MOORE Zürich Privacy Policy
In this Privacy Policy, we describe how MOORE Zürich AG (hereinafter “MOORE”, “we” or “us”) collects and processes personal data. This Privacy Policy is not an exhaustive description; other privacy-related statements may govern specific matters. For the purposes of this Privacy Policy, personal data means any information relating to an identified or identifiable individual.
1. Data controller and contact information
The data controller responsible for the data processing described here is MOORE Zürich AG, unless otherwise stated in specific cases. Enquiries regarding data protection can be sent to us by letter or email together with a copy of the user’s ID card or passport for identification purposes: MOORE Zürich AG, Europa-Strasse 18, 8152 Glattbrugg, Switzerland, Tel: +41 44 828 18 18, info@moore-zurich.com
2. Collection and processing of personal data
We primarily process personal data in the following categories:
- Customer data from clients for whom we provide or have provided services.
- Personal data that we have received indirectly from our clients in the course of providing our services.
- Personal data that we receive when you visit our website.
- Personal data that we receive when you interact with our newsletter.
- Personal data that we receive when you participate in an event organised by us.
- Personal data associated with our communications or company visits.
- Personal data relating to other contractual relationships, e.g. with suppliers, service providers or consultants.
- Personal data that we receive via job applications.
- Personal data that we are required to process for legal or regulatory reasons.
- Personal data that we receive when carrying out our due diligence or on the basis of our other legitimate interests; for example, in order to avoid conflicts of interest, prevent money laundering or other risks, ensure the accuracy of data, perform credit checks, ensure security or enforce our rights.
More detailed information can be found in the description of the respective processing categories in section 5.
3. Categories of personal data
The type of personal data we process depends on your relationship to us and the purpose for which we process it. In addition to your contact details, we also process other information concerning you or people with a relationship to you. Under certain circumstances, this information may include particularly sensitive personal data.
Depending on the purpose for which we process it, we collect the following categories of personal data:
- Contact information (e.g. surname, first name, address, telephone number, email address)
- Customer information (e.g. date of birth, nationality, marital status, profession, title, job title, passport / ID number, OASI number, religious affiliation)
- Risk assessment data (e.g. credit reports, commercial register data)
- Financial information (e.g. bank details)
- Client data, depending on the assignment (e.g. tax information, articles of association, minutes, projects, contracts, employee data (e.g. salary, social security), accounting data, beneficiaries, ownership structure)
- Website data (e.g. IP address, device information (UDI), browser information, website usage (analysis and use of plugins, etc.)
- Applicant data (e.g. CV, references)
- Marketing information (e.g. newsletter registration)
- Security and network data (e.g. visitor lists, access controls, network and email scanners, telephone call lists)
To the extent permitted, we also collect specific data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, press, internet) or receive such data from our clients and their employees, authorities, (arbitration) courts and other third parties. In addition to the data concerning you that you submit to us directly, the categories of personal data that we receive about you from third parties include, in particular, information from public registers, information that we acquire in the context of official and legal proceedings, information linked to your professional roles and activities (e.g. so that we can conclude transactions with your employer with your help), information about you recorded in correspondence and meetings with third parties, credit reports, information we receive from people close to you (family members, advisors, legal representatives, etc.) in order to conclude or process contracts with you or involving you (e.g. references, your address for deliveries, powers of attorney, etc.), information on compliance with statutory requirements such as anti-money laundering and export restrictions, information from banks, insurance companies, distributors and our other contractual partners pertaining to the use or provision of services by you (e.g. payments made, purchases made), information about you found in the media and on the internet (insofar as this is indicated in the specific case, e.g. in the context of a job application, etc.), your addresses and, if applicable, interests and other socio-demographic data (for marketing purposes), data linked to your use of the website (e.g. IP address, MAC address of the smartphone or computer, details of your device and settings, cookies, date and time of the visit, pages and content accessed, features used, referring website, location details).
