Corris

Privacy policy

List of contents

  1. What is the purpose of this privacy policy?
  2. Who is responsible for the processing of your data?
  3. What data do we process?
  4. What are the sources of the data?
  5. For what purposes will we process your data?
  6. On what legal basis do we process your data?
  7. What happens in the case of profiling?
  8. To whom will we disclose your data?
  9. Will your data be transmitted outside Switzerland?
  10. For how long will we process your data?
  11. How will we protect your data?
  12. What rights do you have?
  13. Do we employ online tracking, online marketing techniques and similar techniques?
    1. What are cookies and similar technical features?
    2. What types of cookies and similar technologies do we use?
  14. What data do we process on our social network pages?
  15. Use of messenger platforms
  16. What about fundraising?
  17. Can this privacy policy be modified?

 

1. What is the purpose of this privacy policy?

Corris AG, Zürich (in the following “Corris”; also “we” and “us”) collects and processes personal data relating to you and also other persons (so-called “third parties”). In the following, the term “data” is used as a synonym for “personal data” and “data related to a specific person”. “Personal data” means any information relating to an identified or identifiable natural person, while “processing” means any handling of personal data; for example the collection, storage, use, modification, disclosure and deletion of data.

We describe in this privacy policy what we do with the data you provide when you use www.corris.ch, www.thejob.ch or other of our websites or apps (in the following covered by the term “website”) or purchase or use our services or products, communicate with us in connection with the conclusion of contracts, are otherwise involved with us or are among our shareholders/investors. In addition, we may inform you separately about the processing of your data (for example, in forms, contractual conditions or supplementary privacy policy statements).

If you disclose information to us about other persons (such as members of your family or your work colleagues), we will assume that you have been authorised to do so and that the information you provide is accurate. You herewith confirm that this will be the case should you disclose information about third parties. Please also ensure that any such third parties are informed about this privacy policy.

This privacy policy is based on the provisions of the Swiss Federal Act on Data Protection (“FADP”) and the corresponding provisions and requirements of the EU General Data Protection Regulation (“GDPR”). However, if and to what extent these regulations apply is determined by the individual circumstances.

 

2. Who is responsible for the processing of your data?

Under data protection legislation, responsible for the data processing specified in this privacy policy (the data “controller”) is “Corris” unless otherwise specified in particular individual circumstances (see also, for example, section 16).
If you have any queries relating to data protection or should you wish to exercise any of your corresponding rights, you can contact us as below:

Corris AG
Hardturmstrasse 261
8005 Zürich/Switzerland
+41 44 563 88 88
info@corris.com

We have also appointed the following additional contact:

Data protection representative in the EU in accordance with Art. 27 GDPR:

Swiss Infosec (Deutschland) GmbH
Data protection representative
Unter den Linden 24
10117 Berlin/Germany
corris.dataprivacy@swissinfosec.de

You can also contact the above in connection with any data protection-related matters.

 

3. What data do we process?

We process various categories of your personal data. The main categories are as follows:

