Data protection declaration

1. Purpose of this declaration

The confidentiality and protection of your personal data ("data") is of paramount importance. In an ever-changing digital world, where online interactions are multiplying, we are deeply committed to ensuring security and transparency in the management of the data you choose to share with us.

This statement is intended to provide you with a clear and understandable overview of how we process your data, the measures we put in place to protect it, and your rights as a customer. We encourage you to take the time to read this document to understand our data protection practices and how they may affect you.

When you provide us with data relating to other people (for example, members of your family, representatives, stakeholders or other associated persons), we assume that you have the necessary authorisation to do so. We also assume that this data is accurate. Where a duty to inform is in force, it is your responsibility to ensure that such individuals are aware that their data is being passed on and, if necessary, to have informed them in advance by presenting them with this declaration.

2. Who is responsible for data processing?

The data controller is RK Interiors Sàrl ("we" or "us").

You can contact us at

• by e-mail: info@rkinteriors.ch
• by telephone: +41 (0) 79 909 88 48
• by post: Chemin de la Roselière 6, 1165 Allaman.

3. What data do we process about you?

When you interact with our services, browse our website (www.rkinteriors.ch, hereinafter referred to as the "website"), or otherwise contact us, we may process the following data:

• Identity (first name, surname, date of birth, gender).

  This data is kept for up to 10 years after the end of the contractual relationship for legal reasons or as evidence pending the expiry of applicable limitation periods.

• Contact details (postal address, e-mail address, telephone number).

  This data is kept for up to 10 years after the end of the contractual relationship for legal reasons or as evidence pending the expiry of applicable limitation periods.

• Invoicing (amount and due date of invoices, reminders, supporting documents).

  This data is kept for 10 years after the end of each financial year, in accordance with art. 958f of the Swiss Code of Obligations.

• Correspondence (e-mail exchanges, telephone or interview reports, letters).

  This data is kept for up to 10 years after the end of the contractual relationship for legal reasons or as evidence pending the expiry of applicable limitation periods.

• Personal preferences (briefing data, interior design and decoration preferences such as colour codes, materials, etc.).

  This data is only kept for as long as is necessary to achieve the purpose for which it was collected, but for no longer than 10 years after the end of the contractual relationship.

• Human resources (data contained in your application file, extracts from criminal records (if necessary), public data on professional social networks, on the Internet, in the media as well as data provided by references, if you consent to us contacting references and you are authorised to provide us with their contact details beforehand).

  This data is only kept for up to 3 months from the date of rejection of the application.

4. For what purposes do we process your data?

We process your data for the following purposes:

• Preparation, conclusion, management and performance of the contract

  For the purpose of entering into a contract with you or your employer and performing obligations in accordance with the terms of the contract.

  We collect and process data in order to fulfil our contractual obligations towards our customers and other contractual partners (e.g. suppliers, service providers, project partners) and, in particular, to provide and demand the contractual services. To this end, we process in particular the data that we have received or collected to date in the course of initiating, concluding and fulfilling the contract, as well as data that we compile in the course of providing our contractual services or that we collect from public sources or other third parties.

• Communication

  We process data so that we can communicate with you or with third parties by any appropriate means and answer your questions about our services, offer you our services and assistance, and register complaints.

• Marketing

  We may send you informative, commercial or promotional communications (marketing, newsletters) through the channels you have chosen, where appropriate, and carry out profiling combining different data in order to better understand your interests and preferences among our services. Some processing for marketing purposes involves communicating your data to contractual partners. You may object to this processing for marketing purposes at any time, free of charge.

• Contacting partners

  We may communicate your data to our contractual partners so that they can contact you in order to provide the services.

• Improving our services

  We may process your data in order to improve our services, our products and our commercial activities by means of market research, satisfaction surveys, analysis of your browsing on our site, your interactions with our profiles on social networks, your use of our services and any other feedback linked to our services or contractual relations.

• Compliance with legislation and internal regulations

  We collect and process data in order to comply with applicable laws (e.g. tax obligations, our professional obligations or the fight against money laundering), self-regulations, certifications, industry standards, our internal regulations as well as for internal and external investigations to which we are party (e.g. by a criminal prosecution or supervisory authoritý or a mandated private body).

