INTERIM LEGAL
Privacy Policy
1. General
INTERIM LEGAL AG (hereinafter “INTERIM LEGAL”; “we”; “us”) attaches great importance to the responsible and legally compliant handling of personal data.
The Privacy Policy (hereinafter “PP”) identifies which personal data is used by INTERIM LEGAL, for what purpose it is processed or with whom it is shared if you apply for a position at INTERIM LEGAL and you are leased or placed by INTERIM LEGAL or you visit the INTERIM LEGAL website at www.interimlegal.ch/.
If you are an existing or potential client of INTERIM LEGAL, with whom INTERIM LEGAL leases employees or places candidates, this PP identifies which personal data is processed by you as a client.
For the purposes of this PP, the term “personal data” refers to all information relating to an identified or identifiable natural person.
If you submit your personal data to INTERIM LEGAL as a job seeker or job applicant, your personal data will be passed on to potential employers and companies of assignment for the purpose of leasing or placing you. After a successful placement or leasing, your personal data will be used to bill for the placement with the client or, in the case of leasing to a company of assignment, to prepare your payroll statement, to pay the statutory social security contributions, to settle any withholding taxes and to use your data for all other purposes in connection with the leasing or placement.
If you submit your personal data as a client to INTERIM LEGAL, your personal data will be used to offer placement or leasing services to you as the contact person or responsible person/manager of your company and to bill you for such services.
INTERIM LEGAL guarantees that all personal data will be treated as strictly confidential and used exclusively for the agreed purpose in accordance with number 5 or if there is another legal basis within the meaning of the applicable data protection laws. INTERIM LEGAL takes a variety of technical and organizational measures to achieve this.
2. Responsible body
The body responsible for data processing is INTERIM LEGAL AG, based in 8808, Pfäffikon. It can be contacted for data protection concerns via the address INTERIM LEGAL AG, Churerstr. 135, 8808, Pfäffikon or via the e-mail address [email protected].
3. Applicability of Swiss data protection laws and the General Data Protection Regulation – “GDPR”
This Privacy Policy is designed to meet the requirements of the EU General Data Protection Regulation 2016/679 (“GDPR“), the Swiss Data Protection Act (Datenschutzgesetz, “DSG“) and the revised Swiss Data Protection Act (revidierte Schweizer Datenschutzgesetz, “revDSG“).
However, whether and to what extent these laws are applicable depends on the individual case.
4. What types of personal data are collected?
The following personal data is usually collected if you apply for a job at INTERIM LEGAL and are successfully leased or placed by INTERIM LEGAL or if you visit the INTERIM LEGAL website.
The following categories of data are stored about applicants, for example:
- Core data (for example, name, postal address, e-mail, telephone number);
- (Work) preferences (for example, occupational field, form of employment);
- Education (training certificates), professional experience, knowledge;
- Application data (for example, certificates, references, CV, photo).
The following categories of data are stored about employees, for example:
- Core data (for example, name, postal address, e-mail, telephone number);
- (Work) preferences (for example, occupational field, form of employment), education, professional experience, knowledge;
- Education (training certificates), professional experience, knowledge;
- Application data (for example, certificates, CV, photo);
- Citizenship, details of official authorization to take up employment in Switzerland;
- Extended employee data for staff administration (working hours, vacation, accident and sickness reports, salary data, bank data, Swiss AHV number, civil status, number of children, etc.).
The following categories of data about clients are processed, for example:
- Inventory data (for example, core client data, such as name or address), contact data (for example, e-mail, telephone numbers), and other personal data that may be part of the following data, such as content data (for example, text entries, etc.), contract data, and payment data (for example, bank documents). The data subjects include our clients, interested parties along with their customers, users, website visitors, or employees, as well as third parties.
When you visit our website, website usage data is also processed, for example:
- IP address, name of the retrieved file, date and time of retrieval, amount of data transferred, notification of successful retrieval, Internet browser and requesting domain.