  • Master data: Master data consists of basic details (such as names and contact data), other information about you (such as roles and functions) and your relationship with us (e.g. as a customer, supplier, visitor, service recipient or employee of any of these), bank account details, date of birth, photographic images, copies of ID documents, customer history, any assigned authorisations, signature authorisations and declarations of consent together with information about third parties (such as contact persons and agents). This may also include information about your state of health.
  • Registration data: This is information we obtain or you provide to us during a registration process (either online or through an app); this information can include user names, e-mail addresses and passwords but can also be information provided in connection with competitions and access data provided as part of access controls.
  • Contractual data: This is information relating to the conclusion of a contract with us or the provision of our services, such as information on the form of the contract, the date of contract conclusion, the term of the contract and the contractual obligations, information collected during the run-up to contract conclusion, information required for the completion of necessary or specified details (e.g. information on invoicing or customer services), information on feedback (e.g. in the form of complaints or responses specifying dissatisfaction) and financial information (e.g. information on solvency/creditworthiness, on payment overdue notifications and debt collection).
  • Communication data: This is information relating to communications between us and third parties (e.g. information provided in contact forms, by e-mail, telephone, letter, SMS, through chat sites or other means of communication), and can include the content of e-mails or letters, your contact data and other peripheral data indirectly involved with communication, such as a copy of an ID document. This also includes image and audio recordings of (video) calls.
  • Technical data: This is information relating to the use of our electronic services (e.g. website, apps, free WLAN), such as your IP address and information on the operating system of your terminal device, together with the location and time of access. It is generally not possible to draw inferences as to your identity on the basis of technical data alone. However, if this is combined with other data categories (such as registration data), it may be possible to link this with your person.
  • Applicant data: This is information that we process in connection with an application for employment with us and that is also provided in your application documents (e.g. master data, professional background, training and qualifications, references, language skills, date of birth, nationality, residence permit and, where appropriate, religious denomination if you communicate this to us), together with information collected during a job interview or during one of our workshops. Please note that we record information during an application procedure. We may also obtain information from publicly accessible sources, such as vocational social networks, the internet or media.
  • Behavioural and preference data: This is information on your behaviour and your preferences, e.g. on the way you respond to electronic messages, your navigation on our website, your interaction with our social media profiles, your participation in our competitions or events etc., together with information available from third parties (including publicly accessible sources). In connection with tracking, please see section 13.
  • Other data: This can include the following information and data: information relating to official or legal procedures (e.g. files, evidence), information collected in connection with disease control measures (e.g. should quarantine requirements be implemented), photos, videos and audio recordings prepared by us or provided to us by third parties and in which you can be identified (e.g. recorded during events or by security cameras), access data and information on access rights (e.g. according to the visitors’ list, when you enter specific buildings or what access rights you have been assigned), your participation in events or campaigns (e.g. competitions and gatherings), together with information on when you use our infrastructure and systems. Also included is information relating to your status should you be one of our shareholders or investors (e.g. information required for various registers, for the exercise of your rights and the execution of various events, such as annual general meetings).

 

4. What are the sources of the data?

  • You personally: Much of the information specified in section 3 will be provided by you yourself (e.g. when communicating with us in connection with an application for employment, the conclusion of a contact or the hiring of our services and through the use of our website or other of our services). Please note that you are not obligated to provide your data except in certain circumstances (e.g. where there is a legal requirement to confirm your identity or should disease control measures make this necessary). However, if you submit an application for employment with us, conclude contracts with us or take advantage of our services (for your own benefit or on behalf of your employer or principal), you will be required to provide us with certain information (such as master data, contractual data and registration data). The processing of technical data is unavoidable when our website and apps are used. Should you wish to obtain access authorisation for certain systems or buildings, it may be necessary for you to provide us with registration data. If you apply to be employed by us, we will specifically require, in addition to master data, information on your qualifications and language skills. In the case of behavioural and preference data, you essentially have the right to object to or refuse consent for the use of this.
  • Third parties: In as far as this is permissible, we have the right to obtain information from publicly accessible sources (such as debt collection registers, land registers, trade registers, media and the internet, including online social media) and can receive information from public authorities and other third parties (e.g. placement services, credit agencies, contractual partners, internet analysis services, Directories Multisource). This includes, in particular, information in the following categories: master data, contractual data and other data, but also in all the other categories listed in section 3, together with information derived from correspondence or contact with third parties. If you are acting on behalf of an employer or principal or any other person who is in a business relationship or other form of relationship with us, these persons may also make information on you accessible to us.

 

5. For what purposes will we process your data?

If you take advantage of our services, use our website or our apps, apply for employment with us or are otherwise involved with us, we will process various categories of your personal data (see section 3). We are entitled to acquire and process this data for the following specific purposes:

