Privacy policy

Privacy policy 

This privacy policy from imperia systems ag explains how we collect and process personal data. More detailed regulations in individual cases or for specific departments supplement this policy. For the purposes of this privacy policy, personal data refers to all information relating to an identified or identifiable person.
 

1. Responsible body and contact details 

imperia systems ag is responsible for the data processing described here, unless otherwise specified in individual cases. Enquiries regarding data protection can be sent by letter or email to the data protection officer, Calogero Imperia, c.imperia@imperia-systems.ch, enclosing a copy of your ID card or passport for identification purposes.  

imperia systems ag
Datenschutzbeauftragter
Feldackerstrasse 2/4
5040 Schöftland

2. Collection and processing of personal data

Personal data is processed in the following categories:

• Customer data from customers for whom we provide or have provided services.
• Personal data that we have received indirectly from our customers in the course of providing services.
• Digital visitor data when clicking on our website.
• Customer address data when using our newsletter.
• Customer data relating to personal profile/interests based on participation in one of our events.
• Various data when we communicate in any way (differing in terms of location, time and subject matter).
• Data in other contractual relationships, e.g. as a supplier, service provider or consultant.
• Personal data in job applications.
• Data when we are required to do so by law.
• Data that we use in connection with data protection or compliance with laws.

More detailed information can be found in the description of the respective categories of processing in section 4.

3. Categories of personal data

The type and scope of personal data processing depends on the relationship between you and imperia systems ag, as well as the purpose or reason for which we process the data. In addition to your contact details, we also process other information about you or about people who are related to you. If this information is particularly sensitive personal data, this has further consequences for our processing and our internal procedures.

We collect the following categories of personal data, depending on the purpose:

• Contact information (e.g. surname, first name, address, telephone number, email address)
• Personal customer information (e.g. occupation, title, job title, date of birth (only if necessary), etc.)
• Data about your creditworthiness and company law data as well as financial information (bank accounts)
• Data in connection with specific orders/contracts
• Data in connection with offers to be prepared, specifications and requirements, etc.
• Website data (e.g. IP address, device information (UDI), browser information, website usage (analysis and use of plugins, etc.)
• Data from job applications (e.g. CV, references)
• Advertising and marketing information and personal interests (e.g. newsletter subscription, interest in specific topics, specialisations)
• Security and network data (e.g. visitor lists, access controls, network and mail scanners, telephone call lists)

Where permitted, we also obtain certain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, the press, the Internet) or receive such data from our customers and their employees, from authorities, (arbitration) courts and other third parties. In addition to the data you provide us directly, the categories of personal data we receive about you from third parties include, in particular, information from public registers, information we obtain in connection with official and court proceedings, information in connection with your professional functions and activities, information about you in correspondence and meetings with third parties, credit reports, information about you provided to us by people in your environment (family, advisors, legal representatives, etc.) so that we can conclude or execute contracts with you or involving you (e.g. references, your address for deliveries, powers of attorney) Information on compliance with legal requirements such as anti-money laundering and export restrictions, information from banks, insurance companies, distribution and other contractual partners of ours regarding your use of or provision of services (e.g. payments made, purchases made), information about you from the media and the Internet (where appropriate in specific cases, e.g. in the context of a job application, etc.), your addresses and, where applicable, interests and other socio-demographic data (for marketing purposes), data relating to the use of the website (e.g. IP address, MAC address of your smartphone or computer, information about your device and settings, cookies, date and time of your visit, pages and content accessed, functions used, referring website, location information).

4. What do we process the data for (purpose)?

4.1.  Provision of services / deliveries / sales

We primarily process personal data that we receive from our customers and other contractual relationships with business partners and other persons involved in these relationships.

The personal data of our customers includes the following information in particular:

• Contact information (e.g. surname, first name, address, telephone number, email address, other contact information)
• Personal information (e.g. date of birth (only if necessary), occupation, title, job title, etc.)
• Data on your creditworthiness and entries in various registers or, if applicable, sanctions lists, as well as data in specialised databases and from publicly accessible digital sources
• Financial information (e.g. data on bank accounts, investments or shareholdings)
• Business data, depending on the order/contract
• Sensitive personal data: This personal data may also include sensitive personal data, which, according to Art. 5 lit. c DSG, is:

1. Data on religious, ideological, political or trade union views or activities (e.g. religious beliefs, political affiliation)
2. Data on health, privacy or race or ethnicity (e.g. sexual orientation)
3. Genetic data (e.g. DNA profile)
4. Biometric data that uniquely identifies a natural person (e.g. digital fingerprint, voice recordings),
5. Data on administrative and criminal prosecutions or sanctions (e.g. criminal record entry, debt collection register entry),
6. Data on social assistance measures (e.g. receipt of material assistance).

