With this privacy statement, we inform you about which personal data we process as part of the menteez platform, including the website (hereafter "platform"). We explain for what purposes, to what extent, and at which locations personal data is processed. We also inform you about the rights of the concerned individuals.

1.     Contact Address

The entity responsible for processing personal data is problem solved GmbH, Teufener Strasse 89 in 9000 St. Gallen, reachable at the email info@menteez.ch.

2.     Legal Bases

We process personal data in accordance with Swiss data protection law, particularly the Federal Act on Data Protection (FADP) and the associated Data Protection Ordinance (DPO). Where applicable, we also consider other national or international data protection regulations.

3.     Nature, Scope, and Purpose

We only process the personal data needed to provide our services and activities in the long term, user-friendly, secure, and reliable manner. This can include, among other things, the following types of data: basic and contact data, technical browser and device data, content data, metadata and communication boundary data, usage and location data, as well as information on sales, contracts, and payments.

Personal data is stored and processed only as long as necessary or legally required for the respective purpose. Data that is no longer needed is deleted or anonymized.

In some cases, we also have personal data processed by external service providers or pass it on to such providers, for example to specialized providers whose support we use for our services. In such cases, we always ensure that the protection of the data is maintained.

As a rule, we base processing on the consent of the data subjects. However, processing can also occur without explicit consent if it is permissible for other legal reasons, such as fulfilling a contract, fulfilling legal obligations, or protecting legitimate interests.

We also process personal data transmitted to us by third parties, originating from publicly accessible sources, or that we collect ourselves as part of our activities, if this is legally permissible.

4.     Communication

We process personal data to be able to communicate with third parties. This especially includes information provided to us by a data subject as part of a contact, for example by post or email. We can store such data in an address book or similar systems.

Third parties who transmit personal data to us are obliged to ensure data protection for the data subjects, particularly the accuracy of the transmitted information.

To ensure efficient communication, we use selected services from suitable providers, particularly:

·       Framer: Website Builder; Provider: Framer B.V (Netherlands); Information on Data Protection: 'Privacy Statement.'

·       Infomaniak: Cloud Provider including Mail Service; Provider: Infomaniak Network AG (Switzerland); Data protection information: 'Privacy Policy.'

5.     Applications

We process personal data from applicants to assess their suitability for employment or for the later implementation of an employment contract. The necessary information is usually derived from the information requested as part of an application or job advertisement. We may publish job advertisements through suitable third parties, such as online job portals or print media.

We also process any additional data that applicants voluntarily provide or make publicly accessible – for example, in cover letters, resumes, additional documents, or online profiles.

We may offer applicants the opportunity to store their data in a talent pool to be considered for future job openings. The information stored there can also be used to maintain contact or to inform about relevant news. If the existing information indicates that a profile is suitable for an open position, we may actively point this out to the person concerned.

6.     Data Security

We take appropriate technical and organizational measures to ensure data security according to the respective risk. These measures are particularly aimed at ensuring the confidentiality, integrity, availability, and traceability of the processed personal data. However, absolute security cannot be guaranteed.

7.     Rights of Data Subjects

We grant all claims to data subjects in accordance with the applicable data protection law. Data subjects have in particular the following rights:

·       Access: Data subjects can request information about whether we process personal data about them, and if so, what personal data it involves. Data subjects also receive the information necessary to assert their data protection rights and ensure transparency. This includes the processed personal data as such, but among other things also information about the processing purpose, retention period, any disclosure or export of data to other states, and the origin of the personal data.

·       Rectification and Restriction: Data subjects can have incorrect personal data corrected, incomplete data completed, and the processing of their data restricted.

·       Deletion and Objection: Data subjects can have personal data deleted ("right to be forgotten") and object to the processing of their data with future effect.

·       Data Release and Data Transfer: Data subjects can request the release of personal data or the transfer of their data to another controller.

We can defer, restrict, or refuse the exercise of data subjects' rights within the legally permissible framework. We can point out to data subjects any requirements to be met for exercising their data protection rights. For example, we may refuse to provide information in whole or in part by referencing trade secrets or the protection of other individuals. We can, for example, also refuse the deletion of personal data by referencing legal retention obligations in whole or in part.

