PostFinance Ltd (hereinafter “PostFinance” or “we”) processes personal data that relates to you or to individuals with whom we have no direct contact (“third parties”).

When you visit our websites (including all subpages and the services and offers which they contain, such as information, advertisements, competitions, prize draws, surveys, communication channels, etc.; hereafter referred to as “PostFinance websites”), including our social media profiles and other electronic services (hereafter collectively referred to as our “online services”), data is collected automatically (e.g. your IP address, language settings or referrer ID, hereafter referred to as “online data”). In this Privacy Policy, we describe how we process this online data. We use the terms “online data” and “personal data” or “data” synonymously throughout this Privacy Policy.

This Privacy Policy supplements our General Privacy Policy with regard to our online services. However, this Privacy Policy does not cover websites that are owned and operated by third parties.

When you provide us with data about other people via our websites (for example, in an application form, contact form or via a chatbot) or one of our online services, you confirm that you are authorized to do so and that this data is correct. Before you send the data to us, please ensure that the relevant third parties have been informed that we will process their data and provide them with a copy of this Privacy Policy.

PostFinance Ltd. is generally responsible for processing data within the scope of this Privacy Policy, which means that it bears primary responsibility for that data processing under data protection law, unless otherwise specified in individual cases.

Please contact us using the following details if you have any concerns about data protection or wish to assert your rights (see chapter 12 of the General Privacy Policy:

PostFinance Ltd
Data Protection Officer, Legal
Mingerstrasse 20, CH–3030 Bern
meinedaten@postfinance.ch

You can generally use our online service without providing us with personal data such as your name or e-mail address (this does not apply to certain functions or content, e.g. when communicating with us). In such cases, we can attribute the data we collect when you use our online services (e.g. IP address and data about the content you accessed) to a particular visitor but not to an identifiable person. In this regard, online data generally does not constitute personal data. We do, however, collect non-anonymized technical data when you log in to a website.

Depending on the situation and purpose, we process different categories of data about you when you visit our online services: 

Technical data

When you visit and use our online services, our web servers collect certain technical data about your visit and record it in logs; this data includes the date and time of access, the website from which the service was accessed (referrer URL), the search term, the country from which the service was accessed, the IP address of the accessing computer, information about your device and data regarding how you interact with the website.

We also collect additional categories of data if you request or use products or services through our online services. Information about these categories of data can also be found under Section 4 of our General Privacy Policy.

Master data

Data that relates to your identity and personal characteristics, such as your name, address or date of birth, your correspondence language, your availability, etc. You provide us with this information when, for example, you fill in forms, take part in surveys or communicate with us online (e.g. via chatbot or video chat).

Financial and risk-related data

Data that relates to your income and assets, financial situation, tax domicile and financial decisions, e.g. for mortgage calculators or to prepare an insurance quotation. 

Behavioural and preference data

We also collect additional data regarding your behaviour when you use our online services. To do this, we utilize cookies (see “Which online tracking and analysis techniques do we use for our websites?”). Behavioural data gives us an insight into your specific actions, e.g. which sites you visit most often.

Communication data

This data relates to our communication with you, in particular via electronic channels (e.g. by chatbot or e-mail).

We process online data in particular for the purposes described below. More information about why we process data can be found under Section 5 of our General Privacy Policy.

Please note that we generally do not use online data from visits to our online services from outside Switzerland insofar as the data is not essential to us providing our online services or for security or purely statistical purposes, and insofar as we are able to determine the geographic origin of the visit.

Operating our online services

Technical data is collected automatically when our online services are used and is therefore required to allow us to provide our online services. We also need other online data, in particular data gathered via cookies, to ensure that certain functions of our online presence can be provided.

Providing certain content and functions

When you access content and functions from our online services, and in so doing, provide us with data (for example, if you complete an online contract or register for a newsletter), we process the online data that you provide in accordance with the purpose of that function or content, e.g. in order to receive an application or communicate with you.

