Skip to content Skip to footer
Fiduciaire de Preux
Fiduciaire de Preux
Fiduciaire de Preux

Data protection charter

Close

Fiduciaire de Preux & Associés SA (hereinafter Fiduciaire de Preux) attaches importance to the protection of personal data. Our company complies with the EU’s General Data Protection Regulation (GDPR) as well as the legislation applicable on a Swiss level (Federal Law of September 25, 2020 on Data Protection [LPD; RS 235.1], which came into force on September1, 2023.

This charter informs you of our company’s policy regarding the processing of personal data and of your rights under the aforementioned laws.

1. Basic principles of data processing

This data protection declaration describes how we handle personal data, in particular which personal data we collect and for what purposes. It also governs the transfer of data, the retention period and your rights.

Personal data (hereinafter also referred to as data) is any information relating to an identified or identifiable natural person. The notion of data processing must be understood in the light of the situation, and includes any operation relating to personal data, whatever the means and procedures used, in particular the collection, storage, use, modification, communication, archiving or destruction of data.

We collect and process personal data in order to perform our professional duties, in accordance with legal and contractual provisions. The collection, processing and use of personal data are subject to the legal provisions in force in Switzerland and, where applicable, in Europe.

We collect personal data transparently and in accordance with the principles of proportionality and purpose. Data is processed only to the extent and for the duration necessary to fulfill our tasks and obligations.

1.1. Comment les données personnelles sont-elles collectées ?

Fiduciaire de Preux collects your personal data through various means of communication that you use to provide them to us.

This includes information on :

  • shared orally in a face-to-face conversation, by telephone, in writing, via e-mail or any other form of communication;
  • that are public or provided to us by third parties, in particular when carrying out audits or MLA audits;
  • transmitted by your representative, advisor or any other person authorized to speak on your behalf;
  • acquired during and in the course of our missions.
  • collected during your browsing on our website

2. Purpose of collecting and processing personal data

We use and process personal data that is necessary to ensure the continuity, security and reliability of our offer. In particular, this includes the following purposes:

  1. Management and administration of contractual relations with customers, employees, suppliers, etc;
  2. Contact management and communication for service provision;
  3. Carry out mandates entrusted to us (auditing, accounting, tax returns, various analyses, etc.).
  4. Data processing is required by applicable legislation and the obligations of our supervisory bodies (e.g. ASR).
  5. Website operation
  6. Security guarantee (video surveillance), compliance with legal obligations;
  7. To exercise and defend the legitimate rights of our company;
  8. Sending invitations and organizing events;
  9. Marketing actions and newsletters;
  10. Statistical collection and analysis;

3. What personal data do we process?

3.1. Données de contact et données de base générales

Depending on the purpose of the data processing, the customer segment and the service areas, we collect different types of personal data, including, in certain circumstances, sensitive data.

We generally process the following personal data for all contacts, interlocutors, contractual partners and customers:

  • surname, first name, e-mail address and, if applicable, gender, address, telephone number, title, date of birth, nationality, profession, employer details, title, AHV number;
  • electronic and written correspondence (mail).

In addition, depending on the purpose of the data processing, the customer segment and the service area, we collect and process further data as described in the following paragraphs.

3.2. Données relatives à la gestion des mandats

For the management and administration of our mandates and for communication with our customers, we process the following personal data:

  • Contact data and general basic data as per 4.1;
  • For companies :

o Legal form, share capital and paid-up capital, year company founded, external auditors, sales in Switzerland and abroad, annual sales by business area, register no. ;

o Branches: Location of branch, company name, address, telephone, Internet, e-mail, language of correspondence;

o Staffing information: professional fields, number of employees resp. managers, percentage of positions;

  • Financial information;
  • Risk assessment data :

o Extracts from the debt collection register;

o Management and control :

v Data on individuals/partners and members of management involved in the company: surname, first name, year of birth, nationality, position, percentage of voting rights, information on company activity;

v Data on companies and foundations with a stake in the company: company name, head office, field of activity, degree of participation;

v Contact details: surname, first name, date of birth, e-mail and telephone number;

o Information on the hiring of management staff from third-party companies, including surname, first name, company, sector of activity, position and level of employment;

o Data on shareholdings

  • Payment information;
  • Mandate data such as :

o By-laws, minutes, contracts,

o Employee data (salary, social insurance),

o Accounting and tax information,

o Sensitive personal data [such as data relating to health, religion, social welfare, debt collection or bankruptcy].

