1. Who we are

TAXCOACH Ltd is a company that provides advice in relation to all aspects of Swiss and international tax and commercial law. The services of TAXCOACH Ltd comprise, amongst others:

advice concerning national and international corporate tax law and the taxation of private individuals, value added tax, including in particular also tax aspects relating to collective investment schemes, the buyback of own shares, within international vehicles, and tax aspects relating to trusts and foundations.

​

2. Bases for data processing

This Privacy Policy describes how we process your personal data, including in particular which personal data we collect for which purpose. It also regulates the sharing of data, retention periods and your rights.

Personal data (referred to below also as “data”) means any information concerning an identified or identifiable natural person. The term “data processing” must be understood within its situational concept and applies to any handling of personal data, irrespective of the instruments and procedures used, including in particular the collection, storage, usage, alteration, disclosure, archival or erasure of data.

We collect and process data for the purpose of the performance of our business tasks, in accordance with the statutory and contractual framework. The collection, processing and usage of personal data are governed by applicable Swiss1) and, where applicable, European legislation2).

We collect personal data in a transparent manner, acting in accordance with the principles of proportionality and usage for the intended purpose. Data are only processed on a scale and for as long as is necessary for the performance of our tasks and duties.

​

3. Purposes for which personal data are collected and processed

We process personal data that are necessary to guarantee our services securely and reliably on an ongoing basis. This includes in particular:

• the handing and management of contractual relations with clients, employees, suppliers etc.;

• the organisation of contact and communication in relation to the provision of services;

• website operation;

• ensuring security, compliance with legal obligations and the enforcement of claims;

• statistical surveys/assessments.

​

4. Which personal data do we process?

​

4.1. General contract and master data

Depending upon the purpose of data processing, client segment or service area, we collect various types of personal data, including under certain circumstances also particularly sensitive personal data.

We process at least the following data for all persons with whom we enter into contact or conduct dialogue, as well as contractual partners and clients:

• surname, forename, email address and where applicable gender, address, telephone number, title, date of birth, nationality, religious confession, marital status, information concerning family circumstances, profession, information concerning AHV [old-age and survivors’ insurance] number and national/international tax identification number;

• email and written correspondence (post).

In addition, depending upon the purpose of data processing, client segment or service area, we also collect and process data as described in the following paragraphs below:

​

4.2 Data relating to the performance of the mandate

We process the following data in relation to the performance and management of our mandates and communication with our clients:

• General contact and master data according to para. 4.1;

• For enterprises:

  • legal status, company capital and paid up capital, year of incorporation of the enterprise, national and international revenues, annual revenues achieved for each sector of operation, registration no.;

  • Branch offices: location of branch office, firm name, address, telephone, internet, email, correspondence language;

  • information concerning staffing levels: specialist areas, number of employees and managers, FTE percentages per position;

• Financial information;

• Risk assessment data:

  • extracts from debt enforcement registers;

  • management and control of the company:

    • information concerning the natural persons participating in the company, partners and members of the management: surname, forename, year of birth, nationality, function, share of voting rights, information concerning activities within the company;

    • information concerning companies and foundations participating in the company: company name, registered office, sector, percentage equity interest;

    • details of the contact person: surname, forename, date of birth, email and telephone number;

  • information concerning the appointment of managers at third party companies and where applicable the respective surname, forename, company name, sector, function and level of employment for the appointment;

  • information concerning equity holdings

• Payment information;

• Data relating to the mandate such as:

  • articles of association, minutes, contracts,

  • employee data (salary, social insurance),

  • accounting and tax information,

  • particularly sensitive personal data [such as data concerning health, religion, the receipt of social assistance, debt enforcement or bankruptcy].

These data are processed in particular within the ambit of services concerning Swiss and international tax and corporate law. These data relate primarily to our clients. However, they may also relate to third parties such as employees, contact persons or persons party to a (contractual) relationship with any of our clients. Our clients may therefore also refer to this Privacy Policy, although also need to take action themselves in order to comply with data protection law.

Data processing occurs for the purpose of the execution and management of mandates, credit checks, avoiding conflicts of interest and quality control. It also fulfils statutory and contractual requirements.

Data are generally communicated and provided directly by the client. However, depending upon the type and extent of the mandate, they may also be obtained from authorities, courts or third parties. Under certain circumstances, data may also be obtained directly from the employer of the data subject.

​

4.3. Data for direct mailing

We process the following personal data for the purpose of sending information concerning events, publications, etc. (marketing purposes):

• General contact and master data according to para. 4.1.

These data are necessary for the provision of a service, for communicating or for maintaining our client base. In order to improve our services, information relating to marketing and direct mailing is also assessed for statistical purposes. You can object to the usage of your personal data for marketing purposes at any time.

​

4.4.Data relating to direct communication (telephone, email or chat, online meetings, video conferences etc.)

The online meetings and video conferences organised by us are conducted via Zoom. We and/or our respective service provides may also process the following personal data, where necessary for the purpose of direct communication by telephone, email, cooperation solution or chat:

• General contact and master data according to para. 4.1;

• Other personal data contained in email communication;

• Data relating to communication such as IP address, time and duration of communication;

• Video-conference records, if necessary.

We process these personal data for the purpose of providing and improving our services for our clients and other interested third parties.

 

4.5. Data relating to staff

The processing of data for staff administration purposes is regulated separately in an internal directive.

Any data provided within the ambit of a job application that does not result in an appointment will be erased/destroyed unless we receive consent to retention.

​

4.6. Suppliers and other contractual partners

We process the following personal data of business partners that provide services or supplies for us:

• General contact and master data according to para. 4.1;

• Financial information such as bank details

• Information contained in contracts (such as data relating to the competent employees, advisors, information concerning the service provided etc.).