  • For communication: In order to be able to communicate with you (e.g. be able to reply to queries, provide advice or conclude a contract), it will be necessary for us to process your data (in particular, communication and master data and, in connection with services used by you, registration data). If we wish to or it is necessary for us to confirm your identity, we will need to collect additional data (such as a copy of your ID document). For this purpose, we will use, in particular, communication and master data and also, in connection with products and services acquired by you, registration data.
  • For the initiation, management and negotiation of contracts: We will process the associated personal data for the purposes of contract conclusion and negotiation with our customers, suppliers, subcontractors or other parties to a contract (e.g. project partners and principals). In this connection, we will also process data required for credit checks, to initiate and manage customer relationships, for advice services, for customer care and the provision and claiming of contractual obligations (which will also involve the participation of third parties, including logistics providers, support service providers and credit agencies, which will, in their turn, be able to provide us with information). Processing will also be necessary for the claiming of legal entitlements arising in connection with contracts (debt collection, legal proceedings etc.), for accounting purposes, for the termination of contracts and for general communication. For this purpose, we will use, in particular, master data, contractual and communication data and, where necessary, the registration data of the customer or the persons supplied with a service by the customer, together with technical data (e.g. in the case of our online offerings).
  • For marketing and relationship maintenance: We will process data for marketing and relationship maintenance purposes in order, for example, to be able to address you more directly and send you content that may be of interest to you or may appeal to you. We will also process data in order to display suitable content (e.g. by means of e-mail, app or through other electronic channels) for our customers, other contractual partners and other third parties. You have the right to refuse to accept contacts in this form at any time or refuse or withdraw consent for contacts for marketing purposes by sending a corresponding notification to us (see section 2). If you provide consent, we will be able to supply you with more targeted online marketing content (see section 13). We may also employ a customer relationship management (CRM) system for the purposes of relationship maintenance in which we input data of customers (or their employees or personnel) and other business partners. It should be borne in mind that we also permit our contractual partners to contact our customers and other contractual partners for marketing purposes (see section 8). For marketing and relationship maintenance purposes, we will specifically process communication, registration, behavioural and preference data.
  • For market research, improvement of our services and activities together with product development: In order to be able to continually improve what we offer (including our website and other electronic features, such as our “Story To Go”) and react rapidly to changing circumstances, we will analyse, for example, how you navigate our website and what content is accessed by which groups of persons and how this is used, and also in what way new products and services should be designed (for more details, see section 13). This will provide us with insights into the market acceptance and the success of existing products and the market potential of new products and services. For this purpose, we will process, in particular, master data, behavioural and preference data, but also communication data and information obtained by means of customer interviews, surveys and studies together with other information, such as that available through the media, social media, online and in other publicly accessible sources. In so far as this is feasible, we will use for this purpose pseudonymised or anonymised information.
  • For registration and security and also technical and physical access controls: In order to be able to use certain of our offerings and services (such as our log-in feature or free WLAN), you will first need to register (either directly with us or with our external log-in service provider) and for this purpose we will need to process information. In addition, we will collect additional personal data about you when you use any of our offerings, services or products (e.g. our “Story To Go”). We continually review and improve the security of our IT and other infrastructure (e.g. buildings) to ensure that this is appropriate. We also process data for this reason, e.g. for the purposes of surveillance, control, analysis and tests of our networks and IT infrastructures, for system and error checks, for documentation and the preparation of security backups. Access controls include, for example, controls of access to electronic systems (e.g. log-ins to user accounts), and also physical access controls (e.g. relating to access to buildings). We also maintain access records/visitor lists and use surveillance systems (e.g. in the form of security cameras) for the purpose of security (for preventive purposes and to investigate occurrences). You will find appropriate notices are provided in the locations in which surveillance systems are in use. For this purpose, we will process, in particular, registration data (including biometric data) and technical data but also other data specified in section 3.
  • For the operation of our website: To ensure that our websites are secure, stable and user-friendly, we may also process personal data and also specifically technical data. For more information, please see section 13.
  • For compliance with laws, directives and guidelines issued by official bodies and also with internal rules: In order to ensure we comply with legal requirements, it may be necessary for us to process personal data (e.g. in order to prevent money laundering, to meet tax obligations and also to facilitate the implementation of disease control measures). In addition, it may be necessary to process data during internal and external investigations or audits (e.g. by law enforcement or regulatory authorities or when commissioned by private persons). For this purpose, we will process, in particular, master data, contractual data and communication data and also, in certain circumstances, behavioural data, technical data and data in the other data categories. Our legal obligations may mean that we need to comply with Swiss law and also regulations of other countries to which we are subject; in addition, we may need to comply with self-regulatory measures, industry standards, the provisions of our own corporate governance guidelines and official ordinances and instructions.
  • For risk management and corporate management: We may process personal data for the purposes of risk management (e.g. to protect ourselves against criminal activities) and corporate management, including that of management of our business operations (e.g. for resource planning) and corporate development (e.g. acquirement and sale of business segments or other companies). For this purpose, we will process, in particular, master data, contractual data, registration data and technical data, but also behavioural and communication data.
  • For processing job applications: If you apply to work for us, we will collect and process the corresponding data in order to review your application, to conduct the application process and, should your application prove successful, for the preparation and conclusion of the corresponding contract. If your application is refused, the information you have provided will be deleted after six months.
  • For other purposes: Other purposes include training and educational purposes, administrative purposes (e.g. the management of master data and for accounting), the need to safeguard our rights and the evaluation and improvement of internal processes. We may record telephone and video conferences for training, evidence and quality purposes and also listen in on if you consult, for example, with our “Jobinfo” service. In such cases, we will explicitly draw your attention to what we are doing (e.g. by displaying a message during the corresponding video conference); you have the option of terminating communication or of notifying us that you do not wish a recording to be made. If you only require that no image of your person is recorded, you can simply turn off your device camera. Recordings of this kind are permitted to be made and used only in accordance with our internal guidelines. Other purposes include the safeguarding of our legitimate interests, which cannot be exhaustively listed here. We will also process information relating to your status as one of our shareholders or investors (e.g. information required for various registers, for the exercise of your rights and the execution of various events, such as annual general meetings).

