Privacy Policy

General Privacy Policy

In this privacy policy, Maba AG (hereinafter referred to as the "Company", "we" or "us") explains how we collect and otherwise process personal data. This is not an exhaustive description; other privacy policies or general terms and conditions, participation conditions and similar documents may regulate specific matters. Personal data includes all information that relates to an identified or identifiable person.
If you provide us with personal data of other persons (e.g. family members, work colleagues, etc.), please ensure that these persons are aware of this privacy policy and only provide us with their personal data if you are permitted to do so. The personal data transmitted in this way must also be correct.
This privacy policy is designed to comply with the requirements of the EU General Data Protection Regulation ("GDPR") as well as the Swiss Data Protection Act ("DSG"). Whether and to what extent these laws are applicable depends on the individual case.

1 Controller / Data Protection Officer

The controller responsible for the data processing described here is the executive management of the Company. If you have data protection concerns, you can inform us via the following contact address:
Francis Barrier, francis.barrier@mabacapital.ch

2 Purpose of Data Processing and Legal Basis

The Company primarily uses the collected data to conclude and fulfill contracts with our customers and business partners as well as to fulfill domestic and foreign legal obligations.
Furthermore, and in accordance with applicable law, we may also process personal data for the following purposes which are in our (or possibly a third party’s legitimate) interest, for example:

Provision and development of our products, services, websites, apps, and other platforms on which we operate;
Communication with third parties and processing of their inquiries (e.g. applications, media inquiries);
Advertising and marketing (including the organization of events), provided you have not objected to the use of your data for this purpose (if you are a customer and receive advertising, you can object at any time, and we will place you on a list to block further advertising);
Assertion of legal claims and defense in legal disputes and official proceedings;
Prevention and investigation of criminal acts and other misconduct;
Ensuring our operations, including our IT, websites, apps and other applications;
Acquisition and sale of business units, companies or parts of companies and other corporate transactions and the related transmission of personal data as well as measures for business management and compliance with legal and regulatory obligations and internal regulations of the Company.

If you have given us your consent to process your personal data for specific purposes (e.g. when registering to receive newsletters), we will process your personal data based on that consent unless we have another legal basis. A given consent can be revoked at any time, but this does not affect data processed before the revocation.

3 Collection and Processing of Personal Data

We primarily process personal data that we receive from our customers and other business partners, as well as other persons in the context of our business relationships with them, or that we collect from users when operating our websites, apps, and other applications.
To the extent permitted, we also obtain certain personal data from publicly accessible sources (e.g. debtor directories, land registers, commercial registers, press, internet) or receive such data from authorities or other third parties. Apart from data provided to us directly by customers, the categories of data we receive from third parties about customers include, for example: data from public registers, data received in connection with administrative or legal proceedings, data related to the customer’s professional role and activities (e.g. for concluding and executing contracts with your employer), information from correspondence and conversations with third parties, information provided to us by persons associated with the customer (family members, advisors, legal representatives, etc.) for the purpose of concluding or executing contracts with the customer or with the customer’s involvement (e.g. powers of attorney), data from legal regulations, bank details, data about customers available in the media or on the internet (where specified, e.g. in relation to applications, media reports, marketing, etc.), addresses and potential interests and other sociodemographic data (for marketing purposes), data related to the use of our websites (e.g. IP address, MAC address of your smartphone or computer, information about devices and settings, cookies, date and time of your visit, accessed pages and content, used applications, referring website, location data).
As a rule, we store this data for 12 months after the processing purpose has ended. This period may be longer if required for evidentiary reasons or to meet legal or contractual obligations.

4 Cookies / Tracking and Other Information on the Use of Our Website

We typically use "cookies" and similar technologies on our websites, which allow your browser or device to be identified. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you are using when you visit our website. When you revisit this website, we can recognize you, even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your website visit ("session cookies"), cookies may also be used to store user settings and other information over a certain period (e.g. two years) ("persistent cookies"). However, you can configure your browser to reject cookies, accept them for one session only, or delete them early. Most browsers are preset to accept cookies. We use persistent cookies to better understand how you use our website. If you block cookies, certain functionalities (such as language selection) may no longer work.

Technical Data
When you visit our website, user-specific data (e.g. IP address, web browser, operating system) and technical data (e.g. URLs of visited pages, execution of a search query) are collected and analyzed anonymously.
This data is collected and processed for purposes of system security and stability, error and performance analysis, and internal statistical purposes, and it enables us to optimize our website.

