Privacy policy NZZ Connect

Version of June 2024

1. General

This privacy policy tells you how Neue Zürcher Zeitung AG, NZZ Connect branch (hereinafter collectively “we”) handles your personal data (hereinafter “your data”). We attach great importance to protecting the privacy rights of the users (hereinafter “user” or “you”) of our products, we comply with the applicable regulations under data protection law and take the necessary measures to protect your data.

Please note that this privacy policy does not contain an exhaustive description of our data processing activities and that individual matters may be covered in whole or in part by separate data protection notices (which may or may not be referred to in this privacy policy).

Please ensure that you are authorised to disclose any data about other persons that you disclose to us and that this data is correct. The persons in question should be made aware of this privacy policy.

Concerning the structure of this privacy policy: Sections 2-7 contain general information on the processing of personal data. Specific information on job applications can be found in Section 8 and on our online information in Section 9.

Therefore, we will inform you in which cases we collect data about you, which data from you that we process, for what purposes this data is used and to whom this data may potentially be sent. In addition, we will explain which rights you have with respect to us in relation to your data and how you can assert those rights.

Third-party websites that can be reached via our websites are not subject to the data protection regulations detailed here. We do not assume any responsibility or liability for third-party websites observing data protection.

“Personal data” is defined as all details and information that relate to an identified or identifiable individual. This includes contact details such as name, telephone number, address or email address and other details that you disclose to us, for example during registration, as part of an order or when participating in a competition or survey.

“Handling” or “processing” is any way of working with personal data, thus the collection, storage, management, use, transmission, disclosure or erasure of your data in particular.

Your data will be used only for the specific purposes that are disclosed to you in this privacy policy. We take the necessary measures to ensure your personal data is protected against loss, theft and misuse.

2. Types of personal data

We process, among other things, the personal data we receive or gather from or create for customers, prospects, website visitors, employees, job applicants, service providers, suppliers and other persons. We naturally also process data from persons who are the subject of our media coverage.

This includes but is not limited to the following types of personal data:

Contact and identification details (such as first and last name, postal address, telephone number, email address and user account information)
Contractual information (including details about services provided or received for the bathing, wellness, and fitness facilities, and compensation).
Communication and content data (including electronic or written correspondence, telephone and video conversations)
Marketing data
Meta-/usage data and other technical data (e.g. IP address, MAC address of the smartphone or computer, information about your device and settings, and cookies)

Besides the data you provide directly to us, the categories of personal data which we receive from third parties about you include information from our contractual partners for the use or provision of services (e.g. media coverage, payments made, and services rendered).

To the extent permitted, we also obtain certain data from publicly accessible sources (e.g. debt enforcement registers, commercial registers, media and the internet) or from authorities and other third parties. Besides the data you provide us directly, the categories of personal data we receive about you from third parties include information from public registers, information relating to your professional functions and activities and information about you in correspondence and meetings with third parties.

3. Purposes of data processing

We process your personal data for a number of purposes, including the following:

To provide and improve our offers, services and websites (see Section 9 below for detailed information) and other platforms where we are active
To order/book services, such as a subscription or products, via an online shop (for example)
To provide support for our customers
To communicate with you and third parties, to process enquiries or in connection with the provision of services.
To design our media content
To take part in competitions, lotteries and prize draws
For accounting and bookkeeping purposes: as part of providing services, personal data such as bank details, billing addresses, and payment information is collected and processed in order to invoice for the services provided.
For administration and accounting purposes
For advertising and marketing purposes, some of which is behaviour-based, as long as you have not objected to the use of your data (if we send you advertising as an existing customer, you can object to it free of charge at any time, in which case we will put you on a blocklist to prevent you receiving further advertising mailings).
To process job applications (for more details see Section 8 below)
For marketing and opinion research and media monitoring purposes
To enforce legal claims and mount a defence in legal disputes and administrative procedures.
To purchase and sell business units, companies or parts of companies and perform other corporate transactions and the transfer of personal data associated therewith, as well as measures for business management and, where necessary, for ensuring compliance with legal and regulatory obligations, as well as internal rules
Video surveillance for safeguarding property rights and other measures for IT, building and facility security and protecting our employees and other persons and our owned or entrusted assets (such as access controls, visitor logs, network and email scanners and telephone recordings)
To safeguard our operations, in particular IT, our websites and other platforms

In addition to the purposes already mentioned, we also process company identification numbers (UID) in connection with the collective enquiry by the Federal Statistical Office (FSO). In accordance with Article 20 of the Ordinance on the Business Identification System (UIDV), the FSO acts as an independent body that processes and provides the UID data. Your data is processed directly by the FSO as part of this specific enquiry, which decides independently on the use and publication of the data.

