Privacy Policy

Page Title: 
Privacy Policy

This Privacy Notice (“Notice”) describes how Protiviti Switzerland GmbH (we, us, our or Protiviti) may use, process, store and disclose Personal Information that we may collect about individuals, including if you register with us through this website. The types of data we collect are described in the section below ‘Your Personal Information and how we collect it’

We act as a controller and we are responsible for the Personal Information we process. This Notice informs you how we protect your Personal Information and informs you about your privacy rights.

It is important that you read this Notice together with any other Privacy Notice we may provide and on specific occasions when we are collecting or processing your Personal Information so that you are fully aware of how and why we are using your Personal Information. This Privacy Notice supplements other Notices you may receive from us and is not intended to override them.

This website is not intended for children and we do not knowingly collect data relating to children.

You can download a pdf version of the Privacy Notice here: Download

Contact Details:

If you have any questions about how we use your Personal Information, contact us at: [email protected].

Your Personal Information and how we collect it

Use of or registering with this Website

When you use or register with this website, ask for a proposal or make a query through the ‘Contact Us’ button, we may ask for certain Personal Information including your name and contact information (email, home address and phone number). Depending on the nature of your enquiry or activities on our website, we may also ask for and/or collect:

  • information about your professional interests through white papers or newsletters you collect, as well as professional interests that you describe to us;
  • other background information together with any login ID and password created by you;
  • information you provide including in emails, letters or during telephone calls
  • technical data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website. We may also receive technical data about you if you visit other websites employing our cookies. Please see our Cookie Policy for further details;
  • profile data including your username and password, your interests, preferences, feedback and customer survey responses;
  • usage data including information about how you use our website and services;
  • marketing and communications data including your marketing and communication preferences.

Our Clients and Suppliers

If you are a Client or supplier of goods and services we will collect and process information about individuals in your organisation to enable us to communicate with them and to provide our services or receive goods and services. We may also find the details of corporate contacts published on other websites and social media. We may enter the individual’s name and business email address in to our database as a designated corporate point of contact for that client or supplier together with the individual’s other business contact data. Usually the only Personal Information we process is the individual’s name for the purposes of contacting that client or supplier in relation to our services or as a recipient of the client or suppliers goods and services. The source of a corporate point of contact may be the individual themselves, or their name and business details may be provided to us by a member of their HR or Procurement department or another manager within the organisation. We may send business to business email marketing to corporate points of contact. An individual corporate point of contact can ask us at any time to stop sending business marketing emails to their business email address by contacting: [email protected]

How we use your Personal Information

We use, process, store and disclose your Personal Information and other data we collect for the following purposes (a) providing you with the requested information or proposal; (b) business planning, reporting and forecasting; (c) safety and security issues; (d) responding to your enquiries and complaints; and (e) to fulfil legal and statutory obligations.

We will also process your Personal Information for other legitimate business purposes such as producing statistics, analysing how successful our marketing campaigns are, the number of visitors to our website and complying with other contractual, legal and regulatory obligations and duties.

Currently we do not use automated decision making technologies to make final or conclusive decisions about you and a member of our staff will always be involved in the provision of work finding services.

If you are a contact with a Client or a supplier of goods and services we will process information about you to enable us to communicate with you and to provide our services or receive goods and services.

Change of Purpose

We will only use your Personal Information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your Personal Information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

We may process your Personal Information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Transferring your Personal Information outside of the EEA

Protiviti is part of an international group of companies operating globally. We may share some of your Personal Information with our group companies, including our parent company Protiviti Inc and our ultimate parent company Robert Half International Inc., based in the United States, and other group companies within or outside Switzerland and European Economic Area (EEA), who may use and process your Personal Information for similar purposes as described in this Privacy Notice. The data protection laws outside the EEA may not provide an equivalent level of protection to that in Switzerland and in these circumstances we will take steps to ensure that your Personal Information is adequately protected, secure, kept confidential and that we have a lawful basis for the transfer. This means we may require the 3rd party recipient to sign the Swiss transborder flow agreement approved by the Swiss government as providing personal data with the same protection that your Personal Information has when it is processed within Switzerland.

When we transfer your Personal Information to 3rd parties based in the US, we will check if they are a member of the Swi/US Privacy Shield (as Membership requires the business to provide similar protection to personal data shared between Switzerland and the US). If they are not Privacy Shield certified, we will ensure these recipients will only process your Personal Information on our instructions and they will be subject to a duty of confidentiality and required to sign a transfer agreement, legally allowing the transfer.

You can contact us if you require further information on the mechanism we use when transferring your Personal Information out of the EEA.