  • Salaries

o AVS

o Medical certificates

o Medical bills

This data is mainly processed in the context of services provided in our field of activity [auditing, consulting, tax, payroll processing or accounting]. It mainly concerns data relating to our customers. But it may also concern third parties, such as employees, contact persons or persons who have a (contractual) relationship with our customers. Our customers may therefore also refer to this data protection declaration, but they themselves must take steps to comply with the Data Protection Act.

Data processing is used for the management and administration of mandates, solvency checks, prevention of conflicts of interest and quality control. It also meets legal and contractual requirements.

As a rule, data is supplied and made available directly by customers. However, depending on the nature and scope of the mandate, data may also come from authorities, courts or third parties. In certain circumstances, data may also be collected directly from the employer of the persons concerned.

3.3. Données pour les mailings et newsletters

To send you information about events, publications, etc. (for marketing purposes) and newsletters, we process the following personal data:

  • Contact data and general basic data as per 3.1

This data is necessary for the provision of the service, for communication or for the management of our customer base. Information relating to marketing, mailings and newsletters is also subject to statistical analysis in order to continuously improve our services. You may object to the use of your personal data for marketing purposes at any time, or unsubscribe from the newsletter.

3.4. Données pour l’organisation et la réalisation de manifestations

The following personal data is processed for the organization and staging of events:

  • Contact data and general basic data as per 3.1;
  • Information about the employer (such as company name, address, e-mail), participants, accompanying persons and speakers;
  • In certain circumstances, images or videos.

We need the images for internal event documentation, for inclusion in a newsletter or on our website and social media networks. Participants have the opportunity to let the photographer know, before or at the time of shooting, that they do not wish to appear in the corresponding images.

3.5. Données liées à la communication directe (téléphone, e-mail ou chat, réunions en ligne, visioconférences, etc.)

The online meetings, video conferences and/or webinars we organize are generally carried out using Microsoft Teams. For direct communication by telephone, e-mail, via a collaboration solution or chat, we, and if necessary our corresponding service providers, may process the following personal data:

  • Contact data and general basic data as per 3.1;
  • Other personal data contained in the e-mail;
  • Communication data such as IP address, time and duration of communication;
  • Videoconference recordings, if necessary and explicitly announced.

We process this personal data in order to provide and improve our services to our customers.

3.6. Données relatives au personnel

Data relating to personnel are processed separately, however, it is important to specify here that information relating to the application (whether unsolicited or not), such as :

  • Cover letter,
  • CV,
  • Work certificates,
  • Diplomas,
  • Evaluation of job interviews,
  • Assessments,
  • Application references,

that do not lead to employment are deleted/destroyed at the end of the application procedure within a maximum of one year, unless we have obtained permission to keep them.

3.7. Fournisseurs et autres partenaires contractuels

We process the following personal data of business partners who provide services or deliveries for us:

  • Contact data and general basic data as per 3.1;
  • Financial information such as bank details;
  • Information available in the contract (such as data on responsible employees, advisors, information on the service provided, etc.);

We process this data for the purposes of contractual performance and in accordance with the statutory retention periods under commercial and tax law. If our contractual partners have access to our personal data in the course of performing their duties [e.g. IT companies], we conclude a corresponding subcontracting agreement with them.

3.8. Exploitation, amélioration et contrôle du site Internet, d’autres canaux électroniques

3.8.1. Fichiers journaux (logfiles) du serveur

Our website can be used without the need to disclose extensive personal data. However, the server does collect information about the user on each visit. This information is temporarily stored in server log files. However, it is not possible to attribute this information to a specific person.

The collection of this data is technically necessary, as it serves to ensure the stability and security of the website and is used to analyze and improve its use. It also enables us to carry out precise checks in the event of suspected illegal use of our website.

3.8.2. Cookies

Our website uses cookies and similar technologies. If your device settings allow it, we use cookies and similar tools to provide you with an optimal browsing experience on our website.

