Handeys GmbH

Person responsible

Handeys GmbH, Bahnhofplatz 1, 5400 Baden

Commercial register entry: CH-400.4.021.691-8

Protection of your privacy

Personal data will be treated in strict confidence and will not be sold or passed on to third parties. Every person is entitled to protection of his or her privacy as well as protection against misuse of his or her personal data, based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Swiss Confederation (Data Protection Act, DSG). We comply with these provisions.

In close cooperation with our hosting providers, we strive to protect the databases as well as possible against unauthorized access, loss, misuse or forgery.

SSL encryption

To protect the security of your data during transmission, we use state-of-the-art encryption procedures (SSL) via HTTPS.

Data collection

The following data is collected:

Personal information which Handeys GmbH receives when applying for a credit, leasing or loan or during the duration of the business relationship (e.g., when you are a customer). in connection with the invoicing, reimbursements or the collection of open claims and in the processing of insurance cases) or which it collects itself (customer data). Handeys GmbH receives this data directly from the customer or from intermediaries.

Data from third parties (e.g. intermediaries, the Central Office for Credit Information (ZEK) and the Information Office for Consumer Credit (IKO), authorities, credit agencies (for customers from Germany with foreigner's identity card B, L or G also from the Protection Association for General Credit Security (Schufa)), employers or from public, generally accessible sources, such as databases or registers (e.g. or the Commercial Register).

Automatic data processing on this Internet site

When you call up our Internet pages, information that your browser sends to us is automatically stored in our "server log files". These are:

  • browser type/ -version
  • operating system used
  • referrer URL (the previously visited site)
  • host name of the accessing computer (IP address)
  • time of the server request.

These usage data form the basis for statistical, anonymous evaluations, so that trends can be recognized, on the basis of which we can improve our offers accordingly.

Data processing for credit, leasing and loan agreements

The data collected is processed for the purpose of processing the agreements, in order to provide the service and support the customer. In the event of late payment, the customer data is processed as part of the dunning process, for example Handeys GmbH can initiate additional clarifications and contact the customer. Additional clarifications can include the obtaining of information from or the information to certain places (e.g. intermediary, ZEK, IKO). Likewise, data is collected and processed for the processing of insurance claims in order to clarify insurance claims in cooperation with the insurance partner. Customer data is also processed within the scope of their obligations to combat money laundering and the financing of terrorism, in particular to identify the customer or to determine the beneficial owners of the assets. As part of transaction monitoring, data is processed if, for example, a credit/leasing/loan is terminated prematurely. In this process, the origin of the assets is examined in depth and necessary measures are initiated.

Types of data processed

  • inventory data (e.g., names, addresses).
  • contact data (e.g., e-mail, telephone numbers).
  • content data (e.g., text entries, photographs, videos).
  • usage data (e.g., web pages visited, interest in content, access times).
  • meta/communication data (e.g., device information, IP addresses).

Purpose of processing

  • Handeys GmbH uses and processes your personal data for credit checks and to offer services tailored to your needs. The collected data is processed for risk purposes in order to determine the credit and market risks associated with credit, leasing and/or loan transactions. This is particularly necessary because Handeys GmbH bears the financial risk from the contractual relationship with the customer (creditworthiness risk). For this purpose, individual risk profiles are drawn up, which serve, among other things, to assess the creditworthiness and credit capability. The authorization of data processing for risk purposes cannot be revoked, since Handeys GmbH is dependent on calculating and limiting its financial risk. A waiver of these data processing is only possible by termination of the business relationship.
  • Provision of the online offer, its functions and contents
  • Answering contact inquiries and communication with users
  • Security measures
  • Range measurement/marketing

Third-party data collection

Handeys GmbH may obtain the information required for the purpose of granting a credit (credit assessment) from the third parties affected by the present contract. Handeys GmbH receives from the borrowers and/or applicants for credit, leasing and/or loan within the framework of credit, leasing and/or loan applications and contracts and from other sources (e.g. intermediaries such as credit and loan brokers, vehicle dealers, partner banks, further education institutes, credit agencies, Central Office for Credit Information (ZEK), authorities, employers, companies of the Aduno Group, Information Office for Consumer Credit (IKO) etc.) various information which it processes for the provision of its services. In particular, this includes information such as current address, solvency or any paternalism.

Data processing by third parties

Handeys GmbH cooperates with third parties at home and abroad to provide its services (e.g. for IT support). These third parties are contractually obliged to process the data transmitted to them exclusively in the interest and for the purpose of Handeys GmbH. They are subject to the same obligations in connection with data protection and data security as Handeys GmbH itself and undertake to keep the data secret.