Disclosing your Personal Information to 3rd Parties

To the extent necessary or appropriate, Protiviti may disclose your Personal Information to external 3rd Parties (who are not members of the Robert Half group of companies) in the following circumstances:

  • to companies and individuals we employ to perform business functions and services on our behalf. Examples of service providers include: data storage facilities including in the US and the Cloud; hosting our Web servers; analysing data and producing statistics and legal, accounting, audit and other professional services.
  • to government agencies including, but not limited to: Police and other law enforcement agencies; regulatory and supervisory authorities; and 3rd parties performing sanctions and terrorism checks.
  • to comply with applicable laws, the service of legal process, or if we reasonably believe that such action is necessary to: (a) comply with the law requiring such disclosure; (b) protect the rights or property of Protiviti or its group companies; (c) prevent a crime, protect national security or for fraud detection or prevention; or (d) protect the personal safety of individuals using our website or members of the public.
  • to 3rd parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, we will let you know.
  • to IT consultants carrying out testing and development work on our IT systems, service providers who we may appoint as data processors and to other service providers who may be based outside the EEA.

Where applicable, we will impose appropriate contractual, security, confidentiality and other obligations on to 3rd party service providers and processors we have appointed, based on the nature of the services they provide to us. We will only permit them to process your Personal Information in accordance with the law and our instructions. We do not allow them to use your Personal information for their own purposes and when our relationship ends we will ensure your Personal Information is securely returned or destroyed.

Some of these 3rd parties are also controllers responsible for processing your Personal Information for their purposes. We may not be able to impose obligations or restrictions on these controllers in connection with how they process your Personal Information.

Keeping your Personal Information Secure

We have put in place appropriate security measures to prevent your Personal Information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Information to those employees, agents, contractors and other third parties who have a business need to do so.

We have put in place procedures to deal with any suspected Personal Information breaches and we will notify you and the applicable supervisory authority of a breach where we are legally required to do so.

How long we retain your Personal Information

Protiviti will retain your Personal Information for as long as necessary to fulfil the purposes that we collected it for.

We are required by law to keep basic information about our Clients and customers (including contracts, evidence of identity, financial and transaction data) for up to 10 years from when our relationship ends, for legal, compliance and tax purposes.

Where there is no retention period stated in law, we determine the appropriate retention period for Personal Information by considering the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorised use or disclosure of the data, the purposes for which we process it and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymise your Personal Information (so that it can no longer be associated with you and we cannot identify you). We do this for research or statistical purposes in which case we may use this anonymised data indefinitely without further notice to you.

Details of the retention periods for different aspects of your Personal Information are set out in our Record Retention and Destruction Policy which you can request from us by contacting us at: [email protected]

Your Legal Rights

You have the right to:

Make a Data Subject Access Request to access your Personal Information at any time. This enables you to receive a copy of the Personal Information we hold about you and to check that we are lawfully processing it.

Request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate Personal Information we hold about you corrected, although we may need to verify the accuracy of the new data you provide to us.

Request erasure / deletion / removal of your Personal Information. This enables you to ask us to delete or remove your Personal Information where we do not have a valid reason to continue to process it. You also have the right to ask us to delete or remove your Personal Information where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your Personal Information to comply with local law. Please Note: we may not always be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your Personal Information where we are relying on a legitimate interest (or those of a 3rd party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of your Personal Information in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to process it.

Data Portability / Request the transfer of your Personal Information to you or directly to another controller. This right only applies to automated information which you initially provided consent for us to use or where we used the Personal Information to perform a contract with you. We will (unless there is an exemption) assist you by securely transferring your Personal Information directly to another controller where technically feasible or by providing you with a copy in a structured commonly used machine readable format.

Withdraw consent at any time where we are relying on your consent to process your Personal Information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.

We want to ensure we keep your Personal Information accurate and up to date. In addition to your legal rights, you may ask us to make changes or request a copy of your Personal Information informally, by contacting : [email protected]

Additional information, Response Times and Fees

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Information (or to exercise any of your other rights or when you make an informal request). This is a security measure to ensure that Personal Information is not disclosed to any person other than the individual who has the right to receive it. We may also contact you to ask you for further information in relation to your request to help us locate your data and to speed up our response.

We try to respond to all legitimate requests within one month. It may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You will not have to pay a fee to exercise any of these rights. However, we may charge a reasonable fee if your request is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

The Legal Basis for processing your Personal Information

We have set out a short description of main ways we will collect, store, process, share and disclose your Personal Information and the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.

