Privacy Policy

In this Privacy Policy, we, Wirz Group AG (companies of Wirz Group AG) (hereinafter collectively referred to as Wirz Group AG, we, or us), explain how we collect and otherwise process personal data. This is not an exhaustive description; other privacy policies or general terms and conditions, terms of participation, and similar documents may govern specific matters. Personal data refers to any information relating to an identified or identifiable individual.

If you provide us with personal data of other individuals (e.g., family members, colleagues), please ensure that these individuals are aware of this Privacy Policy and only share their personal data with us if you are authorized to do so and if the personal data is accurate.

This Privacy Policy is designed to meet the requirements of the EU General Data Protection Regulation (“GDPR”), the Swiss Data Protection Act (“DSG”), and the revised Swiss Data Protection Act (“revDSG”). However, whether and to what extent these laws apply depends on the specific case.

1. Data Controller

Wirz Group AG (Uetlibergstrasse 134b, 8045 Zurich) is responsible for the data processing described here, unless otherwise specified in individual cases. If you have any data protection concerns, you can contact us at the following address for all companies within the Wirz Group AG (please specify which company you are referring to if possible): Wirz Group AG, Uetlibergstrasse 134b, 8045 Zurich, datenschutz@wirz.ch

2. Collection and Processing of Personal Data

We primarily process personal data that we receive from our customers and other business partners—as well as from other individuals involved in our business relationships with them—or that we collect from users of our websites and other applications during their operation.

To the extent permitted, we also obtain certain data from publicly accessible sources (e.g., debt collection registers, land registers, commercial registers, the press, the Internet) or receive such data from other companies within Wirz Group AG, from authorities, and from other third parties (such as credit bureaus). In addition to the data you provide to us directly, the categories of personal data we receive about you from third parties include, in particular, information from public registers, information we obtain in connection with administrative and judicial proceedings, information related to your professional roles and activities (so that we can, for example, conclude and conduct business with your employer with your assistance), information about you in correspondence and meetings with third parties, credit reports (to the extent that we conduct business with you personally), information about you provided to us by individuals in your circle (family, advisors, legal representatives, etc.) so that we can conclude or execute contracts with you or involving you (e.g., references, your delivery address, powers of attorney, information regarding compliance with legal requirements such as anti-money laundering and export restrictions, information from banks, insurance companies, distribution partners, and other contractual partners of ours regarding your use of or provision of services (e.g., payments made, purchases made), information about you from media and the internet (to the extent this is appropriate in the specific case, e.g., press reviews, marketing/sales, etc.), your addresses and, where applicable, interests and other sociodemographic data (for marketing purposes), data related to the use of the website (e.g., IP address, MAC address of the smartphone or computer, information about your device and settings, cookies, date and time of the visit, pages and content accessed, functions used, referring website, location data).

Applicant Data: When you apply to us, in addition to your title, last name, first name, and date of birth, standard contact information such as your address, email address, and landline and mobile phone numbers will be stored in the applicant database. In addition, application documents such as cover letters, resumes, professional qualifications, educational credentials, and references are recorded. This data is stored and processed on the systems of our software partner (rexx systems).

3. Purposes of Data Processing and Legal Bases

We use the personal data we collect primarily to conclude and fulfill our contracts with our customers and business partners, particularly in the context of our activities with our customers and the purchase of products and services from our suppliers and subcontractors, as well as to comply with our legal obligations both domestically and abroad. If you work for such a customer or business partner, your personal data may of course also be affected in this capacity.

In addition, we process personal data from you and other individuals, to the extent permitted and as we deem appropriate, for the following purposes in which we (and occasionally third parties) have a legitimate interest commensurate with the purpose:

Offering and further developing our products, services, websites, and platforms on which we are present; communicating with third parties and processing their inquiries (e.g., job applications, media inquiries);Management of our agency, customer relationship management, employee and recruitment management; Review and optimization of procedures for needs analysis for the purpose of direct customer outreach, as well as collection of personal data from publicly accessible sources for the purpose of customer acquisition;Advertising and marketing (including the organization of events), provided you have not objected to the use of your data (if we send you advertising as an existing customer, you may object at any time, and we will then place you on a block list to prevent further advertising);Market and opinion research, media monitoring; Assertion of legal claims and defense in connection with legal disputes and administrative proceedings; Prevention and investigation of criminal offenses and other misconduct (e.g., conducting internal investigations, data analysis for fraud prevention);Ensuring the operation of our business, in particular our IT systems, websites, and other online platforms; video surveillance to enforce property rights and other measures for IT, building, and facility security, as well as the protection of our employees, other individuals, and assets owned by or entrusted to us (such as access controls, visitor logs, network and email scanners, and telephone recordings);The purchase and sale of business units, companies, or parts of companies, and other corporate transactions, including the associated transfer of personal data, as well as measures for business management and, to the extent necessary, for compliance with legal and regulatory obligations and internal regulations of Wirz Group AG.

