In the following, we provide information about the processing of personal data
- on our website https://www.tagliabuepartners.com/
- in our profiles in social media
- within application processes
- outside the website (e.g., when sharing with recipients of the data).
Personal data refers to any information relating to an identified or identifiable natural person, such as their name or email address.
1.1 Contact details
The controller according to Art. 5 lit. j Federal Act on Data Protection (FADP) is MTPExecutive Search GmbH, gessnerallee 28, Zurich, Switzerland, email:info@mtpartners.ch. We are legally represented by Mirko Tagliabue. Our Data Protection Officer is Martin Bastius and can be reached via heyData GmbH, Schützenstraße 5,10117 Berlin, www.heydata.eu , email: datenschutz@heydata.eu.unswick,Newfoundland and Labrador, and Nova Scotia have enacted legislation that
1.2 Disclosure abroad
Insofar as we transfer personal data to service providers or other third parties outside Switzerland, Federal Council decisions according to Art. 16 para. 1 FADPusually guarantee the security of the data during the transfer. According to these decisions, the legislation there provides adequate protection. Such adequacy has been determined by the Federal Council for the states, territories, specific sectors within a state, and international bodies listed in Art. 8 para. 1 Ordinance on Data Protection (Data Protection Ordinance, DPO) in conjunction with Annex 1. These can be accessed at https://www.bj.admin.ch/ bj/de/ home/staat/ datenschutz/ internationales/ anerkennung-staaten.html .This is the case for the following countries:
Germany
Andorra
Argentina
Austria
Belgium
Bulgaria
Canada (An adequate level of data protection is considered guaranteed if the Canadian federal law "Loi sur la protection des renseignements personnels et les documents électroniques" of April 13, 2000, applies within the private sector, or the law of a Canadian province that largely corresponds to this federal law. The federal law applies to personal data collected, processed, or disclosed in the course of commercial activities, regardless of whether they are organisations like associations, partnerships, individuals, or unions, or federally regulated businesses such as facilities, works, undertakings, or activities that fall within the legislative jurisdiction of the Canadian Parliament. The provinces of Quebec, British Columbia, and Alberta have enacted legislation that largely corresponds to the federal law; the provinces of Ontario, New Brlargely corresponds to the federal law in the area of health data. In all Canadian provinces, the federal law applies to all personal data collected, processed, or disclosed by federally regulated businesses, including data about employees of these businesses. The federal law also applies to personal data transferred in the course of commercial activities to another province or country.)
Cyprus
Croatia
Denmark
Spain
Estonia
Finland
France
Gibraltar
Greece
Guernsey
Hungary
Isle of Man
Faroe Islands
Ireland
Iceland
Israel
Italy
Jersey
Latvia
Liechtenstein
Lithuania
Luxembourg
Malta
Monaco
Norway
New Zealand
Netherlands
Poland
Portugal
Czech Republic
Romania
United Kingdom
Slovakia
Slovenia
Sweden
Uruguay
Note for the U.S.: When data is disclosed to service providers in the U.S. (e.g.,Webflow, Google, Microsoft, Adobe, OpenAI), such disclosure is based on the Federal Council’s adequacy decision (Swiss-U.S. Data Privacy Framework), provided that the service provider is certified accordingly. In other cases (e.g., if no adequacy decision exists), the legal basis for data transfer is generally—unless we provide otherwise—the Standard Data Protection Clauses. These are a set of rules adopted by the Federal Data Protection and Information Commissioner (FDPIC) and form part of the contract with the respective third party.Pursuant to Art. 16(2)(d) of the Data Protection Act (DSG), they ensure the security of data transfers.
1.3 Rights of data subjects
Data subjects generally have the following rights against us, among others,regarding their personal data:
- Right to access information about whether personal data about them is being processed.
- Right to obtain their personal data that they have disclosed to us,
- Right to rectification,
- Right to object to processing.
2.1 Informational use of the website
When using the website for informational purposes, i.e., if visitors do not transmit specific information to us, we collect the personal data that the browser transmits to our server in order to ensure the stability and security of our website. This serves to ensure the IT security of the website.
These data include, for example:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software.
- These data are also stored in log files.
2.2 Data on third-party devices
Through our website, we process data on third-party devices by means of telecommunications transmission within the scope described in the previous and following sections. Visitors can refuse the processing, for example, by making appropriate presettings intheir browser to block or delete cookies.
