Tax advisory

Tax advisory and planning

Preparation of tax returns

Permit applications

Redomiciliation of Companies

Relocation of Individuals

Swiss Fiscal Representation (VAT)

Tax Audit

Corporate advisory

Accounting and financial reporting

Payroll management

Swiss Tax

Strategic business advisory

Company Incorporation (onshore & offshore)

Accounting and financial reporting

Real Estate Management

Ordinary and Extraordinary Administration

Property Accounting

Technical Management

Property Lease Management

Real Estate Acquisitions & Sales

Art Management

Collection Management

Logistics and Insurance

Contracts and Transactions

Art Advisory and Valuation

DATA PROTECTION STATEMENT

Data protection statement

 In this data protection statement, we describe Studio Fiduciario e Immobiliare Roberta Pantani Tettamanti SA (hereinafter Studio RPT SA, we) and how we collect and process personal data. This data protection declaration does not constitute an exhaustive description and, where applicable, other declarations concerning data protection govern specific cases. For the purposes of this data protection declaration, personal data refers to all information relating to an identified or identifiable person.

  1. Responsible body and contact details

The data controller for the data processing described here is Studio Fiduciario e Immobiliare Roberta Pantani Tettamanti SA, unless otherwise specified in the specific case. Requests for information regarding data protection can be sent to us by letter or e-mail, attaching a copy of your identity card or passport for identification purposes: via Valdani 2 / 6830 Chiasso / Switzerland / Tel.: +41 91 924 09 45 / info@rptold.local.

  1. Collection and processing of personal data

Our processing of personal data concerns, in particular, the following categories:

  • customer data, to whom we provide or have provided services
  • personal data that we have received indirectly from our customers in connection with the provision of services
  • data obtained from viewing our website
  • data derived from our newsletter
  • data derived from online property search platforms, e.g. HomeGate, ImmoScout, and similar
  • data obtained by participating in one of our events
  • data obtained when we communicate or have a visit
  • within the scope of other contractual relationships, e.g. as a supplier of goods or services or as a consultant
  • data received during the application process
  • data that we are obliged to process for legal or administrative reasons
  • in cases where we are protecting our duty of care or other legitimate interests, e.g. to avoid conflicts of interest, money laundering or other risks, or to ensure data accuracy, verify creditworthiness, protect security or exercise our rights

Detailed information can be found in the description of the respective categories of processing in point 4.

  1. Categories of personal data

The personal data we process depends on your relationship with us and the purpose for which we process it. In addition to your contact details, we also process other information about you or people related to you. Sometimes, this information may also include personal data that requires special protection.

We collect the following categories of personal data, depending on the purpose for which we process them:

  • contact details (e.g. first name, surname, address, telephone number, e-mail address)
  • customer information (e.g. date of birth, nationality, marital status, occupation, title, job description, passport/ID card number, social security number)
  • data for risk assessment (e.g. creditworthiness information, commercial register data)
  • financial information (e.g. bank account details)
  • data relating to the mandate, depending on the type of mandate (e.g. tax information, articles of association, minutes, projects, contracts, employee data (e.g. salary, social insurance), accounting data, beneficial owners, ownership relationships)
  • Data relating to web pages (e.g. IP addresses, device information (UID), browser information, use of web pages (use and analysis of plug-ins, etc.)
  • application data (e.g. curriculum vitae, employment certificates)
  • marketing information (e.g. newsletter subscription)
  • security and network data (e.g. visitor lists, access controls, network and email scanners, telephone call lists)

To the extent permitted, we also collect certain data from publicly available sources (e.g. debt enforcement registers, land registers, commercial registers, the press, the internet) or receive such data from our principals and their employees, from authorities, (arbitral) courts and other third parties. In addition to the data you provide to us directly, the categories of personal data concerning you that we receive from third parties include, in particular, information from public registers; information that comes to our attention in the context of judicial or administrative proceedings; information relating to your professional roles and activities (so that we may, for example, conclude and conduct business with your employer with your assistance); information concerning you arising from correspondence and discussions with third parties; creditworthiness information; information concerning you provided by persons in your environment (family members, advisors, legal representatives, etc.) in order to enable us to enter into or perform contracts with you or involving you (e.g. references, your delivery address, powers of attorney); information necessary to comply with legal requirements, e.g. relating to anti-money laundering or export restrictions; information from banks, insurers, distributors and other contractual partners for the request or provision of services by you (e.g. payments and/or purchases made); information about you from media and the internet (where appropriate in the specific case, e.g. in the context of an application, etc.); your addresses and, where applicable, interests, as well as other sociodemographic data (for marketing purposes); and data relating to the use of the website (e.g. IP address, MAC address of the smartphone or computer, information about your device and its settings, cookies, date and time of the visit, pages and content accessed, functions used, referring websites, location information).

