What is this privacy policy about?

Region Grain Company AG (the “company”, hereinafter also “we”, “us”) is a company with its registered office in Teufen AR. In the course of our business activities, we obtain and process personal data, in particular personal data about our clients, associated persons, counterparties, courts and authorities, correspondence companies, professional and other associations, visitors to our website, participants in events, recipients of newsletters and other bodies or their respective contact persons and employees (hereinafter also “you”). In this data protection declaration we inform you about these data processing operations.

If you disclose data to us about other persons (e.g. family members, agents, counterparties or other associated persons), we will assume that you are authorised to do so and that this data is accurate and that you have ensured that these persons are informed about this disclosure, insofar as a legal duty to inform applies (e.g. by bringing this privacy policy to their attention in advance).

Who is responsible for processing your data?

The data protection officer is responsible for the processing described in this data protection declaration:

Region Grain Company AG
Alte Haslenstrasse 5
9053 Teufen AR
welcome@regiongrain.com

For what purposes do we process which of your data?

When you use our services, https://regiongrain.com (hereinafter “website”), or otherwise deal with us, we obtain and process various categories of your personal data. In principle, we may obtain and otherwise process this data in particular for the following purposes:

Communication

We process personal data so that we can communicate with you as well as with third parties, such as parties to proceedings, courts or authorities, by e-mail, telephone, letter or otherwise (e.g. to answer enquiries, in the context of legal advice and representation as well as the initiation or execution of contracts). This also includes that we may send our clients, contractual partners and other interested persons information about events, changes in the law, news about our company or similar. This may take the form of, for example, newsletters and other regular contact (electronic, postal, telephone). You may refuse such communications at any time, or refuse or withdraw consent to such communications. For this purpose, we process in particular the content of the communication, your contact data and the marginal data of the communication, but also image and audio recordings of (video) telephone calls. In the event of an audio or video recording, we will inform you separately and you are free to inform us if you do not wish a recording to be made or to terminate the communication. If we need or want to establish your identity, we will collect additional data (e.g. a copy of an ID card).

Initiation and conclusion of contracts

With regard to the conclusion of a contract, such as in particular a contract for the establishment of a client-lawyer relationship, with you or your client or employer, which also includes the clarification of any conflicts of interest, we may in particular obtain and otherwise process your name, contact details, powers of attorney, declarations of consent, information on third parties (e.g. contact persons, details of family and counterparties), contract contents, date of conclusion, creditworthiness data and all other data which you provide to us or which we collect from public sources or third parties (e.g. commercial register, credit agencies, sanctions lists, media, legal protection insurance or the Internet).

Administration and processing of contracts

We obtain and process personal data so that we can comply with our contractual obligations towards our clients and other contractual partners (e.g. suppliers, service providers, correspondence companies, project partners) and, in particular, so that we can provide and claim contractual services. This also includes data processing for client management (e.g. fiduciary work) as well as data processing for the enforcement of contracts (debt collection, legal proceedings, etc.), accounting and public communication (if permitted).

Operation of our website

In order to operate our website in a secure and stable manner, we collect technical data, such as IP address, information about the operating system and settings of your terminal device, the region, the time and the type of use. We also use cookies and similar technologies.

Improving our electronic offerings

In order to continuously improve our website, we collect data about your behavior and preferences, for example by analyzing how you navigate through our website.

Registration

In order to use certain offers and services (e.g. newsletter), you must register (directly with us or via our external login service providers). For this purpose, we process the data disclosed during the respective registration. Furthermore, we may also collect personal data about you during the use of the offer or service; if necessary, we will provide you with further information about the processing of this data.

Security purposes as well as access controls

We obtain and process personal data to ensure and continuously improve the appropriate security of our IT and other infrastructure (e.g. buildings). This includes, for example, monitoring and controlling electronic access to our IT systems as well as physical access to our premises, analysis and testing of our IT infrastructures, system and error checks and the creation of security copies.

Compliance with laws, directives and recommendations from authorities and internal regulations

We obtain and process personal data to comply with applicable laws (e.g. anti-money laundering, tax obligations or our professional obligations), self-regulations, certifications, industry standards, our corporate governance and for internal as well as external investigations to which we are a party (e.g. by a law enforcement or supervisory authority or a mandated private body).

Risk management and corporate governance

We obtain and process personal data in the context of risk management (e.g. to protect against tortious activities) and corporate governance. This includes, among other things, our business organisation (e.g. resource planning) and corporate development (e.g. acquisition and sale of business units or companies).

Job application

If you apply for a job with us, we obtain and process the relevant data for the purpose of reviewing the application, conducting the application procedure and, in the case of successful applications, for the preparation and conclusion of a corresponding contract. For this purpose, in addition to your contact details and the information from the corresponding communication, we also process in particular the data contained in your application documents and the data as we can additionally obtain about you, for example from job-related social networks, the Internet, the media and from references if you consent to us obtaining references.

