Privacy Policy
At GHR Rechtsanwälte AG ("GHR" or "we") we respect your privacy and take protection of personal information very seriously.
In addition to general data protection principles, the attorney's secret is applicable as far and as long as an attorney-client relationship applies (i.e. that the relationship is not of a general nature non-linked to attorney specific services). Attorneys are obliged by law to maintain independence. They concentrate unreservedly on solving their client’s problems and do not represent any interests that conflict with those of their clientele. Because of attorney confidentiality, all of their clients’ information is protected by attorney secrecy, which not only obliges attorneys to observe absolute discretion, but also gives them the right to refuse to provide information to government officials and third parties. Independence, attorney secrecy and confidentiality provide the guarantee that clients can trust unreservedly in their attorney.
This declaration serves to inform you about the collection and use of individual data of personal or factual circumstances of a specific or determinable natural person (“personal data”) when visiting our Website.
This declaration of data protection applies exclusively to our website (“Website”) (www.ghr.ch) and subdomains in the format subdomain.ghr.ch. We assume no responsibility and accept no liability for links accessible from our website to the websites of third parties. Clicking an external link is your sole responsibility.
Information on the person responsible
1.. Contact person
We are always at your disposal should you have any questions or messages concerning your personal data. You can reach us under:
GHR Rechtsanwälte AG
Tavelweg 2
Postfach
3074 Muri b. Bern
ghr@ghr.ch
Information on data processing
2.. Processing of personal data
2.1 General
When contacting us through your online form or directly by e-mail, we do not gather or process other than the following data:
a) All information supplied by you specifically during an inquiry or booking (name, address, age, gender, contact details, mandate-specific information etc.);
b) IP-address;
c) browser version and browser type used;
d) date & time of the inquiry or message;
e) operating system and provider
Cookies that we use on our website can be found at the end of this privacy policy under Title III "Information on the use of Cookies".
We do not engage in profiling on our website or otherwise in the sense of automated processing of personal data that consists of using such data to evaluate certain aspects of your personal life (e.g. to analyse or predict your job performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or change of location), and we collect or process sensitive personal data (e.g. about religious, political or philosophical views, state of health, etc.) only exceptionally and in that case limited to contractual or legal obligations.
2.2 Sensitive personal data
We do not collect or process any sensitive personal data via our website (e.g. of salary, sexual privacy, religious, political or ideological persuasion, state of health etc.).
When acting in an attorney-client relationship, it is, however, likely that we will receive or ask for sensitive personal data from you. All such information and documentation provided to us from you as a (existing or potential) client will be subject to the attorney's secret. We are sincerely concerned to protect your sensitive personal data. We will gather sensitive personal data exclusively from you directly (and in full transparency for you).
3. Using your personal data
We process your personal data on our website only in connection with an inquiry made by you, to correct an error or to improve our online presence, and possibly for internal statistical purposes.
4. Disclosure to third parties & attorney's secret
We are entitled and obliged to supply such data as service providers, who offer their services via out website, need for implementing service agreements with you. Service providers are obliged to use such data only in the same way as we do ourselves. We ensure that service providers do not use data for anything but the actual processing of a service and that they will not use such data for themselves or disclose them to third parties. For this purpose, we are granted relevant auditing and control rights.
Your data will not be disclosed to third parties via the website without your express consent. Excepted from this are our service provider partners whom we need for the execution of the agreement or mandate (e.g. Swiss Post or other couriers, telecommunication service providers, authorities for debt collection purposes, etc.), and only if
a) such third party is subject to a statutory secrecy obligations (e.g. the post and telecommunication secrecy),
b) such third party has concluded a secrecy agreement with us, or
c) we have been exempted from the attorney's secret in a specific case.
In such cases we strictly observe the requirements of applicable data protection laws. The use of service partners in countries other than Switzerland or the member states of the European Economic Area is only an option for us if the country in question either has an equivalent level of data protection according to the Federal Council's list of countries, or we can contractually ensure the equivalence of the level of protection (e.g. through contracts or the conclusion of so-called standard contractual clauses).
5. Communication, information and updates
Communication for marketing purposes: We may eventually send you marketing information in relation to our Website, services and products by various communication means. You can deregister from such advertising content reception by following the instructions provided in the respective communications. Alternatively, you may also send us your deregistration for advertising content reception by e-mail at ghr@ghr.ch.
