Privacy Policy

TALOS Management Consultants

At TALOS Management Consultants in Zurich and Luxembourg (hereinafter collectively ‘TALOS´), we attach great importance to our user privacy. We carry out the nature, scope and purpose of the collection and processing of your personal data in accordance to the General Data Protection Regulation (GDPR). Definitions of the terms used in our privacy policy can be found in Art.4 GDPR.
Please review this policy regularly, as it may be updated from time to time.

1. GENERAL PURPOSE OF PROCESSING
The personal information we use is only necessary for specific reasons, such as recruitment or operating the websites. In the following you will find (i) a description of the purposes for which TALOS uses your personal information and (ii) the legal basis for each of these.
TALOS uses your personal information for business and/or recruitment purposes in order to recruit the appropriate and right employees and to serve our customers needs in the best way possible. We upgrade the safety and purpose of our website by guaranteeing you an outstanding visitor experience, while assuring secure network and information. The data analysis will be used to establish a genuine conduct of business.
We ensure transparency in processing, use the concept of “privacy by design”, review our privacy policy regularly and use your personal information only for the reason for which you were informed of. In case you would like to receive more information about our legal basis of processing, please contact us at dataprotection@talos-consultants.com.

2. WHAT DATA WE USE AND WHY
2.1. Hosting
We use hosting services which provide us with infrastructure and platform services, storage services, database services and security and technical maintenance services to operate the website.

TALOS or our hosting provider process contract data, usage data, meta and communication data of visitors to our websites based on our legitimate interests in an efficient and secure provision according to Art. 6 para. 1 p. 1 f) GDPR and Art. 28 GDPR.

2.2. Access data
We store IP addresses for a limited period of time (90 days) and if we have a specific suspicion of a crime in connection with the use of our websites. We will delete the IP address if it is no longer required for security purposes.

2.3. Range measurement & cookies
Our websites may use cookies in accordance with Article 6 para. 1 sentence 1 f) of the GDPR to make their websites more user-friendly, effective and secure. A ’cookie‘ is a technology, which allows our websites to store information about your tracking patterns, while using our websites. It is assigned an identification number, but will not store personal data i.e. name, IP address or similar data to this identification number. These cookies help our site to recognize your computer when you return to our websites. They are stored on your hard drive and delete themselves after one month to ten years.

2.4. E-mail contact
When you contact us (e.g. via contact form or e-mail), we use your information for the processing of the request and eventual follow-up questions.
We process additional personal data if you agree to it (Article 6 (1) sentence 1 a) GDPR) or if we have a legitimate interest in the processing of your data (Article 6 (1) sentence 1 f) GDPR), e.g. in response to your e-mail.

3. COLLECTION AND PROCESSING OF PERSONAL DATA
Our site operator collects, uses and transfers your personal data only if this is permitted by law or if you consent to the collection of data.
We collect information to identify your person i.e. your last name, your surname, your e-mail address, your telephone number, your place of residence and your zip code.
In some cases, the data will be stored by us for legal purposes i.e. tax law, but not otherwise processed and deleted after expiration of the statutory retention period.

4. YOUR RIGHTS AS DATA CONTROLLER
Under applicable law, you have the following rights regarding your personal data:

• Right to confirmation and information
• Right to rectification
• Right to cancellation (“right to be forgotten”)
• Right to restriction of processing
• Right to data portability
• Right to object
• Right to revoke a data protection consent
• Right to complain to a supervisory authority

4.1. Right to confirmation and information
You can obtain the confirmation from TALOS whether data relating to your person is being processed and ask us to delete such information. This implies as well, that you can ask for a copy of this data. You have the right to receive the following information:

1. The processing purposes
2. The categories of personal data being processed
3. The planned duration or criteria of determination for which the personal data has been stored
4. The recipients or categories of recipients to whom the personal data has been or are being disclosed i.e. recipients in third countries or international organisations
5. If the personal data is not collected from you, all available information about the source of the data

4.2. Right to rectification
You have the right to request the rectification of inaccurate personal data and get incomplete data completed.

