In this document, we will provide you with all necessary information on the processing of personal data that you provide by visiting this website, as provided for by the Federal Data Protection Act (“DPA”), other applicable data protection provisions of Swiss law and European Union legislation, in particular EU Regulation 2016/679 (“GDPR”).
This information refers only to the processing of data provided by browsing this website; it does not concern third-party websites available through links contained in this website.
According to the GDPR, “personal data” means any information relating to an identified or identifiable natural person (the data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Data controller” (hereinafter referred to as the “Controller”) means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
“Recipient” means a natural or legal person, public authority, agency or other body, to which the personal data are disclosed, whether a third party or not.
The data provided by browsing this website are processed by Goldberg Capital Partners, with registered office at Etzelstrasse 31, CH- 8038 Zurich, as Controller.
For further information about the processing of your personal data, you can contact the Controller by sending an e-mail to email@example.com, or by post, using the Goldberg Capital Partners’ address above.
A) Browsing data
When you visit our website, our servers temporarily save each access in a log file. This information is not collected to be associated with identified data subjects, but they could allow the identification of data subjects if processed and associated with data held by third parties. Technical data such as the following are saved until they are automatically deleted:
C) Data voluntarily submitted by the user
In addition to what is specified above with respect to browsing data and cookies, you may provide personal data voluntarily when browsing this website.
For example, this may be the case if you contact the Controller via phone, e-mail, or post. This will result in the collection of data and information shared with the Controller.
In all these cases, we ask you not to share special categories of personal data pursuant to article 9 of the GDPR (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, data concerning health, etc.).
We collect and process browsing data to obtain anonymous statistical information about the use of the website to provide appropriate content and to check that the website is working correctly. These data may also be used to assess liability in the event of cybercrimes against the website, attacks on the network infrastructure or other unauthorised or abusive use of the website. The provision of these data is necessary and the legal basis for their processing lies in our overriding private interest within the meaning of article 13 par. 1 DPA, i.e., in our legitimate interest according to article 6 par. 1 let. f) of the GDPR.
Data submitted voluntarily by the user are processed to reply to your requests. The Controller will provide you with specific further information if other purposes of the processing were to emerge. The provision of these data is optional, but the refusal to provide your data, in whole or in part, may result in the impossibility for the Controller to process your requests. The legal basis for the processing of data lies in consent, according to article 13 par. 1 DPA and article 6 par. 1 let. a) of the GDPR.
All data provided when browsing the website may be processed, for example, to exercise legitimate interests of the Controller (e.g., to prevent abuse or fraud, to establish, exercise or defend a legal claim) or to comply with legal obligations, according to article 6 par.1, let. c) and let. f) of the GDPR.
Personal data voluntarily submitted by the user will be stored for the time strictly necessary to process the request, unless a subsequent, further purpose for processing emerges. In the event that the processing should become necessary to exercise further legitimate interests of the Controller (e.g., to prevent abuse or fraud, to establish, exercise or defend a legal claim) or to comply with legal obligations, the retention might have a different duration, depending on the applicable law.
Once the aforementioned reasons for processing have ceased to apply, the data will be deleted, destroyed or stored anonymously.
We process personal data mainly electronically, with the adoption of appropriate security measures, to prevent any violation of personal data. However, we recommend that you periodically check that you are equipped with adequate software devices, to protect incoming and outbound network data transfer (such as updated antivirus systems) and that your Internet service provider has adopted adequate measures for the security of network data transfer (such as firewalls and spam filters).
Your data will not be disclosed to third parties, unless it is essential and only to the extent strictly necessary to achieve the purposes of the processing, as specified above. Thus, your personal data may be shared with: (i) Goldberg’s internal staff, duly authorised to process personal data; (ii) contractors, such as third-party technical service providers, hosting providers, IT technicians and consultants, from time to time appointed, if necessary, as processors according to articles 28 et seq. of the GDPR; (iii) persons to whom the right to access the data is granted by law, regulations, or orders.
Your personal data will be processed in Switzerland, or in any case within the territory of the European Union. Otherwise, the transfer will be carried out in accordance with article 6 DPA and with Chapter V of the GDPR, e.g., according to standard data protection clauses adopted by the European Commission or by carrying out the transfer in countries that have adopted adequate data protection standards.
The GDPR sets forth important rights for data subjects. For a better understanding of your rights under the data protection law, we invite you to read articles 15 et seq. of the GDPR in full. For your convenience, an excerpt of these provisions is provided below.
Lasty, the data subject has the right to lodge a complaint with the supervisory authority, which in Italy is the Data Protection Authority (Garante per la Protezione dei Dati Personali) and in Switzerland is the Federal Data Protection and Information Commissioner (Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter | Preposé federal à la protection des données et à la transparence | Incaricato federale della protezione dei dati e della trasparenza).
Last edit: 29 September 2021