Privacy Policy

1. Introduction

In this privacy policy, we explain how ALPHA Finanzplanung AG (referred to collectively as “we” or “us”) collects and processes personal data. Personal data refers to any information related to a specific or identifiable individual.

This description is not exhaustive; other privacy policies or terms and conditions, participation rules, and similar documents may govern additional specific privacy-related matters. Personal data refers to any information related to a specific or identifiable individual.

If you provide us with personal data of other individuals (e.g., family members, data of colleagues, etc.), please ensure that these individuals are aware of this privacy policy and only share their personal data with us if you have obtained the necessary permissions and if the provided personal data is accurate.

2. Data Controller and Data Protection Officer

ALPHA Finanzplanung AG
Grindelstrasse 6
CH-8304 Wallisellen
info@alphafp.ch

Management: Maximilian Röding

3. Purposes of Data Processing

We process personal data that we receive directly from interested parties or third parties for the purpose of contacting and promoting our services.
Furthermore, we process your personal data to provide you with comprehensive advice. In this context, we use your data to make appropriate product suggestions and to broker contracts with our partner companies, particularly in the areas of private and professional pension provision, asset protection, health care, real estate financing, investment business, and other services for our clients.
We use personal data to conclude and fulfill contracts with our customers and business partners.
Data processing may be necessary to comply with our legal/regulatory obligations both domestically and abroad.
Additionally, we may process personal data from you and other individuals, to the extent permitted and as appropriate, for the following purposes, in which we have a legitimate interest:

  • Offering and further developing our products and services.
  • Communication with third parties and processing their inquiries (e.g., media inquiries).
  • Examination and optimization of procedures for needs analysis for direct customer approach
  • Advertising and marketing (including holding events), provided that you have not objected to the use of your data (if we send you advertising as an existing customer, you can object to this at any time, and we will then add you to a blocklist to prevent further advertising).
  • Market and opinion research, media monitoring.
  • Enforcement of legal claims and defense in connection with legal disputes and official proceedings.
  • Prevention and investigation of crimes and other misconduct (e.g., conducting internal investigations, data analysis for fraud prevention).
  • Handling of complaints.
  • Ensuring the operation of our IT, websites, apps, and other platforms.
  • Measures for IT, building, and plant security and protection of our employees and other individuals and our property or entrusted property (e.g., access controls, visitor logs, network and email scanners, phone recordings).
  • Purchase and sale of business units, companies, or parts of companies, and other corporate transactions, including the transfer of personal data, as well as measures for business management and for compliance with legal and regulatory obligations as well as internal regulations.

4. Personal Data Processed by Us

In accordance with data protection law, we process the following personal data from you:

  • Personal data and contact information (e.g., first and last name, gender, date of birth, address, telephone number or email address, marital status).
  • Data from applications, including related supplementary questionnaires (such as applicant’s information about the insured risk, answers to questions).
  • Data from contracts (such as contract duration, type of insurance and coverage, insured risks and benefits, data from existing contracts).
  • Data for the conduct of consultations (e.g., consultation or conversation protocols).
  • Tax and pension data (e.g., income and wealth information, pension savings, including information on denomination within the scope of advisory services).
  • Financial data (e.g., information about assets and their origin, scoring and creditworthiness data in the context of financial services).
  • Transaction data (e.g., payment transaction information in the context of financial services).
  • Data related to legal disputes.
  • Collection data (such as date and amount of premium receipts, outstanding payments, reminders, balances, payment reference data, entry and exit dates).
  • Data related to claims or benefit processing (e.g., damage reports, investigation reports in the context of insurance services).
  • Data related to the processing of pension or benefit cases (e.g., notification of the occurrence of the pension case, investigation reports in the context of pension services).
  • Health data (e.g., health condition, illnesses, and injuries in the context of insurance and pension services).
  • To the extent permitted, we also obtain data from publicly accessible sources (e.g., debt collection registers, land registers, commercial registers).

5. Data Recipients

We may disclose data as per Section 3, in particular to the following categories of recipients, to the extent necessary for the purposes stated in Section 4:

  • Partner companies and selected contract partners: To provide our services, we may share your data with our partner companies and contract partners chosen by you (such as insurance companies, banks, investment firms, health insurance companies, pension funds) for processing at their end.
  • Authorities and offices: In connection with the exercise of rights, defense of claims, and compliance with legal requirements, we may disclose data to authorities, offices, courts, and other public bodies, e.g., in the context of official, judicial, pre-litigation, and extrajudicial proceedings, and in compliance with legal information and cooperation obligations. Authorities process data about you in their own responsibility, which they receive from us.
  • Group-internal and external service providers (e.g., IT service providers, address and shipping service providers, marketing, sales, communication, or printing service providers, strategy consultants, etc.).
  • Other third parties such as advertising contract partners, social media providers, video platform providers, as well as service providers involved in the execution or organization of events.
  • Acquirers or prospective acquirers of business areas, companies, or other parts.

These recipients may be located abroad (e.g., when transmitting personal data when using IT services, etc.). Your data may therefore be processed worldwide by states that do not all have a data protection level equivalent to Swiss law.

6. Profiling and Automated Decision-Making

We do not engage in profiling.