Security and stability

We use online data to improve the security and stability of our online services (e.g. to identify whether data has been entered into a contact form by a person or a bot).

Statistics

We use online data for statistical purposes, i.e. to carry out assessments aimed at obtaining specific information, e.g. information about patterns of usage of our online services. That information is often aggregated, which means that it no longer no longer relates to individual persons.

Improving offers

We use online data to help us continue to improve our online services and other offerings (e.g. to help us respond to different types of usage, modify content or develop new content). To do so, we use tools such as analytics cookies. We use online data only in aggregated form for this purpose.

Market research and marketing

We also use online data for market research purposes and for marketing, e.g. to send out our newsletter or to display advertising within our online services or on third-party web pages. We may also personalize such content. To do this, we utilize marketing cookies; however, we only use online data in aggregated form for this purpose.

Communication

We use online data to communicate with you via electronic channels.

Other purposes

Our main objective in providing our online services is to allow us conduct our business operations. With that in objective in view, our general purpose in processing online data is to directly facilitate and carry out our business operations. When you take part in competitions or prize draws or sign up for events, we process your data to review compliance with the terms of use and to communicate with the participants or hold the event.

As a rule, we may also use online data to test and manage IT infrastructure, to safeguard our rights (e.g. to settle claims before, in or out of court, as well as claims brought before public authorities in Switzerland and abroad, or to defend ourselves against claims and, where appropriate, in the context of criminal proceedings, to identify the users concerned and take civil and criminal action against them); to evaluate and improve internal processes, or for documentation, archiving, quality assurance or training purposes.

For the purposes described in “What is this Privacy Policy about?”, we may process your data using automated (i.e. computer-assisted) methods and in doing so analyse personal aspects. This includes profiling, which means automated processing of data for analysis and forecasting purposes. Profiling is primarily conducted for marketing and security purposes. We may also generate profiles, i.e. combine online data and where appropriate other data which we already have (see “What data do we process?”) to gain a better understanding of you as a person and your interests and personal needs. In addition, we may use an automated decision-making process. If we do so and these decisions have legal impacts on you or otherwise affect you significantly, we will inform you of this separately.

Our websites are developed, prepared and operated by different teams. To the extent permitted by law, we disclose data in Switzerland and abroad (see section“Do we disclose personal data abroad?”) and therefore also to third parties, to the following types of recipients in particular:

• Service providers working on behalf of PostFinance, e.g. to procure IT services in relation to the operation of our online services. Our service providers are bound by contractual and statutory obligations regarding confidentiality and data protection. Provided there are appropriate grounds, they may also use such data for their own purposes, e.g. anonymized information to improve services.
• Public authorities, such as agencies, courts or other bodies, in the con text of statutory obligations and to uphold our legitimate interests.
• Other recipients, insofar as we are obligated or entitled to disclose the data, or to uphold our legitimate interests, e.g. to individuals who are involved in proceedings before the courts or the authorities or to auditors.

As explained in the “Who do we disclose your data to?” section, your data may also be processed by service providers and third parties. These parties may be located abroad. Further information about how we proceed when disclosing data abroad can be found under Section 8 of our General Privacy Policy.

Please also note that data exchanged via the Internet is often routed through third countries. Your data may therefore be transferred abroad even if the sender and recipient are located in the same country.

We store your data for as long as we are required to do so in accordance with the applicable legal provisions or to fulfil the purpose of its processing. For further information, please refer to Section 9 of our General Privacy Policy.

We take appropriate technical, organizational and personnel-based security measures to maintain the security of your personal data, safeguard it against unauthorized or unlawful processing and protect it against the risk of loss, accidental modification, unintentional disclosure or unauthorized access (see also Section 10 of our General Privacy Policy).

