Privacy Policy

Privacy Policy

Privacy Policy

Privacy Policy

Privacy Policy for the Website of Global Clearance Solutions AG and Global Clearance Solutions Deutschland GmbH

This privacy policy provides information on the processing of personal data in connection with the joint website of Global Clearance Solutions AG, Switzerland, and Global Clearance Solutions Deutschland GmbH, Germany, as well as their affiliated companies. The policy is tailored to the joint corporate website and takes into account Swiss data protection law as well as, where applicable, the General Data Protection Regulation (GDPR) of the European Union.

1. Data controllers

The entities responsible for data processing in connection with this website are:

Global Clearance Solutions AG

Wolleraustrasse 41a
8807 Freienbach
Switzerland

Phone: +41 55 511 15 00

Email: datenschutz@gcs.ch

Global Clearance Solutions Germany GmbH

Hardtring 12
78333 Stockach
Germany

Phone: +49 7771 644 00 00

Email: datenschutz@gcs.ch

Where personal data is processed via the joint website for general corporate presentation, communication with prospective customers, clients, applicants or business partners, as well as for location-specific matters, processing may be carried out jointly or in a distributed manner. The leading entity depends on the specific case and business context.

2. Applicable data protection law

Personal data is processed in accordance with applicable data protection laws, in particular the Swiss Federal Act on Data Protection (FADP/DSG) and, where applicable, the EU General Data Protection Regulation (GDPR).

This privacy policy explains in a clear and understandable way which personal data is processed on the website, for what purposes, and what rights data subjects have.

3. Categories of personal data

Depending on how the website is used, the following categories of personal data may be processed:

  • Contact data, for example name, company, function, email, phone number and other voluntarily provided data.

  • Communication data, in particular the content and metadata of contact enquiries sent by emails or contact forms.

  • Technical and usage data, for example IP address, timestamps, device type, browser, OS, referrer URL and pages accessed.

  • Application data, where submitted via the website or by email.

  • Log and security data, insofar as this is necessary for the operation, stability and protection of the website.

  • Cookie and consent data, insofar as the website uses such technologies.

4. Purposes of data processing

Personal data is processed for the following purposes:

  • Provision, operation, maintenance and security of the website.

  • Processing and responding to inquiries.

  • Communication with prospects, customers, partners, suppliers and applicants.

  • Initiation and management of business relationships.

  • Improving usability and technical stability.

  • Preventing misuse, error analysis, enforcement or defence of legal claims.

  • Conducting recruitment processes.

Where processing is based on legitimate interests, these include secure and efficient website operation, proper handling of inquiries, communication with stakeholders, and continuous improvement of the website.

5. Legal bases

Where the GDPR applies, processing is based on:

  • Consent (e.g. for non-essential cookies or third-party content)

  • Pre-contractual measures or contract performance

  • Legal obligations (e.g. retention requirements)

  • Legitimate interests (secure, functional, user-friendly website and efficient communication)

Under Swiss law, processing is based on the applicable legal justifications and transparency requirements.

6. Hosting and server log files

When accessing the website, certain data is automatically collected for technical reasons and stored in so-called server log files. This includes, in particular, the IP address, date and time of access, browser type, operating system, referrer URL and accessed content.

This data processing is necessary to provide the website technically, to ensure system security, troubleshooting, and preventing unauthorised access or misuse.

7. Contact

If contact is made by email or via a contract form provided on the website, the personal data provided will be processed to deal with the enquiry and for any follow-up communication. The publicly listed central contact address is datenschutz@gcs.ch

Depending on the content of the enquiry, processing may involve the relevant company, the relevant specialist department or associated internal units. Data will only be disclosed to the extend necessary for proper processing.

8. Cookies and similar technologies

The website may use cookies and similar technologies. These may be technically necessary technologies required for the secure and functional operation of the website, or additional technologies for statistics, convenience features, embedded media or similar purposes, provided that such functions are actually used.

