Privacy policy for customers and the website of TOVENCA

With this privacy policy, we, TOVENCA AG, based in Ebmatingen (municipality of Maur), describe how we process your personal data when you obtain our services, otherwise interact or communicate with us under a contract, or use our website.

If you transmit or disclose data to us about other persons, such as family members, employees, work colleagues, etc., we assume that you are authorized to do so, that this data is correct and that we may process it as described here. By transmitting the data via third parties, you confirm this. Please also ensure that these third parties have been informed about this privacy policy.

The protection of your privacy is important to us. We will of course only process your data as permitted by the Swiss Data Protection Act.

1. who is responsible for processing your personal data?

TOVENCA AG, Lohwisstrasse 52, 8123 Ebmatingen, is responsible for the data processing described in this privacy policy, unless otherwise communicated in individual cases.

If you have any questions about our handling of personal data or other data protection concerns, you can contact us at the following address:


Lowisstrasse 52

8123 Ebmatingen


2. As the responsible party, we process personal data for what purpose?

2.1 Recruitment and application

If you are an applicant, we process your personal data (date of birth, AHV number, salary, degree of employment, family relationship, marital status, gender, nationality/place of residence, entry + exit data, residence and work permit, education + training, professional function, appraisals, time recording, access rights – IT user data, account details (other data required for personnel processing) for the following purposes: Hiring of suitable employees.

2.2 Current employees

If you are an employee, we process your personal data (as above) for the following purposes: Timely salary and expense processing, notifications to social insurance companies.

2.3 Former employees

If you are a former employee, we process your personal data (as above) for the following purposes: Information on insurance coverage, deregistration upon leaving, RAV form, job reference.

2.4 Website

When you visit our website, we process the associated access data (website visited, time at the time of access, source/reference from which you reached the page, browser used, operating system used, IP address used) to enable the use of the website (connection establishment), to ensure system security and stability, for the optimization of the Internet offering and for internal statistical purposes.

“Communication via e-mail is known to be neither secure nor confidential. The associated risks of knowledge and manipulation by unauthorized third parties or incorrect delivery can be reduced by encrypted transmission. Despite knowledge of these risks, you agree that we correspond unencrypted by e-mail. We therefore bear no responsibility for these risks or for breaches of any secrecy obligations regarding communication via e-mail. At your express request, we will send particularly confidential documents by normal mail or encrypted. To avoid ambiguity, we must be notified of such an arrangement in writing.”

3. to whom do we disclose your personal data?

We do not disclose any personal data to third parties without the consent of the data subject, unless this is done in connection with the processing of the order placed with us or is necessary for the purposes described in this Privacy Policy. For example, we may involve external consultants, domestic and foreign experts, surveyors and other external auxiliary persons for these purposes, insofar as we consider this to be useful or necessary. In particular, information may be disclosed to public authorities and social security institutions in the context of the execution of the contract.

In addition, we may disclose personal data to contract data processors, in particular to IT service providers and other providers who provide IT applications (e.g. collaboration platforms) or provide support and other services for the purposes listed in this privacy policy on our behalf.

4. will your personal data be transferred abroad?

In principle, no. In connection with the processing of the order or for the purposes described in this privacy policy, we also disclose data to bodies that are not located solely in Switzerland. Such a transfer abroad arises in particular in the case of foreign service providers or in the case of communication with authorities or other bodies abroad in accordance with the order. Depending on the context, your data may therefore be processed in the EU, the European Economic Area or another country recognized by Switzerland as having adequate data protection legislation (Germany, France, Italy, Principality of Liechtenstein, Austria, Sweden, UK, etc.).

Due to the use of the latest technologies (e.g. cloud solution), it cannot be ruled out that your data may end up abroad – even outside the EU or EEA.

The corresponding countries may not have laws that protect your personal data to the same extent as in Switzerland or in the EU or EEA area (e.g. USA). We therefore take contractual precautions (or oblige our service providers to do so) to contractually compensate for the weaker legal protection. For this purpose, we generally use the standard contractual clauses issued or recognized by the European Commission and the Swiss Data Protection and Information Commissioner (FDPIC) (for more details and a copy of these clauses, see (Standard contractual clauses for controllers and processors in the EU/EEA (

5. What are your rights?

Individuals about whom we process data have the right to request information about the data we process about them, as well as its correction or deletion.

Insofar as our processing is based on consent, data subjects have the right to revoke this consent at any time with effect for the future.

To exercise such rights, data subjects may contact us at the address mentioned in section 1 above. We will process these requests in accordance with the Swiss Data Protection Act and may also refuse or only fulfill them to a limited extent in accordance with the legal regulations.

6. cookies

We use cookies on our website. These are small text files that are stored on your terminal device.

We use such cookies to ensure the proper functioning of the website and, in some cases, to monitor the use of our website and to determine your preferences (e.g. so that we can display the website in the language you have chosen).

Most browsers are preset to automatically accept cookies. You can disable them by deactivating cookies in your browser settings.

7. can this privacy policy be changed?

It may be necessary to make adjustments to this privacy statement from time to time, for example, if the law or the way we process personal data changes. In this case, we will inform you of the change in an appropriate manner (e.g. by posting it on our website or sending an e-mail to you) and the new version will become binding upon publication on our website.


Last change: September 2023