4. Purpose of the data processing and its legal basis
4.1. Provision of services
We primarily process the personal data that we receive from our clients within the scope of our client relationships as well as data linked to other contractual relationships with our clients’ business partners and other participants.
In particular, our clients’ personal data includes the following information:
- Contact information (e.g. surname, first name, address, telephone number, email address, other contact details)
- Personal information (e.g. date of birth, nationality, marital status, profession, title, job title, passport / ID number, OASI number, family circumstances, religious affiliation, etc.)
- Risk assessment data (e.g. credit reports, commercial register data, sanctions lists, specialist databases, data from the internet)
- Financial information (e.g. bank details, investments or shareholdings)
- Client data, depending on the assignment, e.g. tax information, articles of association, minutes, employee data (e.g. salary, social security), accounting data, etc.
- Sensitive personal data: this personal data may also include sensitive personal information, such as data relating to health, religious beliefs or social benefits, particularly if we provide payroll processing, accounting or tax services
We process this personal data for the purposes described above on the following legal grounds:
- To conclude or execute a contract with – and/or for the benefit of – the data subject, including contract initiation and possibly implementation (e.g. consultancy, fiduciary services)
- To safeguard legitimate interests, (e.g. for administrative purposes, improve the quality of our services, ensure safety, manage risk, enforce our rights, defend ourselves against claims or to check for possible conflicts of interest).
- Consent
4.2. Indirect data processing resulting from the provision of services
When we perform services for our clients, we may also process personal data that we have not collected directly from the data subjects, as well as personal data from third parties. These third parties are usually employees, contacts, family members or individuals who have some kind of relationship with the clients or data subjects for other reasons. We require this personal data in order to execute our contracts with our clients. We receive this personal data from our clients or from third parties commissioned by our clients. Third parties whose data we process for this purpose are informed of this fact by our clients. Our clients can refer to this Privacy Policy for this purpose.
The personal data we collect about individuals who have a relationship with our clients includes the following information:
- Contact information (e.g. surname, first name, address, telephone number, email address, other contact details, marketing data)
- Personal information (e.g. date of birth, nationality, marital status, profession, title, job title, passport / ID number, OASI number, family circumstances, religious affiliation, etc.)
- Financial information (e.g. bank details, investments or shareholdings)
- Client data, depending on the assignment, e.g. tax information, articles of association, minutes, employee data (e.g. salary, social security), accounting data
- Sensitive personal data: this personal data may also include sensitive personal information, such as data relating to health, religious beliefs or social benefits, particularly if we provide payroll processing, accounting or tax services
We process this personal data for the purposes described above on the following legal grounds:
- To conclude or execute a contract with – and/or for the benefit of – the data subject (e.g. when we fulfil our contractual obligations)
- To fulfil a legal obligation (e.g. if we perform our duties as auditors or are obliged to disclose certain information)
- To safeguard legitimate interests, in particular our interest in providing the best possible service for our clients
4.3. Use of our website
It is not necessary to disclose personal data in order to use our website. However, the server collects a series of user information during each visit, which is temporarily stored in the server’s log files.
We do not use this information to identify specific users. The collection of this information or data is necessary for technical reasons in order to display our website and to ensure its stability and security. We also collect this data to improve our website and analyse its usage.
In particular, we collect the following information:
- Contact information (e.g. surname, first name, address, telephone number, email address)
- Other information that you submit to us via the website
- Technical information automatically transmitted to us or our service providers, information on user behaviour or website settings (e.g. IP address, UDI, device type, browser, number of clicks on the page, opening of the newsletter, clicks on links, etc.)
We process this personal data for the purposes described above on the following legal grounds:
- To safeguard legitimate interests, (e.g. for administrative purposes in order to improve the quality of our services, analyse data or advertise our services)
- To obtain consent (e.g. to the use of cookies or receipt of our newsletter)
4.4. Newsletter usage
If you subscribe to our newsletter, we will use your email address and other contact details to send you our newsletter. You can subscribe to our newsletter by giving us your consent to receive it. To send you our newsletter, we require your full name and your email address, which we will continue to store after your registration is complete. The legal basis for the processing of your data in connection with our newsletter is your consent to receive the newsletter. You can revoke this and unsubscribe from the newsletter at any time.
