Privacy Policy

1. Introduction

In this Privacy Policy, we explain how Blue Collar Investments AG (hereinafter collectively “we” or “us”) collects and processes personal data. Personal data means all information relating to an identified or identifiable person.

This description is not exhaustive; other privacy policies or general terms and conditions, terms of participation and similar documents may govern further specific matters relevant to data protection. Personal data means all information relating to an identified or identifiable person.

If you provide us with personal data of other persons (e.g. family members, data of work colleagues, etc.), please ensure that these persons are aware of this Privacy Policy and provide us with their personal data only if you are permitted to do so and if the relevant personal data is accurate.

2. Responsibility

We are ourselves responsible for the data processing described here, unless otherwise stated in individual cases. If you have any data protection concerns, you may notify us at the following contact address.

Blue Collar Investments AG
Grindelstrasse 6
CH-8304 Wallisellen
info@bluecollar.ch
Management: Kevin D’Armento

3. Processing purposes

We process personal data that we receive directly from prospective clients or third parties in order to contact them and promote our services.

We also process your personal data in order to offer you holistic advice. In this context, we use your data to submit appropriate product proposals to you and to intermediate contracts of our partner companies, in particular in the areas of private and occupational pension provision, asset protection, health provision, real estate financing and investment business, as well as in connection with other services for our clients.

We use personal data to conclude and perform our contracts with our clients and business partners.

Data processing may be necessary in order to comply with our statutory / regulatory obligations in Switzerland and abroad.

In addition, we process personal data relating to you and other persons, to the extent permitted and where we consider it appropriate, also for the following purposes in which we have a corresponding legitimate interest:

  • offering and further developing our offerings and services;
  • communicating with third parties and processing their enquiries (e.g. media enquiries);
  • reviewing and optimising procedures for needs analysis for the purpose of direct client contact;
  • appropriateness assessments in the context of investment advice and, where applicable, background checks (KYC), in each case in order to fulfil our regulatory requirements;
  • advertising and marketing (including the organisation of events), unless you have objected to the use of your data (if we send you advertising as an existing client of ours, you may object to this at any time, in which case we will place you on a blocking list against further advertising mailings);
  • market and opinion research, media monitoring;
  • asserting legal claims and defending ourselves in connection with legal disputes and official proceedings;
  • preventing and investigating criminal offences and other misconduct (e.g. conducting internal investigations, data analyses to combat fraud);
  • processing complaint cases;
  • ensuring our operations, in particular IT, our websites, apps and other platforms;
  • measures for IT, building and facility security and the protection of our employees and other persons and assets belonging to us or entrusted to us (such as access controls, visitor lists, network and mail scanners, telephone recordings);
  • the purchase and sale of business divisions, companies or parts of companies and other corporate transactions and, in connection therewith, the transfer of personal data as well as measures for business management and to the extent necessary to comply with statutory and regulatory obligations and internal rules.

4. Personal data that we process about you

In accordance with data protection law, we process the following personal data about you:

  • personal data and contact information (e.g. first name and surname, gender, date of birth, address, telephone number or e-mail address, marital status);
  • data from applications, including the related supplementary questionnaires (such as information provided by the applicant regarding the insured risk, answers to questions);
  • data from contracts (such as contract term, type of insurance and cover, insured risks and benefits, data from existing contracts);
  • data for the conduct of advisory services (e.g. advisory or meeting minutes);
  • tax and pension data (e.g. information on income and assets as well as pension assets, including information on religious denomination in the context of advisory services);
  • financial data (e.g. information on assets and their origin, scoring and creditworthiness data in the context of financial services);
  • transaction data (e.g. information on payment transactions in the context of financial services);
  • data in connection with legal disputes;
  • debt collection data (such as date and amount of premium receipts, arrears, reminders, credit balances, payment connection data, entry and exit date);
  • data in connection with claims or benefit processing (e.g. claims notifications, clarification reports in the context of insurance services);
  • data in connection with the processing of pension or benefit cases (e.g. notification of the occurrence of the pension event, clarification reports in the context of pension services);
  • health data (e.g. state of health, illnesses and injuries in the context of insurance and pension services);
  • to the extent permitted, we also obtain data from publicly accessible sources (e.g. debt enforcement registers, land registers, commercial registers).

5. Data recipients

We may disclose data pursuant to section 3 in particular to the following categories of recipients, to the extent this is required in each case for the purposes pursuant to section 4:

  • Partner companies and selected contracting partners: In order to provide our services, we disclose your data to our partner companies and contracting partners selected by you (such as insurers, banks, investment companies, health insurers, pension funds) for processing there;
  • Authorities and offices: In connection with the exercise of rights, the defence against claims and the fulfilment of legal requirements, we may disclose data to authorities, offices, courts and other public bodies, e.g. in the context of official, judicial and pre-judicial and out-of-court proceedings and in the context of statutory information and cooperation obligations. The authorities process data about you that they receive from us under their own responsibility;
  • intra-group and external service providers (e.g. IT service providers, address and mailing service providers, marketing, sales, communication or printing service providers, strategy consultants, etc.);
  • other third parties such as advertising contracting partners, social media providers, video platform providers and service providers involved in the implementation or organisation of events;
  • acquirers or parties interested in acquiring business divisions, companies or other parts.

