Privacy Policy
1. What is this privacy policy about?
We explain in this Privacy Policy how we process personal data relating to you or others in the course of our business and connection with our website. “Personal data” means any information that can be associated with a particular individual, and “process” means any handling of it, such as obtaining, using, and disclosing it.
This privacy policy also applies to the processing of your data in connection with your application by e-mail and application by mail to Kitoko People. You will therefore also find information on how we process personal data as part of the application process.
If you would like more information about our data processing, please contact us (section 2).
2. Who is responsible for processing your data?
For data processing under this Privacy Policy, the following company is the “data controller”, i.e. the entity primarily responsible under data protection law (“Kitoko People” or also “we”):
Kitoko GmbH
Optingenstrasse 18
3013 Bern
If you have any questions about data protection, please feel free to contact us at the following e-mail address: hello@kitoko-people.ch.
You may provide us with data that also relates to other individuals. If you do so, we will take this as confirmation that this data is correct. Since we often have no direct contact with these third parties, we ask you to inform them about our processing of their data (e.g. by referring them to this privacy statement).
3. How do we process data in connection with our products and services?
When you use our products and services (collectively, “Services”), we process data for the preparation of the conclusion of the contract and the performance of the corresponding contract:
– We may advertise our services
– When we conclude a contract with you (in particular when you book a training course with us), we process data from the run-up to the conclusion of the contract (e.g. name, e-mail, employer/company, telephone number, billing address, and communication data) and information on the conclusion of the contract itself (e.g. conclusion date and subject matter of the contract).
– We also process personal data during and after the term of the contract. This concerns, for example, information on the purchase of services, but also payments, data on the termination of the contract, and – if disputes arise in connection with the contract – also on these and corresponding proceedings. We use this data because we cannot process contracts without it.
– In the case of contractual partners that are companies, we process less personal data because data protection law only covers data of natural persons (i.e. people). However, we do process data of the contact persons with whom we are in contact, e.g. name, contact details, telephone number and details from communication, and details of management persons, etc. as part of the general information about companies with which we work.
4. How do we process data in connection with an application?
If you apply to us and we check your suitability for the employment relationship, we process your data. You are not obliged to disclose this data to us.
We process the following personal data from you to the extent that it is or becomes known to us:
– Master data and contact information: In connection with your application, we receive certain basic data that we require for the review, substantiation, and possible execution of an employment contract, including communication with you. This includes, for example, first and last name, home address, telephone number, e-mail address, date of birth and age, hometown and nationality, gender, language skills, marital status, etc.;
– Data related to their current job and the organizational framework for possible employment: As part of your application, we receive or generate and process – in addition to the personal data and contact information (see above) – various other data about you, your current employment and the organizational framework conditions, e.g. information on the notice period of the current employment contract, data in connection with your job and your employment contract, professional achievements, your motivation, etc.;
– Job applications, professional history, and education and training: In the context of an application, we receive information about your career, qualifications, training, and other data, e.g. curriculum vitae, information about certificates, diplomas, work references or confirmations, language skills, information about previous jobs and employers, reference persons and their contact details, the information provided by reference persons, etc.;
– Other data: We may process further personal data, which we cannot list exhaustively here. We will inform you separately about the processing of such data, if this is possible or if we are obliged to inform you.
– We process the above-mentioned data for various purposes related to your job application, in particular for the following purposes:
– Checking application documents and the suitability of a job applicant, e.g. assessing suitability for a specific position with us for which you apply via email or for which we inquire about you, assessing suitability for other jobs or positions at Kitoko People, including checking or rechecking documents, checking references;
– Preparing and concluding employment contracts, e.g. drafting, negotiating, and concluding the employment contract;
The most important third-party provider is Google. You can find more information about this below. Other third-party providers generally process personal and other data in a similar manner.
Google Analytics is a web analytics service provided by Google LLC (USA). Google Analytics uses cookies and other technologies to collect data about the behavior of users of our website and their end devices, in particular the IP address of the end device, screen size, device type, information about the browser used and the location (country only) and language setting of the browser. This information is usually transferred to a Google server in the USA and stored there. We use Google Analytics to analyze and improve the use of our website. In doing so, we use the “IP anonymization” function to anonymize the IP addresses of users. The information generated by the cookie about your use of our website (including your IP address) is usually transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for us and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.
