Privacy policy

1. who we are

Honold Treuhand AG is a fiduciary company based in Zurich that offers fiduciary and auditing functions, in particular the assumption of auditing mandates and other audits, as well as tax and general business consulting.

2. basics of data processing

This privacy policy describes how we process personal data, in particular which personal data we collect and for what purpose. It also regulates the transfer of data, the retention period and your rights.

Personal data (hereinafter also referred to as data) means all information relating to an identified or identifiable natural person. The term "data processing" is to be understood situationally and includes any handling of personal data, regardless of the means and procedures used, in particular the procurement, storage, use, modification, disclosure, archiving or destruction of data.

We collect and process personal data in order to fulfill our business tasks, within the legally and contractually regulated framework. The collection, processing and use of personal data are subject to the applicable Swiss [1] and, where applicable, European legal provisions [2].

We collect personal data in a transparent manner and in compliance with the principles of proportionality and purpose limitation. The data is only processed to the extent and for as long as necessary for our tasks and obligations.

3. purpose of the collection and processing of personal data

We process those personal data that are necessary to be able to guarantee our offer permanently, securely and reliably. This includes in particular.

• Handling and managing contractual relationships with customers, employees, suppliers, etc.;
• Maintaining contact and communication in connection with a service delivery;
• Operation of the website and authentication of registered users for certain areas of our website;
• Ensuring safety, meeting legal obligations, enforcing claims;
• Marketing actions and sending newsletters

4. what personal data do we process?

4.1 General contact and basic data

Depending on the purpose of the data processing, customer segment and service areas, we collect various types of personal data, including, under certain circumstances, personal data requiring special protection.

We process at least the following personal data from all contact, dialog and contract partners as well as customers:

• Name, first name, e-mail address and, if applicable, gender, address, telephone number, title, date of birth, nationality, profession, employer information, title, AHV number;
• E-mail and written correspondence (mail).

In addition, depending on the purpose of the data processing, customer segment and service area, we collect and process additional data in accordance with the descriptions in the following sections:

4.2 Data for the processing of mandates

We process the following personal data in order to provide and manage our mandates and to communicate with our clients:

• General contact and basic data according to section 4.1;

• For companies:

  • Legal form, share capital and paid-up capital, year of incorporation of the company, external auditors, domestic and foreign sales, annual sales achieved per area of activity, register no.;
  • Branches: Location of the branch, company name, address, telephone, internet, e-mail, correspondence language;
  • Information on the number of employees: departments, number of employees or persons responsible, full-time equivalents;
• Financial Information;

• Risk Assessment Data:

  • Debt Collection Register Extracts;

  • Management and control of the company:

    • Information on the natural persons/shareholders and members of the company management involved in the company: surname, first name, year of birth, nationality, function, share of votes, information on activity in the company;
    • Information on the companies and foundations involved in the company: Company name, registered office, area, degree of participation;
    • Contact person details: surname, first name, date of birth, e-mail and telephone number;
  • Information on the employment of responsible persons with third-party companies and, if applicable, name, first name, company, industry, function and degree of employment of the employment;
  • Information on shareholdings
• Payment information;

• Mandate data such as:

  • Statutes, minutes, contracts,
  • Employee data (salary, social security),
  • Accounting and tax information,
  • personal data requiring special protection [such as data on health, religion, receipt of social assistance, debt collection or bankruptcy].

These data are processed mainly in connection with services in the field of [audits, consulting, taxes, payroll processing or accounting]. These are mainly data of our customers. However, they may also concern third parties, such as employees, contacts or persons who have a (contractual) relationship with our customers. Our customers may therefore also refer to this data protection declaration, but must also take measures themselves to comply with data protection legislation.
‍
Data processing serves to execute and manage mandates, check creditworthiness, avoid conflicts of interest and check quality. It also fulfills legal and contractual requirements.

The data is usually communicated and provided directly by the clients. However, depending on the type and scope of the mandate, they may also originate from authorities, courts or third parties. Under certain circumstances, data may also be collected directly from the employer of the persons concerned.

4.3. data for mailings and newsletters

For the purpose of sending information about events, publications, etc. (marketing purposes) and for sending newsletters, we process the following personal data:

• General contact and basic data according to section 4.1;

This data is necessary for the provision of the service, for communication or for the maintenance of our customer base. In order to improve our services, information related to marketing, mailings, and newsletters will also be statistically analyzed. You can object to the use of your personal data for marketing purposes at any time or unsubscribe from receiving the newsletter.