  1. Purposes of data processing and legal bases

4.1 – Provision of services

We primarily process personal data that we receive from our clients and other business partners in the context of our client relationships and other contractual relationships with business partners.

In the case of our customers' personal data, this specifically concerns the following information:

  • contact details (e.g. first name, surname, address, telephone number, e-mail address, other contact details)
  • personal information (e.g. date of birth, nationality, marital status, occupation, title, job description, passport/ID card number, social security number, family situation, etc.)
  • data for risk assessment (e.g. creditworthiness information, commercial register data, sanctions lists, specialist databases, data obtained from the internet)
  • financial information (e.g. data concerning bank accounts, investments or shareholdings)
  • Data relating to the mandate, depending on the type of mandate, e.g. tax information, articles of association, minutes, employee data (e.g. salary, social insurance), accounting data, etc.
  • particularly sensitive personal data: this data may include data on health, religious beliefs or social welfare measures, particularly when we provide services in the field of payroll processing or accounting.

We process this personal data for the purposes described, based on the following legal grounds:

  • conclusion or performance of a contract with or for the data subject, including pre-contractual negotiations and any implementation (e.g. consulting, fiduciary)
  • fulfilment of a legal obligation (e.g. when we fulfil our obligations as an auditing body or are obliged to disclose information)
  • protection of legitimate interests (e.g. for administrative purposes or to improve our quality, ensure security, manage risks, exercise our rights, defend ourselves against unjustified claims or check for possible conflicts of interest)
  • consent (e.g. to send you marketing information).

4.2 – Indirect processing of data arising from the provision of services

When providing services to our customers, we may also process personal data that we have not collected directly from the data subjects or personal data of third parties. As a rule, these third parties are employees, contact persons, family members or persons who have a relationship with our customers or data subjects for other reasons. We need this personal data to fulfil our contracts with our customers. We receive this personal data from our customers or from third parties commissioned by them. The third parties whose information we process for this purpose are informed of this processing by our customers. For this purpose, our customers may refer to this data protection declaration.

Data concerning persons who have a relationship with our customers consists in particular of the following information:

  • contact information (e.g. first name, last name, address, telephone number, e-mail address, other contact information, marketing data)
  • personal information (e.g. date of birth, nationality, marital status, occupation, title, job description, passport/ID card number, social security number, family situation, etc.)
  • financial information (e.g. data concerning bank accounts, investments or shareholdings)
  • Data relating to the mandate, depending on the type of mandate, e.g. tax information, articles of association, minutes, employee data (e.g. salary, social insurance), accounting data
  • Personal data requiring special protection: This personal data may also include data requiring special protection, such as data on health, religious beliefs or social welfare measures, particularly when we provide services in the field of payroll processing or accounting.

We process this personal data for the purposes described, based on the following legal grounds:

  1. conclusion or performance of a contract with or for the data subject, including pre-contractual negotiations and any fulfilment (e.g. when we fulfil our contractual obligations)
  2. fulfilment of a legal obligation (e.g. when we fulfil our obligations as an auditing body or are obliged to disclose information)
  3. protection of legitimate interests, in particular our interest in providing our customers with optimal service.

4.3 – Use of our website

You do not need to disclose any personal data to use our website. However, when you access the site, the server collects a range of information about the user, which is temporarily stored in the server log files.

The use of this generic information does not involve any attribution to a specific person. The acquisition of such information or data is necessary for technical reasons, in order to view our website and ensure its stability and security. This information is also acquired to improve the website and analyse its use.

More specifically, this concerns the following information:

  • contact details (e.g. first name, surname, address, telephone number, e-mail address)
  • other information you provide to us via the website
  • Technical information, information about user behaviour or website settings (e.g. IP address, UDI, device type, number of clicks on the page, newsletter opens, link clicks, etc.) that is transmitted directly to us or our service providers.