You can find more information about Google Analytics and data protection at Google at https://policies.google.com/privacy.
5. Online Newsletter
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner:in the specified e-mail address and agree to receive the newsletter. Further data (e.g. surname, first name or specific interests) are not collected or only collected on a voluntary basis. This also applies if you receive our newsletter by other means than via our website. We use this data exclusively for sending the requested information via the company Mailchimp. You can find more information about this in the corresponding chapter.
The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO/Art. 13 DSG). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. The data you provide us with for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data that has been stored by us for other purposes (e.g. e-mail addresses for the member area) remains unaffected by this.
6. Mailchimp
The newsletter is sent via e-mail using “Mailchimp”, an e-mail marketing platform of the US provider Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308, USA. Your email address and any data described in this notice are stored on Mailchimp’s servers in the USA. Mailchimp uses this information to send and evaluate the newsletters on our behalf. Furthermore, according to its own information, Mailchimp may use this data to optimize or improve its own services. Mailchimp does not use the data of our newsletter recipients to address them itself or to pass them on to third parties.
Mailchimp is certified under the US-EU Privacy Shield and is committed to complying with EU data protection regulations. Furthermore, we have concluded a data processing agreement with Mailchimp. This is a contract in which Mailchimp undertakes to protect the data of our users, to process it on our behalf in accordance with its data protection provisions and, in particular, not to pass it on to third parties.
The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from the Mailchimp server when the newsletter is opened. As part of this retrieval, technical information about the browser or email client as well as your IP address and the time of the retrieval are initially collected. This information is used to improve the services for specific target groups and to measure the results of our email distribution.
The statistical surveys also include determining whether the newsletters were opened, when they were opened and which links were clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our nor Mailchimp’s intention to observe individual users. The evaluations serve us much more to recognize the reading habits and interests of our users, so that we can optimize or adapt our email distributions and/or content accordingly.
There are cases in which we direct the newsletter recipients to the websites of Mailchimp. For example, our newsletters contain a link with which the newsletter recipients can access the newsletter online (e.g. in the event of display problems in the e-mail program). Furthermore, newsletter recipients can subsequently correct their data, e.g. the e-mail address. Likewise, the privacy policy of Mailchimp is only available on their site.
In this context, we would like to point out that cookies are also used on the websites of Mailchimp and that personal data is processed by Mailchimp, its partners and service providers (e.g. Google Analytics). We have no influence on this data collection. For more information, please refer to the privacy policy of Mailchimp.
7. How do we process data in connection with our website?
Every time you use our website, certain data is collected for technical reasons and temporarily stored in log files (log data), the IP address of the end device, information about the Internet service provider, and the operating system of your end device, information about the referring URL, information about the browser used, date and time of access, and content accessed when visiting the website. We use this data so that our website can be used, to ensure system security and stability to optimize our website, and for statistical purposes.
Our website also uses cookies, which are files that your browser automatically stores on your terminal device. This allows us to distinguish individual visitors, but usually without identifying them. Cookies may also contain information about pages viewed and the duration of the visit. Certain cookies (“session cookies”) are deleted when the browser is closed. Others (“persistent cookies”) remain stored for a certain duration so that we can recognize visitors on a subsequent visit.
You can configure your browser in the settings so that it blocks certain cookies or similar technologies or deletes cookies and other stored data. You can find out more about this in the help pages of your browser (usually under the keyword “Privacy”).
These cookies and other technologies may also come from third-party companies that provide us with certain functions. These may also be located outside of Switzerland and the EEA. For example, we use analytics services so that we can optimize our website. Cookies and similar technologies from third-party providers also enable them to target you with individualized advertising on our websites or on other websites as well as on social networks that also work with this third party and to measure how effective advertisements are (e.g., whether you arrived at our website via an advertisement and what actions you then take on our website). The relevant third-party vendors may record website usage for this purpose and combine their records with additional information from other websites. In this way, they can record user behavior across multiple websites and end devices to provide us with statistical analyses on this basis. The providers may also use this information for their purposes, e.g., for personalized advertising on their website or other websites. If a user is registered with the provider, the provider can assign the usage data to the relevant person.