 

6. On what legal basis do we process your data?

Depending on the circumstances and purpose of processing, your data will be processed by us in accordance with the legal bases specified in the following:

  • Contracts: If we need to process data for the completion and management of contracts that we conclude or have concluded for or with you or your employer, principal or other person on whose behalf you are acting, this will be the legal basis on which we are permitted to process this data.
  • Statutory obligations: We are also permitted to process your data on the basis of applicable laws and regulatory requirements with which we are obligated to comply.
  • Legitimate interests: We are entitled to process your data in order to safeguard our legitimate interests or the legitimate interests of a third party. This applies in particular to the attainment of the purposes and aims specified in section 5 and the implementation of the corresponding measures. We also have a legitimate (and overriding) interest in obtaining a greater understanding of the markets that are relevant to us and our activities (particularly in ensuring the efficient and secure management of our processes and the expansion of our activities), the marketing of our products and services, the efficient and effective management of our business, the maintenance of the security of our systems and the safeguarding of our interests in connection with third parties.
  • Consent: If you consent to the processing of your data, this will be the legal basis on which we are permitted to process data. We will inform you of the purpose of processing. You may withdraw your consent at any time with effect for the future by informing us of this in writing (by post or, unless otherwise specified or agreed, by e-mail; see section 2 for our contact details and section 13 in connection with withdrawal of consent to online tracking). As soon as we have received and processed your notification of withdrawal of your consent, we will cease to process your data for the purpose(s) to which you originally consented (unless another legal basis allows us to continue processing the data).
  • Other legal bases: In specific circumstances, other legal bases may allow us to process data. If this is the case, we will inform you of the relevant individual legal basis.

 

7. What happens in the case of profiling?

“Profiling” means any form of automated processing of personal data to analyse or predict certain personal aspects (e.g. in order to analyse personal interests, preferences and likings of an individual and to predict potential behaviour). For this purpose, we use, in particular, behavioural and preference data, technical data and communication data (e.g. in the form of your reactions to marketing and other forms of communications). Profiling helps us to continually improve what we have to offer and to adapt this better to your individual needs, to better plan our business activities, to put together suitable teams and also to identify whether there is the possibility that a transaction may be fraudulent. We may also prepare profiles (i.e. link together personal data from various sources) to improve the quality of our analyses and predictions in order to gain greater insight into you as a person and your various interests and characteristics. In both circumstances outlined above, we will ensure that results are commensurate with the purpose and reliable and will employ measures to prevent any form of misuse.

 

8. To whom will we disclose your data?

In connection with our contracts, website, our services and products, our legal obligations, to otherwise safeguard our legitimate interests and for the purposes outlined in section 5, we will also transmit your personal data to third parties, particularly the following categories of recipients:

  • Affiliated company: Our affiliated company Lazoona AG is permitted to use your data as specified in this privacy policy for the same purposes as us (see. section 5). We are also permitted to reveal your health data to Lazoona AG. Lazoona AG may process your data on our behalf or assume its own responsibility for the processing of the data. For more information on data processing by Lazoona AG, please go to: www.lazoona.com/impressum-datenschutz.
  • Service providers: We work with service providers based in Switzerland and in other countries (including non-EU countries) who process data about you (i) on our behalf, (ii) in collaboration with us, or (iii) assume responsibility for processing the data they receive from us (e.g. IT providers, recruitment organisations, support service providers, cleaning contractors, security companies, banks, insurers, debt-collection agencies, credit agencies, address checkers, consultancy companies and lawyers). The information provided may also include health data. For information on the service providers we use in connection with our website, see section 13.
  • Contractual partners, including customers: In this case, these are principally contractual partners with whom we collaborate or on whose behalf we work, but also other of our customers and contractual partners the data of whom needs to be transferred in connection with a contract (e.g. because you are acting on behalf of a contractual partner or a contractual partner is providing services to you or for you). This may also include information about your state of health. The recipients will be solely responsible for the processing of this data.
  • Official bodies: We may transmit personal data to public institutions, courts and other official bodies in Switzerland and other countries when we are legally obligated or authorised to do so, and when this appears necessary to enable us to safeguard our legitimate interests. This may also include information about your state of health. The recipients will bear the sole responsibility for the processing of this data.
  • Other persons: Referred to here are other cases in which third parties may need to be involved for the purposes specified in section 5. Other recipients can be, e.g. consignees or other payment recipients nominated by you, third parties acting as your representative (e.g. your lawyer or bank) or other persons involved in official or legal procedures. In cases in which we collaborate with media outlets and supply these with material (such as photos), it is possible that information on your person may be involved. In connection with our corporate development activities, we may sell or acquire businesses, business segments, assets or companies or enter into partnerships; this may necessitate the disclosure of data (including data about you, e.g. as a customer or supplier or agent of these) to the persons involved in the corresponding transactions. There may also be an exchange of data, which can apply to you, when we communicate with our competitors, industry organisations, associations and other such bodies.

All these categories of recipients may commission third parties, so that your data may be made accessible to these. We can restrict the extent to which certain third parties (such as IT providers) are permitted to process data but are not able to do so in the case of other third parties (such as official bodies and banks, etc.).

We also allow specific third parties (e.g. media photographers, providers of tools that we have incorporated in our website) to collect personal data about you from our website and during events held by us. Unless we are significantly involved in this data collection, the sole responsibility for the processing of this data is borne by the third parties alone. Should you have any data protection concerns in this connection or wish to exercise your rights under data protection legislation, please contact these third parties directly. See section 13 for information on our website.

 

9. Will your data be transmitted outside Switzerland?

We process and store personal data principally in Switzerland and countries of the European Economic Area (EEA). However, in individual circumstances, we may disclose personal data to service providers and other recipients (see section 8) who are based outside Switzerland and the EEA or who process data outside this region – in other words, we may transmit data to any country in the world.

If the recipient is based in a country without an appropriate level of legal data protection, we will undertake to ensure that the recipient enters into a contractual obligation to maintain an appropriate level of data protection (for this purpose, we will use the revised standard contractual clauses of the European Commission: accessible here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj? ), unless the recipient is already subject to a recognised code of practice for data protection and we cannot enforce the former on the basis of an exemption clause. However, there may be exceptions to the above in the case of legal proceedings abroad, if disclosure is necessary to safeguard an overriding public interest, disclosure is necessary for the purposes of contract implementation, if you have consented to disclosure or if you have made the data generally accessible and have not explicitly prohibited processing.

Please bear in mind that information that is exchanged online is frequently transmitted through third countries. Your data may thus also be available abroad if sender and recipient are located in the same country.

 

10. For how long will we process your data?

We will process your data for as long as is necessary for the corresponding purposes, for the legal retention periods, for as long as is necessary to safeguard our legitimate interest in the processing of the data for documentation and evidentiary purposes and for as long as storage is technically required (e.g. in connection with the preparation of backups or for documentation management system purposes). If there are no contrary legal or contractual requirements, we will delete or anonymise your data on termination of the corresponding archiving or processing periods as part of our routine activities.

As a rule, where there are no legal archiving requirements in individual cases, we will process personal data during the duration of the corresponding business relationship or the term of the corresponding contract and subsequently archive the data, depending on the applicable legal basis, for five or ten years or longer. This period will be equivalent to that in which we have the right to claim legal entitlements from third parties or third parties have the right to claim legal entitlements from us. Ongoing or forthcoming legal proceedings may mean that processing may need to be continued beyond these periods. See section 13.2 for information on the retention period of cookies.

