Privacy Policy

Policy

Below, standing ovation ag, Neunbrunnenstrasse 50, 8050 Zurich, informs you about the data protection procedures for the collection, storage, and processing of personal data. This privacy policy applies to all services and offerings provided and operated by us in connection with our website «standingovation.ch».

Under the Federal Act on Data Protection (FADP), every natural person has the right to protection of their privacy and protection against misuse of their personal data. We comply with data protection regulations.

The terms used below have the meanings assigned to them in accordance with Art. 5 FADP:

  • Personal data;
  • Data subject;
  • Processing;
  • Disclosure;
  • Profiling;
  • High-risk profiling;
  • Data security breach;
  • Controller;
  • Processor.

This privacy policy applies to website visitors, prospects, customers, and applicants.

 

1. Data controller

Claudia Gambini, COO
standing ovation ag
Neunbrunnenstrasse 50
8050 Zurich, Switzerland

Office: +41 43 355 70 90
Email: hello@standingovation.ch

 

2. Data processing

We process various categories of personal data about you or your customers. These include:

  • Technical personal data: In particular log data automatically generated when visiting our website, such as IP address, device identifier, browser information, date and time of access, pages visited, and interaction details. These data are collected automatically when accessing our website.
  • Communication data: Information you provide to us in the course of communication, for example via email or our forms, such as name, contact details (email, phone number), message content, and date and time of communication. These data arise when you contact us.
  • Master data: Basic identification and contact details such as first name, last name, company (if provided), email address, and phone number (optional or if provided). These data are collected when you submit a project inquiry, request a callback, request a meeting, or submit an unsolicited application.
  • Registration data: Information provided in connection with registration. This includes in particular:
    (a) Newsletter subscription: first name, last name, email address (collected directly via HubSpot form);
    (b) Whitepaper download / lead generation in HubSpot: first name, last name, company, email address, phone numbers.
  • Contract data: Data arising in connection with the preparation or execution of a contract. This includes, in particular, the information you provide in project inquiries (name, company, email, phone number, project description) as well as internal notes for processing the request.
  • Behavioral and preference data: These arise from your behavior on the website or our communication, especially information on downloads (e.g. whitepapers), newsletter interactions (opens, clicks), usage patterns, or interest profiles recorded in HubSpot. These data are collected via cookies, tracking technologies, or your interactions with our newsletter.

Many of these personal data are provided by you (e.g. via forms, communication, contracts, website use). You are not obliged to provide them, subject to certain cases (e.g. legal obligations). If you wish to enter into contracts or use services, you must provide personal data required under the relevant contract, especially master, contract, and registration data. When using our website, processing of technical personal data is unavoidable. If you want access to certain systems or buildings, you must provide registration data. For behavioral and preference data, you can always object or withhold consent.

Where we process data for analysis or marketing purposes, this does not constitute high-risk profiling under the FADP. Processing serves solely to improve our website and services.

Where permitted, we also collect personal data from publicly accessible sources (e.g. debt enforcement registers, land registers, commercial registers, media, or the internet including social media) or receive them from authorities or third parties (e.g. credit agencies, address brokers, contractual partners, internet analytics services).

When using our website, certain usage data are automatically transmitted via your internet browser using server log files, including:

  • Hostname of the accessing computer (IP address);
  • Date and time of access;
  • Referrer URL;
  • Browser type and version;
  • Operating system;
  • Browser request and general transmitted information.

These usage data form the basis for statistical, anonymous evaluations to identify trends and improve our services. These data cannot be assigned to specific individuals. No merging with other data sources takes place. We reserve the right to review these data retrospectively if there are concrete indications of unlawful use.

Depending on website use and services, further personal data may be processed, especially name, address, email, salutation, phone number, and user behavior.

Personal data are treated strictly confidentially and are neither sold nor otherwise disclosed to third parties (unless stated in this privacy policy).

Our website can generally be used without providing personal data. Where personal data are collected, this is usually on a voluntary basis. These data are not disclosed to third parties without your explicit consent, except as stated in this policy.

We point out that data transmission over the internet (e.g. email communication) may have security gaps. Complete protection of your data against access by third parties is not possible.

 

3. Purpose of processing and consent

When you contact us (via contact form or email), your personal data will be processed – alongside any consent you may have given – for the purpose of handling your inquiry, its administration, and for carrying out pre-contractual measures.

We use HubSpot, 25 First Street, Cambridge, MA 02141, USA, as our customer relationship management system to process inquiries from interested parties quickly and efficiently. For information on how HubSpot processes your personal data, please refer to HubSpot’s privacy policy.

Where we use web analytics or marketing services such as Google Analytics 4, data processing will only take place after you have given your prior consent via the cookie consent tool. Without your consent, no corresponding tracking cookies will be set.

