Unia (hereinafter also referred to as «we», «us») collects and processes personal data concerning you or other individuals («third parties»). A contractual relationship with Unia is not necessarily required; the data may also concern individuals who are interested in becoming members of Unia, for example, through events, membership recruitment, etc. In this context, we use the term «data» interchangeably with «personal data» as defined by the relevant data protection law. The term «Unia» also encompasses majority-controlled subsidiary companies (e.g., Unia Viva AG, Zivag Verwaltungen AG), as well as associated entities, institutions (e.g., foundations and associations), and legal collectives (e.g., partnerships). Terms such as «personal data,» «processing,» or «particularly sensitive personal data» carry the meanings defined in the law (refer to the description in Art. 5 FADP). We explicitly inform you that details regarding union membership are categorized as especially sensitive under the law, leading to these personal data being subject to special protection.
You can contact us for your data protection concerns and the exercise of your rights according to paragraph 11 as follows:
Unia – The Union Weltpoststrasse 20 3000 Bern 16
We process various categories of data about you. The main categories are as follows:
Many of the 3 data mentioned in this section are provided by you directly (for instance, through forms, during communication with us, in relation to contracts, while using the website, etc.). You are not obliged to do so, except for individual cases, such as within the scope of mandatory protection concepts (legal obligations). Moreover, if you engage in contracts with us or intend to access our services, you are also obligated, as part of your contractual commitment as per the relevant agreement, to provide us with data, specifically basic, contract, and registration data. When utilizing our website, the processing of technical data is inevitable. If you wish to gain access to specific systems or buildings, you are required to provide us with registration data.
Where permitted, we also retrieve data from publicly accessible sources (such as debt registers, land registers, commercial registers, media, or the internet, including social media) or receive data from other companies within our group, authorities, and other third parties (such as credit agencies, associations, contracting partners, internet analytics services, etc.).
We would like to draw your attention to the fact that the aforementioned time periods for retention apply only to personal data under our control, meaning those we can process ourselves. This, for instance, does not apply to personal data stored on social media platforms (such as communication data on Facebook, Twitter, WhatsApp, etc.) or on tools such as Google Analytics. In such cases, Unia lacks the authority to influence the duration of data retention. Our capacity is limited to deleting analyses we have carried out (such as PDF files), whereas we are unable to remove data stored on external tools or platforms. Unia is not responsible for the way data is collected, stored, and processed; this responsibility solely rests with the respective third parties (operators of social media platforms, Google, etc.). Corresponding requests, in particular for insight, information, correction and deletion, should be sent directly to the respective operator (cf. also the sections 7, 12 and 13 below).
Furthermore, the Unia Unemployment Insurance Fund (ALK), a division of Unia, is bound by this Privacy Statement (DSE). However, different retention periods may be required by specific legal regulations (for example, AVIG).
Unia can also use your AHV number, which it receives from third parties (e.g. Prevhor, Foundation of the Swiss Watch and Microtechnology Industry for Pension Provision, or Unia Viva AG), or which has been provided by you (e.g. as part of membership recruitment).
We process your data for the purposes we explain below. Further instructions for the online area can be found in sections 12 and 13 below. These purposes, or the underlying objectives, represent legitimate interests of ours and, when applicable, of third parties. You can find further information about the legal basis for our processing in sections 5.
We process your data for purposes related to communicating with you, particularly for responding to inquiries and asserting your rights (section 11), and to get in touch with you for further questions. For this purpose, we mainly utilize communication data and basic data, and in conjunction with the services and offerings you make use of, registration data as well. We store this data to document our communication with you, for training purposes, quality assurance, and follow-up inquiries.
We process data with the intention of initiating, managing, and executing contractual relationships, membership relations, contract partnerships (such as within the context of Joint Commissions), and the oversight and enforcement of labour-related measures (especially collective labour agreements).