5. Purposes of processing and legal bases
INTERIM LEGAL processes personal data on the basis of Art. 328b of the Swiss Code of Obligations (Obligationenrecht, “OR”) and in accordance with Art. 7 (3) and Art. 18 (3) of the Swiss Employment Services Act (Arbeitsvermittlungsgesetz, “AVG”), to the extent that and as long as these are required for placement and leasing activities.
INTERIM LEGAL processes your personal data in order to enter into and process contracts with you and with business partners or companies of assignment (in the case of the GDPR: Art. 6 (1)(b) GDPR – “for the performance of a contract”),
- for the establishment and handling of an employment relationship in staff leasing for assignments in companies of assignment, an internal employment relationship at INTERIM LEGAL, or for placement in a permanent position with clients of INTERIM LEGAL;
- for the agreement of leasing or placement contracts with you as a client and to settle the fees with you;
- to identify you as our employee or client;
- to conduct the necessary correspondence with you and to answer your inquiries;
- to process your application with a view to possible employment and to carry out the application process with you and, if necessary, if you give us your express consent to do so, to obtain references and assessments from third parties;
- to assess your suitability and qualifications as a potential candidate.
Personal data is processed because we have to comply with statutory requirements (in the case of the GDPR: Art. 6 (1)(c) GDPR: “for compliance with a legal obligation”),
- to comply with relevant laws or official requirements (for example, payment of social security contributions, reporting of withholding tax, etc.);
- to comply with any statutory retention duties, for example the 10-year retention period for accounting records and the relevant supporting documents, which may also include your payroll statements (Art. 958f OR).
We process your personal data for certain purposes if you have given us your consent to do so (in the case of the GDPR: Art. 6 (1)(a) GDPR: “consent”),
- so that we may pass on data about you as a job seeker, job applicant or employee and vacancies to other business branches, if necessary also beyond national borders (Art. 19 (1)(a) and (c) of the Employment Services Regulation (Arbeitsvermittlungsverordnung, “AVV”), Art. 47 (1)(a) and (c) AVV);
- so that we can obtain assessments and references about you (Art. 19 (1)(b) AVV, Art. 47 (1)(b) AVV);
- so that we can send you newsletters or carry out background checks as our client (for example, credit checks).
We process your personal data within the scope of and based on such consent to the extent that we have no other legal basis and require one.
Consent that has been given can be revoked at any time, but this has no effect on data processing that has already taken place (see number 12).
In addition, we process personal data of you and other persons, to the extent permitted and deemed appropriate by us, also for the following purposes in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose (in the case of the GDPR: Art. 6 (1)(f) GDPR: “for the purposes of the legitimate interests pursued by the controller or by a third party”),
- to respond to requests from a court or administrative authority, to establish, exercise, or defend legal claims;
- for the prevention and investigation of criminal offenses, abuses, and other misconduct (for example, conducting internal investigations, data analyses to combat fraud);
- to offer you as a client tailored advertising or marketing measures, including the creation of personalization and profiling, unless you have objected to such use;
- to evaluate website access statistics and to continuously improve the functionality of our website and our operations, in particular IT. For further information, please refer to number 7 et seq.
6. Recipients of the personal data
Within the framework of our business activities and for the purposes set out in number 5, we also disclose data to third parties to the extent permitted and deemed appropriate, either because they process it for us or because they wish to use it for their own purposes. This relates in particular to the following entities:
- Companies of the corporate group,
- Service companies, for example banks and asset management companies,
- Administrative authorities, state institutions such as social insurance institutions, unemployment offices, unemployment and compensation funds, the Swiss National Accident Insurance Fund, and courts;mandated payroll processing companies, pension funds, and insurance companies (daily sickness benefit insurance, accident insurance);professional advisors, for example tax consultants, attorneys, auditors, authorized representatives and agents;
- Service providers, suppliers and auxiliary persons, including order processors with whom we have agreed to a contract for order processing (for example, hosting providers, IT service providers, cloud services, etc.).
7. Cookies / Tracking and other technologies in connection with the use of our webpage
7.1 Cookies
We typically use “cookies” and comparable technologies on our website, by which your browser or your device can be identified.
