For the purposes of the present policy
- “Studio Fiam” means the management and employees of Studio Fiam, all subject to contractual rules of professional secrecy
- “Data” means personal data
- “You” means the Client, the Data Controller and/or the Data Subject
Data Controller and Data Processor
Studio Fiam SA
via C. Frasca 3, 6901 Lugano, Switzerland
0041 91 695 10 70 – firstname.lastname@example.org
Studio Fiam may delegate part of the data processing to external Data Processor, specifically in computing and specialized fields. Likewise, Studio Fiam may act as external Data Processor for external Data Controller on a contract basis.
Core Business of Studio Fiam
- Business management consulting and services
- Accounting, administration and HR services in outsourcing
- Advice and tax returns for individuals and corporations
- Auditing of Swiss entities (limited examination)
How do we collect data
We process data we collect directly from you or from persons authorized by you. In order to comply with regulatory and legal obligations we may collect data from freely accessible public sources (press, internet, others) or from authorized and entitled third parties.
When delivering services in outsourcing, we process data we receive directly from the Data Controller and/or from the Data Subject.
What data we process
We process the following main data categories:
- Personal details and identification data (name, address, date of birth, family details, contact numbers, copy of national identity card or passport, national insurance number, etc.)
- tax domicile and other tax-related documents and information
- professional information, such as your job title and work experience;
- information freely accessible from public sources (press, internet, others)
- financial information
Depending on the contract of mandate, we may process data for payroll services (salary, working and absence hours, all information needed for social security and pension fund, details in case of accident or illness for assurance purposes, information required for application of working permit, etc.) and for tax services for individuals (financial and fiscal information). We collect this data directly from the Data Controller or the Data Subject; if required, we submit data to the competent authorities and we retain a copy of it safely.
Legal framework, purpose of data processing and consent
Purpose of data processing and consent
We do not process data for statistical or marketing purposes; we do not monitoring data on-line and we do not do data profiling or automated decision-making; our website uses only technical cookies essential for the correct functioning of the website. We process data in order to:
- comply with contractual obligations and safeguard the interests of the client
- manage the mandate given to us
- fulfil the obligations envisaged in the accounting, fiscal, and labour law fields
- comply and fulfil our professional legal obligations
The consent to data processing is implicit in the mandate given to us and formally granted with the signature of the same.
The sending of newsletters and other general information by email or in paper form is subject to explicit consent: if you are already our client, we consider the consent implicitly granted except if explicitly denied; the absence of consent has no influence on our business relationship.
How do we process and retain data
We process data in electronic and paper form in an accurate, adequate and transparent manner; we process them by means of technical and organizational measures adequate to ensure data privacy and security. We take all reasonable steps in order to prevent unauthorized access, illegal use and dissemination of data.
We retain and securely store the data as long as necessary for the purpose of the data processing and as required by law, which is in principle 10 years after termination of the mandate given to us or according to other specific legislation and/or custom.
Use of electronic mail and website
Use of electronic mail
With the common use of the email, you accept all risks connected to this method of data transmission; adequate and reasonable measures can prevent, reduce but not completely eliminate these risks.
We may use nominal email addresses: please note that these are still company email addresses and can be therefore accessed by other employees of the company.
Our website uses only technical cookies essential for the correct functioning of the website; we do not monitoring data on-line and we do not do data profiling or automated decision-making.
Communication of data
For technical reasons, our external IT Manager has access to our database. Our Information System fulfils reasonably the requirements in terms of data privacy and security.
We may communicate the data to
- other companies and professionals working on the same mandate given to us
- other recipients with your consent
- banks, for the purpose of banking relationships in place
- public bodies, administrative offices, financial institutions, supervisory bodies, legal and tax authorities and others, based on obligations imposed by law or by the issuing authority
Transfer of data to third countries or international organizations
The transfer of data to third countries or international organizations shall take place only if
- necessary to provide the services required by the mandate given to us
- prescribed by law
- based on your consent
Obligation to provide data
You have an obligation to provide the data necessary to accept and execute the mandate given to us, in order to comply with all contractual and legal requirements; otherwise, the business relationship shall be terminated.
Data Protection rights
You have the right to know what data we process and the right to access them; you have the right to request us to correct, complete and update your data. Within the limits set by law, you have the right to request us to erase your data or to limit, partially or totally, the processing of the data except in case of legitimate reasons for continuing processing them. You may withdraw the consent for situations for which the consent is not implicit in the mandate given to us.
You have the right to receive copy of your data provided to us, in a structured, commonly used and machine-readable format.
Where applicable, you have the right to file a claim before the appropriate Authority.
We will readily provide notification of any material changes to this policy.
Lugano, Switzerland, January 2020
STUDIO FIAM SA