8.     Use of the Website

We may use cookies. Cookies – our own cookies (first-party cookies) as well as cookies from third parties whose services we use (third-party cookies) – are data stored in the browser. Such saved data does not have to be limited to traditional cookies in text form. Cookies can be completely or partially deactivated and deleted in the browser settings at any time. Without cookies, our website may no longer be available to the full extent. We actively request express consent to the use of cookies – at least when and where necessary.

We can log at least the following information for every access to our website and other online presence, provided that this information is transmitted to our digital infrastructure during such access: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, accessed individual sub-page of our website including transferred data volume, last webpage visited in the same browser window. We log such information, which may also constitute personal data, in log files. The information is necessary to provide our online presence permanently, user-friendly, and reliably. The information is also necessary to be able to ensure data security – also by third parties or with the assistance of third parties.

We can integrate count pixels into our online presence. Count pixels are also referred to as web beacons. Count pixels – also from third parties whose services we use – are usually small, invisible images or scripts formulated in JavaScript that are automatically retrieved when accessing our online presence. With count pixels, at least the same information as in log files can be recorded.

9.     Notifications and Communications

We send notifications and communications via email and through other communication channels such as instant messaging or SMS.

Notifications and communications can contain web links or count pixels that record whether a particular communication was opened and which web links were clicked. Such web links and count pixels can also record the use of notifications and communications in relation to individuals. We need this statistical recording of utilization for success and reach measurement to be able to send notifications and communications effectively and user-friendly as well as permanently, safely, and reliably based on the needs and reading habits of recipients.

You must consent to the use of your email address and other contact addresses unless the use is permissible for other legal reasons. For possibly obtaining double-confirmed consent, we may use the "double opt-in" procedure. In this case, you will receive a communication with instructions for double confirmation. We can log obtained consents, including IP address and timestamp, for proof and security reasons.

You can generally object to receiving notifications and communications like newsletters at any time. With such an objection, you can at the same time object to the statistical recording of utilization for success and reach measurement. Necessary notifications and communications related to our activities and operations remain reserved.

We send notifications and communications with the help of specialized service providers. We primarily use:

-        Infomaniak: Cloud Provider including Mail Service; Provider: Infomaniak Network AG (Switzerland); Information on Data Protection: 'Privacy Policy.'

10.  Social Media

We are present on social media platforms and other online platforms to communicate with interested parties and inform about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland and the European Economic Area (EEA). 

The respective terms and conditions (AGB) and usage conditions as well as privacy statements and other provisions of the individual operators of such platforms also apply. These provisions particularly inform about the rights of data subjects directly against the respective platform, which includes, for example, the right to access.

For our social media presence on Facebook, including the so-called page insights, we – provided and insofar as the General Data Protection Regulation (GDPR) is applicable – are jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta companies (including in the USA). Page insights provide information about how visitors interact with our Facebook presence. We use page insights to make our social media presence on Facebook effective and user-friendly.

Further information on the nature, extent, and purpose of data processing, information on the rights of data subjects, and the contact details of Facebook as well as the data protection officer of Facebook can be found in Facebook's privacy statement.

We use services from specialized third parties to be able to carry out our activities and operations permanently, user-friendly, securely, and reliably. With such services, we can embed functions and content into our website. In such an embedding, the utilized services record the IP addresses of users for technical reasons, at least temporarily.

For required security-relevant, statistical, and technical purposes, third parties whose services we use can process data related to our activities and operations in an aggregated, anonymized, or pseudonymized form. It involves, for example, performance or usage data to be able to offer the respective service. We particularly use:

·       Services from Google: Providers include Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; General information on privacy: 'Privacy and Security Principles,' Privacy Statement, 'Google is committed to complying with applicable privacy laws,' 'Privacy Guide for Google Products,' 'How we use data from sites or apps using our services' (Google information), 'Types of cookies and similar technologies used by Google,' 'Ad settings' ('Personalized Advertising').

We use services from specialized third parties to be able to utilize required digital infrastructure related to our activities and operations. This includes, for example, hosting and storage services from selected providers. We particularly use:

·       Google Cloud including Google Cloud Platform (GCP): Storage space and other infrastructure; Google Cloud-specific providers: Google/ LLC (USA) for users among others in the USA / Google Ireland Limited or Google Commerce Limited (both Ireland) among others for users in the European Economic Area (EEA) and Switzerland (see 'Google Contracting Entity' for providers in other states); Google Cloud-specific information: 'Privacy Resource Center,' 'Privacy,' 'Compliance Resource Center,' 'Trust and Security.'