If you contact us to apply for an internal position or freelance work, we process your personal data to assess your suitability for the position (or, where applicable, other open positions in our company) or for a project, and to carry out the application process. Your application data will be reviewed by the HR department upon receipt. Suitable applications will then be forwarded internally to the relevant department managers responsible for the vacancy or project. The next steps will be decided there. Within the company, only those persons who require access to your personal data for the proper conduct of the application process will have such access.

If you have given us your consent to process your personal data for specific purposes – particularly for contacting you and handling your request via our contact form or by email – the lawfulness of this processing is based on your consent.

You may withdraw your consent at any time. Please note that the withdrawal only has effect for the future. Processing carried out before the withdrawal remains unaffected. The withdrawal can be addressed to the contact point specified in Section 2.

 

4. Data Disclosure

We collaborate with service providers and other contractual partners in Switzerland and abroad who process your data on our behalf, jointly with us, or who receive data about you from us under their own responsibility.

Your personal data is only disclosed to processors within the scope of legal requirements and in compliance with data protection principles (Art. 6 and Art. 9 DSG).

The disclosure of your personal data to third parties who process data about you under their own responsibility or jointly with us is also carried out solely within the scope of legal requirements and in compliance with data protection principles (Art. 6 DSG).

Access to your personal data is granted to those employees of our company who require it to fulfill our contractual and legal obligations. Processors engaged by us may also receive data for the above-mentioned purposes. These include companies in the fields of IT services, logistics, printing services, telecommunications, consulting, as well as sales and marketing. Where we engage processors to provide our services, we take appropriate legal precautions as well as suitable technical and organizational measures to ensure the protection of personal data in accordance with applicable legal provisions.

All these recipients may in turn engage third parties, which may result in your personal data also being accessible to them. We require our processors, within the framework of a data processing agreement, to comply with applicable legal provisions. This includes, among other things, the obligation to inform us to whom your personal data is disclosed and to ensure that appropriate data processing agreements are concluded with such third parties in order to guarantee compliance with data protection regulations.

We may be able to restrict processing by certain third parties (e.g., IT providers), but not by others (e.g., authorities, banks).

 

5. Transfer Abroad

We generally process personal data in Switzerland and in the European Union. However, our service providers may operate worldwide. In particular, we disclose personal data to the United States (e.g. through the use of HubSpot, Google, Facebook, Instagram, LinkedIn and Vimeo).

Where we transfer personal data to countries that do not provide an adequate level of data protection, we ensure appropriate safeguards, in particular by concluding Standard Contractual Clauses of the European Commission adapted to Swiss data protection law.

In exceptional cases, data may also be transferred abroad without such safeguards, notably with your explicit consent, for the performance of a contract, in connection with data you have made public, or for the establishment, exercise or defence of legal claims (cf. Art. 17 FADP).

 

6. Your rights: Access, erasure, blocking

You have the right at any time to obtain, free of charge, information about your stored personal data, its origin and recipients, and the purpose of the data processing. You also have the right to request the correction, restriction, or deletion of this personal data. For this purpose, as well as for any further questions regarding personal data, you may contact the office listed under Section 2 at any time.

In addition, where provided by law, you have the right to receive your personal data in a commonly used electronic format (data portability).

 

7. Retention period for your personal data

We process your personal data for as long as the purpose of processing or statutory retention periods require. After that, the personal data will be deleted or anonymized, unless overriding legitimate interests on our part (e.g. preservation of evidence or defense of legal claims) prevent deletion.

 

8. Cookies

Our website partially uses so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser. Please note that personal data exchanged over the Internet is often routed through third countries. Your personal data may therefore also be transferred abroad even if the sender and recipient are located in the same country.

Most of the cookies we use are so-called session cookies. They are automatically deleted after the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of our website may be restricted.

 

9. Use of Google Analytics 4

Our website uses functions of the web analytics service Google Analytics 4. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics 4 uses cookies. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of our website is usually transmitted to a Google server in the USA and stored there.

Google Analytics 4 is only activated if you have consented to the use of statistics and analysis cookies via the cookie consent banner.

Google Analytics 4 does not provide precise location data. Instead, the following metadata is derived from IP addresses: city (and the derived latitude and longitude of the city), continent, country, region, subcontinent (and the ID-based equivalents). For accesses originating from the EU, IP address data is only used to derive location data and is then immediately deleted. It is not logged, is not accessible, and is not used for any further purposes. On our behalf, Google will use this information to evaluate your use of our website, to compile reports on website activity, and to provide other services related to website usage and internet usage to the website operator. In Google Analytics 4, all IP addresses collected from users in the EU are deleted before they are recorded via EU domains and servers.

You can prevent the storage of cookies by adjusting the settings of your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of our website to their full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at this link.

 

10. Contact form

If you send us inquiries via the contact form, your details, including the contact data you provide, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. The processing of this data is carried out for the implementation of (pre-)contractual measures or to safeguard our legitimate interests in responding to your inquiry (Art. 31 DSG). Data will only be passed on to third parties insofar as this is necessary for processing your request or there is a legal obligation to do so. Further information on our processing purposes can be found under section 4.

