Privacy Policy of Objaro GmbH

1. What is this Privacy Policy about?

2. Who is responsible for processing your data?

3. For what purposes do we collect and process which of your data?

4. What applies to automated decisions?

5. Where do the data come from?

6. To whom do we disclose your data?

7. Are your personal data also transferred abroad?

8. What rights do you have?

9. How are cookies, similar technologies and social media plug-ins used in our digital services?

10. How do we process personal data on our pages on social networks?

11. What else should be taken into account?

12. Can this Privacy Policy be amended?

1. What is this Privacy Policy about?

Objaro GmbH (hereinafter also referred to as “we” or “us”) collects and processes personal data, in particular personal data relating to visitors to our website, users of our services, related persons, contractual partners, recipients of newsletters and other entities, or in each case their contact persons and employees (hereinafter also referred to as “you”). In this Privacy Policy, we inform you about these data processing activities. In addition to this Privacy Policy, we may inform you separately about the processing of your data (e.g. in forms or contractual terms and conditions).
If you provide us with data about other persons (e.g. employees), we assume that you are authorised to do so, that such data are correct, and that you have ensured that these persons have been informed about this disclosure, insofar as there is a legal duty to provide information (e.g. by having made this Privacy Policy available to them in advance).

2. Who is responsible for processing your data?

Each collection and further processing of personal data has one or more controllers (under data protection law). In the case of activities of Objaro GmbH, unless otherwise stated, this is the company that is responsible for the website or the section of a website on which this Privacy Policy appears and is indicated as the operator (e.g. in the linked legal notice, by name, or as stated in the relevant documents). If another entity collects personal data on our website as an independent controller, we will indicate this.
For offer comparisons on www.objaro.ch, Objaro GmbH is the responsible controller.
The responsible legal entity is:

Objaro GmbH
c/o Robert Schweizer
Freilagerstrasse 74
8047 Zürich
info@objaro.ch

3. For what purposes do we collect and process which of your data?

If you use https://www.objaro.ch or other websites, apps or digital services (e.g. newsletters) provided by us (hereinafter collectively referred to as “digital services”), use our services or products, or otherwise interact with us, we collect and process various categories of your personal data. In principle, we may collect and otherwise process these data in particular for the following purposes, whereby the weighting of the individual purposes depends on your specific relationship with us:

• Provision of requested services: When using our digital services, you have the opportunity to benefit from a wide range of services (e.g. a comparison offer). In order to provide you with these services, we collect the relevant personal data required for this purpose (e.g. via an input form) and process these data in particular to fulfil and handle your requests (e.g. forwarding the request to the types of companies selected by you, such as architects, insurers, service providers, financial institutions and partner brokers). For this purpose, we may also collect personal data from third parties (e.g. credit information).
• Communication: In order to communicate with you and with third parties by email, telephone, letter or otherwise (e.g. to answer enquiries, within the scope of an assignment, a consultation, and for the initiation or performance of contracts), we process in particular the content of the communication, your contact details and the metadata of the communication. This also includes audio recordings of telephone calls, for example for quality assurance purposes. In the event of an audio or video recording, we will inform you separately and you are free to inform us if you do not wish a recording or to terminate the communication. If we need or wish to verify your identity, we collect additional data (e.g. a copy of an identity document).
• Initiation and conclusion of contracts: For the purpose of concluding a contract with you or your client or employer, or brokering a contract between you and one of our partners, we may in particular collect and otherwise process your name, contact details, photographs, powers of attorney, declarations of consent, information about third parties (e.g. contact persons), contract content, date of conclusion, creditworthiness data and any other data that you provide to us (e.g. data entered via input forms) or that we collect from third parties (e.g. credit data, HR extracts, information from your employer, information from publications).
• Administration and performance of contracts: We collect and process personal data in order to fulfil our contractual obligations towards our customers and other partners (e.g. insurance companies, brokerage service providers, IT providers, project partners), in particular to provide and claim contractual services. This also includes data processing for customer support, enforcement of contracts (debt collection, legal proceedings, etc.), accounting and public communication. For this purpose, we process data obtained or collected in the course of contract initiation, conclusion and performance, as well as, for example, data on contractual services and performance, information on reactions (e.g. satisfaction information) and financial and payment information.
• Relationship management and marketing purposes: We also process your personal data for relationship management and marketing purposes, for example to send or display personalised advertising (e.g. on our website, by email or via other channels) to our users, partners and other interested parties regarding services and other news from us and from third parties (e.g. advertising partners). For this purpose, we process in particular names, email addresses, telephone numbers and other contact details that we receive in the context of an assignment or consultation, the conclusion or performance of a contract or a registration (e.g. for a newsletter). You can object to such communications at any time or refuse or withdraw consent to being contacted for advertising purposes by notifying us (see contact details in section 2).
• Market research, improvement of our services and operations, and product development: In order to continuously improve our products and services (including digital services such as our website and apps), we collect data on your behaviour and preferences, for example by analysing how you navigate our digital services, how you interact with our social media profiles, or which products are used by which groups of people and in what way.
• Operation of our digital services: To ensure the secure and stable operation of our digital services, we collect technical data such as IP address, information about the operating system and settings of your device, region, time and type of use. We also use cookies and similar technologies. For further information, see section 9.
• Registration: In order to use certain services (e.g. login functions for saving and editing search projects), you must register directly with us. For this purpose, we process the data disclosed in the course of the respective registration. For further information on data collection in connection with the service, see the explanations on the provision of requested services in this section 3.
• Security purposes and access controls: We collect and process personal data to ensure and continuously improve the appropriate security of our IT systems and other infrastructure (e.g. buildings). This includes, for example, monitoring and controlling electronic access to our IT systems and physical access to our premises, analyses and testing of IT infrastructures, system and error checks, and the creation of security backups.
• Risk management and corporate governance: We collect and process personal data as part of risk management (e.g. to protect against criminal activities) and corporate governance. This includes, among other things, our operational organisation (e.g. resource planning) and corporate development (e.g. acquisition or sale of business units or companies).
• Other purposes: Other purposes include, among others, administrative purposes (e.g. accounting).

