Personal data collection

We may collect the following personal data:

Client information: contact details and other information about you or your company or organisation where you provide services to Metyis;
Business information: data identifying you in relation to matters on which you instruct us or in which you are involved and data that you provide us with in communications;
Information from public sources: e.g. Linked in and similar professional networks, directories or internet publications;
Information in connection with our services: where this is necessary or useful to conduct the services;
Attendance records: to record your attendance at our offices for security purposes;
Subscriptions/preferences: when you subscribe to receive briefings, updates or newsletters;
Events data: attendance at and provision of feedback forms in relation to our events;
Supplier information: contact details and other information about you or your company or organisation where you provide services to Metyis;
Social media: posts, Likes, tweets and other interactions with our social media presence;
Technical information: when you access this website and our technology services, IP address, browser type and version (e.g. Internet Explorer, Firefox, Safari etc.), time zone setting, browser plugin types and versions, operating system you are using (e.g. Vista, Windows XP, MacOS, etc), device type, hardware model, MAC address, unique identifiers and mobile network information;
Online data: when you access this website and our technology services, information about your visit including URL clickstream to, through and from our website (including date and time), information about your network as such as information about devices, nodes, configurations, connection speeds and network application performance; pages viewed or searched for, page response times, download errors, length of visits and interaction information (such as scrolling, clicks, mouse-overs) and whether you click on particular links or open our emails.
Special categories of personal data: such as dietary, disability or similar requirements for events and meetings. If you do not provide this information, we may not be able to respond to your particular needs or preferences;

How we use your personal data

Your personal data is being used for the following purposes:

  • Providing of services: providing consultancy services and advice as well as implementation thereof within the companies or organisations of our clients;
    Business relationship: managing and administering our relationship with you, your company or organisation (clients and suppliers), including keeping records about business contacts, services and payments;

  • Communication: sending emails, newsletters and other messages to keep you informed of developments in our areas of expertise, market insights and of our services, marketing and promotional activities;

  • Events: organising meetings and events;

  • Client surveys and feedback: including services and events feedback, as well as communication around issues and concerns which may arise;

  • Client and supplier checks: client and supplier due diligence to ensure that clients and contacts are genuine and to prevent fraud or crime;

  • Website monitoring: to check the website and our other technology services are being used appropriately and to optimise their functionality;

  • On-site security: to provide security to our offices, other premises and people (normally collecting your name and contact details on entry to our buildings as well as video materials from CCTV cameras);

  • Online security: protecting our information assets and technology platforms from unauthorised access or usage and to monitor for malware and other security threats;

  • Regulatory: compliance with our legal and regulatory obligations as a services company including auditing and reporting requirements; and/or
    Legitimate interest: to pursue legitimate business interests.

Our bases for using your personal data

Your personal data may be processed by us on a number of bases:

Consent: You give is your consent, for example when you share personal data for specific purposes;
Legal or regulatory obligations: to comply with legal or regulatory obligations, for example disclosure to relevant authorities.
Legitimate business interests: where we have a legitimate business interest.

Who is responsible for the use of personal data?

Metyis is the controller when you visit our websites, when we handle job
applications, when we use contact data in our systems, when you provide us with goods or services and when we provide our services. In specific circumstances Metyis may be the processor of personal data; in such circumstances we will ensure compliance with applicable laws and regulations.

With whom do we share your data?

We may share your data with:

Suppliers and subcontractors: parties who support our businesses and services, including IT, hosting and communication suppliers, outsourced business support, subcontractors, marketing and advertising agencies. Our suppliers and subcontractors have to meet minimum standards as to information security and they will only be provided data appropriate for their function/services;

Relevant authorities or bodies or courts: in accordance with legal requirements or good practice;

Appropriate parties in the event of emergencies: in particular to protect health and safety of our clients, staff and organisations;

Your company or organisation: in relation to us providing our services;

Third parties: Professional third parties on a need to know basis in the context of the acquisition or transfer of any part of our business or in connection with the business reorganization or (re)financing of our business.

Personal data about others

In some cases, you may provide personal data to us about other people (such as your customers, employees, suppliers, directors, officers, shareholders or beneficial owners). You must ensure that you have given those individuals an appropriate notice that you are providing their information to us and have obtained their consent to any such disclosures.

Security

We will hold your information securely in line with physical, technical and
administrative security measures. Our security measures are continuously improved in line with technological developments. However, the transmission of information via the internet is not completely secure. Although we will take reasonable measures to protect your personal data, we cannot guarantee the security of your personal data transmitted and any transmission is at your own risk.

Where will your personal data be stored?

We are a global services provider and, as a result, your information may be transferred out of your local jurisdiction. Data protection laws may vary by country and those applicable in one country are not necessarily equivalent to those applicable in other countries. In addition to its headquarters in Zug, Switzerland, Metyis has offices in various countries. Metyis has concluded standard contractual arrangements for the international transfer of data with its offices outside the European Economic Area (so-called controller-to-controller standard contractual
clauses). In circumstances where Metyis transfers personal data to other parties outside of the European Economic Area without an adequacy decision, Metyis will ensure that it provides appropriate safeguards for such transfers in accordance with the GDPR.

