1. scope of application

This Privacy Policy (hereinafter“Policy“) provides information on how and for what purposes the companies belonging to the Artisa Group process your personal data (hereinafter“you”). The list of Artisa Group companies to which this Notice applies can be found at the end of this section i (hereinafter“we” or“Artisa“).

“Personal data” means any information about an identified or identifiable natural person.

We process Personal Data in accordance with the requirements of the Swiss Federal Data Protection Act (hereinafter“DPA“) and, if and to the extent applicable, in accordance with the European Union General Data Protection Regulation (hereinafter“GDPR“). If we deem it appropriate, we may provide you with additional privacy information.

Since Artisa consists of several companies, the company responsible for processing your Personal Data may vary. The Artisa company with whom you correspond or have a contractual relationship or who has referred you to this Privacy Policy in the context of an inquiry, contract, or other correspondence is responsible for the processing of your personal data under this Policy.

Depending on the data processing, Artisa companies may individually or jointly be data controllers or also assume the role of data controllers within the meaning of the DPA.

The contact person for any questions regarding data protection, regardless of which Artisa company is responsible for processing your Personal Data in each case, is:

Artisa Group AG

Metal Road 4

6300 Zug

Phone: +41 91 873 45 00

E-mail: privacy@artisagroup.com

The representative in the EU for data protection under Art. 27 GDPR is:

Artisa Developer Italy Srl

Via Montenapoleone 27

20121 Milan, Italy

Phone +39 02 3650 4531

E-mail: privacy@artisagroup.com

If you have any questions about data protection in Artisa, please contact us at the addresses above.

List of Artisa Group companies

Company name Nation Canton
Realab SA Svizzera Zurigo
Artisa Finance AG Svizzera Zugo
Artisa Developer AG Svizzera Zugo
Artisa Architettura SA Svizzera Ticino
G&A Total Contract Svizzera Ticino
Artisa Consulting SA Svizzera Ticino
Artisa Real Estate AG Svizzera Zugo
Swiss Real Estate Developer AG Svizzera Zugo
Artisa Group AG Svizzera Zugo
Artisa Romandie SA Svizzera Zugo
Artisa Micro Living AG Svizzera Zugo
Artisa Senior Residence AG Svizzera Zugo
Artisa Immobiliare SA Svizzera Manno
Hotel Seepark AG Svizzera Zugo
Artisa Fund AG Svizzera Zugo
Artisa Solar Sarl Svizzera Manno
Samansela SA Svizzera Manno
ART FLEET MANAGEMENT SAGL Svizzera Manno
Motta Immobiliare SA Svizzera Manno
AX Investment SA Svizzera Manno
Artisa Management Luxembourg Sarl Lussemburgo Lussemburgo
Micro Living Developer SCA Lussemburgo Lussemburgo
Artisa Developer Italia Srl Italia Milano
Are Project 1 Srl Italia Milano
Are Project 2 Srl Italia Milano
Are Project 3 Srl Italia Milano
Are Project 4 Srl Italia Milano
AreProject 5 Srl Italia Milano
Fondo Aedificium Italia Milano
Project Viale Monza Srl Italia Milano
Artisa Finance Srl Italia Milano
Artisa Developer Deutschland Gmbh Germania Francoforte
Artisa Developer France SAS Francia Parigi
Artisa Developer CZ Repubblica Ceca Praga
Artisa Real Estate CZ s.r.o Repubblica Ceca Praga
ARE CZ 1 s.r.o Repubblica Ceca Praga

2 Data origin and data categories

We primarily process Personal Data that we receive or collect from our customers (including their employees, shareholders, directors, etc.), website visitors, service providers, banks, and other business partners in the course of our business activities. In addition, we may also process Personal Data that we have obtained from publicly accessible sources (e.g., websites or public records such as the commercial registry, etc.) and that we have obtained from publicly accessible sources.

The Personal Data we process includes, as appropriate, in particular name and contact details (e.g. address, telephone number and e-mail address), identification data (e.g. passport number, ID card number, birth data, nationality, gender), job title and employment relationship, country of residence, geographic location, family situation (e.g. marital status, number of children), data relating to criminal proceedings, financial information for payment purposes (e.g. bank account data) financial data (e.g., financial assets, source of funds), investment information (e.g., investment profile, risk profile, suitability testing, asset allocation, investments, transaction data (e.g., payment instructions, investment instructions), information on the use of our websites, and information of any kind from correspondence, contacts, and interactions (e.g., photographs, videos, and voice recordings) with us.

