PRIVACY

DATA PROTECTION

​

1.            What is this privacy policy about?

​

Proxy Voting Services GmbH (the “Company”, hereinafter also “we”, “us”), based in Zurich, offers services in connection with independent voting rights representation. As part of our business activities, we obtain and process personal data, in particular personal data about our customers, companies involved and their shareholders, associated persons, visitors to our website, participants in events, recipients of newsletters and other entities or their contact persons and employees (hereinafter also referred to as: "She"). In this data protection declaration we provide information about this data processing. In addition to this data protection declaration, we can inform you separately about the processing of your data (e.g. in the case of forms or contractual conditions).

If you provide us with information about other people (e.g. family members, representatives, counterparties or other related persons), we will assume that you are authorized to do so, that the information is accurate and that you have ensured that these individuals are aware of this disclosure, to the extent that a legal obligation to provide information applies (e.g. by having been made aware of this data protection declaration in advance).

​

2.            Who is responsible for processing your data?

​

The following is responsible under data protection law for the processing described in this data protection declaration:

The data protection officer of the 

Proxy Voting Services GmbH

Grossmünsterplatz 1

CH-8001 Zurich

Email: office@proxyvotingservices.ch

​

3.            For what purposes do we process which of your data?

​

If you use our services, use www.proxyvotingservices.ch (hereinafter “website”), or otherwise deal with us, we obtain and process various categories of your personal data. In principle, we can obtain and otherwise process this data for the following purposes in particular:

Communication: We process personal data so that we can communicate with you and with third parties, via email, telephone, letter or otherwise (e.g. for voting rights, preparing meetings, answering inquiries, as part of advice and representation as well as contract initiation or - completion). This also includes the fact that we can send our customers, contractual partners and other interested persons information about events, changes in the law, news about our company or similar. This can take place, for example, in the form of newsletters and other regular contacts (electronically, by post, by telephone). You can reject such communications or refuse or revoke your consent to such communications at any time. For this purpose, we process in particular the content of the communication, your contact details and the peripheral data of the communication, but also image and audio recordings of (video) telephone calls. In the case of an audio or video recording, we will inform you separately and you are free to inform us if you do not want to be recorded or if you want to end the communication. If we need or want to verify your identity, we collect additional data (e.g. a copy of an ID card).

Initiation and conclusion of contracts: With regard to the conclusion of a contract, in particular a contract to establish an attorney-client relationship, with you or your client or employer, which also includes the clarification of any conflicts of interest, we may in particular use your name, contact details, declarations of consent, Obtain and otherwise process information about third parties (e.g. contact persons, details of the shareholders), contract contents, closing date, as well as all other data that you provide to us or that we collect from public sources or from third parties (e.g. commercial registers, credit reporting agencies, sanctions lists, media or from the Internet).

Management and processing of contracts: We obtain and process personal data so that we can comply with our contractual obligations towards our customers and other contractual partners (e.g. suppliers, service providers, project partners) and, in particular, provide and demand the contractual services. This also includes data processing for mandate management as well as data processing for enforcing our mandate (voting rights representation, etc.), accounting and public communication (if permitted). For this purpose, we process in particular the data that we received or collected as part of the initiation, conclusion and processing of the contract as well as data that we create as part of our contractual services or that we obtain from public sources or from other third parties (e.g. authorities, information services, media or the Internet). This data may include, in particular, minutes of conversations and consultations, notes, internal and external correspondence, contract documents, background information about you or other people as well as other information, proof of performance, invoices and financial and payment information.

Operation of our website: In order to operate our website securely and stably, we collect technical data, such as IP address, information about the operating system and settings of your device, the region, time and type of use. We also use cookies and similar technologies. For further information see section 7.

Improving our electronic offerings: In order to continually improve our website, we collect data about your behavior and preferences, for example by analyzing how you navigate through our website and how you interact with our social media profiles.

Registration: In order to use certain offers and services (e.g. free WiFi, newsletter), you must register (directly with us or via our external login service providers). For this purpose, we process the data provided during the respective registration. We may also collect personal data about you while using the offer or service; If necessary, we will provide you with further information about the processing of this data.

Security purposes and access controls: We obtain and process personal data to ensure and continually improve the appropriate security of our IT and our other infrastructure (e.g. buildings). This includes, for example, monitoring and controlling electronic access to our IT systems as well as physical access to our premises, analyzes and tests of our IT infrastructures, system and error checks and the creation of backup copies.

Compliance with laws, instructions and recommendations from authorities and internal regulations ("Compliance"): We obtain and process personal data to comply with applicable laws, self-regulations, certifications, industry standards, and our "Corporate Governance". 

Risk management and corporate governance: We obtain and process personal data as part of risk management (e.g. to protect against criminal activities) and corporate governance. This includes, among other things, our operational organization (e.g. resource planning).

Other two>Where does the data come from?

From you: You (or your device) provide the majority of the data we process to us (e.g. in connection with our services, the use of our website and apps, or communication with us). 

From third parties: We may also collect data from publicly accessible sources (e.g. commercial registers, media or the Internet including social media) or receive them from (i) your employer or client, who either has a business relationship with us or otherwise has done, as well as (ii) other third parties (e.g. shareholders, associations, contractual partners). This includes in particular the data that we process in the context of initiating, concluding and processing contracts as well as data from correspondence and discussions with third parties, but also all other categories of data in accordance with this section.  

​

4.            Who do we share your data with?

​

In connection with the purposes listed in section 3, we transmit your personal data in particular to the categories of recipients below. If necessary, we will obtain your consent. 