These recipients may be located abroad (e.g. when personal data is transferred in connection with the use of IT services, etc.). Your data may therefore be processed worldwide by countries which do not all have a level of data protection corresponding to Swiss law.

If a recipient is located in a country without adequate statutory data protection, we contractually oblige the recipient to comply with the applicable data protection requirements (for this purpose we use the revised Standard Contractual Clauses of the European Commission, which are available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj), unless the recipient is already subject to a legally recognised framework for ensuring data protection and we cannot rely on an exemption provision. An exemption may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or where contract performance requires such disclosure, where you have consented to the transfer or where the data concerned has been made generally accessible by you and you have not objected to its processing.

6. Profiling and automated decision-making

We do not carry out profiling.

7. Duration of processing, retention and deletion of your personal data

We process and store your personal data for as long as is necessary for the fulfilment of our contractual and statutory obligations or otherwise for the purposes pursued by the processing, i.e. for example for the duration of the entire business relationship (from initiation, processing through to termination of a contract) and beyond that in accordance with statutory retention and documentation obligations. It is possible that personal data may be retained for the period during which claims may be asserted against us and to the extent that we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes).

As soon as your personal data is no longer required for the above-mentioned purposes (section 3), it will generally and where possible be deleted or anonymised.

8. Data security

We treat personal data confidentially and take appropriate technical and organisational security measures to safeguard the confidentiality, integrity and availability of your data, to protect it against unauthorised or unlawful processing and to counter the risk of loss, accidental alteration, unwanted disclosure or unauthorised access. We are guided by recognised security standards. However, security risks can generally not be entirely excluded; certain residual risks are unavoidable.

If you contact us by e-mail, you do so at your own risk and agree that we may reply to you via the same channel to the sender address. If you send us unencrypted e-mails via the internet, these may be accessible, viewable and manipulable by third parties, and data may be lost or intercepted and/or manipulated by third parties. Your end device is outside the security area controllable by us. You are therefore requested to inform yourself about the required security precautions and to take appropriate measures in this regard.

9. Your rights

Subject to the statutory requirements and within the corresponding framework, you have various rights, which may, however, be subject to certain requirements and restrictions:

  • to request information from us as to whether and which data we process about you;
  • to have us correct data if it is inaccurate;
  • to object to our processing and request the deletion of data if we are not obliged or entitled to continue processing it;
  • to request from us the release of certain personal data in a commonly used electronic format or its transfer to another controller;
  • to withdraw consent, insofar as our processing is based on your consent.

10. Restriction of the offering of products and services

We are actively engaged exclusively with clients whose company domicile or place of residence is in Switzerland. No marketing and sales activities take place abroad and our services are intended exclusively for persons with residence and habitual abode in Switzerland.

11. Use of the website

11.1 Cookies

We may use cookies. Cookies – both our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies) – are data that are stored in the browser. Such stored data does not have to be limited to traditional cookies in text form.

Cookies may be stored temporarily in the browser as “session cookies” or for a certain period as so-called permanent cookies. “Session cookies” are automatically deleted when the browser is closed. Permanent cookies have a specific retention period. Cookies make it possible in particular to recognise a browser when it next visits our website and thereby, for example, to measure the reach of our website. Permanent cookies may, however, also be used for online marketing, for example.

Cookies can be fully or partially deactivated and deleted at any time in the browser settings. Without cookies, our website may no longer be available in its full scope. We request – at least where and to the extent required – active express consent to the use of cookies.

For cookies used for performance and reach measurement or for advertising, a general objection (“opt-out”) is possible for numerous services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

11.2 Server log files

For each access to our website, we may collect the following information, insofar as it is transmitted by your browser to our server infrastructure or can be determined by our web server: date and time including time zone, internet protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual subpage of our website accessed including the amount of data transferred, and the website last accessed in the same browser window (referer or referrer).

We store such information, which may also constitute personal data, in server log files. The information is necessary in order to provide our website permanently, in a user-friendly and reliable manner, and to ensure data security and thereby in particular the protection of personal data – also through third parties or with the assistance of third parties.

11.3 Tracking pixels

We may use tracking pixels on our website. Tracking pixels are also referred to as web beacons. Tracking pixels – including those of third parties whose services we use – are small images, usually not visible, which are automatically retrieved when our website is visited. Tracking pixels can collect the same information as server log files.

