Privacy Policy

Privacy Notice in accordance with the Federal Act on Data Protection (FADP)

 

WHY THIS INFORMATION?

In accordance with the Federal Data Protection Act (FADP), this page describes how the personal data of users (customers and prospects) who browse the website is processed https://www.vargroup.ch/en. This Privacy Notice is provided pursuant to art. 19 FADP. The information is not to be considered valid for other third-party websites, which may be consulted through links on this website, for which no responsibility is assumed.   

 

Personal data

The personal data provided – or otherwise acquired in accordance with the laws and contracts in force – inherent, connected and/or instrumental to the evaluation of your experience on our site, will be processed in accordance with the privacy legislation and confidentiality obligations applicable to you.

  • Data subject is the identified or identifiable natural person whose data is being processed. By way of example (not exhaustively), the interested party is the user who browses the platform and sends, through it, a request for information.
  • Processing is any operation relating to personal data, regardless of the means and procedures used, in particular the collection, recording, storage, use, modification, communication, archiving, deletion or distribution of data.
  • Personal data: any information relating to a data subject that identifies or makes him or her identifiable. The Data Controller collects various personal data through the website, by way of non-exhaustive example: name, surname, e-mail address, telephone number, IP address.
  • Navigation data: the computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, successful,  error, etc.) and other parameters related to the user's operating system and computer environment.
  • Data communicated voluntarily: the optional, explicit and voluntary sending of messages to contact addresses, as well as the compilation and forwarding of forms on the Data Controller's website, involves the acquisition of the sender's contact data, necessary to respond, as well as all the personal data included in the communications

 

Information about the processing of personal data carried out through Social Media platforms

With regard to the processing of personal data carried out by the managers of the Social Media platforms used by the Data Controller, please refer to the information provided by the latter through their respective privacy policies. The Data Controller processes the personal data provided by users through the pages of dedicated Social Media platforms, to manage interactions with users (comments, public posts, etc.) and in compliance with current legislation.

 

Specific information

Specific information may be present on the pages of the Site in relation to particular services or data processing provided.

 

COOKIES AND OTHER TRACKING SYSTEMS. WHAT ARE THEY? WHAT ARE THEY FOR?

Cookies. What are cookies? What are cookies used for?

Cookies are small text files that the sites visited by users send to their terminals, where they are stored and then retransmitted to the same sites on the next visit. The so-called "third party" cookies are, on the other hand, set by a website other than the one the user is visiting. This is because each site may contain elements (images, maps, sounds, specific links to web pages of other domains, etc.) that reside on servers other than that of the site visited. Cookies are used for different purposes: performing computer authentication, monitoring sessions, storing information on specific configurations regarding users who access the server, storing preferences, etc. For more information on the cookies used by this website, see the cookies policy in the footer of the site and in the following link https://www.vargroup.ch/en/Cookie-Policy

 

1. WHO IS THE DATA CONTROLLER? HOW TO CONTACT HIM?

The entity that determines the purposes and means of this processing of personal data is Var Group Suisse Sagl (hereinafter also referred to as "Var Group Suisse" or "Data Controller"), CHE-114.648.254, a company incorporated under Swiss law, with registered office in Via Grumo 31, 6929 Gravesano. The Data Controller can be contacted at the following address: [email protected] 

 

2. WHO IS THE DATA PROTECTION CONSULTANT (CPD) | DPO)? HOW TO CONTACT HIM?

The Data Controller has appointed a Data Protection Consultant | Data Protection Officer (CPD | DPO), who can be contacted at the following address [email protected] 

 

3. PURPOSE OF PROCESSING, LEGAL GROUNDS, DATA RETENTION PERIOD

 

PURPOSE OF THE PROCESSING

LEGAL GROUNDS

DATA RETENTION PERIOD

Browsing on this website.

The data necessary for the use of web services are also processed for the purpose of:

• obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.);

• check the correct functioning of the services offered.

The data will be used to ascertain responsibility in the event of hypothetical computer crimes against the site.

Overriding interest of the Data Controller. Legitimate interest of the controller (Art. 31 para. 2 FADP)

The storage of browsing data will take place for the duration of the browsing session.

Use of cookies and comparable technologies.

See the cookies policy in the footer of the site.

For non-technical cookies and comparable technologies that are necessary, the processing is based on consent to the processing of personal data (Art. 31 para. 1 FADP).

Consent is given through the banner and the cookie policy of the site.

See the cookies policy in the footer of the site.