Additionally, we process data for marketing objectives and relationship management, including the dispatch of personalized advertisements to our members, interested parties, and contracting partners, featuring products and services from us and third parties (e.g., discounted travel and vacations via Reka). This can happen, for instance, through venues like newsletters and other regular communications (electronically, via post, over the phone), across other channels for which we possess your contact details, and also as part of specific marketing initiatives (such as events, information sessions, surveys, contests, etc.). It could also involve complimentary offerings (such as invitations). With your consent, we can target our online advertising on the internet more specifically towards you (see section 13). Finally, we also aim to enable our contracting partners to address our members and other contracting partners for advertising purposes and the execution of our services (refer to section 7).
As part of relationship management, we can also operate a Customer Relationship Management system («CRM») where we store essential data for managing relationships with members, suppliers, and other business partners. This data includes contact persons, relationship history (such as services provided or received, interactions, etc.), interests, preferences, marketing efforts (newsletters, event invitations, etc.), and additional information.
All of these processes are important for us not only to effectively promote our offerings but also to make our relationships with you more personal and positive. This allows us to focus on the most significant relationships and use our resources as efficiently as possible.
We continue to process your data for market research purposes and to enhance our services and operations.
We strive to continually improve our services (including our website) and to quickly respond to changing needs. Therefore, we analyse, for instance, how you navigate through our website, which products are used by different groups of people and in what manner, and how new services can be designed (for further details, see section 12). We process basic, behavioural, and preference data, as well as communication data and information from member surveys, surveys, studies, and other sources such as media, social media, the internet, and other public sources, primarily for this purpose. Whenever possible, we use pseudonymized or anonymized information for these purposes. We can also use media monitoring services or conduct media monitoring ourselves, processing personal data in order to engage in media activities or to understand and respond to current developments and trends.
We may also process your data for security purposes and access control.
We continuously assess and enhance the appropriate security of our IT and other infrastructure (such as buildings). Like all companies, we cannot completely eliminate data security breaches, but we do our utmost to mitigate the risks. Therefore, we process data for purposes such as monitoring, controls, analyses, and testing of our networks and IT infrastructures, for system and error checks, for documentation purposes, and within the scope of security backups. Access controls include both electronic system access control (e.g., logging into user accounts) and physical access control (e.g., building entries). For security purposes (both preventive and for incident investigation), we maintain access logs and visitor lists.
We process personal data to comply with laws, directives, and recommendations from authorities, as well as internal regulations («compliance»).
In certain cases, we may be obliged to conduct specific inquiries about members («Know Your Customer») or to report to authorities. Fulfilling disclosure, information, or reporting obligations, for instance, in connection with supervisory and tax-related duties, requires or entails data processing. This includes fulfilling archiving obligations and preventing, detecting, and investigating criminal offenses and other violations. This includes receiving and processing complaints and other reports, monitoring communication, conducting internal investigations, or disclosing documents to an authority when we have sufficient grounds or are legally obligated to do so. In external investigations, such as those conducted by law enforcement or regulatory authorities or by an appointed private entity, your personal data may also be processed. For all these purposes, we primarily process your basic data, contract data, and communication data, and under certain circumstances, behavioural data and data from the categories of Other Data as outlined in section 3. Legal obligations can include Swiss law as well as foreign regulations to which we are subject. This also includes self-regulations, industry standards, our own corporate governance, and official instructions and requests.
We also process data for the purposes of our risk management and as part of prudent corporate governance, including operational organization and business development.
Whenever we request your consent for specific processing (such as the processing of particularly sensitive personal data, marketing mailings, and behavioural analysis on the website), we will provide you with separate information regarding the respective purposes of the processing. You can revoke your consent at any time by sending a written notification (by mail) or, unless otherwise specified or agreed, by sending an email to us, effective for the future. The contact details are provided in paragraph 2. For revoking your consent regarding online tracking, refer to section 13 (and also sections 5 and 11). If you have a user account, you can initiate a withdrawal or get in touch with us through the relevant website or applicable service. You can always utilize the 'opt-out' option to unsubscribe from newsletters. Upon receiving notification of the withdrawal of your consent, we will halt the processing of your data for the purposes to which you initially agreed, unless there exists an alternative legal basis for such processing. The revocation of your consent does not impact the legality of processing that was conducted based on the consent prior to its withdrawal.