12. Third-party services

We use services from specialised third parties in order to carry out our activities and operations on a permanent, user-friendly, secure and reliable basis. With such services, we can, among other things, embed functions and content into our website. In the case of such embedding, the services used collect, for technically mandatory reasons, at least temporarily, the internet protocol (IP) addresses of users.

For necessary security-related, statistical and technical purposes, third parties whose services we use may process data in connection with our activities and operations in aggregated, anonymised or pseudonymised form. This may include, for example, performance or usage data in order to be able to provide the respective service. We may disclose data pursuant to section 4 in particular to the following categories of recipients, to the extent this is required in each case for the purposes pursuant to section 3:

  • companies of the Weyrauch Investment Group;
  • Authorities and offices: In connection with the exercise of rights, the defence against claims and the fulfilment of legal requirements, we may disclose online data to authorities, offices, courts and other public bodies, e.g. in the context of official, judicial and pre-judicial and out-of-court proceedings and in the context of statutory information and cooperation obligations. The authorities process data about you that they receive from us under their own responsibility.
  • intra-group and external service providers (e.g. IT service providers, address and mailing service providers, marketing, sales, communication or printing service providers, etc.);
  • other third parties such as advertising contracting partners, social media providers, video platform providers and service providers involved in the implementation or organisation of events.

In particular, we use:

  • Google services: The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, Ireland. Google’s Privacy Policy is available at https://policies.google.com/privacy?hl=de
  • Use of interactive content and lead capture tools: On our website or in embedded online tools, we use the “Outgrow” system (www.outgrow.co). Cookies and tracking technologies may be used for user analysis and lead capture. Data collected includes, for example, IP address, device type, browser information and location data (city, country), where technically possible. The use of these contents takes place only with your express consent or on a statutory legal basis. Data transfers to third-party providers or to third countries take place only where there is an existing legal basis and an adequate level of data protection. You have the right to withdraw your consent at any time and to request information, rectification or deletion of your data. Outgrow’s Privacy Policy is available at https://outgrow.co/privacy-policy/
  • Newsletter / e-mail marketing via MailChimp: We use the service provider MailChimp of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA (hereinafter referred to as: MailChimp) to send our newsletters. MailChimp is a provider of e-mail marketing and enables us to communicate directly with potential clients via e-mail newsletters. If you register for the newsletter, the data you enter when registering for the newsletter is transferred to MailChimp and stored there. As a result, further personal data may be stored and analysed, above all the user’s activity (in particular which pages have been visited and which elements have been clicked) and device and browser information (in particular the IP address and the operating system).
  • Your data is also stored by MailChimp for this purpose. Your data is not passed on to third parties for receipt of the newsletter and MailChimp also does not acquire any right to pass on your data. After registration, MailChimp sends you an e-mail to confirm your registration. In addition, MailChimp offers various analysis options regarding how the newsletters sent are opened and used, e.g. to how many users an e-mail was sent, whether e-mails were rejected and whether users unsubscribed from the list after receiving an e-mail.
  • Further information on the processing of data by MailChimp can be found here: https://mailchimp.com/legal/privacy/
  • Client and prospect management: In the area of client and prospect management, we use a CRM system (software: AMTANGEE and DELIGHT). Personal data (e.g. names, contact details, correspondence history, business function) is processed and stored in this context. Processing takes place for the purpose of carrying out our client support, maintaining business relationships, analysing sales and service processes and — where applicable — preparing offers and individualised marketing measures. Your data is processed in this system only by authorised employees within our company in accordance with the existing internal access and security rules. If data is processed via service providers or via a cloud solution, a contract for commissioned processing or an adequate contractual arrangement is in place. You have — to the extent provided by law — the right to information, rectification, deletion or restriction of the processing of your data (Art. 23 et seq. FADP). To the extent that your data is analysed automatically (e.g. for marketing or segmentation purposes), you have the right to object.

12.1 Digital infrastructure

We use services from specialised third parties in order to make use of the digital infrastructure required in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers. In particular, we use:

  • Hostpoint: Hosting; provider: Hostpoint AG (Switzerland); information on data protection: Privacy Policy.
  • METANET: Hosting; provider: METANET AG (Switzerland); information on data protection: Privacy Policy.
  • Microsoft Azure: Storage space and other infrastructure; provider: Microsoft; Microsoft Azure-specific information: “Privacy in Azure”.
  • Swizzonic: Hosting; provider: Swizzonic AG (Switzerland); information on data protection: “Legal Information and Data Protection”, Privacy Policy.
  • WordPress.com: Blog hosting and website builder; providers: Automattic Inc. (USA) / Aut O’Mattic A8C Ireland Ltd. (Ireland) for users including those in Europe; information on data protection: Privacy Policy, Cookie Policy.

13. Reservation of changes

This Privacy Policy does not form part of a contract with you. We may amend this Privacy Policy at any time. The version published on this website is the current version.