4.5. Direct communication and visits
Each time you contact us (e.g. via telephone, email or chat) or if we contact you, we process the personal data required for this purpose. We also process this personal data when you visit us. In this case, you may need to provide your contact details before your visit or while at reception. We store this data for a certain period in order to protect our infrastructure and information.
We use the services “Microsoft Teams” and “Zoom” to conduct telephone conferences, online meetings, video conferences and/or webinars (“online meetings”).
We primarily process the following information in this context:
- Contact information (e.g. surname, first name, address, telephone number, email address)
- Peripheral communication data (e.g. IP address, duration of communication, communication channel)
- Recordings of conversations, e.g. during video conferences
- Other information uploaded, provided or created by the user during use of the videoconferencing service and metadata used for maintenance of the provided service. Additional information about the processing of personal data via Microsoft Teams and Zoom can be found in the privacy policies for these services
- Personal information (e.g. profession, role, title, employer)
- Time and reason for the visit
We process this personal data for the purposes described above on the following legal grounds:
- To fulfil a contractual obligation vis-a-vis the data subject or for the benefit of the data subject, including contract initiation and possibly implementation (provision of a service)
- To safeguard legitimate interests (e.g. security, traceability, processing and administration of customer relationships)
4.6. Job applications
You can submit your application for a job at our company by post or via the email address provided on our website. Your application documents and all personal data disclosed to us in this way will be treated as strictly confidential, will not be disclosed to any third party and will only be processed for the purpose of processing your application for employment with us. Unless you give your consent for us to do otherwise, your application file will either be returned to you or deleted/destroyed after the application process has been completed, unless it is subject to a statutory retention obligation. The legal basis for the processing of your data is your consent, the fulfilment of our contract with you and our legitimate interests.
We primarily process the following information in this context:
- Contact information (e.g. surname, first name, address, telephone number, email address)
- Personal information (e.g. profession, role, title, employer)
- Application documents (e.g. letter of motivation, certificates, diplomas, CV)
- Evaluation information (e.g. evaluations by personnel consultants, reference information, assessments)
We process this personal data for the purposes described above on the following legal grounds:
- To safeguard our legitimate interests (e.g. hiring new employees)
- Consent
4.7. Suppliers, service providers, other contractual partners
If we enter into a contract with you to provide a service for us, we will process personal data about you or your employees. We require this data in order to communicate with you and to utilise your services. We may also process this personal data to ensure that we do not unintentionally expose ourselves to any risks via the business relationship, e.g. with regard to money laundering or sanctions.
We primarily process the following information in this context:
- Contact information (e.g. surname, first name, address, telephone number, email address)
- Personal information (e.g. profession, role, title, employer)
- Financial information (e.g. bank details)
We process this personal data for the purposes described above on the following legal grounds:
- To conclude or execute a contract with – and/or for the benefit of – the data subject, including contract initiation and possibly implementation
- To safeguard our legitimate interests (e.g. to avoid conflicts of interest, protect the company or enforce legal claims)
5. Tracking technologies
We use cookies on our website. Cookies are small files that your browser automatically creates and are stored on your end device (laptop, tablet, smartphone or similar) when you visit our website.
The cookies we use contain information related to the user’s specific end device. However, this does not mean that these cookies can be used to identify you. We use cookies to make your visit to our website more pleasant. To this end, we use so-called session cookies to determine whether you have previously visited specific pages on our website. These cookies are automatically deleted after you leave our site.
In addition, we also use temporary cookies to increase the user-friendliness of our website. These cookies are stored on your end device for a specified period. If you visit our site again in order to use our services, these cookies enable us to automatically recognise your device, including your previously entered data and selected settings so that you do not need to repeat these steps. We also use cookies to record and evaluate statistics relating to your use of our website for the purpose of optimising our website for you. These cookies enable us to automatically recognise that you are a returning visitor when you next visit our website. These cookies are automatically deleted after a defined period.
