PRIVACY POLICY

  1. Scope
    This data protection declaration applies to users of lean-sharp.ch and other websites and
    applications operated by Lean & Sharp GmbH (Lean & Sharp), as well as to customers of our services,
    unless separate data protection declarations are displayed for them. The scope is independent of
    how users access the websites and applications or obtain services.
    Lean & Sharp stores and processes personal data in accordance with the Swiss Data Protection Act
    (DSG) and the European General Data Protection Regulation (GDPR).
  2. Responsibility and data protection officer
    Lean & Sharp GmbH, Niederdorfstrasse 43, 8001 Zurich is responsible for data processing.
    If you have any questions, you can reach us at marketing@lean-sharp.ch.
  3. Data collected and stored via the website
    When you visit our website, the following data is automatically and temporarily stored: e.g. IP
    address, date and time of the call, name and URL of the file called up, if necessary the referrer URL.
    We use this data to optimize the user experience on the website. Where applicable, Art. 6 Para. 1 S. 1
    lit. f GDPR is the legal basis.
  4. Personal data that we save and process
    We save and process the personal data provided by users. If necessary for the provision of our
    service, we also obtain data from publicly accessible sources or from third parties.
    We can save and edit the following data:
    • Data on a person (e.g. name, telephone number, e-mail, birthday, financial situation)
    • Data on user activities (e.g. contract data, communication with Lean & Sharp, authentication)
    We have to store and process this information for the provision of our customers with our services or
    for conclusion of a contract, for protection of our legitimate interests or those of third parties, based
    on your consent or legal obligations, and for marketing. Where applicable, Art. 13 Para. 1 DSG and
    Art. 6 Para. 1 S. 1 lit. b GDPR and Art. 6 Para. 1 S. 1 lit. a GDPR is the legal basis.
    Personal data are stored and processed for as long as we are obliged to do so in accordance with
    legal or contractual provisions, unless we need the data to assert our rights.
  5. Who has access to your data
    The protection of customer data is important to us. Our employees only have access to customer data
    where necessary.

We also share customer data with third parties only where necessary, and where possible, this is
done anonymously. Customer data can be passed on to the following parties: custodian bank and
pension fund, hosting partner, sales partner, broker, product partner, search engine operator,
partner for clarification of your information and to avoid money laundering, analysis tools, service
providers in the field of communication, logisticians, and government agencies, where this data
sharing is the law prescription. These service providers are also subject to data protection laws.
Where applicable, Art. 13 Para. 1 DSG and Art. 6 Para. 1 S. 1 lit. b GDPR and Art. 6 Para. 1 S. 1 lit. a
GDPR is the legal basis.
Wherever possible, customer data is only passed on to partners in Switzerland.

  1. Data security
    The login area provides the most secure and encrypted data transmission possible. It is ensured that
    data is protected against unauthorized access and loss.
    If users send us information in other ways, there is a risk that the information will be lost, damaged,
    or manipulated. The transmission of the information to us is therefore at the sender’s own risk.
  2. Analysis tools
    Our websites use the following web analysis services:
    7.1 Google Analytics
    Google Analytics from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
    Google Analytics uses cookies (see section 8, Cookies). These enable an analysis of the use of our
    website, including IP addresses, by Google in the USA. We would like to point out that Google
    Analytics has been expanded to include the code “gat._anonymizeIp ();” on this website in order to
    ensure an anonymized collection of IP addresses (so-called IP masking). If anonymization is active,
    Google shortens IP addresses within Switzerland and from member states of the European Union or
    in other contracting states of the Agreement on the European Economic Area, which means that no
    conclusions can be drawn about your identity. The full IP address is only transmitted to a Google
    server in the USA and is shortened there in exceptional cases. Google observes the data protection
    provisions of the “Swiss-USA Privacy Shield” agreement and thus has an adequate level of data
    protection. Google uses the information collected to evaluate the use of our websites for us, to write
    reports for us on this, and to provide us with other related services. You can find out more at
    https://support.google.com/analytics/answer/6004245?hl=de, especially regarding the option to
    deactivate Google Analytics at http://tools.google.com/dlpage/gaoptout?hl= de.
    Where applicable, Art. 13 Para. 1 DSG and Art. 6 Para. 1 S. 1 lit. b GDPR and Art. 6 Para. 1 S. 1 lit. a
    GDPR is the legal basis.
    Further information on Google Analytics can be found in the provider’s data protection provisions.
    https://www.google.com/ (opt-out)
    https://analytics.google.com

