Legal

Privacy policy

We are pleased that you are visiting our website hitso.ch and that you are interested in our company. The protection of your personal data is important to us.

ControllerHelvetic IT Solution GmbH
Applicable lawFADP / GDPR
Contactinfo@hitso.ch

Purpose of this policy

The purpose of this privacy policy is to inform you about how we process your personal data when you visit our website. Our practice complies with the Swiss Federal Data Protection Act (FADP) and the EU General Data Protection Regulation (GDPR).

Controller

Helvetic IT Solution GmbH
Oberallmendstrasse 18
CH-6300 Zug
Schweiz

E-Mail: info@hitso.ch
Tel.: +41 41 20 333 80

Data protection officer

Adrian Komani
Oberallmendstrasse 18
CH-6300 Zug
Schweiz

E-Mail: adrian.komani@hitso.ch
Tel.: +41 41 203 33 81

Provision of the website and log files

When you access the site, our hosting system automatically collects technical data about your device such as browser type, operating system, IP address, date and time of access, and the pages requested. This data is used to operate the site reliably, to ensure security (for example to detect and prevent abuse) and to limit the number of requests (rate limiting).

Retention: Server logs are retained according to our hosting provider's standard policies and are deleted after a short period once they are no longer required for the stated purposes.

Website functions

We process personal data only for the following functions and on the basis of the applicable legal grounds (Art. 6 GDPR; Art. 31 FADP).

Contact form: We process first and last name, email address, optional company name, selected topics and the message in order to respond to your enquiry. The message is delivered to our team by email and is not additionally stored in a database. Legal basis: pre-contractual measures or our legitimate interest in answering your enquiry.
Tool assessments: Our self-assessments (IT Health Check, Cybersecurity Self Assessment, Backup Risk Check, Downtime Cost Calculator) collect your name, company, email address, optional phone number, your answers and the resulting score. This data is stored in our database so we can review your result and contact you if relevant. Legal basis: your consent when submitting the form, or pre-contractual measures.
Cookie consent: Your banner choice (accept or reject) is stored only in your browser's local storage so the banner does not reappear on subsequent visits. You can delete the entry at any time through your browser settings.

External services

We use the following external services to operate our website. We currently do not use any other external services or tracking tools (for example web analytics, tag managers or advertising pixels).

Google Maps: On our contact page we embed maps of our office locations via a Google Maps iframe. When the map loads, data from your device (in particular IP address and device information) is transmitted to Google. Provider: Google Ireland Limited / Google LLC, USA. Data transfer to the US under the EU-US Data Privacy Framework. Legal basis: legitimate interest in showing our office locations.
Resend: We use the email delivery service Resend to send our transactional emails and the messages submitted through our contact form. The content and recipient data are transmitted to Resend for delivery. Provider: Resend Inc., USA. Legal basis: legitimate interest in the reliable delivery of our business communication.

Cookies

We use only strictly necessary cookies and similar storage mechanisms in your browser. Specifically, we store your cookie banner choice in your browser's localStorage so the banner does not reappear on subsequent visits.

When you visit pages with embedded Google Maps, Google may set third-party cookies. You can find a detailed overview in our Cookie policy.

Disclosure to third parties

Your data is treated confidentially. It is only disclosed when required by law or with your explicit consent, for example to fulfil a contract or to authorities pursuant to court or administrative orders. Beyond the processors named above (Google, Resend), we do not pass personal data to third parties.

Your rights

Under applicable data protection law (FADP / GDPR) you have the following rights:

Right of access (Art. 25 ff. FADP / Art. 15 GDPR)
Right to rectification (Art. 32 (1) FADP / Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object (Art. 21 GDPR)
Right to withdraw consent, without affecting the lawfulness of processing carried out beforehand

To exercise your rights, please contact info@hitso.ch.

Right to lodge a complaint

In Switzerland you have the right to contact the Federal Data Protection and Information Commissioner (FDPIC). Within the EU you have the right to lodge a complaint with the supervisory authority in the member state of your residence, workplace or place of the alleged infringement (Art. 77 GDPR).

Data security

Your data is protected by appropriate technical and organisational measures. Complete data security cannot be guaranteed for unencrypted email communication.