Privacy Policy

Responsible Entity
The responsible entity within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

mintminds AG, Crista Henggeler, Bahnhofstrasse 58, 8001 Zurich, Switzerland

Phone: +41 44 211 66 00
Email: crista.henggeler@mintminds.ch

General Notice
Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Federal Data Protection Act (FADP), every person has the right to the protection of their privacy and to protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations as well as this privacy policy.

In cooperation with our hosting providers, we strive to protect the databases as best as possible from unauthorized access, loss, misuse, or falsification.

We would like to point out that data transmission over the Internet (e.g., communication by email) may have security vulnerabilities. Complete protection of data from access by third parties is not possible.

By using this website, you consent to the collection, processing, and use of data as described below. This website can generally be visited without registration. Data such as pages accessed, file names retrieved, date, and time may be stored on the server for statistical purposes without these data being directly related to you personally. Personal data—particularly name, address, or email address—will, as far as possible, be collected on a voluntary basis. Without your consent, no data will be passed on to third parties.

Processing of Personal Data
Personal data means any information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the collection, disclosure, acquisition, deletion, storage, alteration, destruction, and use of personal data.

We process personal data in accordance with Swiss data protection law. In addition, where and insofar as the EU GDPR applies, we process personal data based on the following legal grounds in connection with Art. 6(1) GDPR:

  • Consent (Art. 6(1)(a) GDPR) – The data subject has given consent to the processing of their personal data for one or more specific purposes.

  • Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract.

  • Legal obligation (Art. 6(1)(c) GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.

  • Protection of vital interests (Art. 6(1)(d) GDPR) – Processing is necessary to protect the vital interests of the data subject or another natural person.

  • Legitimate interests (Art. 6(1)(f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.

  • Application process as a pre-contractual or contractual relationship (Art. 9(2)(b) GDPR) – Where, in the course of the application process, special categories of personal data within the meaning of Art. 9(1) GDPR (e.g., health data such as disability status or ethnic origin) are requested from applicants so that the controller or the data subject can exercise rights arising from employment law and social security and social protection law, and fulfil their related obligations, processing is carried out on the basis of Art. 9(2)(b) GDPR. In the case of protecting the vital interests of applicants or other persons, processing is carried out under Art. 9(2)(c) GDPR, or for purposes of preventive or occupational medicine, assessment of the employee’s working capacity, medical diagnosis, provision or treatment in the health or social care sector, or the management of systems and services in the health or social care sector in accordance with Art. 9(2)(h) GDPR. If special categories of data are voluntarily provided on the basis of consent, processing is carried out in accordance with Art. 9(2)(a) GDPR.

We process personal data for as long as is necessary for the respective purpose(s). Where longer retention periods are required due to legal or other obligations to which we are subject, we restrict processing accordingly.

Applicable Legal Bases
In accordance with Art. 13 GDPR, we inform you of the legal bases for our data processing. Unless a specific legal basis is stated in this privacy policy, the following applies:
The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 GDPR;
the legal basis for processing in order to fulfil our services and carry out contractual measures as well as respond to inquiries is Art. 6(1)(b) GDPR;
the legal basis for processing to fulfil our legal obligations is Art. 6(1)(c) GDPR;
and the legal basis for processing to safeguard our legitimate interests is Art. 6(1)(f) GDPR.
In cases where processing of personal data is necessary to protect the vital interests of the data subject or another natural person, Art. 6(1)(d) GDPR serves as the legal basis.

Security Measures
We take appropriate technical and organisational measures, in accordance with legal requirements, taking into account the state of the art, implementation costs, the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, in order to ensure a level of security appropriate to the risk.

These measures include, in particular, safeguarding the confidentiality, integrity, and availability of data by controlling both physical and electronic access to the data, as well as access, input, transfer, securing of availability, and segregation of the data. Furthermore, we have implemented procedures to ensure the exercise of data subjects’ rights, the deletion of data, and responses to data threats. We also take the protection of personal data into account during the development or selection of hardware, software, and processes, in accordance with the principle of data protection by design and by default.

Transfer of Personal Data
In the course of processing personal data, it may happen that data is transferred to other entities, companies, legally independent organisational units, or individuals, or disclosed to them. Recipients of such data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data to protect your information.

Data Processing in Third Countries
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)), or if processing takes place in the context of using services of third parties, or through the disclosure or transfer of data to other persons, entities, or companies, this will only be done in compliance with the legal requirements.

