Skip to content
    Free Demo
    Legal

    Privacy Policy

    In this privacy policy, we, noria hr gmbh (formerly noria HR Consulting), a limited liability company (GmbH) (hereinafter noria hr gmbh, we or us), describe how we collect and process personal data.

    This privacy policy is not exhaustive; other privacy-related statements may govern specific circumstances.

    For the purposes of this privacy policy, personal data refers to all information that relates to an identified or identifiable individual.

    Responsible Entity and Contact

    Responsible for the data processing described here is noria hr gmbh, unless otherwise stated in individual cases. Privacy inquiries can be addressed to us by mail or email, together with a copy of your ID or passport for identification purposes:

    P.O. Box, 8700 Küsnacht ZH, Switzerland
    Phone: +41 76 770 32 32
    Email: cornelia.caduff@noriahr.com

    Collection and Processing of Personal Data

    We process personal data in the following categories of processing in particular:

    • Customer data from clients for whom we provide or have provided services.
    • Personal data we have received indirectly from our clients during service provision.
    • When visiting our website.
    • When using our newsletter.
    • When participating in events organized by us.
    • When we communicate or a visit takes place.
    • In other contractual relationships, e.g. as a supplier, service provider or consultant.
    • In the case of job applications.
    • When we are obliged to do so for legal or regulatory reasons.
    • When we exercise our duty of care or other legitimate interests.

    More detailed information can be found in the description of the respective categories of processing.

    Categories of Personal Data

    Which personal data we process depends on your relationship with us and the purpose for which we process it. In addition to your contact details, we also process further information about you or about persons who are in a relationship with you.

    Examples of such personal data:

    • Contact information (e.g. name, first name, address, phone number, email).
    • Customer information (e.g. date of birth, nationality, marital status, profession, title, job title, passport/ID number, OASI number).
    • Financial information (e.g. bank account details).
    • Mandate data depending on the assignment (e.g. salary, social insurance data).
    • Application data (e.g. CV, employment references).
    • Marketing information (e.g. newsletter subscription).
    • Website data (e.g. IP address, device information, browser information).
    • Security and network data (e.g. visitor lists, access controls, network and mail scanners, phone call lists).

    Data Processing for Reference Creation (Order Processing)

    As part of our reference creation service, we process personal data (e.g. name, date of birth, place of origin, duration of employment, function) on behalf of our clients. Processing is carried out exclusively according to their instructions and serves solely the purpose of creating employment references. Data is treated confidentially and protected by appropriate technical and organizational measures. No disclosure to third parties takes place. Upon completion of the assignment, data is deleted or returned according to the client's instructions. This processing takes place within the meaning of order processing pursuant to Art. 9 et seq. of the revised Data Protection Act (revDSG). For questions about data processing in the context of this service, please contact contact@noriahrconsulting.com.

    Data from Publicly Accessible Sources

    Where permitted, we also obtain certain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, press, internet) or receive such data from our clients and their employees, from authorities, (arbitration) courts and other third parties. In addition to the data you provide directly, the categories of personal data we receive about you from third parties include in particular information from public registers, information in connection with official and court proceedings, information in connection with your professional functions and activities, information about you in correspondence and meetings with third parties, credit reports, information from persons in your environment, information for compliance with legal requirements, information from banks, insurance companies and other contractual partners, media and internet information, addresses and demographic data, as well as data in connection with website usage.

    Purposes of Data Processing and Legal Basis

    We primarily process personal data to provide our services, to conclude or execute contracts. Processing is based on contract fulfillment, legal obligations, legitimate interests, or your consent.

    Our clients' personal data includes in particular the following information:

    • Contact information (e.g. name, first name, address, phone number, email, other contact information).
    • Personal information (e.g. date of birth, nationality, marital status, profession, title, job title, passport/ID number, OASI number, family circumstances, etc.).
    • Risk assessment data (e.g. credit information, commercial register data, sanctions lists, specialized databases, internet data).
    • Financial information (e.g. bank account details, investments or participations).
    • Mandate data, depending on assignment, e.g. tax information, articles of association, minutes, employee data (e.g. salary, social insurance), etc.

    Particularly sensitive personal data: This personal data may also include particularly sensitive personal data, such as health data, religious views or social welfare measures, particularly when we provide payroll processing services.

    We process this data based on the following legal grounds:

    • Conclusion or execution of a contract with the data subject or in favor of the data subject, including contract initiation and enforcement (e.g. consulting).
    • Safeguarding legitimate interests (e.g. for administrative purposes, quality improvement, security, risk management, enforcing rights, defending against claims, or checking for conflicts of interest).
    • Consent (e.g. to send you marketing information).