Applicant Data: This data is stored, evaluated, processed, or forwarded internally exclusively in connection with the application. It is accessible only to employees of the Human Resources department and to those responsible for the selection process.

To the extent that you have given us consent to process your personal data for specific purposes (for example, when you sign up to receive newsletters or undergo a background check), we process your personal data within the scope of and based on this consent, provided we have no other legal basis and such a basis is required. Consent that has been given may be revoked at any time; however, this has no effect on data processing that has already taken place.

4. Cookies / Tracking and Other Technologies Related to the Use of Our Website

We typically use “cookies” and similar technologies on our websites to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you are using when you visit our website. When you visit this website again, we can recognize you this way, even if we do not know who you are. In addition to cookies that are used only during a session and deleted after your visit to the website (“session cookies”), cookies can also be used to store user settings and other information over a specific period of time (e.g., two years) (“persistent cookies”). However, you can configure your browser to reject cookies, store them only for a single session, or delete them early. Most browsers are set by default to accept cookies. We use persistent cookies to save your user settings (e.g., language, auto-login) so that we can better understand how you use our services and content. Some of these cookies are set by us, while others are set by business partners with whom we collaborate. If you block cookies, certain features may no longer function.

In our newsletters and other marketing emails, we sometimes include visible and invisible image elements—where permitted—which, when retrieved from our servers, allow us to determine if and when you opened the email. This helps us measure and better understand how you use our offerings so we can tailor them to you. You can block this in your email program; most are preset to do so.

By using our websites and consenting to receive newsletters and other marketing emails, you agree to the use of these technologies. If you do not wish to do so, you must adjust the settings of your browser or email program accordingly.

We occasionally use Google Analytics or comparable analytics services (such as those from Capture Media (CH), the Permalead Group (CH), or Mouseflow (DK)) on our websites. This is a service provided by third parties that may be located in any country in the world (in the case of Google Analytics, it is Google Ireland (based in Ireland); Google Ireland relies on Google LLC (based in the U.S.) as a data processor (both “Google”), which allows us to measure and evaluate website usage (non-personal data). For this purpose, permanent cookies set by the service provider are also used. We have configured the service so that the IP addresses of visitors from Europe are truncated by Google before being forwarded to the US, thereby preventing them from being traced. We have disabled the “Data Sharing” and “Signals” settings. Although we can assume that the information we share with Google does not constitute personal data for Google, it is possible that Google may use this data for its own purposes to draw conclusions about the identity of visitors, create personal profiles, and link this data to these individuals’ Google accounts. To the extent that you have registered with the service provider yourself, the service provider also knows you. The processing of your personal data by the service provider is then carried out under the service provider’s responsibility in accordance with its privacy policy. The service provider merely informs us about how our respective website is used (no information about you personally).

We also use so-called plug-ins from social networks such as Facebook, LinkedIn, Vimeo, X (formerly Twitter), YouTube, or Instagram on our websites. This is clearly visible to you (typically via corresponding icons). We have configured these elements so that they are disabled by default. If you enable them (by clicking on them), the operators of the respective social networks can detect that you are on our website and where you are, and may use this information for their own purposes. The processing of your personal data is then the responsibility of that operator in accordance with its privacy policy. We do not receive any information about you from them.

5. Data Disclosure and Data Transfer Abroad

In the course of our business activities and for the purposes set forth in Section 3, we may, to the extent permitted and as we deem appropriate, disclose data to third parties, whether because they process it on our behalf or because they wish to use it for their own purposes. This applies in particular to the following entities:

Our service providers (within Wirz Group AG as well as externally, such as banks and insurance companies), including processors (such as IT providers, rexx Systems (HR/recruitment software provider), BDO (auditing/fiduciary services), Abacus (ERP), Teambox (agency management), Hubspot (CRM), Brizy (website management), etc.; retailers, suppliers, subcontractors, and other business partners; customers; domestic and foreign authorities, government agencies, or courts; media;the general public, including visitors to websites and social media; competitors, industry organizations, associations, organizations, and other bodies; acquirers or parties interested in acquiring business units, companies, or other parts of Wirz Group AG; other parties in potential or actual legal proceedings; other companies within the Wirz Group AG;

These recipients are partly located within Switzerland and partly in other EU countries, but in exceptional cases may be located anywhere in the world. In particular, you must expect your data to be transferred to countries in Europe (specifically DE, DK, IR, UK) and the USA (such as Microsoft, Google), where the service providers we use are located.