Sending data via networks and in e-mail communication: sending data via networks involves multiple internet providers. It can therefore never be ruled out that third parties could gain access to data that is transferred in this way and use it without permission. Sensitive data should consequently never be sent by e-mail, SMS or other unencrypted channels. Even when such information is transferred via encrypted channels, data such as the sender and recipient names remain public. This means that in some circumstances, third parties can still make deductions about existing or future business relationships. When you contact us by e-mail or by using a contact form, you expressly authorize us to reply to you at the sender’s address or supplied address using the same communication channel. PostFinance does not accept orders via e-mail.

This section describes how we use cookies and similar technologies such as pixels and tags (hereafter referred to as “tracking tools”) in the public areas of our websites.

Cookies are small text files that are stored on your browser or device (e.g. browser, smartphone or tablet) until the programmed expiration date, and are read when the online service is next accessed. Cookies generally contain an anonymous identification number, which helps us recognize returning visitors, as well as additional information about the visitor's behaviour or settings in the online service. This means that you are classed as a unique visitor every time you access a site, and are identified when you log in. We distinguish between functional cookies, analytics cookies and marketing cookies, depending on the purpose for which they are used.

We only use cookies and similar technologies for analytics and marketing purposes if you actively agree to the relevant settings in a cookie banner. You can disable cookies used for marketing and analytics at any time (see link at the bottom of the website).

This means that we can only analyse individual customers’ behaviour on a personal level if the device used to log in for the first time is linked with our internal customer number, and can thus track the behaviour of specific, identifiable website users. Once you have logged in, e.g. via e-finance, it is generally possible for PostFinance to draw conclusions at a personal level about your behaviour. If a reference to an identifiable personal is established, we can process this personal data in accordance with our General Privacy Policy, in particular for the purposes described therein.

We also use what are known as tracking pixels. A tracking pixel is a small piece of code which we use to collect information about how you use our website and online services, including the pages you visit or the way you interact with those pages, and to transfer that information to online advertisers. Your browser uses the tracking pixels to automatically establish a connection with the online advertiser’s server. In this way, the online advertiser receives information about the content that you have accessed on one of our PostFinance websites or online services. This allows us to ensure that we display adverts that match your interests when you visit the online advertiser’s websites or a website that contains adverts operated by the online advertiser. If you are authenticated by an online advertiser who utilizes tracking pixels (e.g. by registering and logging on to a social media network), that online advertiser can associate any visits to our PostFinance websites or attempts to access our online services with your account. We have no control over the extent to which the data collected through tracking pixels are used by the online advertiser; for that reason, please refer to their privacy statements (linked in the table below).

A plug-in is a piece of software which provides a website or mobile app with a specific functionality or a particular type of content. In our online services, for example, we use social media plug-ins which when clicked establish a connection with our profile pages on various social media platforms (see below, “How do we use social media profiles?”). Other types of plug-ins contain, for example, program code which makes it possible to display and play a video to run and be displayed on a particular website or to display the social media feed from a specific user’s profile directly on a website. We use the social media plug-ins shown in the table below to enable you to access our profile pages on external social media platforms.

We also use other technologies provided by third-party companies. Provided these third-party providers process personal data, they act as our processors or as sole or joint data controllers (in cooperation with us), depending on the nature of the service and the data processing. For further information about how third-party providers process data can be found in the respective providers' data protection policies.

If you do not consent to the use cookies, pixels or other technologies, you can configure your browser so that suitable tools or browser add-ons generally prevent the use of such technologies. You can also install a browser plug-in that will notify you if and when a third party accesses your browser.

You can view, check or modify your cookie settings at any time via the cookie banner. This banner automatically appears when you visit our website for the first time. Cookie settings can also be changed subsequently. You can do this by clicking on the “Cookie settings” link at the footer of our website www.postfinance.ch. Clicking on this link will open the cookie banner, which then allows you to activate, modify or reject the use of cookies for marketing and analytics purposes at any time.

Most browsers (The link will open in a new window Google Chrome, The link will open in a new window Microsoft Edge, The link will open in a new window Safari, The link will open in a new window Firefox) offer options for accepting, rejecting or deleting all cookies or third-party cookies on a website or specified websites. Your browser settings contain technical instructions about how to delete cookies in your browser. In most browsers, you can open the relevant settings window by pressing the “Ctrl+Shift+Delete” or “⌘+Option+Esc” keys together. Please note that you will no longer be able to use various services if you delete your browsing history.

