Privacy Policy

August 17, 2022 version

In this data protection declaration we explain how we collect and process personal data. This is not a complete description: in specific situations, reference should be made to any other applicable privacy statements or general terms and conditions. Personal data are all data that relate to a specific or identifiable person.

If you make personal data of other persons (e.g. your employees, family members, colleagues) available to us, please ensure that the persons concerned are aware of this data protection declaration and only pass on their personal data if you have given your consent and if the data is correct.

GFS operates in Switzerland and is therefore subject to Swiss data protection regulations.

1. Responsibility

Is responsible for the processing of GFS data. If you have any questions regarding data protection law, please contact us at the following address

2. Collection and processing of personal data

We primarily process personal data that we collect in the course of our business relationships with our customers, our customers' business partners and other stakeholders, or data collected in the course of operating our website.

Where permitted, we also extract certain data from publicly available sources (e.g., debt enforcement registry, land registry, commercial registry, press, Internet) or receive it from other companies within GFS, the authorities and other third parties. In addition to the data that you provide directly to us, the categories of personal data that we receive from third parties about you include, in particular, information from official registers, information collected in the context of administrative or legal proceedings, information in connection with your professional functions and activities, information provided in the context of our correspondence and discussions with third parties, information about your creditworthiness, information provided by persons close to you (family, advisors, legal representatives, suppliers, etc.), in order to conclude or extend contracts with you, or to provide you with information about your personal data.), so that we can conclude or execute contracts with you (e.g. references, your postal address for correspondence, powers of attorney), information about compliance with legal requirements, information from banks, insurance companies and other business partners about the services you use or provide (e.g. payments made, media information, etc.). (e.g. payments made, media and Internet information about you, if this is indicated in this case, e.g. in the context of an application, a marketing measure, etc.), your home and business addresses, and, if applicable, your interests and other socio-demographic data relevant to our business relationship).

3. Purposes of data processing and legal basis

We use the data we have collected primarily to fulfill contracts with our clients and business partners, in particular in the context of risk, insurance or pension advice and related activities with current or future business partners, and to meet our legal obligations in Switzerland and abroad. If you work for such a client or business partner, your personal data may of course be affected by these provisions.

Insofar as permitted and appropriate, we also process personal data about you and other persons for the following purposes, if we (and sometimes third parties) have a legitimate interest in doing so

  • offering and developing our risk, insurance and pension consulting and related activities;
  • Communication with third parties and handling of other requests (e.g., applications and media inquiries);
  • analysis and optimization of needs analysis procedures to directly approach customers, collection of personal data from publicly available sources for customer acquisition;
  • advertising and marketing (including event organization), provided that you do not object to the use of your data (if we send you advertising as a customer, you can exercise your right to object at any time; you will then be placed on a blocking list to stop the sending of advertising);
  • canvassing and opinion polling, media monitoring;
  • Establishment of legal claims and defense in litigation and administrative proceedings;
  • Prevention and clarification of criminal offenses and other misconduct (e.g., conducting internal investigations, data analysis to combat fraud);
  • guaranteeing the proper functioning of our operations, in particular our IT systems, our website, the corresponding online services and other platforms;
  • video surveillance to prevent intrusion and other measures to ensure the security of IT equipment, buildings and facilities and to protect our employees and other persons as well as the assets belonging to us or entrusted to us (e.g. access controls, visitor lists, network or e-mail scanners, telephone recordings)
  • acquisition and sale of business areas, companies or parts of companies and other transactions under company law and, in this context, transfer of personal data, as well as corporate conduct measures, if necessary to comply with legal and regulatory obligations as well as internal GFS provisions

If you have given us your consent to process your personal data for specific purposes, we will process this data within the framework and on the basis of this consent, if we have no other legal basis and if we need a legal basis. You may revoke your consent at any time, but this will not affect any data processing already carried out.

4. Cookies / tracking and social plugins in connection with the use of our website, no personal data is transmitted.

On our website, we use the services of Google Analytics (Google Analytics, Google LLC in the USA, to measure and analyze the use of the website (using non-personal data). We do not provide any personal data to Google Analytics. At most, we identify the country or, for example, the canton/region from which a user visited the GFS website. No conclusions can be drawn about a specific natural person.

The IP addresses usually obtained through cookies have been completely deleted, so that no data is transmitted. We can therefore only determine whether, how long and when an anonymous website user has visited our site. No conclusions can be drawn about a specific natural person. It is also no longer possible to link a website user to a region.