Where consent is required for certain technologies, this will be obtained prior to their use. In accordance with the principles highlighted by the EDPB, such content is specific, informed, active and revocable.

On the website, only use cookies and similar technologies that are necessary for the operation of the website or, where used, serve the purposes of audience measurement, statistical analysis, the integration of external content, improving user-friendliness or the management of your consents. Where consent is required for individual technologies, these will only be activated after the express of consent. Details of the specific categories and services used can be found in the consent management tool displayed on the screen and in supplementary information in this privacy policy.

9. Analytics, tracking and third-party content

The website may include third-party functions and consent, such as analytics and statics services, maps, videos, form solutions, application functions or links to external platforms. Where personal data is transmitted to third-party providers or collected by them in this context, this is done exclusively in accordance with the applicable legal requirement, and where necessary, on the basis of specific consent requested. Simple links to external websites or social media profiles only result in data being transferred if you actively click on the relevant link. Where embedded content or external services are used on the website, technical data such as IP address, browser information, date and time of access and usage data may be processed.

10. Applications

Where applications are submitted via the website, via our Personio tool, or by email, the personal data provided during the application process will be processed for the purpose of reviewing the application, communicating with applicants and conducting the selection process. This includes, in particular, contact details, CVs, references, certificates, cover letters and other information provided voluntary.

In the case of applications submitted using the Personio tool, please refer to its privacy policy.

11. Disclosure to third parties

Personal data may be disclosed to external service providers or other recipients to the extend that is necessary for the operation of the website, the processing of enquiries, communication, technical administration, security purposes or the conduct of business or recruitment processes. This may include, in particular, IT and hosting providers, communication providers, form or application service providers, as well as other contractually bound service providers.

Where service providers are engaged as data processors, this is done on the basis of appropriate contractual arrangements and in compliance with applicable data protection law.

12. Transfer of data abroad

Personal data may be transferred to recipients outside Switzerland or the EEA if required for services. Such transfers take place only in compliance with the applicable data protection requirements, in particular were there is a recognised adequate level of data protection, or appropriate contractual and organisational safeguards are in place.

13. Retention period

Personal data is stored only for as long as is necessary for the respective purposes, where statutory retention obligations apply, or where legitimate interests in documentation and evidence so require. Thereafter, the data is deleted, anonymised or its processing restricted, insofar as this is legally required or permissible.

Server log files are generally stored for a maximum of 12 months, unless their retention for a longer period is necessary for security reasons or to investigate cases of misuse. Contact enquiries and the associated correspondence are generally stored for the duration of the enquiry’s processing and for up to 24 months thereafter, provided there are no legal retention obligations or legitimate interests in longer storage. Application documents are generally stored for the duration of the application process and for up to 6 months thereafter, provided that no consent has been given for longer storage or that there are no legal obligations to the contrary. Consent and cookie preference data are stored for a period of up to 24 months or until revoked. Where commercial, tax or other statutory retention obligations apply, the relevant data are stored for the duration of these statutory periods.

14. Rights of data subjects

Data subjects have, in particular, the right under applicable data protection law to access, rectification, erasure, restriction of processing, objection to certain processing operations and, where provided for by law, to the disclosure or portability of their data. Consent given may be withdrawn with effect for the future.

To exercise these rights, a message may be sent to datenschutz@gcs.ch or to the postal addresses listed above.

If a person considers that the processing of their personal data infringes applicable data protection law, they may also contact the competent data protection supervisory authority.

15. Data security

Appropriate technical and organisational measures are taken to protect personal data against unauthorised access, loss, misuse, manipulation or unauthorised disclosure. These include, in particular, measures for access control, system security, authorisation control and the organisational safeguarding of processes.

16. Changes to this Privacy Policy

This privacy policy may be amended at any time, in particular if the website is further developed, new features are introduced or the legal framework changes. The current version published on the website shall prevail in each case.