We use services from specialized third parties to be able to schedule appointments online, for example for meetings. In addition to this privacy statement, any visible conditions of the used services such as terms of use or privacy statements also apply. We particularly use:

·       Google Calendar: Online appointment scheduling; Provider: Google; Google Calendar-specific information: 'Scheduling with Google Calendar,' 'Privacy in Google Calendar.'

We use specialized services for audio and video conferences to communicate online. This allows us to hold virtual meetings or conduct online lessons and webinars. The participation in audio and video conferences is subject to the legal texts of the individual services such as privacy statements and terms of use. We recommend, depending on the life situation, to mute the microphone by default when participating in audio or video conferences and to blur or display a virtual background. We particularly use:

·       Google Meet: Video Conferences; Provider: Google; Google Meet-specific information: 'Google Meet – Security and Privacy for Users.'

·       Zoom: Platform for collaborative work, particularly with video conferences; Provider: Zoom Video Communications Inc. (USA); Information on privacy: 'Privacy at Zoom,' Privacy Statement, 'Legal Compliance.'

We use services from third parties to enable online collaboration. In addition to this privacy statement, any visible conditions of the used services such as terms of use or privacy statements apply. We particularly use:

·       Notion: Platform for team collaboration; Provider: Notion Labs Inc. (USA); Information on privacy: Privacy Statement, 'Security & Privacy,' Cookie Policy.

We use services and plugins from third parties to embed features and content from social media platforms as well as to enable sharing content on social media platforms and in other ways. We particularly use:

·       Facebook (Social Plugins): Embedding Facebook functions and Facebook content, for example 'Like' or 'Share'; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Information on privacy: Privacy Statement.

·       Instagram Platform: Embedding Instagram content; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Information on privacy: Privacy Statement (Instagram), Privacy Statement (Facebook).

·       LinkedIn Platform: Embedding LinkedIn functions and content, for example with plugins like the 'Share Plugin'; Provider: Microsoft; LinkedIn-specific information: 'Privacy,' Privacy Statement, Cookie Policy, Cookie Management / Objection to email and SMS communication from LinkedIn, Objection to interest-based advertising.

·       TikTok (Social Plugins): Embedding TikTok functions and content, for example 'Share to TikTok'; Providers: TikTok Information Technologies UK Limited (United Kingdom) and TikTok Technology Limited (Ireland) for users in the European Economic Area (EEA), United Kingdom, and Switzerland / TikTok Inc. (USA) for users in the USA / TikTok Pte. Ltd. (Singapore) for users in the rest of the world; Information on privacy: Privacy Statement, 'Privacy Policy for Younger Users,' Cookie Policy, 'Privacy and Cookie Policy for TikTok for Business.'

We use services from specialized third parties to enable direct playback of digital audio and video content like music or podcasts. We particularly use:

·       Loom: Video Hosting, especially hosting of screen recordings; Providers: Atlassian Pty Ltd (Australia) / Atlassian Inc. (USA); Information on privacy: Privacy Statement, Cookie and Tracking Policy.

·       YouTube: Video Platform; Provider: Google; YouTube-specific information: 'Privacy and Security Center,' 'My Data on YouTube.'

We use services from third parties to embed documents into our website. Such documents can include PDF files, presentations, spreadsheets, and text documents. This allows not only viewing but also editing or commenting on such documents. We particularly use:

·       Canva: Digital Documents; Provider: Canva Pty Ltd (Australia); Information on privacy: Privacy Statement, 'Trust,' 'Security at Canva,' Cookie Policy.

·       Google Docs: Documents, Presentations, and Spreadsheets; Provider: Google; Google Docs-specific information: 'Privacy in Google Docs, Google Sheets, and Google Slides.'

We use services from third parties to embed selected fonts as well as icons, logos, and symbols into our website. We particularly use:

·       Google Fonts: Fonts; Provider: Google; Google Fonts-specific information: 'Your Privacy and Google Fonts,' 'Privacy and Data Collection' (at Google Fonts).