We process this personal data for the purposes described above on the following legal bases:

• Conclusion or execution of a contract with or for the benefit of the data subject, including contract initiation and enforcement (e.g. delivery contract, sales contract, service contract)
• Fulfilment of a legal obligation (e.g. if we are required to collect and/or disclose data due to a legal obligation)
• Protection of legitimate interests (e.g. for administrative purposes, to improve our quality, to ensure security, to manage risks, to enforce our rights, to defend ourselves against claims or to examine possible conflicts of interest)
• Consent (e.g. to send you marketing information).

4.2.  Indirect data processing from service provision

When we provide services to our customers, we may also process personal data that we have not collected directly from the data subjects or personal data from third parties. These third parties are usually employees, contact persons, family members or persons who have a relationship with the customers or data subjects for other reasons. We need this personal data in order to fulfil contracts with our customers. We receive this personal data from our customers or from third parties commissioned by our customers. Third parties whose information we process for this purpose are informed by our customers that we are processing their data. Our customers can refer to this privacy policy for this purpose.

The personal data of individuals who have a relationship with our customers includes the following information in particular:

• Contact information (e.g. surname, first name, address, telephone number, email address, other contact information, marketing data)
• Personal information (e.g. date of birth, nationality, marital status, occupation, title, job title, passport/ID number, social security number, family circumstances, etc.)
• Financial information (e.g. bank account details, investments or shareholdings)
• Contract or business data, depending on the order or contract
• Sensitive personal data This personal data may also include sensitive personal data, see section 4.1.

We process this personal data for the purposes described above on the following legal bases:

• Conclusion or execution of a contract with or for the benefit of the data subject (e.g. when we perform our contractual obligations)
• Fulfilment of a legal obligation (e.g. when we perform our duties as auditors or are obliged to disclose information)
• Protection of legitimate interests, in particular our interest in providing our customers with the best possible service.

4.3.  Website

No personal data needs to be disclosed in order to use our website. However, each time the server is accessed, it collects a range of user information which is temporarily stored in the server's log files. When this general information is used, it is not assigned to any specific person. The collection of this information or data is technically necessary in order to display our website and to ensure its stability and security. This information is also collected in order to improve the website and analyse its use. 

This includes in particular the following information:

• Contact information (e.g., last name, first name, address, telephone number, email)
• Other information you send to us via the website
• Technical information automatically transmitted to us or our service providers, information about user behaviour or website settings (e.g., IP address, UDI, device type, browser, number of clicks on the page, opening of the newsletter, clicking on links, etc.).

We process this personal data for the purposes described based on the following legal bases:

• Protection of legitimate interests (e.g., for administrative purposes, to improve our quality, analyse data, or publicize our services)
• Consent (e.g., to the use of cookies or the newsletter).

4.4.  Newsletter

If you subscribe to our newsletter, we will use your address and contact details to send you the newsletter. You can subscribe to our newsletter with your consent. Mandatory information for sending the newsletter is your full name and your email address, which we will save after your registration. The legal basis for processing your data in connection with our newsletter is your consent to receive the newsletter. You can revoke this consent and unsubscribe from the newsletter at any time.

4.5.  Events

If you participate in an event organized by us, we collect personal data to organize and conduct the event and, if necessary, to send you additional information afterward. We also use your information to inform you about other events. We may photograph or film you at these events and publish these images internally or externally.

This includes in particular the following information:

• Contact information (e.g., last name, first name, address, telephone number, email)
• Personal information (e.g., profession, position, title, employer)
• Images or videos
• Payment information (e.g., bank details)
• We process this personal data for the purposes described based on the following legal bases:
• Fulfilment of a contractual obligation with or for the benefit of the data subject, including contract initiation and possible enforcement (enabling participation in the event)
• Protection of legitimate interests (e.g., conducting events, disseminating information about our event, providing services, efficient organization)
• Consent (e.g., to send you marketing information or create images).

