Last updated: 06/04/2025
This Privacy and Cookie Policy describes how Loyal Group GmbH (hereinafter “Loyal Group” or “we”) collects, uses, stores, and protects the personal data of its clients and visitors of the website www.loyalgroup.ch. Our personal data processing activities are carried out in accordance with the Swiss Federal Act on Data Protection (FADP).
For any inquiries regarding data protection or to exercise the rights listed in this policy, you may contact us at the above email address.
Depending on the type of consultation requested, we collect and process the following categories of personal data:
The personal data is processed for:
Main legal bases · Contractual necessity: to conclude and execute the contract or for pre-contractual measures. · Legal obligation: to comply with regulatory provisions (e.g., in the tax field, anti-money laundering). · Legitimate interest: for marketing activities aimed at those who already have a contractual relationship or have requested advice. · Consent: in specific situations or if required by law (especially if the processing of sensitive data exceeds what is strictly necessary).
We share personal data exclusively with third parties in Switzerland or (if applicable) within the EU/EEA when necessary for the purposes indicated. In particular:
All third parties with whom we collaborate are bound by specific confidentiality agreements and process the data solely according to our instructions. We do not sell or transfer personal data to third parties for external marketing purposes.
We do not transfer personal data outside Switzerland or the EU/EEA, except for processing resulting from the use of third-party services (e.g., WhatsApp, as described in the dedicated section), which may store or route the data on servers located in countries that do not offer a level of protection equivalent to that of Switzerland or Europe. In such cases, the use of such services is based on the consent or informed choice of the data subject (for example, when the user chooses to communicate with us via WhatsApp), or within the framework of contractual clauses or other safeguards provided by applicable regulations.
Based on our legitimate interest, we may:
These activities are based on our interest in promoting our services to existing or potential clients who have already requested advice, established a contractual relationship, or shown interest in our offers. This interest has been assessed by balancing our business objectives with the rights and expectations of the data subjects. Data subjects may object to such communications at any time, for example by using the unsubscribe link included in every email or by contacting us at info@loyalgroup.ch, without affecting the contractual relationship or the services provided.
We retain personal data for the period strictly necessary for the purposes for which it was collected, taking into account legal obligations or the need to protect our rights. Typically, the data is retained for a maximum period of 10 years from the end of the contractual relationship, unless:
After this period, the data is deleted or rendered anonymous in an irreversible manner, unless further retention is required for legal reasons.
Data subjects may exercise the following rights, in accordance with the FADP:
To exercise these rights, you may contact us by email at info@loyalgroup.ch.
We adopt advanced technical and organizational security measures to protect personal data from unauthorized access, loss, alteration, or disclosure. The transfer of data between the user's browser and our servers is carried out exclusively via encrypted connections, using SSL (Secure Sockets Layer) certificates on all endpoints, with mandatory authentication to ensure the confidentiality and integrity of the transmitted information.
On our server, data is stored in a secure, externally inaccessible environment, thanks to a firewall configured to block unauthorized IP-level access. Administrative access to the machines is permitted only via certificate-based authentication, limiting entry to authorized personnel. Our systems are regularly updated to protect against known vulnerabilities and are periodically monitored to detect and prevent any anomalies or unauthorized access attempts.
Access to personal data is restricted solely to employees who have a legitimate need to access such data for the performance of their duties, in compliance with the principle of data minimization.
We use various communication channels with our clients, including email, telephone, and WhatsApp (managed by Meta, with an operational entity in Europe). WhatsApp may store or route data on servers located outside Switzerland or the EU/EEA. We encourage those who desire a higher level of protection to use alternative channels (such as email or telephone). If a client does not wish to transmit sensitive data via WhatsApp, they may notify us at any time, and we will use only more secure methods.
For consultations and online meetings, we may use Microsoft Teams or Google Meet. In these sessions, we process only the personal data necessary to allow participation (e.g., the email address to send the invitation). These platforms may collect technical information (such as IP addresses) in accordance with their respective privacy policies.
Our website uses technical cookies that are strictly necessary for its operation, which do not require the user’s consent. With explicit consent, obtained via a cookie management banner, we also use analytical and profiling cookies to:
The banner allows users to accept or reject each category of cookies in a simple manner. Consent can be revoked at any time through the banner or browser settings, without compromising access to the website or essential content.
What are cookies: Cookies are small text files stored on the user's device during browsing. They allow the visitor to be recognized, remember their preferences, and improve the user experience of the site.
Modification or deletion of third-party cookies: Should the user wish to modify or delete cookies set by third parties, they must refer to the respective privacy policies of the providers or contact them directly.
We use the YouSign platform for the electronic signing of documents (such as advisory mandates). The personal data collected (name, surname, email, signature) is necessary to authenticate and validate the electronic signature and is processed by YouSign in accordance with its data protection policies.
We have not appointed a Data Protection Officer (DPO) as the personal data processing carried out by Loyal Group GmbH does not involve systematic large-scale monitoring nor extensive processing of particularly sensitive data beyond what is strictly necessary for contractual purposes. For any questions or requests regarding data protection, you may contact us at info@loyalgroup.ch, where a dedicated internal representative will promptly respond.
We reserve the right to modify or update this Privacy and Cookie Policy at any time. Changes will take effect upon publication on the website www.loyalgroup.ch. We encourage users to check this page periodically for any updates.
This Privacy and Cookie Policy is available in multiple languages to facilitate understanding by international visitors and clients. For the purposes of interpretation and in the event of any legal disputes, the Italian version shall be considered the official and prevailing version over any other translation.
For further information or clarification, you may contact us at info@loyalgroup.ch.