During electronic communication and the transmission of data, data can under certain circumstances be transmitted via third countries that do not offer the same level of data protection as Switzerland. We would therefore like to point out that data transmitted abroad may not enjoy an equivalent level of protection as under Swiss law and that access to such data by public authorities cannot be ruled out.

Transfer of data

Handeys GmbH does not provide third parties with data for their own purposes. Exceptions to this principle require the consent of the customers. Such consent exists, for example, for the transfer of data to intermediaries (in accordance with AGB / ALB). Within the scope of its regulatory or legal obligations, creditworthiness information (details of the application, its acceptance or rejection, conclusion and end of contract, type of obligation, solvency, payment arrears, etc.) is made known to the Central Office for Credit Information (ZEK) or the Information Office for Consumer Credit (IKO).

By order of the authorities or based on legal obligations, customer data will also be disclosed to governmental agencies such as law enforcement or supervisory authorities.

Deletion of personal data

The processing, transfer and deletion of your personal data is carried out in accordance with and in compliance with the legal provisions on data protection. Handeys GmbH is entitled to pass on your personal data to its own employees, agents and affiliated companies within and outside of Switzerland in order to operate, improve and personalize the products and services of Handeys GmbH. Handeys GmbH is furthermore entitled or obliged to pass on your personal data to CRIF AG and the IKO (Information Office for Consumer Credit). Handeys GmbH stores your personal data only for as long as it is necessary in view of the processing purposes or until the statutory or contractual retention period for your personal data has expired.

Right to information, correction, deletion of data

If you would like to make a request for information, correction or deletion in connection with your personal data, please send your question/request by post and enclose a copy of your passport or identity card to the following address:

Handeys GmbH, Bahnhofplatz 1, 5400 Baden.


When contacting us (e.g. via contact form, e-mail, telephone or social media), the user's data is processed for the purpose of handling the contact request and its processing. The user's details may be stored in a customer relationship management system ("CRM system") or comparable inquiry organization in order to process possible follow-up enquiries more efficiently.

Communication and advertising

Handeys GmbH may send information and advertising to customers by mail or electronically (by e-mail, by push message, by SMS or in any other suitable way). This electronic communication with the customer takes place via the public communication networks. Data transmitted in this way is generally visible to third parties, can be lost during transmission or can be intercepted by unauthorized third parties. It cannot therefore be ruled out that third parties may gain access to communication with the customer despite all security measures taken. Since e-mail is an open communication, it is generally not suitable for transmitting personal information.

Contact by e-mail will only be made if consent has been given, for example if Handeys GmbH has received the e-mail address from the sender when the latter contacts Handeys GmbH, as is the case with the information in the credit, leasing and/or loan application, when entering into an (electronic) application or inquiry form or when participating in competitions.

We will delete the requests if they are no longer required. We review the necessity every two years; Furthermore, the statutory archiving obligations apply.


Cookies are small text files that your browser stores when you call up a website. Cookies are used, for example, so that you do not have to log in again when you visit a website or web application such as my.cyon repeatedly. Cookies are also used by web analysis services such as Google Analytics to mark the visitor.

You can prevent the storage of cookies by making the appropriate setting in your browser. In this case you may not be able to use all functions of this website to their full extent.

Collection of access data and log files

We, or rather our hosting provider, collect data on the basis of our legitimate interests as defined in Art. 6 Par. 1 lit. f. DSGVO data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited site), IP address and the requesting provider.

Log file information is stored for a maximum of 7 days for security reasons (e.g. for the investigation of abuse or fraud) and then deleted. Data whose further storage is required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.


This website uses the services of newsletter2go for sending newsletters. The provider is newsletter2go GmbH, Köpenickerstrasse 126, 10179 Berlin.

newsletter2go is a service that can be used to organize and analyze the dispatch of newsletters, among other things. If you enter data for the purpose of subscribing to the newsletter (e.g. e-mail address), this data will be stored on the servers of newsletter2go in the in Germany If you do not want to be analyzed by newsletter2go, you must unsubscribe from the newsletter. For this purpose we provide a corresponding link in every newsletter message.

Data analysis by newsletter2go

For the purpose of analysis, e-mails sent with newsletter2go contain a so-called "tracking pixel" which connects to the servers of Rapidmail when the e-mail is opened. This way it can be determined whether a newsletter message has been opened. Furthermore, we can use newsletter2go to determine whether and which links in the newsletter message are clicked on. All links in the e-mail are so-called tracking links that can be used to count your clicks. The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations already performed remains unaffected by the revocation.

