Menu
Language
DE EN FR
burckhardtpartner

Privacy policy

General privacy policy of Burckhardt+Partner AG and Burckhardt+Partner GmbH
We are delighted that you are interested in our services. Protecting your privacy is very important to us. Below you will find details about how we process your personal data. This is not an exhaustive description; other privacy policies may govern specific circumstances. Hereinafter, all companies, together and individually, will be referred to as “Burckhardt+Partner”.

The websites of Burckhardt+Partner are subject to the Swiss Federal Act on Data Protection (FADP) and, where applicable, the EU’s General Data Protection Regulation (GDPR). The relevant legal bases will be referred to if and to the extent that the provisions of the GDPR can be applied. Burckhardt+Partner AG is responsible for our website (contact details further below, section 9).

In order to provide you with as clear an overview as possible, this privacy policy is divided into two parts: The first part contains only the main points (sections 1-9), followed by detailed information in the second part (sections 10-15).

The main points

(1) General purposes of processing personal data
In order to display and improve the contents of our website and also ensure data security at the same time, it may be the case that we collect personal data from you. The same applies to the analysis of website use.

Depending on the chosen communication channel, we may also process personal data for the purposes of:

  • making contact
  • providing our services
  • another specified use

(2) Types of personal data
We process the following types of personal data as standard:

  • Basic data (e.g. names and addresses)
  • Contact details (e.g. e-mail and telephone numbers)
  • Content data (e.g. text input)
  • User data (e.g. visited websites, access times, click behaviour)
  • Contract data (e.g. payment dates)
  • Meta-/communications data (e.g. IP addresses, device information)

(3) Legal basis of data processing
We regularly use the following as a legal basis for the processing of your personal data:

  • Your consent which you can withdraw at any time (Art. 6 (1a) GDPR)
  • The conclusion or fulfilment of a contract with you or your request for this in advance (Art. 6 (1b) GDPR)
  • A balancing of the interests which you may object to under certain circumstances (Art. 6 (1f) GDPR)
  • A legal obligation that can also arise as part of a balancing of interests (Art. 6 (1c) GDPR)

(4) Categories of recipients of personal data
We ensure compliance with legal provisions in the event that personal data is processed by external processors. As a basic principle, data is only disclosed to other third parties if this is necessary to carry out the contract with you, the disclosure is permitted based on a balancing of interests, we are legally obliged to disclose this data or you have given your consent in this respect. However, we will never sell your data on.

Regular recipients of personal data from us include various internal or external IT service providers (such as web hosting providers or application software providers.

(5) Retention period
We process your personal data for as long as this is necessary for the fulfilment of our contractual and legal obligations or otherwise necessary for lawful purposes, i.e. for the duration of the entire business relationship (from its initiation and execution through to its termination) and beyond in accordance with statutory retention and documentation obligations, for example. It may also be that your personal data is stored for the period in which claims may be asserted against us (i.e. in particular during the statutory limitation period) and insofar as we are otherwise legally obliged to do so or this is required for legitimate business interests (e.g. for the purposes of providing evidence and documentation). As soon as your personal data is no longer required for the above purposes, it is generally erased or anonymised as far as possible. As a basic principle, shorter retention periods of twelve months or less shall apply to operational data (e.g. system protocols, logs).

(6) Data security
We take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or unauthorised third-party access. Our security measures are constantly improved in line with technological developments.