When subscribing to our content or submitting a contact form/customer login, we process the data necessary to provide the requested service. Depending on the service, the following data may be processed: email address, first name, last name, salutation, full address, subject, and message.
If you have given us your consent to process your personal data for specific purposes (e.g. when submitting a request), we will process your personal data based on that consent, unless we have another legal basis. A given consent can be revoked at any time; however, this has no effect on data processed before the revocation.
As a rule, we store technical data for 6 months.

Communication Data
When you contact us via email, phone, letter, or other communication channels, we collect the data exchanged between you and us, including your contact details and metadata of the communication. If we record or monitor phone calls or video conferences (e.g. for training and quality assurance purposes), we will inform you accordingly. Such recordings are made and used only in accordance with our internal guidelines and legal requirements.
As a rule, we store this data for 12 months from the last exchange with you. This period may be longer if required for evidentiary reasons, legal or contractual obligations, or technical reasons. Emails in personal inboxes and written correspondence are generally retained for at least 10 years. Recordings of (video) conferences are usually kept for 24 months. Chats, if applicable, are typically retained for 2 years.

Google Analytics and Similar Services
In order to design and continuously optimize our website to meet your needs, we may use Google Analytics or similar services on our website. These are services provided by third parties who may be located in any country worldwide (in the case of Google Analytics: Google Ireland Ltd. (based in Ireland); Google Ireland uses Google LLC (based in the USA) as a subcontractor (both "Google"), https://www.google.com/). The cookies used by Google Analytics are stored on your computer and enable analysis of your use of the website.
The use of Google Analytics is based on your consent to track your browsing behavior on our websites and analyze it.

The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. These cookies may contain, for example: IP address, number, date and time of the visit, duration of the visit, your access page (referrer URL), the pages visited on our website, browser type/version, and operating system used. Google will use this information on our behalf, as we have a legitimate interest in analyzing user behavior to improve our website. Google uses this information to evaluate website usage, compile reports about website activity, and provide other services related to website and internet usage for us. Pseudonymized usage profiles of users can also be created from the processed personal data.

We may have activated IP anonymization on this website (so-called IP masking). This means that your IP address is shortened by Google within member states of the European Union, in other states party to the Agreement on the European Economic Area, and in Switzerland before being transferred to the USA. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there.

You can prevent the storage of cookies by setting your browser accordingly. However, please note that in this case, you may not be able to use all functions of this website to their full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. Alternatively, or on mobile browsers, you can prevent data collection by Google Analytics by clicking the following link: https://support.google.com/analytics/answer/181881?hl=en, which deactivates Google Analytics for this website. In this case, a special opt-out cookie will be set on your device to prevent future tracking. If you delete your saved cookies, you must click this link again.

Further information on the handling of user data by Google Analytics can be found in Google’s data protection declaration: https://support.google.com/analytics/answer/6004245?hl=en.

Google may also review users’ website usage and possibly combine the personal data collected with other information it has independently collected from other websites visited by the user and use it for its own purposes (e.g. to control advertising) under its own responsibility and according to its own privacy policy. More information on this and how Google processes personal data can be found in Google’s privacy policies: https://policies.google.com/?hl=en; https://policies.google.com/technologies/partner-sites.

Social Media Plug-Ins
We may use so-called plug-ins from social networks such as Facebook, LinkedIn, YouTube, etc., on our website. These are identifiable to you (typically via appropriate symbols). We have configured these elements to be deactivated by default. If you activate them (by clicking), the operators of the respective social networks can register that you are on our website and where, and they can use this information for their own purposes. The processing of your personal data is then the responsibility of this operator according to its privacy policy. We do not receive any information about you from them.

5 Disclosure of Data to Third Parties and Transfer of Data Abroad

In the course of our business activities and in line with the purposes of data processing set out in this policy, we may transfer data to third parties, to the extent that such transfer is permissible and we consider it appropriate, so that these third parties can process data for us or, if applicable, for their own purposes. In particular, the following categories of recipients may be concerned:

Our service providers (e.g. risk management & compliance, IT providers, accounting, CRM systems, etc.)
Domestic and foreign authorities, government bodies, and courts
Other parties in potential or actual legal proceedings

Some recipients are located in Switzerland, others may be located in any country worldwide. In particular, you must expect your data to be transferred to any country where our service providers are located (such as Microsoft).
If a recipient is located in a country without adequate legal data protection, we contractually require the recipient to comply with data protection (for this purpose, we use the revised standard contractual clauses of the European Commission, available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj), unless the recipient is subject to a legally recognized framework ensuring data protection and we cannot rely on an exception. An exception may apply, for example, in the case of legal proceedings abroad, if there is an overriding public interest, if the performance of a contract requires such disclosure, if you have given consent, or if the data has been generally made accessible by you and you have not objected to the processing.

