Privacy Policy for DPA/DSG Services Website

Responsible Entity

Synergis Consulting AG

Brown Boveri Platz 3

5400 Baden

Switzerland

Phone: +41 (0) 44 380 35 05

Email: admin@synergis.ch

Website: https://synergis.ch/

Introduction

This Privacy Policy explains how Synergis Consulting AG processes personal data of individuals who visit and use our DPA (Data Protection Act) services website built with Svelte ('the Website'). The Website collects minimal personal data, primarily through hosting and LinkedIn integration, as outlined below. This policy is a supplement to our main privacy policy, which can be found on our primary website.

General Information

Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Federation (Data Protection Act, DPA), every person has the right to protection of their privacy as well as protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this privacy policy.

In cooperation with our hosting provider, we strive to protect our databases as well as possible against unauthorized access, loss, misuse, or falsification.

We would like to point out that data transmission on the Internet can have security gaps. Complete protection of data against access by third parties is not possible.

By using this Website, you agree to the collection, processing, and use of data in accordance with the following description. This Website can generally be visited without registration. Data such as pages accessed or names of files retrieved, date, and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data is collected only to the extent necessary for the operation of the Website.

Data Collection

This Website collects minimal personal data, limited to:

• IP addresses processed for hosting purposes

• Pseudonymized data via LinkedIn cookies for analytics

• Standard server log information

No direct personal data (e.g., names, emails) is collected via this Website as there is no contact form or user registration functionality.

Use of Local Storage and Session Storage

To enhance your browsing experience, we use Local Storage and Session Storage, which are mechanisms in your browser to store data locally. These technologies allow us to save certain preferences and technical information to improve the functionality and usability of our website. We do not use cookies, and we do not track your activity on our website. Below is an overview of how we use these storage methods:

Local Storage:

We use Local Storage to save the following information:

• Language Preference: We store your selected language (e.g., "en" for English) to ensure the website displays in your preferred language across visits.

• Navigation State (SvelteKit): We store scroll positions (e.g., under the key 'sveltekitscroll') and snapshot data (e.g., under the key 'sveltekitsnapshot') to maintain your position on a page when navigating back and forth, and to manage the state of the website during navigation. This is handled automatically by SvelteKit, the framework powering our site, to provide a seamless user experience.

Data stored in Local Storage persists until it is explicitly cleared (e.g., by clearing your browser data).

Session Storage:

We may use Session Storage to temporarily store data during your visit to our website. This data is automatically deleted when you close your browser tab. Currently, we do not store any specific data in Session Storage, but we reserve the right to use it for temporary, session-specific purposes (e.g., form data or temporary navigation states) to improve your experience. If used, this data will not be shared with third parties and will be limited to what is necessary for the website's functionality.

Purpose and Legal Basis:

The use of Local Storage and Session Storage is necessary for the core functionality of our website, such as maintaining your language preference and ensuring smooth navigation. This processing is based on our legitimate interest in providing a functional and user-friendly website, as permitted under the Swiss Data Protection Act (DPA). The data stored does not contain personal information and is not used for tracking, profiling, or sharing with third parties.

Your Control:

You can manage or delete the data stored in Local Storage and Session Storage by clearing your browser's storage or cache. Instructions for doing so can be found in your browser's settings or help documentation. Note that clearing this data may reset your language preference and affect navigation features on our website.

Privacy Policy for SSL/TLS Encryption

This Website uses SSL/TLS encryption for security reasons and to protect data transmission. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit cannot be read by third parties.

Privacy Policy for Server-Log-Files

The hosting provider of this Website automatically collects and stores information in server log files, which your browser automatically transmits. These are:

• Browser type and browser version

• Operating system used

• Referrer URL

• Hostname of the accessing computer

• Time of the server request

This data cannot be directly assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.

Website Development and Hosting by suiXseven GmbH

This Website was developed by suiXseven GmbH (https://suixseven.ch) and is hosted in suiXseven's private cloud infrastructure, which operates on Infomaniak's hardware infrastructure. This means that while suiXseven GmbH manages the cloud environment and acts as our primary data processor, Infomaniak serves as a sub-processor providing the underlying hardware infrastructure. Both parties process data under appropriate data processing agreements.

