We use cookies and statistical software. Further information can be found in our privacy policy.

We use cookies and statistical software. Further information can be found in our privacy policy.

Settings saved

Your data is important to us
Privacy policy

Thank you for visiting our website www.kollhopp.ch and for your interest in our company. The protection of your personal data is important to us.

The purpose of this privacy policy is to inform you about the processing of your personal data that we collect when you visit our website. Our data protection practices comply with the statutory provisions of the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The following privacy policy serves to fulfill the information obligations arising from the FADP and the GDPR. These can be found, for example, in Art. 19 ff. DSG and Art. 13 ff. of the GDPR.

Owner or controller

The controller within the meaning of Art. 5(j) FADP and Art. 4(7) GDPR is the person who alone or jointly with others determines the purposes and means of the processing of personal data. The controller pursuant to Art. 4 no. 7 GDPR is also the recipient of the personal data within the meaning of Art. 4 no. 9 GDPR. Any third-party recipients are identified separately.

With regard to our website, the owner or controller is

Kollhopp Consulting AG
Thomas Kollhopp
The Circle 6
8058 Zurich
Switzerland
E-Mail: info@kollhopp.ch
Phone: +41 (0)79 346 96 35

Provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the device accessing it (e.g. computer, cell phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and version used;
(2) The operating system of the accessing device;
(3) Host name of the accessing computer;
(4) The IP address of the accessing device;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) that were accessed on our website;
(7) Websites from which the user's system came to our website (referrer tracking);
(8) Notification of whether the retrieval was successful;
(9) Amount of data transferred

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual site visitors cannot be identified.

Legal basis for the processing of personal data

Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code) and Art. 6 para. 1 lit. f GDPR (legitimate interest).

Purpose of the data processing

The temporary (automated) storage of data is necessary for the course of a website visit in order to enable the website to be delivered. Personal data is also stored and processed to maintain the compatibility of our website for as many visitors as possible and to combat misuse and troubleshooting. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, we use the data to optimize the website and to generally ensure the security of our IT systems.

Duration of storage

The aforementioned technical data is deleted as soon as it is no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after our website is accessed.

Restriction, objection, rectification and erasure options

You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

Special functions of the website

Our website offers you various functions that collect, process and store personal data when you use them. We explain below what happens to this data:

Application form

  • What personal data is collected and to what extent is it processed?

    The data entered by you in the form fields of the application form and uploaded, if applicable, will be processed to fulfill the purpose stated below.

  • Legal basis for the processing of personal data

    Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code) and Art. 6 para. 1 lit. b GDPR (implementation of (pre-)contractual measures).

  • Purpose of the data processing

    The purpose of data processing is to review and process the application documents you upload via the form.

  • Duration of storage

    The data will be deleted as soon as the application has been processed and there is no longer a legitimate interest in storing the application data. Your application documents will therefore be deleted after 6 months at the latest if no employment relationship is established.

  • Right of objection, processing, rectification and erasure

    You can restrict processing at any time in accordance with Art. 18 GDPR, object to processing in accordance with Art. 21 GDPR and request the correction or deletion of data in accordance with Art. 16 or 17 GDPR. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

  • Necessity of providing personal data

    The information in the application form is necessary for sending and processing the application. If you do not fill in the mandatory fields or do not fill them in completely, your application cannot be sent or processed.

Contact form

  • What personal data is collected and to what extent is it processed?

    The data entered by you in our contact forms, which you have entered in the input mask of the contact form.

  • Legal basis for the processing of personal data

    Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code) and Art. 6 para. 1 lit. a GDPR (consent by unambiguous affirmative action or conduct).

  • Purpose of the data processing

    We will only use the data collected via our contact form or via our contact forms to process the specific contact request received via the contact form. Please note that we may also send you e-mails to the address provided in order to fulfill your contact request. The purpose of this is so that you can receive confirmation from us that your request has been forwarded to us correctly. However, sending this confirmation e-mail is not mandatory for us and is for your information only.