4.6. Data based on communication methods that vary in location, time, and content (telephone, visits, etc.)

If you contact us (e.g., by phone, email, or chat) or if we contact you, we process the personal data required for this purpose. We also process this personal data when you visit us. In this case, you may be required to provide your contact details before your visit or at reception. We retain these details for a certain period of time to protect our infrastructure and our information. We use the "Microsoft Teams" service to conduct telephone conferences, online meetings, video conferences, and/or webinars ("online meetings").

In particular we process the following information:

• Contact information (e.g., last name, first name, address, telephone number, email)
• Peripheral communication data (e.g., IP address, duration of communication, communication channel)
• Recordings of conversations, e.g., during video conferences
• Other information that the user uploads, provides, or creates while using the video conferencing service, as well as metadata used to maintain the service provided. Additional information about the processing of personal data by Microsoft Teams can be found in their privacy policies.
• Personal information (e.g., profession, position, title, employer)
• Time and reason for the visit.

We process this personal data for the purposes described above based on the following legal bases:

• Fulfilment of a contractual obligation with or for the benefit of the data subject, including contract initiation and possible enforcement (provision of a service)
• Protection of legitimate interests (e.g., security, traceability, and the processing and administration of customer relationships).

4.7.  Applications

You can submit your application for a position with us by mail, email, or via certain online portals. Your application documents and all personal data disclosed to us will be treated with strict confidentiality, will not be disclosed to any third parties, and will only be processed for the purpose of processing your application for employment with us. Without your consent, your application dossier will either be returned to you or deleted/destroyed after the application process has been completed, unless it is subject to a legal retention period. This does not apply to applications for positions that are not vacant at the time of application. In individual cases, we keep application dossiers pending so that we can contact applicants if any vacancies arise. The legal basis for processing your data is your consent, the fulfilment of the contract with you, and our legitimate interests.

In particular we process the following information:

• Contact information (e.g., last name, first name, address, telephone number, email)
• Personal information (e.g., profession, position, title, employer)
• Application documents (e.g., cover letters, certificates, diplomas, CV)
• Evaluation information (e.g., HR consultant evaluations, references, assessments)

We process this personal data for the purposes described based on the following legal bases:

• Protection of legitimate interests (e.g., hiring new employees)
• Consent

4.8.  Suppliers, service providers, other contractual partners

If we enter a contract with you so that you produce something for us, deliver a product, or provide a service for us, we process personal data from you or your employees. We need this to communicate with you and use your services.

We process the following information in particular:

• Contact information (e.g., last name, first name, address, telephone number, email).
• Personal information (e.g., profession, position, title, employer company).
• Financial information (e.g., bank details).

We process this personal data for the purposes described, based on the following legal bases:

• Conclusion or performance of a contract with or for the benefit of the data subject, including contract initiation and any enforcement
• Protection of legitimate interests (e.g., avoiding conflicts of interest, protecting the company, enforcing legal claims).

4.9.  Overview of processing activities

Type of data
Customer data

Purpose
Data to be processed for the provision of services or the sale of products during the contractual or statutory period

Recipients
Administration, sales, management, project management

Responsible
Administration, sales

---

Data type
Customer contact details (e-mail, telephone, mobile, address, date of birth, etc.)

Purpose
Marketing and sales purposes

Recipients
Administration, sales, management, marketing

Responsible
Administration, sales

---

Data type
Employee data

Purpose
Legal and contractually compliant execution of the employment contract and current legal requirements, including administrative matters

Recipient
HR, management

Responsible
HR

---

Data type
Other personal data

Purpose
Recording of the relationship and the purpose of the relationship, including marketing and sales purposes

Recipient
Administration, sales, management, marketing

Responsible
Administration, sales

5. Cookies and similar technologies

This website uses cookies and similar technologies such as local storage, pixels and tags. These are used to provide functions, improve performance and display content in line with requirements.

• Cookies that are necessary for technical functionality are always active.
• Analysis, statistics and marketing cookies and similar technologies are only activated once consent has been given. The selection is made directly in the banner or in the settings.
• Before activation, the purpose, storage period, recipient and any international transfers are clearly communicated.
• The selection can be changed or revoked at any time via the cookie management function.
• Information on the technologies used can be found in the cookie declaration on the website.