Please note that our Website contains referral links to Infomaniak's services. If you click on these links and subsequently purchase Infomaniak's services, suiXseven GmbH (not Synergis Consulting AG) may receive a referral commission from Infomaniak. This commercial relationship does not affect the price you pay, but it does mean that Infomaniak will be able to identify that you were referred from this Website. This may involve the processing of certain identifiers such as your IP address or session information.

For information about how suiXseven GmbH processes data, please see their privacy policy at https://suixseven.ch. For information about Infomaniak's data handling practices, please refer to their privacy policy at https://www.infomaniak.com/en/legal/confidentiality-policy.

Privacy Statement for LinkedIn Integration

We use marketing services from LinkedIn, provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland ('LinkedIn'), within our DPA services website.

LinkedIn uses cookies to analyze how you use the Website. This allows us to measure the success of our LinkedIn campaigns and improve our offerings. Data collected may include your operating system, browser type, referrer URL, pages visited, and the date and time of your visit.

This data is pseudonymized and transferred to LinkedIn servers, which may include servers in the USA, where it is stored. LinkedIn does not store names or email addresses of users directly but associates the collected data with the cookie generated for each user.

You can prevent cookie storage by adjusting your browser settings, though this may limit some Website functionality. You can also object to data processing by LinkedIn directly at: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

All LinkedIn companies have adopted standard contractual clauses to ensure that data transfers to the USA and other non-EEA countries comply with GDPR requirements.

The legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interest), unless consent is required under Art. 6(1)(a) GDPR.

International Data Transfers

Data transferred to LinkedIn may be processed in the USA or other countries outside the European Economic Area (EEA). LinkedIn has implemented Standard Contractual Clauses to ensure lawful data transfers.

suiXseven GmbH is based in Switzerland, which operates under an EU adequacy decision, requiring no additional safeguards for data transfers.

Data Security

We implement appropriate technical and organizational measures to protect personal data processed through this Website. These measures include:

• SSL/TLS encryption for all data transmission

• Regular security updates and patches

• Access controls and authentication for all systems

However, please note that no internet transmission or electronic storage is 100% secure, and we cannot guarantee absolute security.

Your Rights Under Data Protection Law

Under the GDPR and Swiss data protection law, you have the following rights:

• Right to information about the personal data we process about you

• Right to correction of inaccurate data

• Right to deletion of your data under certain circumstances

• Right to restriction of processing

• Right to data portability

• Right to object to processing based on legitimate interest

• Right to withdraw consent at any time

• Right to lodge a complaint with a supervisory authority

To exercise these rights, please contact us using the information provided in the "Contact Information" section.

Retention of Data

We store personal data only as long as necessary for the purposes described in this privacy policy or as required by law. Server logs are typically retained for no more than 90 days.

Changes to this Privacy Policy

We may update this privacy policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. The current version published on our Website applies. If the privacy policy is part of an agreement with you, we will inform you of any material changes.

Contact Information

For privacy-related inquiries or to exercise your data protection rights, please contact us via our main website at https://synergis.ch/ or via email at admin@synergis.ch.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Your consent (Art. 6(1)(a) GDPR)

• Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)

• Compliance with legal obligations (Art. 6(1)(c) GDPR)

• Protection of vital interests (Art. 6(1)(d) GDPR)

• Performance of a task carried out in the public interest (Art. 6(1)(e) GDPR)

• Legitimate interests pursued by us or a third party (Art. 6(1)(f) GDPR)

Copyrights

The copyright and all other rights to content, images, photos, or other files on the Website belong exclusively to Synergis Consulting AG or the specifically named rights holders. For the reproduction of any files, written consent must be obtained in advance from the copyright holder.

General Disclaimer

All information on our Website has been carefully checked. We endeavor to offer our information up-to-date, correct in content, and complete. Nevertheless, errors may occur, and we cannot guarantee completeness, correctness, or timeliness of information. Liability claims regarding damage caused by the use of any information provided will be rejected, unless there is evidence of intentional or gross negligence.

The publisher may change or delete content at their own discretion and without announcement and is not obliged to update the contents of this Website. The use of or access to this Website is at the visitor's own risk. We assume no responsibility for damage allegedly caused by visiting this Website.

We also assume no responsibility for the content and availability of third-party websites that can be accessed via external links on this Website. The operators of linked pages are solely responsible for their content.

Last updated: 14.03.2025