Pri­va­cy statement

OF SWISSCOM DIRECTORIES LTD

March 2022 
1. Intro­duc­tion

In this Pri­va­cy State­ment, Swiss­com Direc­to­ries Ltd (here­inafter «We» or «localsearch») informs you, among oth­er things, about who is respon­si­ble for pro­cess­ing your Data, what Data we col­lect in con­nec­tion with your vis­it to our web­sites and the use of our ser­vices, offers and prod­ucts (here­inafter «Ser­vices»), for what pur­pos­es we process this Data and to whom we may dis­close this Data in some cas­es. In addi­tion, We inform you about the length of pro­cess­ing your Data, the legal basis for the pro­cess­ing (inso­far as any such basis should be nec­es­sary), as well as about what rights you are enti­tled to in rela­tion to Us with regard to the pro­cess­ing of your Data. This Pri­va­cy State­ment applies to all of your Data that We already have in our pos­ses­sion or that We will have in the future. Please note that We can amend the Pri­va­cy State­ment from time to time. The most recent ver­sion, as pub­lished on www.localsearch.ch, shall be applicable.

«Per­son­al Data» is deemed to be all infor­ma­tion that relates to a spe­cif­ic or speci­fi­able per­son. This par­tic­u­lar­ly includes infor­ma­tion such as name, address, tele­phone num­ber, e‑mail address, and in some cir­cum­stances also IP address­es and device IDs. In the present Pri­va­cy State­ment, the gener­ic term «Data» also includes non-per­son-relat­ed data and anonymised data along with Per­son­al Data. «Pro­cess­ing» or «process» is under­stood to mean any han­dling of Data, regard­less of the means and process­es used, par­tic­u­lar­ly col­lect­ing, stor­ing, using, rework­ing, pub­lish­ing, archiv­ing, or delet­ing Data.

If you pro­vide Us with the Per­son­al Data of oth­er indi­vid­u­als, please ensure that these per­sons are aware of this Pri­va­cy State­ment, and only noti­fy us of their Per­son­al Data if you are enti­tled to do so pur­suant to applic­a­ble data pro­tec­tion law.

2. Con­troller, point of contact

Swiss­com Direc­to­ries Ltd, För­rlibuck­strasse 62, 8005 Zurich, Switzer­land, is the Con­troller for the Data Pro­cess­ing pur­suant to this Pri­va­cy State­ment. For any con­cerns and ques­tions in con­nec­tion with data pro­tec­tion, please con­tact us at dataprivacy@localsearch.ch. As an addi­tion­al point of con­tact in the EU, our data pro­tec­tion rep­re­sen­ta­tive is avail­able to you and the super­vi­so­ry author­i­ties. Our data pro­tec­tion rep­re­sen­ta­tive can be con­tact­ed by mail to VGS Daten­schutz­part­ner UG, Am Kaiserkai 69, 20457 Ham­burg, Ger­many or by e‑mail to info@datenschutzpartner.eu.

3. Cat­e­gories of processed Data

We col­lect spe­cif­ic Data when you use our Ser­vices and are in con­tact with localsearch (e.g., when vis­it­ing our web­sites, using one of our mobile apps or anoth­er of our dig­i­tal ser­vices, mak­ing a con­tract, reg­is­ter­ing, and log­ging into your user account, or when in con­tact with our employ­ees). We fun­da­men­tal­ly col­lect this Data direct­ly from you. In spe­cif­ic cas­es, it may occur that We receive Data from oth­er per­sons (e.g., if a third par­ty pro­vides a rat­ing or a com­ment that relates to you through one of our Ser­vices, if your employ­er pro­vides Us with your con­tact infor­ma­tion, or if a com­pa­ny with which you main­tain a con­trac­tu­al rela­tion­ship for­wards your Data to Us). We may also obtain Data from third par­ties or from pub­lic sources.