  • Duration of storage

    Once your request has been processed, the data collected will be deleted immediately, provided there are no statutory retention periods.

  • Restriction, objection, correction and deletion options

    You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

  • Necessity of providing personal data

    The contact forms are used on a voluntary basis. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our website. If you wish to use our contact form, you must complete the fields marked as mandatory. If you do not complete the required information on the contact form, you will either not be able to send the request or we will not be able to process your request due to a lack of information.

Disclosure of data to third parties

Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code).

The disclosure of data to third parties depends on the scope of the activities or offers of our website or our business model described below.

In principle, we only keep your data for as long as necessary and treat it confidentially. Exceptions to this are the transfer of personal data to debt collection service providers, to public bodies and authorities and to private individuals who are entitled to it on the basis of legal provisions, court decisions or official orders, as well as the transfer to authorities for the purpose of initiating legal proceedings or for criminal prosecution purposes if our legally protected rights are challenged.

Integration of external web services and processing of data outside the EU

We use active content from external providers, so-called web services, on our website. When you access our website, these external providers may receive personal information about your visit to our website. Data may be processed outside Switzerland and the EU. You can prevent this by installing an appropriate browser plugin or deactivating the execution of scripts in your browser. This may result in functional restrictions on websites that you visit.

We use the following external web services:

  • Jsdelivr

    We use the Jsdelivr service provided by Prospect One Sp., Krolweska 65A, 30-081 Krakow, Poland, e-mail: hello@prospectone.io, website: https://prospectone.io/ on our website. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find Switzerland's list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer and processing of personal data takes place exclusively on servers in the European Union.

    The legal basis for the transfer of personal data is our legitimate interest in processing in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in achieving the purpose described below.

    JSDelivr is a content delivery network that mirrors our content via various servers to ensure optimal accessibility worldwide.

    With regard to processing, you have the right to object as set out in Art. 21 GDPR. Further information can be found at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.jsdelivr.com/privacy-policy-jsdelivr-com

  • Legally ok legal text snippet and modules

    We use the Legally ok legal text snippet and modules service provided by Legally ok GmbH, Schochenmühlestrasse 6, 6340 Baar, Switzerland, e-mail: hello@legally-ok.com, website: https://www.legally-ok.com/. Processing takes place exclusively in Switzerland in accordance with the data protection legislation applicable there. Processing also takes place in a third country outside the EU. An adequacy decision by the Commission exists for this third country. On the website of the EU Commission (Link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de) you will find a current list of all adequacy decisions.

    The legal basis for the transfer and processing is Art. 31 para. 1 FADP and Art. 6 para. 1 lit. c GDPR. The use of the service helps us to comply with our legal obligations.

    The service is used to load content from our legal texts onto our website. The current legal texts are reloaded via the integration on our site. This integration may also be used to load additional technical modules with regard to the legal texts or legally required elements.

    The rights to which you are entitled with regard to processing can be found at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.legally-ok.com/datenschutz/.

  • OpenJS Foundation

    We use the OpenJS Foundation service of the OpenJS Foundation, 1 Letterman Drive, Building D, Suite D4700, 94129 San Francisco, United States, e-mail: privacy@openjsf.org, website: https://js.foundation/. Your personal data will be transferred to so-called insecure third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if suitable data protection is guaranteed. This can be guaranteed in particular by

    • international treaties
    • Data protection clauses in a contract between the controller or processor and their contractual partner, which have been communicated to the FDPIC in advance
    • specific safeguards drawn up by the competent federal body and notified to the FDPIC in advance
    • Standard data protection clauses that the FDPIC has approved, issued or recognized in advance, or
    • binding corporate rules on data protection that have been approved in advance by the FDPIC or by an authority responsible for data protection in a country that guarantees adequate protection

    If such guarantees are not in place, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or execution of a contract, or the disclosure is necessary to enforce claims before courts and authorities or to protect public interests. From the perspective of the EU, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that authorities in the third country, for example, may access the data collected. Your data can only be transferred to these third countries if it is ensured that the personal data is adequately protected by the recipient. This can be done through the use of standard contractual clauses, in the case of data transfers within a group of companies through so-called Binding Corporate Rules, through an obligation to comply with rules of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 GDPR or Art. 31 para. 2 GDPR and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

    jQuery is a free JavaScript library that is required for the proper operation of our website. It contains a code database that is a basic requirement for many functions of our website.