Unless there is explicit consent, or the transfer is contractually or legally required, we process data in third countries only if there is an acknowledged adequate level of data protection, a contractual obligation through so-called standard contractual clauses issued by the EU Commission, existing certifications, or binding corporate rules (Art. 44 to 49 GDPR; EU Commission information page: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_en).

 

Privacy Policy for Cookies
This website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer. The primary purpose of a cookie is to store information about a user during or after their visit to an online offering. Stored information may include, for example, language settings on a website, login status, a shopping cart, or the point at which a video was watched. The term “cookies” also includes other technologies that fulfil the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also referred to as “user IDs”).

The following types and functions of cookies are distinguished:

  • Temporary cookies (also known as session cookies): These are deleted at the latest when a user leaves an online offering and closes their browser.

  • Persistent cookies: These remain stored even after the browser is closed. For example, the login status can be saved, or preferred content can be displayed directly when the user revisits a website. Similarly, user interests, which may be used for audience measurement or marketing purposes, can be stored in such cookies.

  • First-party cookies: These are set by us directly.

  • Third-party cookies: These are mainly used by advertisers (so-called third parties) to process user information.

  • Necessary cookies (also known as essential or strictly necessary cookies): These are required for the operation of a website (e.g., to store logins or other user inputs, or for security reasons).

  • Statistics, marketing, and personalisation cookies: These are typically used for audience measurement and when a user’s interests or behaviour (e.g., viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to display content to users that may correspond to their potential interests. This process is also known as “tracking,” i.e., the monitoring of users’ potential interests. Where we use cookies or tracking technologies, we will inform you separately in this privacy policy or when obtaining consent.

Legal basis: The legal basis on which we process your personal data using cookies depends on whether we ask for your consent. If this is the case and you consent to the use of cookies, the legal basis for processing your data is the consent you have provided. Otherwise, the data processed using cookies is based on our legitimate interests (e.g., in the economical operation and improvement of our online offering) or where the use of cookies is necessary to fulfil our contractual obligations.

Storage duration: Unless we explicitly inform you of the storage duration of persistent cookies (e.g., as part of a cookie consent request), please assume that the storage period can be up to two years.

General notes on withdrawal and objection (Opt-Out): Depending on whether processing is based on consent or legal permission, you may withdraw your consent at any time or object to the processing of your data through cookie technologies (collectively referred to as “opt-out”). You can declare your objection via your browser settings, for example by disabling the use of cookies (although this may also limit the functionality of our online offering). You can also object to the use of cookies for online marketing purposes through a variety of services—especially in the case of tracking—via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. Further objection instructions may be provided in the information on the service providers and cookies we use.

Processing of cookie data based on consent: We use a cookie consent management process in which users’ consents to the use of cookies—or the processing and providers specified in the cookie consent management process—are obtained, managed, and can be withdrawn by users. The consent declaration is stored to avoid having to request it again and to be able to prove consent in accordance with legal obligations. Storage may occur on the server and/or in a cookie (so-called opt-in cookie, or using comparable technologies) in order to assign consent to a user or their device. Unless otherwise specified for individual cookie management service providers, the following applies: The consent storage duration can be up to two years. A pseudonymous user identifier is created and stored together with the time of consent, the scope of the consent (e.g., which categories of cookies and/or service providers), as well as the browser, system, and device used.

  • Types of data processed: Usage data (e.g., visited websites, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

  • Data subjects: Users (e.g., website visitors, users of online services).

  • Legal bases: Consent (Art. 6(1)(a) GDPR), legitimate interests (Art. 6(1)(f) GDPR).

 

Privacy Policy for SSL/TLS Encryption
For security reasons and to protect the transmission of confidential content—such as inquiries you send to us as the website operator—this website uses SSL/TLS encryption. You can recognize an encrypted connection by the fact that the browser’s address line changes from “http://” to “https://” and by the lock icon displayed in your browser’s address bar.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Data Transmission Security (Without SSL)
Please note that data transmitted over an open network such as the Internet or via an email service without SSL encryption is visible to everyone. You can recognize an unencrypted connection by the fact that the browser’s address line displays “http://” and no lock icon appears in your browser’s address bar. Information transmitted over the Internet and online content received may, under certain circumstances, be transmitted via networks of third-party providers. We cannot guarantee the confidentiality of communications or documents transmitted over such open networks or networks of third-party providers.