The Per­son­al Data that We process may include the fol­low­ing Data:

  • Data that was pro­vid­ed to Us at reg­is­tra­tion for one of our Ser­vices (e.g., name, con­tact data, sex, mar­i­tal sta­tus, date of birth, pro­fes­sion, pho­to, depen­dents, employ­ees, lan­guage, pay­ment infor­ma­tion, access data, inter­ests, infor­ma­tion on adver­tis­ing, opt-ins and opt-outs, etc.).
  • Data relat­ing to offers and con­clud­ed con­tracts (e.g., con­tract date, type, con­tent, prod­uct, par­ties, term, val­ue, and amend­ments pay­ment details, con­tact data, con­tact per­sons, invoic­ing and cor­re­spon­dence address­es, cus­tomer feed­back, ter­mi­na­tion notices, dis­putes, etc.).
  • Data that is iden­ti­fied or dis­closed dur­ing use of our Ser­vices (includ­ing any inte­grat­ed third-par­ty ser­vices) by reg­is­tered and non-reg­is­tered Users. This includes, inter alia, the IP and MAC address or device ID of the device used, cook­ies, pages accessed by users and search terms entered, inputs into dia­log box­es, reser­va­tions, eval­u­a­tions, time and length of vis­its, clicks, reac­tions to offers from localsearch and third par­ties referring/​exit URL, infor­ma­tion on the time of use, the brows­er and device type, as well as the oper­at­ing sys­tem used and the inter­net ser­vice provider, trans­ferred data vol­ume. This also includes Data that is pub­lished or dis­closed through these Ser­vices (e.g., pic­tures, texts, com­ments, eval­u­a­tions, videos, etc.). We can merge Per­son­al Data from one of our Ser­vices with Data from anoth­er Service.
  • Data that is exchanged in con­tact with Us (e.g., com­mu­ni­ca­tion by let­ter, tele­phone, fax, e‑mail, text and pho­to mes­sages (SMS/​MMS), video mes­sages or instant mes­sag­ing, voice, reac­tions to com­mu­ni­ca­tion and offers from localsearch, pre­ferred com­mu­ni­ca­tion chan­nels, etc.).
  • Data that is dis­closed when par­tic­i­pat­ing in lot­ter­ies, sur­veys and the like.
  • Cer­tain Ser­vices (e.g., search.ch, local.ch and localcities.ch) can col­lect and store loca­tion-relat­ed data if the geo- loca­tion func­tion of the device used is activated.
  • Data pro­vid­ed to us by oth­er group com­pa­nies and third par­ties with whom we main­tain busi­ness rela­tion­ships (e.g. direc­to­ry data, which may include names, address­es, con­tact details, job titles, etc., address data­bas­es, changes of data­base entries, data regard­ing cred­it­wor­thi­ness, details of inter­nal com­pa­ny con­tacts and clas­si­fi­ca­tion cri­te­ria, such as house­hold size).
  • Data from pub­lic sources (e.g., Com­mer­cial Reg­is­ter entries, oth­er pub­lic list­ings, etc.).

 

The Data list­ed above does not con­sti­tute Per­son­al Data in every case. We are gen­er­al­ly not able to match Data that accrues dur­ing use of Our Ser­vices with­out reg­is­tra­tion (e.g., through a User account) to any indi­vid­ual per­son spec­i­fied by name. How­ev­er, this may be pos­si­ble in indi­vid­ual cas­es in com­bi­na­tion with oth­er Data.

In some cir­cum­stances, you will have to pro­vide spe­cif­ic Per­son­al Data in order to use Our Ser­vices, when this Data is nec­es­sary or required by law for com­menc­ing and han­dling the con­trac­tu­al rela­tion­ship and per­for­mance of the relat­ed con­trac­tu­al oblig­a­tions. Lack­ing this Per­son­al Data, We will gen­er­al­ly not be in a posi­tion to con­clude the con­tract and per­form it, or to pro­vide a spe­cif­ic Ser­vice. Log­ging access to our dig­i­tal ser­vices and the relat­ed col­lec­tion of con­nec­tion data (such as the IP address, for instance) is also nec­es­sary; it occurs auto­mat­i­cal­ly dur­ing use and can­not be turned off for indi­vid­ual Users. There­fore, if you do not agree with the col­lec­tion of such Data, you should refrain from using Our Services.

