Privacy Policy

1. General information

Data protection is important to us. We therefore process your personal data (“personal data”) with great care and in accordance with the applicable legal requirements. We process your personal data for various purposes and provide transparent information about this data processing in this document. The term “personal data” refers to all information that can be linked to an identified or identifiable natural person. The term “processing” covers any handling of personal data, e.g. obtaining, disclosing, storing, deleting, etc.

Please read the entire privacy policy carefully. This will tell you how and why we process your personal data and what rights you have in connection with this data processing.

This privacy policy is based on the Swiss New Federal Act on Data Protection (nFADP). It is also based on the European General Data Protection Regulation (GDPR). The extent to which the GDPR is applicable depends on the individual case.

To whom and when does this privacy policy apply?

  • if you purchase services or products from us or have a contractual relationship with us
  • Visitors to our website <>
  • when you contact us, e.g. by e-mail, letter, via our contact form or another contact tool
  • when you receive information or marketing communication from us
  • when you apply for a job with us
  • if you have dealings with us in the context of further data processing in connection with our offers

2. Responsibility

The company responsible for the processing of personal data is the one that determines the purpose and means of the processing. The following company or person is the “controller” within the meaning of the FADP, i.e. the body responsible under data protection law, for data processing in accordance with this privacy policy, unless otherwise communicated in specific individual cases (identity): ACAI GmbH, Obere Burghalde 22, 8225 Siblingen, Schweiz

If you have any concerns or questions about data protection, you can contact us at the following address:

You can then also contact the following offices:
EU representative: Michael Ullrich, Obere Burghalde 22, CH-8225 Siblingen,
UK representative: Michael Ullrich, Obere Burghalde 22, CH-8225 Siblingen,
Data protection officer according to DSGVO: Michael Ullrich, Obere Burghalde 22, CH-8225 Siblingen,

3. Personal data to be processed

We also process different categories of personal data in view of the different purposes. In the case of contractual partners who are companies, we process less personal data - here we process in particular data of contact persons of the companies (e.g. name, e-mail address, function in the company, communication data). You provide us with much of the following personal data yourself. As a rule, however, you are not obliged to do so. If you provide us with data about other persons, we assume that you are authorized to do so and that this data is also correct. You automatically confirm this when you provide us with data about these third parties. Please ensure that the third parties concerned have been made aware of this privacy policy.

3.1. Basic data and contact information

Basic data and contact information relate directly to your person and characteristics (e.g. to contact you). For example, we process the following basic data:

  • Surname, first name
  • E-mail
  • Address
  • Telephone number
  • Information on professional function and employment (e.g. employment relationship, employer)

We receive this master data directly from you. Under certain conditions, however, we may also obtain personal data from third parties, e.g. from our contractual partners, associations and address dealers and from publicly accessible sources such as the Internet.

3.2. Contract data

Contract data is information that arises in connection with the execution of the contract. We edit the following data:

  • Information from the run-up to the conclusion of a contract and information on the conclusion of the contract itself (e.g. on the subject matter of the contract), as well as the information required or used for processing
  • Date, information on the type and duration as well as conditions of the contract in question, data on the termination of the contract
  • Customer history
  • Information on payments and payment modalities, mutual claims
  • Information on complaints, information on customer satisfaction, complaints, feedback
  • Answers to customer and satisfaction surveys

3.3. Application data

Application data is data that is collected in connection with your application to us, e.g. these are the following data:

  • CV, letter of motivation
  • Employment and degree certificates
  • Information about your current job (e.g. notice period) Salary expectations
  • Information in connection with a job interview

3.4. Communication data

Communication data is data that arises in connection with communication with you, e.g. the following data:

  • Contact details such as postal address, e-mail address and telephone number Content of all correspondence
  • Information on the type, time and other marginal data of the communication

3.5. Location data and technical data

When you visit our website, technical data is collected. This includes the following data, for example:

  • Location and traffic data
  • IP address of the end device and device ID
  • Information about your device, the operating system of your end device Information about your internet provider
  • Content accessed or logs in which the use of our systems is recorded
  • Date and time of access to the website

3.6. Other possible data

If necessary, we can then also process the following additional data:

  • We may collect data about who attends events and when

4. Purposes of our data processing

Where permitted, we process your personal data for various purposes in which we have a legitimate interest corresponding to the purpose:

  • For contract fulfillment
  • To improve our services and products
  • For communication (e.g. replying to your messages)
  • For marketing and information purposes (e.g. so that we can inform you about offers or new activities according to your personal interests)
  • Examination of your application (so that we can assess whether you are suitable for a position with us)
  • To maintain our IT security (in particular to monitor the performance of our website)
  • For internal administration (e.g. in the context of accounting or archiving data)
  • Assertion of legal claims (if necessary, we also process personal data in order to assert claims in and out of court and before authorities in * Switzerland and abroad or to defend ourselves against legal claims)
  • For company development (e.g. for company management, for the processing of the purchase and sale of business divisions and the associated transfer of personal data)

On our website, we offer you the option of using a so-called social media plugin from YouTube and LinkedIn to integrate functions of the respective provider on our website. These plugins are deactivated by default, but are activated when you click on the social media icon on the website. You can address requests for information and other requests from data subjects in connection with these social media providers directly to the provider in question.

5. Online advertising techniques

We use online advertising technologies such as cookies on our website. This allows us to measure the user-friendliness and success of the website and online advertising campaigns.

5.1. What are online advertising technologies such as cookies?

If we track you, we can distinguish your accesses from accesses by other users so that we can ensure the functionality of the website and compile statistical data to be able to carry out evaluations. Each time you visit our website, you are recognized as an individual visitor and can therefore be distinguished from other people, for example by the server assigning a unique identification number to your browser (this is known as a “cookie”). Cookies are automatically stored on your end device when you visit our website. We use cookies, for example, to save settings between your visits to the website or to collect statistical, technical data.