If you disclose personal information over an open network or networks of third-party providers, you should be aware that your data may be lost or potentially accessed by third parties, and consequently collected and used without your consent. Although in many cases the individual data packets are transmitted in encrypted form, the names of the sender and recipient are not. Even if the sender and recipient are located in the same country, data transmission over such networks often takes place without checks and may pass through third countries, i.e., countries that do not offer the same level of data protection as your country of residence. We accept no responsibility for the security of your data during transmission over the Internet and disclaim any liability for direct or indirect losses. We recommend using alternative means of communication if you consider this necessary or advisable for security reasons.

Despite extensive technical and organizational security precautions, data may still be lost, intercepted, and/or manipulated by unauthorized parties. We take appropriate technical and organizational security measures to prevent this within our systems wherever possible. However, your computer lies outside the security sphere that we can control. It is your responsibility as a user to inform yourself about the necessary security precautions and to take appropriate measures in this regard. As the website operator, we cannot be held liable for any damage resulting from data loss or manipulation.

Data you enter in online forms may, for the purpose of order processing, be transmitted to authorized third parties, who may view and, if necessary, process the data.

 

Privacy Policy for Server Log Files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and version

  • Operating system used

  • Referrer URL

  • Hostname of the accessing computer

  • Time of the server request

These data cannot be attributed to specific individuals. This data will not be merged with other data sources. We reserve the right to subsequently review this data if we become aware of concrete indications of unlawful use.

Third-Party Services
This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam, and YouTube for embedding videos.

These services of the American company Google LLC use, among other things, cookies, and as a result, data is transmitted to Google in the USA. We assume that in this context no personal tracking occurs solely through the use of our website.

Google has committed to ensuring adequate data protection in accordance with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks.

Further information can be found in Google’s privacy policy.

 

Privacy Policy for Contact Form
If you send us inquiries via the contact form, the information you provide in the inquiry form, including the contact details you enter, will be stored by us for the purpose of processing your inquiry and in case of follow-up questions. We will not share this data without your consent.

Privacy Policy for Newsletter Data
If you wish to subscribe to the newsletter offered on this website, we require an email address from you as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive the newsletter. No further data is collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The consent granted for storing the data, the email address, and its use for sending the newsletter can be revoked at any time—for example, via the “unsubscribe” link in the newsletter.

Privacy Policy for the Comment Function on This Website
For the comment function on this website, in addition to your comment, information on the time the comment was created, your email address, and, if you do not post anonymously, the username you have chosen will be stored.

Storage of IP Addresses
Our comment function stores the IP addresses of users who post comments. Since we do not check comments on our site before they are published, we require this data in order to be able to take action against the author in cases of legal violations such as insults or propaganda.

Subscribing to Comments
As a user of the site, you can subscribe to comments after registering. You will receive a confirmation email to verify that you are the owner of the specified email address. You can unsubscribe from this function at any time via a link in the information emails.

 

Rights of Data Subjects

Right to Confirmation
Every data subject has the right to obtain confirmation from the operator of the website as to whether personal data concerning them is being processed. If you wish to exercise this right to confirmation, you may contact our data protection officer at any time.

Right of Access
Every person affected by the processing of personal data has the right, at any time and free of charge, to obtain from the operator of this website information about the personal data stored concerning them and to receive a copy of this information. Furthermore, information may be provided on the following, if applicable:

  • The purposes of the processing

  • The categories of personal data being processed

  • The recipients to whom the personal data have been or will be disclosed

  • If possible, the planned duration for which the personal data will be stored, or, if this is not possible, the criteria used to determine this duration

  • The existence of the right to request rectification or erasure of personal data, or restriction of processing by the controller, or to object to such processing

  • The existence of the right to lodge a complaint with a supervisory authority

  • Where the personal data is not collected from the data subject: any available information on the source of the data

The data subject also has the right to know whether personal data have been transferred to a third country or to an international organisation. Where this is the case, the data subject further has the right to be informed about the appropriate safeguards relating to the transfer.

If you wish to exercise this right of access, you may contact our data protection officer at any time.

Right to Rectification
Every person affected by the processing of personal data has the right to request the prompt correction of inaccurate personal data concerning them. Taking into account the purposes of processing, the data subject also has the right to request the completion of incomplete personal data, including by means of a supplementary statement.