    Indirect Data Processing from Service Provision

    When we provide services for our clients, we may also process personal data that we did not collect directly from the data subjects, or personal data of third parties. These third parties are typically employees, contact persons, family members or persons who are otherwise related to the clients. We need this personal data to fulfill contracts with our clients.

    The personal data of these persons includes in particular:

    • Contact information (e.g. name, first name, address, phone number, email, marketing data).
    • Personal information (e.g. date of birth, nationality, marital status, profession, title, job title, passport/ID number, OASI number, family circumstances).
    • Financial information (e.g. bank account details, investments or participations).
    • Mandate data, depending on assignment, e.g. tax information, articles of association, minutes, employee data (e.g. salary, social insurance).

    Particularly sensitive personal data: This personal data may also include particularly sensitive personal data, such as health data, religious views or social welfare measures, particularly when we provide payroll processing services.

    Legal grounds:

    • Conclusion or execution of a contract with or in favor of the data subject.
    • Fulfillment of a legal obligation.
    • Safeguarding legitimate interests, particularly our interest in providing optimal services to our clients.

    Use of Our Website

    To use our website, no personal data needs to be disclosed. However, the server records a number of user information with each access, which is temporarily stored in the server's log files. No personal identification takes place when using this general information.

    This includes in particular:

    • Contact information (e.g. name, first name, address, phone number, email).
    • Further information you submit via the website.
    • Automatically transmitted technical information (e.g. IP address, UDI, device type, browser, number of clicks, newsletter opens, link clicks, etc.).

    Legal grounds:

    • Safeguarding legitimate interests (e.g. for administrative purposes, quality improvement, data analysis, or promoting our services).
    • Consent (e.g. for the use of cookies or the newsletter).

    Newsletter Usage

    If you subscribe to our newsletter, we use your email address and other contact data to send you the newsletter. Mandatory information for sending the newsletter is your full name and email address. The legal basis is your consent. You can revoke this at any time and unsubscribe from the newsletter.

    Participation in Events

    When you participate in an event organized by us, we collect personal data to organize, conduct the event and possibly send you additional information afterwards. You may be photographed or filmed at these events and we may publish this material internally or externally.

    This includes in particular:

    • Contact information (e.g. name, first name, address, phone number, email).
    • Personal information (e.g. profession, function, title, employer, dietary preferences).
    • Images or videos.
    • Payment information (e.g. bank details).

    Legal grounds:

    • Fulfillment of a contractual obligation (enabling participation in the event).
    • Safeguarding legitimate interests (e.g. conducting events, disseminating information).
    • Consent (e.g. for sending marketing information or creating visual material).

    Direct Communication and Visits

    When you contact us (e.g. by phone, email or chat) or we contact you, we process the necessary personal data. For conducting online meetings, we use «Google Meet».

    We process in particular:

    • Contact information (e.g. name, first name, address, phone number, email).
    • Communication metadata (e.g. IP address, duration, communication channel).
    • Recordings of conversations, e.g. video conferences.
    • Further information and metadata generated during the use of the video conferencing service.
    • Personal information (e.g. profession, function, title, employer).
    • Time and reason of visit.

    Legal grounds:

    • Fulfillment of a contractual obligation (service provision).
    • Safeguarding legitimate interests (e.g. security, traceability, handling and administration of client relationships).

    Job Applications

    You can submit your application by mail or via the email address provided on our website. Application documents are treated strictly confidentially and processed only for the purpose of evaluating your application. Without your contrary consent, your application dossier will be returned to you or deleted/destroyed after the application process is completed.

    We process in particular:

    • Contact information (e.g. name, first name, address, phone number, email).
    • Personal information (e.g. profession, function, title, employer).
    • Application documents (e.g. cover letter, references, diplomas, CV).
    • Assessment information (e.g. recruiter evaluation, reference checks, assessments).

    Legal grounds: Safeguarding legitimate interests and consent.

    Suppliers, Service Providers, Other Contractual Partners

    When we conclude a contract with you for you to provide a service to us, we process personal data from you or your employees.

    We process in particular:

    • Contact information (e.g. name, first name, address, phone number, email).
    • Personal information (e.g. profession, function, title, employer).
    • Financial information (e.g. bank account details).

    Legal grounds: Conclusion or execution of a contract and safeguarding legitimate interests.

