Privacy Policy

1. Responsible party and contact details

The responsible party within the meaning of data protection laws (Swiss DSG, EU GDPR) is:

CIIB GmbH 
Alte Steinhauserstrasse 1 
6330 Cham, Switzerland 
Email: info@ciib.com 

2. Definitions

This privacy policy uses terms such as “personal data,” “processing,” “data subject,” and “profiling” in accordance with the definitions in data protection laws. These terms apply to all users regardless of location. 

3. Scope

This policy applies to all processing of personal data by CIIB GmbH, including our online services (websites, platforms, apps) as well as external presences (e.g., social media, webinars, newsletters, applicant management, nearshore and subsidiary companies). 

4. Types of data processed

• Inventory data (name, address, company) 
• Contact details (email, telephone) 
• Content, contract, and usage data 
• Payment data (for paid services) 
• Communication data, meta, and log data (e.g., IP address, device information) 
• Applicant data in the context of recruiting
• Location data (when accessing from mobile devices) 
• Images as part of communication or meetings (only with consent) 
• Special categories of personal data (only with consent) 

5. Purposes of processing

• Provision and marketing of services (product data management, digital marketing, content creation, customer service including human touch teams) 
• Contract and project management, consulting, support
• Provision of digital platforms and tools (including ENRICHIX) 
• Marketing, communication, customer acquisition (CRM, newsletters, social media) 
• Website and IT security 
• Optimization and further development of our services
• Application, personnel selection, recruiting

6. Relevant legal bases

Your data is processed in accordance with the GDPR (EU) and the Swiss Data Protection Act (DSG), as applicable.

7. Data origin and collection

We collect data when you use our services, contact us, fill out forms, submit applications, or interact with us via digital channels (newsletters, social media). Some data is collected automatically (log files, cookies, tracking tools).

8. Cookies, Tracking and Consent Management 

We use cookies and similar technologies to analyze, improve, and market our online services. For cookies that are not strictly necessary, we obtain consent, which can be revoked at any time. Details on tools, providers, and third-country transfers can be found below and in the consent banner. 

9. Use of external tools & platforms 

• CRM: HubSpot, including email/newsletter management 
• Analytics & advertising: Google Analytics, Google Ads, LinkedIn Insights, Facebook Pixel 
• Social media: LinkedIn, Facebook, X, YouTube, Instagram 
• Conference tools: Microsoft Teams, Google Meet
• Content and Cloud services: Microsoft Cloud, Automattic/WordPress, WeTransfer, newsletter and tracking tools 
• AI: Use of AI-based services such as ChatGPT, in each case in compliance with applicable data protection regulations. 
 
Processing via international providers is carried out in accordance with standard contractual clauses, DPF certifications, or based on consent. 

10. International data transfer & nearshoring

Where necessary, personal data is transferred to subsidiaries (including Serbia/Belgrade) and IT service providers at home and abroad. Legal guarantees and protection mechanisms for data transfers to third countries (e.g., EU standard contractual clauses, DPF lists, Switzerland-specific guarantees) are complied with. 

11. Storage period and deletion

Personal data will be stored for as long as necessary for the respective purpose (contract term, project completion, retention obligations). After that, the data will be deleted unless statutory retention obligations continue to apply. 

12. Rights of data subjects

• Information, correction, deletion, restriction, objection, revocation 
• Data portability 
• Complaint to data protection supervisory authority (CH: FDPIC, EU: respective authority) 
• Consent can be revoked at any time, especially for marketing and cookies 

13. Applicant data and recruiting 

Data collected during recruitment processes is stored exclusively for the intended purpose (filling vacant positions, talent pool) and stored for a maximum of 6 months after completion of the process; longer retention only with explicit consent.

14. Your obligations (e.g., in the application process, as a business partner) 

Please ensure that you do not send any sensitive data unencrypted by email. If necessary, please inform your employees or third parties whose data you transmit about this privacy policy.

15. Change of terms 

This privacy policy is updated regularly. The currently valid version is available at ciib.com/datenschutz. 

16. Contact Data Protection Office 

For inquiries, complaints, or to assert your rights: 
info@ciib.com 

Note: An English version is available for international users. For individual concerns or specific order processing agreements, please contact CIIB directly.