7. Duration of Data Processing, Storage, and Deletion of Your Personal Data

We process and store your personal data for as long as it is necessary to fulfill our contractual and legal obligations or for the purposes pursued with the processing, i.e., for the entire duration of the business relationship (from initiation, processing to termination of a contract) and beyond in accordance with legal retention and documentation obligations. It is possible that personal data may be retained for the period during which claims can be asserted against us and to the extent that we are otherwise legally obligated to do so or have legitimate business interests (e.g., for evidence and documentation purposes).

Once your personal data is no longer required for the purposes mentioned above (Section 3), it will generally be deleted or anonymized, as far as possible.

8. Data Security

We treat personal data confidentially and take appropriate technical and organizational security measures to maintain the confidentiality, integrity, and availability of your data, protect it against unauthorized or unlawful processing, and guard against the risk of loss, accidental alteration, unintended disclosure, or unauthorized access. We adhere to recognized security standards. However, it is generally impossible to completely eliminate security risks, and certain residual risks are unavoidable.

When you contact us via email, you do so at your own risk and agree that we will respond to you through the same channel using the sender’s address. If you send us emails over the Internet without encryption, they may be accessible to third parties, viewable, and manipulable, and data may be lost or intercepted and/or manipulated by third parties. Your end device is outside the security area that we control. Therefore, you are encouraged to educate yourself about necessary security precautions and take appropriate measures in this regard.

9. Your Rights

Subject to legal prerequisites and within the applicable scope, you have various rights, although these rights may be subject to certain conditions and limitations:

  • You have the right to request information from us about whether and what data we process about you.
  • You can request that we correct data if it is incorrect.
  • You have the right to object to our processing of your data and request the deletion of data if we are not obligated or authorized to continue processing it.
  • You can request the release of specific personal data from us in a commonly used electronic format or request their transfer to another data controller.
  • You can revoke your consent to the extent that our processing is based on your consent.

10. Restriction on the Offering of Products and Services

We operate exclusively for customers with a business or residence in Switzerland. We do not conduct marketing and sales activities abroad, and our services are exclusively intended for individuals with a residence and habitual residence in Switzerland.

11. Using the website

11.1 Cookies

We may use cookies. Cookies – our own cookies (first-party cookies) as well as cookies from third parties whose services we use (third-party cookies) – are data that are stored in the browser. Such stored data need not be limited to traditional cookies in text form.

Cookies can be stored in the browser temporarily as ‘session cookies’ or for a certain period of time as so-called permanent cookies. ‘Session cookies’ are automatically deleted when the browser is closed. Permanent cookies have a specific storage period. In particular, cookies make it possible to recognise a browser the next time it visits our website and thus, for example, to measure the reach of our website. Permanent cookies can also be used for online marketing, for example.

Cookies can be fully or partially deactivated and deleted at any time in the browser settings. Without cookies, our website may no longer be fully available. We actively request your express consent to the use of cookies – at least if and to the extent necessary.

For cookies that are used to measure success and reach or for advertising, a general objection (‘opt-out’) is possible for numerous services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

11.2 Server log files

We may collect the following information for each access to our website, provided that this information is transmitted by your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual subpage of our website accessed including amount of data transferred, last website accessed in the same browser window (referer or referrer).

We store such information, which may also constitute personal data, in server log files. The information is required to provide our website in a permanent, user-friendly and reliable manner and to ensure data security and thus in particular the protection of personal data – also by third parties or with the help of third parties.

11.3 Tracking pixels

We may use tracking pixels on our website. Tracking pixels are also known as web beacons. Tracking pixels – including those from third parties whose services we use – are small, usually invisible images that are automatically retrieved when you visit our website. Tracking pixels can be used to collect the same information as server log files.

12. Services of third parties

We use the services of specialised third parties in order to be able to carry out our activities and operations in a permanent, user-friendly, secure and reliable manner. Among other things, we can use such services to embed functions and content in our website. In the case of such embedding, the services used record the Internet Protocol (IP) addresses of users at least temporarily for technically compelling reasons.

For necessary security, statistical and technical purposes, third parties whose services we use may process data in connection with our activities and operations in aggregated, anonymised or pseudonymised form. This is, for example, performance or usage data in order to be able to offer the respective service. We use in particular:

  • Services from Google: Provider: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; General information on data protection: ‘Privacy and Security Principles’, Privacy Policy, ‘Google is committed to complying with applicable data protection laws’, ‘Privacy Policy for Google Products’, ‘How we use data from websites or apps on or in which our services are used’ (information from Google), ‘Types of cookies and other technologies used by Google’, ‘Personalised advertising’ (activation / deactivation / settings).

12.1 Digital infrastructure

We use the services of specialised third parties in order to be able to use the necessary digital infrastructure in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers. We use in particular:

  • METANET: Hosting; Provider: METANET AG (Switzerland); Data protection information: Privacy policy, ‘Technical and organisational measures’.
  • WordPress.com: Blog hosting and website builder; Provider: Automattic Inc (USA) / Aut O’Mattic A8C Ireland Ltd (Ireland) for users in Europe and elsewhere; Privacy Policy: Privacy Policy, Cookie Policy.

13. Reservation of right of amendment

This privacy policy is not part of a contract with you. We may amend this privacy policy at any time. The version published on this website is the current version.