A cookie is a small file which is sent to your computer or is automatically saved by the web browser used on your computer or mobile device when you visit our website. When you return to the website again it enables us to recognize you, even if we do not know who you are. Along with cookies that are used only during one session and are deleted after your website visit (“session cookies”), cookies can also be used to save user settings and other information for a certain amount of time (e.g., two years) (“permanent cookies”).
You can however also set your browser to reject cookies, save them only for one session or otherwise delete them early. Most browsers are set to accept cookies by default.
We use permanent cookies so that user settings can be stored (e.g., language, auto-login), so that we can guarantee that comments on a blog are made by a person and not by software, to generate statistics on the traffic and number of visitors to the website, so that we can better understand how you use our offers and content, and so we can show you customized offers and ads (something that can also occur on other companies’ websites – they will not learn from us who you are, if we ourselves even knew it, since they will only see that a user who was on a certain page of ours is on their website). Some cookies are set by us, some by our business partners with whom we work.
If you block cookies, certain functionalities (e.g., language selection, shopping carts, the ordering process) may no longer work.
To learn more about how you can control cookie settings on your browser, read about “Private Surfing”, “Incognito”, or “InPrivate” in the browser settings for Firefox, Chrome, Microsoft Edge or Safari [and in the app settings].
Our newletters and other marketing e-mails may, where permitted, include both visible and invisible graphics which, when accessed by our servers, allow us to find out if and when you opened the e-mail. This enables us to measure and to better understand how you use our offers and to customize them for you.
You can block this in your e-mail program; most e-mail programs are already set to do this by default.
By using our website and the consenting to receive our newsletters and other marketing e-mails, you are agreeing to the use of these techniques. If you do not wish to agree, you must adjust your browser and/or e-mail settings accordingly.
7.2 Google Analytics
We sometimes use Google Analytics or similar services on our website. These are third-party services which may be located in any country in the world (in the case of Google Analytics, it is Google Ireland (headquartered in Ireland). Google Ireland uses Google LLC (headquartered in the United States) as a processor (both “Google”, www.google.com), allowing us to measure and evaluate the use of the website (not personalized). Permanent cookies set by the service providers are used for this purpose. We have configured this service so that the visitor’s IP address is truncated by Google in Europe before being sent to the United States and therefore cannot be traced back. We have switched off the settings “Data forwarding” and “Signals”. Although we can assume that the information we share with Google contains no personal data, it is possible for Google to draw conclusions for its own purposes on the identity of the visitor, create a personal profile and link this data with the Google accounts of these persons. If you have registered with the service provider, the service provider knows who you are. The service provider’s processing of your personal data then falls within the responsibility of the service provider according to its privacy policy. The service provider only shares with us how our current webpage is used (no information about you personally).
8. Information regarding the contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. They are neither analyzed in any other way nor linked to other data.
9. Information regarding the newsletter
If you register for our newsletter, we will immediately send an e-mail containing a hyperlink to the e-mail address provided. By clicking on this link, you confirm your registration for the newsletter (double opt-in procedure).
By confirming your newsletter registration, you consent to the storage of your e-mail address, last name, first name, telephone number, including the date of registration. We only use your personal data for the administration and sending of the newsletter you have requested. Each newsletter also contains a note on how you can unsubscribe from the newsletter.
In some of our newsletters and other marketing e-mails, we also incorporate visible and invisible image elements, where permitted, which we can retrieve from our servers to determine whether and when you have opened the e-mail so that we can measure and better understand how you use our offers and can tailor them to you.
You can block this in your e-mail program; most e-mail programs are set up to do this by default.
