Data protection information
The Osec mandate
Osec has been appointed by the Federation to perform a range of promotional activities based on various service agreements. These activities concern Swiss exports, imports from developing and transition countries, investments in Sub-Saharan Africa, and the promotion of Switzerland as a business location. As part of its export promotion work, Osec helps SMEs from Switzerland and Liechtenstein at every turn as they attempt to turn their export concepts into reality. The import promotion programme is designed to make it easier for SMEs from targeted countries to gain access to Switzerland and the other European markets. In terms of promoting investment, support is made available to those investing in certain countries south of the Sahara. Work on promoting Switzerland as a business location is geared towards helping foreign companies establish a presence in the country.
Categories of data collected
Data on customers
Customer data is regularly collected with a view to meeting the requirements of the service agreements. Customers include natural and legal persons who receive services from Osec, its network partners or its points of contact based in foreign countries (Swiss Business Hubs). In the current context, services include:
- Consultancy services
- Information services
- Event and trade fair services
- Hire services
Data on association members
Osec is an association in the sense of Art. 60 ff. of the Swiss Civil Code. Data is collected on new members when they apply for membership of the association.
In addition to widely available data such as name, address, telephone number and e-mail address, data relating to sales, the number of employees, area of activity, etc. is also collected from members of the association and from customers.
Forwarding of data to third parties
Any data relating to association members that is widely available can be forwarded to third parties, provided no reference is made to any association membership. Osec is automatically authorised to do this when an applicant signs the application for membership of the association. Any data relating to customers that is widely available shall only be forwarded where this is necessary to provide the particular service required. Member and customer data that relates to corporate objectives, market and business interests, employee roles (directors, sales managers, marketing managers), sales, etc. (“sensitive data”) can only ever be forwarded to third parties with the approval of those concerned.
(Ex-)members of the association and (ex-)customers may receive information from Osec, from Osec’s official points of contact and from Osec’s network partners in Switzerland and abroad on specific or general economic activities. Such persons may be contacted in writing, by telephone or by e-mail. Anyone who is not interested in receiving this information and does not wish to be contacted can inform Osec accordingly.
Osec e-mails a newsletter to members twice a month. This contains general market information, details of international business opportunities, details on events and fairs, etc. Members not interested in receiving the newsletter can unsubscribe at any time.
Data gathering and data exchange with a view to meeting the requirements of the service agreements
Handling data entered by users
Osec offers a variety of online platforms, enabling the users themselves to enter details of the kinds of products, markets and business relationships they are interested in. The “Match-Making” facility (matching up Swiss supply with foreign demand) is intended as a way of targeting interested parties as efficiently as possible with information on business opportunities, trends and export/import/investment possibilities. There is also an opportunity for experts from various industries to register with a pool of experts so that they can offer advice and solutions to all kinds of technical questions. Osec’s databases can be accessed by the public. This ensures that market-relevant information is distributed as effectively as possible.
Handling data entered by Osec
As part of its role as a network coordinator, Osec has a CRM database for entering data on companies, individuals and projects. This database is supplied with data from a wide variety of domestic and foreign sources. Employees of both Osec and the Swiss Business Hubs abroad have access to the database. By linking individual pieces of information with the main entities involved it is possible to build up a comprehensive picture of the customers and partners of the Business Network Switzerland (BNS), and their relationships with other organisations whose details have also been included on the system. Such extensive and detailed data exchange calls for particularly careful data handling. Therefore, employees with access to the CRM system are obliged to sign a separate confidentiality agreement.
Scope of data processing, data security
Osec relies on data exchange to meet the requirements of its service agreements. Osec is conscious of the problems that dealing with sensitive data presents. For this reason, data may only be used for the purpose explained at the time of its collection, for an obvious purpose that is clear from the context or for the purpose of meeting a legal requirement. Osec is committed to continuously checking the correctness and completeness of its data, and updates it on an ongoing basis. Data collection and processing complies with the requirements of the federal law on data protection (DSG; SR 235.1) and the federal law on unfair practices (UWG; SR 241). Data is collected whenever this is necessary for Osec to perform its role. Data is destroyed once it is no longer required. Osec takes appropriate precautions to guarantee the security of its data. Osec restricts access to confidential information to those employees who actually require it to help Osec perform its role.
If the services offered by Osec are abused, in particular if there is a suspicion of criminal activity, data supplied by members, customers and users may be evaluated to clarify the facts of the case and, on request, passed on to the competent authorities.
The Osec website uses what are called "Session cookies" to identify the user during the period of his or her visit. Session cookies are automatically deleted when the session is ended.
Users can set their browser to disable cookies, restrict them to certain websites, or notify them as soon as a cookie is sent. Users can also delete cookies from their computer’s hard drive at any time. However, rejecting session cookies may make it more difficult or impossible to use the Osec website.
Each time a page is called up and displayed, access data are saved to a protocol file, the server log. The data record saved in this way contains the following data:
1. Time of day, status, the request which the user’s browser sent to the server, and the website from which the user has been directed to the requested page (referrer).
2. Details of the type and version of the browser used (user agent).
Here Osec uses the Apache webserver’s standardised “combined” logfile format. After the visit to the Osec website has ended, the user IP address is saved and anonymised. Anonymisation means that the IP addresses are changed in such a way that individual details about personal or factual circumstances can no longer be allocated to a specific or identifiable natural person, or only by a disproportionate outlay of time, cost and effort.
Osec uses anonymised protocol data (logs) for statistical evaluation; that is to say, data is not allocated to and does not refer to individual use. Thus Osec is able for example to find out on which days and at which times the products and services offered on its website are especially popular, and what volumes of data are generated on its website. Moreover Osec can use the log files to identify possible faults, e.g. defective links or programming errors, and thereby use the log files for the development of its website. Osec does not link the page-views and uses recorded in the server log to individual persons. However, Osec reserves the right to use data from log files if there is a suspicion that users are using the website unlawfully or in violation of contract.
The information and data contained in this publication/guide are drawn from a variety of sources and have been researched with the greatest possible care. Persons wishing to use information from this publication/guide do so at their own risk. Osec as well as third parties who have provided input for the various chapters (e.g. PricewaterhouseCoopers) assume no liability for the accuracy, currency or completeness of the information published in the Investor’s Handbook / Guide.
The provisions of Art. 8 of the DSG allow members and customers of Osec to ask whether data is being held on them and to inspect this data. Anyone wishing to inspect such data should contact: email@example.com