We process these data for the purpose of the performance of a contract and for the duration of the statutory retention periods under commercial law and tax law. If any of our contractual partners have access to our personal data [e.g. IT firms] in relation to the performance of their duties, we shall conclude a corresponding data processing agreement with them.

 

4.7. Operation, control and improvement of the website and other electronic channels

 

4.7.1. Server log files

Our website can be used without having to share any additional personal data. However, the server records user information whenever it is accessed. This information is stored temporarily on server log files. However, it is not cross-referenced with any specific person. Log files contain the following information:

• date and time of access and the quantity of data;

• the browser and operating system used;

• the provider’s domain name;

• the page from which you were referred to our server (referred URL),

• the search query;

• the IP address.

Collection of these data is technically necessary: The data collected are necessary for website stability and security and are used to analyse and improve website usage. They also enable any unlawful usage of our website to be examined precisely in the event of any suspicion.

 

4.7.2. Cookies

Our websites use cookies and similar technologies. If permitted by your device settings, we use cookies and similar tools in order to enable you to have an optimal surfing experience on our website.

Cookies are text files that are stored on your computer and enable your usage of the website to be analysed. They thus support the display of our website and help you to navigate around our website. Cookies collect data such as:

• the IP address;

• the website from which you were referred to our website;

• the type of device used by you;

• how you use our search functions (“search log”);

• what action you take after receiving the newsletter.

It is also possible to visit our website without using cookies. You can prevent cookies from being stored via the browser settings. However, under certain circumstances this may have an impact on the ability to use the website.

 

4.8. Ensuring security, compliance with legal obligations and the enforcement of claims

Where necessary, we may process the personal data mentioned above for the purpose of ensuring security and enforcing your rights, and may also share them for these purposes with third parties, such as courts or official bodies.

​

5. Data collection, retention period, security measures

 

5.1. Data collection

As a general rule, we receive the personal data referred to in para. 4 directly from you if you receive one of our services.

However, in the event that a mandate is placed, depending upon the type and extent of the mandate, data may also be obtained from authorities, courts or third parties.

We also obtain publicly accessible information from sources such as the media and the internet, where appropriate in the specific individual case (e.g. in relation to a job application), as well as data relating to website usage (see para. 4.8).

 

5.2. Retention period

We process and store personal data where necessary for the purpose of compliance with our contractual and legal obligations or any other purposes pursued through processing, where we have a legitimate interest in the retention of the respective personal data. In addition, personal data are retained where they are subject to statutory retention requirements or are necessary for criminal prosecution or for the establishment, exercise or defence of legal claims.

​

5.3. Data security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access and misuse. These include IT and network security solutions, access restrictions, data carrier encryption, encrypted transmission, instructions, training and controls.

Data are stored in the applications and software environments used by us. Data are stored in servers [in Switzerland/abroad]. If data are stored abroad (Teams, log files, etc.), the rules set forth in para. 7 apply.

If third parties have access to our data, specific measures are implemented, which are regulated in a data processing agreement (see para. 8).

​

6. Sharing and transmission of data

We can share personal data with third parties if you have granted your consent, if this is necessary to provide the respective service, to fulfil the purpose of the contract or to uphold our legitimate interests or if we are obliged to do so by law.

The following categories of recipient may receive personal data from us:

• service providers (e.g. IT service providers, hosting providers, suppliers, advisors, lawyers, insurers):

• third parties within the ambit of our legal or contractual obligations, authorities (such as the Audit Oversight Authority, tax authorities etc.), state bodies, courts.

The third parties instructed by us are obliged under contract to comply with data protection rules and to process data only for the purpose prescribed by us.

Most of our service providers are situated in Switzerland or in the EU/EEA. Some personal data may be transmitted to the USA (e.g. Google Analytics data). Should it be necessary to transmit data to a country that does not have an adequate level of data protection, this will occur on the basis of standard contractual clauses (e.g. in relation to Google) or other suitable guarantees.

The information that you transmit to us may also be anonymised for statistical assessment purposes and transmitted to third parties.

 

7. Your rights

Any person may obtain information concerning any of their personal data that are being processed as well as the origin, recipient and purpose of data collection and data processing. You also have the right to obtain the rectification, blockage, erasure or transfer of your data.

We may refuse, limit or delay access according to law if: a) an act makes formal provision to this effect, specifically for the purpose of upholding professional secrecy; b) this is necessary on account of the overriding interests of a third party; or c) the request for access is evidently unfounded, specifically if its purpose breaches data protection law or if it is evidently defamatory.

Data that are retained according to law or that are required for the conduct of business cannot and must not be erased. If data are not covered by a statutory archival requirement or our overriding interest in retention, we shall erase the data upon request by you. If an archival requirement applies, we shall block your data.

In addition, you can exercise your rights through the courts or lodge a complaint with the competent data protection authority.

​

8. Concluding provisions

​

8.1. Controller and contact

Unless specified otherwise, we are responsible for data processing under this Privacy Policy.

General enquiries relating to data protection can be sent by post or email to us: TAXCOACH Ltd, Seestrasse 344, Postfach, 8038 Zurich; info@taxcoach.ch.

If you have any questions relating to a specific individual, rectification requests or an erasure request, a copy of an ID card or passport must also be enclosed in order to identify the user.

​

8.2. Amendment of the Privacy Policy

We may amend our Privacy Policy at any time by publication on the website. This Privacy Policy was last updated in August 2023.

​

1) Federal Act of 25 September 2020 on Data Protection (DSG), Ordinance on Data Protection of 31 August 2022, (Data Protection Ordinance, DSV).

2) EU General Data Protection Regulation (GDPR)