10. Calendly
Calendly is often used to set up meetings with interested parties, clients, applicants and others and is ideal for scheduling throughout the company with meeting analyses and administrative, security and IT functions for large-scale enterprises. Your own calendar is connected to Calendly, which creates planning links and booking pages based on availability. To make an appointment with you, someone can send you this Calendly link. Calendly is available as a web or mobile app. When you accept a Calendly link invitation, your personal information such as your name, e-mail address, telephone number, the e-mail addresses of other people and/or invitees, the meeting topic and all other information that the user provides or collects during scheduling in accordance with the Calendly terms and conditions or an agreement with Calendly may be shared with relevant parties. If you participate in a virtual meeting that is recorded, then your audio and visual information will be recorded as you appear in the meeting. You can deactivate recording at any time. If you want to know more about the Calendly privacy policy, click on the following link: Privacy Notice Calendly.
10.1 Association of Corporate Counsel – ACC
ACC is a global legal association that promotes the general professional and business interests of corporate attorneys working for companies, associations and other organizations through information, training, networking and advocacy. ACC offers a variety of benefits, such as events, incentives for long-term employees, discounted tickets for events, benefits for global research, online training courses, etc. If you are employed for an extended period at Interim Legal or with an ACC member client company, you can gain access to ACC to take advantage of ACC services. Your personal data may be used when using these services. If you would like to learn more about data protection, you can read ACC’s privacy policy: Privacy Policy ACC.
11. Cross-border processing
Recipients (see section 6) of personal data may be located either in-country or abroad. We hereby notify you that we may exchange personal data within our group of companies or send it abroad where service companies from which we receive services are located (e.g., software companies, IT-service providers, cloud service providers, Microsoft, Salesforce, legal advisors/attorneys, as well as authorities, government offices, or courts).
If a recipient is located in a country without adequate statutory data protection, we contractually oblige the recipient to comply with the applicable data protection law (we use the revised standard contractual clauses of the European Commission, which can be found here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?, unless the recipient is already subject to a legally recognized set of rules to ensure data protection and we cannot rely on an exemption clause.
An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interest or if the execution of a contract requires such disclosure, if you have given your consent or if the data in question has been made generally accessible by you and you have not objected to its processing.
We disclose personal information in the following countries: Switzerland, European Union, United States.
12. Profiling [and automated decision-making]
We process some of your personal data automatically with the aim of evaluating certain personal aspects (profiling). We use profiling in particular to provide you with targeted information and advice on products. In doing so, we use evaluation tools that enable us to provide needs-based communication and advertising, including market and opinion research.
As a matter of principle, we do not use fully automated decision-making (as governed in Art. 22 GDPR) for the establishment and implementation of the business relationship or otherwise. If we use such procedures in individual cases, we will inform you of this separately if this is required by law and inform you of the associated rights.
13. Recruit CRM
Recruit CRM is an applicant tracking system for professional recruiters/staff leasing companies. With the help of this application INTERIM LEGAL can better manage your application file, connect you with interesting jobs and conduct searches more efficiently.
INTERIM LEGAL uses various AI technologies of Recruit CRM. For example, submitted CVs are match with job descriptions based on algorithms (candidate-to-candidate AI matching feature). The AI technology creates a score value. This serves to rate the applicant with highest score as best suited for the job. Our recruitment team then analyzes the score to make sure that the activities listed in the CV actually and faithfully match the calculated score (right to human processing). We have weighed our business interests against the privacy risks for the applicant. You also have the right to object to AI-supported technology when you submit your application by refusing your consent for it.
At Recruit CRM all of your data will be encrypted and stored at a first-class data center managed by Amazon Web Services (AWS). The data processed by Recruit CRM will be stored by external cloud service providers on servers in the United States.
If you submit your data on the INTERIM LEGAL website under Jobs as part of a specific application, your data will be processed by Recruit CRM. Your data will be sent to Recruit CRM in the United States.
INTERIM LEGAL has taken the necessary measures for privacy compliance as well as for the privacy-compliant transmission of data to the United States.
For more information on Recruit CRM, please read the following privacy notice at www.recruitcrm.io/de/datenschutz/
14. Circleback
We may use the application Circleback during an online meeting or in-person discussion. Circleback records and transcribes both online and in-person meetings, generating action points and detailed summaries post-meeting. The recording is facilitated by artificial intelligence. Circleback will only be used after prior notice and information is provided before the meeting begins. All participants in the respective meeting must consent to the use of Circleback. Without consent, Circleback cannot be utilized.