In cases where we do not seek your consent for processing, we rely on the necessity of processing your personal data for the initiation or fulfilment of a contract or other legal relationship (such as membership with Unia) involving you (or the entity you represent).
lternatively, we may rely on the fact that we or third parties have a legitimate interest in such processing. This specifically includes the pursuit of the purposes and related objectives outlined in paragraph 4 , along with the implementation of necessary actions to attain these objectives. One of our legitimate interests is also the compliance with legal regulations, to the extent that these are not already acknowledged as legal bases by the applicable data protection laws. This further includes the marketing of our services, the aim of better understanding our members and their requirements, and the secure and efficient management and advancement of our organization, including its operations.
When we receive sensitive data (such as health information, details about political, religious, or philosophical beliefs, measures of social assistance, criminal and administrative proceedings or sanctions, or biometric data for identification), we may process your data based on other legal grounds as well. For example, in case of disputes, we might process the data out of necessity for potential legal proceedings or the enforcement or defence of legal claims. In specific cases, different legal bases might be applicable, and we will communicate this separately as needed.
We have the ability to evaluate specific personal attributes of yours for the purposes outlined in section 4 utilizing your data (refer to section 3) using automated methods («profiling»). This includes the assessment of preference data, as well as the identification of misuse and security risks, the execution of statistical analyses, and the facilitation of operational planning purposes. For the same purposes, we can also create profiles, meaning we can combine behavioural and preference data, as well as basic and contractual data and associated technical data, to better understand specific behaviours related to your interactions with us.
In relation to our contracts, membership management, website, services, legal obligations, or for the protection of our legitimate interests and the additional purposes mentioned in section 4 , we may share your personal data with third parties, particularly with the following categories of recipients:
Other receiving parties include, for instance, alternate recipients for deliveries or external payees designated by you, as well as other third parties within the scope of representation relationships (such as when we provide your data to your lawyer or bank), or individuals involved in governmental or court proceedings. If we collaborate with media outlets and share materials with them (such as photos), you could also be affected in specific situations. The same principle applies to the publication of content (such as photos, interviews, quotes, etc.) on our website or in other publications by us. In the context of organizational development, we may engage in the sale or acquisition of businesses, operational units, assets, or companies, or establish partnerships. These actions could also entail the disclosure of data (including yours, for instance, as a member or supplier, or as a representative of a supplier) to individuals participating in these transactions.
All these categories of recipients can also engage third parties, which might result in your data being accessible to them as well. We can impose restrictions on the processing by certain third parties (e.g., IT providers), but not on others (e.g., authorities, banks, etc.).
We retain the right to proceed with such data disclosures, even if they include sensitive data (unless we have explicitly agreed with you not to share such data with particular third parties, except when legally mandated). However, your data continues to be protected by adequate data protection measures in both Switzerland and the EU following its disclosure. When sharing data with other countries, the regulations outlined in section 8.are applicable. If you do not want certain data to be disclosed, kindly notify us in writing so that we can evaluate whether and to what extent we can accommodate your request (refer to section 2).
We also allow certain third parties to collect personal data from you on our website and at our events (e.g., media photographers, providers of tools integrated into our website such as Google Analytics, etc.). To the extent that we are not significantly involved in these data collections, these third parties are solely responsible for the collection and processing. For inquiries and to assert your data protection rights, please directly contact these third parties, see sections 12 and 13. Furthermore, concerning the allocation of responsibilities, also refer to section 3, penultimate paragraph.
As explained in section 7, we also disclose data to other entities. This doesn't solely apply to Switzerland. As a result, your data can be processed not only in the EU, EEA, UK, and, on rare occasions, the USA, but also in exceptional cases, in any country across the globe.
If recipients are situated in a country without adequate legal data protection, we contractually obligate the recipients to adhere to applicable data protection laws. For this purpose, we make use of the revised standard contractual clauses of the European Commission, which can be accessed here: https://eur-lex.europa.eu/eli. This is applicable unless the recipients are already subject to a legally recognized framework for ensuring data protection and we are unable to rely on an exemption clause. An exception can apply, particularly in foreign legal proceedings, as well as in cases of predominant public interests, or when contract processing necessitates such disclosure, when you have provided consent, or when it pertains to data made generally accessible by you and to which you have not objected. Additionally, we have the option to implement further measures, such as encrypting your data.
