Privacy policy
Compensation Governance Services S.A. (CGSE)
Industriestrasse 16
CH – 6300 Zug
+41 0800 22 88 22
Aware of the importance of ensuring data confidentiality, CGSE is strongly committed to the protection of personal data.
This personal data protection policy aims to inform users about the commitments and measures taken to ensure the protection of personal data.
This privacy policy may be modified at any time. Therefore, we advise you to regularly consult this page to stay informed of any potential changes.
Scope of this Privacy Policy
This privacy policy applies to the services, websites, and mobile applications offered by CGSE, as well as the services offered on partner websites.
Note to visitors and users of the websites: Each website is subject to specific terms of use available on each site, which are part of this policy. Your use of the websites and the personal data you choose to share on them are subject to the provisions of this policy and the applicable terms of use.
Data Controller
The data controller for personal data is CGSE. Information about CGSE is available in its legal notice.
Data Collected
CGSE ensures that only data strictly necessary for the purpose of the implemented processing is collected.
The data collected by CGSE comes from forms filled out by the user, content uploaded online, subscriptions to online services, subscriptions to CGSE’s newsletter, cookies, website logins, phone calls, emails, or correspondences with one of CGSE’s services.
The data collected may include, but is not limited to:
- Identification data of prospects/clients: title, name, first name, date of birth, address, phone number, email, ID, company name (if applicable);
- Data related to commercial relationship tracking: phone number for callback, callback date, product, offer and options subscribed, exchanges with prospect/client, order date and number, order status, customer account;
- Payment data: date, method and status of payment, transaction number, amount;
- Data for commercial prospecting to offer a similar service on another product: opt-in for the newsletter;
- Connection data for audience measurement statistics to improve our services: IP address, cookies, trackers (date/time/duration of visit, pages viewed), browser type, operating system;
- Data related to the newsletter subscription: email, subscription date, email reading status;
- Data from contact forms and remarks: date, message, and request subject;
- Data related to order reviews: rating and comment;
- Data related to the exercise of personal rights: ID.
CGSE indicates to the user on the collection form which data is mandatory to ensure service provision by using the following symbol: « * ». If the user does not respond to the mandatory fields, they will not be able to register or benefit from CGSE’s services.
CGSE may ask the user to respond to surveys used for scientific and statistical purposes.
Phone calls may be recorded with the consent of the concerned person to improve service quality, assess and train customer service representatives.
Our websites use cookies to measure traffic and personalize the services and offers we provide to make your navigation easier. For more information and to object to the use of cookies, please refer to our cookie management policy.
Special Information for Parents
Our pages are not intended for children under the age of 16, and we do not knowingly collect personal data from children. However, CGSE’s policy is to comply with Swiss legislation when it requires a parent or guardian’s consent before collecting, using, or disclosing children’s personal data. If a parent or guardian becomes aware that their child has provided us with personal data without their consent, please contact us at contact[at]cgse.com. If we become aware that a child has provided us with personal data, we will delete their information from our files.
Purpose of Collecting Personal Data
The processing is necessary for:
- The execution of a contract to which the data subject is a party or for the execution of pre-contractual measures taken at their request;
- The legitimate interests pursued by CGSE to improve its services and understand user expectations, particularly to protect user rights and data.
The user, as a natural person, is informed that the collected information is subject to computer processing aimed at carrying out operations related to order delivery.
Phone calls may be recorded with the consent of the concerned person to improve service quality, assess and train customer service representatives.
Recipients of Personal Data
Your personal data may be disclosed to the following recipients for the purposes outlined in this policy:
- People in charge of marketing, commercial services, customer relationship management, prospecting, administrative services, IT and technical services, and their supervisors;
- CGSE’s subcontractors;
- CGSE’s business partners authorized to carry out data processing;
- Administrative or judicial authorities authorized by Swiss law.
Whenever we share your information, for example, with a partner providing services on our behalf, such as credit card payments or postal mail delivery, we require those recipients to acknowledge our privacy and data processing policies and adhere to their principles.
Security
CGSE has implemented rigorous and appropriate physical, organizational, procedural, technical, and personnel-related measures to ensure the security and confidentiality of personal data.
Data Transfer Outside Switzerland
Some data may be stored on servers located outside Switzerland, in countries where personal data protection laws may differ from those in effect in Switzerland.
In this context, CGSE has implemented data processing contracts based on standard contractual clauses recognized by the competent data protection authorities.
Data Retention Period
CGSE retains personal data only for as long as necessary for the operations for which it was collected and in compliance with applicable Swiss regulations.
Client/Prospect Data Management:
- Client data is retained for the duration of the commercial relationship and may be kept for commercial prospecting purposes for up to 3 years after the end of the commercial relationship.
- Prospect data is retained for 3 years from the date of collection or the last contact from the prospect.
- Information stored in user terminals (cookies) or any other element used to identify users and allow user tracking is retained for 12 months.
- Identity document data for exercising personal rights is retained for a maximum of 1 year. In the case of an opposition request, this data may be archived for 3 years.
- Credit card data is not retained.
Newsletter Management
CGSE retains the email address as long as the person concerned does not unsubscribe (via the unsubscribe link in the newsletters) and applies an automatic unsubscribe rule after 11 unopened newsletters or after 3 years.
Contact Form Data Management
CGSE retains this data for 3 years.
Handling, Management, and Execution of Insurance Contracts:
- Data retention period when concluding a contract: Retention periods must allow compliance with prescription deadlines resulting from, among others, the insurance code and Swiss civil code.
- Data retention period in the absence of a contract conclusion: Data may be retained for 3 years from its collection by the controller or the last contact from the prospect.
Phone Calls:
Phone calls may be recorded with the consent of the concerned person. These data are retained for a maximum of 6 months.
Data Subject Rights
Right of Access, Rectification, Restriction, and Deletion
In accordance with the Swiss Federal Data Protection Act (FADP) and the General Data Protection Regulation (GDPR), every natural person has the right to:
- Access their data,
- Rectify their data,
- Request the deletion of data concerning them under the conditions set by law,
- Request the restriction of processing,
- Define general and specific directives regarding how these rights should be exercised after their death.
Right to Object
The natural person also has the right to object to the processing of their personal data and to the use of their data for commercial prospecting purposes.
Right to Data Portability
The concerned person also has the right to data portability. In accordance with Article 20 of the GDPR, the concerned person has the right to receive the personal data they have provided to CGSE in a structured, commonly used, and machine-readable format, and the right to transmit that data to another data controller without CGSE being able to oppose it.
Exercising Rights
The concerned person may exercise these rights by contacting CGSE, mentioning their name, first name, and email, and providing proof of identity, in accordance with the FADP and Chapter III of the GDPR:
- By email at contact@cgse.ch
- Or by postal mail to the following address: CGSE, Privacy Service, Industriestrasse 16, CH – 6300 Zug.
Right to File a Complaint with the Competent Authorities
Finally, the concerned person may, if necessary, file a complaint with the competent Swiss data protection authorities. To do so, they may contact the Federal Data Protection and Information Commissioner (FDPIC) by mail or phone (information available here: https://www.edoeb.admin.ch/edoeb/en/home.html).