Privacy policy

André Associés SA is committed to protecting the confidentiality and security of the personal data we collect or receive as part of our professional activities and recruitment processes. We process personal data in accordance with Swiss data protection law and, where applicable, the EU General Data Protection Regulation (GDPR).

This privacy policy explains why we collect and process your personal data and outlines your rights in this regard.

Who are we?

We are André Associés SA, headquartered at St. François 9, 1003 Lausanne (hereinafter “we” or “our”). We are responsible for processing your personal data.

What data do we collect and process?

To provide our services and carry out our professional activities, we collect and process personal data from clients and prospective clients, associated individuals, counterparties, authorities, courts, third parties, and others, including their representatives, beneficial owners, and former or current employees.

Additionally, we collect and process personal data when you offer or provide us with products or services, when we assess your products or services, and generally when you request or provide information to us. Lastly, we collect and process personal data regarding candidates and alumni of André Associés SA.

The types of personal data we may collect include, for example:

We also process any information disclosed during the provision of our services or information we collect ourselves. Such information may include sensitive data. When processing sensitive data requires your consent, we obtain it beforehand.

Finally, our website server temporarily records information about your use of our website.

Why and on what basis do we collect and process personal data?

a. For the provision of our services and the management of our business

We collect and process personal data to provide you with our services, manage our mandates, and operate our business.

b. For maintaining and developing our business relationship with you

Additionally, we use personal data to maintain and enhance our business relationship with you, identify services that may interest you, pursue certain business development initiatives, send you publications and communications, invite you to events, monitor and analyze our activities, improve our services and products for you, and comply with our legal obligations for client identification.

c. For compliance with legal or regulatory obligations

We collect and process personal data to comply with applicable laws, self-regulations, certifications, and internal or external investigations in which we are involved (procedural compliance).

d. For the analysis of website usage

We collect and process personal data about you to ensure the proper functioning and security of our website system, improve the website, and analyze its usage.

e. For processing job applications

If you apply for a position or participate in a recruitment event at André Associés SA, you must provide certain personal data. By submitting your application, you allow us to use and verify this information (including reference checks, background checks, identity verification, and extracts from debt and criminal records) to invite you for an interview and determine your suitability for the position.

Where do we obtain your personal data?

Your personal data comes directly from you, other involved parties, and their respective representatives and collaborators. We also receive personal data from third parties, such as employers, other organizations with which you have a relationship, regulatory bodies, state authorities, courts, other law firms, and advisors. Additionally, we collect personal data from publicly available sources (e.g., commercial registers, debt registers, land registers, credit agencies, contractual partners).

How do we protect your personal data?

We have implemented appropriate security measures to safeguard your personal data, both in electronic and physical form, to protect it against unauthorized access, misuse, unauthorized modification, illegal destruction, or accidental loss.

Our staff and third-party service providers who have access to confidential information (including personal data) are bound by confidentiality obligations.

Why and how do we share data?

If it is necessary or useful to enable us to provide our services or for other purposes defined in this privacy policy, we may share personal data with third parties (such as advisors, related parties, courts, authorities, counterparties, law firms with whom we collaborate, and other individuals). Personal data collected during the provision of our services, your contact with us, or your visit to our website may also be shared with third parties, including:

We work with various service providers and may share your personal data with them, such as banks, insurance companies, or IT service providers who may have access to your personal data when providing IT support.

Are your personal data transferred abroad?

As a rule, we process your personal data in Switzerland. Our Cloud servers are also located in Switzerland.

Exceptionally, we may transfer personal data to other countries if you instruct us to do so or if it is necessary to determine, exercise, or defend your legal claims. If these third parties are based outside Switzerland, the United Kingdom, or the EU, we will only share your data on a basis that guarantees adequate data protection.

How long do we retain data?

We retain your personal data for as long as necessary to achieve the purpose for which it was collected. Furthermore, we retain your personal data to comply with legal and regulatory documentation and retention obligations (e.g., client data are retained for ten years from the end of the mandate) as long as claims may be made against us and as long as legitimate interests, including data security, require it.

For candidates we cannot offer a job, personal data are deleted no later than six months after rejection. With the candidate’s consent, we may retain the collected personal data longer to potentially offer them other positions within our organization.

What are your rights?

Under certain conditions, you have the following rights:

If you have given your consent to the collection, processing, and transmission of your personal data for a specific purpose, you have the right to withdraw your consent for this specific processing at any time. Once we receive notification of the withdrawal of your consent, we will no longer process your personal data unless we have another legitimate interest in doing so.

Please note that we may refuse or limit the granting of these rights for legal reasons or under data protection legislation. Where legally necessary or permitted, we will inform you of the reasons for our decision.

If you wish to exercise these rights, please contact us in writing by sending an email to the data protection service or by post to the following address:

André Associés SA
St. François 9
1003 Lausanne
Switzerland

If you believe that we have not handled your request or concern satisfactorily or that we are not processing your personal data in accordance with applicable data protection laws, you may contact the competent supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC).

Updating this Privacy Policy

We reserve the right to update and modify this privacy policy from time to time to reflect any changes in how we process your personal data or in legal requirements. Any changes to this privacy policy will be published on this website. Please check this site regularly to stay informed of updates or modifications to this privacy policy.

November 2024