 

In addition to browsing, personal data will be processed for:

 

PURPOSE OF THE PROCESSING

LEGAL GROUNDS

PERIODO CONSERVAZIONE DATI

A) Management of requests for information sent through the forms and contact channels of the website

The processing is necessary for the performance of a contract to which the data subject is a party or for the execution of pre-contractual measures adopted at the request of the same. Overriding interest of the Data Controller (Art.31 par. 2 lett. (a) FADP)

Maximum 12 months.

B) Sending applications for personnel selection. By accessing the careers area, you can send your application via e-mail address [email protected]. The data will be processed for the purpose of personnel selection.

The processing is necessary for the implementation of pre-contractual measures taken at the request of the data subject (Art. 31 para. 2 lett. a) FADP)

Application profiles that are not related to departments and functions of the company are deleted. Otherwise, CVs are kept for 12 months. In the case of open positions, the interested party will be contacted for an interview.

C) subject to consent, direct marketing activities, for the sending of newsletters/commercial and informative communications, for example, on new services and products offered, on events promoted/sponsored by the Data Controller or events of third parties where the Data Controller participates as a partner, on publications of interest and articles of the Data Controller or for the compilation of statistics and customer satisfaction analyses. The main tool used is the mail electronics.

The Data Controller uses systems with reports to compare and possibly improve the results of automated communications. Thanks to the reports, the Data Controller will be able to know, for example: the number of readers, openings, unique "clickers" and "clicks"; the devices and operating systems used to read the communication; details on the activity of individual users; the details of emails sent, delivered and undelivered, and forwarded emails. All this data is used for the purpose of comparing, and possibly improving, the results of communications.

Consent of the data subject (Art. 31 para. 1 FADP).

Until consent is revoked.

 

4. TO WHOM WILL PERSONAL DATA BE COMMUNICATED? DATA RECIPIENTS

Personal data will be communicated to subjects who will process the data as independent Data Controllers, or Data Processors (art. 9 FADP) and processed by natural persons acting under the authority of the Data Controller and the Data Processors on the basis of specific instructions provided regarding the purposes and methods of processing. The data will be communicated to recipients belonging to the following categories:

  • Subjects who provide services for the website and communication networks, including e-mail, hosting and management of the website, appointment booking services, direct marketing activities;
  •  Group companies that provide services to Var Group Suisse Sagl;
  • Competent authorities for the fulfilment of legal obligations and/or provisions of public bodies, upon request.

The list of Data Processors art. 9 FADP is available by writing to the other addresses indicated above.

 

5. WILL THE DATA BE TRANSFERRED TO NON-EEA COUNTRIES?

Personal data are processed in Switzerland, but are also communicated abroad, in particular, in Italy, in the European Economic Area, where the MS Dynamics CRM system, the application where customer data resides, is located. It should be noted that, in accordance with the Federal Council, the FADP and the Federal Data Protection and Information Commissioner, countries within the European Economic Area are third countries that have adequate safeguards for the transfer of personal data. The list of suitable countries can be checked at the following link:  https://www.fedlex.admin.ch/eli/oc/2022/568/it#annex_1/lvl_u1

 

6. WHAT ARE YOUR RIGHTS? HOW CAN HE EXERCISE THEM?

Pursuant to the FADP, the Data Controller grants the following rights: - obtain from the data controller confirmation as to whether or not personal data concerning you are being processed and, if so, to obtain access to the personal data (Access); - obtain the rectification of inaccurate or outdated personal data; - to be informed in writing and free of charge if personal data concerning you are being processed; - obtain portability of your personal data or request that it be transferred to a third party; - request the restriction or blocking of data processing, the prevention of the disclosure of data to third parties or the rectification or destruction of personal data; - request the prohibition of a specific processing of personal data and a specific communication of personal data to third parties or the erasure or destruction of certain personal data; - revoke the consent given; - if neither the correctness nor the inaccuracy of the personal data can be proven, request the addition of a note to indicate the objection; - request that the rectification, destruction, blocking, in particular communication to third parties, in addition to the note on the dispute or sentence be communicated to third parties or published; - have the processing of personal data declared unlawful.

To stop receiving automated direct marketing communications (emails), you will only need to write an email using our automatic unsubscribe systems.

 

Any other administrative and judicial remedy is reserved, if you consider that the processing of your data violates the provisions of the FADP, you have the right to contact the Federal Data Protection and Information Commissioner. It is understood that you can exercise your rights by contacting the Data Controller by writing to: [email protected] and/or [email protected].  

 

7. CHANGES TO THE POLICY

The Data Controller may change, modify, add or remove any part of this Privacy Policy. In order to facilitate the verification of any changes, the policy will contain an indication of the date of update of the policy itself.

 

Date update: June 19, 2026