We process this personal data for the purposes described, based on the following legal grounds:

  • protection of legitimate interests (e.g. for administrative purposes, to improve our quality, analyse data or promote our services)
  • consent (e.g. for the use of cookies or for the newsletter).

 4.4 – Use of the newsletter

If you subscribe to our newsletter, we will use your email address and other contact details to send it to you. With your consent, you can subscribe to our newsletter. The information required to send the newsletter is your full name and email address, which we will save after you subscribe. The legal basis for processing your data in connection with our newsletter is your consent to receive it. You can revoke this consent at any time by unsubscribing from the newsletter.

4.5 – Direct communication and visits

If you contact us (by telephone, e-mail or chat) or if we contact you, we will process your personal data as necessary for the purpose. We also process this data when you visit us. In this case, you may be required to provide us with your contact details before your visit or when you arrive at reception. We store this personal data for a certain period of time in order to protect our infrastructure and information.

To organise conference calls, online meetings, video conferences and/or teleseminars, we use the services ‘Zoom’ and ‘Microsoft Teams’.

In particular, we process the following information:

  • contact details (e.g. first name, surname, address, telephone number, e-mail address)
  • marginal information about the communication (e.g. IP address, duration and channel of communication)
  • recording of conversations, e.g. in the context of video conferences
  • Further information that you upload, make available or create when using the video conferencing service, as well as metadata used for maintaining the service provided, and additional information on the processing of personal data by Zoom or Microsoft Teams can be found in their data protection policies.
  • personal information (e.g. occupation, position, title, employer's company name)
  • time and date of the visit.

We process this personal data for the purposes described, based on the following legal grounds:

  • fulfilment of a contractual obligation with or in favour of the data subject, including pre-contractual negotiations and possible implementation (provision of a service)
  • protection of legitimate interests (e.g. security, traceability, as well as customer relationship management).

4.6 – Applications

You can send us your application for a position in our company by post or email to the address indicated on our website. The documents and all personal data provided in your application will be treated with the utmost confidentiality and will only be used for the purpose of processing your application for employment with us. Unless you object, at the end of the application process, your file will be returned to you or deleted/destroyed, unless there is a legal obligation to retain it. The legal basis for the processing of your data is your consent, the performance of the contract with you and our legitimate interests.

In particular, we process the following information:

  • contact details (e.g. first name, surname, address, telephone number, e-mail address)
  • personal information (e.g. occupation, position, title, employer's company name)
  • application documents (e.g. letter of motivation, certificates, diplomas, curriculum vitae)
  • assessment information (e.g. personnel consultant assessment, references, assessment)

We process this personal data for the purposes described, based on the following legal grounds:

  • protection of legitimate interests (e.g. recruitment of new employees)

4.7 – Suppliers of goods and services, other contractual partners

When we enter into a contract with you to provide a service, we process personal data relating to you or your employees. We need this data to communicate with you and request your services. We sometimes also process this personal data to check whether there may be a conflict of interest in relation to our activities as an auditor and to ensure that our collaboration does not inadvertently expose us to any risks, e.g. with regard to money laundering or possible sanctions.

In particular, we process the following information:

  • contact details (e.g. first name, surname, address, telephone number, e-mail address)
  • personal information (e.g. occupation, position, title, employer's company name)
  • financial information (e.g. bank account details).

We process this personal data for the purposes described, based on the following legal grounds:

  • conclusion or performance of a contract with or for the data subject, including pre-contractual negotiations and any implementation
  • protection of legitimate interests (e.g. avoiding conflicts of interest, protecting the company, exercising legal rights).
  1. Tracking technologies

We use cookies on our website. These are small files that your browser automatically creates and saves on your device (laptop, tablet, smartphone, etc.) when you visit our website.

Information obtained from the specific terminal used is stored in the cookie. However, this does not mean that we immediately learn your identity. The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. For example, we use so-called session cookies to find out whether you have already visited certain pages on our website. When you leave our website, these cookies are automatically deleted.

In addition, to optimise user-friendliness, we also use temporary cookies, which are stored on your device for a predefined period of time. If you visit our website again to use our services, the system automatically recognises that you have already visited us, what data you have entered and what settings you have activated, so that you do not have to enter/activate them again. We use cookies to statistically record the use of our website and analyse our offering in order to optimise it for you. When you visit our website again, these cookies automatically tell us that you have already visited us. These cookies are automatically deleted after a predefined period of time.