Where does the data come from?

From you

The majority of the data we process is provided by you (e.g. in connection with our services, the use of our website or communication with us). You are not obliged to disclose your data, with exceptions in individual cases (e.g. legal obligations). However, if you wish to conclude contracts with us or use our services, for example, you must disclose certain data to us. The use of our website is also not possible without data processing.

From third parties

We may also take data from publicly accessible sources (e.g. debt enforcement registers, land registers, commercial registers, media or the internet incl. social media) or receive such data from public authorities, your employer or client who either has a business relationship with us or otherwise deals with us, as well as from other third parties (e.g. clients, counterparties, legal protection insurers, credit reference agencies, address dealers, associations, contractual partners, internet analysis services).

Who do we disclose your data to?

Service providers

We work with service providers in Germany and abroad who process data on our behalf (e.g. IT providers), process data jointly with us or process data on their own responsibility which they have received from us or collected for us. (These service providers include, for example, IT providers, banks, insurance companies, debt collection companies, credit reference agencies, address checkers, other companies or consultancies). We usually agree contracts with these third parties on the use and protection of personal data.

Clients and other contractual partners

First of all, this refers to clients and other contractual partners of ours for whom the transfer of your data results from the contract (e.g. because you are working for a contractual partner or he provides services for you). This category of recipients also includes bodies with which we cooperate, such as other law firms in Germany and abroad or legal expenses insurers. The recipients process the data under their own responsibility.

Authorities and courts

We may disclose personal data to offices, courts and other authorities in Switzerland and abroad if this is necessary for the fulfilment of our contractual obligations and in particular for the conduct of our mandate, or if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. These recipients process the data under their own responsibility.

Counterparties and persons involved

To the extent necessary for the performance of our contractual obligations, in particular for the management of the mandate, we also disclose your personal data to counterparties and other persons involved (e.g. guarantors, financiers, affiliated companies, other companies, informants or experts, etc.).

Does your personal data also end up abroad?

We process and store personal data mainly in Switzerland and the European Economic Area (EEA), but depending on the case – for example via subcontractors of our service providers or in proceedings before foreign courts or authorities – potentially in any country in the world. Your personal data may also be transferred to any country in the world in the course of our activities for clients.

If a recipient is located in a country without adequate data protection, we contractually oblige the recipient to comply with an adequate level of data protection (for this purpose, we use the revised standard contractual clauses of the European Commission, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj).

What rights do you have?

You have certain rights in connection with our data processing. In accordance with applicable law, you may in particular:

Request information about the processing of your personal data
Have incorrect personal data corrected
Request the deletion of personal data
Object to data processing
Request the release of certain personal data in a common electronic format or its transfer to other data controllers

If you wish to exercise your rights against us, please contact us. In order for us to be able to exclude abuse, we must identify you (e.g. with a copy of your identity card, if necessary).

Please note that prerequisites, exceptions or restrictions apply to these rights (e.g. for the protection of third parties or business secrets or due to our professional duty of confidentiality). We reserve the right to black out copies or to supply only excerpts for reasons of data protection or confidentiality.

How are cookies, similar technologies and social media plug-ins used on our website and other digital services?

When using our website (incl. newsletter), data is generated that is stored in logs (in particular technical data). In addition, we may use cookies and similar techniques (e.g. pixel tags or fingerprints) to recognise website visitors, evaluate their behavior and recognise preferences. A cookie is a small file that is transmitted between the server and your system and enables the recognition of a specific device or browser.

You can set your browser to automatically reject, accept or delete cookies. You can also deactivate or delete cookies in individual cases. You can find out how to manage cookies in your browser in the help menu of your browser.

Both the technical data we collect and cookies generally do not contain any personal data.

In addition, we use our own tools as well as third-party services (which in turn may use cookies) on our website, in particular to improve the functionality or content of our website (e.g. integration of videos or maps), to compile statistics.

What else needs to be considered?

We do not assume that the EU General Data Protection Regulation (“GDPR”) is applicable in our case. However, if this should exceptionally be the case for certain data processing operations, this section shall additionally apply exclusively for the purposes of the GDPR and the data processing operations subject to it.

We base the processing of your personal data in particular on the fact that:

They are necessary for the initiation and conclusion of contracts and their administration and enforcement
It is necessary to protect the legitimate interests of us or of third parties
It is required or permitted by law on the basis of our mandate or position
You have separately consented to the processing

We would like to point out that we will process your data for as long as it is necessary for the purposes for which we process it, the legal retention periods and our legitimate interests, in particular for documentation and evidence purposes, or for as long as storage is technically necessary.

If you do not provide certain personal data, this may mean that it is not possible to provide the related services or conclude a contract. As a matter of principle, we indicate where personal data requested by us is mandatory.

Can this privacy policy be changed?

This Privacy Policy does not form part of any contract with you. We may amend this privacy policy at any time. The version published on this website is the current version.

April 2025