GFS uses the social networking platforms of LinkedIn, Facebook and Instagram. However, we do not use any social plugins from social networks and similar platforms on our website. The LinkedIn, Facebook and Instagram icons at the bottom of the page are simple links to the respective platforms. By clicking on these links, the user does not generate the transfer of his/her IP addresses or personal data to the social networks. The processing of your personal data is the responsibility of the operator of the respective site in accordance with the data protection regulations. He does not provide us with any information about you.

5. Transmission and transfer of data abroad

In the course of our business activities and for the purposes set out in Section 3, we will also pass on this personal data to third parties if they process it on our behalf or if they wish to use it for their own purposes, provided this is permitted and we consider it appropriate.

These include:

  • our service providers within the GFS or externally, e.g. insurance companies, pension funds, banks, consulting companies, law firms, including subcontractors (e.g. IT service providers);
  • Network partners, suppliers, subcontractors and other business partners;
  • clients, their legal representatives or their contacts;
  • Swiss and foreign authorities, official services or courts;
  • the public, including visitors to websites and social networks;
  • competitors, professional organizations, associations, organizations and other committees;
  • acquirers or other parties interested in the acquisition of business areas, companies
  • other parties involved in potential or actual legal proceedings;

If we transfer data to a country that does not have adequate legal provisions for data protection, we ensure an adequate level of protection in accordance with the law by means of corresponding contracts (based, among other things, on the "standard contractual clauses" of the European Commission), or we rely on the legal exemptions for consent, the execution of contracts, the establishment, exercise or enforcement of rights, overriding public interests, published personal data insofar as this is necessary to protect the integrity of the data subject or if the data subject has made his or her data available to the public and has not expressly forbidden the processing thereof. You may request a copy of the contractual guarantees referred to in Section 1 at any time. However, we reserve the right to black out copies for reasons of confidentiality or data protection or to provide only an extract.

For the sake of completeness, we would like to point out that, as a broker licensed in Switzerland, we only deal with Swiss clients. In order to fulfill our contractual obligations, it may exceptionally happen that personal data of natural persons domiciled in Switzerland are sent to the United States in the context of the management of the business relationships of our internationally active clients. We also draw your attention to the fact that the US authorities are able, under US law, to initiate surveillance measures that allow them to record all data transmitted from Switzerland to the US. This data is recorded without distinction, restriction or exception in view of the purpose and without any objective criteria that would allow the US authorities to restrict access to and further use of personal data to specific, strictly limited purposes that justify access to such data.

We also emphasize that data subjects in the United States have no legal means to access, correct or delete their data. Moreover, there is no effective legal protection against the general access rights of the US authorities. We expressly draw your attention to this legal and factual situation so that you can give your informed consent to the use of your data.

6. Duration of the storage of personal data

We process and store your personal data if the fulfilment of our contractual and legal obligations, or at least the purposes of the processing require it, e.g. for the duration of the business relationship (preparation, execution and termination of a contract), and furthermore in order to comply with our legal storage and documentation obligations. In this respect, personal data may be stored if claims are made against our company, if we are required to do so by law or if legitimate business interests so require (e.g. for evidentiary and documentation purposes).

7. Data security

We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse. For example, we implement physical and digital access controls and restrictions, encrypt data carriers and transfers, issue guidelines on personal and business data management and mobile device management, conduct data protection and compliance training, and continuously monitor the implementation of the above measures.

8. Obligation to make personal data available

As part of our business relationship, you are required to provide the personal data necessary to initiate and implement a business relationship and to fulfill the contractual obligations inherent in that relationship (you are generally not legally required to provide us with data). Without this data, we will generally not be able to enter into or perform a contract with you (or the service or person you represent).

9. Profiling

GFS does not perform any profiling.

10. Rights of the persons concerned

Within the framework of the applicable data protection legislation and if permitted by it, you have the right to information, correction, deletion and restriction of data processing and, in addition, the right to object to the processing of data and to the disclosure of certain personal data. Please note, however, that we reserve the right to enforce legal restrictions, for example, if we are obliged to store or process certain data, if this is in our overriding interest, or if the data is necessary for our claims. We will inform you in advance of any costs you may incur. Please note that the exercise of these rights may be in conflict with contractual agreements and may have consequences such as early termination of the contract or financial consequences. We will inform you of this in advance, unless there are contractual provisions.

The exercise of such rights generally requires that you prove your identity unambiguously (e.g. with a copy of an identity document if your identity is unclear or cannot be verified). If you wish to assert your rights, you can contact us at the address given in Section 1.

Each data subject also has the right to assert his or her rights in court or to submit a complaint to the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner(

11. Changes

We may amend this data protection declaration at any time without prior notice. The current version published on our website applies. If the data protection declaration is part of an agreement with you, we will inform you of any changes by email or other appropriate means.