4. Legal basis for data processing

We always process your personal data in line with the applicable data protection regulations.

The contractual relationship serves as the legal basis for handling personal data when processing a contractual relationship. This is also applicable to processing operations that are required in order to carry out pre-contractual measures.

For data processing that is required in order to fulfil a legal obligation, the legal obligation in question serves as the legal basis.

For further processing, we base this on our predominant interest, for example to optimally adapt our offering to the needs of our customers and to continually improve and carry out marketing activities in order to offer products or services that are suitable for you as well as to display advertising that is relevant to you. This is an important basis with regard to financing and further developing our offer. The processing of personal data in the manner we have described is required to achieve these interests. However, we have taken measures to allow us to reduce the effects of data processing for our users. In particular, when we process personal data about children, we take specific precautionary measures (such as for example excluding them from advertising campaigns) to protect their interests. We have also weighed up our interests with our users’ interests and have concluded that our data processing does not excessively affect our users’ interests or fundamental rights and that our interests in this data processing accordingly prevail. If you disagree with this statement, you have the right to object to this data processing at any time, to the extent provided by law (see Sections 8 and 9).

In cases where we obtain consent for the data processing, this consent constitutes the legal basis.

5. Disclosing personal data to third parties

We do not disclose personal data to third parties, unless this is legally required, justified by a legitimate interest or ordered by a judicial decision, unless the disclosure to third parties has been consented to, or because third parties want and are allowed to use data for their own purposes within the legally permitted framework. This provision does not cover disclosure to third parties:

a) to legally protect users;

b) to meet legal requirements;

c) to defend and to protect our rights or other legitimate interests;

d) to comply with terms of service or data protection regulations;

e) to fix technical difficulties with the products;

f) to cooperate with service partners who require the transmission of data for the purposes of processing an order. The transmission of the data is restricted in this case to the minimum extent required for the performance of the intended purpose. Credit card data is disclosed to the appropriate credit card companies, in relation to the performance of a contract for fee-based products in particular.

g) to collaborate with service partners who support us with marketing work in particular, to analyse certain technical data and for the data processing and/or storage activities.

h) for their marketing purposes, if and only if those third parties support us financially as sponsors and we have contractually agreed with those third parties regarding the disclosure of their personal data.

We work with a limited number of trustworthy external service partners who have been carefully chosen by us and meet high data protection and security standards. Data is disclosed to service partners only in so far as this is required to provide the services offered.

In the case of a sale, merger or other restructuring of one or all assets of our company, personal data may be transmitted, transferred, sold or otherwise shared with third parties as part of that transaction or restructuring.

Your data may also be shared with certain companies of the NZZ group and be used by these companies for the purposes mentioned in this privacy policy.

6. Transmission abroad

If it is necessary or expedient for the data processing described in this privacy policy, we may also transmit your personal data to third parties abroad. Your data will be processed, whenever possible, in Switzerland or within the European Union or the European Economic Area. If data is liable to be transferred to a country where there is no adequate level of legal data protection (such as the USA), we require the recipient to take appropriate measures to protect that personal data, for example by joining the Trans-Atlantic Data Privacy Framework for data transfers to the USA or by entering into EU standard contractual clauses. For more information and a copy of the EU Standard Contractual Clauses, please visit https://www.edoeb.admin.ch/edoeb/en/home/data-protection/employment_economy/data-transfer-abroad.html. In certain cases, we may also transmit data in accordance with data protection regulations without such contracts, for example, if you have consented to that disclosure or if the disclosure is necessary for contract processing, for the determination, exercise or enforcement of legal claims, or for predominant public interests. Especially for website tracking, data may be transferred to countries without adequate data protection.