(7) Rights of data subjects
Depending on the applicable data protection provisions, you may have the right to:

  • request information on your personal data processed by us. In particular, you may request information on the purposes of processing, the category of personal data, the category of recipients to whom your data has been or will be disclosed, the planned retention period, the existence of the right to rectification, erasure, restriction of processing or objection, the existence of automated decision-making, including profiling and, where appropriate, meaningful information about the details involved (Art. 15 GDPR);
  • request the rectification of inaccurate or incomplete personal data stored by us concerning you (Art. 16 GDPR);
  • request the erasure of your personal data stored by us, insofar as the processing of this data is not required to exercise the right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims (Art. 17 GDPR);
  • request the restriction of the processing of your personal data where the accuracy of the data is contested by you, the processing is unlawful but you oppose its erasure and we no longer need the data, but you require the data for the establishment, exercise or defence of legal claims or you have objected to the processing pursuant to Art. 21 GDPR (Art. 18 GDPR);
  • receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format or request its transmission to another controller (Art. 20 GDPR);
  • withdraw your consent at any time. This means that we may longer carry out data processing based on this consent in future (Art. 7 (3) GDPR) and - have the right to lodge a complaint with a supervisory authority. As a rule, within the European Economic Area, you may contact the supervisory authority of your usual place of residence or work or of our company headquarters (Art. 77 GDPR).

Provided that and insofar as Swiss data protection law is applicable, you have a right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner.

In Germany, the responsible supervisory authority is determined by the state of your place of residence, your work or of the alleged infringement.

A list of the supervisory authorities in Germany with their addresses can be found at: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

(8) Objections and withdrawals
Insofar as your personal data is processed on the basis of legitimate interests in accordance with Art. 6 (1)(f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR provided that there are grounds relating to your particular situation or the objection is made against direct marketing.

If you would like to exercise your right to withdraw or object, please send an e-mail to basel@burckhardtpartner.ch.

(9) Contact details
The contact details of Burckhardt+Partner are as follows:

Switzerland
Burckhardt+Partner AG
Dornacherstrasse 210
4002 Basel
e-mail-adress: basel@burckhardtpartner.ch 
telephone: +41 61 338 34 34.

In accordance with Art. 44-50 GDPR, Switzerland is a third country that the EU Commission has deemed as having an adequate level of protection.

Germany
Burckhardt+Partner GmbH
Hebelstraße 1
79639 Grenzach-Wyhlen
e-mail-adresse: grenzach@burckhardtpartner.de 
telephone: +49 7624 908 88-0

Burckhardt+Partner GmbH
Branch Office
Kaiserin-Augusta-Allee 14
10553 Berlin
e-mail-adresse: berlin@burckhardtpartner.de
telephone: +49 30 210 21 99-0

You can contact our data protection officer at: bp.dpo@infosec.ch

The EU representativefor Burckhardt+Partner AG is the Burckhardt + Partner GmbH branch office (contact details the same as above). In the communication, please state the subject “Data protection Switzerland” when you are referring to Switzerland.

Detailed information
(10) Data collection and use and recording access data in server log files
Specific personal information concerning you is not required to visit our website. When you visit our website, the browser you use on your device automatically sends information to our website's server of the hosting provider jWeiland in Germany. This information is temporarily stored in a server log file. Information such as IP addresses, the names of the files retrieved, the date and time of the retrieval, the transferred data quantity and the provider are recorded without action on your part and stored until their automatic deletion. The aforementioned data is processed for the purposes of guaranteeing a smooth connection to the website, ensuring convenient use of our website, evaluating the stability and security of the system and for other administrative purposes. The legal basis for data processing is Art. 6 (1)(f) GDPR. Our legitimate interest arises from the aforementioned data collection purposes. They do not allow us or third parties to identify you.

(11) Data collection and use of application data
(11.1) We collect and process the following personal application data from you:

  • Surname, first name
  • Adress
  • Telephone number
  • E-mail
  • Application documents such as letter of application, CV, references, certificates

(11.2) Your personal application data is collected and processed exclusively in relation to the purpose of conducting an application procedure and then, as appropriate, to establish, implement or terminate an employment relationship within Burckhardt+Partner within the meaning of Art. 6 (1)(b) GDPR, insofar as we are required to carry out data processing as part of legal proceedings (in Germany, section 26 of the German Federal Data Protection Act (BDSG) also applies). Insofar as particular categories of personal data (e.g. ethnic origin, religion or health data) are shared voluntarily, these are also processed in accordance with Art. 9 (2)(b) GDPR. As a basic principle, your data is only passed on to the internal offices and specialist departments of Burckhardt+Partner responsible for the specific application procedure. Your application data will not be further used or passed on to third parties.

