Data Privacy Statement

privacy policy of CONZEPTA'S Swiss GmbH (hereinafter referred to as "CONZEPTA'S")

Version from November 2025

This privacy policy explains how CONZEPTA'S (hereinafter also referred to as “we” or ‘us’) collects and processes personal data from data subjects (e.g., customers, business partners, etc.) (hereinafter referred to as “you”) in the course of its business activities. This is not an exhaustive description; further privacy policies or general terms and conditions may regulate specific matters. Personal data refers to all information relating to an identified or identifiable person.

If you provide us with personal data relating to other individuals (e.g., your employees, family members, colleagues), please ensure that these individuals are aware of this privacy policy and only share their personal data with us if you are permitted to do so and if this personal data is accurate. If you transmit or disclose personal data from third parties to us, we assume that we may process this data for the intended purpose.

As a company operating in Switzerland, CONZEPTA'S is subject to Swiss data protection regulations.

1. Responsibility
The company within CONZEPTA'S (a “group company”) that initiates the relevant data processing is responsible for that data processing, i.e., for example, the group company that provides the service with which you have concluded a contract, with which you have a business relationship, with which you are involved in a contract or business relationship, whose website you visit, etc. If you are unsure who is responsible, please contact us at any time using the contact details below.

The contact person for all data processing is CONZEPTA'S Swiss GmbH, based in Basel. If you have any concerns regarding data protection, please contact us at the following address: CONZEPTA'S Swiss GmbH, Teichgässlein 9, 4058 Basel; email: info@conzeptas.ch.

2. Obligation to provide personal data
Within the scope of our business relationship, you must provide the personal data necessary for establishing and conducting a business relationship and fulfilling the associated contractual obligations (you are not generally under any legal obligation to provide us with data). Without this data, we will generally not be able to conclude or execute a contract with you (or the entity or person you represent).

3. Collection and processing of personal data
We primarily process the personal data that we receive from our customers and other business partners as part of our business relationship with them and other persons involved or that we collect from their users when operating our website, our customer portal and other applications. Where permitted, we also obtain certain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, press, internet) or receive such data from other companies within CONZEPTA'S, from authorities and other third parties. We collect the following categories of personal data:

  • Contact details: e.g., address, email address, telephone/mobile number, digital location data, IP addresses
  • Bank details: e.g., account number, payment method, credit card credit rating, account balance
  • Personal characteristics, e.g., name, date of birth, gender, language, nationality, vehicle registration number, marital status, photos, hobbies/personal interests
  • Health data: e.g. allergies/intolerances
  • Value judgments, e.g., education, qualifications
  • Activity data, e.g., conducting meetings, personal meetings, participation in events
  • Correspondence, e.g., emails, letters
  • Project data: e.g. analyses, service offers,
  • Contract data: Broker mandates incl. attachments with private customers, policies incl. attachments from private customers
  • Other data: In addition to the data that you disclose to us directly, the categories of personal data that we receive about you from third parties include, in particular, information that we learn in connection with official and legal proceedings, information in connection with your professional functions and activities, information about you in correspondence and meetings with third parties, creditworthiness information, information about you that people from your environment (family, advisors, legal representatives, suppliers, etc.) provide to us so that we can conclude or process contracts involving you or with you (e.g. information about you that we receive from third parties).) so that we can conclude or process contracts involving you or with you (e.g. references, your postal address for This includes information about you (e.g. references, your postal address for correspondence, powers of attorney), information on compliance with legal requirements, information from banks, insurance companies and other contractual partners of ours on the utilisation or provision of services by you (e.g. payments made, information from the media and Internet about you, insofar as this is appropriate in the specific case, e.g. in the context of a job application, marketing, etc.), your residential or business addresses and, if applicable, interests and other socio-demographic data for the purpose of establishing new business relationships.

4. Purposes of data processing and legal bases
We use the personal data we collect primarily to fulfill our contracts with our customers and business partners, in particular in the context of risk, insurance, and occupational pension consulting and related activities with current or future business partners, as well as to comply with our legal obligations. If you work for such a customer or business partner, your personal data may of course also be affected in this capacity. In addition, we process personal data relating to you and other individuals, to the extent permitted and where we deem it appropriate, for the following purposes in which we (and sometimes third parties) have a legitimate interest:

  • Offering and further developing our risk insurance and occupational pension consulting services and related activities;
  • Communication with third parties and processing of their inquiries (e.g., job applications, media inquiries);
  • Review and optimization of methods for analyzing needs for the purpose of direct customer contact, as well as collection of personal data from publicly available sources for the purpose of customer acquisition;
  • Advertising and marketing (including the administration and organisation of events), unless you have objected to the use of your data (if we send you advertising from us as an existing customer, you can object to this at any time, we will then put you on a blacklist against further advertising mailings by post and/or e-mail)
  • Market and opinion research, media monitoring;
  • Assertion of legal claims and defense in connection with legal disputes and administrative proceedings;
  • Prevention and investigation of crimes and other misconduct (e.g., conducting internal investigations, data analysis for fraud prevention);
  • Ensuring the operation of our business, in particular our IT systems, our website and the online services offered on it, as well as other platforms;
  • Video surveillance to enforce house rules and other measures for IT, building, and facility security and the protection of our employees and other persons and assets belonging to us or entrusted to us (such as access controls, visitor lists, network and email scanners, telephone recordings);
  • Purchase and sale of business units, companies or parts of companies and other corporate transactions and the associated transfer of personal data, as well as measures for business management and, to the extent necessary, compliance with legal and regulatory obligations and Kessler's internal regulations.

