Version dated 31 August 2023
In this privacy policy, we, Value Solutions Holding AG, Value Solutions Treuhand und Unternehmensberatung AG and Tria Revisions AG (hereinafter referred to as ‘we’ or ‘us’), explain how we collect and otherwise process personal data.
This is not an exhaustive description; other privacy policies may regulate specific matters. Personal data refers to all information relating to an identified or identifiable person.
If you provide us with personal data relating to other persons (e.g. family members, data from work colleagues), please ensure that these persons are aware of this privacy policy and only share their personal data with us if you are permitted to do so and if this personal data is correct.
1. Controller / Data Protection Officer / Representative
Value Solutions Holding AG is responsible for the data processing described here. If you have any data protection concerns, you can notify us of these, enclosing a copy of your ID card or passport for user identification, at the following contact address for all companies of Value Solutions Holding AG:
Value Solutions Holding AG
Riedstrasse 7
6330 Cham
+41 (0)41 748 35 50
2. Collection and processing of personal data
We primarily process personal data that we receive from our customers and other business partners in the course of our business relationship with them and other persons involved, or that we collect from users when operating our websites and other applications.
We collect the following categories of personal data, depending on the purpose for which we process it:
Contact information (e.g. surname, first name, address, telephone number, email address, other contact information, marketing data)
Customer information (e.g. date of birth, nationality, marital status, religion, occupation, title, job title, passport/ID number, social security number)
Risk assessment data (e.g. creditworthiness information, commercial register data)
Financial information (e.g. bank account details, asset and interest statements, e-banking)
Mandate data, depending on the assignment (e.g. tax information, articles of association, minutes, projects, contracts, employee data (e.g. salary, social security, religion), accounting data, beneficial owners, ownership structure)
Website data (e.g. IP address, device information (UDI), browser information, language settings, downloaded files, website usage (analysis and use of plugins, etc.))
Application data (e.g. CV, references)
Marketing information (e.g. registration
3. Purposes of data processing and legal bases
We primarily process personal data that we receive from our clients in the context of our client relationships and from our business partners in the context of other contractual relationships with them and other persons involved, as well as in order to comply with our legal obligations in the United Kingdom and abroad. If you work for such a client or business partner, your personal data may of course also be affected in this capacity.
The personal data of our clients includes the following information in particular:
Contact information (e.g. surname, first name, address, telephone number, email address, other contact information, marketing data)
Personal information (e.g. date of birth, nationality, marital status, religion, occupation, title, job title, passport/ID number, AHV number, family circumstances, etc.)
Risk assessment data (e.g. creditworthiness information, commercial register data, sanctions lists, specialised databases, data from the internet)
Financial information (e.g. data on bank details, investments or shareholdings)
Mandate data, depending on the assignment, e.g. tax information, articles of association, minutes, employee data (e.g. salary, social security), accounting data, etc.
Sensitive personal data: This personal data may also include sensitive personal data, such as
3.1 Use of our website
No personal data needs to be disclosed in order to use our website. However, each time the server is accessed, it collects a range of user information which is temporarily stored in the server's log files.
When this general information is used, it is not assigned to a specific person. The collection of this information or data is technically necessary in order to display our website and to ensure its stability and security. This information is also collected in order to improve the website and analyse its use.
In particular, we process the following information:
Contact information (e.g. surname, first name, address, telephone number, e-mail, other contact information, marketing data)
Further information that you provide to us via the website
Technical information, information on user behaviour or website settings (e.g. IP address, UDI, device type, browser, number of clicks on the page, opening of the newsletter, clicks on links, etc.) automatically transmitted to us or our service providers.
We process this personal data for the purposes described above on the following legal bases
Protection of legitimate interests (e.g. for administrative purposes, to improve our quality, to analyse data or to promote our services)
Consent (e.g. to use)
In particular, we process the following information:
Contact information (e.g. surname, first name, address, telephone number, email address, other contact information)
Communication metadata (e.g. IP address, duration of communication, communication channel)
Records of conversations, for example during video conferences
Other information that the user uploads, provides or creates while using the video conferencing service, as well as metadata used for the maintenance of the service provided. Additional information about the processing of personal data by Microsoft Teams or other services can be found in their privacy statements.