Please note that disabling has to be carried out separately for your browser, and your settings in the login area of the PostFinance website (e-finance) and the PostFinance app will not be taken over but rather have to be set there separately, and the settings will also apply to all other users who use our websites via the same device.

If such tracking tools are disabled, our online presence will still be usable, but under certain circumstances some functions will be unavailable or only partially available.

We currently use the following tracking tools:

Functional cookies

Functional cookies are required to maintain the basic functionality of the PostFinance website. This includes, for example, saving your browser settings or preferred language. This means that you will not have to configure these basic settings the next time you visit our website. These cookies have an expiration date of up to 24 months. Functional cookies cannot be disabled.

Google Tag Manager

• Provider / Privacy Policy: Google LLC
• Controller: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; The link will open in a new window https://policies.google.com/privacy?hl=en

Analytics cookies

Analytics cookies are a prerequisite for analysing website usage. We use the information we collect about user behaviour to optimize our PostFinance websites and content on an ongoing basis. These cookies may be stored after your visit. Analytics cookies expire after up to 12 months.

Microsoft Clarity

Provider / Privacy Policy: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 USA; The link will open in a new window https://privacy.microsoft.com/en-gb/privacystatement

Google Analytics / Google Firebase

• Provider / Privacy Policy: Google LLC
• Controller: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; The link will open in a new window https://policies.google.com/privacy?hl=en

Marketing cookies

Tracking tools in the form of cookies or pixels for marketing purposes increase the relevance of our actions and campaigns for you and enable PostFinance to improve its products and services. Without these tracking tools, you will be shown advertising that may not be relevant for you. These tracking tools for marketing purposes can be saved in the browser for up to 18 months.

Google Ads, Google Campaign Manager

• Provider / Privacy Policy: Google LLC
• Controller: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; The link will open in a new window https://policies.google.com/privacy?hl=en

Facebook / Instagram

Provider / Privacy Policy: Meta Platforms Ireland Limited 4 Grand Canal Square Grand Canal Harbour Dublin 2, Ireland; The link will open in a new window https://privacycenter.instagram.com/policy/?section_id=0-WhatIsThePrivacy

Microsoft Advertising

Provider / Privacy Policy: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 USA; The link will open in a new window https://privacy.microsoft.com/en-gb/privacystatement

LinkedIn Insight Tag

Provider / Privacy Policy: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; The link will open in a new window https://www.linkedin.com/legal/privacy-policy

When you navigate to third-party websites from our websites, this third party may recognize that you are coming from us. It processes this information without our involvement, under its own responsibility and in accordance with its own data protection regulations. This also applies if you share content on social networks or other third-party services via the “share” function on one of our websites.

We may operate our own profiles on social networks and similar third-party platforms (e.g. Facebook fan pages). If you communicate with us via these profiles or comment on or share our content, we collect relevant data and process it, primarily for communication and marketing purposes. When we do this, user data may be processed outside the EU or EEA, and in the USA in particular.

We have the right, but no obligation, to review content before or after it is published and to delete content without notification (e.g. in the case of unacceptable behaviour), insofar as this is technically possible, or to report it to the provider of the platform concerned. In the event of a breach of common decency and rules of conduct, we may also report the user account in question to the provider of the platform for blocking or deletion.

When you visit our social media profiles, data (e.g. on your behaviour) may also be transferred directly to or collected by the relevant provider and processed along with other data already known to it (e.g. for marketing and market research purposes and to personalize platform content). Insofar as we are jointly responsible with the platform provider for certain processing activities, we shall enter into a corresponding agreement with them.

We reserve the right to amend this Privacy Policy at any time. The version published at postfinance.ch/dps-web is the currently valid version.

Last updated: February 2024