We use the opportunity to have targeted advertising displayed by third parties like social media platforms and search engines for our activities and operations. We particularly want to reach people with such advertising who are already interested in or could be interested in our activities and operations (remarketing and targeting). For this, we can transmit corresponding – possibly also personal – information to third parties that enable such advertising. We can also determine whether our advertising is successful, that is, in particular, whether it leads to visits to our website (conversion tracking). Third parties where we advertise and where you are registered as a user may possibly associate the use of our website with your profile there. We particularly use:

·       Google Ads: Search Engine Advertising; Provider: Google; Google Ads-specific information: Advertising including based on search queries, with various domain names – particularly doubleclick.net, googleadservices.com, and googlesyndication.com – used for Google Ads, 'Advertising' (Google), 'Manage ads displayed directly through ads.'

·       LinkedIn Ads: Social Media Advertising; Providers: LinkedIn Corporation (USA) / LinkedIn Ireland Unlimited Company (Ireland); Information on privacy: Remarketing and targeting especially with the LinkedIn Insight Tag, 'Privacy,' Privacy Statement, Cookie Policy, Objection to personalized advertising.

·       Meta Ads: Social Media Advertising on Facebook and Instagram; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Information on privacy: Targeting, also retargeting, particularly with the Meta Pixel and with Custom Audiences including Lookalike Audiences, Privacy Statement, 'Ad Preferences' (login as a user required).

·       Microsoft Advertising: Search Engine Advertising on Bing, DuckDuckGo, and Yahoo!; Provider: Microsoft; Microsoft Advertising-specific information: 'Microsoft Advertising Privacy Policies,' 'Microsoft Advertising Policies: Legal, Privacy, and Security,' 'Ad Settings' (objection to personalized advertising).

·       TikTok Ads: Social Media Advertising; Providers: TikTok Information Technologies UK Limited (United Kingdom) and TikTok Technology Limited (Ireland) for users in the European Economic Area (EEA), United Kingdom, and Switzerland / TikTok Inc. (USA) for users in the USA / TikTok Pte. Ltd. (Singapore) for users in the rest of the world; Information on privacy: Remarketing and targeting especially with the TikTok Pixel, Privacy Statement, 'Privacy Policy for Younger Users,' Cookie Policy, 'Privacy and Cookie Policy for TikTok for Business.'

We use extensions for our website to be able to utilize additional functions. We can use selected services from suitable providers or use such extensions on our own digital infrastructure. We particularly use:

·       Google reCAPTCHA: Spam protection (distinction between desired content from humans and undesired content from bots and spam); Provider: Google; Google reCAPTCHA-specific information: 'What is reCAPTCHA?'

12.  Success and Reach Measurement

We try to determine how our online offering is used. In this context, we can, for example, measure the success and reach of our activities and operations as well as the impact of third-party links to our website. But, for example, we can also try and compare how different parts or versions of our online offering are used ('A/B-Test' method). Based on the results of the success and reach measurement, we can particularly fix errors, strengthen popular content, or make improvements to our online offering.

For the success and reach measurement, in most cases, the IP addresses of individual users are stored. In this case, IP addresses are usually shortened ('IP-Masking') to follow the principle of data minimization through corresponding pseudonymization.

Cookies can be used in success and reach measurement, and user profiles can be created. Potentially created user profiles, for example, include the visited individual pages or viewed content on our website, information on the size of the screen or browser window, and the – at least approximate – location. Basically, any user profiles created are only pseudonymized and not used to identify individual users. Individual services from third parties where users are registered may possibly associate the use of our online offer with the user account or user profile of the respective service.

We particularly use:

·       Google Marketing Platform: Success and Reach Measurement, especially with Google Analytics; Provider: Google; Google Marketing Platform-specific information: Measurement also across different browsers and devices (Cross-Device Tracking) and with pseudonymized IP addresses that are only exceptionally fully transferred to Google in the USA, 'Privacy' (with Google Analytics), 'Browser Add-on to disable Google Analytics.'

·       Google Tag Manager: Inclusion and management of services from Google and third parties, especially for success and reach measurement; Provider: Google; Google Tag Manager-specific information: 'Data collected with Google Tag Manager'; further information on privacy can be found with the individual included and managed services.

·       Hotjar: Recording user behavior; Provider: Hotjar Ltd. (Malta); Information on privacy: Recording without reference to individual website visitors, for example concerning movements and clicks with a mouse or with another input option, 'Privacy and Hotjar,' 'Privacy,' Privacy Statement, Cookie Policy, 'Security.'

13.  Final Provisions

We can adjust and supplement this privacy statement at any time. We will inform about such adjustments and supplements in a suitable form, particularly by publishing the current privacy statement on our website.

Version September 2025