The data processed by cookies is necessary for the purposes mentioned. Most cookies are automatically accepted by browsers. However, you can configure your browser so that it does not save any cookies on your computer or so that a warning appears before a new cookie is stored. However, completely deactivating cookies may prevent you from using all the functions of our website.

  1. Web and newsletter analysis

In order to obtain information about the use of our website, improve our internet offering, or draw your attention to our advertising on third-party websites or social media, we use the following web analysis tools and retargeting technologies: Google Analytics and MailChimp.

These tools are provided by third-party providers. As a rule, the information collected for this purpose about the use of a website is transmitted to the third-party provider's server via cookies or similar technologies. Depending on the third-party provider, these servers may be located abroad.

Data is normally transmitted using abbreviated IP addresses, which prevents individual terminals from being identified. This information is only transmitted by third-party providers on the basis of legal requirements or within the framework of commissioned data processing.

6.1 – Google Analytics

On the pages of our website, we use Google Analytics, a web analytics service provided by Google LLC, Mountain View, California, USA; for Europe, the competent entity is Google Ireland Limited (“Google”). To deactivate Google Analytics, Google provides a browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=it . Google Analytics uses cookies. These are small text files that make it possible to store specific information relating to the user on the user’s device. These cookies enable Google to analyze the use of our website. As a rule, the information generated by the cookie regarding the use of our pages (including your IP address) is transmitted to a Google server in the USA and stored there. Please note that on this website Google Analytics has been integrated with “gat._anonymizeIp();” in order to ensure anonymized collection of IP addresses (so-called IP masking). If anonymization is active, Google shortens IP addresses within the Member States of the European Union and in other states party to the European Economic Area, making it impossible to identify you. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. In certain circumstances, Google may link your IP address with other data held by Google. For the transfer of data to the USA, Google has undertaken to sign and comply with the EU Standard Contractual Clauses.

6.2 – Google Maps

On our website, we use Google Maps (API) provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; for Europe, the competent entity is Google Ireland Limited, “Google”). Google Maps is a web service for displaying interactive (geographical) maps in order to visualize geographic information. Through this service, we can show you our location and make it easier for you to plan your route. As soon as you access the pages on which the Google Maps map is integrated, information about your use of our website (such as your IP address) is transmitted to Google servers in the USA and stored there. This occurs regardless of whether Google provides a user account to which you are logged in or whether such an account exists. If you are logged in to Google, your data is directly associated with your account. If you wish to prevent this association with your Google profile, you must log out before activating the button. Google stores your data (even if you are not logged in as a user) as user profiles and analyzes them.

For data transfers to the US, Google has committed to signing and complying with the EU standard contractual clauses.

6.3 – Social media plug-ins

Our website uses social media plug-ins (‘plug-ins’) from third-party providers. The plug-ins can be recognised by the logo of the respective social network. The plug-ins enable you to interact with social networks and other users. We use the following plug-ins on our website: Facebook, Instagram, LinkedIn, YouTube. When you visit our website, your browser establishes a direct connection to the third-party provider's servers. The content of the plug-in (e.g. YouTube videos) is transmitted directly from the third-party provider to your browser and integrated into the page.

The retransmission of data for the purpose of displaying content (e.g. posts from Facebook and Instagram) takes place regardless of whether you have an account with the third-party provider or are logged in. Furthermore, if you are logged in to the third-party provider, the data collected by us is directly assigned to the account you hold with that provider. If you activate the plug-ins, the information is published on the social network and displayed to your contacts. For information on the purpose and scope of data collection, as well as the further processing and use of data by third-party providers, and your rights in this regard and the possible settings to protect your privacy, please consult the third-party provider’s data protection notices. The third-party provider stores the data collected about you in the form of user profiles and uses them for advertising, market research and/or the needs-based design of its website. Such analysis is also carried out for users who are not logged in, in order to provide needs-based advertising and to inform other users of the social network about your activities on our website. If you wish to prevent third-party providers from assigning the data collected on our website to your personal profile on the respective social network, you must log out of the relevant social network before visiting our website. You can also completely prevent the loading of plug-ins by using specialized add-ons for your browser, such as “Ghostery”.https://www.ghostery.com/) o «NoScript» (http://noscript.net/).