4. Pro­cess­ing pur­pos­es and legal bases

We will process Per­son­al Data par­tic­u­lar­ly for the fol­low­ing pur­pos­es, to the extent per­mit­ted by applic­a­ble law:

  • Com­menc­ing, con­clud­ing, per­form­ing, and pro­cess­ing contracts;
  • Offer­ing, enhanc­ing, and improv­ing our Ser­vices, devel­op­ing new Ser­vices, oper­at­ing, main­tain­ing, opti­miz­ing, and ensur­ing the secu­ri­ty of our Ser­vices and infrastructure.
  • Man­ag­ing the Users of our Ser­vices, check­ing iden­ti­ties, and oth­er authentications;
  • Main­tain­ing, man­ag­ing, and devel­op­ing our cus­tomer rela­tion­ships, com­mu­ni­cat­ing with cus­tomers and third par­ties, cus­tomer ser­vice and sup­port, pro­mo­tions, adver­tis­ing and mar­ket­ing, cre­at­ing user pro­files, offer­ing cus­tomized Ser­vices and rel­e­vant content;
  • Main­tain­ing and pub­lish­ing direc­to­ries (in print­ed form, on data car­ri­ers, and/​or on the Inter­net), main­tain­ing, com­par­ing, query­ing and updat­ing data­bas­es includ­ing cen­tral address and con­tact data direc­to­ries of Ours and of com­pa­nies with which We main­tain a con­trac­tu­al relationship;
  • Pro­tect­ing Users, our employ­ees, and third par­ties, as well as pro­tect­ing our Data, secrets, and assets, the secu­ri­ty of our sys­tems build­ings, and oth­er infrastructure;
  • Qual­i­ty con­trol, mar­ket research, prepar­ing sta­tis­tics, reports, and man­age­ment infor­ma­tion, man­age­ment and devel­op­ment of the com­pa­ny, our offer­ings, and our activ­i­ties, acqui­si­tion and sale of busi­ness units, com­pa­nies, and por­tions thereof;
  • Com­ply­ing with legal and reg­u­la­to­ry oblig­a­tions and inter­nal rules, law enforce­ment, civ­il, admin­is­tra­tive, and crim­i­nal pro­ceed­ings, com­plaints, fight­ing abuse, inves­ti­ga­tions and answer­ing inquiries from gov­ern­ment agencies.

 

In addi­tion, We can also process Per­son­al Data for addi­tion­al pur­pos­es inso­far as a legal oblig­a­tion requires the Pro­cess­ing or We pro­vide infor­ma­tion about it else­where or the Pro­cess­ing was obvi­ous from the cir­cum­stances at the time the Data was collected.

We use the Per­son­al Data for the pur­pos­es list­ed above based on the fol­low­ing legal foun­da­tions inso­far as any such is required under applic­a­ble data pro­tec­tion law:

  • Ful­fil­ment of con­trac­tu­al obligations;
  • Ful­fil­ment of legal obligations;
  • Con­sent grant­ed to Us or to third parties;
  • Legit­i­mate inter­ests of Us and of third par­ties, particularly: 
    • Offer­ing and pro­vid­ing Services;
    • Adver­tis­ing and marketing;
    • Main­tain­ing con­tact and com­mu­ni­ca­tion with Users and third parties;
    • Under­stand­ing User behav­iours, pref­er­ences, and require­ments, mar­ket studies;
    • Enhanc­ing and improv­ing our Ser­vices, devel­op­ing new Services;
    • User admin­is­tra­tion, ID checks, authentications;
    • Pro­tect­ing Users, our employ­ees, and third par­ties, our Data, secrets, infra­struc­ture, and assets;
    • Main­te­nance and secure, effi­cient and effec­tive organ­i­sa­tion of busi­ness oper­a­tions includ­ing secure, effi­cient and effec­tive oper­a­tions and the suc­cess­ful devel­op­ment of the dig­i­tal ser­vices and oth­er IT sys­tems, error correction;
    • Rea­son­able gov­er­nance and devel­op­ment, suc­cess­ful sale or acqui­si­tion of busi­ness units, com­pa­nies or parts of com­pa­nies and oth­er cor­po­rate transactions;
    • Com­ply­ing with legal and reg­u­la­to­ry oblig­a­tions and inter­nal rules, law enforce­ment, civ­il, admin­is­tra­tive, and crim­i­nal pro­ceed­ings, com­plaints, fight­ing abuse, inves­ti­ga­tions and answer­ing inquiries from gov­ern­ment agencies.
5. Pub­li­ca­tion and dis­clo­sure of Data

We can pub­lish and dis­close Data as follows:

Pub­li­ca­tion of Data

Cer­tain of our Ser­vices pro­vide for pub­li­ca­tion of Data. Pub­lished Data can gen­er­al­ly be accessed any­where, also out­side of Switzer­land. For exam­ple, the pub­lished direc­to­ry Data is pub­licly avail­able (e.g., at local.ch, search.ch, localcities.ch, anbieter-vergleich.ch, renovero.ch, in print edi­tions of direc­to­ries, etc.). Data pub­lished using cor­re­spond­ing func­tions of our Ser­vices (e.g., posts, pic­tures, texts, videos com­ments, eval­u­a­tions, etc.) may also be acces­si­ble to the pub­lic. This applies like­wise to the user names used for those pur­pos­es. We or third par­ties can also pub­lish pub­lished Data on oth­er plat­forms and in oth­er media (for instance, print media), in adapt­ed form as nec­es­sary. Data that is pub­lished via our Ser­vices may pos­si­bly also be indexed by search machines (such as Google) or processed by third par­ties on whom we have no influ­ence; in this way, such Data may con­tin­ue to be pub­licly avail­able in every coun­try on Earth, even after this Data may have been delet­ed from our system.

Data proces­sors

We can com­mis­sion third par­ties to pro­vide spe­cif­ic ser­vices (e.g., in the areas of IT, oper­a­tion of infra­struc­ture, ser­vices and appli­ca­tions, sup­port, admin­is­tra­tion print­ing, ship­ping, etc.) and to process (e.g. store) Data (known as «data proces­sors»). Data proces­sors may have access to Per­son­al Data and process them on Our behalf. We oblig­ate the data proces­sors to com­ply with data pro­tec­tion law and only to process Data in the way that We do it Our­selves. Data proces­sors that may receive Per­son­al Data may be locat­ed in any coun­try, par­tic­u­lar­ly in Switzer­land, in EU and EEA coun­tries, and in the US.

Con­tract partners

We can dis­close Data to con­tract part­ners (for exam­ple, sales part­ners, ser­vice providers, cus­tomers, sup­pli­ers, finan­cial com­pa­nies etc.). This occurs, for instance, to ful­fil con­trac­tu­al oblig­a­tions, to offer spe­cif­ic Ser­vices, to com­pare, val­i­date, and update data­bas­es (includ­ing cen­tral address and con­tact data direc­to­ries of Ours and of our con­tract part­ners), for debt col­lec­tion and mar­ket­ing pur­pos­es, to analyse the use and oper­a­tion of our Ser­vices, sys­tems, and infra­struc­ture, for pay­ment pro­cess­ing and fac­tor­ing. Pos­si­ble recip­i­ents can also be pur­chasers or per­sons inter­est­ed in acquir­ing busi­ness units, com­pa­nies, or por­tions there­of. Con­tract part­ners may receive access to Per­son­al Data and process it for their own pur­pos­es (for instance, to per­form a con­tract or to per­form their own legal oblig­a­tions). In this con­text, they them­selves are oblig­at­ed to com­ply with applic­a­ble data pro­tec­tion laws. Con­tract part­ners that may receive Per­son­al Data may be locat­ed in any coun­try, par­tic­u­lar­ly in Switzer­land, in EU and EEA coun­tries, and in the US.

