Data privacy

Data privacy statement

About us

This Privacy Policy explains how we process and protect your personal information when you use this website or our services offered through www.leaseteq.com (collectively “Website”).

The Website is operated by LeaseTeq AG, Talstrasse 37, 8808 Pfäffikon SZ, Switzerland (“LeaseTeq”, “we”, “our” or “us”). LeaseTeq is the data controller for the data processing described below.

Unless otherwise defined in this Privacy Policy or our Terms and Conditions, the definitions used in this Privacy Policy shall have the same meaning as in the Swiss Federal Data Protection Act (“DSG”) or the EU General Data Protection Regulation (“GDPR”).

1. Personal information we collect

When you use our website or services, we may collect or receive personal information for a number of purposes related to our business operations. These may include the following:

• Inquiry data (e.g. details of your inquiry and communication about it);
• Master and contact data (e.g. name, address, date of birth, e-mail addresses, telephone numbers);
• Contract data (e.g. selected vehicle, term, account number, invoices);
• Lessee information (e.g. nationality, credit rating, proof of identity, residential situation, employer and employment relationship, number and age of children, e-signature);
• Financial situation data (e.g., income and expenses, housing and maintenance costs, existing credit or leasing contracts); and
• Website visitor data (e.g. IP addresses, log files).

2. How we collect personal information

We collect information about our users when they use our website or services, including certain actions on the website.

Direct

• when you or your organization offer or provide services to us;
• when you or your organization use our services;
• when you correspond with us electronically; and
• when you or your organization browse our website, fill out a form, make an inquiry, or otherwise interact with us.

Indirect

• from public sources: from public registers (such as commercial registers), news articles and Internet searches; and
• from third parties, such as third-party cookies, credit rating service providers.

3. Legal basis and purposes of data processing

Our legal basis for collecting and using the personal information described in this Privacy Policy depends on the personal information we collect and the specific purposes for which we collect it.

Contract: To perform our contractual obligations or take action in connection with a contract with you. In particular:

• To provide our services to you.

Consent: We may rely on the consent you voluntarily give us at the time you provide us with your personal information. In particular:

• To provide users with news, special offers, offers from our partners, newsletters and general information about the goods and services we offer.

Legitimate Interests: We may rely on legitimate interests based on our assessment that the processing is fair and reasonable and does not override your interests or fundamental rights and freedoms. In particular:

• To maintain and improve our site and services;
• To develop new services;
• To provide and maintain our collaboration services; and
• To prevent the risk of non-payment and fraud and to verify identity.

Need to comply with legal obligations: To comply with legal and public interest obligations. In particular:

• To comply with applicable laws and regulations; and
• For the legal enforcement of claims and rights.

3.1. Newsletter

We may send newsletters and other communications via e-mail and other communication channels. We may have newsletters and other communications sent by or with the assistance of third parties.

As a general rule, you must expressly consent to the use of your e-mail address and other contact addresses, unless the use is permitted for other legal reasons. In the case of e-mails, we use “double opt-in” for consent, i.e. you receive an e-mail with a web link that you must click to confirm your consent, to prevent misuse by unauthorized third parties. We may log such consents, including the Internet Protocol (IP) address, date and time.

Newsletters and other communications may contain web links or tracking pixels that record whether an individual newsletter or communication was opened and which web links were clicked (performance measurement). Such web beacons and tracking pixels record the use of newsletters and other communications. We need this statistical tracking of usage, including performance and reach measurement, in order to provide newsletters and other communications that are effective and user-friendly, as well as persistent, secure and reliable based on the reading habits of recipients.

You may unsubscribe from newsletters and other communications at any time, including, without limitation, the collection of usage data described above. You may do so by contacting us directly or by following the link in the footer of any newsletter we send you.

4. Storage periods

We retain personal information for as long as is necessary to fulfill the purposes for which it was collected or to comply with legal and regulatory requirements or contractual agreements.

5. External service providers

LeaseTeq may use third party companies (“Service Providers“) to facilitate the operation of our website, to assist in analyzing the use of the website, or to provide services related to the website and our offerings to you, such as payment processing and the provision of IT infrastructure services. These third parties only have access to your personal information to the extent necessary to perform these functions on our behalf.

Categories of Service Providers who may have access to your personal information:

• Tax consultants and insurances;
• Banks and payment processors;
• Professional advisors we use, such as auditors, accountants and lawyers;
• Other affiliates within our corporate network;
• Business and collaboration partners;
• Third-party providers who help us analyze customer insights, such as marketing service providers or Google Analytics;
• IT and software Service Providers;
• Video identification and e-signature Service Providers; and
• Government or regulatory agencies.

6. Transferring Information to Third Countries

We and/or service providers may transfer and process your personal information to the following locations:

• EU/EEA
• USA

We may use Service Providers, some of which are located in or process personal data in so-called third countries (outside the European Union or the European Economic Area or Switzerland), i.e. in countries where the level of data protection does not correspond to that in the EU or Switzerland.

