With this privacy statement, we inform you about which personal data we process within the menteez platform, including the website (hereinafter "platform"). We explain the purposes, the extent and the locations where personal data is processed. Additionally, we inform you about the rights of affected individuals.

1.     Contact Address

Responsible for the processing of personal data is menteez, Schaffhauserstrasse 25 in 8442 Hettlingen, reachable via info@menteez.ch.

2.     Legal Basis

We process personal data in accordance with Swiss data protection law, particularly the Federal Act on Data Protection (DSG) and the corresponding Data Protection Ordinance (DSV). Where applicable, we also consider other national or international data protection regulations.

3.     Nature, Scope, and Purpose

We only process personal data necessary to provide our offerings and activities in a long-term, user-friendly, safe, and reliable manner. This can include the following data types: basic and contact data, technical browser and device data, content data, meta and communication margin data, usage and location data, as well as details regarding sales, contracts, and payments.

Personal data is stored and processed only as long as necessary for the respective purpose or legally required. Data no longer needed is deleted or transformed into an anonymous form.

In some cases, we also allow external service providers to process personal data or pass it onto them, such as specialized providers whose support we use for our services. Even in such cases, we ensure that the protection of the data is always maintained.

As a rule, we base the processing on the consent of the affected individuals. However, if processing is permissible under other legal grounds, such as conducting a contract, fulfilling legal obligations, or protecting legitimate interests, it can occur without express consent.

We also process personal data transmitted to us by third parties, originating from publicly accessible sources, or that we collect ourselves in the course of our activities, provided this is legally permitted.

4.     Communication

We process personal data to communicate with third parties. This includes particularly those pieces of information provided by an affected individual during a contact, such as by mail or email. Such data can be stored in an address book or similar systems.

Third parties transmitting personal data to us are obligated to ensure data protection for the affected individuals, especially the accuracy of the submitted information.

For efficient communication, we use selected services from appropriate providers, particularly:

·       Framer: Website builder; Provider: Framer B.V (Netherlands); Data protection information: "Privacy Statement".

·       Infomaniak: Cloud provider including mail service; Provider: Infomaniak Network AG (Switzerland); Data protection information: "Privacy Policy".

5.     Applications

We process personal data from applicants as far as necessary to assess their suitability for an employment relationship or to later process an employment contract. The necessary details typically arise from the information requested during an application or job advertisement. We may publish job advertisements through suitable third parties, such as online job portals or printed media.

Furthermore, we process all other data that applicants voluntarily provide or make publicly accessible - for instance, in cover letters, resumes, additional documents, or online profiles.

We may offer applicants the opportunity to save their data in a talent pool, to consider them for future job positions. We can also use the data stored there to maintain contact or inform about relevant news. If the existing information suggests a profile suitable for an open position, we may actively point out to the corresponding person.

6.     Data Security

We take appropriate technical and organizational measures to ensure data security commensurate with the respective risk. These measures primarily serve to ensure the confidentiality, integrity, availability, and traceability of processed personal data. Absolute security cannot be guaranteed.

7.     Rights of Affected Individuals

We grant affected individuals all claims according to the applicable data protection law. Affected individuals have the following rights, in particular:

·       Information: Affected individuals can request information on whether we process personal data about them, and if so, which personal data it is. Affected individuals also receive the information necessary to assert their data protection claims and ensure transparency. This includes the processed personal data itself, but also details on the processing purpose, retention duration, possible disclosure or export of data to other states, and the origin of personal data.

·       Correction and Restriction: Affected individuals can correct incorrect personal data, complete incomplete data, and restrict the processing of their data.

·       Deletion and Objection: Affected individuals can request the deletion of personal data ("right to be forgotten") and object to the processing of their data with effect for the future.

·       Data Release and Transfer: Affected individuals can demand the release of personal data or the transfer of their data to another responsible party.

We may postpone, restrict, or refuse the exercise of the rights of affected individuals within the legally permissible framework. We may inform affected individuals about any conditions to be fulfilled for exercising their data protection claims. We may, for example, fully or partially refuse disclosure by referring to trade secrets or the protection of other individuals. We may also entirely or partly refuse the deletion of personal data by referring to legal retention obligations.