The data processed by means of the cookies is required for the aforementioned purposes. Most browsers automatically accept cookies. However, you can configure your browser to prevent the storage of cookies on your computer or to always alert you before a new cookie is stored. If you completely block the storage of cookies, however, you may not be able to use all the features of our website.
Consent with Borlabs Cookie
Our website uses the Borlabs consent technology to obtain your consent to the storage of certain cookies in your browser or for the use of certain technologies and for their data privacy protection compliant documentation. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs).
Whenever you visit our website, a Borlabs cookie will be stored in your browser, which archives any declarations or revocations of consent you have entered. These data are not shared with the provider of the Borlabs technology.
The recorded data shall remain archived until you ask us to eradicate them, delete the Borlabs cookie on your own or the purpose of storing the data no longer exists. This shall be without prejudice to any retention obligations mandated by law. To review the details of Borlabs’ data processing policies, please visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/
We use the Borlabs cookie consent technology to obtain the declarations of consent mandated by law for the use of cookies.
6. Web and newsletter analytics
In order to obtain information about your use of our website, improve our online services and enable us to serve you with advertising on third-party websites or on social media, we use the following web analysis tools and re-targeting technologies: Sendinblue (newsletter).
These tools are provided by third parties. As a rule, the information relating to the use of a website that is collected for this purpose is transmitted to the third-party provider’s server by means of cookies or similar technologies. Depending on the third-party provider, the servers in question may be located abroad.
Before transmission of the data, the IP addresses are normally truncated to prevent the identification of individual end devices. The third-party providers will only share this data with other recipients due to statutory provisions or in the context of contract data processing.
6.1. Social media plugins
Social media plugins (“plugins”) from third-party providers are used on our website. These plugins can be identified via the logo of the corresponding social network. We use these plugins to enable you to interact with the respective social networks as well as other users. We use the following plugins on our website: LinkedIn
When you visit our website, your browser establishes a direct connection to the third-party provider’s servers. The content of the plugin (e.g. from Linkedin) is transmitted directly to your browser by the corresponding third-party provider and integrated into the web page.
The data transfer for the purpose of displaying content (e.g. publications on Linkedin) takes place regardless of whether you have an account with the third-party provider and are logged in to its network. If you are logged in to the third-party provider’s network, your data that we collect will also be directly assigned to your account with the third-party provider. If you enable the plugins, the information will also be published on the respective social networks where it will be visible to your contacts. Information about the purpose and scope of the data collection, its further processing and the use of the data by the third-party providers, as well as your rights in this regard and the optional settings to protect your privacy, can be found in the privacy policies of the respective third-party providers. The third-party providers store the data collected about you as usage profiles and use this data for the purposes of advertising, market research and/or designing their websites to meet your needs. Even if you are not logged in to the corresponding social network, this data is evaluated in order to serve you with tailored advertising and to inform other users of the social network about your activities on our website. If you wish to prevent the third-party providers from assigning the data collected via our website to your personal profile on the respective social networks, you must log out of the social networks in question before visiting our website. You can also completely block the use of these plugins via special add-ons for your browser such as “Ghostery” (https://www.ghostery.com/) or “NoScript” (http://noscript.net/).
6.2. Newsletter tracking
We use the software “Sendinblue” to distribute our newsletters. The provider is Sendinblue GmbH, Köpenicker Strasse 126, 10179 Berlin, Germany. This software makes it possible to distribute and analyse newsletters. Sendinblue is a service that can be used, among other things, to organise and analyse the distribution of newsletters. The data you enter for the purpose of receiving our newsletter will be stored on Sendinblue’s servers in Germany.
If you do not want your data to be analysed by Sendinblue, you must unsubscribe from the newsletter. We provide a link in every newsletter-related message for this purpose. Furthermore, you can also unsubscribe from the newsletter directly on our website.