• Service providers: We work with service providers at home and abroad who (i) process data that they have received from us or collected for us (i) on our behalf, (ii) under joint responsibility with us or (iii) under their own responsibility. These service providers include, for example, IT providers, banks, insurance companies, share registers and similar and other service companies). We usually enter into contracts with these third parties regarding the use and protection of personal data.

• Customers and other contractual partners: This initially refers to our customers and other contractual partners for whom the transfer of your data results from the contract (e.g. because you work for a contractual partner or they provide services for you). The recipients generally process the data under their own responsibility.

• Persons involved: If this is necessary for the fulfillment of our contractual obligations, in particular for the management of the mandate, we will also pass on your personal data to other persons involved.

All of these categories of recipients may in turn involve third parties so that your data can also become accessible to them. We can restrict processing by certain third parties (e.g. IT providers), but not that of other third parties (e.g. authorities, banks, etc.).

​

5.            Does your personal data also go abroad?

​

We process and store personal data primarily in Switzerland and the European Economic Area (EEA), depending on the case - for example via sub-processors of our service providers - but potentially in any country in the world. As part of our work for customers, your personal data can also reach any country in the world.

If a recipient is located in a country without adequate data protection, we contractually oblige the recipient to comply with an adequate level of data protection (for this purpose we use the revised standard contractual clauses of the European Commission, including the additions necessary for Switzerland), unless they already comply with a legally recognized set of rules Ensuring data protection is subject to. We can also disclose personal data to a country without adequate data protection without entering into a contract of our own if we can rely on an exception provision to do so. An exception can be made in particular in cases of overriding public interests or if the execution of a contract that is in your interest requires such disclosure, if you have consented, or if it concerns data that you have made generally accessible and that you are processing have not contradicted. We may also rely on the exception for data from a legally required register (e.g. commercial register) into which we have legitimately been given access. 

​

6.            What rights do you have?

​

You have certain rights in connection with our data processing. In accordance with applicable law, you can in particular request information about the processing of your personal data, have incorrect personal data corrected, request the deletion of personal data, object to data processing, request the release of certain personal data in a common electronic format or its transfer to other responsible persons. 

If you want to exercise your rights against us, please contact us; Our contact details can be found in section 2. In order for us to rule out misuse, we must identify you (e.g. with a copy of your ID, if necessary). 

Please note that conditions, exceptions or restrictions apply to these rights (e.g. to protect third parties or trade secrets or due to our professional duty of confidentiality). We reserve the right to black out copies or only provide extracts for data protection reasons or reasons of confidentiality.

​

7.            How do our website and other digital services use cookies, similar technologies and social media plug-ins?

​

When you use our website (including newsletters and other digital offerings), data is generated that is stored in logs (particularly technical data). We can also use cookies and similar techniques (e.g. pixel tags or fingerprints) to recognize website visitors, evaluate their behavior and recognize preferences. A cookie is a small file that is transmitted between the server and your system and allows a specific device or browser to be recognized. 

You can set your browser to automatically reject, accept or delete cookies. You can also deactivate or delete cookies in individual cases. You can find out how to manage cookies in your browser in the help menu of your browser.

Both the technical data and cookies we collect generally do not contain any personal data. 

​

8.            What else needs to be taken into account?

​

We do not assume that the EU General Data Protection Regulation (“GDPR”) applies in our case. However, if this is the case in exceptional cases for certain data processing, then this section 9 also applies exclusively for the purposes of the GDPR and the data processing subject to it.

We base the processing of your personal data on the fact that 

• it is necessary, as described in section 3, for the initiation and conclusion of contracts and their administration and enforcement (Art. 6 para. 1 lit. b GDPR; 

• it is necessary to protect the legitimate interests of us or third parties as described in Section 3, namely for communication with you or third parties, to operate our website, to improve our electronic offers and to register for certain offers and services Security purposes, for compliance with Swiss law and internal regulations for our risk management and corporate governance and for other purposes such as training and education, administration, evidence and quality assurance, organization, implementation and follow-up of events and to protect other legitimate interests (see section 3) (Art. 6 para. 1 lit. f GDPR);

• it is required or permitted by law due to our mandate or our position under the law of the EEA or a member state (Art. 6 Para. 1 lit. c GDPR) or is necessary to protect your vital interests or those of other natural persons ( Art. 6 Paragraph 1 Letter d GDPR); 

• You have consented to the processing separately, for example via a corresponding declaration on our website (Art. 6 Para. 1 lit. a and Art. 9 Para. 2 lit. a GDPR).

We would like to point out that we generally process your data for as long as our processing purposes (see Section 3), the legal retention periods and our legitimate interests, in particular for documentation and evidence purposes, require it or for technical reasons (e.g. in the case of backups or document management systems). If there are no legal or contractual obligations or technical reasons to the contrary, we will generally delete or anonymize your data after the storage or processing period has expired as part of our usual processes and in accordance with our retention policy.

If you do not provide certain personal data, this may mean that it is not possible to provide the related services or conclude a contract. We generally indicate where the personal data we request is mandatory.

The right to object to the processing of your data as set out in Section 6 applies in particular to data processing for the purpose of direct marketing.

If you do not agree with our handling of your rights or data protection, please let us know (see contact details in section 2). If you are in the EEA, you also have the right to complain to your country's data protection supervisory authority. A list of authorities in the EEA can be found here: https://edpb.europa.eu/about-edpb/board/members_de.

​

9.            Can this privacy policy be changed?

​

This privacy policy does not form part of a contract with you. We can adapt this data protection declaration at any time. The version published on this website is the current version.

​

10.            Questions or feedback?

​

Please send us your feedback or questions regarding data protection to office@proxyvotingservices.ch.

​​

​

In September 2023.