Contact
Best insurance broker Switzerland md GmbH
Occupational pensions md GmbH insurance broker
Property insurance md Gmbh insurance broker

Privacy policy

md GmbH, Obertor 35, 8400 Winterthur, Switzerland, is responsible for the data processing described in this privacy policy (hereinafter also referred to as “we”, “us” and “our”).

In this privacy policy, we describe which personal data we process in connection with our website(www.mdgmbh.ch) and our other services. In particular, you will find out which personal data we process, for what purpose, how and where, and what rights you have in this regard.

With regard to data protection on third-party websites that are linked to our website – and which lie outside our area of responsibility and liability (see the separate terms of use of this website) – we refer to the data protection declaration on the respective websites.

We process personal data in accordance with the provisions of the relevant regulations, primarily the Swiss Data Protection Act (DSG).
We may amend this privacy policy at any time. The version published on this website is the current version.

Personal data that we process

In connection with the data processing mentioned above, we process various categories of personal data about you, the most important of which are as follows:

  • Technical data: When you use our website, we collect the IP address of your end device and other technical data to ensure the functionality and security of these offers. This data also includes logs in which the use of our systems is recorded. As part of the technical data, in addition to the IP address, we also collect information about the operating system of your end device, the date, region and time of use and the type of browser you use to access our website. This can help us to transmit the correct formatting of the website and serves to promote a smooth connection setup, convenient use of the website, evaluation of system security and stability and other administrative purposes. To ensure the functionality of these offers, we can also assign an individual code to you or your end device (e.g. in the form of a cookie, see section 3 below). The technical data itself does not allow any conclusions to be drawn about your identity. For example, we know from the IP address which provider you use to access our offers (and therefore also the region), but we cannot generally deduce who you are from this. We generally store technical data for 7 days. Technical data whose further retention is required for evidentiary purposes is exempt from deletion until the respective incident has been finally clarified.

  • Communication data: If you are in contact with us (e.g. via e-mail, telephone, fax or letter), we collect the data exchanged between you and us, including your contact details and the marginal data of the communication. This includes your name and contact details, the manner, place and time of communication and, as a rule, its content (i.e. the content of e-mails, letters, etc.). This data may also contain information about third parties. If we want or need to establish your identity, e.g. if you request information (see section 7 below), we collect data to identify you (e.g. a copy of an identity document). We use this data to process your request. We generally store this data for 12 months from the last exchange with you. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or for technical reasons. E-mails in personal mailboxes and written correspondence are generally stored for the duration of the business relationship and for at least 10 years after it ends.

  • Client-related data: We refer to client-related data as data that we collect in connection with the processing of your inquiry, other business relationships or for marketing and advertising purposes, and which is not communication data. This includes information about contracts and policies and the services to be provided or provided, as well as data from the run-up to the conclusion of a contract, the information required or used for processing, e.g. gender, date of birth, nationality, details of related persons, employer, position, title, billing and payment information, customer history and customer service, information that you or the other persons named below have provided to us in connection with the processing of the order (which may also include information relating to medical treatment) or which we create as part of our services to you. We receive some of this data from you (e.g. if you are a client or other business contact or work for one), but also from third parties (e.g. pension funds, employers), from public registers (e.g. debt collection register, credit information, land registers, commercial register, press, Internet), from official and court proceedings, from correspondence and meetings with third parties and from people in your environment (family, advisors, legal representatives, doctors, banks, insurance companies, etc.). As a rule, we store this data for 10 years from the last contractual activity, but at least from the end of the contract. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or for technical reasons.

  • Other data: We also collect data from you in other situations, e.g. in connection with recruitment processes and to advertise our services and maintain relationships.

Purpose of data processing

  • to communicate with you, in particular to respond to inquiries and to contact you in the event of queries;
  • for the initiation, administration and processing of contractual relationships, primarily in order to offer, broker or conclude and process contracts, in particular insurance and pension contracts, with existing or interested customers, insured persons, business partners and other persons involved;
  • for the assertion of legal claims and defense in connection with legal disputes and official proceedings;
  • to carry out the recruiting process in the context of applications for advertised positions;
  • to comply with laws, directives and recommendations from authorities and internal regulations (“compliance”);
  • for security purposes;
  • for the purposes of our risk management and as part of prudent corporate governance, including business organization and corporate development;
  • to provide you and our clients with our services and to improve them;
  • to maintain, provide and improve our website, including monitoring it;
  • to advertise our services and maintain relationships (advertising and marketing, including the organization of events);
  • for other purposes, e.g. as part of our internal processes and administration, the purchase and sale of business divisions, companies or parts of companies and other transactions under company law.

If we ask for your consent for certain processing, we will inform you separately about the corresponding purposes of the processing. You can revoke your consent at any time with effect for the future by sending us written notification (by post) or, unless otherwise stated or agreed, by e-mail; you will find our contact details under Section 8 below. Once we have received notification of the withdrawal of your consent, we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.

Where we do not ask for your consent for processing, we base the processing of your personal data on the fact that the processing is necessary for the initiation or execution of a contract with you (or the body you represent) or that we or third parties have a legitimate interest in it, in particular in order to pursue the purposes described above and the associated objectives and to be able to carry out corresponding measures. Our legitimate interests also include compliance with statutory provisions, insofar as this is not already recognized as a legal basis by the applicable data protection law. However, this also includes the marketing of our services, the interest in better understanding our markets and the safe and efficient management and further development of our company, including its operations.

If we receive sensitive data (e.g. health data), we may also process your personal data on the basis of other legal grounds, e.g. in the event of disputes due to the necessity of processing for any legal proceedings or the enforcement of or defense against legal claims. In individual cases, other legal grounds may apply, which we will communicate to you separately if necessary.