With the help of Sendinblue, we are able to analyse our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links, if any, have been clicked. We can thus determine, among other things, which links have been clicked on the most frequently.
Sendinblue also allows us to subdivide (“cluster”) the newsletter recipients into different categories. For example, the newsletter recipients can be categorised according to their age, sex/gender or place of residence. In this way, the newsletters can be tailored more effectively to the respective target groups.
7. Data sharing and data transmission
We only disclose your data to third parties if this is necessary to provide our service, if these third parties provide a service for us, if we are obliged to do so by law or by the authorities, or if we have an overriding interest in doing so. We will also share your personal data with third parties on the basis of your consent or if you have asked us to do so.
Not all personal data is transmitted in an encrypted format by default. Unless explicitly agreed otherwise with the client, accounting data, salary administration data, salary statements and wage statements are transmitted in an unencrypted format.
The following categories of recipients may receive personal data from us:
- Service providers (e.g. IT service providers, hosting providers, suppliers, consultants, lawyers, insurance companies)
- Third parties within the scope of our legal or contractual obligations, authorities, state institutions, courts
We conclude contracts with service providers that process personal data on our behalf in order to oblige them to maintain an adequate level of data protection. The majority of our service providers are located in Switzerland or in the EU / EEA. Some personal data may also be transferred to the USA (e.g. Google Analytics data) or, in exceptional cases, to other countries worldwide. If it is necessary to transfer data to other countries that lack an adequate level of data protection, such transfers are based on the EU standard contractual clauses (e.g. in the case of Google) or other suitable instruments.
8. Storage duration for personal data
We process and store your personal data until it is no longer needed to meet our contractual and legal obligations or for the purposes pursued via the processing; e.g. for the entire duration of the business relationship (from the initiation and processing of the contract until its termination) – and possibly beyond this in accordance with the statutory retention and documentation obligations. In this context, it is possible that we will store your personal data for the period during which claims may be asserted against our company (i.e. in particular during the statutory limitation period) and to the extent that we are otherwise legally obliged to store it or that its storage is necessary due to our legitimate business interests (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as far as possible. Operational data (e.g. system log files, logs) is in principle subject to shorter retention periods of twelve months or less.
9. Data security
We implement appropriate technical and organisational security measures to protect your personal data from unauthorised access and misuse, e.g. by means of instructions, training, IT and network security solutions, access controls and restrictions, encryption of data media and transmissions, pseudonymisation and controls.
10. Obligation to provide personal data
In the context of our business relationship, you must provide the personal data required for the establishment and implementation of a business relationship and for fulfilment of the associated contractual obligations (as a general rule you are under no legal obligation to disclose your data to us). Without this data we will not be able to enter into or perform a contract with you (or the entity or person you represent). Also, you will not be able to use our website without disclosing certain information that is necessary to ensure secure data traffic (such as your IP address).
11. Your rights
You have the following rights in relation to our processing of your personal data:
- The right to obtain information about your personal data which is stored by us, the purpose of the processing, the origin of the data and the recipients or categories of recipients with whom your personal data is shared
- The right to have your data corrected if it is incorrect or incomplete
- The right to restrict the processing of your personal data
- The right to request that we delete the personal data concerning you that we are processing
- The right to ensure data portability
- The right to object to the data processing or to withdraw your consent to the processing of your personal data at any time without giving reasons
- The right to appeal to a competent supervisory authority, insofar as this right is prescribed by law
To exercise these rights, please contact us at the address provided in section 1.
Please note, however, that we reserve the right to limit your rights as the data subject to the legally permissible extent; for example, if we are obliged to retain or process certain data, have an overriding interest in doing so (to the extent that we may invoke such an interest) or if we need your data to assert our own claims. In the event that this will result in any costs for you, we will inform you of this in advance.
12. Changes to this Privacy Policy
We expressly reserve the right to amend this Privacy Policy at any time.
Most recent changes: August 2023