For more information on Circleback’s data protection practices, please refer to our privacy policy on our website, as well as Circleback’s privacy policy, which can be accessed here: https://circleback.ai/privacy
15. OpenAI
INTERIM LEGAL uses OpenAI services, especially the AI-based service ChatGPT to quickly summarize applicant files. The summaries are based on the information contained in the application documentation along with interview records.
OpenAI is not used for automated job or profile matching nor does INTERIM LEGAL use this service to analyze applicant profiles or generate automated scoring values.
16. Rights of the data subject
You have the right to access, rectification, deletion, and the right to restrict data processing within the scope of the data protection law applicable to you and to the extent provided for therein (such as in the case of the GDPR). Furthermore, you have the right to object to our data processing, in particular for the purposes of direct marketing, profiling for direct advertising, and other legitimate interests in processing.You also havethe right to obtain certain personal data for the purpose of transferring it to another body (so-called “data portability”).
However, please note that we on our part reserve the right to exercise the restrictions provided for by law, for example if we are obligated to store or process certain data, have an overriding interest in doing so (to the extent that we are entitled to invoke this), or require it for the assertion of claims. If any costs arise for you, we will inform you in advance.
We have already informed you of the possibility of withdrawing your consent in number 5 above. You can do this at any time by contacting us by mail at INTERIM LEGAL AG, Churerstrasse 135, 8008, Pfäffikon or by e-mail at [email protected] and informing us of your objection.
Please note, however, that the exercise of your rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or cost consequences. We will inform you in advance if this is not already contractually governed.
As a rule, the exercise of such rights requires that you clearly prove your identity (for example, by means of a copy of your ID card, where your identity is otherwise not clear or cannot be verified). To assert your rights, you can contact us at the address given in number 2.
Every data subject also has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/de/home.html).
17. Storage period and deletion of personal data
INTERIM LEGAL processes personal data only for as long as it is still required for the purpose for which it was obtained. Accordingly, personal data will be destroyed or anonymized as soon as this is not the case or no legal, contractual, or legitimate interest-based retention period prevents the destruction or anonymization of the data.
Data regarding an employment contract that is used to prepare an employment reference is retained for ten years from the date on which the employee leaves the company (Art. 127 OR).
Further retention periods may arise from the legitimate interest of the employer or leasing/placement company, for example if documents have to be handed over to the audit authority in case of a payroll audit in order to demonstrate compliance with the provisions of the applicable collective employment contract.
The applicant data/files of potential candidates are stored for a certain period of time so that they can be used for applications for possible assignments/companies of assignment; they are then deleted.
In principle, INTERIM LEGAL stores business data and accounting documents, including, for example, your payroll statements, for ten years (Art. 958 f OR), which is why personal data can also be processed and stored in connection with this retention period.
In addition, personal data may be retained until the end of any legal disputes in which the data is required as evidence.
18. Data security
INTERIM LEGAL uses suitable technical and organizational security measures such as directives, training, IT and network security solutions, access controls and restrictions, encryption of storage media and transmissions, pseudonymization, and monitoring in order to protect your data from unauthorized access, against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized third-party access. Our security measures undergo constant technological development. Moreover, we take personal data protection into consideration as early as in the development or selection of hardware, software, and processes by adhering to the principle of “data protection through technology” and “data protection through data protection-friendly default settings”.
Irrespective of this, we would like to point out that data transmission on the Internet (for example, when communicating by e-mail) can have security gaps. Complete protection against access by third parties is not possible.
When you visit our website, we use the widespread SSL/TLS processin conjunction with the highest level of encryption supported by your browser. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the address bar of your browser.
19 Amendments
INTERIM LEGAL may amend this PP at any time. The current version published on the INTERIM LEGAL website at www.interimlegal.ch/privacy-policy/ applies.
This PP was last updated on 11/10/2024.