If you have given us your consent to process your personal data for specific purposes, we will process your personal data within the scope of and based on this consent. Consent that has been given can be revoked at any time, although revocation has no effect on data processing that has already taken place, but only applies to future data processing.

5. Cookies/tracking and social plug-ins in connection with the use of our website or customer portal: No personal data is transmitted.

Cookies
When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters that can be used to assign websites and servers to the specific Internet browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.

By using session cookies, the controller can provide users of this website with a user-friendly service that would not be possible without the use of cookies. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest.

We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. On your first visit, you can voluntarily agree to tracking or analysis via the cookie banner that appears. Your data may be passed on to partners or third-party providers. These cookies are only stored if you explicitly agree to this; the legal basis is then your consent.

You can change your settings for the use of cookies here at any time: inindividual privacy settings

Google Web Fonts (local hosting)
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=en.

Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. If Google Maps is activated, Google may use Google Web Fonts for the purpose of uniform display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

Google Maps is used in the interest of an appealing presentation of our online offerings and to make it easy to find the locations we have indicated on the website. This constitutes a legitimate interest. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on how user data is handled, please refer to Google's privacy policy: https://policies.google.com/privacy?hl=en.

6. Data sharing and data transfer abroad
Within the scope of our business activities and the purposes set out in section 4, we also disclose personal data to third parties, insofar as this is permitted and appears appropriate to us, either because they process it on our behalf or because they wish to use it for their own purposes.

This particularly concerns the following positions:

  • Service providers working for us within CONZEPTA'S and externally, such as insurance companies, pension funds, banks, consulting firms, law firms, including contractors (such as IT providers);
  • Network partners such as united CONZEPT GmbH, suppliers, subcontractors, and other business partners in connection with the fulfillment of our contractual obligations to you;
  • Customers and their legal representatives or contact persons;
  • Domestic and foreign authorities, agencies, or courts;
  • The general public, including visitors to websites and social media;
  • Competitors in mandate transfers, industry organizations, associations, organizations, and other committees;
  • Purchasers or parties interested in purchasing business divisions, companies, or other parts of CONZEPTA'S;
  • other parties in potential or actual legal proceedings;

(hereinafter referred to as “recipient”).

The recipients of personal data are partly located in Germany, but may also be located abroad. In particular, you must expect your data to be transferred to our parent company CONZEPTA’S Assekuranzmakler AG in Germany, as well as to our network partner united CONZEPT GmbH in Germany or other brokers abroad. If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection as required by law by using appropriate contracts (namely based on the European Commission's standard contractual clauses) or rely on legal exceptions, including consent, contract execution, the establishment, exercise, or enforcement of legal claims, overriding public interests, published personal data, because it is necessary to protect the integrity of the persons concerned, or because the person concerned has made the data generally accessible and has not expressly prohibited processing. You can obtain a copy of the aforementioned contractual guarantees at any time from the contact person named in section 1. However, we reserve the right to redact copies for data protection or confidentiality reasons, or to provide only excerpts.

For the sake of completeness, we would like to point out that, as a broker licensed in Switzerland, we exclusively serve Swiss clients.

7. Duration of storage of personal data
We process and store your personal data for as long as is necessary to fulfill our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e., for example, for the duration of the entire business relationship (from the initiation, execution, to the termination of a contract) and beyond that in accordance with the statutory retention and documentation obligations. It is possible that personal data may be retained for the period during which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes).

8. Data security
We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse, such as physical and digital access controls and restrictions, encryption of data carriers and transmissions, guidelines for handling personal and business data, guidelines for handling mobile devices, training in data protection and compliance, and continuous monitoring of the measures mentioned.

9. Profiling
CONZEPTA'S does not engage in profiling.

10. Rights of the data subject
Within the scope of the data protection law applicable to you—and to the extent provided for therein—you have the right to obtain information about which data we process about you and for what purpose, the right to correct and delete your personal data, and the right to restrict data processing and disclose certain personal data. You can also object to data processing at any time, in particular with regard to direct marketing measures. Please note, however, that we reserve the right to assert the restrictions provided for by law, for example if we are obliged to store or process certain data, have an overriding interest in doing so, or need it to assert claims. If you incur any costs, we will inform you in advance. Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or cost implications. We will inform you in advance if this is not already regulated in the contract.

The exercise of such rights generally requires that you clearly prove your identity (e.g., by providing a copy of your ID card if your identity is otherwise unclear or cannot be verified) if we do not already know your identity. To assert your rights, you can contact us at the address given in section 1.