 

11. Newsletter

If you would like to subscribe to the newsletter offered on the website, we require your email address as well as your first and last name. This information allows us to verify that you are the owner of the provided email address and that you agree to receive the newsletter. We use this data exclusively for sending the requested information and do not pass it on to third parties. Data that is considered particularly high-risk under Art. 5 of the DSG and falls under «profiling» (work performance, economic circumstances, health, personal preferences, interests, reliability, behaviour, place of residence or change of location) is not collected. You can revoke your consent to the storage of data, the email address, and its use for sending the newsletter at any time, for example via the «unsubscribe» link in the newsletter.

 

12. Social media

We are present on social networks and platforms in order to communicate with you there as well and to inform you about our services. Usage profiles can be created from user behaviour and the resulting interests of the users. These usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that are intended to correspond to the interests of the users. For this purpose, cookies may be stored on users' computers in which the usage behaviour and interests of the users are stored. Further data may also be stored in these usage profiles, particularly if the users are members of the respective platforms and are logged in there.

We would like to point out that your data may also be processed outside the European Union and is generally processed there for the purposes of market research and advertising. For information on the respective processing activities and the respective options to object, please refer to the pages linked below.

Privacy policies of the providers:

 

13. Additional services

In the context of our interest in an optimal online presence, the services of third parties are used on our website. The following third-party providers are used on our website:

  • Facebook: Buttons of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA, are integrated into our web pages. You can recognize the Facebook buttons by the Facebook logo or the Share button on our website. We do not use the Like button for privacy reasons. There is an overview of the Facebook buttons and plugins here. If you visit our web pages, initially no personal data is passed on to Facebook as a rule. It is only when the Share button is clicked that a connection is established between your browser and the Facebook server. If the Share button is used, Facebook automatically receives the information that you have visited us with your IP address. If you are logged in to your Facebook account, you can link the contents of our site to your Facebook profile. This enables Facebook to attribute your visit to our web pages to your user account. Please be advised that we, as the provider of the web pages, do not obtain any knowledge of the content of the transmitted data and its use by Facebook. Further information on this topic is available in the Facebook privacy policy. If you do not want Facebook to be able to attribute the visit to our web pages to your Facebook user account, do not click the Share button and please log out of your Facebook user account.
  • LinkedIn: «Share with LinkedIn Plugins» by LinkedIn may be used on our website; these are operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. LinkedIn erhält Informationen über Ihre Besuche und Interaktionen mit unserer Website, wenn Sie mit Ihrem Profil eingeloggt sind. Further information on this topic is available in the LinkedIn privacy policy.
  • Instagram: Social plugins by Instagram may be used on our website; these are operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA. The plugins are identified by an Instagram logo, for example in the form of an Instagram camera. If you visit a page on our website that contains such a plugin, your browser establishes a direct connection to Instagram’s servers. Please see Instagram’s privacy policy for information about the purpose, scope, and additional processing and use of data by Instagram as well as your relevant rights and configuration options for the protection of your privacy.
  • Vimeo: To integrate videos, we use the services of third-party provider Vimeo LLC, with registered office at 555 West 18th Street, New York, New York 10011, USA. If you visit one of our web pages that has been provided with a Vimeo plugin, a connection to Vimeo’s servers is established. In the process, the Vimeo server is informed of which of our pages you have visited, and your IP address is transmitted. This also occurs if you are not logged into Vimeo or you do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to attribute your browsing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account. You can find further information on handling of user data in Vimeo’s privacy policy.
  • HubSpot: We have integrated HubSpot forms on our pages. If you fill out the form and click «Send», your personal data is sent to HubSpot. We use the customer management system HubSpot, 25 First Street, Cambridge, MA 02141, USA, to enable us to process inquiries from interested parties quickly and efficiently. Further information is available in the HubSpot privacy policy.

 

14. Objection, advertising emails

The use of contact data provided as part of the required publishing details to send advertising and information material not explicitly requested is hereby objected to. standing ovation ag expressly reserves the right to take legal action in the event of unsolicited receipt of advertising information, e.g., in spam emails.

 

15. Data security and breaches of privacy

We take appropriate security measures to ensure the confidentiality, integrity, and availability of your personal data, to protect it against unauthorized or unlawful processing, and to counteract the risks of loss, accidental alteration, unintended disclosure, or unauthorized access. Any data protection breaches will be reported to the Federal Data Protection and Information Commissioner (FDPIC) as quickly as possible.

When planning and designing our systems and applications, we take into account the principles of privacy by design and privacy by default (data protection through technology and data protection-friendly default settings). Data processing and security principles are already considered during the planning and design of applications.

 

16. Amendment of privacy policy

This privacy policy does not form part of a contract with you. We may amend this privacy policy at any time. The version published on this website is the respective current version.

 

Most recent update: April 2026