(11.3) Data transferred via e-mail is not generally encrypted and applicants must be responsible for the encryption themselves. Burckhardt+Partner assumes no responsibility for the transmission channel of the application from the time it is sent to the time it is received by our server. You have the option of sending us your application by post without disadvantage.

(11.4) As a basic principle, your personal application data will be automatically erased three months after conclusion of the application procedure. This does not apply insofar as legal provisions exclude erasure, continued storage is required for the purposes of providing evidence or you have expressly agreed to a longer retention period.

(12) Use of cookies
(12.1) We use cookies in order to ensure that the website operated at www.burckhardtpartner.com runs smoothly and easily for the user. A cookie is a small text file which a web server – e.g. the web server of www.burckhardtpartner.com – sends to the browser of the user to allow the user to be recognised the next time (e.g. to retrieve the relevant settings of the user when they next visit the website or to save the user having to input data several times when switching between functions that require a password).

(12.2) The use of cookies firstly helps to make using our offering more pleasant for you. For example, we use session cookies to detect if you have already visited individual pages on our website. These are automatically deleted when you exit our website.

(12.3) We also use cookies to record statistics on and assess the use of our website with a view to optimising our offering for you. If you visit our website again, these cookies enable us to detect that you have already visited it before. These cookies are deleted automatically after a set period.

(12.4) The data processed by cookies is necessary for the specified purposes to protect our legitimate interests or those of a third party in accordance with Art. 6(1)(f) GDPR, if no particular reference to another legal basis is made.

(12.5) The cookie file is stored on the hard disk or rejected depending on the settings of the user browser. The user can configure their browser so that the acceptance of cookies is generally denied or it displays a warning message each time in advance when it receives a cookie. However, under certain circumstances, it is not possible to use all the functions of the website operated at www.burckhardtpartner.com without limitation if cookies are rejected.

(13) Online presence in social media
We are active on various social networks and platforms so that we can communicate with customers, interested parties and users who are active on these platforms and provide information about us. You should be aware that social media operators regularly use web tracking methods. This web tracking, over which we have no influence, can also be carried out regardless of whether you are logged in to or registered with the network or platform. When accessing the respective networks – including via the external links on our website – the terms and conditions of business and the privacy policies of the respective operators shall apply. The respective opt-out options are also described there.

We currently use the following services:

- Facebook: Social network; provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com;Privacy Policy: https://www.facebook.com/about/privacy; The U.S. is a country for which there is no applicable adequacy decision from the EU Commission. Facebook therefore relies on the EU standard contractual clauses in order to safeguard its information to an appropriate level of data protection. Our preliminary risk analysis has revealed these clauses to be adequate with regard to our type of use of Facebook; Facebook Privacy Shield (assurance of the level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; opt-out option: Settings for advertisements: https://www.facebook.com/settings?tab=ads; additional data protection information: Agreement on the joint processing of personal data on Facebook pages: https://www.facebook.com/legal/terms/page_controller_addendum, data protection information for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.

- LinkedIn: Social network; provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website: https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy; The LinkedIn data centres for storing data are currently located in the U.S. and Singapore. The U.S. and Singapore are countries for which there is no applicable adequacy decision from the EU Commission. LinkedIn incorporates the EU standard contractual clauses in order to safeguard its information to an appropriate level of data protection. Our preliminary risk analysis has revealed these clauses to be adequate with regard to our type of use of LinkedIn; Privacy Shield (assurance of the level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; opt-out option: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

- Instagram: Social network; provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; website: https://www.instagram.com; Privacy Policy: http://instagram.com/about/legal/privacy. Instagram transfers or transmits and/or stores and processes its own data in the U.S. or other third countries. For such countries, for which there is no applicable adequacy decision from the EU Commission, Instagram relies on the EU standard contractual clauses in order to safeguard its information to an appropriate level of data protection. Our preliminary risk analysis has revealed these clauses to be adequate with regard to our type of use of Instagram.