8.     Use of the Website

We may use cookies. Cookies – own cookies (first-party cookies) as well as cookies from third parties whose services we use (third-party cookies) – are data stored in the browser. Such stored data does not need to be limited to traditional text-form cookies. Cookies can be fully or partially disabled and deleted in the browser settings at any time. Without cookies, our website may not be fully available. We actively seek – at least as required – explicit consent for the use of cookies.

For each access to our website and our other online presence, we may log at least the following details, provided they are transmitted to our digital infrastructure during such accesses: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, accessed individual sub-page of our website including transferred data amount, last webpage accessed in the same browser window. We log such data, which may also represent personal data, in log files. The information is necessary to provide our online presence permanently, in a user-friendly, and reliable manner. The information is also necessary to ensure data security – also through third parties or with the help of third parties.

We may incorporate tracking pixels into our online presence. Tracking pixels are also known as web beacons. Tracking pixels – including those from third parties whose services we use – are usually small, invisible images or JavaScript-formulated scripts automatically retrieved when accessing our online presence. With tracking pixels, at least the same information as in log files can be collected.

9.     Notifications and Communications

We send notifications and communications via email and other communication channels such as instant messaging or SMS.

Notifications and communications may contain weblinks or tracking pixels that capture whether a single communication has been opened and which weblinks were clicked. Such weblinks and tracking pixels can also record the use of notifications and communications on a personalized basis. We require this statistical recording of use for success and reach measurement, to be able to send notifications and communications effectively, user-friendly, securely, and reliably based on the needs and reading habits of the recipients.

You must consent to the use of your email address and other contact addresses, unless the use is permissible for other legal reasons. We may use the "double opt-in" procedure for possibly obtaining double-confirmed consent. In this case, you receive a notification with instructions for double confirmation. We may log obtained consents including IP address and timestamp for proof and security reasons.

You can generally object to receiving notifications and communications such as newsletters at any time. With such an objection, you can also object to the statistical recording of use for success and reach measurement. Required notifications and communications related to our activities and tasks remain reserved.

We send notifications and communications with the help of specialized service providers. We particularly use:

-        Infomaniak: Cloud provider including mail service; Provider: Infomaniak Network AG (Switzerland); Data protection information: "Privacy Policy".

10.  Social Media

We are present on social media platforms and other online platforms to communicate with interested individuals and inform about our activities and tasks. In connection with such platforms, personal data may also be processed outside Switzerland and the European Economic Area (EEA).

Each applies to the General Terms and Conditions (GTC) and Terms of Use as well as privacy statements and other regulations of the individual operators of such platforms. These regulations particularly inform about the rights of affected individuals directly towards the respective platform, which includes the right to information.

For our social media presence on Facebook, including the so-called page insights, we are jointly responsible with Meta Platforms Ireland Limited (Ireland) – as far as the General Data Protection Regulation (GDPR) is applicable. The Meta Platforms Ireland Limited is part of the Meta companies (including in the USA). Page insights provide insights into how visitors interact with our Facebook presence. We use page insights to provide our social media presence on Facebook effectively and user-friendly.

More information about the nature, scope, and purpose of data processing, information about the rights of affected individuals, and contact details of Facebook and the data protection officer of Facebook can be found in Facebook's privacy statement.

We use services from specialized third parties to carry out our activities and tasks permanently, user-friendly, securely, and reliably. With such services, we can embed functions and content into our website. During such embedding, the used services must temporarily record at least the IP addresses of users for technically Mandatory Reasons.

Third Parties whose services we use can process data aggregated, anonymized, or pseudonymized for Required security-related, statistical, and technical purposes. This includes, for instance, performance or usage data to offer the respective service. We particularly use:

·       Services from Google: Providers: Google LLC (USA) / Google Ireland Limited (Ireland; for users in the European Economic Area [EEA] and Switzerland); General information on data protection: "Principles on privacy and security", Privacy statement, "Google is committed to compliance with applicable data protection laws", "Privacy Guide for Google Products", "How we use data from websites or apps where our services are used" (Information from Google), "Types of cookies and similar technologies used by Google", "Advertising you influence" ("Personalized advertising").

We use services from specialized third parties to utilize the necessary digital infrastructure related to our activities and tasks. This includes, for instance, hosting and storage services from selected providers. We particularly use:

·       Google Cloud including Google Cloud Platform (GCP): Storage space and other infrastructure; Google Cloud-specific providers: Google LLC (USA) for users, particularly in the USA / Google Ireland Limited or Google Commerce Limited (both Ireland) for users especially in the European Economic Area (EEA) and Switzerland (see "Contracting Entity on Google's side" ["Google Contracting Entity"] for providers in other states); Google Cloud-specific information: "Privacy Resource Center", "Privacy", "Compliance Resource Center", "Trust and Security".

