Book Demo

Privacy Policy

With this Privacy Policy, we, WE-R Holding AG and other companies of the WE-R group, including its subsidiary that is in the process of being incorporated in Switzerland (hereinafter together WE-R, we, or us), describe how we collect and further process personal data. This Privacy Policy is not necessarily a comprehensive description of our data processing. It is possible that other privacy policies or General Terms and Conditions, Conditions of Participation, or similar documents are applicable to specific circumstances.

The term personal data in this Privacy Policy shall mean any information that identifies or could reasonably be used to identify any person.

If you provide us with personal data of other persons (e.g., work colleagues), please make sure the respective persons are aware of this Privacy Policy and only provide us with their data if you are allowed to do so and such personal data is correct. This Privacy Notice is aligned with the EU General Data Protection Regulation (GDPR) and the Swiss Data Protection Act (DPA). However, the application of these laws depends on each individual case.

1. Controller / Data Protection Officer / Representative

The controller of data processing as described in this Privacy Policy is the WE-R data privacy team. You can notify us of any data protection related concerns using the following contact details: WE-R Holding AG, c/o BDO AG, Schiffbaustrasse 2, 8031 Zurich, support@we-r.com.

2. Collection and Processing of Personal Data

We primarily process personal data that we obtain from our clients and other business partners as well as other individuals in the context of our business relationships with them or that we collect from users when operating our websites, platforms, and other applications.

Insofar as it is permitted to us, we obtain certain personal data from publicly accessible sources (e.g., debt registers, land registries, commercial registers, press, internet), or we may receive such information from affiliated companies of WE-R, from authorities, or other third parties (e.g., credit rating agencies). Apart from data you provided to us directly, the categories of data we receive about you from third parties include, but are not limited to:

  • Information from public registers
  • Data received in connection with administrative or court proceedings
  • Information in connection with your professional role and activities (e.g., in order to conclude and carry out contracts with your employer)
  • Information about you in correspondence and discussions with third parties
  • Credit rating information (if we conduct business activities with you personally)
  • Information about you given to us by individuals associated with you (coworkers, consultants, legal representatives, etc.)
  • Information regarding legal regulations such as anti-money laundering and export restrictions
  • Bank details and insurance information
  • Data from our distributors and other business partners for the purpose of ordering or delivering services
  • Information about you found in the media or internet (e.g., in connection with job applications, media reviews, marketing/sales)
  • Your address, interests, and other socio-demographic data (for marketing purposes)
  • Data in connection with your use of our websites and platforms (e.g., IP address, MAC address, device information, cookies, time of visit, pages viewed, referring website, localization data)

3. Purpose of Data Processing and Legal Grounds

We primarily use collected data to conclude and process contracts with our clients and business partners, particularly in connection with the operation of our platform and to procure products and services from suppliers and subcontractors, as well as to comply with legal obligations. You may be affected by our data processing in your capacity as an employee of a client or business partner.

Additionally, in line with applicable law and where appropriate, we may process your personal data and personal data of third parties for the following purposes, which are in our (or third parties') legitimate interest:

  • Providing and developing our products, services, websites, and platforms
  • Communication with third parties and processing of their requests (e.g., job applications, media inquiries)
  • Review and optimization of procedures for direct customer acquisition
  • Advertisement and marketing (including organizing events), unless you object
  • Market and opinion research, media surveillance
  • Asserting legal claims and defense in legal disputes
  • Prevention and investigation of criminal offenses and misconduct
  • Ensuring the operation of our IT, websites, and platforms
  • Video surveillance and access controls to protect premises, facilities, and individuals
  • Acquisition and sale of business divisions and compliance with corporate and regulatory obligations

If you have given us your consent to process your personal data (e.g., newsletter sign-up), we will process it within the scope of and based on this consent. Consent can be withdrawn at any time without affecting data processed prior to withdrawal.

4. Cookies / Tracking and Other Techniques Regarding the Use of our Website

We typically use cookies and similar techniques on our websites and platform to identify your browser or device. A cookie is a small text file sent to and stored by your browser or mobile device.

We use:

  • Session cookies (deleted after your visit)
  • Permanent cookies (e.g., stored for two years) to retain user configurations (e.g., language, login), understand usage, and customize offers and ads

You may configure your browser to reject or limit cookies. Blocking cookies may limit website functionality.

In accordance with applicable law, we may include image files in newsletters and marketing emails to determine if and when they were opened, for offer optimization. You may disable this feature in your email settings.

By using our websites and consenting to marketing emails, you agree to these techniques.

5. Data Transfer and Transfer of Data Abroad

In line with the purposes of processing set out above, we may transfer personal data to third parties, including:

  • Our service providers (internal or external, e.g., banks, IT providers)
  • Suppliers, subcontractors, and business partners
  • Clients
  • Authorities and courts (domestic and international)
  • Media and the public
  • Potential acquirers of WE-R group businesses
  • Legal or business affiliates

Some recipients are located outside Switzerland, including Europe and the USA (e.g., Microsoft, Amazon AWS, Supabase, Pipedrive, Dropbox).

If the recipient country lacks adequate data protection, we ensure appropriate safeguards (e.g., EU Standard Contractual Clauses) unless exceptions apply (e.g., legal proceedings, your consent, or public data).

6. Retention Periods for your Personal Data

We process and retain personal data as long as necessary to fulfill contractual and legal obligations or other purposes, including:

  • The duration of the business relationship
  • Legal retention and documentation obligations (typically up to ten years)
  • Periods in which claims can be asserted against us
  • Legitimate business needs (e.g., evidence and documentation)

After such periods, your data will be deleted or anonymized. Operational data (e.g., system logs) generally have shorter retention periods of no more than twelve months.

7. Data Security

We have implemented technical and organizational security measures to protect your data from unauthorized access and misuse. These include internal policies, staff training, IT and network security, access controls, and monitoring tools.