7. Retention period

We use and retain your data only for as long as it is necessary according to the processing purpose in question, there is another legal basis for this or we have an overriding legitimate interest in it. We will retain any data in our possession on the basis of a contractual relationship with you for at least as long as the contractual relationship exists and any limitation periods for possible claims that we may have are running or there are legal or contractual obligations to retain that data.

8. Job applications

When you apply for a position with us, we process the personal data we receive from you during the application process. Besides your personal details, education, work experience and skills, this includes the usual contact details such as your email address and telephone number. In addition, all documents submitted by you in connection with the application, including your CV and references, will be processed. This data will only be stored, evaluated, processed and forwarded internally as part of your application. The data may also be processed for statistical purposes (e.g. reporting). No conclusions about specific persons may be drawn as part of this processing. Your application data will be stored separately from other user data and not be merged with it. If we conclude an employment contract with you, the data transmitted will be stored for the purpose of processing your employment in compliance with the statutory provisions. If the application process concludes without offering you a position, your personal data will be stored for six months for documentation purposes and subsequently deleted, unless you have given your consent for us to use your details for future application processes with us.

9. Online services

We employ different types of technology, such as cookies, web beacons and similar tracking devices, to collect information about your interactions with our platforms. This information may include but is not limited to:

Your IP address
Browser type and version
Operating system
Referral and exit pages
Clickstream data
Time and date of visits
Viewed pages
Time spent on the pages

9.1 Non-anonymous users of our website

As part of the registration process, the request forms or the downloading of files, when registering for a newsletter and taking part in a competition or draw, we collect personal data from you, such as your first and last name, address, email address, and, if necessary, other data, such as telephone numbers or date of birth, and all data entered by the registered user voluntarily in their user profile.

We use this data to process the requests received, to facilitate and authenticate your access, and to inform and/or announce the winners of competitions and draws. As the basis for access to online products, data on individual usage behaviour will be collected and evaluated to improve our products. Your data will also be used for customer support, marketing purposes and tailoring that marketing to your needs (e.g. pop-ups).

Personal data is transmitted online between the browser of the users and our servers, encrypted via the HTTPS protocol. In order to enable the functionality of this encryption technology, the user is required to use current versions of the most popular browsers.

9.2 Anonymous users of our websites

When visiting our websites, we and third parties collect, store and use data from registered as well as from non-registered users, which is collected using “cookies” and similar methods. These are text files stored on the user’s system that allow the use of the products to be analysed. This technology allows individual users to be identified as (returning) visitors and to provide them with personalised services and products. In general, cookies are used to improve our services and make them more effective and secure. These cookies may, for instance, also be required to use the shopping basket or payment functions. Users of our websites may disable or restrict the storage of cookies using their browser settings or by using software and may also delete stored cookies. The process for managing and deleting cookies will depend on the browser used. You can find information on this in the help sections of your browser and on websites such as www.allaboutcookies.org and www.youronlinechoices.eu. However, this may restrict the functionality of the products and make it difficult to optimise the online services for the users. The use of our digital offer is also measured and evaluated by means of different technical systems, primarily by third-party providers. These measurements may be carried out both anonymously and on a personal basis. Using the following link, you can find the most important analysis services used by us and further information on them.

The aforementioned types of technology are primarily collected to analyse users’ surfing behaviour and to measure reach. Measuring reach makes it possible to determine how many individuals can be reached using the advertising of an advertiser. The information collected with such technologies can also be used for marketing purposes, improving the products and the websites, evaluating usage behaviour, delivering target-oriented advertising formats and designing the latter in a customised way (e.g. by means of pop-ups).

9.3. Plug-ins and other integrations of third-party offers

Our digital offers are linked in various ways with third-party functions and systems, for instance by integrating third-party social network plug-ins, such as in particular Facebook, LinkedIn, Google, or Twitter or when you visit our profile on third-party websites (e.g. Facebook fan pages). When you have a user account with these third parties, it is also possible in certain circumstances for these third parties to measure and evaluate your usage of our digital offer. In doing so, other personal data, such as your IP address, personal browser settings and other parameters, will be transmitted to these third parties and stored there. You can find out which information these third parties will receive and how it will be used in the privacy policies of the respective third-party networks. You can find further information in those policies on your rights and setting options in this regard to protect your privacy and your right to object to the creation of user profiles.