7.2 Adwords Conversion Tracking
We also use Google AdWords Conversion Tracking. Google AdWords places a cookie on your
computer if you have reached our website via a Google ad. These cookies lose their validity after 30
days and are not used for personal identification. If you visit certain of our pages and the cookie has
not yet expired, we and Google can recognize that someone clicked on the ad and was redirected to
our site. Every AdWords customer receives a different cookie. Cookies cannot therefore be tracked
via the websites of AdWords customers. The information obtained using the conversion cookie is
used to generate conversion statistics for AdWords customers who have opted for conversion
tracking. AdWords customers determine the total number of users who clicked on their ad and were
redirected to a page with a conversion tracking tag. However, they do not receive any information
with which users can be personally identified. If you do not want to participate in the tracking
process, you can also refuse from the setting of a cookie required for this, for example, via a browser
setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies
for conversion tracking by setting your browser so that cookies from the domain
“googleadservices.com” are blocked.

7.3 Use of Google Remarketing
This website uses the remarketing function of Google Inc. (“Google”). This function serves to present
advertisements. The website visitor’s browser saves so-called “cookies” text files, which are stored
on your computer and are used to recognize the visitor when they visit websites that belong to the
Google advertising network. On these pages, the visitor can then be presented with advertisements
that relate to content that the visitor has previously accessed on websites that use Google’s
remarketing function. According to its own information, Google does not collect any personal data
during this process. If you still do not want Google’s remarketing function, you can always deactivate
it by making the appropriate settings at http://www.google.com/settings/ads. Alternatively, you can
deactivate the use of cookies for interest-based advertising via the advertising network initiative by
following the instructions at http://www.networkadvertising.org/managing/opt_out.asp.

7.4 Hotjar
Lean & Sharp uses the web analysis service Hotjar to analyze web usage. Hotjar Ltd. (St Julian’s
Business Center, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta) complies with the provisions of
the Data Protection Act, Chapter 440 of the Laws of Malta (“Applicable Law”), which contains all
relevant European Union directives on data protection implements. Hotjar is a service that analyzes
the behavior and feedback of users on websites using a combination of analysis and feedback tools.
Hotjar gives Lean & Sharp an “overall picture” of how to improve the end-user experience and
website performance. For this purpose, the following information is collected: the IP address of the
end device (it is collected and stored in an anonymised format), resolution of the screen / display,
type of end device, operating system, browser type, geographical location (country only), preferred
language and mouse events (movements, position, and clicks). The data collected is transmitted to
and stored on servers in Ireland (EU) via an encrypted connection. The sole purpose of this data
collection is to improve the user experience on the Hotjar-based websites. Personal data is neither
collected nor stored. You can find more information on Hotjar’s compliance with data protection

here: www.hotjar.com/privacy. You can reject the collection of your data by Hotjar at any time by
visiting the Hotjar opt-out page and clicking on «Deactivate Hotjar».

  1. Cookies
    In order to optimize the user experience on our website, Lean & Sharp uses cookies for the duration
    of the visit to our website. Files with information on configurations and the browser history are saved
    on the device. If users are registered with Lean & Sharp, they are linked to personal data.
    Cookies are also used to analyze user behavior, including the location of the user and the number of
    visits to Lean & Sharp websites. Cookies can enable Lean & Sharp to identify users.
    Cookies can be managed and deleted in the browser. This can mean that not all functions of the
    website can be used.
  2. Social Media Plugins
    Lean & Sharp can use social media plugins for improved user experience. When you click on the
    corresponding buttons, data stored in the browser can be transferred to the seat of the platform and
    stored there regardless of whether a user is logged in to the social media platform. This includes i.a.
    IP addresses and the user’s access to Lean & Sharp websites. The user’s profile on the platforms is
    actively linked to Lean & Sharp websites, and personal data can be transferred to the platforms.
    The data protection declarations of the social media platforms specify how user data is stored and
    processed. Lean & Sharp has no knowledge of which data is transmitted and processed and accepts
    no liability for it.

9.1 Integration of services and content (plugins) of third parties
Based on our legitimate interests (i.e. interest in analysis, optimization, and economic operation and
the interest of an appealing presentation of our online offer within the meaning of Art. 6 Para. 1 lit. f.
GDPR), we use content or service offers from third-party providers on our website as regards their
content and services, such as videos or posts, and make them accessible to users. A corresponding
integration always requires that the third-party providers of this content know your IP address as
they cannot send the content to your browser without the IP address. The IP address is therefore
necessary for displaying the content.
We strive to only use content whose respective providers only use your IP address to deliver the
content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as
“web beacons”) for statistical or marketing purposes. The «pixel tags» can be used to evaluate
information such as visitor traffic on the pages of this website. The pseudonymous information can
also be stored in cookies on your device and contain, among other things, technical information
about your browser and operating system, referring websites, visit time, and other information about
your use of our online offer, as well as be linked to such information from other sources.