Personal information (e.g. occupation, position, title, employer)
Time and reason for the visit (e.g. submission of documents)
We process this personal data for the purposes described above on the following legal bases:
Fulfilment of a contractual obligation with or for the benefit of the data subject, including contract initiation and enforcement (provision of a service)
Safeguarding legitimate interests (e.g. security, traceability, and handling and administration of customer relationships)
3.4 Applications
You can submit your application for a position with us by post or via the e-mail address provided on our website. It is also possible to apply via social networks such as L
In particular, we process the following information:
Contact information (e.g. surname, first name, address, telephone number, email address, other contact information)
Personal information (e.g. occupation, position, title, employer)
Financial information (e.g. bank account details)
We process this personal data for the purposes described above on the following legal bases:
Conclusion or execution of a contract with or for the benefit of the data subject, including contract initiation and enforcement
Protection of legitimate interests (e.g. avoidance of conflicts of interest, protection of the company, enforcement of legal claims)
4. Cookies / tracking and other technologies in connection with the use of our website
We typically use ‘cookies’ and similar technologies on our websites to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our website. When you visit this website again, we can recognise you, even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your visit to the website (‘session cookies’), cookies can also be used to store user settings and other
5. Data disclosure and data transfer abroad
Within the scope of our business activities and for the purposes set out in section 3, we also disclose data to third parties, insofar as this is permitted and appears appropriate to us, either because they process it on our behalf or because they wish to use it for their own purposes. This applies in particular to the following parties:
Our service providers (within Value Solutions Holding AG and externally, e.g. banks, insurance companies), including contract processors (e.g. IT providers);
Customers;
Domestic and foreign authorities, government agencies or courts;
The public, including visitors to websites and social media;
Competitors, industry organisations, associations, organisations and other bodies;
Acquirers or parties interested in acquiring business areas, companies or other parts of Value Solutions Holding AG;
Other parties in potential or actual legal proceedings;
Other companies of Value Solutions Holding AG;
All recipients collectively.
Some of these recipients are located in the United Kingdom, but they may be located anywhere in the world. In particular, you must expect your data to be transferred to all countries where the service providers we use are located (e.g. Microsoft).
6. Duration of storage of personal data
We process and store your personal data for as long as is necessary to fulfil our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e. for example for the duration of the entire business relationship (from the initiation, execution to the termination of a contract) and beyond that in accordance with the statutory storage and documentation obligations. It is possible that personal data may be stored for the period during which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as far as possible. For operational data (e.g. system logs), shorter retention periods of twelve months or less generally apply.
7. Data security
We take appropriate technical and organisational security measures to protect your personal data from unauthorised access and misuse, such as issuing instructions, training, IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, pseudonymisation and controls.
8. Obligation to provide personal data
Within the scope of our business relationship, you must provide the personal data necessary for establishing and conducting a business relationship and fulfilling the associated contractual obligations (you are not generally under any legal obligation to provide us with data). Without this data, we will generally not be able to conclude or execute a contract with you (or the entity or person you represent). The website cannot be used either if certain information required to ensure data traffic (such as your IP address) is not disclosed.
9. Rights of the data subject
Within the framework of the data protection law applicable to you and to the extent provided for therein (as in the case of the GDPR, for example), you have the right to information, correction, deletion, the right to restrict data processing and otherwise object to our data processing, as well as to the disclosure of certain personal data for the purpose of transfer to another body (so-called data portability). Please note, however, that we reserve the right to assert the restrictions provided for by law, for example if we are obliged to store or process certain data, have an overriding interest in doing so (insofar as we are permitted to invoke this) or need it to assert claims.
Falls für Sie Kosten anfallen, werden wir Sie vorab informieren. Über die Möglichkeit, Ihre Einwilligung zu widerrufen, haben wir bereits in Ziff. 3 informiert. Beachten Sie, dass die Ausübung dieser Rechte im Konflikt zu vertraglichen Abmachungen stehen kann und dies Folgen wie z.B. die vorzeitige Vertragsauflösung oder Kostenfolgen haben kann. Wir werden Sie diesfalls vorgängig informieren, wo dies nicht bereits vertraglich geregelt ist.
The exercise of such rights generally requires that you clearly prove your identity (e.g. by providing a copy of your ID card if your identity is otherwise unclear or cannot be verified). To assert your rights, you can contact us at the address given in section 1.
Every data subject also has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
10. Changes
We may amend this privacy policy at any time without prior notice. The current version published on our website applies. If the privacy policy is part of an agreement with you, we will inform you of any changes by e-mail or other appropriate means in the event of an update.
Cham, 31 August 2023