8. How do we process data via social media?
We operate our company presence on social networks and other platforms (LinkedIn, Instagram, Facebook, TikTok, Podbean). If you communicate with us there or comment on or redistribute content, we collect information for this purpose, which we use primarily for communication with you, marketing purposes, and statistical evaluations. Please note that the provider of the platform also collects and uses data itself (e.g., on user behavior), possibly together with other data known to it (e.g., for marketing purposes or to personalize the platform content). Insofar as we are jointly responsible with the provider, we enter into a corresponding agreement, about which you can
9. Are there other processing operations?
Yes, because very many processes are not possible without processing personal data, including common and even unavoidable internal processes. It is not always possible to determine this precisely in advance, nor the extent of the data processed in the process, but you will find details of typical (although not necessarily frequent) cases below:
– Communication: When we are in contact with you, we process information about communication content about the nature, timing, and location of the communication. For your identification, we may also process information about proof of identity.
– Legal Compliance: As part of legal obligations or powers and to comply with internal regulations, we may disclose data to authorities.
– Prevention: we process data to prevent criminal data and other breaches, for example, as part of fraud prevention or internal investigations.
– Legal proceedings: Insofar as we are involved in legal proceedings (e.g., a court or administrative proceedings), we process data e.g., about parties to the proceedings and other persons involved, such as witnesses or respondents, and disclose data to such parties, courts and authorities, possibly also abroad.
– IT security: We also process data for monitoring, controlling, analyzing, securing, and reviewing our IT infrastructure, as well as for backups and archiving data.
– Competition: We process data about our competitors and the market environment in general (e.g. the political situation, the association landscape, etc.). In doing so, we may also process data about key individuals, especially names, contact details, roles or functions, and public statements.
– Transactions: If we sell or acquire receivables, other assets, business units, or companies, we process data to the extent necessary to prepare and execute such transactions, e.g. information about customers or their contact persons or employees, and also disclose corresponding data to buyers or sellers.
– Other purposes: We process data to the extent necessary for other purposes such as training and education, administration (e.g., contract management, accounting, enforcement and defense of claims, evaluation, and improvement of internal processes, preparation of anonymous statistics and evaluations; acquisition or disposal of receivables, businesses, parts of businesses or companies and protection of other legitimate interests. obtain information from the provider.
10. How long do we process personal data?
We process your data as long as it is necessary for processing (in the case of contracts, usually for the duration of the contractual relationship), as long as we have a legitimate interest in storing it (e.g. if to enforce legal claims, for archiving and or to ensure IT security) and as long as data is subject to a statutory retention obligation (for certain data, for example, a ten-year retention period applies). After these periods have expired, we delete or anonymize your data.
12. Data Security
- We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse, such as issuing instructions to our employees, confidentiality agreements, internal training or data protection awareness, IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, pseudonymization and controls.
12. What are your rights?
– You have certain rights under applicable data protection law to obtain further information about our data processing and to have an impact on it:
– You can request further information about our data processing. We are at your disposal for this purpose. You can also submit a so-called information request if you wish to receive further information and a copy of your data.
– You can object to our data processing, especially in connection with direct marketing.
– You can have inaccurate or incomplete personal data corrected or completed or supplemented by a note of denial.
– You also have the right to receive the personal data you have provided to us in a structured, common, and machine-readable format, insofar as the corresponding data processing is based on your consent or is necessary for the performance of a contract.
– insofar as we process data based on your consent, you may revoke your consent at any time. The revocation is only valid for the future, and we reserve the right to continue to process data based on another basis in the event of a revocation.
Please contact us if you wish to exercise such a right (section 2). As a rule, we will have to verify your identity (e.g. using a copy of your ID card). You are also free to file a complaint against our processing of your data with the competent supervisory authority, in Switzerland the Federal Data Protection and Information Commissioner (FDPIC).
13. Changes
We may amend this privacy policy at any time without prior notice. The current version published on our website shall apply. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.