9.2 Youtube
We embed the videos from the platform “YouTube” from the provider Google LLC, 1600 Amphitheater
Parkway, Mountain View, CA 94043, USA, or Google Ireland Limited, Gordon House, Barrow Street
Dublin 4, Ireland.
If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers
will be established. This tells the YouTube server which of our pages you have visited. If you are
logged into your YouTube account, YouTube enables you to assign your surfing behavior directly to
your personal profile. You can prevent this by logging out of your YouTube account.
Google Privacy Policy
Further information on the handling of user data can be found in YouTube’s privacy policy
https://policies.google.com/privacy?hl=de&gl=de.
Basis
YouTube is used in the interest of an appealing presentation of our online offers. This represents a
legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.
Objection against data collection
You can prevent Google from collecting your data by clicking on the link and opting out accordingly
https://adssettings.google.com/authenticated.

9.3 Facebook
We use Facebook pages, Facebook groups, and Facebook social plugins (“plugins”) from the social
network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand
Canal Harbor, Dublin 2, Ireland.
The pages, groups, and plugins can show you interaction elements or content (e.g. videos, graphics,
or text contributions), and you can recognize them by one of the Facebook logos (white “f” on a blue
tile, the terms “like” or “like” or a “thumbs up” sign or marked with the addition “Facebook Social
Plugin”). You can see the list and appearance of the Facebook social plugins. If you call up a function
of our online offer that contains such a plugin, your device establishes a direct connection with the
Facebook servers. The content of the plugin is transmitted directly from Facebook to your device,
which integrates it into the online offering. You can use the processed data to create usage profiles.
We therefore have no influence on the amount of data that Facebook collects with the help of this
plugin and thus informs users according to our level of knowledge. By integrating the plugins,
Facebook receives the information that you have accessed the corresponding page of our online
offer. If you are logged into Facebook, Facebook can assign the visit to your Facebook account. If you
interact with the plugins, for example, if you press the Like button or leave a comment, the
corresponding information will be sent directly from your device to Facebook and saved there. If you
are not a member of Facebook, there is still the possibility that Facebook will find out your IP address
and save it. According to Facebook, only an anonymized IP address is saved in Europe.
Facebook privacy policy
The purpose and scope of the data collection and the further processing and use of the data by
Facebook as well as the related rights and setting options to protect the privacy of users can be
found in Facebook’s data protection information.
EU-US Privacy Shield

Facebook is certified under the Privacy Shield Agreement
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active and thus
guarantees compliance with European data protection law.
Basis
The use of the Facebook pages, groups, and social plugins is in the interest of an appealing
presentation of our online offers and an easy findability of the places specified by us on the website
as well as the use of the data for marketing and targeting purposes. This represents a legitimate
interest within the meaning of Art. 6 Para. 1 lit. f GDPR.
Joint processing of personal data
The joint processing of personal data takes place on the basis of an agreement on joint processing of
personal data https://www.facebook.com/legal/terms/page_controller_addendum.
Objection against data collection
If you are a Facebook member and do not want Facebook to collect data about you via our online
offer and link it to your member data stored on Facebook, you must log out of Facebook before using
our online offer and delete your cookies. Further settings and contradictions to the use of data for
advertising purposes can be found in the Facebook profile settings
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fads%2Fpref
erences%2F % 3Fentry_product% 3Dad_settings_screen possible or via the US site aboutads.info
(add hyperlink https://optout.aboutads.info/?c=2&lang=EN) or the EU site youronlinechoices.com
(add hyperlink https: // www.youronlinechoices.com/). The settings are platform-independent, i.e.
they are adopted for all devices, such as desktop computers or mobile devices.
9.4 Instagram
Functions and contents of the Instagram service, offered by Instagram Inc., 1601 Willow Road, Menlo
Park, CA, 94025, USA, can be integrated into our online offer.
For this purpose, we use content such as images, videos, or texts and buttons with which you can
express your favor regarding content and subscribe to the authors of the content or our
contributions. If you are a member of the Instagram platform, Instagram can assign content and
functions to your profiles.
Instagram privacy policy
You can find more information about the handling of user data on Instagram in Instagram’s privacy
policy https://help.instagram.com/519522125107875.
Basis
The use of Instagram is in the interest of an appealing presentation of our online offers and an easy
findability of the places indicated by us on the website. This represents a legitimate interest within
the meaning of Art. 6 Para. 1 lit. f GDPR.