Cookies are text files stored on your computer which enable us to analyze your use of the [ou de remplir des formulaires ou de vous connecter à la boutique en ligne automatiquement] website. They facilitate the presentation of our website and help you navigate through it. Cookies collect data such as:

  • IP address,
  • the website from which you visit us,
  • the type of device you’re using,
  • the way you use our search function (known as Search-Log),
  • the various actions you perform when you receive the newsletter.

It is also possible to visit our website without cookies, by setting your browser to prevent cookies from being saved. However, this setting may restrict your ability to use the website. Under no circumstances do we use cookies to install malware or spyware on your computer.

3.9. Garantie de la sécurité, respect des obligations légales et exercice de préventions

We may process the aforementioned personal data in order to guarantee security and enforce your rights, if necessary, and, to this end, pass them on to third parties such as courts or authorities.

4. To whom may we communicate your personal data?

Your personal information may be shared with :

  • your close circle, whether personal or professional, provided you have given your explicit consent;
  • individuals authorized to represent you ;
  • third parties working with us on our assignments (external lawyers, independent tax experts, IT managers, notaries, etc.);
  • organizations to which you authorize us to transmit your information (banks, insurance companies, social security, etc.);
  • competent authorities (in particular tax authorities) when you wish us to act as your representative.

4.1. Quelle est la durée de conservation des données personnelles ?

  • Your personal information is retained only as long as necessary for the purposes set out in this Privacy Policy.
  • There are situations where we are obliged by law to keep your data for a specific period; for example, in the context of our assignments, your data is generally kept for 10 years after the end of the assignment. In special cases, particularly where real estate is involved, this period may be extended to 20 years.
  • Circumstances may require longer retention of your data (for example, to protect the legitimate interests of our company).
  • If there are no legal grounds for keeping your personal data, it will either be deleted, destroyed or made anonymous.

4.2. Sécurité des données

We take appropriate technical and organizational security measures to protect personal data against unauthorized access and misuse. These measures include IT and network security solutions, access restrictions, encryption of data carriers and their transmission, instructions, training and controls.

Our employees are also aware of and trained in IT risks.

Data is stored in the applications and software we use. Data is stored on servers located in Switzerland. However, it is possible that application-related data may be stored abroad. If data is stored abroad, the above rules apply.

If third parties have access to our data, special measures are taken, which are governed by the outsourcing contract.

5. Data transmission and transfer

We may pass on personal data to third parties if you have given your consent, if this is necessary to provide the service concerned, to fulfil the purpose of the contract or to preserve our legitimate interests, or if we are required to do so by law.

The following categories of recipients may receive personal data from us:

  • service providers (e.g. IT service companies, hosting providers, suppliers, consultants, lawyers, notaries, insurance companies).
  • third parties within the scope of our legal or contractual obligations, authorities (in particular audit supervisory authorities or tax authorities), government institutions, courts.

The third parties we appoint are contractually bound to respect data protection and to process data only for the purposes we have indicated to them.

Most of our service providers are located in Switzerland. Some personal data may also be transferred to the USA (e.g. Google Analytics data). Should it be necessary to transfer data to a country without an adequate level of data protection, this will be done on the basis of standard contractual clauses (e.g. in the case of Google) or other appropriate guarantees.

The information you provide may also be rendered anonymous and passed on to third parties for statistical analysis.

6. Your rights

Any person may request information on the data processed concerning him or her, as well as on the origin, recipient and purpose of the data collection and processing. You also have the right to request the rectification, blocking, deletion or transfer of your data.

Data stored in accordance with legal requirements or necessary for business purposes cannot/should not be deleted. If the data is not affected by a legal archiving obligation or by our overriding interest in retention, we will delete your data at your request.

In addition, you can assert your legal rights or lodge a complaint with the competent data protection authority.

7. Final provisions

7.1. Entité responsable et contact

We are responsible for processing data in accordance with this data protection declaration, unless otherwise stipulated.

Eric de Preux is responsible for data protection.

General inquiries about data protection can be sent by post or e-mail to rh@fidudp.ch.

For questions concerning a particular person, requests for rectification or a request for deletion, a copy of the identity card or passport identifying the user must also be attached.

7.2. Adaptations de la déclaration relative à la production des données

We may amend our data protection declaration at any time by publishing it on the website.

Go to Top