10. Your rights

10.1 Right to access and to rectify

You have the right within the given legal framework to obtain information from us at any time and free of charge about whether we process any personal data about you and the nature of that data. In addition, you can request that we rectify or complete any inaccurate data about you in our systems.

10.2 Right to delete and restrict

You have the right to request that we delete or restrict the processing of your personal data.

Please note that even after you request the erasure of your personal data, we may still need to retain it due to legal or contractual retention obligations (such as for billing purposes), and we may be allowed to retain it based on our own legitimate interests in retaining it. In such cases, we will only restrict or block your data so far as necessary. Furthermore, erasure of your data may result in you no longer being able to continue to receive or use the services for which you are registered.

10.3 Right to object

You have the right to object to the processing of your personal data and you may assert this right against us (see Section 9.2 for details).

10.4 Right to data portability

If applicable, you can also assert your right to data portability.

10.5 Revocation of consent

You can revoke your consent to data processing at any time, and this will typically take effect for the future. If you revoke your consent, we may in certain circumstances no longer grant you the personalised use of free and/or fee-based products.

10.6 Right to complain

If applicable, you have the right to raise a complaint in relation to data processing with the responsible supervisory authority.

10.7 General information

Please be aware that we reserve the right to apply the legally prescribed limitations, for instance, if we are obligated to retain or process certain data, have a predominant interest in doing so (to the extent that we are allowed to rely on it) or require it for the purpose of enforcing claims.

Please note that exercising these rights may conflict with contractual agreements and may have consequences such as the early termination of the contract or financial implications. We will inform you in advance if this is not already contractually agreed.

As a rule, in order to exercise your data protection rights, you need to provide clear evidence of your identity. To exercise your rights, please contact us by email using the contact option provided in Section 12.

11. Objection

You have the right to object at any time to the processing of your personal data according to the legal requirements.

11.1 Anonymous users

If you no longer want to be retargeted when you visit our websites as a user who is not registered or logged in, i.e. an anonymous user, we are unfortunately unable to perform this setting since we cannot establish the relationship between an anonymous user of our websites and an individual registered with us. However, you can reject such retargeting yourself by disabling the storage of cookies in your browser settings and generally preventing the storage of cookies required for retargeting.

If you do not want us to carry out any processing of your personal data mentioned in Section 9.2, please request this in accordance with the instructions in the description of the respective data processing in Section 9.2.

11.2 Registered/logged-in users

If you no longer want to receive targeted advertising when visiting our websites as a registered and logged-in user, you can send an email to connect@nzz.ch with the note “No targeted advertising as a logged-in user”. If you also do not want to receive retargeting when visiting our websites, when you are not logged in, then please proceed as described in Section 11 (a).

11.3 Marketing measures

If you do not want your personal data to be used for any marketing measures, you can send an email to connect@nzz.ch with the note “No marketing measures”.

11.4 Disclosure in the group

If you do not want your personal data being disclosed within the NZZ group, you can send an email to connect@nzz.ch with the note “No disclosure in the group” or “No disclosure to [insert specific company of the NZZ group]”.

11.5 Newsletter

You can unsubscribe from a newsletter at any time via your user account or via the unsubscribe link in the newsletter itself.

12. Contact

For any queries or suggestions about the data protection provided by us and the NZZ group, for information about your rights according to Section 8 and 9 or to assert those rights, please contact our data protection officer for the NZZ group at the address below:

Neue Zürcher Zeitung AG

NZZ Connect branch

Data Protection Officer

Viktoriastrasse 72

3013 Bern

Email: connect@nzz.ch

13. Changes

We expressly reserve the right to change this privacy policy at any time. If any such changes are made, we will publish them on our website without delay. It is your responsibility to familiarise yourself with the currently applicable version of the privacy policy on our website. We therefore recommend that you check this privacy policy regularly.