Dis­clo­sure to gov­ern­ment agen­cies or courts and oth­er dis­clo­sure on legal grounds

In cer­tain sit­u­a­tions, We may dis­close Data to gov­ern­ment agen­cies, courts, and oth­er third par­ties (e.g., in con­nec­tion with inquiries from gov­ern­ment agen­cies or courts, inves­ti­ga­tions and clar­i­fi­ca­tions, admin­is­tra­tive and crim­i­nal inves­ti­ga­tions, as well as civ­il and crim­i­nal pro­ceed­ings). We do this in cas­es where We are called on to do so by gov­ern­ment agen­cies or courts, or are oblig­at­ed accord­ing to Our assess­ment, or where We can assume in good faith that the access to the rel­e­vant Data or its use, stor­age, or dis­clo­sure is rea­son­ably nec­es­sary in order to enforce applic­a­ble terms of use, to dis­cov­er, pre­vent, or fight offences or secu­ri­ty flaws, or to pro­tect the rights and prop­er­ty of localsearch.

Trans­fer to a coun­try with­out ade­quate lev­els of data protection

If Data that is not oth­er­wise pub­lic is trans­ferred to a coun­try with­out rea­son­able data pro­tec­tion pro­vi­sions, We will ensure suit­able data pro­tec­tion by deploy­ing ade­quate con­trac­tu­al guar­an­tees on the basis of EU stan­dard con­tract claus­es, bind­ing cor­po­rate rules, or based on the excep­tion of con­sent, of con­tract pro­cess­ing, of the deter­mi­na­tion, asser­tion or enforce­ment of legal claims, o over­rid­ing pub­lic inter­ests, or because the trans­fer is nec­es­sary to pro­tect the phys­i­cal integri­ty of a data sub­ject. In the event applic­a­ble data pro­tec­tion law con­tains pro­vi­sions to this effect, you may obtain a copy of the con­trac­tu­al war­ranties from us in respect of your Per­son­al Data. We reserve the right to redact such copies for rea­sons of data pro­tec­tion or for rea­sons of secrecy.

6. Reten­tion period

We store Per­son­al Data as long as this is nec­es­sary for the pur­pose for which We have col­lect­ed them. Spe­cif­ic Per­son­al Data is also sub­ject to legal­ly bind­ing reten­tion oblig­a­tions of ten or more years. We can also store Per­son­al Data for at least the term of the applic­a­ble lim­i­ta­tion peri­ods, which in many cas­es are five or ten years. We gen­er­al­ly delete Per­son­al Data that accrues in con­nec­tion with the use of our Ser­vices (e.g., records, logs, analy­ses, etc.) and that is not sub­ject to any such reten­tion or lim­i­ta­tion peri­ods ear­li­er, as soon as We no longer have any inter­est in the Pro­cess­ing. Data can also be retained for a longer peri­od in each case in anonymized form. Sub­ject to any express con­trac­tu­al agree­ment, We are not oblig­at­ed to you to retain Data for any par­tic­u­lar peri­od of time.

7. Cook­ies, web analy­sis and track­ing tools, and oth­er technologies

We use var­i­ous com­mon tech­nolo­gies in order to col­lect, store, and analyse Data when You use Our Ser­vices. You will find more details in the Cook­ie pol­i­cy of the respec­tive Service.