3 Purpose of processing and legal basis

3.1 In relation to our business activities

We process your personal data primarily to provide our services in connection with our business activities. Specifically, we process your personal data for the following purposes:

    • To communicate with you, particularly to provide you with information or to process your requests. If you contact us by e-mail, you authorize us to respond to you through the same channel. Please note that unencrypted e-mails are transmitted over the Internet, so it cannot be ruled out that they may be viewed, accessed, and manipulated by third parties. Therefore, we ask you not to send us confidential information via e-mail. We exclude, to the extent permitted by law, any liability you may incur, particularly in the event of erroneous transmission, falsification of content, or network interruption (outages, overloading, illegal intervention, blocking);
    • To make our services and website available to you and to evaluate and improve them;
    • for the conclusion, administration and execution of our contractual relationships;
    • To maintain and manage the business relationship with you (including the issuance of invoices);
    • to inform you of recent updates or to provide you with other information about our services;
    • To promote our services;
    • For statistical purposes;
    • for IT and building security measures (such as access controls, visitor lists, network and mail scanners, telephone records) and for risk control reasons;
    • for the assertion of legal rights and defense in connection with legal disputes and proceedings before the authorities;
    • To fulfill our legal obligations.

We process your personal data for the above purposes, depending on the situation, particularly on the following legal bases:

    • processing of Personal Data is necessary for the performance of an agreement with you;
    • You have given your consent to the processing of personal data about you;
    • The processing of Personal Data is necessary for the fulfillment of a legal obligation;
    • We have a legitimate interest in processing Personal Data.

3.2 Visiting our websites

Whenever a user accesses our website, our server collects a variety of information about the user that is stored in the server log file. Information collected includes, but is not limited to, the IP address, the date and time of access, the time difference from GMT, the name and URL of the downloaded file, the website from which access is made, the browser used, and the operating system used.

Use of this general information does not involve identification of a specific person. The collection of this information or data is technically necessary to view our website and to ensure its stability and security. This information is also collected to improve the website and to analyze its use. The legal basis for the temporary storage of information and log files is our legitimate interest in being able to offer our website with sufficient quality and to continuously improve it.

3.3 Contact by e-mail and telephone

You can contact us using the e-mail address and phone numbers provided on our website. The personal data you send us will be stored and processed by us for the purpose of processing your request. The legal basis for this processing of personal data is your consent and our legitimate interest in processing your request.

3.4 Cookie/analysis tools

Our website may use so-called cookies or other technologies/tools such as pixels, tags or external services (hereinafter“cookies” or“analytics tools“). Cookies are text files that are stored in or by the Internet browser on the user’s computer system or mobile device. The cookie contains a characteristic string that uniquely identifies the browser or mobile device when you visit the website or app again.

The purpose of using cookies is, on the one hand, to enable and simplify users’ use of our website. Some functions of the website cannot be offered without the use of cookies (so-called technically necessary cookies). On the other hand, we use cookies/analytics tools to analyze users’ behavior on our website, especially for measuring reach and for marketing purposes.

3.4.1 Technically necessary cookies

Technically necessary cookies are essential for the operation of our website. Therefore, these cookies cannot be disabled in our systems. These cookies usually record important actions, such as the number of requests made, changing privacy settings (for example, when the user gives consent to certain options), or filling out forms. Although you can block these cookies in your browser, some parts of our website may no longer work.

The legal basis for data processing when using technically necessary cookies is our legitimate interest, which is primarily to ensure the functionality and improvement of our website.

3.4.2 Analytical and marketing cookies

Analytical cookies allow us to analyze visitor behavior and traffic sources so that we can measure the performance of our website and improve the user experience. They help us identify the degree of popularity of pages and show us how visitors move within our website. The information collected is aggregated and anonymous.

Marketing cookies allow us to provide relevant advertising to you. These cookies may remember that you have visited our website and share this information with other companies, including other advertisers.

If we use cookies for analytics and marketing purposes, we obtain your consent. Therefore, the processing of data for analysis and marketing purposes is based on your consent. If you provide us with your consent, you can revoke it at any time with effect for the future. However, this does not affect the lawfulness of processing carried out on the basis of your consent before your revocation. You can opt out at any time by changing your cookie settings.

3.4.3 Disabling the cookie via the browser

The user can object to the use of cookies, for example. (i) selecting the appropriate settings in his or her browser or (ii) using appropriate cookie blocking software (e.g., ghostery, etc.).

For more information and support related to managing cookies directly from your browser, you can visit the following pages:

For more information visit: http://www.youronlinechoices.eu/

If you do not know the type and version of the browser you are using, click on “Help” in the browser window above, from which you can access all the information you need.

If you know your browser, click on the browser you are using to access the cookie management page.

3. 5 Google Maps

On our website we may use the Google Maps plug-in from Google Ireland Limited or Google LLC, USA. If you use Google Maps on our website, information about your use of our website (including your IP address) may be transmitted to and stored on a Google server in the United States. We have no knowledge of the precise content of the transmitted data or its use by Google. However, user data is only transmitted to Google if the user activates Google Maps content on our website.

The legal basis for processing your data is Your consent. For more information about the Google Maps privacy policy and terms of use, visit the following link:
https:
//www.google.com/intl/en_de/help/terms_maps.