 

11. How will we protect your data?

We have put in place appropriate security measures to safeguard the confidentiality, integrity and availability of your personal data, to protect it against unauthorised or unlawful processing, to protect it against the risk of being lost, of inadvertent modification, unintentional disclosure and unauthorised access. Please note that all possible risks to the security of your data cannot be excluded in full; a certain residual risk is inevitable.

 

12. What rights do you have?

The applicable data protection legislation grants you the right, under certain circumstances, to prohibit the processing of your data, in particular for the purposes of direct marketing, profiling undertaken for the purposes of direct marketing and in other cases of legitimate interest in the processing.

In order to facilitate your control of the processing of your personal data, you have the following rights in connection with our processing of your data depending on the applicable data protection legislation:

  • The right to request information from us as to whether we process data about you and, if that is the case, what data
  • The right to request us to rectify data about you that is incorrect
  • The right to request deletion of data
  • The right to receive from us certain of your personal data in a standardised electronic format and the right to transmit this to another controller
  • The right to withdraw given consent for processing in circumstances in which our right to processing is based on your consent
  • The right to request further information that is necessary for you to exercise these rights.

Should you wish to exercise any of the above-specified rights in our case, please notify us locally in writing or, unless otherwise specified or agreed, by e-mail; you will find our contact details in section 2. So that we can exclude any possibility of misuse in such cases, it will be necessary for us to identify you (by means of a copy of your ID document unless this is possible using easier means).

You also have these rights in connection with other independent organisations that collaborate with us – please contact these organisations directly if you wish to exercise your rights in connection with their processing of your data. Information on our main cooperation partners and service providers is provided in section 8, while further details on other partners is provided in section 13.
Please note that certain preconditions, exceptions and limitations apply to these rights under applicable data protection legislation (e.g. to ensure the protection of third parties or of business secrets). Where necessary, we will be happy to inform you of these.

If you are dissatisfied with the way we deal with your rights or with the protection of your data, please notify us or our data protection representative (section 2) of this. If you are domiciled in the EEA or Switzerland, you also have the right to submit a complaint to the data protection supervisory authority in your country. A list of the supervisory authorities in the EEA countries is provided here: https://edpb.europa.eu/about-edpb/board/members_en. In Switzerland, you can also contact the Federal Data Protection and Information Commissioner; go to: https://www.edoeb.admin.ch/en/

 

13. Do we employ online tracking, online marketing techniques and similar techniques?

We use various techniques (such as cookies, fingerprinting, pixel tags and similar technical features) on our website (including apps, newsletters and other digital offerings). These enable us and associated third parties to identify you on your use of our offerings and, under certain circumstances, allow us to track you during several of your visits.
We use our own in-house tools and, on occasion, the corresponding services offered by third parties, particularly in order to improve the functioning and the content of our website (e.g. integration of videos or maps), to prepare statistics and display marketing material. This enables us and authorised third parties to provide you with a personalised online experience (e.g. in the form of personalised adverts, interactions on social media pages).

 

13.1 What are cookies and similar technical features?

A cookie is a small text file identified by a code (a series of letters and digits) that is transmitted by the server to your system. Cookies enable us and the third-party providers commissioned by us or cooperating with us to recognise visitors to our website and to track them over several visits and as they move to various websites. Cookies also allow us to identify the use of a particular device or browser but do not necessarily provide information that makes it possible to personally identify a user. Please note, however, that personal data about you that has been stored by us or by commissioned third-party providers (e.g. if you have a user account with us or these providers) can be linked with the information obtained from you stored in cookies, and this may make it possible to identify you personally.

In addition to cookies, there are other similar technical features, such as pixel tags, fingerprints and social media plugins. Pixel tags are small, usually invisible graphic images or program codes that are uploaded by a server and provide the server operator with certain information (such as when a website is accessed). A fingerprint consists of information on the configuration of your device or browser collected during your visit to a website and that makes it possible to differentiate between your device and other devices. A social media plugin is a small software element that creates a link to the social media platform of a third-party provider when you visit our website. A social media plug-in informs the third-party provider that you have visited our website and can transmit to the third-party provider cookies that have been uploaded from here to your web browser. Please see the corresponding privacy policies for more information on how third-party providers use the personal data collected through their social media plugins.