Communication for information and other purposes: We will provide you with information needed by all clients and customers, communications with important information as well as communications upon your request. You cannot deregister from such communication. However, you may eventually modify the media and format on how you receive such information.
For the distribution of newsletters, we use the WebTool-Newsletter application, as developed and maintained by Weserve AG, Liebefeld, Switzerland. This tools allows us to analyse a newsletter's use as well as redirections to our website (so-called Heatmaps). E.g. we can see how far users scroll, which links they click on, and how often. Furthermore it is possible to get feedback from users directly via the tool, which provides us with valuable information on how to design our newsletters more user-friendly.
6. Company pages on social media
6.1 Used media
We operate a company page or company profile on the following social media platforms, on which we publish information and interact with other platform users:
LinkedIn: The operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
6.2 Data processing on company websites
We process personal data in accordance with the principles of this privacy policy. Personal data may be processed if you interact with us via our company pages on the corresponding social media platform.
When you visit a company page, the respective operator of the platform collects information that enables it to recognize users and to comprehensively analyze user behavior. Based on the data collected in this way, the operator of the platform can also create user profiles. If you are logged in with your corresponding user account when visiting a company page, the respective provider can also assign this visit to your account. The respective provider only provides us with an anonymized statistical evaluation of the use of our company page based on the information obtained.
In principle, you can assert your rights under data protection law with regard to data processing by our company pages both against us and against the respective operator of a platform. However, we would like to point out that these can be asserted most effectively with the respective operator, as only this operator has access to the users` data and can take appropriate measures and provide information directly.
Further information on data processing, including the place of processing, by the respective operator can be found at:
LinkedIn: https://www.linkedin.com/legal/privacy-policy
7. Transmission of personal data
Unless expressly agreed otherwise, electronic communication shall take place via non-encrypted E-mails. The use of E-mails is not technically secure; it may happen that e-mails are not delivered. When E-Mails are transmitted, they may leave national borders, even if the sender and recipient are in Switzerland. The confidentiality of E-mails cannot be guaranteed if encryption is missing or insufficient.
Even when using forms available on our website, only the transmission of your message from your computer to the web server is encrypted.
By using the forms or sending an E-mail, you consent to communication via E-mail with knowledge of the risks described. The use of encrypted or otherwise secured communication channels must be agreed with us in advance.
8. Storage of your personal data
8.1 Server locations
Our website is hosted by DV Bern AG.
Your personal data collected in the course of activities on the website are hosted on the servers of DV Bern AG in Switzerland. The servers are shielded as well as possible against unauthorized third-party access. Backups are made regularly to prevent data loss as far as possible.
As far as your personal data is concerned, which we collect directly, it is stored on the servers of a cloud provider with a good reputation and located in Switzerland. The servers are protected as well as possible against unauthorized access by third parties. Backups are made regularly to prevent data loss as far as possible.
8.2 Retention period
We only retain your data as long as is legally necessary or in accordance with the purpose of the processing. In the case of analyses, we store your data until the analysis is completed. If we store data on the basis of a contractual relationship with you, this data will be stored at least as long as the contractual relationship exists and at the longest for as long as limitation periods for possible claims by us run or legal or contractual retention obligations exist. As a rule, the retention period does not exceed 10 years (calculated from the end of the contractual or factual relationship with you).
Information on the use of cookies
9. Cookies
9.1 General information about cookies
Cookies are small text files or pieces of information that are stored on your computer or mobile device (such as a smartphone or tablet) when you use our services. A cookie usually contains the name of the website/app it came from, the duration of the cookie (i.e. how long the cookie will remain on your device), and a value, which is usually a randomly generated unique number.
We use cookies to make our services more user-friendly and to tailor our services and products to your interests and needs. Cookies are able to do this because our services can read these files. This enables our services to recognize you and remember important information that makes your use of our services more user-friendly (e.g.) by remembering preference settings). Cookies may also be used to help speed up your future activities and user experience with our Services. We also use cookies to compile anonymous, aggregated statistics that allow us to understand how users use our services and help us improve the structure and content of our digital media.
The maximum retention time of cookies after their initial placement on the user terminal is as required by applicable law.
9.2 Types of cookies
The types of cookies we use are session cookies, resident cookies, first party cookies and third party cookies.
Resident cookies are used to store your login information and remember your settings for future logins to our services. A resident cookie is a cookie that is stored as a file on your computer and remains there when you close your web browser. The cookie can be read by the services that created it when you visit those services again.