3.6 Social media plug-ins

On our website we may use the social media plug-ins contained in the following table. For this purpose, we use the so-called two-click solution, which means that when you visit our website, in principle no personal data is disclosed to the plug-in providers. Only from the moment you click on the selected plug-in field and activate it, the provider will be informed that you have visited our website. In addition, the data referred to in Section 3.2 of this privacy policy will be transmitted. The legal basis for processing your data in connection with social media plug-ins is our legitimate interest in enabling our users to use social media plug-ins.

We have no control over the data collected and data processing operations of plug-in providers. These are subject to the respective privacy policies of the third-party providers. More information about the purpose and scope of data collection and processing by plug-in providers can be found in the privacy policies of those providers below.

Plug-in Provider and privacy information
LinkedIn LinkedIn Ireland Unlimited Company:

https://www.linkedin.com/legal/privacy-policy

Facebook Meta Platforms Ireland Limited:

https://www.facebook.com/about/privacy/update?ref=old_policy

 

3.7 Application

You can apply for a position at Artisa through an online channel, through our careers page, by mail or through the e-mail address provided on our website. Your application documents and all personal data you have provided to us will be treated confidentially, will not be disclosed to third parties and will be processed only for the purpose of processing your application for employment with us. Unless you have given consent to the contrary, your application file will be returned to you after the conclusion of the application process or will be deleted/destroyed, unless it is subject to a legal retention requirement. The legal basis for processing your data is your consent, the performance of the contract with you and our legitimate interests.

4. links to other sites

Our website contains links to websites operated by third-party companies. This privacy policy does not extend to the websites of these other companies. When using these websites, you should observe the privacy policies of these companies regarding the processing of your data. In case you have indications of possible violations on the pages we link to, we ask you to inform us so that we can prevent possible linking.

5. communication of personal data to recipients and abroad

5.1 Disclosure of personal data to recipients

In addition to data transfers to recipients expressly mentioned in this privacy policy, we may – to the extent permitted – disclose Personal Data to the following categories of recipients:

  • Other companies belonging to Artisa;
  • Providers to whom we have outsourced certain services (e.g., debt collection service providers, etc.;)
  • Service providers, subcontractors and other business partners;
  • Banks and insurance companies;
  • Tax consultants, auditors, lawyers, notaries;
  • Domestic and foreign authorities, agencies, and courts.

5.2 Disclosure of personal data abroad

Your personal data may be processed within Switzerland and the European Union or the European Economic Area (hereinafter referred to as “EU/EEA”), but it may also be processed and transferred to a country outside Switzerland, the EU or the EEA, such as the United States.

If we transfer data to a country that does not have adequate legal data protection, we ensure an adequate level of protection as required by law by using appropriate contracts (in particular on the basis of the European Commission’s so-called model clauses and security measures such as encryption) or rely on the legal exceptions of consent, execution of a contract, conclusion of a contract, exercise or defense of a right in court, overriding public interests, published Personal Data, or because it is necessary to protect the vital interests of the data subject. We would like to point out that data transmitted abroad are no longer protected by Swiss law and that foreign laws and local authorities may require disclosure of such data to authorities and other third parties.

6. personal data retention period

We process and retain your personal data only as long as necessary in accordance with the purpose of processing or if there is another legal basis for doing so (e.g., statutory retention periods). We retain the Personal Data we hold on the basis of a contractual relationship with the User at least for the duration of that contractual relationship and the statute of limitations periods for potential claims or on the basis of contractual retention obligations. As soon as your personal information is no longer needed for the above purposes, it will be inactivated, deleted, or anonymized to the extent possible.

7. your rights

Pursuant to the Data Protection Act applicable to you and to the extent provided for, you have the right to information, rectification, deletion, the right to restrict data processing and to otherwise object to our data processing, as well as the handover of certain personal data for transfer to another location (so-called data portability). Please note, however, that we reserve the right to enforce the legal restrictions available to us, for example, if we are obliged to retain or process certain data, if we have an overriding interest in this (to the extent that we are entitled to rely on that interest), or if we need the data to enforce our rights. If this results in costs to the user, we will inform the user in advance.

If the data processing is based on your consent, after giving it you may revoke it at any time with future effect. However, this does not affect the lawfulness of processing carried out on the basis of your consent before your revocation.

The exercise of these rights generally requires that you clearly demonstrate your identity (e.g., by means of a copy of an identity document if your identity is unclear or cannot otherwise be verified). To enforce your rights, you may contact us at the address specified in Section 2 of this privacy policy.

In addition, every data subject has the right to assert his or her rights in court or file a complaint with the competent data protection authority. The competent data protection authority may vary depending on where you live or where the alleged violation of the applicable data protection law occurs.

8 Data Security

We take appropriate security measures to maintain the necessary security of your personal data and ensure its confidentiality, integrity and availability, and to protect it from unauthorized or unlawful processing, and to mitigate the risk of loss, accidental alteration, unauthorized disclosure or access.

9 Changes to this Privacy Policy

We expressly reserve the right to change this privacy policy at any time. If any changes are made, we will immediately post the revised privacy policy on our websites. The Privacy Policy (as amended from time to time) currently posted on our websites is always applicable.

Appendices

Last revision: August 2023