 

13.2 What types of cookies and similar technologies do we use?

Information on the specific types of cookies employed on our website, their purpose and their expiration dates are provided in the following table:

www.corris.ch/#consent-change

Access our Consent Management System available here [https://www.corris.ch/#consent-change] for details of our third-party providers and marketing partners. Our Consent Management System also provides you with the opportunity to deactivate certain categories of cookies by means of modifying the settings of your browser.

It is possible that some of the third-party providers we use are based outside Switzerland. See section 9 for information on the disclosure of data in other countries.
If you consent to the use of cookies, you also accept that your data may be transmitted to a country without an adequate level of data security and accept the risk that your data may be accessed by foreign public authorities in the country of the recipient that are not required, in this connection, to act in accordance with adequate data protection legislation. As specified in section 13.3, you have the right to withdraw your consent to the use of cookies at any time.

We currently use the services offered by the following providers and contractual marketing partners (in so far as these employ marketing-related data about you or cookies saved to your system):

    • Google Analytics
      Provider: Google Ireland Ltd., Ireland
      Privacy policy: https://policies.google.com/privacy?hl=eng
    • Google Ads
      Provider: Google Ireland Ltd., Ireland
      Privacy policy: https://policies.google.com/privacy?hl=eng
    • Microsoft Ads
      Provider: Microsoft Corporation, USA
      Privacy statement: https://www.microsoft.com/en-gb/privacy/privacystatement
    • TikTok
      Provider: TikTok Technology Ltd., Ireland and TikTok Information Technologies UK Ltd., United Kingdom
      Privacy policy: https://www.tiktok.com/legal/page/us/privacy-policy/en
    • Meta
      Provider: Meta Platforms Ireland Ltd., Ireland

      • Instagram
        Provider: Meta Platforms Ireland Ltd., Ireland
        Privacy policy: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
  • LinkedIn
    Provider: LinkedIn Ireland Unlimited Company, Ireland
    Privacy policy: https://www.linkedin.com/legal/privacy-policy
  • Xing
    Provider: New Work SE, Hamburg, Germany
    Privacy policy: https://privacy.xing.com/en/privacy-policy
  • YouTube
    Provider: Google Ireland Ltd., Ireland
    Privacy policy: https://policies.google.com/privacy?hl=eng
  • Amazon CloudFront
    Provider: Amazon Europe Core SARL, 38 avenue John F. Kennedy, L-1855, Luxembourg, Luxembourg
    Privacy notice: https://aws.amazon.com/privacy//

By accessing our Consent Management System at https://www.corris.ch/#consent-change, you can manage your preferences with regard to the use of cookies and other similar technical features.

Browsers can automatically accept or reject cookies but provide you with the option of altering the corresponding settings. You can also deactivate or delete cookies that you have previously accepted. Please note that if you delete all cookies, all settings will be lost, including the setting that you do not wish to accept cookies, as this latter would require the uploading and activation of an opt-out cookie. You will need to alter settings individually for each browser you use. See the help menu of each browser for information on how to manage how your browser deals with cookies.

If you decide to refuse to accept cookies and similar technical features, you will still be able to use our website although your access to certain of the functions and areas of our website may be restricted.

 

14. What data do we process on our social network pages?

We can post pages and maintain other forms of online presence on social networks and other platforms operated by third parties (such as “fan pages”, “channels” and “profiles” etc.) and process the data about you specified in section 3 and described below. We will receive the corresponding information from you and the platforms when you contact us through an online presence of ours (e.g. when you communicate with us, post comments about our content or visit one of our online presences). At the same time, the platform operators will be able to analyse your use of the particular online presence of ours (e.g. the way you interact with us, how you use the online presence, what you view, comment on or “like”) and process this data together with other data about you that they possess (e.g. information about your age and gender and other demographic information). This means that they will generate profiles for you and statistics about the use of our online presences. They will employ the data and profiles as the basis for displaying our promotional material and that of third parties and other personalised content on the platform and to manage the behaviour of visitors to their platform; in addition they will use this data for market and consumer research and to supply information to us and other parties about you and your use of our online presence. Where we are responsible for certain forms of processing together with the operator, we will conclude an appropriate contract with the operator. Please contact the operator for information on the main provisions of such contracts. They will also process your data for their own purposes, specifically for marketing and market research purposes (e.g. in order to personalise promotional materials) and to manage their platforms (e.g. in order to decide what content they will display for you); in this connection, the operators are solely responsible for processing.

