1. Introduction
The purpose of this privacy policy is to inform you about how APCO Technologies collects, uses and protects your personal data.
We are committed to complying with applicable data protection legislation, including the European Union's General Data Protection Regulation (EU GDPR), the UK GDPR via the Data Protection Act 2018 in the United Kingdom, as well as the Swiss Federal Data Protection Act (nLPD), in order to ensure the security and confidentiality of your information.
This policy applies to all personal data that we collect, whether provided directly by you or collected as part of your use of our services.
2. Data controller
APCO Technologies SA Chemin de Champex 10, 1860 Aigle, Switzerland, is responsible for processing personal data.
3. Personal data collected and purposes of processing
In the course of our activities, we undertake to collect only the personal data strictly necessary for the provision and improvement of our services.
Providing and improving our services
We collect identification data such as surname, first name, date of birth, telephone numbers and e-mail address, in order to ensure the quality and continuity of our services.
Compliance with our legal and contractual obligations
In order to meet our regulatory and contractual obligations, we collect identification and financial data, in particular: surname, first name, date of birth, telephone numbers, e-mail address, salaries, proof of professional expenses and bank details.
Optimizing the user experience
In order to improve your experience of our website and services, we collect technical data such as: IP address, browsing information (sessions, pages visited), cookies and other tracers. Some of this information may constitute personal data and is therefore processed in accordance with our
Cookies Policy.
Communication and commercial prospecting
Subject to your prior consent, we collect identification and professional data such as surname, first name, e-mail address, job title and company, in order to communicate with you and propose our offers.
Application management
As part of the processing of applications submitted via our application tracking system (ATS), we collect identification and professional data, in particular: surname, first name, date of birth, nationality(ies), address, telephone numbers, e-mail address, curriculum vitae, diplomas, police record and professional interests.
Human Resources administration
To manage human resources and support our employees (management of employment contracts, salary payments, organization of training courses, performance appraisals, etc.), we process identification, professional and financial data such as: surname, first name, date of birth, marital status, AVS/Social Security number, address, telephone numbers, e-mail address, diplomas and certificates, appraisals and work certificates, as well as bank details.
Access to our premises
When you visit one of our sites, we collect identification data, including your surname, first name, e-mail address and nationality(ies) to ensure the security of our premises. You will also be asked for your signature when you register. Signatures are not reusable for any other document.
4. Personal data collected and purposes of processing
We process your personal data only when we are authorized to do so by law. The processing of your personal data is based on the following legal grounds:
Your consent: in particular for marketing purposes or when required by law.
Performance of a contract: when processing is necessary for the provision of our services or the performance of a contract to which you are a party.
Compliance with legal obligations: in order to comply with our legal and regulatory obligations.
5. Data sharing
Your personal data may be shared with trusted partners only for the purposes indicated and in compliance with applicable legislation. These partners are required to comply with appropriate security and confidentiality obligations.
6. Data retention period
Your personal data is kept for the time strictly necessary to achieve the purposes for which it was collected, in accordance with applicable legal and regulatory requirements. For example:
Data relating to personnel management is kept for the duration of the employment contract is active, then archived for 10 years from the end of the contractual relationship.
Data required for accounting purposes is kept for 10 years, in compliance with legal requirements.
Data used for commercial prospecting purposes is kept for 3 years from the last contact with the person concerned.
Data collected when visitors are received on our premises is kept for maximum 1 year from the date of the visit.
At the end of these periods, any data no longer required will be securely deleted or anonymized, unless longer retention is required to meet a legal obligation or in the event of litigation.
You may request the deletion or rectification of your data at any time, within the limits of the law.
7. Data protection rights
In accordance with the nLPD, the EU GDPR and the UK GDPR, you have the following rights regarding your personal data:
Right of access: you can obtain a copy of the personal information we hold about you.
Right of rectification: you can request the correction of inaccurate or incomplete data.
Right to erasure: you may request the deletion of your personal data under certain conditions, in particular when it is no longer required for the purposes for which it was collected.
Right to restrict processing: you may request that the use of your data be restricted in certain cases.
Right to object: you may object to the use of your personal data, in particular for direct marketing purposes.
Right to data portability: you may request to receive your data in a structured, commonly used and machine-readable format, or request its direct transfer to another organization.
8. Exercising your rights
To exercise any of these rights, simply contact us at:
By mail: APCO Technologies SA, Chemin de Champex 10, 1860 Aigle (Switzerland)
By email: privacy@apco-technologies.eu
We will respond to your request within a reasonable time (usually within 1 month), in accordance with legal requirements. We may ask you for additional information to verify your identity before processing your request.
9. Data security
We implement appropriate technical and organizational security measures, such as data encryption, access management, and monitoring of our systems, to protect your personal data against unauthorized access, use or disclosure, as well as accidental loss, alteration or destruction.
10. International data transfers
In cases where your personal data is transferred outside the European Economic Area (EEA), Switzerland or the United Kingdom, we ensure that such transfers benefit from appropriate safeguards, in order to maintain a level of protection equivalent to that required by applicable regulations, such as the EU GDPR and the UK GDPR.
These guarantees may include the use of standard contractual clauses approved by the European Commission or the Information Commissioner’s Office (ICO) for United Kingdom, or any other mechanism recognized as adequate by the competent authorities.
11. Data Protection Impact Analysis (DPIA)
To date, APCO Technologies has not implemented any processing of personal data that presents a high risk to the rights and freedoms of data subjects. Consequently, no Data Protection Impact Analysis (DPIA) is currently required.
However, we remain attentive to the evolution of our activities and regularly reassess our practices to ensure their compliance with the EU GDPR, the UK GDPR and the nLPD. If new processing operations were to be implemented, we would carry out a risk analysis to determine the need for a DPIA.
Where appropriate, we undertake to:
Carry out a thorough assessment of the risks to the privacy of data subjects.
Implement appropriate security measures to limit these risks.
Consult the relevant data protection authority in the event of high residual risks.
Finally, we apply the principles of “privacy by design” (data protection by design) and “privacy by default” (data protection by default), in line with the requirements of the GDPR.
12. Changes to the Privacy Policy
We reserve the right to modify this privacy policy at any time. Changes will be posted on our website with the last update date. We encourage you to check this page regularly for any changes.
13. Contact
If you have any questions about this privacy policy or wish to exercise your rights, you can contact our Data Privacy Officer at:
APCO Technologies SA
Chemin de Champex 10
1860 Aigle (Suisse)
privacy@apco-technologies.eu
This Privacy Policy was last updated on June 19, 2025.