4. What applies to automated decisions?

For the purposes set out in section 3, we automatically evaluate certain of your personal characteristics based on your data when we wish to determine preference data in order to carry out statistical analyses or for operational planning purposes.
In certain situations, for reasons of efficiency and consistency of decision-making processes, it may be necessary to automate discretionary decisions affecting you (“automated individual decisions”). If such decisions have legal effects or may result in significant disadvantages, we will inform you and, as required by law, give you the opportunity for human review.

5. Where do the data come from?

• From you: Most of the data we process are provided by you (or your device) directly to us (e.g. in connection with our services, the use of our digital services or communication with us).
• From third parties: We may also obtain data from publicly accessible sources or receive them from authorities, insofar as your employer or client has a relationship with us, as well as from other third parties (e.g. partners, credit agencies, address dealers, internet analytics services). This includes in particular the data that we process in the context of an assignment, a consultation, the initiation, conclusion and performance of contracts, as well as all other data categories pursuant to section 3.

6. To whom do we disclose your data?

In connection with the purposes set out in section 3, we may in particular transfer your personal data to the following categories of recipients:

• Service providers: We work with service providers in Switzerland and abroad who process data on our behalf, jointly with us or under their own responsibility. These include, for example, facility management providers, interior designers or architects, advertising service providers, banks, insurance companies, debt collection agencies, credit reference agencies, address verification services or consulting companies.
• Partners: This includes, in particular, our partners where the transfer of your data results from an assignment, consultation or contract (e.g. because they provide services to you). This category also includes partners with whom we cooperate or who advertise for us. Partners generally process the data under their own responsibility.
• Other persons: This refers to other cases where the involvement of third parties arises from the purposes set out in section 3. This includes, for example, payment recipients designated by you, third parties in the context of representation relationships (e.g. your lawyer or bank), authorities or persons involved in administrative or court proceedings. As part of corporate development, we may sell or acquire businesses, business units, assets or companies, or enter into partnerships, which may also involve the disclosure of data (including your data, for example as a customer or service provider or their representative) to persons involved in such transactions. Data relating to you may also be exchanged in the context of communication with industry organisations, associations and other bodies.

All of these categories of recipients may in turn involve third parties, so that your data may also be made accessible to them.
We also allow certain third parties to collect personal data from you under their own responsibility within our digital services (e.g. providers of tools integrated into our website). These are listed below in section 9.

7. Are your personal data also transferred abroad?

We primarily process and store personal data in Switzerland and in the European Economic Area (EEA), but in exceptional cases – for example via subcontractors of our service providers – potentially in any country worldwide.
If a recipient is located in a country without an adequate level of data protection, we contractually oblige the recipient to comply with an adequate level of data protection (using the revised standard contractual clauses of the European Commission, including the supplements required for Switzerland), unless the recipient is already subject to a legally recognised data protection framework or we can rely on an exception. Such exceptions may apply, in particular, in the case of legal proceedings abroad, overriding public interests, where the performance of a contract in your interest requires such disclosure, where you have given your consent, where obtaining your consent within a reasonable time is not possible and the disclosure is necessary to protect your life or physical integrity or that of a third party, or where the data concerned have been made generally accessible by you and you have not objected to their processing.

8. What rights do you have?

In connection with our data processing, you have certain rights under applicable law. In particular, you may request information about the processing of your personal data, have incorrect personal data corrected, request the deletion of personal data, object to data processing, request the provision of certain personal data in a commonly used electronic format or their transfer to other controllers. If you wish to exercise your rights vis-à-vis us, please contact us using the contact details set out in section 2.