6 Duration of Data Retention

All data, including personal data, is only processed and stored by us for as long as necessary to fulfill our contractual and legal obligations or the other purposes pursued with the processing, especially for the duration of the entire business relationship and beyond due to legal retention and documentation obligations.
It is possible that personal data may be retained for the period during which claims can be asserted against the Company, and as long as we are otherwise legally obligated or legitimate business interests require it (e.g. for evidentiary or documentation purposes).
As soon as your personal data is no longer required for the above purposes, it will be deleted or anonymized, where possible. For operational data (e.g. system logs), shorter retention periods of 12 months or less apply.

7 Data Security

The Company has implemented appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse. These measures include instructions, training, IT and network security solutions, access controls and restrictions, encryption of passwords, data storage and transmission, pseudonymization, and controls.
We cannot guarantee the security of data transmission over the internet. In particular, data sent by email involves a certain risk of third-party access.

8 Rights of the Data Subject

Customers have the right to access, rectify, and delete their personal data, the right to restrict processing, or to object to our data processing. Please note, however, that we reserve the right to assert legal restrictions on our part, for example if we are obliged to retain or process certain data, have an overriding interest (where we may rely on such interests), or need the data to assert claims.

We have already informed you of the right to object or withdraw consent at any time. Please also note that exercising these rights may conflict with your contractual obligations and could result in consequences such as early termination of the contract and may involve costs. Should this be the case, we will inform you in advance unless already contractually agreed.

In general, exercising these rights requires you to prove your identity (e.g. by providing a copy of an ID document if your identity is not otherwise evident or cannot be verified). To exercise these rights, please contact us at the address provided above.
Additionally, every data subject has the right to enforce their rights in court or to lodge a complaint with the relevant data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/en/home.html).

9 Profiling and Automated Individual Decision-Making

Personal data may be processed automatically in part to evaluate certain personal aspects (profiling). Profiling allows us, in particular, to better inform and advise you about products that may be relevant to you. For this purpose, we may use evaluation tools that enable us to communicate with you and advertise as needed, including for market and opinion research.

We generally do not use fully automated individual decision-making (as defined in Article 22 GDPR) to initiate and carry out a business relationship. If we do use such procedures in certain cases, we will inform you separately and explain your rights in this regard if required by law.

10 Third-Party Privacy Policies

Please note that if you click on a link to a third-party website (e.g. Google or social media or other websites), you will be redirected to a website that we do not control, and our privacy policy will no longer apply. Your browsing and interaction on another website are subject to that website’s terms of use and privacy policies and notices.
Furthermore, we cannot guarantee the accuracy or timeliness of such links.
We recommend that you carefully read the terms of use and privacy policies and notices of any third-party websites before providing personal data through them. We are not responsible or liable for the content and data processing on such third-party websites.

11 Changes to the Privacy Policy

We may change, supplement, or otherwise modify this privacy policy at any time without prior notice and without stating reasons. The current version published on our website applies.
If the privacy policy is part of an agreement with customers, we will inform customers of any updates to the privacy policy via email or in another appropriate manner.

Disclaimer:

Liability for Content

The contents of our pages have been created with the greatest care. However, we cannot guarantee the accuracy, completeness, or timeliness of the content.

Liability for Links

Our offer contains links to external third-party websites, the content of which we have no influence over. Therefore, we cannot accept any responsibility for these external contents. The respective provider or operator of the linked pages is always responsible for the content. The linked pages were checked for possible legal violations at the time of linking. No illegal content was identified at the time of linking. Permanent content control of the linked pages is not reasonable without concrete evidence of a violation. If we become aware of any legal violations, we will remove such links immediately.

Copyright

The content and works created by the site operators on these pages are subject to Swiss copyright law. Reproduction, editing, distribution, and any kind of use outside the limits of copyright require the written consent of Maba AG. Downloads and copies of this page are not permitted.
As far as the content on this page was not created by the operator, the copyrights of third parties are respected. In particular, third-party content is marked as such. If you still notice a copyright infringement, please let us know. Upon becoming aware of legal violations, we will remove such content immediately.