    You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider's privacy policy at https://openjsf.org/wp-content/uploads/sites/84/2021/04/OpenJS-Foundation-Privacy-Policy-2019-11-15.pdf.

Information on the use of cookies

Scope of the processing of personal data

We integrate and use cookies on various pages to enable certain functions of our website and to integrate external web services. Cookies are small text files that your browser can store on your access device. These text files contain a characteristic string of characters that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as "setting a cookie". Cookies can be set both by the website itself and by external web services.

Legal basis for the processing of personal data

Relevant are Art. 6 ff. FADP (principles) and Art. 6 para. 1 lit. f GDPR (legitimate interest) or Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR (consent).

The relevant legal basis can be found in the cookie table listed later in this section.

In general, in the case of cookies that are collected on the basis of a legitimate interest, our legitimate interest is to ensure the functionality of our website and the services integrated on it (technically necessary cookies). In addition, the cookies may increase their user-friendliness and enable a more personalized approach. Here we have weighed up your interests and our interests.

With the help of cookie technology, we can only identify, analyze and track individual website visitors if the website visitor has consented to the use of cookies in accordance with Art. 6 para. 6 DSG or Art. 6 para. 1 lit. a DSGVO.

Purpose of the data processing

The cookies are set by our website or the external web services in order to maintain the full functionality of our website, to improve user-friendliness or to pursue the purpose stated with your consent. Cookie technology also enables us to recognize individual visitors by means of pseudonyms, e.g. individual or random IDs, so that we can offer more individual services. Details are listed in the following table.

Possibility of objection, revocation of consent and deletion

You can set your browser according to your wishes so that the setting of cookies is generally prevented. You can then decide on a case-by-case basis whether to accept cookies or to accept cookies in principle. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected to our website (permanent cookies) or to save recently viewed offers (session cookies). If you have expressly given us permission to process your personal data, you can revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent until you withdraw it.

Data security and data protection, communication by e-mail

Your personal data is protected by technical and organizational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.

Duration of data storage and rights of the data subject

Duration of storage

We only store personal data to the extent and for as long as is necessary to fulfill the purposes for which the personal data was collected, if we have a legitimate overriding interest in storing it or if we are legally obliged to do so.

Right to information

You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have a right to information about the data specified in 25 ff. FADP or Art. 15 para. 1 GDPR, provided that the information cannot be refused, restricted or postponed by the data controller (see Art. 26 f. FADP or Art. 15 para. 4 GDPR). We will also be happy to provide you with a copy of the data.

Right to rectification

In accordance with Art. 32 para. 1 FADP or Art. 16 GDPR, you have the right to demand that incorrectly stored personal data (e.g. address, name, etc.) be corrected, provided that this claim does not conflict with any legal obligation. You can also request the completion of the data stored by us at any time. A corresponding adjustment will be made immediately.

Right to erasure

In accordance with Art. 17 para. 1 GDPR, you have the right to request that we erase the personal data we have collected about you if

  • the data is either no longer required;
  • the legal basis for the processing no longer applies due to the withdrawal of your consent
  • there are no longer any legitimate reasons for the processing;
  • Your data is processed unlawfully;
  • a legal obligation requires this.

According to Art. 17 para. 3 GDPR, the right does not exist if

  • the processing is necessary for exercising the right of freedom of expression and information
  • Your data has been collected on the basis of a legal obligation;
  • the processing is necessary for reasons of public interest
  • the data is necessary for the establishment, exercise or defense of legal claims.

