Privacy statement
OF SWISSCOM DIRECTORIES LTD
In this Privacy Statement, Swisscom Directories Ltd (hereinafter «We» or «localsearch») informs you, among other things, about who is responsible for processing your Data, what Data we collect in connection with your visit to our websites and the use of our services, offers and products (hereinafter «Services»), for what purposes we process this Data and to whom we may disclose this Data in some cases. In addition, We inform you about the length of processing your Data, the legal basis for the processing (insofar as any such basis should be necessary), as well as about what rights you are entitled to in relation to Us with regard to the processing of your Data. This Privacy Statement applies to all of your Data that We already have in our possession or that We will have in the future. Please note that We can amend the Privacy Statement from time to time. The most recent version, as published on www.localsearch.ch, shall be applicable.
«Personal Data» is deemed to be all information that relates to a specific or specifiable person. This particularly includes information such as name, address, telephone number, e‑mail address, and in some circumstances also IP addresses and device IDs. In the present Privacy Statement, the generic term «Data» also includes non-person-related data and anonymised data along with Personal Data. «Processing» or «process» is understood to mean any handling of Data, regardless of the means and processes used, particularly collecting, storing, using, reworking, publishing, archiving, or deleting Data.
If you provide Us with the Personal Data of other individuals, please ensure that these persons are aware of this Privacy Statement, and only notify us of their Personal Data if you are entitled to do so pursuant to applicable data protection law.
Swisscom Directories Ltd, Förrlibuckstrasse 62, 8005 Zurich, Switzerland, is the Controller for the Data Processing pursuant to this Privacy Statement. For any concerns and questions in connection with data protection, please contact us at dataprivacy@localsearch.ch. As an additional point of contact in the EU, our data protection representative is available to you and the supervisory authorities. Our data protection representative can be contacted by mail to VGS Datenschutzpartner UG, Am Kaiserkai 69, 20457 Hamburg, Germany or by e‑mail to info@datenschutzpartner.eu.
We collect specific Data when you use our Services and are in contact with localsearch (e.g., when visiting our websites, using one of our mobile apps or another of our digital services, making a contract, registering, and logging into your user account, or when in contact with our employees). We fundamentally collect this Data directly from you. In specific cases, it may occur that We receive Data from other persons (e.g., if a third party provides a rating or a comment that relates to you through one of our Services, if your employer provides Us with your contact information, or if a company with which you maintain a contractual relationship forwards your Data to Us). We may also obtain Data from third parties or from public sources.
The Personal Data that We process may include the following Data:
- Data that was provided to Us at registration for one of our Services (e.g., name, contact data, sex, marital status, date of birth, profession, photo, dependents, employees, language, payment information, access data, interests, information on advertising, opt-ins and opt-outs, etc.).
- Data relating to offers and concluded contracts (e.g., contract date, type, content, product, parties, term, value, and amendments payment details, contact data, contact persons, invoicing and correspondence addresses, customer feedback, termination notices, disputes, etc.).
- Data that is identified or disclosed during use of our Services (including any integrated third-party services) by registered and non-registered Users. This includes, inter alia, the IP and MAC address or device ID of the device used, cookies, pages accessed by users and search terms entered, inputs into dialog boxes, reservations, evaluations, time and length of visits, clicks, reactions to offers from localsearch and third parties referring/exit URL, information on the time of use, the browser and device type, as well as the operating system used and the internet service provider, transferred data volume. This also includes Data that is published or disclosed through these Services (e.g., pictures, texts, comments, evaluations, videos, etc.). We can merge Personal Data from one of our Services with Data from another Service.
- Data that is exchanged in contact with Us (e.g., communication by letter, telephone, fax, e‑mail, text and photo messages (SMS/MMS), video messages or instant messaging, voice, reactions to communication and offers from localsearch, preferred communication channels, etc.).
- Data that is disclosed when participating in lotteries, surveys and the like.
- Certain Services (e.g., search.ch, local.ch and localcities.ch) can collect and store location-related data if the geo- location function of the device used is activated.
- Data provided to us by other group companies and third parties with whom we maintain business relationships (e.g. directory data, which may include names, addresses, contact details, job titles, etc., address databases, changes of database entries, data regarding creditworthiness, details of internal company contacts and classification criteria, such as household size).
- Data from public sources (e.g., Commercial Register entries, other public listings, etc.).
The Data listed above does not constitute Personal Data in every case. We are generally not able to match Data that accrues during use of Our Services without registration (e.g., through a User account) to any individual person specified by name. However, this may be possible in individual cases in combination with other Data.