Session ID cookies are used to enale certain features on our Services, to better understand how you interact with our Services, and to monitor aggregate user data and web traffic routing. Unlike resident cookies, session cookies are removed from your computer when you close your browser. Typically, session ID cookies store an anonymous session identifier on your computer that allows you to use a service without having to log in each time you click.
First party cookies are our own cookies that we use to improve your user experience. They are linked to a user`s personal information. Third parties do not have access to the information we collect through our own cookies.
Third party cookies are cookies place on our services by third party companies to provide services, including advertising cookies. Third party companies place third pary cookies on your device on our behalf when you visit our Services to enable those third party companies to perform the services they procide. In addition to what is set our in this Privacy Policy, you can find more information about these third party cookies in the privacy policies of those third party companies.
Below is a list of the different types of cookies we use in our Services.
9.3 Essential cookies
Essential Cookies are cookies that are strictly necessary for our services to work and for us to use their features. Without such essential cookies, our Services would not operate as smoothly as you would like and we may not be able to provide the Website or certain services of features that request.
We also use technical cookies that allow our services to remember choices you have made (such as your username, language or the region you are in) for customization and personalization purposes. These cookies do not collect information about you that is used for advertising purposes, nor do they remember which websites you have visited.
The following first party cookies are set by us (all resident cookies):
Device Identifier-Cookie: We install cookies on your computer that recognize you and tell the website or service that you are logged in.
User Local Cookie: We install cookies that are used to remember certain local choices you have made, such as language selection.
Privacy Visibility Cookies: We install cookies on your computer that indicate whether you have been informed by a banner message displayed about the use of cookies and the handling and your rights in relation to your data, and then whether you have given your consent to the use of cookies so that the banner does not reappear each time you visit a page.
These cookies are necessary for the operation of your services and therefore you cannot object to the use of these cookies.
9.4 Functional cookies
Functional cookies are cookies that enable the use of certain features in our Services that may be useful to you, but are not strictly necessary for our Services to work and for you to use their features. You can refuse the installation of these cookies by making the appropriate settings in your browser, but this may result in you not being able to use certain functions of our services or only being able to use them to a limited extent.
Google reCAPTCHA (Session Third Party-Cookie)
The purpose of reCAPTCHA is to check whether data entry on our websites (e.g. in a contact form) is made by a human being or by an automated program. This is how we curb abusive website requests from automated tools and spam, among other things. For this purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google
The reCAPTCHA analyses run entirely in the background. Website visitors are not made aware that an analysis is taking place. By blocking the reCAPTCHA, it is possible that you can no longer fully use the services of our website, especially with regard to forms.
9.5 Analytical cookies and cookies for marketing, profiling and retargeting
Control of Google tools via the Tag Manager
The Google Tag Manager is used on our website. The Google Tag Manager is a cookie-less domain that does not collect any personal data. The Google Tag Manager triggers other tags, which in turn may collect data. We would like to point this out separately. The Google Tag Manager does not access this data. If a deactivation has been made by the user at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.
Google Analytics (resident Third Party-Cookies)
The google Analytics service is used to analyse the usage behavior of our website. Our legitimate interest lies in the analysis, optimization and economic operation of our website.
Usage and user-related information that is collected includes, for example, IP address, location, time or frequency of visits to our website. We have resorted to IP anonymisation for the use of Google tools. With this addition, the last digits of your IP address are shortened before they are definitively stored on the Google servers. As a result, the technical and analytical Google services can still be used reasonably, but you are no longer fully traceable and thus have a higher degree of anonymity with regard to your surfing behaviour than without IP anonymisation.
We also use the remarketing function as part of the range of uses of Google Analytics. This allows us to play personalised advertising to you on suitable advertising spaces on other websites based on what interests you have shown on our website. This option is limited to a maximum of 18 months. Retargeting allows us to serve ads that are as relevant to you as possible and to measure the effectiveness and reach of the ads, but also to review our advertising partners' billings for campaigns served.
The data collected in this way is in turn used by Google to provide us with an evaluation of visits to our website and of the usage activities there. This data may also be used to provide other services related to the use of our website and the use of the internet.
Google states that it will not associate your IP address with any other data. Google also provides further information on data protection law at https://www.google.com/intl/de/policies/privacy/partners, including information on how to prevent the use of data.