6.4 – Newsletter Tracking

We use the MailChimp software to send our newsletter. This software enables us to send and analyze newsletters. In order to carry out such analyses, we collect device and access data. To collect these data, the newsletter contains a tracking pixel. The newsletter and the websites accessible through it are also tracked by means of cookies. A pixel is an image file that is stored on the recipient’s device.

Using these technologies, we are informed whether the newsletter has been delivered, whether it has been opened, and which content has been clicked on. We use this information to improve our newsletter and our offerings. The use of a pixel can be prevented by disabling HTML in the email program (the method varies depending on the email program used).

  1. Data retransmission and transmission

We only pass on your data to third parties if this is necessary to provide our service, if these third parties provide a service to us, if there is a legal or administrative obligation to do so, or if we have an overriding interest in passing on the personal data. We also pass on personal data to third parties if you have given us your consent or asked us to do so.

Personal data is not always transmitted in encrypted form. Unless expressly agreed otherwise with the customer, accounting data, payroll administration data, payroll statements and certificates are not transmitted in encrypted form.

The following categories of recipients may receive personal data from us:

  • branches, subsidiaries and sister companies.
  • service providers (e.g. IT service providers, hosting providers, suppliers, consultants, solicitors, insurance companies)
  • third parties within the scope of our legal or contractual obligations, such as authorities, state institutions, courts.

We conclude contracts with service providers who process personal data on our behalf, in which they undertake to ensure data protection. Our service providers are mainly located in Switzerland or the EU/EEA. Certain personal data may also be transferred to the USA (e.g. Google Analytics data) or, in exceptional cases, to other countries around the world. If it is necessary to transfer data to other countries that do not have an adequate level of data protection, this is done on the basis of EU standard contractual clauses (e.g. in the case of Google) or other suitable instruments.

  1. Duration of personal data retention

We process and store your personal data for as long as necessary to fulfil our contractual and legal obligations or to achieve the purposes pursued by the processing, e.g. for the duration of the entire business relationship (from pre-contractual negotiations to the execution and termination of a contract), as well as in accordance with legal archiving and documentation obligations. In addition, personal data may be stored for as long as claims against our company could be asserted (in particular until the expiry of the statutory limitation period), and to the extent that we are required to do so for other legal reasons or legitimate business interests require it (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required, it will be deleted or anonymised as a matter of principle and as far as possible. For operating data (e.g. system logs, logs), retention periods of twelve months or less generally apply.

  1. Data security

We take appropriate technical and organisational security measures to protect your personal data from misuse and unauthorised access, such as the disclosure of guidelines, training, IT and network security solutions, access controls and restrictions, encryption of data carriers and data transmissions, pseudonymisation and controls.

  1. Obligation to provide personal data

Nel quadro della nostra relazione di affari, dovete comunicare i dati personali necessari per l’allacciamento e l’esecuzione di tale relazione, nonché per l’adempimento degli obblighi contrattuali relativi alla stessa (di regola non avete un obbligo legale che prevede di metterci a disposizione dati). Senza tali dati non saremo in grado né di stipulare un contratto con voi (o il servizio o la persona che rappresentate) né di eseguirlo. Anche il nostro sito non può essere utilizzato, se non vengono comunicate determinate informazioni (come p. es. l’indirizzo IP) per garantire la trasmissione dei dati.

  1. Your rights

In relation to our processing of personal data, you have the following rights:

  • the right to be informed about the personal data concerning you that we store, the purpose of the processing, the origin and the recipients or categories of recipients to whom the personal data are disclosed
  • right to rectification, if your data is incorrect or incomplete
  • right to restrict the processing of your personal data
  • right to request the deletion of personal data processed
  • right to data portability
  • the right to object to data processing, or to withdraw consent to the processing of personal data, at any time without giving reasons
  • right to lodge a complaint with a competent supervisory authority, if legally provided for.

To exercise these rights, please contact the address indicated in point 1.

Please note, however, that we reserve the right to enforce the restrictions provided for by law if, for example, we are obliged to store or process certain data, if we have an overriding interest in doing so (to the extent that we can invoke it) or if we need it to assert rights. If this involves costs for you, we will inform you in advance.

  1. Amendment to the data protection declaration

We expressly reserve the right to amend this data protection declaration at any time.
Last modified: December 2023