9.5 LinkedIn
Within our online offer, functions and contents of the LinkedIn service, offered by LinkedIn Ireland
Unlimited Company, Wilton Place, Dublin 2, Ireland, can be used.
For this purpose, we use content such as images, videos, or texts and buttons with which you can
express your favor regarding content and subscribe to the authors of the content or our
contributions. If you are a member of the LinkedIn platform, LinkedIn can assign content and
functions to your profiles. We can also incorporate scripts and measures that allow us to use
marketing and statistical functions in LinkedIn.
LinkedIn privacy policy
You can find more information about the handling of user data on LinkedIn in the LinkedIn data
protection declaration https://www.linkedin.com/legal/privacy-policy.
EU-US Privacy Shield
LinkedIn is certified under the Privacy Shield Agreement
https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active and thus
guarantees compliance with European data protection law.
Basis
The use of the LinkedIn functions is in the interest of an appealing presentation of our online offers
and an easy findability of the places we have indicated on the website as well as the use of the data
for marketing and targeting purposes. This represents a legitimate interest within the meaning of
Art. 6 Para. 1 lit. f GDPR.
Objection against data collection
LinkedIn data acquisition opt-out
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

  1. Rights of our users
    Depending on the applicable law, the following can be asserted:

  • Right to information about the processed personal data. Based on Art. 8 DSG or Art. 15
    GDPR, this information can include the following information: processing purposes, the
    category of personal data, the categories of recipients to whom your personal data has been
    or will be disclosed, the planned storage period, the existence of a right to correction,
    deletion, restriction of processing or objection, the existence of a right to complain, the
    origin of your personal data, if we have not collected them, as well as the existence of
    automated decision-making, including profiling and, if necessary, meaningful information on
    the data’s details.
  • If the information means a greater effort for us, the applicant has to assume the actual costs.
  • Right to the correction of incorrect stored data or their completion based on Art. 5 Para. 2
    GDPR and Art. 16 GDPR.
  • Right to the deletion of personal data, insofar as this is necessary taking into account legal
    obligations, overriding public interest, or assertion, exercise, or defence of legal claims by
    Lean & Sharp.
  • Right to restrict the processing of your own personal data if the accuracy of the data is
    contested, the processing is unlawful, deletion is rejected, and Lean & Sharp no longer needs
    the data, but you need it to assert, exercise, or defend legal claims, or you have lodged an
    objection to the processing (Art. 15 GDPR and Art. 18 GDPR).
  • According to Art. 20 GDPR, you have the right to receive your own personal data in a
    structured, common, and machine-readable format or to request that it be transmitted to
    another person responsible.
  • According to Art. 7 Para. 3 GDPR, you have the right to revoke your consent to us at any time.
    As a result, Lean & Sharp is no longer allowed to continue the data processing based on this
    consent in the future.
  • Right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.
  • Right of objection to process and save your own personal data by Lean & Sharp for direct
    mail. This right also exists for legitimate interests on our part if there are reasons against
    data processing for a particular situation (Art. 6 Para. 1 S. 1 lit.f GDPR).
    The exercise of these rights can mean that Lean & Sharp is no longer able to maintain the business
    relationship. Under certain circumstances, Lean & Sharp may refuse to provide such information,
    change, or delete data in accordance with applicable law.

  1. Declaration of Consent
    Use of the Lean & Sharp websites and services confirms that the information in this document has
    been read and understood. The consent to the storage and processing of the data and cookies is also
    given after the browser session has ended.
  2. Severability and changes
    If parts of the General Terms and Conditions or other contracts and agreements between Lean &
    Sharp and the customer are deemed void or legally ineffective, the remaining provisions are not
    affected.
    Lean & Sharp can change this data protection declaration or adapt the data processing at any time.
  3. Applicable Law
    For any disputes in connection with the use of this website or Lean & Sharp services, only the German
    version of the texts is authoritative.
    The place of jurisdiction is the seat of Lean & Sharp GmbH.

  4. Lean & Sharp GmbH
    Forchstrasse 60
    8008 Zurich
    Zurich, October 11, 2024
    Version 1.1

Buy now