Online tracking services (cookies), which are collected by third parties.

We use technologies on our website with which we and third parties engaged by us can recognize you when you use it and, under certain circumstances, track you over several visits. Essentially, this enables us to distinguish your access (via your system) from access by other users so that we can ensure the functionality of the website and carry out evaluations and personalization. We do not want to infer your identity. However, even without registration data, the technologies used are designed in such a way that you are recognized as an individual visitor each time you access a page, for example by our server (or the servers of third parties) assigning you or your browser a specific identification number (so-called “cookie”). Cookies help in many ways to make your visit to our website easier, more pleasant and more meaningful.

You can program your browser to block or deceive certain cookies or alternative technologies or delete existing cookies. You can also add software to your browser that blocks tracking by certain third parties. Further information on this can be found on the help pages of your browser (usually under the heading “Data protection”). On the following pages you will find explanations of how you can configure the processing of cookies in the most common browsers:

Microsoft Edge

Mozilla Firefox

Google Chrome for desktop

Google Chrome for Mobile

Apple Safari for Desktop

Opera for desktop

In addition, a general objection to the use of cookies can be declared for a large number of services – especially in the case of tracking – via Your Online Choices (European Interactive Digital Advertising Alliance, EDAA), Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or AdChoices (Digital Advertising Alliance Of Canada).

Only necessary cookies are currently used on our website, i.e. cookies that are necessary for the functioning of the website as such or certain functions. These cookies are only temporary (“session cookies”). If you block them, the website may not work or may not be displayed correctly. Other cookies are necessary so that the server can save decisions or entries made by you beyond a session (i.e. a visit to the website) if you use this function (e.g. selected language). These cookies have an expiry date of up to 12 months.

Data transfer and data transmission abroad

In connection with the website, our contracts, services and products, our legal obligations or otherwise to protect our legitimate interests and the other purposes listed in Section 2, we also transfer your personal data (which may also include health data) to third parties, in particular to the following categories of recipients:

  • Service providers: We work with service providers who process personal data about you on our behalf or under joint responsibility with us or who receive data about you from us under their own responsibility (e.g. insurers and reinsurers, banks, debt collection agencies, credit agencies, IT providers, advertising service providers);
  • Business partners including customers: This initially refers to customers and other contractual partners of ours because this data transfer arises from these contracts, in particular insurance companies, pension and vested benefits institutions. The recipients also include contractual partners with whom we cooperate or who advertise for us and to whom we therefore transmit data about you for analysis and marketing purposes (these may in turn be service recipients, but also sponsors and providers of online advertising, for example). We require these partners to only send you advertising or display it based on your data if you have consented to this;
  • Public authorities: We may disclose personal data to offices, courts and other authorities in Switzerland and abroad if this is necessary for the performance of a contract or if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The authorities process data about you that they receive from us on their own responsibility;
  • Other persons: This refers to other cases where the involvement of third parties arises from the purposes set out in section 2, e.g. industry organizations, associations, organizations and other bodies, other parties in potential or actual legal proceedings as well as acquirers or parties interested in acquiring business divisions, companies or other parts of us.

All these categories of recipients may in turn involve third parties, so that your data may also become accessible to them. We can restrict the processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities, banks, etc.).

The third parties to whom we transfer your personal data may also be located abroad. If a recipient is located in a country without adequate statutory data protection, we contractually oblige the recipient to comply with the applicable data protection law, unless the recipient is already subject to a legally recognized set of rules to ensure data protection and we cannot rely on an exemption provision. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the performance of a contract requires such disclosure, if you have given your consent or if the data in question has been made generally accessible by you and you have not objected to its processing.

Data security

We take reasonable security measures to maintain the confidentiality, integrity and availability of your personal information, to protect it against unauthorized or unlawful processing, and to protect against the risks of loss, accidental alteration, unauthorized disclosure or access.

Duration of the retention of personal data

We process your data for as long as our processing purposes, the statutory retention periods and our legitimate interests in processing for documentation and evidence purposes require or storage is technically necessary. Further information on the respective storage and processing periods can be found in the individual data categories in Section 1. If there are no legal or contractual obligations to the contrary, we will delete or anonymize your data after the storage or processing period has expired as part of our normal processes.

Your rights

Right to information, access and rectification. You have the right to information and the right to check and correct all your personal data stored by us if you believe it is incorrect or incomplete. You also have the right to object to the processing, to restrict the processing, to have the data deleted or to have the data transferred. Please note that these rights are subject to conditions, exceptions or restrictions under the applicable data protection law (e.g. to protect third parties or business secrets); in individual cases, the right to erasure may be excluded, e.g. if statutory reporting, archiving or retention obligations conflict with this. We will inform you accordingly if necessary. The collection of data for the provision of the website (website accessibility/session cookies) and the storage of data in log files is also absolutely necessary for the operation of the website, which is why there is no possibility of objection in this respect.

So that we can rule out misuse, we must identify you (e.g. with a copy of your ID, if this is not otherwise possible). If you incur costs, we will inform you of this in advance.

Right to withdraw your consent. You are entitled to withdraw your consent to the use of your personal data at any time with effect for the future (see also section 2 above).

Right to lodge a complaint. If you do not agree with our data processing, you can report this to the federal and/or cantonal data protection officer.

Contact

For inquiries in connection with the processing of personal data and to exercise rights, please contact:

md GmbH
Obertor 35
8400 Winterthur

P.O. Box 2095
8401 Winterthur

E-mail:

Back