• Risk analysis and safety measures

  We may need to process your data in order to analyse risks, detect misuse, implement security measures and check that these measures are effective.

• Risk management and business management

  We collect and process data for risk management purposes, in particular to guard against malicious acts, and for the proper conduct of our business. This includes organisational structuring (e.g. resource planning) and the strategic development of the business, including transactions such as the acquisition or disposal of business segments or entire entities. This includes analyses of contractual data, registration data and technical data, as well as behavioural and communication data.

• Applying for a job

  When you apply for a job, we collect and process your data in order to assess your application, manage the recruitment process and, if your application is successful, prepare and conclude a contract.

• How our website works

  To ensure secure and smooth browsing on our website, we collect technical data such as your IP address, operating system details and device configurations. We also note your region, times of use and the nature of your browsing. In addition, we use cookies and similar technologies, including Google Analytics, whose privacy policy can be found via the following link: https://policies.google.com/privacy

• Exercising your rights

  We may need to process your data in order to respond to your questions and requests relating to data protection, in particular when you wish to exercise one of your rights under the law.

5. Where does your data come from?

• From you

  The majority of the data we process is provided to us directly by you, whether as part of a contract, in connection with our services, when using our website, or in your dealings with us. Although you are not obliged to provide us with this data, except in certain specific situations (such as legal requirements), providing it is essential if you wish to benefit from our services or enter into a contract with us. Similarly, access to our website requires certain data to be processed.

• Third parties

  We may also collect data from public sources (such as the debt enforcement register, the commercial register, various media or the Internet, including social platforms) or receive it from (i) various authorities, whether based in Switzerland or abroad, (ii) your employer, in the event that he/she has a professional relationship with us or is linked to us in any other way, and (iii) other third parties (such as our customers, commercial information agencies, address providers, associations, collaborative partners or online analysis services). This includes data that we process in connection with a contractual relationship, whether before, during or after the formation of a contract, data from exchanges and discussions with third parties, as well as all the other categories of data mentioned in point 3.

6. What are the legal bases for processing your data?

The majority of the processing operations we carry out are essential for the conclusion, performance and termination of our contracts with you. Without such processing, we would not be able to provide the services we promise in accordance with our agreements.

Other processing operations are based on our legitimate interests or those of third parties. This applies in particular to processing for marketing, security, statistical and market research purposes. This is also the case for the protection of our legal interests and the management of disputes, in particular those outside the contractual framework.

Certain processing operations are dictated by legislation, whether Swiss or international. If such processing is not explicitly required by law, it is based on our legitimate interest in complying with the legislation applicable to us.

If we need your consent for certain processing (such as for certain marketing purposes), it will form our legal basis. In these cases, we will tell you which processing operations require your consent and you will always be able to give or refuse it. We will inform you of the implications of refusing consent. Although you may consent, you also retain the right to revoke this consent at any time, simply and without having to give any reasons. This revocation will take effect for future processing operations without affecting those carried out prior to the revocation. If consent is withdrawn, the processing concerned will cease, unless it is based on another legal ground, such as our legitimate interest.

7. Do we take automated individual decisions?

We do not take automated individual decisions.

8. Is your data processed for profiling purposes?

We do not engage in profiling activities.

9. Who do we pass your details to?

In connection with our contractual relationship with you and for the purposes set out in point 4 above, we may share some or all of your data with the recipients listed below:

• Contractual partners

  We work with partners to guarantee the services stipulated in the contracts between you and us. As a result, we only pass on to them the data concerning you that is strictly necessary for the performance of their services.

  These partners are:

  • Advertising agencies
  • Architects
  • Lessors
  • Brokers
  • Electricians
  • Suppliers
  • Cloud hosts
  • Installers
  • Delivery drivers
  • IT and technical service providers
  • Repairers
  • Construction companies
  • Collection companies
  • Freight forwarding company

• Service providers

  We work with various service providers who help us to process certain data and carry out certain activities.

