Branch Privacy Policy

How is data processed during visits to our branches?

This Privacy Policy describes how data is processed at physical Swiss Post locations, i.e. at publicly accessible counters in self-operated Swiss Post branches (hereinafter referred to as “counters”).

  • This Privacy Policy does not apply to the use of Swiss Post services at branches with partners. For more information, see Services
  • If you have a login for the “My Post” customer portal and use it to confirm your identity in branch or to access services, the My Post GTC and the data protection provisions concerning our digital presence will apply.
  • Please also always refer to the supplementary information in the data protection notices concerning our services or in our other communications, such as contracts, General Terms and Conditions (GTC) and Subscriber Conditions.

Who is responsible for data processing?

Swiss Post Ltd and its strategic subsidiaries consisting of Post CH Ltd, Post CH Network Ltd and Post CH Communication Services Ltd (hereinafter referred to as “Swiss Post” or “we” or “us”) are jointly responsible for data processing when you visit a branch.

Another company of Swiss Post Ltd may also be responsible for data processing. We will inform you if this is the case. You can find a list of the other subsidiaries that may be responsible for data processing here: Subsidiaries

Can I purchase goods or services at a counter without sharing my personal data?

In principle, it is possible to obtain information, get in contact with us and purchase goods or services at our counters without sharing your personal data. However, purchasing certain goods and services requires you to confirm your identity and/or share personal data in advance.

If you have a My Post login, some branches give you the option to generate an e-ticket by scanning a QR code whilst you are in the queue. The employee at the counter can then identify you using this e-ticket and a link is established to your My Post customer account and the data saved in this account.

What kind of data do you collect about me?

We only collect personal data when doing so is necessary for you to purchase selected goods and services or if you share your data with us voluntarily. Depending on why you are visiting the counter , we process data from various sources.

Why does Swiss Post process data?

We process your data for the purposes set out in this Privacy Policy. The purpose for which we process your data in individual cases when you visit a counter depends on your enquiry and our reason for processing. In particular, we process your data for the following purposes:

Is a link established to my digital customer account when I visit a branch?

If you do not have a “My Post” customer account: We will collect and store the data that you share with us directly (after we ask you for it) or indirectly (e.g. when you hand over a postal item) in our systems or transfer it to any possible recipient systems. We will only use the data needed to process your enquiry for the purpose of fulfilling your enquiry.

If you have a “My Post” customer account: Provided you have given us your consent, we may establish a link between the data generated at the counter during your visit and the data in your customer account. An exception to this is data for which a third party, such as PostFinance or a network opening partner, is responsible.

To whom does Swiss Post disclose data and who can process the data for other purposes?

Service providers

Various service providers support Swiss Post in providing you with a secure and informative experience when you visit one of our physical touchpoints, as well as helping us offer and market services reliably. These service providers, in particular IT service providers, telecommunications services, marketing and sales service providers, security service providers and consultancy service providers, may be external companies or subsidiaries of Swiss Post. We select our service providers carefully and make sure that they uphold data protection requirements. If we engage third parties to provide services, we are authorized to make the data necessary for this purpose available to them. The third parties are subject to the same obligations regarding guaranteeing data protection as Swiss Post itself. Furthermore, we only disclose data to service providers within the scope of the purpose explained in this Privacy Policy and only to the extent necessary to provide our services.

Subsidiaries

In some cases, we may disclose data to subsidiaries of Swiss Post. We do this, for example, when data is processed as part of an internal Group service or when there is a legal basis for the disclosure.

Third-party partners

If you use services provided by our partners or if you have an interest in their services, we share data with our third-party partner as required, provided you have consented to this.

Public authorities

We may be required to disclose data to Swiss and foreign public authorities due to statutory provisions, official orders or court decisions. Public authorities include law enforcement, judicial, supervisory and government authorities. Before we disclose data to a public authority, we review whether and to what extent Swiss Post is obliged to make your data available.

Is data also processed abroad?

Your data is primarily processed in Switzerland. In certain cases, however, we may also transfer data to third parties abroad for processing, in particular in the EU and the European Economic Area (EEA). In cases involving international data transfer, we check that such a transfer is permitted and take the necessary protective measures.

For more information, please see the data protection provisions concerning our digital presence and our services.

What rights do I have?

You have the right to information, rectification, erasure and restriction of data processing at any time.

You can assert your rights via post or e-mail to the following address:

Swiss Post Ltd
Data protection, GRCS
Wankdorfallee 4
3030 Bern, Switzerland
E-mail: betroffenenrechte@post.ch

If you submit a request for information to us, you must enclose a copy of an official form of identification such as a passport, identity card or driving licence. We require this in order to identify you. Your name, date of birth and place of residence must be visible on your ID. We do not require any of the other information on your ID for the identification process, so you may block it out.

Changes to this Privacy Policy

Changes to this Privacy Policy may be necessary from time to time, for example if we make further developments to our physical presence or if there are changes in the law. We therefore reserve the right to amend the Privacy Policy at any time, with effect from a future date. Accordingly, we recommend that you re-read this Privacy Policy on a regular basis.

Rich Content Section

V.1.0 / 09.2023