6. Web and newsletter analysis

In order to obtain information about the use of our website, to protect the website from misuse through automated access, to improve our internet offering and to be able to address you with advertising on third-party websites or on social media, we use common web analysis tools and re-targeting technologies, such as Google Analytics, Jimdo Ranking Coach, Google reCAPTCHA, Google Tag Manager, Google Maps, Adobe Fonts (TypeKit), YouTube, plausible.io, Brevo newsletter tracking, and other tools and newsletter tools.
 

These tools are provided by third-party providers. As a rule, the information collected for this purpose about the use of a website is transmitted to the third-party provider's server using cookies or similar technologies. Depending on the third-party provider, these servers may be located abroad.
 

The data is usually transmitted with the IP addresses truncated, which prevents the identification of individual end devices. This information is only transferred by third-party providers on the basis of legal regulations or within the scope of order data processing.
 

We reserve the right to use additional tools and plugins to analyse the website or newsletter on an ongoing basis. This is in addition to or in replacement of sections 6.1 to 6.4 below. 

6.1.  Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC, Mountain View, California, USA, on our website. Google Limited Ireland ("Google") is responsible for Europe. To deactivate Google Analytics, Google provides a browser plug-in at https://tools.google.com/dlpage/gaoptout?hl=de. Google Analytics uses cookies. These are small text files that make it possible to store specific, user-related information on the user's device. These enable Google to analyse the use of our website. The information collected by the cookie about your use of our website (including your IP address) is usually transferred to a Google server in the USA and stored there. We would like to point out that on this website Google Analytics has been extended to include the code «gat._anonymizeIp();» to ensure anonymous collection of IP addresses (so-called IP masking). If anonymization is active, Google shortens IP addresses within member states of the European Union or in other contracting states to the Agreement on the European Economic Area, so that no conclusions can be drawn about your identity. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google may associate your IP address with other Google data. For data transfers to the USA, Google has committed to signing and complying with the EU standard contractual clauses.

6.2.  Google Maps

Our website uses Google Maps (API) from Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Google Limited Ireland, "Google" is responsible for Europe). Google Maps is a web service for displaying interactive maps to visually present geographical information. Using this service, you will be shown our location, and any possible directions will be made easier. When you access the subpages that include the Google Maps map, information about your use of our website (such as your IP address) is transmitted to Google servers in the USA and stored there. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish to be assigned to your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as user profiles and evaluates them.

For data transfers to the USA, Google has committed to signing and complying with the EU standard contractual clauses.

6.3.  Social media plugins

Our website uses so-called social media plugins ("plugins") from third parties. The plugins can be identified by the logo of the respective social network. Through these plugins, we offer you the opportunity to interact with the social networks and other users. We use the following plugins on our website: Facebook, Twitter, LinkedIn, YouTube. When you visit our website, your browser establishes a direct connection to the third-party provider's servers. The content of the plugin (e.g., YouTube videos) is transmitted directly to your browser by the respective third-party provider and integrated into the page.

The data is passed on to display content (e.g. publications on Twitter) regardless of whether you have an account with a third-party provider and are logged in there. If you are logged in with the third-party provider, the data we collect will also be assigned directly to your account with the third-party provider. If you activate the plugins, the information will also be published on the social network and displayed to your contacts there. The purpose and scope of the data collection and the further processing and use of the data by the third-party providers as well as your rights and setting options to protect your privacy can be found in the third-party privacy policy of the third-party providers. The third-party provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or to tailor its website to meet your needs. Such an evaluation is also carried out in particular for users who are not logged in in order to display needs-based advertising and to inform other users of the social network about your activities on our website. If you want to prevent third-party providers from assigning the data collected via our website to your personal profile on the respective social network, you must log out of the respective social network before visiting our website. You can also prevent the loading of the plugins with specialized add-ons for your browser, such as «Ghostery» (https://www.ghostery.com/) oder «NoScript» (http://noscript.net/) komplett verhindern. 

6.4.  Newsletter tracking

We use newsletter software to send our digital newsletters. This software allows us to send and analyse newsletters. To perform this analysis, we collect device and access data. To collect this data, the newsletter contains a pixel. The newsletter or the websites accessible from this newsletter are also tracked using cookies. A pixel is an image file that is stored on the recipient's device.