In some circumstances, you will have to provide specific Personal Data in order to use Our Services, when this Data is necessary or required by law for commencing and handling the contractual relationship and performance of the related contractual obligations. Lacking this Personal Data, We will generally not be in a position to conclude the contract and perform it, or to provide a specific Service. Logging access to our digital services and the related collection of connection data (such as the IP address, for instance) is also necessary; it occurs automatically during use and cannot be turned off for individual Users. Therefore, if you do not agree with the collection of such Data, you should refrain from using Our Services.
We will process Personal Data particularly for the following purposes, to the extent permitted by applicable law:
- Commencing, concluding, performing, and processing contracts;
- Offering, enhancing, and improving our Services, developing new Services, operating, maintaining, optimizing, and ensuring the security of our Services and infrastructure.
- Managing the Users of our Services, checking identities, and other authentications;
- Maintaining, managing, and developing our customer relationships, communicating with customers and third parties, customer service and support, promotions, advertising and marketing, creating user profiles, offering customized Services and relevant content;
- Maintaining and publishing directories (in printed form, on data carriers, and/or on the Internet), maintaining, comparing, querying and updating databases including central address and contact data directories of Ours and of companies with which We maintain a contractual relationship;
- Protecting Users, our employees, and third parties, as well as protecting our Data, secrets, and assets, the security of our systems buildings, and other infrastructure;
- Quality control, market research, preparing statistics, reports, and management information, management and development of the company, our offerings, and our activities, acquisition and sale of business units, companies, and portions thereof;
- Complying with legal and regulatory obligations and internal rules, law enforcement, civil, administrative, and criminal proceedings, complaints, fighting abuse, investigations and answering inquiries from government agencies.
In addition, We can also process Personal Data for additional purposes insofar as a legal obligation requires the Processing or We provide information about it elsewhere or the Processing was obvious from the circumstances at the time the Data was collected.
We use the Personal Data for the purposes listed above based on the following legal foundations insofar as any such is required under applicable data protection law:
- Fulfilment of contractual obligations;
- Fulfilment of legal obligations;
- Consent granted to Us or to third parties;
- Legitimate interests of Us and of third parties, particularly:
- Offering and providing Services;
- Advertising and marketing;
- Maintaining contact and communication with Users and third parties;
- Understanding User behaviours, preferences, and requirements, market studies;
- Enhancing and improving our Services, developing new Services;
- User administration, ID checks, authentications;
- Protecting Users, our employees, and third parties, our Data, secrets, infrastructure, and assets;
- Maintenance and secure, efficient and effective organisation of business operations including secure, efficient and effective operations and the successful development of the digital services and other IT systems, error correction;
- Reasonable governance and development, successful sale or acquisition of business units, companies or parts of companies and other corporate transactions;
- Complying with legal and regulatory obligations and internal rules, law enforcement, civil, administrative, and criminal proceedings, complaints, fighting abuse, investigations and answering inquiries from government agencies.
We can publish and disclose Data as follows:
Publication of Data
Certain of our Services provide for publication of Data. Published Data can generally be accessed anywhere, also outside of Switzerland. For example, the published directory Data is publicly available (e.g., at local.ch, search.ch, localcities.ch, anbieter-vergleich.ch, renovero.ch, in print editions of directories, etc.). Data published using corresponding functions of our Services (e.g., posts, pictures, texts, videos comments, evaluations, etc.) may also be accessible to the public. This applies likewise to the user names used for those purposes. We or third parties can also publish published Data on other platforms and in other media (for instance, print media), in adapted form as necessary. Data that is published via our Services may possibly also be indexed by search machines (such as Google) or processed by third parties on whom we have no influence; in this way, such Data may continue to be publicly available in every country on Earth, even after this Data may have been deleted from our system.
Data processors
We can commission third parties to provide specific services (e.g., in the areas of IT, operation of infrastructure, services and applications, support, administration printing, shipping, etc.) and to process (e.g. store) Data (known as «data processors»). Data processors may have access to Personal Data and process them on Our behalf. We obligate the data processors to comply with data protection law and only to process Data in the way that We do it Ourselves. Data processors that may receive Personal Data may be located in any country, particularly in Switzerland, in EU and EEA countries, and in the US.
Contract partners
We can disclose Data to contract partners (for example, sales partners, service providers, customers, suppliers, financial companies etc.). This occurs, for instance, to fulfil contractual obligations, to offer specific Services, to compare, validate, and update databases (including central address and contact data directories of Ours and of our contract partners), for debt collection and marketing purposes, to analyse the use and operation of our Services, systems, and infrastructure, for payment processing and factoring. Possible recipients can also be purchasers or persons interested in acquiring business units, companies, or portions thereof. Contract partners may receive access to Personal Data and process it for their own purposes (for instance, to perform a contract or to perform their own legal obligations). In this context, they themselves are obligated to comply with applicable data protection laws. Contract partners that may receive Personal Data may be located in any country, particularly in Switzerland, in EU and EEA countries, and in the US.