Right to restriction of processing

Pursuant to Art. 18 para. 1 GDPR, you have the right in individual cases to request the restriction of the processing of your personal data.

This is the case if

  • the accuracy of the personal data is contested by you
  • the processing is unlawful and you do not consent to its erasure
  • the data is no longer required for the purpose of processing, but the data collected serves to assert, exercise or defend legal claims;
  • an objection to the processing pursuant to Art. 21 para. 1 GDPR has been lodged and it is still unclear which interests prevail.

Right of revocation

If you have given us your express consent to process your personal data (Art. 6 para. 6 FADP and Art. 31 para. 1 FADP; Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR), you can revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. Data for which we are legally obliged to retain will be deleted after the deadline has expired.

Right to object

In accordance with Art. 21 GDPR, you have the right to object at any time to the processing of personal data concerning you that has been collected on the basis of Art. 6 para. 1 lit. f GDPR (in the context of a legitimate interest). If you have given us your express consent to process your personal data (Art. 6 para. 6 GDPR and Art. 31 para. 1 GDPR), you can withdraw this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. You only have this right if there are special circumstances that speak against the storage and processing. Data for which we are legally obliged to store will be deleted after the deadline has expired.

How do you exercise your rights?

You can exercise your rights at any time by contacting us using the contact details below:

Kollhopp Consulting AG
Thomas Kollhopp
The Circle 6
8058 Zurich
Zurich, Switzerland
E-Mail: info@kollhopp.ch
Phone: +41 (0)79 346 96 35

Right to data portability

In accordance with Art. 20 GDPR, you have the right to the transfer of personal data concerning you. We will provide the data in a structured, commonly used and machine-readable format. The data can be sent either to you yourself or to a controller named by you.

We will provide you with the following data on request:

  • Data collected on the basis of consent (Art. 31 para. 1 FADP and Art. 6 para. 1 let. a GDPR);
  • Daten, die wir im Rahmen bestehender Verträge von Ihnen erhalten haben (Art. 31 Abs. 2 Bst. a DSG sowie Art. 6 Abs. 1 Bst. b DSGVO und Art. 9 Abs. 2 Bst. a DSGVO);
  • Data that has been processed as part of an automated procedure.

We will transfer the personal data directly to a controller of your choice insofar as this is technically feasible. Please note that we may not transfer data that interferes with the overriding interests of third parties in accordance with Art. 26 para. 1 let. b FADP or Art. 20 para. 4 GDPR, or only to a limited extent.

Notifications to the FDPIC and the right to lodge a complaint

Pursuant to Art. 49 FADP, data subjects can file a complaint with the supervisory authority if there are sufficient indications that data processing could violate data protection regulations. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

Further information can be found in the FDPIC's contact form: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html

If you suspect that your data is being processed unlawfully on our website, you can bring about a judicial clarification of the problem in accordance with Art. 32 FADP. As a rule, an action under Art. 28 ff. ZGB should be sought. If you are affected by the processing of data by federal bodies, the procedure is governed by Art. 41 FADP. In this case, you can also contact the FDPIC (see reference to the contact form above).

Right to lodge a complaint with the supervisory authority pursuant to Art. 77 para. 1 GDPR

If you suspect that your data is being processed unlawfully on our website, you can of course bring about a judicial clarification of the problem at any time. You also have every other legal option. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Art. 77 para. 1 GDPR. The right to lodge a complaint pursuant to Art. 77 GDPR is available to you in the EU Member State of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the above-mentioned places. The supervisory authority to which the complaint has been submitted will then inform you of the status and outcome of your submission, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Legally ok - Data protection solution for websites - privacy policy, imprint, cookie banner

The privacy policy of this website was created free of charge with the all-in-one website privacy solution Legally ok.

We use cookies and statistical software. Further information can be found in our privacy policy.

We use cookies and statistical software. Further information can be found in our privacy policy.

Settings saved