4.3. Right to cancellation ("right to be forgotten")
According to Art. 17 (1) GDPR, you have the right to ask us to delete your personal data without delay. We are obliged to delete your personal data immediately if one of the following reasons applies:

1. The personal data is no longer necessary for the purposes for which they were collected or processed
2. You revoke their consent on which the processing was based in accordance with Article 6 (1) sentence 1 a) GDPR or Article 9 (2) (a) GDPR where there is no other legal basis for the processing
3. You object to the processing and there are no prior justifiable reasons for the processing in accordance with Art. 21 para. 1 GDPR, or you object to the processing according to Art. 21 (2) GDPR
4. The personal data was processed unlawfully
5. The deletion of personal data is required to fulfil a legal obligation under national law
6. The personal data was collected in relation to information society services offered pursuant to Art. 8 (1) GDPR

4.4. Right to restriction and processing
You have the right to require us to restrict the processing of your personal data if any of the following conditions apply:

1. The processing is unlawful and you have objected to the deletion of personal data and have instead requested the restriction of the use of personal data
2. The accuracy of your personal information is contested by you for a period of time that allows us to verify the accuracy of your personal information;
3. We no longer need your personal data for the purpose of processing, but you need the data to assert, exercise or defend your rights, or

4. You have objected to the processing according to Art. 21 (1) GDPR, as long as it is not certain that the justified reasons of our company outweigh yours.

   5. RIGHT TO DATA PORTABILITY
   You have the right to receive the personal data you provide to us in a structured, common and machine-readable format. Furthermore, TALOS has the right to submit that data to another person without barriers, unless

5. The processing is based on an agreement pursuant to Art. 6 Abs. 1 S. 1 a) GDPR or Art. 9 Abs. 2 a) GDPR or to the contract to Art. 6 Abs. 1 S. 1 b) GDPR and
6. the processing is done using automated procedures

6. RIGHT TO OBJECT
You have the right to object at any time to the lawfully processing of personal data concerning you pursuant to Article 6 (1) sentence 1 (e) or (f) GDPR for several reasons e.g. profiling. We process information only when we can demonstrate compelling legitimate grounds for processing that outweigh your interests.
You have the right, for reasons arising from your particular situation, to object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes under Article 89 (1) of the GDPR Unless the processing is necessary to fulfil a public interest task.

7. RIGHT TO REVOKE A DATA PROTECTION CONSENT
You have the right to revoke your consent to the processing of personal data at any time.

8. RIGHT TO COMPLAIN TO YOUR SUPERVISORY AUTHORITY
You have the right to complain to a supervisory authority in your country, place of work or the place of the alleged infringement, if you believe that the processing of your personal data is unlawful.

9. USE OF SOCIAL MEDIA PLUGINS FROM LINKEDIN
Due to our legitimate interest in the analysis, optimization and operation of our online services (within the meaning of Art. 6 (1) lit. GDPD), these websites us the LinkedIn Social Plugin, which has been published by LinkedIn Corporation (2029 Stierlin Ct., Ste 200 Mountain View, CA 94043, USA). You can see the integrations on the "LinkedIn" button.
The plugin creates a direct connection between your browser and the LinkedIn servers. The websites operator has no influence on the content of the data that the plugin transmits to LinkedIn Corporation's servers. The plugin informs LinkedIn Corporation that you, as a user, have visited this site. It is possible that your IP address will be saved. If you use the functions of the plugin i.e. sharing or "liking" a post, the corresponding information will also be transmitted to LinkedIn Corporation. To prevent LinkedIn Corporation from linking this information to your LinkedIn account, please log out of LinkedIn before visiting these websites and delete your stored cookies.

10. DATA SECURITY
We make every effort to ensure the security of your data within the framework of applicable data protection laws and technical possibilities.
Your personal data will be transmitted using an encryption. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the Internet (for example, when communicating by e-mail) may have security vulnerabilities. A complete protection of the data from access by third parties is not possible.
To protect your data, we maintain technical and organizational security measures in accordance with Art. 32 GDPR.
We also do not warrant that our websites will be available at specific times, i.e. disturbances, interruptions or failures cannot be excluded. The servers we use are regularly backed up.

11. DISCLOSURE OF DATA TO 3RD PARTIES, NO DATA TRANSFER TO NON-EU COUNTRIES
We use your personal data within our company. If we engage 3rd parties in the performance of contracts (such as freelancers), they will receive personal data only if the transmission is required for their tasks. The transmission of data to persons outside the EU does not take place and is not planned.

12. CONTACT
Please contact dataprotection@talos-consultants.com if you:
have a general question about the protection of your personal data by TALOS,
wish to exercise the rights you have in relation to your personal information, or
have a complaint about the use of your personal data by TALOS.