Disclosure to government agencies or courts and other disclosure on legal grounds
In certain situations, We may disclose Data to government agencies, courts, and other third parties (e.g., in connection with inquiries from government agencies or courts, investigations and clarifications, administrative and criminal investigations, as well as civil and criminal proceedings). We do this in cases where We are called on to do so by government agencies or courts, or are obligated according to Our assessment, or where We can assume in good faith that the access to the relevant Data or its use, storage, or disclosure is reasonably necessary in order to enforce applicable terms of use, to discover, prevent, or fight offences or security flaws, or to protect the rights and property of localsearch.
Transfer to a country without adequate levels of data protection
If Data that is not otherwise public is transferred to a country without reasonable data protection provisions, We will ensure suitable data protection by deploying adequate contractual guarantees on the basis of EU standard contract clauses, binding corporate rules, or based on the exception of consent, of contract processing, of the determination, assertion or enforcement of legal claims, o overriding public interests, or because the transfer is necessary to protect the physical integrity of a data subject. In the event applicable data protection law contains provisions to this effect, you may obtain a copy of the contractual warranties from us in respect of your Personal Data. We reserve the right to redact such copies for reasons of data protection or for reasons of secrecy.
We store Personal Data as long as this is necessary for the purpose for which We have collected them. Specific Personal Data is also subject to legally binding retention obligations of ten or more years. We can also store Personal Data for at least the term of the applicable limitation periods, which in many cases are five or ten years. We generally delete Personal Data that accrues in connection with the use of our Services (e.g., records, logs, analyses, etc.) and that is not subject to any such retention or limitation periods earlier, as soon as We no longer have any interest in the Processing. Data can also be retained for a longer period in each case in anonymized form. Subject to any express contractual agreement, We are not obligated to you to retain Data for any particular period of time.
7. Cookies, web analysis and tracking tools, and other technologies
We use various common technologies in order to collect, store, and analyse Data when You use Our Services. You will find more details in the Cookie policy of the respective Service.
We integrate plugins from social networks (e.g., Facebook, Twitter) into our Services. These plugins make it easier to share content on these platforms.
When visiting Our Services that contain such plugins, a connection to the server of the corresponding provider can be established automatically. In this case, certain Data (such as, for instance, the time of visiting the Service, browser type, IP address) is collected and stored by the provider. If you have a user account at one of these providers, that provider can assign this information to your profile. If you additionally interact with these plugins (e.g., by clicking on the «Like» button or by making a comment), this information is also transmitted to this provider, stored there, and possibly published. When using a social login service (e.g. Facebook Connect), the provider can transmit Personal Data to Us, such as name, e‑mail address, and profile picture, which are stored at that provider about you.
In addition, We integrate services from third parties into Our Services, which make it possible for you to interact with customers and other Users of localsearch as well as third parties (as, for example, making a reservation using a booking service or providing evaluations and comments). To this end, the Data provided will be forwarded to these third parties or processed directly by them for the purpose of processing and providing the service in question.
Please note that the terms of use and data protection provisions of these third parties apply to the data processing by these third parties.
Each data subject has a right to access his or her Personal Data. In addition, the data subject has the right to require Us to correct or delete Personal Data relating to them and to limit such processing of Personal Data or object to it. If the processing of Personal Data is based on consent, the data subject is entitled to revoke his or her consent at any time. Furthermore, the data subject has the right in certain cases to receive the Data generated during the use of online services in a structured, commonly used and machine- readable format that permits further use and transmission.
Exercise of these rights generally presumes that the data subject can unequivocally prove his or her identity.
Please click here to exercise your rights.
We reserve the right to restrict the rights of the data subject within the limits laid down by applicable law, for instance, to only provide limited information, to refrain from deleting Data or to only partially delete Data. In addition, please note that deletion of your Personal Data may mean that Services may no longer be available or can no longer be used in whole or in part.
If We automatically make a decision affecting an individual that has legal effects vis-à-vis the data subject or considerably impairs this person in a similar way, the data subject can speak with a responsible person at Our offices and demand recon sideration of the decision from that person, or demand an evaluation by a person from the start, insofar as applicable law permits such an action. In this case, the data subject may in some circumstances no longer be able to use certain automated services. The data subject will be informed of such decisions separately.
Each data subject has the right to make a complaint to the responsible data protection authority. If the data controller is based in Switzerland, the relevant authority is the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch).
