contract, but may also use Data from third-party sources (for example credit information or market data providers) as well as from public sources.

Categories of Data: Contract Data may include Registration Data, Service Data in general and such further information as e.g. relating to the services to be provided, to your preferences, your feedback, etc.

Purpose and Legal Basis: We use Contract Data for the preparation, conclusion, performance and administration of our contractual relationships and any questions or inquiries that might arise in that relation (GDPR 6.1.1.b). We may also keep this data to document our communication with you, for training purposes, for quality assurance and for follow-up inquiries (GDPR 6.1.1.f).

3.8 Profiling

We may use your Data to automatically evaluate personal aspects relating to you (so-called “Profiling“), but will not use it for automated decision making.

Categories of Data: Depending on the specific circumstances, the Data categories listed in this Section 3 may be used for Profiling.

Purpose and Legal Basis: Profiling may be performed for the purposes set out in this Section 3, in particular in order to determine preferences, to detect misuse and security risks, to perform statistical analysis or for operational planning (GDPR 6.1.1.f). Profiling will only be used to gain a bettter understanding of certain aspects and will not lead to automated individual decision making (GDPR 22.1).

4. Disclosure

We may make your Data available to the following recipients in compliance with the applicable legal requirements:

  1. our group companies;
  2. external service providers (e.g. IT and technical services providers, business information providers, newsletter management service providers, etc.);
  3. contractual partners (to the extent the disclosure results from such contracts, e.g. if you use our Services under a contract that we have with your employer);
  4. authorities (in Switzerland and abroad, if we are legally obliged or entitled to such disclosures or if it appears necessary to protect our interests);
  5. transaction partners and advisors (e.g. in relation to mergers, acquisitions or other business transactions involving us or our group companies)

5. Storage Periods and Erasure

We process and retain Data for as long as our processing purposes, the legal retention periods and our legitimate interests regarding documentation require it or storage is a technical requirement. Except in case of contrary legal or contractual obligations, we will erase or anonymize your Data once the storage or processing period has expired. Regarding specific use/data categories, we will in general retain your Data as follows:

Contract Data: We generally keep Contract Data for the duration of the statute of limitation duration regarding contractual claims, as calculated from the end of the contract, if and to the extent (a) we are not legally obliged to retain such Data (e.g. for accounting or document retention purposes) for longer and (b) we do not have an overriding legitimate interest to retain such data for documentation, quality assurance or similar business purposes or for the assessment or exercise of or for the defense against legal claims.

Website Use Data: As long as required to enable the requested access and secure the stability and integrity of our systems.

Website Analysis Data: Will be stored for as long as required to perform the analysis and will thereafter be deleted or anonymized.

Communication Data: Will be deleted after responding to / completing your inquiry, if and to the extent (a) we are not legally obliged to retain such Data (e.g. for accounting or document retention purposes) and (b) we do not have an overriding legitimate interest to retain such data for documentation, quality assurance or similar business purposes or for the assessment or exercise of or for the defense against legal claims.

Cookies: Cookies will be stored on your device for the time period required to achieve the related purpose and as further set out in the [Cooky Policy / Consent Management Tool] and will thereafter be deleted by your browser.

Service Data: In general as long as you are accessing (or have the right to access) our Services, and such Data will be deleted after termination of your contract and/or deletion of your acount, if and to the extent (a) we are not legally obliged to retain such Data (e.g. for accounting or document retention purposes) and (b) we do not have an overriding legitimate interest to retain such data for documentation, quality assurance or similar business purposes or for the assessment or exercise of or for the defense against legal claims.

Marketing Data: We generally keep Marketing Data which is not part of any other data category for as long as related marketing measures are ongoing and 12 months thereafter, if and to the extent (a) we are not legally obliged to retain such Data (e.g. for accounting or document retention purposes) and (b) we do not have an overriding legitimate interest to retain such data for documentation, quality assurance or similar business purposes or for the assessment or exercise of or for the defense against legal claims.

Application Data: We generally keep Application Data for the duration of the application process and 3 months thereafter, unless you ask or allow us to retain your application for a longer time. We may retain Application Data for longer for the assessment or exercise of or for the defense against legal claims, if applicable.

6. Right to Object

Regarding any processing of your Data based on our legitimate interest (GDPR 6.1.1.f), you may have the right to object to such processing by explaining your particular reasons and specific circumstances on which your objection is based.

Regarding cookies through which certain Data may be collected, you can block the setting of such cookies at any time by changing the settings in your browser accordingly. You will then be notified whenever your browser attempts to create a cookie and you can decide whether you want to allow the cookie or not. Please note that a deactivation of cookies may result in a limited user experience and you may not be able to use every function of our Website or Services or to access the Services in an appropriate manner altogether.

7. Your Rights as Affected Data Subject

You have the right to request information about your Data we process and further rights regarding such data processing. In particular, you have – or may have, depending on the circumstances – the right to:

  • Information, i.e. to ask us whether we are processing Data about you, and if so, to provide you with further information related thereto.
  • Correction, i.e. to ask us to correct your Data if it is incorrect or incomplete.
  • Deletion, i.e. to delete your Data (to the extent we are not under a legal obligation or have an overriding legitimate interest to retain such Data).
  • Restrict Processing, i.e. to ask us to temporarily restrict our processing of your Data.
  • Data Portability, i.e. to ask us to provide you in electronic form (to the extent technically feasible) the Data you have provided to us.
  • Withdraw Your Consent, i.e. to withdraw your consent if and to the extent you have previously given your consent to any specific purpose of processing of your Data. This will not affect the lawfulness of any processing carried out before you withdraw your consent (or any processing based on any legal basis other than your consent) and it may mean that we will no longer be able to provide our Services to you.

In case you wish to exercise any of these rights, please contact us as specified in Section 1. Before responding to your request, we may ask for proof of identity. This helps us to ensure that your Data is not disclosed to any person who has no right to receive it.

8. Data Security

We have put appropriate technical and organizational security policies and procedures in place to protect your Data from loss, misuse, alteration or destruction. We limit access to personal data in general. Those individuals who have access to the data are required to maintain the confidentiality of such information.

10. Changes to this Privacy Notice

This Privacy Notice does not form part of any contract with you and we may amend it at any time. The version published on this website is the version that currently applies.

 

OTT Investments GmbH, February 2024

Scroll to Top