We will only use your Personal information when the law allows us to. Most commonly, we will use your Personal information in the following circumstances:

  • To fulfil a contract we are about to enter into or have entered into with you;
  • Where it is in our legitimate interests;
  • When it is our legal or regulatory duty;
  • When you consent.

A legitimate interest is when we have a business or commercial reason to use your information in conducting and managing our business. We will consider and balance any potential impact on you and your legal rights when we process your Personal Information for our legitimate interests. We do not use your Personal Information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required for compliance with a legal or regulatory obligation or permitted to by law).

Type of Personal Information
Lawful basis for processing Personal Information
Transferring your Personal Information to our group companies and to our other group companies outside the EEA.
  1. Identity
  2. Contact details
Legitimate interests
Your consent
Disclosing your Personal Information to government and law enforcement agencies and our appointed 3rd party vendors providing goods and services. including vendors located in the US, Australia and providing Cloud based services
  1. Identity
  2. Contact details
Legitimate interests
Legal or regulatory duty
To manage our relationship with you including:
  1. Notifying you about changes to our Privacy Notices
  2. Asking you to leave a review or feedback or complete a survey
  3. administration and IT services
  1. Identity
  2. Contact
  3. Profile/Survey
  4. Marketing and Communications
Fulfil a contract
Legal or regulatory duty
Legitimate interests (keeping our records updated and to study how visitors to our website use our services and website, to develop and improve them and to grow our business)
Keeping your Personal Information secure to prevent it from being lost, used, accessed, disclosed or altered in an authorised way
  1. Identity
  2. Contact details
Fulfil a contract
Legal or regulatory duty
To investigate issues, disputes and complaints between us, and between us, you and our clients and to seek to resolve them
  1. Identity
  2. Contact
  3. Profile
  4. Usage data
  5. Marketing and Communications
Legitimate interests
Fulfil a contacts
To administer and protect our business and our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
  1. Identity
  2. Contact
  3. Technical data
Legitimate interests
Legal or regulatory duty
For Marketing and communications, make suggestions and recommendations to you about other relevant services that may be of interest to you (e.g. trends and insights on audit, risk and compliance and Technology topics)
  1. Identity
  2. Contact
  3. Technical data
  4. Usage data
  5. Profile data
Legitimate interests (send you salary guides and other relevant information)
your consent
To deliver relevant website content and measure or understand the effectiveness of our advertising
  1. Identity
  2. Contact
  3. Profile data
  4. Usage data
  5. Marketing and Communications
  6. Technical data
Legitimate interests (to study how customers use our products/services/website, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
  1. Technical data
  2. Usage data
  3. Profile data
Legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To help us respond to queries, complaints or for other reasons such as responding to requests from regulators, government and law enforcement agencies such as the Police
  1. Contact
Legitimate interests
Legal or regulatory duty

Marketing Messages

Generally we do not rely on consent as a legal basis for processing Personal Information except in relation to sending direct marketing communications via email or text message.

We may use your Personal Information to send you automated email messages or marketing materials regarding our services. From time to time we may contact you for market research and quality surveys. You may receive marketing communications from us if you provided us with your details when you entered a competition or registered with us at a fair, promotional or networking event or attended a training course and you have given us consent to send you marketing. We may also use your identity, contact details, technical data, usage data and profile data to form a view and decide which services may of interest or relevant for you.

You have the right to withdraw your consent to marketing at any time by:

  • following the opt out links contained in our marketing email messages;
  • following the opt out process described in our text marketing messages;
  • Sending an email with “UNSUBSCRIBE ME” in the subject field to: [email protected]

Opting out of receiving marketing messages does not apply to:

  • Personal Information that you have provided to us in connection with the performance of a contract between us;

We will never sell or disclose your Personal Information to any 3rd parties to use for marketing.


You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookies Policy.

Links to other websites

Our website may include links to 3rd party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these 3rd party websites and are not responsible for their privacy statements.

Feedback and Complaints

You have the right to make a complaint at any time to the Swiss supervisory authority for data protection issues, the Federal Data Protection and Information Commissioner (FDIPC) ( We would ask you to provide us with the opportunity to discuss your concerns with you before you contact the FDIPC so please contact: Data Protection Office, Robert Half / Protiviti, Stationsstraat 34 b1, 1702 Groot Bijgaarden, Belgium or email [email protected]

Changes to this Privacy Notice

If we change this Privacy Notice we will post any updates here for your review. If we change material terms we will provide notice of the revised Privacy Notice for 30 days on our home page at

This Privacy Notice was last updated: February 26th, 2020.