.svg)
privacy policy
Mindstep is a brand of elivate GmbH and is therefore subject to the data protection regulations of elivate GmbH.
elivate GmbH ("elivate" or "we") places great importance on the protection of your data. Accessing the elivate website is generally possible without providing personal data. However, if you wish to contact us, it may be necessary to process personal data such as your name, email address, and phone number. If the processing of personal data is necessary and no legal basis exists for it, we will generally obtain your consent beforehand. According to Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Data Protection Act, DPA), every individual has the right to protect their privacy and to be safeguarded against misuse of their personal data. elivate takes the protection of your data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy. The processing of personal data, such as your name, address, email address, or phone number, always occurs in compliance with the General Data Protection Regulation (GDPR) and the country-specific data protection provisions applicable to elivate GmbH. With this privacy policy, we aim to inform the public about the type, scope, and purpose of the personal data we collect, use, and process. Additionally, affected individuals should be informed about their rights. elivate has implemented numerous technical and organizational measures to ensure the most comprehensive protection of the personal data processed through this website. Nonetheless, internet-based data transmissions may have security vulnerabilities, so an absolute protection cannot be guaranteed. Therefore, every affected individual is free to transmit personal data to us via alternative means, such as by telephone.
1. Definitions
Our privacy policy is based on terminology used by the European legislator within the framework of the General Data Protection Regulation (GDPR). The aim is to make the statement understandable for the general public as well as for our customers and business partners. Here are explanations of the most important terms:
- Personal Data: All information relating to an identified or identifiable natural person ("data subject"). A person is identifiable if they can be identified directly or indirectly, e.g., by name, ID number, location data, online identifier, or other factors.
- Data Subject: Any identified or identifiable natural person whose data is processed.
- Processing: Any operation performed with personal data, such as collection, storage, organization, structuring, alteration, retrieval, use, disclosure, comparison, restriction, deletion, or destruction.
- Restriction of Processing: Marking stored personal data to limit its future processing.
- Profiling: Automated processing of personal data to evaluate or predict personal aspects such as performance, health, interests, or behavior.
- Pseudonymization: Processing where personal data is altered in such a way that it can no longer be attributed to a specific data subject without additional information, provided that such additional information is kept separate and protected by technical measures.
- Controller: The natural or legal person, authority, institution, or other body that alone or jointly with others determines the purposes and means of processing.
- Processor: A natural or legal person, authority, institution, or other body that processes personal data on behalf of the controller.
- Recipient: A natural or legal person, authority, institution, or other body to whom the data is disclosed, regardless of whether it is a third party.
- Third Party: Any natural or legal person, authority, institution, or other body other than the data subject, the controller, the processor, and persons authorized to process the data under the direct responsibility of the controller or processor.
- Consent: A voluntary, informed, and unambiguous declaration of will by which the data subject agrees to the processing of their data.
2. Name and Address of the Controller
The responsible entity under the GDPR is:
elivate GmbH
Ernst-Nobs-Platz 1
CH - 8004 Zürich
Phone: +41 79 786 65 99
Email: ek@elivate.ch
Website: www.elivate.ch
3. Cookies
Our website uses cookies. Cookies are text files stored on your computer. Many websites and servers use cookies to collect information. Cookies often contain a so-called cookie ID, a unique identifier that allows the website or server to recognize your browser upon return. This enables a user-friendly design of our services, e.g., automatic login during repeated visits or remembering items in an online shop. You can prevent the setting of cookies at any time through your browser settings or delete existing cookies. Please note that doing so may limit the full functionality of our website.
4. General Data and Information Collection
Every time you visit our website or through automated systems, general data is stored in server log files, e.g.:
- Browser type and version
- Operating system of the user
- Referrer (source site)
- Access time and date
- IP address
- Internet service provider
- Other similar data used for attack prevention
This data is used solely for statistical purposes, to improve the website, ensure functionality, and to defend against and trace attacks. No conclusions about individual persons are drawn.
5. Registration on the Website
You have the option to register on our website with personal data. The data provided during registration is used solely for internal purposes and to provide the offered services. Your IP address, as well as the date and time of registration, are stored to prevent misuse and to clarify crimes if necessary. You can change or delete your data at any time. Upon request, we will inform you about the stored data and delete or correct it unless legal retention obligations prevent us from doing so.
6. Contact via the Website
If you contact us via email or contact form, the personal data you transmit will be stored. We use this data exclusively to process your inquiry. No data will be passed on to third parties unless legally required.
7. Deletion and Blocking of Personal Data
We only store your data as long as necessary for the respective purposes or as required by law. After these periods, data is routinely deleted or blocked.
8. Your Rights as a Data Subject
You have the following rights:
a) Right to confirmation: You can ask us at any time whether your data is being processed.
b) Right to access: You have the right to obtain free information about your stored data and a copy of this data.
c) Right to rectification: Incorrect data must be corrected without delay.
d) Right to deletion: You can request the deletion of your data unless legal retention obligations exist.
e) Right to restriction of processing: You can request the restriction of processing, e.g., in case of doubts regarding the accuracy of your data.
f) Right to data portability: You can request that your data be provided in a structured format and transmitted to you or a third party.
g) Right to object: You can object at any time to the processing of your data, e.g., in the case of direct marketing.
h) Right to not be subject to automated decision-making: You have the right not to be subject to decisions based solely on automated processing, including profiling.
i) Right to withdraw consent: You can withdraw your consent at any time.
Please direct all inquiries to the above contact details.
9. Data Protection in Applications
We collect and process your personal data, such as name, address, resume, and qualifications, for your application. If we employ you, your data will be stored in compliance with legal regulations. If your application is unsuccessful, your data will be deleted after two months unless justified interests oppose such deletion (e.g., evidence in accordance with the General Equal Treatment Act).
10. Use of Google Analytics (with Anonymization)
Our website uses Google Analytics, a web analytics service of Google Ireland Limited. Google Analytics uses cookies to analyze website usage. When IP anonymization is activated on our site, the IP address is shortened before storage. Google processes the data to evaluate website usage and compile reports for us. You can prevent cookies from being set by adjusting your browser settings or by downloading the browser add-on: https://tools.google.com/dlpage/gaoptout. More information on Google’s privacy practices can be found here: https://www.google.com/intl/en/policies/privacy/.
11. Use of LinkedIn
Our website contains components of the social network LinkedIn. When you use LinkedIn plugins (e.g., the “Share” button), certain data is transmitted to LinkedIn. If you are logged into LinkedIn, your visit to our site can be associated with your profile. You can prevent this by logging out of LinkedIn before visiting our site. For further details, see LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.
12. Legal Basis for Processing
The processing of your data is based on the following legal grounds:
- Art. 6 I lit. a GDPR: Consent
- Art. 6 I lit. b GDPR: Performance of a contract or pre-contractual measures
- Art. 6 I lit. c GDPR: Fulfillment of legal obligations
- Art. 6 I lit. d GDPR: Protection of vital interests
- Art. 6 I lit. f GDPR: Legitimate interests (e.g., protecting our company)
13. Duration of Storage
Your data is stored only as long as necessary for the respective purposes or as mandated by law. After these periods, data is routinely deleted.
14. Legal or Contractual Obligations
You are obliged to provide certain personal data, e.g., for contractual or legal reasons. Failure to do so may result in the inability to conclude the contract.
15. Automated Decision-Making
We refrain from automated decision-making or profiling to protect your rights and freedoms.
This privacy policy was created using the privacy policy generator of Cancellarius AG (http://www.cancellarius.ch / http://www.datenschutzgenerator.ch), in cooperation with the DGD German Society for Data Protection GmbH.