Please also take into account that data exchanged over the internet, social media platforms, Microsoft Teams, or messaging services like WhatsApp, Signal, or similar platforms, often traverse through third countries that may not all be considered secure from a Swiss data protection standpoint (e.g., the USA). As a result, your data could be transferred internationally even when the sender and recipient are situated in the same country. Particularly in situations where data storage does not take place within Switzerland, your data might not receive sufficient protection, and you hereby confirm your understanding of this. If you do not consent to this, we kindly request that you refrain from using the relevant service and, whenever possible, consider employing a more secure alternative service (e.g., Threema instead of WhatsApp).
We process your data for as long as necessary to fulfil our processing purposes, comply with legal retention periods, and satisfy our legitimate interests in processing for documentation and evidential purposes, or if storage is technically required. Further details about the specific storage and processing duration can be found for each data category in section 3, and for cookie categories in section 12. If no legal or contractual obligations oppose it, we will delete or anonymize your data after the storage or processing period expires, following our standard procedures.
We implement suitable security measures to uphold the confidentiality, integrity, and availability of your personal data, protecting them from unauthorized or unlawful processing and minimizing the risks of loss, accidental modification, unintended disclosure, or unauthorized access.
Technical and organizational security measures can include actions such as data encryption and pseudonymization, logging, access restrictions (e.g., through authorization concepts), the storage of backup copies, instructions to our employees, confidentiality agreements, and controls. We protect the data transmitted through our website during the transportation process by using appropriate encryption mechanisms. We also obligate our processors to implement adequate security measures. However, we can only secure areas that are within our control. Security risks cannot be completely eliminated; residual risks are inevitable.
Under specific circumstances, the relevant data protection law provides you with the right to object to the processing of your data, particularly for purposes of direct marketing, profiling connected to direct advertising, and other legitimate interests in processing.
In order to enhance your control over the processing of your personal data, you possess the following rights in relation to our data processing, depending on the applicable data protection law:
If you intend to exercise the aforementioned rights with us, kindly get in touch with us in person at our location, through written communication, or via email. You can find our contact information in section 2. In order to prevent misuse, we must verify your identity (e.g., with a copy of an identification document if no other options are available).
Please be aware that conditions, exceptions, or limitations may apply to these rights according to applicable data protection law (e.g., to protect third parties or business secrets). We will inform you as needed.
If you do not agree with our handling of your rights or data privacy, please let us know. Particularly if you are situated in the EEA, the United Kingdom, or Switzerland, you retain the right to file a complaint with your country's data protection supervisory authority. You can contact the Swiss supervisory authority here: https://www.edoeb.admin.ch/edoeb/de/home/der-edoeb/kontakt/adresse.
On our website, we utilize cookies and similar technologies that enable us and third parties we collaborate with to identify you and/or your device(s) within or outside various services and devices, and across different services or devices. In this section, we provide you with information about it.
«Cookies» are small text files containing a character string used for the distinctive identification of a browser on an internet-connected device. Every browser that visits our website receives cookies from us. Additionally, we place cookies in your browser when you visit websites of other providers hosting our plug-ins or tags.
Essentially, the goal is to differentiate between your accesses (via your browser) and those of other individuals, enabling us to ensure the website's functionality and perform analyses and personalizations.
We utilize these technologies on our website and grant specific third parties the same capability. You have the ability to set up your browser to block specific cookies or alternative technologies, manipulate them, or delete existing cookies. Furthermore, you can enhance your browser with software designed to prevent tracking by specific third parties. For additional details, consult your browser's help pages (typically located under the «Privacy» section) or the websites of the listed third parties below.
The following cookies (technologies with similar functionalities like fingerprinting are also included) are categorized:
In addition to cookies, we use further technologies to statistically record and optimize the use of our website.