  This includes IT service providers, debt collection services, transport companies, marketing agencies, cleaning services, financial and legal service providers (e.g. banks, insurers, financial intermediaries, online payment services, trustees and lawyers).

  These service providers may operate in accordance with our instructions as subcontractors, act as joint data controllers when they work closely with us on certain processing operations, or act as separate data controllers if we send them data to be processed for their own purposes.

• Authorities

  When the legal framework obliges us to do so, when we are authorised to do so or in order to protect our interests, we pass on data about you to Swiss or international authorities.

When we share your data with partners acting as subcontractors, we check whether they pass this data on to other third parties. In this context, we seek guarantees on these exchanges, paying particular attention to their justification and security. Where appropriate, we may restrict the way in which certain sub-contractors process your data. However, for certain recipients operating as independent data controllers, specifically the authorities, these checks and limitations may not be applicable.

10. Do we transfer your data abroad?

We work with service providers and partners based outside Switzerland. For the purposes set out in point 4 above and in compliance with the legislation in force, we transmit data about you to them.

We will transfer data:

• Brazil, because we may use service providers or partners located in these countries, particularly for marketing, architecture or development of our website.

When we transmit data to a recipient in a country without an adequate level of data protection, we contractually ensure that this data receives sufficient protection. We base this on the European Commission's standard contractual clauses, adjusted for Switzerland. Certain transfers may be carried out without these guarantees if legal exceptions apply, such as overriding public interests, legal proceedings abroad or the performance of a contract in your interest.

We would like to point out that, even for data transfers within the same country, due to the technical nature of the Internet, this data may transit through other countries. These transits are beyond our control.

11. How long do we keep your data?

We retain your data for as long as is necessary to fulfil the purposes of each processing operation. This includes both legal retention obligations and periods we have established to defend our interests, such as corporate governance and the preservation of evidence. Once these periods have elapsed, your data is either rendered anonymous or destroyed. The precise retention periods for each type of data are detailed in point 3.

12. How do we protect your data?

To ensure the protection of your data, we adopt technical, organisational and legal strategies tailored to the risks associated with our operations and the nature of the data processed. The security and confidentiality of your data are at the heart of our concerns, and we are committed to continually improving these systems to guarantee you optimum protection.

We also train our employees in our data confidentiality policies and procedures and allow authorised employees access to your data on a need-to-know basis, insofar as this is necessary for the performance of their duties.

13. What are your rights?

You have the following rights with regard to the processing of your data:

• Request information

  You can request details of how we process your data and obtain a copy of it.

• Corrections and additions

  If you identify incorrect or incomplete data, you have the right to ask us to rectify or complete it.

• Deletion request

  You may ask us to delete your data, unless we have a legal obligation or legitimate interest not to do so.

• Limiting treatment

  In certain situations, you may ask us to limit the processing of your data.

• Revocation of consent

  If our processing is based on your consent, you may revoke it at any time, which will affect future processing.

• Opposition to processing

  You may object to our processing, in particular for advertising purposes. If our processing is based on another legal basis or a legitimate interest, we may continue processing despite your objection.

• Data portability

  For data processed automatically by virtue of consent or a contract, you may ask us for a copy of your data in a current electronic format or for it to be forwarded to another data controller.

• Automated decision-making

  If we make an automatic decision about you, you can ask us to review this decision and obtain human intervention.

• Challenging our practices

  If you have any concerns about our processing of your data or the way in which we respond to your requests, you can contact us, the competent authority (the Federal Data Protection Commissioner in Switzerland) or lodge a complaint with them.

To exercise your rights in relation to your data, you can contact us directly as mentioned above in point 2. We may need additional data to confirm your identity, including a valid copy of an official identity document. To speed up the process, please be specific about the right(s) you wish to assert and their scope.

To save money and reduce paper consumption, we prefer to provide your data in digital format. If handling your request involves disproportionate effort, we may, in accordance with legal regulations, request a financial contribution (up to a maximum of CHF 300). In this case, we will inform you in advance to obtain your opinion.

14. Can this declaration be amended?

This declaration may be updated from time to time. The version available on our website is always the most up-to-date and takes precedence over any previous version or any contrary data protection provision.

Last update: 12.04.2024