We protect your personal data in accordance with our contractual obligations and applicable data protection laws when we transfer data abroad.

Such protective measures may include:

• Transfers to countries that provide an adequate level of protection according to the country lists published by the Federal Data Protection and Information Commissioner, as well as countries for which the European Commission has issued an adequacy decision.
• Use of standard contractual clauses, binding corporate rules or other standard contractual obligations that ensure adequate data protection.

If a transfer to a third country takes place without an adequacy decision or appropriate safeguards, it is possible that authorities in the third country (e.g. intelligence services) will have access to the transferred data and that the enforceability of data subjects’ rights cannot be guaranteed.

7. Data transfer

We may disclose your personal information if we believe in good faith that such action is necessary:

• To comply with any legal obligation (i.e., if required to do so by law or in response to a lawful request by an authority such as a court or governmental agency);
• Protect the security of the Site and defend our rights or property;
• Prevent or investigate possible wrongdoing involving us; and
• To defend against legal liability.

8. Data Security

We use appropriate technical and organizational security measures to protect your stored data from manipulation, loss or unauthorized access by third parties. Our security measures are continually updated to reflect technological developments.

We also take internal data protection very seriously. Our employees and Service Providers are required to maintain confidentiality and comply with applicable privacy laws. In addition, they have access to personal information only to the extent necessary to perform their duties.

The security of your personal information is important to us, but please be aware that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information using commercially reasonable means, we cannot guarantee absolute security. We recommend that you use anti-virus software, a firewall, and other similar software to protect your system.

9. Your rights

You have the following privacy rights. To exercise these rights, you may contact us at the above address or send an email to: dataprivacy@leaseteq.com. Please note that we may ask you to verify your identity before responding to such requests.

• Right of access: You have the right to request a copy of your personal data, which we will provide to you in electronic form.
• Right to correction: You have the right to ask us to correct our records if you believe they contain inaccurate or incomplete information about you.
• Right to withdraw consent: If you have consented to the processing of your personal data, you have the right to withdraw your consent with effect for the future. This also applies if you wish to unsubscribe from marketing communications. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose(s) for which you originally consented, unless there is another legal basis for the processing. To stop receiving emails from us, please click on the “unsubscribe” link in the email you receive or contact us at dataprivacy@leaseteq.com.
• Right to erasure: You have the right to request that we erase your personal data if it is no longer necessary for the purposes for which it was collected or if it has been processed unlawfully.
• Right to restrict processing: You have the right to request restriction of the processing of your personal data if you believe that the data is inaccurate, the processing is unlawful, or we no longer need to process the data for the original purpose, but we cannot delete it due to a legal obligation or because you do not want us to do so.
• Right to data portability: You have the right to request that we transfer your personal data in a standard format, such as Excel, to another controller, if it is data that you have provided to us and that we are processing on the legal basis of your consent or to fulfill our contractual obligations.
• Right to object to processing: If the legal basis for processing your personal data is our legitimate interest, you have the right to object to such processing on grounds relating to your situation. We will comply with your request unless we have a compelling legal basis for the processing that overrides your interests, or we need to further process the personal data for the exercise or defense of legal claims.
• Right to complain to a supervisory authority: You have the right to complain to a data protection authority if you believe that the processing of your personal data is in breach of data protection law. You have the right to contact the relevant supervisory authority. In Switzerland, to the Federal Data Protection and Information Commissioner, Feldeggweg 1, CH – 3003 Bern, info@edoeb.admin.ch. In the EU and EEA, you can assert this right, for example, with a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement. You can find a list of the competent authorities here: https://edpb.europa.eu/about-edpb/about-edpb/members_de.

10. Links to third-party apps and websites

Our website may contain links to websites or applications that are not operated by us. If you click on a third-party link, you will be directed to that third-party website or application. We have no control over, and are not responsible for, the content, privacy policies, or practices of any third-party websites or services.

We maintain online presences on social networking sites to, among other things, communicate with customers and prospects and provide information about our products and services. If you have an account on the same network, it is possible that your information and media provided there may be viewed by us when we access your profile, for example. In addition, the social network may allow us to contact you. The content communication via the social network and the processing of the content data are subject to the responsibility of the social network. As soon as we transfer personal data to our own systems, we are independently responsible for it. This is done to carry out pre-contractual measures and to fulfill a contract. For the legal basis of the data processing carried out by the social networks under their own responsibility, please refer to their privacy policies. Below is a list of the social networks on which we have an online presence:

• Instagram: Data privacy
• LinkedIn: Data privacy
• TikTok: Data privacy

11. Changes to this privacy policy

We may update our Privacy Policy from time to time. Therefore, we encourage you to periodically review this Privacy Policy for changes.

Changes to this Privacy Policy are effective when posted on this page.

12. Contact us

If you have any questions about this Privacy Policy, please contact us at dataprivacy@leaseteq.com.