4.4. data related to direct communication (telephone, e-mail or chat, online meetings, videoconferences and/or webinars, etc.)

The online meetings, video conferences and/or webinars we organize are conducted using Microsoft Teams. For direct communication via telephone, e-mail, collaboration solution or chat, we as well as our corresponding service providers may process the following personal data to the extent necessary:

• General contact and basic data according to section 4.1;
• Other personal data included in the e-mail communication;
• Communication data such as IP address, time and duration of communication;
• Recordings of video conference, if necessary;

We process this personal data to provide and improve our services to our customers and other interested third parties.

4.5. data about the personnel

The following data is processed for employee management:

• General contact and basic data according to section 4.1;
• Social security details/AHV no;
• Information about children;
• Information about the job within our company such as date of employment, function, salary, employment contract;
• Application information such as motivation letter, CV, references, diplomas, evaluation of interviews, assessments, reference information;
• Financial information and bank details;
• For employees subject to withholding tax: religious denomination, alien's identity card, details of other gainful employment, substitute income and partner information;
• Information on periodic appraisal interviews;
• Time and vacation recording;
• Information about illnesses, accidents, maternity or paternity leave, military or civil defense;
• Criminal and/or debt collection records;

Application documents that do not lead to employment are deleted/destroyed after completion of the application process, unless we receive consent to retain them.

The data is used for correct processing in human resources, fulfillment of the contractual relationship (employment contract) and is mainly submitted by employees.

4.6 Suppliers and other contractual partners

We process the following personal data of business partners who provide services or supplies to us:

• General contact and basic data according to section 4.1;
• Financial information such as bank details
• Information available in the contract (such as data on the responsible employees, consultants, information on the service provided, etc.);

We process this data in fulfillment of a contract and in application of the statutory retention periods of commercial and tax law. If our contractual partners have access to our personal data in fulfillment of their order [e.g. IT companies], we conclude a corresponding order processing contract with them.

4.7. operation, control and improvement of the website and other electronic channels

4.7.1 Server log files

Our website can be used without having to disclose extensive personal data. However, the server collects user information with each call. This information is temporarily stored in the server's log files. However, an assignment to a specific person does not take place. Log files contain the following information:

• Date, time of access and amount of data,
• the browser used and the operating system,
• the domain name of the provider,
• the page from which you came to our site (Referred URL),
• the search query,
• the IP address.

The collection of this data is technically necessary: The collected data serves the stability and security of the website and is used to analyze the use of the website and to improve it. They also enable a precise check in the event of suspicion of unlawful use of our website.

4.7.2 Cookies

Our websites use cookies and similar technologies. If the settings of your device allow it, we use cookies and similar tools to provide you with an optimal browsing experience on our websites.

Cookies are text files that are stored on your computer and allow an analysis of your use of the website. As such, they support the presentation of our website and help you navigate our website. Cookies collect data such as:

• the IP address,
• the website from which you are visiting us,
• the type of device you are using,
• how you use our search function (so-called search log),
• what actions you perform when you receive the newsletter.

It is also possible to visit our website without cookies. You can prevent the storage of cookies in the browser settings. However, this may have an impact on the usability of the website. Under no circumstances will cookies be used by us to install malware or spyware on your computer.

4.8. ensuring safety, fulfilling legal obligations, enforcing claims.

We may process the aforementioned personal data to ensure security and to enforce your rights, if necessary for this purpose, and may also forward it to third parties, such as courts or authorities, for this purpose.

5. data collection, retention period, security measures

5.1 Data acquisition

As a rule, we obtain the personal data mentioned in item 4 directly from you when you claim one of the benefits. [Under certain circumstances, data may also be collected directly from the employer of the persons concerned].

In the case of mandates, however, the data may also come from authorities, courts or third parties, depending on the type and scope of the mandate.

We also take publicly available information from the media and the Internet, insofar as this is appropriate in the specific case (e.g. in the context of an application, in the selection of lecturers and speakers), as well as data in connection with the use of the website (see section 4.8).

5.2 Retention period

We retain personal data for as long as it is needed for the purpose for which it was collected, or for a period for which we are obligated by applicable laws, regulations or contractual agreements, and for as long as we have an overriding interest in retaining it. After that, the data will be deleted.