We have the right, but are not obligated, to review content prior to or after publication on our online presences, to delete content without prior notification and notify the operator of the corresponding platform of the content in question. Where there is violation of taste and decency standards, we can request that the operator of the platform hosting the corresponding user account blocks or deletes this.

For more information on the processing of data by platform operators, please see the privacy policy of the corresponding operator. You will also find here information on in which countries your data is processed, what rights you have with regard to information and deletion and how you can exercise these rights and obtain further information. We currently use the following platforms:

  • Facebook:
    Our profile: https://www.facebook.com/TheJob.ch
    Provider: Meta Platforms Ireland Ltd., Ireland
    Privacy policy: www.facebook.com/privacy/policy
  • Xing:
    Our profile: https://www.xing.com/pages/corrisag
    Provider: New Work SE, Germany
    Privacy policy: https://privacy.xing.com/en/privacy-policy
  • LinkedIn:
    Our profile: https://www.linkedin.com/company/corris-ag/
    Provider: Ireland Unlimited Company, Ireland.
    Privacy policy: www.linkedin.com/legal/privacy-policy
  • TikTok
    Our profile: https://www.tiktok.com/@corris_fundraising
    Provider: TikTok Technology Ltd., Ireland and TikTok Information Technologies UK Ltd., United Kingdom
    Privacy policy: https://www.tiktok.com/legal/page/us/privacy-policy/en
  • Instagram
    Our profile: https://www.instagram.com/corris_fundraising/
    Provider: Meta Platforms Ireland Ltd., Ireland
    Privacy policy: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
  • YouTube
    Our profile: https://www.youtube.com/@corrisderjob
    Provider: Google Ireland Ltd., Ireland
    Privacy policy: https://policies.google.com/privacy?hl=eng
  • Vimeo
    Our profile: https://vimeo.com/corris
    Provider: Vimeo.com, Inc., USA
    Privacy policy: https://vimeo.com/privacy?_gl=1*1f17toc*_ga*MTYyMDg4O
    DU4Ni4xNzA1OTMxMTY4*_ga_126VYLCXDY*MTcwNTkzMTE2OC4xLjEuMTcwNTkzMTE2OC42MC4wLjA.
  • Kununu
    Our profile: https://www.kununu.com/ch/corris-die-fuehrende-fundraising-agentur-fuer-non-profit-organisationen
    Provider: New Work SE, Germany
    Privacy policy: https://arbeitgeber-support.kununu.com/hc/de/articles/11191012494737-Werden-meine-Daten-vertraulich-behandelt- together with https://privacy.xing.com/en/privacy-policy

 

15. Use of messenger platforms

To communicate with you we will use various well-known messenger platforms in addition to the chat feature integrated in our website, e-mail and telephone. These platforms are solely responsible for the processing of your data in this connection. If you contact us through one of these platforms, we will assume that you consent to allow us to respond to you or contact you again through the corresponding channel. We use the following messenger services:

  • WhatsApp
    Provider: WhatsApp Ireland Limited, Ireland
    Privacy policy: https://www.whatsapp.com/legal/privacy-policy-eea/preview
  • Messenger
    Provider: Meta Platforms Ireland Ltd., Ireland
    Privacy policy: https://www.facebook.com/privacy/policy

 

16. What about fundraising?

We are not responsible under data protection legislation in the case of the collection and processing of data in connection with our fundraising activities; this responsibility is borne by the organisations commissioned by us to undertake fundraising. This means that we will collect and process your personal data in this context solely on behalf of and in accordance with the instructions of these parties and not for our own purposes. This will be the case, for instance, when we address you at one of our fundraising stands or knock on your door in order to motivate you to make a donation and you provide us with personal data (particularly contact and finance-related information) in this regard. This data will be used, among other purposes, to communicate with you and to initiate and complete the donation process. You will find more information about data processing in the privacy policy statements of our commissioned organisations. Should you have any data protection concerns in this connection or wish to exercise your rights under data protection legislation, please contact these organisations directly.

 

17. Can this privacy policy be modified?

This privacy policy is not an integral part of a contract with you. We retain the right to modify this privacy policy at any time. The version published on this website is always the currently valid version.
Most recent update: [21 August 2024]