We use services from specialized third parties to schedule appointments online, for instance, for meetings. In addition to this privacy statement, directly visible conditions of the used services such as terms of use or privacy statements apply. We particularly use:

·       Google Calendar: Online appointment scheduling; Provider: Google; Google Calendar-specific information: "Scheduling appointments with Google Calendar", "Privacy in Google Calendar".

We use specialized services for audio and video conferences to communicate online. With this, we can, for example, hold virtual meetings or conduct online classes and webinars. For participating in audio and video conferences, the legal texts of individual services such as privacy statements and terms of use apply additionally. We recommend, depending on the situation in life, when participating in audio or video conferences, to have the microphone muted as standard and to blur the background or display a virtual background. We particularly use:

·       Google Meet: Video conferences; Provider: Google; Google Meet-specific information: "Google Meet – security and privacy for users".

·       Zoom: Platform for collaborative work, particularly with video conferences; Provider: Zoom Video Communications Inc. (USA); Data protection information: "Privacy at Zoom", Privacy statement, "Legal Compliance".

We use services from third parties to enable online collaboration. In addition to this privacy statement, directly visible conditions of the used services such as terms of use or privacy statements apply. We particularly use:

·       Notion: Platform for team collaboration; Provider: Notion Labs Inc. (USA); Data protection information: Privacy statement, "Security & Privacy", Cookie Policy.

We use services and plugins from third parties to embed functions and content from social media platforms and to enable content sharing on social media platforms and other channels. We particularly use:

·       Facebook (Social Plugins): Embed Facebook functions and content, for example "Like" or "Share"; Provider: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Data protection information: Privacy statement.

·       Instagram Platform: Embed Instagram content; Provider: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Data protection information: Privacy statement (Instagram), Privacy statement (Facebook).

·       LinkedIn Platform: Embed LinkedIn functions and content, for example with plugins like the "Share Plugin"; Provider: Microsoft; LinkedIn-specific information: "Privacy", privacy statement, Cookie Policy, Cookie Management/objection to email and SMS communication from LinkedIn, objection to interest-based advertising.

·       TikTok (Social Plugins): Embed TikTok functions and content, for example "Share to TikTok"; Providers: TikTok Information Technologies UK Limited (United Kingdom) and TikTok Technology Limited (Ireland) for users in the European Economic Area (EEA), United Kingdom, and Switzerland / TikTok Inc. (USA) for users in the USA / TikTok Pte. Ltd. (Singapore) for users in the rest of the world; Data protection information: Privacy statement, "Privacy Policy for Younger Users", Cookie Policy, "TikTok for Business Privacy and Cookie Policy".

We use services from specialized third parties to enable the direct playback of digital audio and video content such as music or podcasts. We particularly use:

·       Loom: Video hosting, particularly hosting screen recordings; Providers: Atlassian Pty Ltd (Australia) / Atlassian Inc. (USA); Data protection information: Privacy statement, Cookie and Tracking Policy.

·       YouTube: Video platform; Provider: Google; YouTube-specific information: "Privacy and Security Center", "My data on YouTube".

We use services from third parties to embed documents into our website. Such documents can include PDF files, presentations, spreadsheets, and text documents. We may not only provide browsing but also editing or commenting on such documents. We particularly use:

·       Canva: Digital documents; Provider: Canva Pty Ltd (Australia); Data protection information: Privacy statement, "Trust", "Security at Canva", Cookie Policy.

·       Google Docs: Documents, presentations, and spreadsheets; Provider: Google; Google Docs-specific information: "Privacy in Google Docs, Google Sheets, and Google Presentations".

We use services from third parties to embed selected fonts, as well as icons, logos, and symbols into our website. We particularly use:

·       Google Fonts: Fonts; Provider: Google; Google Fonts-specific information: "Your Privacy and Google Fonts", "Privacy and data acquisition" (for Google Fonts).