We may also integrate additional third-party offerings on our website, especially from social media platforms. These offers are deactivated by default. Once you activate them (e.g., by clicking a toggle), the respective platforms can detect that you are on our website. If you have an account on the corresponding social media platform, it can associate this information with you and track your use of online offers. The social media platforms process this data under their own responsibility.
We can operate pages and other online presences on social networks and other platforms operated by third parties («fan pages,» «channels,» «profiles,» etc.) and collect the data about you described in section 3 and below. We receive this data from you and the platforms when you interact with us through our online presence (e.g., when you communicate with us, comment on our content, or visit our presence). At the same time, the platforms analyse your use of our online presence and link this data with additional information they have about you (e.g., regarding your behaviour and preferences).
We process this data for the purposes described in section 4, in particular for communication, marketing purposes (including advertising on these platforms, refer to section 13), and market research. You can find information on the corresponding legal bases in section 5 above. We can redistribute content published by you (e.g., comments on an announcement) ourselves (e.g., in our advertising on the platform or elsewhere). We or the platform operators can also delete or restrict content from or about you according to the usage guidelines (e.g., inappropriate comments).
For further information regarding the processing by the platform operators, please refer to the privacy notices of the platforms. There, you will also learn about the countries in which they process their data, the rights you have as a data subject such as access, deletion, and other rights, and how you can exercise these rights or obtain additional information. Currently, we are using the following platforms:
Facebook: We operate Facebook company pages. The responsible entity for the operation of the Facebook platform for users in Europe is Meta Platforms Ireland Limited. Their privacy notices can be accessed at http://www.facebook.com/policy . Some of your data will be transferred to the USA. You can object to advertising here: http://www.facebook.com/settings?tab=ads. Regarding the data collected and processed for the creation of «Page Insights» when visiting our page, we share joint responsibility with Meta Platforms Ireland Ltd. Dublin, Ireland. Within the scope of Page Insights, statistics are generated about what users do on our page (comment on posts, share content, etc.). This is described at www.facebook.com/legal/terms/information_about_page_insights_data. It helps us understand how our page is used and how we can improve it. We only receive anonymous, aggregated data in this process. We have defined our responsibilities for data protection according to the information provided at http://www.facebook.com/legal/terms/page_controller_addendum.
Instagram: We use Instagram business pages. The responsible entity for the operation of the Instagram platform is Meta Platforms Ireland Limited. Their privacy notices can be accessed at https://www.facebook.com/help/instagram/155833707900388. Some of your data will be transferred to the USA. You can object to advertising here: www.facebook.com/settings?tab=ads. Regarding the data collected and processed for the creation of «Page Insights» when visiting our page, we share joint responsibility with Meta Platforms Ireland Ltd. Dublin, Ireland. Within the scope of Page Insights, statistics are generated about what users do on our page (comment on posts, share content, etc.). This is described at www.facebook.com/legal/terms/information_about_page_insights_data. It helps us understand how our page is used and how we can improve it. We only receive anonymous, aggregated data in this process. Our responsibilities regarding data protection are regulated according to the information provided at www.facebook.com/legal/terms/page_controller_addendum.
LinkedIn: We use a LinkedIn company page. The responsible entity for the operation of the LinkedIn platform is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland («LinkedIn»). When visiting our company page, LinkedIn captures, among other things, your IP address and additional information present on your device in the form of cookies. These details are utilized to provide us, as the operator of the LinkedIn page, with statistical insights regarding the utilization of the LinkedIn page. The extent to which LinkedIn utilizes data from visits to LinkedIn pages for its own purposes, how individual user activities on the LinkedIn page are linked, the duration of data storage by LinkedIn, and whether data from visits to the LinkedIn page is shared with third parties are not conclusively and clearly specified by LinkedIn and are not known to us. Additionally, as the provider of a LinkedIn company page, we do not gather or process any data from your usage of our service.
File Share: Data exchange is then possible via so-called file-sharing platforms. File-sharing is the direct sharing of files between internet users using a file-sharing network. In this process, the files are usually located on the computers of individual participants or dedicated servers, from where they are distributed to interested users (e.g., WhatsApp, WeTransfer, etc.).
Last updated: August, 2023