2.3 Web hosting and provision of the website
Our website is hosted by Webflow. The provider is Webflow, Inc., 398 11th St., Floor 2,San Francisco, CA 94103, USA. The provider processes the personal data transmittedvia the website, which are also mentioned in other sections of this privacy policy, e.g.,content, usage, meta/communication data or contact data. The provider is therefore the data recipient. Further information can be found in the provider's privacy policy at https://webflow.com/legal/eu-privacy-policy. The processing is a prerequisite for us to offer a website and present ourselves externally. The provider processes personal data in the USA. Notes on guarantees according to Article 16 paragraph 2 can be found in the section "Disclosure abroad".
2.4 Third-party providers on the website
2.4.1 Google Analytics
We use Google Analytics for analytics. The provider is Google LLC, 1600Amphitheatre Parkway Mountain View, CA 94043, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times),meta/communication data (e.g. device information, IP addresses) in the USA in theUSA.The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.The transfer of personal data to a country outside the EEA takes place on the legalbasis adequacy decision. The security of the data transferred to the third country (i.e.a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.
The data will be deleted when the purpose for which it was collected no longer applies, and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://business.safety.google/privacy/.
2.4.2 heyData
We use a data protection seal from the provider heyData GmbH, Schützenstraße 5,10117 Berlin, Germany (privacy policy: https://heydata.eu/datenschutzerklaerung) to provide site visitors with confirmation of our data protection compliance. The provider is a recipient of personal data in the context of the mentioned processing. The provider processes personal data in Germany. Information on guarantees, according to Article 16 paragraph 2, can be found in the section "Disclosure abroad."
We are present on social media networks to showcase our organisation and services there. Operators of these networks regularly process users' data for advertising purposes. Among other things, they create user profiles from their online behaviour, which are used, for example, to display advertisements on the networks' sites and also elsewhere on the Internet that match users' interests. To this end, network operators store information about usage behaviour in cookies on users' computers. It is also possible that operators merge this information with other data. Further information and hints on how users can object to processing by the page operators can be found in the privacy policies of the respective operators listed below. Operators or their servers may also be located abroad, so they may process data there. This may pose risks for users, for example, because the enforcement of their rights is more difficult, or government agencies may access the data.When users of the networks contact us via our profiles, we process the data provided to us to respond to inquiries.
3.1 LinkedIn
We maintain a profile on LinkedIn. The operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The privacy policy is available here:https://https://www.linkedin.com/legal /privacy-policy?_l=de_DE. One way to object to data processing is via the settings for advertisements:https://www.linkedin.com/ psettings/ guest-controls/ retargeting-opt-out.
When individuals apply to us, or we directly contact promising candidates as part of search mandates, we process their data for the purposes of the application process and career counselling. In particular, we process master data (e.g., name), contact information (e.g., email address), and data regarding professional background (e.g.,resume, qualifications). We collect this data either directly from the data subjects or from publicly available sources, such as professional social networks (e.g., LinkedIn),for research and identification purposes. Furthermore, candidate-specific data, such as salary history, salary expectations, availability, and performance and evaluation data from interviews, are processed. If data subjects have given their explicit consent, this also includes recordings as well as AI-supported transcripts and analyses of video interviews by the provider Metaview. Since our business model is based on long-term career support, we store data in our talent pool for as long as is appropriate for facilitating future career opportunities, unless the data subject requests early deletion. In the event of a rejection for a specific assignment, we store the data for a period of up to 6 months to defend against any legal claims, provided that the individual has not been included in the talent pool.
In individual cases and only if you have given us your express consent in advance(e.g., verbally at the beginning of the conversation or in writing), we record business conversations or meetings (audio or video). These recordings are used for quality assurance, training purposes, or to document complex issues.The legal basis for this processing is your consent. You can revoke this consent at any time with effect for the future. The recordings are treated confidentially and deleted as soon as the purpose of the recording no longer applies (e.g., after a protocol has been created), but no later than after 3 months, provided that there are no legal retention obligations to the contrary
5.1 Processing Purposes
We process personal data for the purposes mentioned below or elsewhere in this document (e.g., under "Recipients of Data"):
Provision of contractual services and fulfillment of contractual obligations
Contact (e.g., via email or phone)
Communication
Responding to inquiries
IT security measures
Direct marketing
Request and consideration of feedback
5.2 Recipients of Data
Recipients of data are service providers we use (e.g., processors), cloud software providers we deploy, and other external entities.
For a full list please reach out directly.
We reserve the right to change this privacy policy with effect for the future. A current version is always available here.
For questions or comments regarding this privacy policy, we are happy to provide the contact details listed above.