If you wish to exercise this right to rectification, you may contact our data protection officer at any time.

Right to Erasure (Right to be Forgotten)
Every person affected by the processing of personal data has the right to request from the controller of this website that personal data concerning them be deleted without undue delay, provided that one of the following reasons applies and insofar as processing is not required:

  • The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.

  • The data subject withdraws their consent on which the processing was based, and there is no other legal basis for the processing.

  • The data subject objects to the processing for reasons arising from their particular situation, and there are no overriding legitimate grounds for the processing, or the data subject objects to processing for direct marketing purposes and related profiling.

  • The personal data have been unlawfully processed.

  • Erasure of the personal data is necessary to comply with a legal obligation under Union or Member State law to which the controller is subject.

  • The personal data have been collected in relation to the offer of information society services directly to a child.

If one of the above reasons applies and you would like to request the deletion of personal data stored by the operator of this website, you may contact our data protection officer at any time. The data protection officer of this website will ensure that the deletion request is complied with promptly.

Right to Restriction of Processing
Every person affected by the processing of personal data has the right to request that the controller of this website restrict processing if one of the following conditions is met:

  • The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.

  • The processing is unlawful, the data subject opposes the deletion of the personal data, and instead requests the restriction of their use.

  • The controller no longer needs the personal data for processing purposes, but the data subject requires them for the establishment, exercise, or defence of legal claims.

  • The data subject has objected to processing for reasons arising from their particular situation, and it is not yet determined whether the legitimate grounds of the controller override those of the data subject.

If one of the above conditions applies and you would like to request the restriction of personal data stored by the operator of this website, you may contact our data protection officer at any time. The data protection officer of this website will arrange for the restriction of processing.

Right to Data Portability
Every person affected by the processing of personal data has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right, where legally applicable, to transmit those data to another controller.

Furthermore, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that the rights and freedoms of others are not adversely affected.

To exercise the right to data portability, you may contact the data protection officer appointed by the operator of this website at any time.

Right to Object
Every person affected by the processing of personal data has the right, for reasons arising from their particular situation, to object at any time to the processing of personal data concerning them.

In the event of an objection, the operator of this website will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing serves the establishment, exercise, or defence of legal claims.

To exercise the right to object, you may contact the data protection officer of this website directly.

Right to Withdraw Consent under Data Protection Law
Every person affected by the processing of personal data has the right to withdraw consent given for the processing of personal data at any time.

If you wish to exercise your right to withdraw consent, you may contact our data protection officer at any time.

 

Privacy Policy – Objection to Promotional Emails
We hereby object to the use of the contact details published as part of the legal notice obligation for the purpose of sending unsolicited advertising and informational materials. The operators of these pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

Paid Services
In order to provide paid services, we request additional data from you—such as payment information—to process your order or assignment. We store this data in our systems until the statutory retention periods have expired.

Copyright
The copyright and all other rights to content, images, photos, or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. Written consent from the copyright holder must be obtained in advance for the reproduction of any files.

Anyone who commits a copyright infringement without the consent of the respective rights holder may be liable to prosecution and may be required to pay damages.

General Disclaimer of Liability
All information in our online offering has been carefully checked. We make every effort to offer up-to-date, accurate, and complete information. Nevertheless, errors cannot be completely ruled out, and we therefore cannot guarantee the completeness, accuracy, or timeliness of information, including journalistic and editorial content. Liability claims for material or immaterial damage caused by the use of the information provided are excluded, unless there is evidence of willful intent or gross negligence.

The publisher may, at its own discretion and without notice, change or delete text and is not obliged to update the content of this website. The use of or access to this website is at the visitor’s own risk. The publisher, its clients, or partners are not responsible for damages—whether direct, indirect, incidental, pre-determined, or consequential—that are allegedly caused by visiting this website, and therefore assume no liability.

The publisher also assumes no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked pages are solely responsible for their content. The publisher expressly distances itself from all third-party content that may be legally actionable or contrary to public decency.

Changes
We may amend this privacy policy at any time without prior notice. The version currently published on our website applies. If the privacy policy is part of an agreement with you, we will inform you of any updates by email or other appropriate means in the event of a change.

Questions to the Data Protection Officer
If you have any questions about data protection, please email us or contact the person responsible for data protection in our organisation, as named at the beginning of this privacy policy.