We use the option to display targeted advertising with third parties like social media platforms and search engines for our activities and tasks. We want to reach, with such advertising, particularly individuals already interested or likely interested in our activities and tasks (remarketing and targeting). For this, we can transmit corresponding – potentially also personal – details to third parties who enable such advertising. We can also determine if our advertising is successful, that is particularly if it leads to visits on our website (conversion tracking). Third parties where we advertise and where you as a user are registered can possibly associate the use of our website with your profile there. We particularly use:

·       Google Ads: Search engine advertising; Provider: Google; Google Ads-specific information: advertising based on search queries, using various domain names – particularly doubleclick.net, googleadservices.com, and googlesyndication.com – for Google Ads, "Advertising" (Google), "Directly manage displayed advertising over ads".

·       LinkedIn Ads: Social media advertising; Providers: LinkedIn Corporation (USA) / LinkedIn Ireland Unlimited Company (Ireland); Data protection information: Remarketing and targeting, especially with LinkedIn Insight Tag, "Privacy", Privacy statement, Cookie Policy, objection to personalized advertising.

·       Meta Ads: Social media advertising on Facebook and Instagram; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including the USA); Data protection information: targeting, including retargeting, especially with Meta-Pixel and Custom Audiences including Lookalike Audiences, privacy statement, "Advertising preferences" (user registration is required).

·       Microsoft Advertising: Search engine advertising on Bing, DuckDuckGo, and Yahoo!; Provider: Microsoft; Microsoft Advertising-specific information: "Microsoft Advertising Privacy Policy", "Microsoft Advertising Policies: Legal, Privacy and Security", "Advertising settings" (objection to personalized advertising).

·       TikTok Ads: Social media advertising; Providers: TikTok Information Technologies UK Limited (United Kingdom) and TikTok Technology Limited (Ireland) for users in the European Economic Area (EEA), United Kingdom, and Switzerland / TikTok Inc. (USA) for users in the USA / TikTok Pte. Ltd. (Singapore) for users in the rest of the world; Data protection information: remarketing and targeting, especially with TikTok-Pixel, privacy statement, "Privacy Policy for Younger Users", Cookie Policy, "TikTok for Business Privacy and Cookie Policy".

We use extensions for our website to utilize additional features. We can use selected services from appropriate providers or use such extensions on our own digital infrastructure. We particularly use:

·       Google reCAPTCHA: Spam protection (distinguishing between desired human content and unwanted robot and spam content); Provider: Google; Google reCAPTCHA-specific information: "What is reCAPTCHA?".

12.  Success and Reach Measurement

We attempt to ascertain how our online offerings are used. In this context, we may measure the success and reach of our activities and tasks, as well as the impact of third-party links on our website. We may also test and compare how various parts or versions of our online offers are used ("A/B Testing" method). Based on the success and reach measurement results, we can fix errors, strengthen popular content, or make improvements to our online offerings.

For success and reach measurement, the IP addresses of individual users are mostly stored. In this case, IP addresses will be generally shortened ("IP Masking") to follow the principle of data minimization through the appropriate pseudonymization.

Cookies can be used in success and reach measurements, and user profiles may be created. Possibly created user profiles include, for instance, the individual pages visited or content viewed on our website, information on screen or browser window size, and the – at least approximate – location. As a rule, potential user profiles are created with pseudonymization and are not used for identifying individual users. Some services from third parties, where users are registered, can potentially associate the use of our online offers with the user account or user profile at the respective service.

We particularly use:

·       Google Marketing Platform: Success and reach measurement, particularly with Google Analytics; Provider: Google; Google Marketing Platform-specific information: Measurement across different browsers and devices (cross-device tracking) and with pseudonymized IP addresses, rarely fully transmitted to Google in the USA, "Privacy" (with Google Analytics), "Browser add-on for disabling Google Analytics".

·       Google Tag Manager: Integration and management of services from Google and third parties, particularly for success and reach measurement; Provider: Google; Google Tag Manager-specific information: "Data collected by Google Tag Manager"; More information on data protection is found with each embedded and managed service.

·       Hotjar: Recording user behavior; Provider: Hotjar Ltd. (Malta); Data protection information: Recording without reference to individual website visitors, for example, regarding movements and clicks with a mouse or another input option, "Privacy and Hotjar", "Privacy", Privacy statement, Cookie Policy, "Security".

13.  Final Provisions

We can adapt and supplement this privacy statement at any time. We will inform in an appropriate form about such adaptations and supplements, particularly by publishing the current privacy statement on our website.