8. Social media plu­g­ins and inte­gra­tion of third-par­ty services

We inte­grate plu­g­ins from social net­works (e.g., Face­book, Twit­ter) into our Ser­vices. These plu­g­ins make it eas­i­er to share con­tent on these platforms.

When vis­it­ing Our Ser­vices that con­tain such plu­g­ins, a con­nec­tion to the serv­er of the cor­re­spond­ing provider can be estab­lished auto­mat­i­cal­ly. In this case, cer­tain Data (such as, for instance, the time of vis­it­ing the Ser­vice, brows­er type, IP address) is col­lect­ed and stored by the provider. If you have a user account at one of these providers, that provider can assign this infor­ma­tion to your pro­file. If you addi­tion­al­ly inter­act with these plu­g­ins (e.g., by click­ing on the «Like» but­ton or by mak­ing a com­ment), this infor­ma­tion is also trans­mit­ted to this provider, stored there, and pos­si­bly pub­lished. When using a social login ser­vice (e.g. Face­book Con­nect), the provider can trans­mit Per­son­al Data to Us, such as name, e‑mail address, and pro­file pic­ture, which are stored at that provider about you.

In addi­tion, We inte­grate ser­vices from third par­ties into Our Ser­vices, which make it pos­si­ble for you to inter­act with cus­tomers and oth­er Users of localsearch as well as third par­ties (as, for exam­ple, mak­ing a reser­va­tion using a book­ing ser­vice or pro­vid­ing eval­u­a­tions and com­ments). To this end, the Data pro­vid­ed will be for­ward­ed to these third par­ties or processed direct­ly by them for the pur­pose of pro­cess­ing and pro­vid­ing the ser­vice in question.

Please note that the terms of use and data pro­tec­tion pro­vi­sions of these third par­ties apply to the data pro­cess­ing by these third parties.

9. Rights of data subjects

Each data sub­ject has a right to access his or her Per­son­al Data. In addi­tion, the data sub­ject has the right to require Us to cor­rect or delete Per­son­al Data relat­ing to them and to lim­it such pro­cess­ing of Per­son­al Data or object to it. If the pro­cess­ing of Per­son­al Data is based on con­sent, the data sub­ject is enti­tled to revoke his or her con­sent at any time. Fur­ther­more, the data sub­ject has the right in cer­tain cas­es to receive the Data gen­er­at­ed dur­ing the use of online ser­vices in a struc­tured, com­mon­ly used and machine- read­able for­mat that per­mits fur­ther use and transmission.

Exer­cise of these rights gen­er­al­ly pre­sumes that the data sub­ject can unequiv­o­cal­ly prove his or her identity.

Please click here to exer­cise your rights.

We reserve the right to restrict the rights of the data sub­ject with­in the lim­its laid down by applic­a­ble law, for instance, to only pro­vide lim­it­ed infor­ma­tion, to refrain from delet­ing Data or to only par­tial­ly delete Data. In addi­tion, please note that dele­tion of your Per­son­al Data may mean that Ser­vices may no longer be avail­able or can no longer be used in whole or in part.

If We auto­mat­i­cal­ly make a deci­sion affect­ing an indi­vid­ual that has legal effects vis-à-vis the data sub­ject or con­sid­er­ably impairs this per­son in a sim­i­lar way, the data sub­ject can speak with a respon­si­ble per­son at Our offices and demand recon sider­a­tion of the deci­sion from that per­son, or demand an eval­u­a­tion by a per­son from the start, inso­far as applic­a­ble law per­mits such an action. In this case, the data sub­ject may in some cir­cum­stances no longer be able to use cer­tain auto­mat­ed ser­vices. The data sub­ject will be informed of such deci­sions separately.

Each data sub­ject has the right to make a com­plaint to the respon­si­ble data pro­tec­tion author­i­ty. If the data con­troller is based in Switzer­land, the rel­e­vant author­i­ty is the Fed­er­al Data Pro­tec­tion and Infor­ma­tion Com­mis­sion­er (www.edoeb.admin.ch).