How long do we keep your data?

We generally keep your information as needed to provide our services and as necessary to comply with legal, accounting and/or regulatory requirements in the applicable countries.

Your Rights

You have the right:

  • to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;

  • request the correction of incorrect or complete personal data stored by us;

  • to demand the deletion of your personal data stored by us, unless the
    processing is necessary to fulfil a legal obligation, for reasons of public
    interest or to assert, exercise or defend legal claims;

  • to demand the restriction of the processing of your personal data if you
    dispute the accuracy of the data, if the processing is unlawful but you refuse to delete it and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing;

  • Within the scope of the GDPR, you also have the right to receive the personal data you have provided to us based on consent or a contract in a structured, common and machine-readable format or to request its transfer to another person responsible;

  • If our data processing is based on your consent, you have the right to revoke your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future;

  • to submit your complaint to a supervisory authority. In Switzerland, you can contact the Federal Data Protection and Information Commissioner
    (www.edoeb.admin.ch) and outside Switzerland, the supervisory authority responsible for your concerns.

Right to object

If you are working with one of our offices in the European Economic Area or our offices in certain other jurisdictions where similar rules apply, you may have a right to object to us processing your information in certain circumstances. This applies where we are processing your personal information based on a legitimate interest (or those of a third party) you may challenge this. However, we may be entitled to continue processing your information in case we have legitimate interests.

You also have the right to object where we are processing your personal information for direct marketing purposes. You can opt-out of receiving direct marketing from us at any time. You can do this by changing your marketing preferences on your online accounts settings page, clicking on the "unsubscribe" link included at the end of any marketing email we send to you, or by contacting the DPO.

Cookies and Analytics tools

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. The cookie stores information which is directly connected to the device used by you when you visit our website. However, this does not mean that we immediately become aware of your identity.

The use of cookies simplifies using our website and makes its handling a more pleasant experience. For example, we use so-called session cookies which recognise that you have already visited individual pages of our website. This information will automatically be deleted after leaving our site again.

In addition, we also use temporary cookies that are stored on your end device for a specified period of time to optimise user-friendliness, our websites and offers. If you visit our site again to use our services, it will automatically recognise that you have already been with us and your previous entries and settings will be retrieved. These cookies are automatically deleted after a defined period of time.

Google Analytics

For the purpose of the continuous optimisation of our pages and its design, we use Google Analytics, a web analysis service provided by Google Inc. In this context, pseudonymised user profiles are created and cookies are used. The information generated by the cookie about your use of this website is transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further
services associated with the use of the website and the internet for the purposes of market research and demand-oriented design of these internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are
anonymised so that an assignment is not possible (IP masking).

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is then set to prevent future collection of your data when visiting this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must
reset the opt-out cookie.

Further information on data protection in connection with Google Analytics can be found on the Google Analytics Helpsite (https://support.google.com/analytics/answer/6004245?hl=en).

Social media & marketing cookies

These cookies record your visit to our website, the pages you have visited and the links you have followed. We may use this information to make our website and the information (including marketing information) displayed on it more relevant to your interests and to measure the effectiveness of and marketing or information initiatives. We may also share this information with third parties for this purpose. They remember the other websites you visit and this information is shared with third party organizations as described below. These are also optional cookies. If you do not allow these cookies, you will experience less targeted advertising.

LinkedIn Conversion Tracking and Insight Tag

The LinkedIn Insight Tag is a piece of lightweight JavaScript code of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, that we have added to our website to enable in-depth campaign reporting and to help us unlock valuable insights about our website visitors. We use the LinkedIn Insight Tag to track conversions, retarget website visitors, and unlock additional insights about members interacting with our LinkedIn adverts.

The LinkedIn Insight Tag enables the collection of metadata such as IP address information, timestamp, and events such as page views. All data is encrypted. The LinkedIn browser cookie is stored in a visitor's browser until they delete the cookie or the cookie expires (there’s a rolling six-month expiration from the last time the visitor’s browser loaded the Insight Tag).

You can opt out of cookies from LinkedIn on your LinkedIn settings page https://www.linkedin.com/settings/?trk and recommend you read their Cookie Policy https://www.linkedin.com/legal/cookie-policy for more information.

Questions and requests

You are entitled at any time to request inspection, correction, removal or restriction of the processing of your personal data by Metyis. In addition, in some cases you have the right to receive your data in a structured format (i.e., data portability). Please send your request, as well as other privacy-related questions you might have, to our Data Protection Officer at [email address]. Finally, you also have the right to lodge a complaint with a supervisory authority. In Switzerland, you can contact the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch) and outside Switzerland, the applicable supervisory authority responsible for your concerns.

This privacy statement is dated [1 August 2021] and may be changed over time.