    Tracking Technologies

    We use cookies on our website. These are small files that your browser automatically creates and stores on your device. Cookies are used to make our services more user-friendly. We use session cookies as well as temporary cookies for optimization. Most browsers accept cookies automatically. You can configure your browser to not store cookies. However, completely disabling cookies may prevent you from using all features of our website.

    Web and Newsletter Analytics

    To gain insights into the use of our website, to improve our internet offering and to reach you with advertising on third-party websites or social media, we use the following web analytics tools: Google Analytics, Wix Analytics. Data transmission normally takes place with IP address truncation.

    Google Analytics

    We use Google Analytics, the web analytics service of Google LLC. To deactivate Google Analytics, Google provides a browser plug-in at https://tools.google.com/dlpage/gaoptout. We note that Google Analytics has been extended with the code «gat._anonymizeIp();» on this website to ensure anonymized collection of IP addresses (so-called IP masking). For data transfers to the USA, Google has committed to signing and complying with the EU Standard Contractual Clauses.

    Google Maps

    We use Google Maps from Google Inc. on our website. When you access subpages that contain the map, information about your usage is transmitted to Google servers in the USA. If you are logged into Google, your data is directly associated with your account. For data transfers to the USA, Google has committed to complying with the EU Standard Contractual Clauses.

    Social Media Plugins

    Social media plugins from third-party providers are used on our website. We use the following plugins: Facebook, LinkedIn, YouTube. When you access our website, your browser establishes a direct connection to the third-party servers. If you are logged into the third-party provider, your data collected on our site is directly associated with your account. You can prevent the loading of plugins with specialized add-ons such as «Ghostery» or «NoScript».

    Newsletter Tracking

    We use Wix Email Marketing Tools to send our newsletters. To conduct analysis, the newsletter contains a pixel. With these technologies, we receive information on whether the newsletter arrived, was opened, and which content was clicked. Pixel tracking can be prevented by disabling HTML in your email program.

    Data Disclosure and Data Transfer

    We only disclose your data to third parties if this is necessary for the provision of our services, if these third parties provide a service for us, if we are legally obligated to do so, or if we have an overriding interest.

    Not all personal data is transmitted in encrypted form by default. Unless explicitly agreed otherwise, payroll administration data, payslips and certificates are transmitted unencrypted.

    The following categories of recipients may receive personal data from us:

    • Service providers (e.g. IT service providers, hosting providers, suppliers, consultants, lawyers, insurers).
    • Third parties within the framework of our legal or contractual obligations, authorities, government institutions, courts.

    Our service providers are mainly located in Switzerland or in the EU/EEA. Certain personal data may also be transferred to the USA or, in exceptional cases, to other countries. Where data transfer to countries without adequate data protection levels is required, it is based on EU Standard Contractual Clauses or other suitable instruments.

    Duration of Storage of Personal Data

    We process and store your personal data for as long as is necessary for the fulfillment of our contractual and legal obligations, i.e. for the duration of the entire business relationship and beyond according to legal retention and documentation obligations. Once your personal data is no longer required, it is generally deleted or anonymized. For operational data (e.g. system logs), shorter retention periods of twelve months or less generally apply.

    Data Security

    We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse, such as issuing directives, training, IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, pseudonymization and controls.

    Disclaimer

    The information provided serves exclusively for consulting purposes within the framework of HR consulting services. Any liability for the application or implementation of the advice given is expressly excluded. The client bears responsibility for their own decisions and actions. Legal or compliance decisions should be made in consultation with legal experts or competent authorities.

    Obligation to Provide Personal Data

    Within the scope of our business relationship, you must provide the personal data that is required for establishing and conducting a business relationship and fulfilling the associated contractual obligations. Without this data, we will not be able to conclude or process a contract with you.

    Your Rights

    In connection with our processing of personal data, you have the following rights:

    • Right to information about personal data stored about you, the purpose of processing, the origin and recipients.
    • Right to rectification if your data is incorrect or incomplete.
    • Right to restriction of the processing of your personal data.
    • Right to request the deletion of processed personal data.
    • Right to data portability.
    • Right to object to data processing or to revoke consent at any time.
    • Right to lodge a complaint with a competent supervisory authority, where legally provided.

    To exercise these rights, please contact the address given above. Please note that we reserve the right to assert the restrictions provided by law. If costs arise for you, we will inform you in advance.

    Changes to this Privacy Policy

    We reserve the right to amend this privacy policy at any time.

    Last updated: January 2026.

    💬