If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with applicable data protection laws (for this purpose, we use the European Commission’s revised Standard Contractual Clauses, which can be found here: eur-lex.europa.eu (available upon request), unless it is already subject to a legally recognized framework for ensuring data protection and we cannot rely on an exception provision. An exception may apply, in particular, in the case of legal proceedings abroad, but also in cases of overriding public interest or if the performance of a contract requires such disclosure, if you have consented, or if the data in question has been made publicly available by you and you have not objected to its processing.

6. Retention Period for Personal Data

We process and store your personal data for as long as necessary to fulfill our contractual and legal obligations or for the purposes pursued by the processing, i.e., for example, for the duration of the entire business relationship (from initiation and execution through to termination of a contract) and beyond, in accordance with statutory retention and documentation requirements. It is possible that personal data may be retained for the period during which claims can be asserted against our company and to the extent that we are otherwise legally obligated to do so or legitimate business interests require it (e.g., for evidentiary and documentation purposes). As soon as your personal data is no longer required for the aforementioned purposes, it will generally be deleted or anonymized to the extent possible. For operational data (e.g., system logs), shorter retention periods of twelve months or less generally apply.

Employee and Application Data: If you have applied for a position with us but received a rejection notice, your information will be anonymized no later than 6 months after the conclusion of the application process and completely deleted after 12 months. No notification will be sent regarding the anonymization or deletion of the data. If you are hired by us, your employee data will be added to your personnel file. In the applicant tracking system, the data will be anonymized and will only be available for reporting purposes. No conclusions can be drawn about you from this data.

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse through data security measures such as access controls, user controls, data carrier and storage controls, the issuance of guidelines, training, IT and network security solutions, encryption of data carriers and transmissions, pseudonymization, etc.

8. Obligation to Provide Personal Data

As part of our business relationship, you must provide the personal data necessary for establishing and conducting a business relationship and fulfilling the associated contractual obligations (you generally have no legal obligation to provide us with data). Without this data, we will generally not be able to enter into or fulfill a contract with you (or the entity or person you represent). Furthermore, the website cannot be used if certain information necessary to ensure data transmission (such as your IP address) is not disclosed.

9. Profiling

We do not process your personal data automatically for the purpose of evaluating specific personal characteristics. We therefore do not engage in profiling.

10. Rights of the Data Subject

Under the data protection laws applicable to you and to the extent provided therein (such as in the case of the GDPR), you have the right to access, rectification, erasure, the right to restrict data processing, and the right to object to our data processing, in particular for direct marketing purposes and other legitimate interests in processing, as well as the right to receive certain personal data for the purpose of transferring it to another party (so-called data portability). Please note, however, that we reserve the right to invoke the restrictions provided for by law, for example if we are obligated to retain or process certain data, have an overriding interest in doing so (to the extent we are permitted to invoke such an interest), or require it to assert claims. If costs are incurred on your part, we will inform you in advance. We have already provided information regarding the possibility of withdrawing your consent in Section 3. Please note that exercising these rights may conflict with contractual agreements and may result in consequences such as early termination of the contract or financial implications. We will inform you in advance in such cases, unless this is already regulated by contract.

Exercising such rights generally requires that you clearly prove your identity (e.g., by providing a copy of your ID if your identity is otherwise unclear or cannot be verified). To exercise your rights, you may contact us at the address provided in Section 1.

Furthermore, every data subject has the right to enforce their claims in court or to file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner.

11. Changes

We may amend this Privacy Policy at any time without prior notice. The current version published on our website applies. To the extent that the Privacy Policy is part of an agreement with you, we will notify you of any changes via email or by other appropriate means in the event of an update.

Based on dsat.ch

12. Web Analytics

The websites of wirz.ch We use a web analytics tool to analyze user behavior and identify the IP addresses of companies for marketing purposes. The use of this service requires that data regarding user behavior (e.g., IP address, time of access, user behavior, browser request, etc.) be transmitted directly to the analytics servers and made available exclusively for wirz.ch The collected data is treated as strictly confidential and will neither be sold nor disclosed to third parties. If you no longer wish to be identified in the future, please send an email to optout@permagroup.ch

Contact

Wirz-Texter bei der Arbeit.

We'll take care of your business problem.

Up for coffee?

Write to us about what's on your mind or drop by for a coffee at our office in Zurich. We look forward to seeing you.

Get in touch