We may collect the following personal data:
Client information: contact details and other information about you or your company or organisation where you provide services to Metyis;
Business information: data identifying you in relation to matters on which you instruct us or in which you are involved and data that you provide us with in communications;
Information from public sources: e.g. Linked in and similar professional networks, directories or internet publications;
Information in connection with our services: where this is necessary or useful to conduct the services;
Attendance records: to record your attendance at our offices for security purposes;
Subscriptions/preferences: when you subscribe to receive briefings, updates or newsletters;
Events data: attendance at and provision of feedback forms in relation to our events;
Supplier information: contact details and other information about you or your company or organisation where you provide services to Metyis;
Social media: posts, Likes, tweets and other interactions with our social media presence;
Technical information: when you access this website and our technology services, IP address, browser type and version (e.g. Internet Explorer, Firefox, Safari etc.), time zone setting, browser plugin types and versions, operating system you are using (e.g. Vista, Windows XP, MacOS, etc), device type, hardware model, MAC address, unique identifiers and mobile network information;
Online data: when you access this website and our technology services, information about your visit including URL clickstream to, through and from our website (including date and time), information about your network as such as information about devices, nodes, configurations, connection speeds and network application performance; pages viewed or searched for, page response times, download errors, length of visits and interaction information (such as scrolling, clicks, mouse-overs) and whether you click on particular links or open our emails.
Special categories of personal data: such as dietary, disability or similar requirements for events and meetings. If you do not provide this information, we may not be able to respond to your particular needs or preferences;
Your personal data is being used for the following purposes:
Providing of services: providing consultancy services and advice as well as implementation thereof within the companies or organisations of our clients;
Business relationship: managing and administering our relationship with you, your company or organisation (clients and suppliers), including keeping records about business contacts, services and payments;
Communication: sending emails, newsletters and other messages to keep you informed of developments in our areas of expertise, market insights and of our services, marketing and promotional activities;
Events: organising meetings and events;
Client surveys and feedback: including services and events feedback, as well as communication around issues and concerns which may arise;
Client and supplier checks: client and supplier due diligence to ensure that clients and contacts are genuine and to prevent fraud or crime;
Website monitoring: to check the website and our other technology services are being used appropriately and to optimise their functionality;
On-site security: to provide security to our offices, other premises and people (normally collecting your name and contact details on entry to our buildings as well as video materials from CCTV cameras);
Online security: protecting our information assets and technology platforms from unauthorised access or usage and to monitor for malware and other security threats;
Regulatory: compliance with our legal and regulatory obligations as a services company including auditing and reporting requirements; and/or
Legitimate interest: to pursue legitimate business interests.
Your personal data may be processed by us on a number of bases:
Consent: You give is your consent, for example when you share personal data for specific purposes;
Legal or regulatory obligations: to comply with legal or regulatory obligations, for example disclosure to relevant authorities.
Legitimate business interests: where we have a legitimate business interest.
Metyis is the controller when you visit our websites, when we handle job
applications, when we use contact data in our systems, when you provide us with goods or services and when we provide our services. In specific circumstances Metyis may be the processor of personal data; in such circumstances we will ensure compliance with applicable laws and regulations.
In some cases, you may provide personal data to us about other people (such as your customers, employees, suppliers, directors, officers, shareholders or beneficial owners). You must ensure that you have given those individuals an appropriate notice that you are providing their information to us and have obtained their consent to any such disclosures.
We will hold your information securely in line with physical, technical and
administrative security measures. Our security measures are continuously improved in line with technological developments. However, the transmission of information via the internet is not completely secure. Although we will take reasonable measures to protect your personal data, we cannot guarantee the security of your personal data transmitted and any transmission is at your own risk.
We are a global services provider and, as a result, your information may be transferred out of your local jurisdiction. Data protection laws may vary by country and those applicable in one country are not necessarily equivalent to those applicable in other countries. In addition to its headquarters in Zug, Switzerland, Metyis has offices in various countries. Metyis has concluded standard contractual arrangements for the international transfer of data with its offices outside the European Economic Area (so-called controller-to-controller standard contractual
clauses). In circumstances where Metyis transfers personal data to other parties outside of the European Economic Area without an adequacy decision, Metyis will ensure that it provides appropriate safeguards for such transfers in accordance with the GDPR.
We generally keep your information as needed to provide our services and as necessary to comply with legal, accounting and/or regulatory requirements in the applicable countries.
You have the right:
to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;
request the correction of incorrect or complete personal data stored by us;
to demand the deletion of your personal data stored by us, unless the
processing is necessary to fulfil a legal obligation, for reasons of public
interest or to assert, exercise or defend legal claims;
to demand the restriction of the processing of your personal data if you
dispute the accuracy of the data, if the processing is unlawful but you refuse to delete it and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing;
Within the scope of the GDPR, you also have the right to receive the personal data you have provided to us based on consent or a contract in a structured, common and machine-readable format or to request its transfer to another person responsible;
If our data processing is based on your consent, you have the right to revoke your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future;
to submit your complaint to a supervisory authority. In Switzerland, you can contact the Federal Data Protection and Information Commissioner
(www.edoeb.admin.ch) and outside Switzerland, the supervisory authority responsible for your concerns.
If you are working with one of our offices in the European Economic Area or our offices in certain other jurisdictions where similar rules apply, you may have a right to object to us processing your information in certain circumstances. This applies where we are processing your personal information based on a legitimate interest (or those of a third party) you may challenge this. However, we may be entitled to continue processing your information in case we have legitimate interests.
You also have the right to object where we are processing your personal information for direct marketing purposes. You can opt-out of receiving direct marketing from us at any time. You can do this by changing your marketing preferences on your online accounts settings page, clicking on the "unsubscribe" link included at the end of any marketing email we send to you, or by contacting the DPO.
You are entitled at any time to request inspection, correction, removal or restriction of the processing of your personal data by Metyis. In addition, in some cases you have the right to receive your data in a structured format (i.e., data portability). Please send your request, as well as other privacy-related questions you might have, to our Data Protection Officer at [email address]. Finally, you also have the right to lodge a complaint with a supervisory authority. In Switzerland, you can contact the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch) and outside Switzerland, the applicable supervisory authority responsible for your concerns.
This privacy statement is dated [1 August 2021] and may be changed over time.