In addition, Google offers a so-called deactivation add-on at https://tools.google.com/dlpage/gaoptout?hl=de, along with further information on this. This add-on can be installed with the most common internet browsers and offers you further control over the data that Google collects when you visit our website. The add-on tells tha JavaScript (ga.js) of Google Analytics that information about your visit to our website should not be transmitted to Google Analytics. However, this does not prevent information form being transmitted to us or to other web analytics services. Of course, you can also find out whether and which other web analytics services we use in this privacy policy.
Alternatively, the future analysis of your site visit by Google Analytics can be deactivated by clicking on the following link. By clicking on the link, a so-called "opt-out cookie" will be set, with the result that the analysis of your page visit to our site will be prevented in the future:
<a onclick="alert('Google Analytics has been disabled');" href="javascript:gaOptout()">Disable Google Analytics</a>.
Please note that if you delete the cookies in your browser settings, this may result in the opt-out cookie also being deleted and you may have to reactivate it.
Google will not associate your IP address with any other data held by Google. You can prevent the installation of cookies. To do so, you must select "do not accept cookies" in your browser settings. Please note that in this case you may not be able to use all the functions of these web pages to their full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
As further protection of your personal data, Google Analytics is generally deactivated on our contact page. This is intended in particular to exclude tracking that could allow conclusions to be drawn that you have contacted us via our website.
Hotjar
We use the Hotjar web analytics service provided by Hotjar Ltd ("Hotjar") for our website. Hotjar is an European company based in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta). This tool allows us to track movements on our website (so-called heat maps). For example, it is possible to see how far users scroll and which buttons users click on and how often. Furthermore, with the help of the tool it is also possible to obtain feedback directly from the users of the website. In this way, we obtain valuable information to make our website even faster and more customer-friendly.
When using this tool, we pay particular attention to the protection of your personal data. For example, we can only track which buttons are clicked, mouse history, how far scrolled, device screen size, device type and browser information, location (country only) and preferred language to display our website.
Hotjar offers each user the option to prevent the use of the tool by means of a "Do Not Track-headers", so that no data is recorded about the visit to the respective website. Detailed instructions with information about your browser can be found at https://www.hotjar.com/opt-out.
Matomo (resident third party cookies)
We use the web analysis tool "Matomo" to design our websites in line with demand. Matomo creates user profiles on the basis of pseudonyms. For this purpose, permanent cookies are stored on your terminal device and read by us. In this way, we are able to recognise and count returning visitors. We also use the Heatmap & Session Recording modules. Matomo's heatmap service shows us the areas of our website where the mouse is most frequently moved or clicked. The session recording service records individual user sessions. We can replay recorded sessions and thus analyse the use of our website. Data entered in forms is not recorded and is not visible at any time.
Further information on Matomo's terms of use and data protection regulations can be found at: https://matomo.org/privacy/
Your rights
10. Information, correction, transfer
You have the right to receive free information about your stored data and the right to correction at any time. Please contact us for this purpose. You will find our contact details under clause 1 of this data protection declaration.
You also have the right to request the transfer of your electronically stored personal data to another data controller free of charge. Please note, however, that we cannot adapt your data to any special format requirements of another controller and cannot under any circumstances transfer your business history or passwords.
11. Revocation and cancellation
You can revoke your consent to this privacy policy at any time and request the deletion of your personal data. Please contact us for this purpose. You will find our contact details under point 2 of this data protection declaration.
Please note, however, that we are required by law, commercial law and tax law to retain accounting records for at least 10 financial years. We can therefore neither delete nor process the personal data contained in these documents. To this extent, your deletion request therefore only applies to future processing and only to personal data which we do not process on the basis of a legal justification, but exclusively on the basis of your consent.
If services are still outstanding at the time of receipt of your revocation and deletion request, your personal data will continue to be processed until the complete termination of the business relationship. Your revocation under data protection law expressly has no influence on the processing of existing contractual relationships and is not considered as an extraordinary reason for termination.
12. Complaint to a supervisory authority
When the revised FADP comes into force (expected on 1. September 2023), you will have the right to lodge a complaint with the competent supervisory authority at the registered office of the controller if you believe that we have violated a provision of the FADP.
The Federal Data Protection and Information Commissioner (www.edoeb.admin.ch) is responsible for complaints from data subjects.
Latest Update: July 2023