Privacy Policy

Privacy policy 

In this privacy policy, we (LEXcellence AG, hereinafter also referred to as ‘we’, ‘us’) explain how we collect and process personal data. This is not an exhaustive explanation of our data processing. It is possible that other data protection declarations or general terms and conditions and similar documents regulate specific matters.

Personal data means any information relating to an identified or identifiable person. 

This privacy policy is designed to meet the requirements of the EU General Data Protection Regulation (‘GDPR’) and the Swiss Data Protection Act (‘DPA’). Whether and to what extent these laws are applicable depends on the individual case.

1. Controller / data protection officer / representative 

LEXcellence AG is responsible for the data processing described here. If you have any data protection concerns, you can send them to us at the following contact address: 

Mühlegasse 18

CH – 6340 Baar

info@lexcellence.swiss

2. Collection and processing of personal data 

We primarily process the personal data that we receive from our customers and other business partners in the course of our business relationship with them and other persons involved or that we collect from their users when operating our websites, applications and other applications. 

We may process various categories of personal data about you. This includes in particular the following:

– Master data: This includes all information that we require in addition to the contract data (see below) for the processing of our contractual or other business relationships or for marketing and advertising purposes. In particular, this includes contact and identification data (e.g. surname, first name, address, e-mail address, telephone number, customer number, copy or number of official ID if applicable), personal details (e.g. age, gender, nationality, language).   

– Communication data: If you contact us via the contact form, e-mail, telephone, chat or other means of communication, we collect the information exchanged between you and us, including your contact details and marginal data of the communication. 

– Contract data: This includes information that we process in connection with the conclusion or processing of a contract, such as details of specific cases, billing information, etc. 

– Behavioural and preference data: Depending on the relationship we have with you, we try to get to know you and better tailor our products, services and offers to you. To do this, we collect and use information about your behaviour and preferences. We do this by evaluating information about your behaviour in our area, and we may also supplement this information with data from third parties, including from publicly accessible sources. The analysis in our area includes, for example, how and how often you use our services. 

– Website data: This includes certain information that is generated in connection with visits to our websites. In particular, this may include your online identifiers (e.g. cookie identifiers, IP addresses).

Normally, you provide us with the data listed above yourself. Under certain circumstances, we also take data from public sources (e.g. public registers, media, Internet) or receive it from third parties. These may be the following third parties, for example:

– People from your environment (e.g. for powers of attorney, referral programme, customer care programme)

– Banks or other contractual partners (e.g. for the processing of payments)

– Identification and verification centres (e.g. for KYC checks)

– Online service providers (e.g. analysis services)

– Authorities (e.g. in connection with legal proceedings) 

If you transmit or disclose data about other persons, such as family members, work colleagues, etc., we assume that you are authorised to do so and that this data is correct. By transmitting data about third parties, you confirm this. 

3. Purposes of data processing and legal basis

When using our services or other contact options, we process personal data of you and other persons, insofar as we are permitted to do so and deem it appropriate, also for the following purposes, in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose: 

– Initiation and conclusion of contracts (KYC information, powers of attorney, declarations of consent, family details, counterparties and others)

– Offering and further developing our products, services and websites

– Communication with third parties and processing their enquiries (e.g. applications, media enquiries, parties to proceedings, courts or authorities)

– Advertising and marketing (including the organisation of events), provided you have not objected to the use of your data; 

– Assertion of legal claims and defence in connection with legal disputes and official proceedings; 

– Prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analyses to combat fraud); 

– Ensuring our operations, in particular IT, our websites, apps and other platforms; 

If you have given us your consent to process your personal data for specific purposes (for example, when you register to receive newsletters or carry out a background check), we will process your personal data within the scope of and based on this consent, unless we have another legal basis and require one. Consent that has been granted can be revoked at any time, but this has no effect on data processing that has already taken place.

4. Cookies / tracking and other technologies in connection with the use of our website 

4.1 Cookies

We typically use ‘cookies’ and similar technologies on our websites to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our website. This enables us to recognise you when you return to this website, even if we do not know who you are. 

In addition to cookies that are only used during a session and are deleted after your visit to the website (‘session cookies’), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) (‘persistent cookies’). However, you can set your browser so that it rejects cookies, only stores them for one session or otherwise deletes them prematurely. Most browsers are preset to accept cookies. On the following pages you will find explanations on how you can configure the processing of cookies in the most common browsers.

• Mozilla Firefox
• Google Chrome for desktop
• Google Chrome for Mobile
• Apple Safari for Desktop
• Apple Safari for Mobile

We use permanent cookies so that you can save user settings (e.g. language). If you block cookies completely or partially, certain functionalities (e.g. language selection) may no longer work. 

4.2 Newsletter

In some of our newsletters and other marketing emails, we also include visible and invisible image elements, where permitted, which we can retrieve from our servers to determine whether and when you have opened the email so that we can measure and better understand how you use our offers and tailor them to you. You can block this in your email programme; most are preset to do this.

By using our websites and consenting to receive newsletters and other marketing emails, you agree to the use of these techniques. If you do not want this, you must set your browser or e-mail programme accordingly. 

4.3 User recording

We use analysis tools on our websites to record website usage in aggregated form. We have configured the service in such a way that it is not possible to identify the user, but we can check the use of our websites and improve our offering. We operate the analysis tool ourselves and do not share the information with third parties.

5. Data disclosure and data transfer abroad 

As part of our business activities and for the purposes set out in section 3, we also disclose data to third parties to the extent permitted and deemed appropriate, either because they process it for us or because they wish to use it for their own purposes. This applies in particular to the following parties:

• Service providers of ours (external, such as banks, insurance companies), including contract processors (such as IT providers); 

• Subcontractors and other business partners; 

•  domestic and foreign authorities, official bodies or courts; 

• the public, including visitors to websites and social media; 

• other parties involved in possible or actual legal proceedings; 

all recipients collectively. 

These recipients are partly domestic, but can be anywhere in the world. In particular, you should expect your data to be transferred to all countries where our service providers are located. 

If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with the applicable data protection (we use the current standard contractual clauses of the European Commission with the necessary additions for the DPA, unless the recipient is already subject to a legally recognised set of rules to ensure data protection and we cannot rely on an exemption provision. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the processing of a contract requires such disclosure, if you have given your consent or if the data in question has been made generally accessible by you and you have not objected to its processing.

6. Duration of storage of personal data

We process and store your personal data for as long as is necessary for the fulfilment of our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) and beyond that in accordance with the statutory retention and documentation obligations. 

As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as far as possible. 

7. Data security 

We take appropriate technical and organisational security precautions to protect your personal data from unauthorised access and misuse. However, we cannot guarantee absolute data security.

8. Rights of the data subject 

You have the right to information, correction, deletion and otherwise to object to our data processing and to the disclosure of certain personal data for the purpose of transfer to another organisation (so-called data portability) within the framework of the data protection law applicable to you and insofar as provided for therein.

Please note, however, that we reserve the right to assert the restrictions provided for by law, for example if we are obliged to store or process certain data, have an overriding interest in doing so (insofar as we may invoke this) or need it to assert claims. If you incur costs, we will inform you in advance. 

We have already informed you about the possibility of revoking your consent in section 3. Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature cancellation of the contract or cost consequences. We will inform you in advance if this is not already contractually regulated. 

The exercise of such rights generally requires that you clearly prove your identity (e.g. by means of a copy of your identity card, where your identity is otherwise not clear or cannot be verified). To assert your rights, you can contact us at the address given in section 1.

9. Changes 

We may amend this privacy policy at any time without prior notice. The current version published on our website applies.