Storage period

The data you have provided us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of newsletter2go after you have cancelled your subscription to the newsletter. Data that has been stored for other purposes (e.g. e-mail addresses for the member area) remains unaffected.

Privacy policy:

Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc. (following: "Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, in the event that IP anonymization is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before this happens.

Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.

Awin Affiliate Program

We operate an affiliate program called Awin. Publishers use banners to attract customers who come to our website. Cookies (see section: Cookies) are used to track the amount of credit applied for and stored in the Awin program. No personal data is stored at Awin. The guidelines published in this privacy policy apply to the handling of data stored on our systems.

Online presence in social media

We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write articles on our online presences or send us messages.

Social-Media Plugins

We have integrated the social media buttons of the following companies on our website. You can recognize the plugins by the fact that they are marked with the corresponding logo.

  • Facebook Inc. (1601 S. California Ave - Palo Alto - CA 94304 - USA)
  • Twitter Inc. (795 Folsom St. - Suite 600 - San Francisco - CA 94107 - USA)
  • Google Plus/Google Inc. (1600 Amphitheatre Parkway - Mountain View - CA 94043 - USA)
  • XING AG (Gänsemarkt 43 - 20354 Hamburg - Germany)
  • LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland
  • Foursquare, 50 W 23rd St, 8th Floor, New York, NY 10010.
  • YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA
  • Tumbir, 770 Broadway, New York, NY 10003, USA

Within our online offer, functions and contents of these services may be integrated. This includes content such as images, videos or text and buttons that allow users to express their favorites regarding the content, the authors of the content or to subscribe to our articles. If the users are members of the platforms, the platform can assign the call of the above-mentioned contents and functions to the profiles of the users there.

Facebook pixel, custom audiences and Facebook conversion

Within our online offer, due to our legitimate interests in analysis, optimization and economic operation of our online offer and for these purposes, the so-called "Facebook pixel" of the social network Facebook, which is operated by Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook").

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (

On the one hand, the Facebook pixel enables Facebook to determine the visitors of our online offer as a target group for the display of ads (so-called "Facebook ads"). Accordingly, we use the Facebook pixel in order to display the Facebook Ads placed by us only to those Facebook users who have also shown an interest in our online offering or who exhibit certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called "custom audiences"). With the help of the Facebook pixel, we also want to ensure that our Facebook Ads correspond to the potential interest of users and do not appear to be annoying. The Facebook pixel also allows us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users are redirected to our website after clicking on a Facebook ad (so-called "conversion").

The processing of data by Facebook takes place within the framework of Facebook's Data Use Policy. Accordingly, general information on the display of Facebook ads, in the Facebook Data Usage Policy: Specific information and details about the Facebook pixel and its functionality can be found in the Facebook help area:

You can object to the collection by the Facebook pixel and use of your data for the display of Facebook Ads. To control what types of ads are displayed to you within Facebook, you can go to the Facebook-established page and follow the instructions on usage-based advertising settings: The settings are platform-independent, meaning that they are applied to all devices, such as desktop computers or mobile devices.

You may also opt-out of the use of cookies for audience measurement and advertising purposes by visiting the Network Advertising Initiative opt-out page ( and additionally the U.S. website ( or the European website (


Our website integrates videos from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our sites that features a YouTube video, a connection is made to the YouTube servers. This tells the YouTube server which of our pages you have visited. If you are logged in to your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest in the sense of Art. 6 para. 1 lit. f DSGVO.

Google Maps

This website uses Google Maps API to visually display geographical information. When using Google Maps, Google also collects, processes and uses data on the use of the map functions by visitors. You can find more detailed information about data processing by Google in the Google data protection information. There you can also change your personal data protection settings in the data protection center.

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Privacy Policy:, Opt-Out:

Google Webfonts

In order to display our content correctly and graphically appealing across browsers, we use script libraries and font libraries such as Google Web Fonts on this website ( Google Web Fonts are transferred to the cache of your browser to avoid multiple loading. If the browser does not support Google Web Fonts or prevents access, content will be displayed in a default font.

Calling script libraries or font libraries automatically triggers a connection to the library operator. It is theoretically possible - although currently it is unclear whether and for what purpose - that the operators of such libraries collect data.

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Privacy policy:, Opt-Out:

Place of jurisdiction and applicable law

For all disputes arising from or in connection with this data protection declaration, Baden is agreed as the exclusive place of jurisdiction. Handeys GmbH reserves the right to bring the dispute before all other courts that would normally be competent for you. Swiss law is exclusively applicable to this data protection declaration.

Imprint / Responsible for data collection

Handeys GmbH, Bahnhofplatz 1, 5400 Baden - June 2018