With the help of these technologies, we receive information about whether the newsletter has been received, whether it has been opened, and which content has been clicked on. We use this information to improve our newsletter and our offerings. You can prevent pixels from being set by deactivating HTML in your email program (this varies depending on the email program).

7. Data sharing and transfer

We only share your data with third parties if this is necessary to provide our services, if these third parties provide a service for us, if we are legally or officially obligated to do so, or if we have an overriding interest in sharing your personal data. We will also share personal data with third parties if you have given your consent or requested us to do so.

Not all personal data is transmitted encrypted by default. Unless explicitly agreed otherwise with the customer, all data is transmitted unencrypted.

The following categories of recipients may receive personal data from us:

• Branches, subsidiaries or sister companies
• Other service providers (e.g. IT service providers, hosting providers, suppliers, consultants, solicitors, insurance companies). 
• Third parties within the scope of our legal or contractual obligations, authorities, government agencies, courts.
   

We conclude contracts with service providers who process personal data on our behalf, obliging them to ensure data protection. The majority of our service providers are located in Switzerland or in the EU/EEA. Certain personal data may also be transferred to the USA (e.g. Google Analytics data) or, in exceptional cases, to other countries worldwide. If data transfer to other countries that do not have an adequate level of data protection is necessary, this is done on the basis of the EU standard contractual clauses (e.g. in the case of Google) or other suitable instruments. If data is entered into programmes that use artificial intelligence (AI), this will only be done with your consent or the data will be anonymised in advance. As a rule, there is no contract data processing agreement with AI providers.

8. Duration of Retention of Personal Data

We process and store your personal data for as long as it is necessary to fulfil our contractual and legal obligations or for the purposes pursued by the processing, i.e., for example, for the duration of the entire business relationship (from initiation and processing to termination of a contract) and beyond, in accordance with statutory retention and documentation obligations. Personal data may be retained for the period during which claims can be asserted against our company (i.e. during the statutory limitation period) and to the extent we are otherwise legally obligated to do so ,or legitimate business interests require it (e.g., for evidentiary and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will generally be deleted or anonymized wherever possible. For operational data (e.g., system protocols, logs), shorter retention periods of twelve months or less generally apply.

9. Data security

We take appropriate technical and organizational security measures to protect your personal data

• from unauthorized access (confidentiality)
• so that it is available when needed (availability)
• from misuse and alterations (integrity)
• so that it is processed in a transparent manner (traceability).

This can be achieved through the issuance of instructions, training, IT and network security solutions, access controls and restrictions, encryption of data media and transmissions, pseudonymization, and controls.

The Data Protection Officer of imperia systems ag must be involved in new projects from the outset and regularly reviews data security in accordance with the principles, objectives, and TOMs in Articles 1 to 3 of the GDPR.

10. Obligation to provide personal data

As part of our business relationship, you must provide the personal data necessary to establish and conduct a business relationship and fulfil the associated contractual obligations (you generally have no legal obligation to provide us with data). Without this data, we will not be able to enter or process a contract with you (or the entity or person you represent). The website cannot be used if certain information required to secure data traffic (such as your IP address) is not disclosed.

11. Your rights

You have the following rights in relation to our processing of personal data:

• Right to information about the personal data we have stored about you, the purpose of the processing, its origin, and the recipients or categories of recipients to whom the personal data is disclosed.
• Right to rectification if your data is incorrect or incomplete.
• Right to restriction of processing of your personal data.
• Right to request the deletion of processed personal data.
• Right to data portability.
• Right to object to data processing or to withdraw consent to the processing of personal data at any time without giving reasons.
• Right to lodge a complaint with a competent supervisory authority, where provided for by law.

To exercise these rights, please contact the address provided under section 1.

Please note, however, that we reserve the right to enforce the restrictions provided for by law, for example, if we are obligated to retain or process certain data, have an overriding interest in doing so (to the extent we are entitled to do so), or require it to assert claims. If you incur any costs, we will inform you in advance.

12. Changes to the Privacy Policy

We expressly reserve the right to change this Privacy Policy at any time.
 

imperia systems ag

Last updated: September 2025
This privacy policy replaces all previous privacy policies.