Privacy Policy of Benaupp GmbH

In this privacy policy, we — Benaupp GmbH (hereinafter referred to as BENAUPP, “we” or “us”) — explain how we collect and process personal data. This is not an exhaustive description; other privacy statements, general terms and conditions, participation conditions, or similar documents may govern specific circumstances. Personal data refers to any information relating to an identified or identifiable person.

This privacy policy is designed to comply with the requirements of the EU General Data Protection Regulation (GDPR), the Swiss Data Protection Act (DSG), and the revised Swiss Data Protection Act (revDSG). The applicability of these laws depends on the individual case.

1. Data Controller / Data Protection Officer under Art. 37 GDPR

Unless stated otherwise in individual cases, the person responsible for data processing is Roland Bieri.

For data protection concerns, contact:

Benaupp GmbH
Lorzeninsel 5
CH 6332 Hagendorn
Switzerland
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
(This is also the contact address for our data protection officer under Art. 37 GDPR.)

2. Collection and Processing of Personal Data

We primarily process the personal data we receive from our customers, business partners, and users of our websites, apps, and other services during our business relationship.

We may also collect data from public sources (e.g. debt collection registers, land registries, commercial registers, press, internet) or receive data from third parties (e.g. credit agencies, authorities, address dealers). The categories of data may include:

  • Information from public registers
  • Information from legal or administrative proceedings
  • Professional and job-related data
  • Creditworthiness information
  • Third-party references (e.g. family, advisors, legal representatives)
  • Compliance data (e.g. anti-money laundering, export restrictions)
  • Usage data from websites or apps (e.g. IP address, device settings, cookies, pages visited, time/date, location info)

3. Purposes of Data Processing and Legal Basis

We use personal data mainly to:

  • Fulfill and execute contracts with clients and partners
  • Manufacture, market, and sell products or services
  • Comply with legal obligations (domestic and international)

Other purposes may include:

  • Improving services and platforms
  • Communications and request handling (e.g. job applications, media inquiries)
  • Customer acquisition and needs analysis
  • Marketing and advertising (unless you object)
  • Market research and media monitoring
  • Legal claims and defenses
  • Fraud prevention and investigations
  • IT and infrastructure operation
  • Business transactions and compliance with internal rules

If you have given us explicit consent (e.g. newsletter signup, background checks), we process your data based on that consent. You can revoke it at any time, but this doesn’t affect prior processing.

4. Cookies / Tracking / Web Technologies

We use cookies and similar technologies on our websites and apps. Cookies are small files stored on your device that help recognize returning users.

There are:

  • Session cookies (deleted after you leave)
  • Persistent cookies (store settings for longer periods, e.g. 2 years)

You can configure your browser to block or delete cookies, but doing so may impact site functionality (e.g. language settings, cart, login).

We may include visible/invisible image elements in emails (like newsletters) to track open rates. This can be blocked by your email program.

Analytics and social media plugins:

  • We use Google Analytics or similar tools (with non-personalized data).
  • Social media plugins (Facebook, YouTube, Instagram, etc.) are disabled by default and only activate when clicked. Their providers process your data based on their own privacy policies.

5. Data Disclosure and International Transfers

We may share data with third parties, including:

  • Service providers (e.g. IT, banks, insurers)
  • Business partners (e.g. suppliers, resellers)
  • Customers
  • Authorities and courts
  • Media and public
  • Industry organizations and competitors
  • Buyers of business units or assets
  • Other Benaupp GmbH entities

Some recipients may be located abroad, including in countries without adequate legal protections (e.g. the US). In such cases, we use contractual safeguards like EU standard contractual clauses or rely on legal exceptions.

6. Data Retention

We store your personal data as long as needed to:

  • Fulfill contracts
  • Comply with legal obligations
  • Maintain evidence and documentation
  • Serve legitimate business interests

Once data is no longer needed, it is deleted or anonymized. Operational data (e.g. system logs) are typically kept for 12 months or less.

7. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Policies and training
  • IT and network security
  • Access controls
  • Data encryption
  • Internal audits and monitoring

8. Obligation to Provide Data

You must provide personal data necessary for entering and performing contracts. Without it, we typically cannot proceed with a business relationship. Some website features may not function without certain technical data (e.g. IP address).

9. Profiling and Automated Decision-Making

We do not use fully automated decision-making (e.g. under Art. 22 GDPR). If such processes are introduced in specific cases, we will inform you as legally required.

10. Rights of Data Subjects

Depending on applicable data protection law (e.g. GDPR), you have the right to:

  • Access, correct, or delete your data
  • Restrict or object to processing
  • Withdraw consent at any time
  • Data portability (to transfer your data elsewhere)

We may deny requests if we have legal obligations, overriding interests, or need data for legal claims. We will inform you of any costs beforehand.

To exercise your rights, contact us as per Section 1. We may require proof of identity (e.g. ID copy).

You also have the right to:

  • File a complaint with a supervisory authority
  • Take legal action

In Switzerland, the competent authority is the Federal Data Protection and Information Commissioner: http://www.edoeb.admin.ch

11. Changes

We may amend this policy at any time without prior notice. The current version published on our website applies. If it is part of a contract, we will notify you of changes appropriately (e.g. via email).

Let me know if you want this condensed further or turned into a privacy summary for your own site.

Sorry, this website uses features that your browser doesn’t support. Upgrade to a newer version of Firefox, Chrome, Safari, or Edge and you’ll be all set.