- Youtube: Video service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://www.youtube.com; Privacy Policy: https://policies.google.com/privacy; Privacy Shield (assurance of the level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active; opt-out option: Opt-out plug-in: https://tools.google.com/dlpage/gaoptout?hl=en, settings for the display of advertisements: https://adssettings.google.com/authenticated.

When you click on the corresponding symbols of the social networks on our website, you will be automatically transferred to our profile on the relevant social network. In order to use the functions of the respective network there, you sometimes have to log in to your user account for the respective network.

When you open a link to one of our social media profiles, this establishes a direct connection between your browser and the server of the social network in question. This then informs the network that you have visited our website with your IP address and that you have clicked on the link. If you click on a link to a network whilst you are signed in to your account on the network in question, the content of our website may be linked to your profile with the network, meaning that the network can link your visit to our website directly with your user account. If you want to prevent this from happening, you must log out before you click on the relevant link. In any case, an assignment will take place when you log into the relevant network after clicking on the link.

You can find further information on the purpose and scope of data collection and processing by the aforementioned social networks and your respective rights and data protection options in their respective privacy policies.

(14) Embedded content
We integrate content elements that originate from servers of other providers on our website. These could be for example graphics or videos which we use to describe our services. The integration of the relevant content requires the processing of your IP address. Provided that we ask you for your consent to integrate a third party provider, the legal basis for the processing of data is consent (Art. 6 (1)(a) GDPR). Otherwise, the user’s data is processed on the basis of a balancing of interests (Art. 6 (1)(f) GDPR, i.e. interests in efficient, economic and recipient-friendly services).

We currently use the following services:

- Instagram/Youtube: We refer to certain projects with images or videos which we display via a connection to these social networks. In connection with Instagram, we use the JavaScript code “LightWidget”. This shows previews of our Instagram profile. Personal data can also be transferred to LightWidget when it is activated. You can find more information on this at https://lightwidget.com/privacy/ or above in section 13 regarding our online presence on social media.

- Refline: Vacancies are integrated using iFrame by the recruiting tool Refline.

(15) Website statistics
For the purposes of analysing our website and on the basis of your consent according to Art. 6 (1)(a) GDPR, we use the web analysis service Google Analytics by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A., or, if your usual place of residence is in the European Economic Area (EEA) or in Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). In this context, pseudonymised user profiles are created and cookies are used in order to analyse your use of our website and put together reports on website activities. As part of this, the following information, among other things, may be collected: IP address, date and time of the page retrieval, click path, information on the browser and device you use, visited pages, referrer URL (websites you have used to call up our website) and location data.

We only use Google Analytics with the IP anonymisation feature activated. This means that your IP address will be truncated by Google within the EU/EEA or Switzerland. Only in exceptional cases will the full IP address be transferred to a Google server in the U.S.A. and truncated there. Insofar as personal data is processed in the U.S., a third country without an adequacy decision, we would like to point out that we have agreed to the data processing terms provided by Google.

You can prevent cookies from being stored by changing the settings of your browser software accordingly. You can also prevent the collection and transfer of data generated by the cookie and related to your use of our website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link:(https://tools.google.com/dlpage/gaoptout?hl=en). An opt-out cookie will be set which will prevent your data from being collected in future when you visit our website.

Your personal data will be erased or anonymised after 14 months.

You can find more information about Terms of Service and data protection at https://policies.google.com/privacy?hl=en&gl=en.

(16) Updates and amendments to this privacy policy
Owing to the development of our website and its offerings or changes to legal or regulatory provisions, it may be necessary to amend this privacy policy. You can view and print the current privacy policy at any time via the website at www.burckhardtpartner.com/datenschutz.