9. How are cookies, similar technologies and social media plug-ins used in our digital services?

When using our digital services, data are generated that are stored in logs (in particular technical data). We may also use cookies and similar technologies (e.g. pixel tags or fingerprints) that are necessary for certain functions in order to recognise users of our digital services, analyse their behaviour and identify preferences. A cookie is a small file transmitted between the server and your system that enables the recognition of a specific device or browser.
You can configure your browser to automatically reject, accept or delete cookies. You can also disable or delete cookies on a case-by-case basis. You can find out how to manage cookies in your browser via the help menu of your browser. In addition, depending on the service used, when you first visit the website you will be informed about the use of cookies for analytical purposes via a data protection preference centre and referred to this Privacy Policy, and – where necessary – your consent will be obtained before cookies are used. In this case, you can also manage the use of cookies via the data protection preference centre. You can access your current settings here.
Certain functions on our website, services and tools are only available if cookies are used. If cookies are blocked, certain website functions, services, applications and tools may not be usable.
Both the technical data we collect and cookies generally do not contain personal data. However, personal data that we or third-party providers commissioned by us store about you (e.g. if you have a user account with us or these providers) may be linked with the technical data or with information stored in or derived from cookies and thus possibly with your person.
We also use social media plug-ins, which are small software components that establish a connection between your use of our digital services and a third-party provider (such as Facebook or LinkedIn). The social media plug-in informs the third-party provider that you have used our digital services and may transmit cookies previously placed by that provider on your web browser. The processing of your personal data is then carried out under the responsibility of that provider in accordance with its data protection provisions. Further information on how these third-party providers use your personal data collected via their social media plug-ins can be found in their respective privacy policies.
In addition, we use our own tools as well as services from third-party providers (which may themselves use cookies) in our digital services, in particular to improve the functionality or content of these digital services, to compile statistics and to place advertising.

10. How do we process personal data on our pages on social networks?

We operate pages and other online presences on social networks and other platforms operated by third parties and process data about you in this context. In doing so, we receive data from you (e.g. when you communicate with us or comment on our content) and from the platforms (e.g. statistics). Platform providers may analyse your usage and process these data together with other data they hold about you. They also process these data for their own purposes (e.g. marketing and market research purposes and for managing their platforms) and act as independent controllers. Further information on processing by platform operators can be found in the privacy policies of the respective platforms.
We currently use in particular the following platforms, where the identity and contact details of the platform operator can be found in the respective privacy policy:

• Instagram
  https://www.instagram.com
  Privacy Policy
• Youtube
  https://www.youtube.com
  Privacy Policy
• LinkedIn
  https://www.linkedin.com
  Privacy Policy
• Tiktok
  https://www.tiktok.com
  Privacy Policy

We are entitled, but not obliged, to review third-party content before or after its publication on our online presences, to delete content without notice and, where appropriate, to report it to the provider of the relevant platform.
Some platform operators may be located outside Switzerland. Information on data transfers abroad can be found in section 7.

11. What else should be taken into account?

We do not assume that the EU General Data Protection Regulation (“GDPR”) is applicable in our case. However, if this should exceptionally be the case for certain data processing activities, this section 11 applies exclusively for the purposes of the GDPR and the data processing activities subject to it.
We base the processing of your personal data in particular on the following legal grounds:

• it is necessary for the initiation and conclusion of contracts and their administration and enforcement (Art. 6(1)(b) GDPR; see section 3),
• it is necessary for our legitimate interests or those of third parties, in particular for the provision of requested services, communication with you or third parties, operation of our digital services, improvement of our electronic offerings and registration for certain offers and services, security purposes, compliance with Swiss law and internal regulations, risk management and corporate governance (Art. 6(1)(f) GDPR; see section 3), as well as for other purposes such as administration, evidence and quality assurance, and other legitimate interests (section 3),
• it is required or permitted by law under EEA law or the law of a Member State,
• you have separately consented to the processing, for example via a corresponding request within our digital services (Art. 6(1)(a) and Art. 9(2)(a) GDPR).

We inform you that we generally process your data for as long as required by our processing purposes (see section 3), statutory retention periods and our legitimate interests, in particular for documentation and evidentiary purposes, or as long as storage is technically necessary (e.g. in the case of backups or document management systems). If there are no legal or contractual obligations or technical reasons to the contrary, we generally delete or anonymise your data after expiry of the storage or processing period in accordance with our usual procedures and our retention policy.
If you do not provide certain personal data, this may result in the related services not being provided or a contract not being concluded. We generally indicate where personal data requested by us are mandatory.
The right set out in section 8 to object to the processing of your data applies in particular to data processing for direct marketing purposes.
If you do not agree with our handling of your rights or data protection, please let us know (see contact details in section 2). If you are located in the EEA, you also have the right to lodge a complaint with the data protection supervisory authority in your country. A list of the authorities in the EEA can be found here.

12. Can this Privacy Policy be amended?

This Privacy Policy is not part of a contract with you. We may amend this Privacy Policy at any time. The version published on this website is the current version; previous versions are replaced by the respective new version.

Last updated: 10 November 2025