5.2. Which cookies or online advertising technologies do we use?

We use analytics services so that we can optimize our website. In the following, we explain how our most important analytics service providers work by way of example. Other third-party providers of corresponding tools generally process personal data in a similar way.

  • Google Analytics, an analytics service provided by Google LLC and Google Ireland Ltd. Google Ireland Ltd. is the controller for the processing of personal data. Google uses cookies and online advertising techniques to analyze certain information about the behavior of individual users on the website. On the basis of the analyzed data, Google provides us with evaluations, but also processes data for its own purposes. Information on data protection at Google Analytics can be found here:

  • LinkedIn Insight Tag, an analysis tool from LinkedIn Ireland Unlimited Company. This tool informs us that you have visited our website and processes your IP address. The tool allows us to analyze the use of our website. The data is stored on servers in the EEA and the USA. Please note that LinkedIn can establish a connection to a user profile and use analyzed data for its own advertising purposes. You can find more information about LinkedIn’s data protection and corresponding settings options here:

6. Disclosure of data to other companies and other recipients

We disclose your personal data to service providers. This applies in particular to IT service providers, but may - where necessary - include analysis service providers, debt collection service providers, credit agencies, marketing service providers, etc. If these service providers process personal data as processors, they are obliged to process personal data exclusively in accordance with our instructions and to take data security measures. Data may then also be disclosed to other recipients, e.g. to courts and authorities in the context of legal proceedings.

In individual cases, we may also pass on personal data to other third parties for their own purposes, e.g. if you have given us your consent to do so or if we are legally obliged or entitled to do so.

7. Personal data abroad

Recipients of data (e.g. other companies or authorities) are not only in Switzerland. This applies in particular to certain service providers. These may also be located outside the European Economic Area (EEA) and Switzerland, in particular the USA, i.e. also in other countries around the world. For example, we may transfer data to authorities abroad if we are legally obliged to do so. Not all countries outside Switzerland and the EEA have the same level of data protection as in Switzerland. We therefore compensate for the lower level of protection through appropriate contracts, in particular the so-called Standard Contractual Clauses issued by the European Commission and recognized by the Swiss Federal Data Protection and Information Commissioner (FDPIC).

In certain cases, we may also transfer data without these contracts in accordance with data protection regulations, e.g. if you have consented to a specific disclosure of data or if the disclosure is necessary for the performance of a contract or the enforcement of legal claims or for overriding public interests.

8. Duration of data processing

We store and process your personal data for as long as it is necessary for the purpose of processing (for data in connection with contracts, this is usually for the duration of the contractual relationship), as long as we have a legitimate interest in storing the data (e.g. to enforce legal claims or to ensure IT security) and as long as data is subject to a statutory retention obligation (for certain data, for example, a ten-year retention period applies, which we must comply with). We destroy or anonymize your personal data after the storage or processing period has expired, provided that no legal or contractual obligations prohibit this.

Depending on the circumstances, data processing is only permitted if the applicable law specifically allows it. This does not apply under Swiss data protection law, but under the European GDPR, insofar as it applies. In this case, we base the processing of your personal data on the following legal bases:

  • on your consent (Art. 6 para. 1 lit. a and Art. 9 para. 2 lit. a GDPR);
  • that the processing is necessary for the fulfillment of the contract or pre-contractual measures (Art. 6 para. 2 lit. b GDPR)
  • the processing is necessary for a legitimate interest in data processing (Art. 6 para. 1 lit. f GDPR)
  • that the processing is necessary for the assertion of or defense against legal claims or civil proceedings (Art. 6 para. 1 lit. f and Art. 9 para. 2 lit. f GDPR)
  • that the processing is necessary for compliance with domestic or foreign legal provisions (Art. 6 para. 1 lit. c and lit. f as well as Art. 9 para. 2 lit. g GDPR)

10. Rights of data subjects

You have certain rights under applicable data protection law to obtain further information about our data processing and to influence it. These are in particular the following rights:

  • You have a right to information. This means that you can request information about our data processing. We will be happy to provide you with this information. You can also submit a request for information if you would like further information and a copy of your data.
  • You have a right to data portability. This means that you have the right to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format or to have it transferred to a third party, provided that the corresponding data processing is based on your consent or is necessary for the performance of the contract.
  • You have the right to erasure and objection. This means that you can object to our data processing so that we can no longer process your data. You can then request that we delete your personal data. However, we would like to point out that we will continue to process and store your data if we are obliged to do so.
  • You have a right to rectification. This means that you can have incorrect or incomplete personal data corrected or completed or then have it marked with a so-called confirmation note.
  • You have the right to withdraw your consent. This means that you can withdraw your consent at any time, provided that you have previously given your consent for data processing. The revocation applies from this moment, i.e. only for the future and not for the past. However, we may continue to process your data on another basis if you withdraw your consent.

If you assert your rights as a data subject, we must verify your identity (e.g. by sending you a copy of your ID). The listed data subject rights are then subject to legal requirements and restrictions. This means that it is not always possible to exercise your rights in full. For example, we must continue to process your personal data in order to fulfill a contract with you, to protect our own legitimate interests or to comply with legal obligations. To the extent permitted by law (e.g. to protect the privacy of third parties and to protect our own legitimate interests, such as the existence of business secrets), we may restrict or refuse to exercise your rights. It should also be noted that you also have the option of contacting the responsible data protection authority with your concerns.

11. Status of the privacy policy

This privacy policy is up to date and dated 04.02.2024.

This privacy policy was created by - Your data protection expert.