5.3 Data security

We take appropriate technical and organizational security measures to protect personal data from unauthorized access and misuse. These include IT and network security solutions, access restrictions, encryption of data carriers and transmissions, instructions, training and controls.

Data is stored in the applications and software applications we use. The data is stored on servers in Switzerland.

If third parties have access to our data, special measures are taken, which are regulated in the order processing contract (see section 8).

6. social media channels

We refer to our respective social media channels by means of links. This is merely a static reference to the respective channel. When you connect to our social media channels, we receive information that is stored in your profile (contact information) and any information about profiles you have friended.

The purpose and scope of the data collection and the further processing of your data by the provider, as well as your rights in this regard and setting options for protecting your privacy, can be found in the privacy notices of the providers.

• LinkedIn Corporation: https://www.linkedin.com/legal/privacy-policy

7. third-party tracking technology and IT tools

7.1 Newsletter dispatch

The newsletters contain so-called "web-beacons", i.e. a pixel-sized file that is retrieved when the newsletter is opened. As part of this retrieval, technical information is initially collected, such as information about the browser and your system, as well as your IP address and the time of the retrieval.

This information is used to technically improve the services based on the technical data or the target groups and your reading behavior based on the retrieval locations (which can be determined using the IP address) or the access times. Statistical surveys also include determining whether newsletters are opened, when they are opened and which links are clicked. This information can be assigned to individual recipients for technical reasons. However, we only use this information to identify the reading habits of our users and to adapt the content in order to improve the newsletter.

The dispatch service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes. However, it does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties. We have concluded an order processing agreement with the dispatch service provider for the protection of personal data.

7.2 Use of plug-ins

7.2.1 LinkedIn plug-in

Our website uses functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited, Company Wilton Plaza, Wilton Place, Dublin 2, Ireland. Each time one of our pages containing functions of LinkedIn is accessed, a connection to the servers of LinkedIn is established. LinkedIn is informed that you have visited our web pages with your IP address. If you click the "Recommend Button" of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to our website to you and your user account. For more information, please see the privacy policy of LInkedIn.

8. data sharing and data transmission

We may disclose personal data to third parties if you have given your consent to do so or if this is necessary for the provision of the respective service or the fulfillment of the purpose of the contract or the protection of our legitimate interest or if we are legally obliged to do so.

The following categories of recipients may receive personal data from us:

• Service providers (e.g. IT service providers, hosting providers, suppliers, consultants, lawyers, insurance companies).
• Third parties within the scope of our legal or contractual obligations, authorities (such as namely the audit supervisory authority, tax authorities, etc.), state institutions, courts.

The third parties commissioned by us are contractually obligated to comply with data protection and to process the data only for the purpose specified by us.

The majority of our service providers are located in Switzerland or in the EU/EEA. Certain personal data may also be transferred to the USA (e.g. Google Analytics data). If a transfer of data to a country that does not have an adequate level of data protection is necessary, this will be done on the basis of standard contractual clauses (e.g. in the case of Google) or other suitable guarantees.

The information you provide to us may also be anonymized and passed on to third parties for statistical analysis purposes.

9. your rights

Any person may request information about the data processed about him or her, as well as about the origin, the recipient and the purpose of the data collection and data processing. In addition, you have the right to request the correction, blocking, deletion or transfer of your data.

Data that is retained due to legal regulations or is required for business processing cannot or may not be deleted. If data is not covered by a legal archiving obligation or our overriding interest in preserving it, we will delete your data at your request. If the archiving obligation applies, we will block your data.

In addition, you can assert your claims in court or file a complaint with the competent data protection authority.

10. final provisions

10.1 Responsible body and contact

We are responsible for data processing in accordance with this privacy policy unless otherwise regulated.

The data protection officer is Ms. Nadja Wäfler.

General inquiries regarding data protection can be sent to us by mail or e-mail (Honold Treuhand AG, Sempacherstrasse 15, 8032 Zurich.

For questions regarding a specific person, requests for correction or a request for deletion, a copy of the user's ID or passport must also be enclosed for identification purposes.

10.2 Adjustments to the privacy policy

We may change our Privacy Policy at any time by posting it on the Site. This Privacy Policy was last updated on August 28, 2023.