Legal Information

Data Protection Statement

This privacy policy explains which personal data is collected and used by Lica Crédit Sàrl (hereinafter referred to as "Lica"), how it is collected, and for what purposes it is processed. We recommend that you read this privacy policy carefully. If you do not agree with it, please refrain from accessing other pages of Lica’s website.

Identity of the data controller

The party responsible for data protection and data processing, as defined in this privacy policy, is the following company:

Lica Crédit Sàrl
Avenue Général-Guisan 30B
CH - 1800 Vevey
+41 21 552 05 09
info@lica.ch

What information do we collect about you?

When visiting our website, our web server automatically records specific details about your visit (e.g., your IP address, the referring website, the type of browser used, and the pages you view, including the date and duration of your visit). For more information, please refer to the “General Information on Cookies” section. In addition, you may provide us with other personal data via our website in specific situations. These details are only required if you explicitly wish to use certain services.

Private loan request:

• First and last name
• Date of birth
• Country of residence
• Home address
• Phone number
• E-mail address
• Nationality and type of identity document
• Marital status
• Family situation
• Employment status
• Net monthly income
• Debt collection or garnishment
• Correspondence language
• Any documents submitted
• All personal comments
• Any other documents or information deemed useful once the relationship has been established

Application for supplementary unemployment insurance:

• First and last name
• Date of birth
• Country of residence
• Home address
• Phone number
• E-mail address
• Nationality and type of identity document
• Employment status
• Ability to work
• Correspondence language
• Your IBAN (International Bank Account Number)
• All personal comments
• Any other documents or information deemed useful once the relationship has been established

Contact us :

• First and last name
• Phone number
• E-mail address
• Correspondence language
• Any documents submitted
• All personal comments
• Any other documents or information deemed useful once the relationship has been established

Purpose of data processing

Lica processes your personal data for the following purposes:

• check your solvency when applying for credit;
• provide information, services or products that you have explicitly requested;
• to operate, improve and personalize its own products and services by means of market research or to display advertisements on the website that may be of interest to you;
• Communicate with you on a regular basis by e-mail, telephone or any other messaging service (e.g. WhatsApp) in connection with information, services or products that you have explicitly requested. Send you information on new products, general information or safety instructions.

Data retention period

Personal data collected from the Lica website is stored under the following conditions:

• Personal data is retained by Lica only for as long as necessary to fulfil the purpose for which it was collected (see section “What information do we collect about you?”).
• Personal data stored on Lica’s website is deleted in all cases after a retention period of 12 months.
• Personal data transmitted and subsequently stored by Lica is deleted in all cases after a retention period of 120 months or immediately upon request by the user or client, provided no legal retention obligation applies. For more information, please refer to the section “Right to access, rectify or delete your personal data.”
• Data related to newsletter subscriptions is retained for an indefinite period and can be deleted immediately upon the user's request. For more information, please refer to the section “Right to access, rectify or delete your personal data.”

Processing and transmission of your personal data in the context of a loan application

The user acknowledges and agrees that Lica may transmit their credit application(s) via Internet, email, fax or postal mail to the following providers: Cembra Money Bank, Bank-Now, Corner/Cornercard, CreditGate24, Bob Finance, RCI Finance SA, Migros Bank, MC Maxicredit SA and Milenia SA, as well as any other intermediary designated within the framework of an individual mandate. The aforementioned institutions are hereinafter individually referred to as a “financial institution”. Furthermore, the user confirms the following points:

Application review and loan information:

The user confirms the accuracy of all personal data provided and authorises the financial institution and Lica, as part of the review of their application and the management of the contractual relationship, to obtain information about them from third parties, including banks, the Central Credit Information Office (ZEK), public authorities (e.g. debt enforcement offices, land registries, tax administrations, resident registration offices, child and adult protection authorities), credit information agencies, credit intermediaries, employers, companies within the financial institution’s group, and, where applicable, the Association for the Management of a Consumer Credit Information Centre (IKO). For these purposes, the user releases these entities from any banking, postal, official or business confidentiality obligations. Furthermore, the user authorises the financial institution to report this application to ZEK and, where applicable, to IKO and to other authorities if legally required. The reported information may include the type, amount and terms of the credit or financing, the user’s personal data, and any qualified payment delays or abuses. The user acknowledges that ZEK and IKO are entitled to share this information with their members. The financial institution or Lica may reject the application without stating reasons.

Granting credit is prohibited if it leads to over-indebtedness (Art. 3 UCA).

Working with intermediaries :

In the case of applications submitted via an intermediary, the financial institution may exchange with said intermediary any information necessary for the assessment of the application/creditworthiness and for the conclusion and performance of the contract.

Partner-related data:

If the user provides information in the application about their spouse or registered partner (hereinafter referred to as the “partner”), they confirm that the partner has been informed of this application, that the financial institution may verify the information provided directly with the partner, and that the partner consents to the institution obtaining information about them (including enquiries with ZEK) as described above.

Data processing :

The user authorizes the financial institution to process and evaluate his/her data for marketing and risk management purposes, and to draw up profiles in this respect. He authorizes the financial institution to offer him other products and services, including those of its group companies. The user may revoke this authorization at any time for the processing of his/her data for marketing purposes or for the sending of information.

Collaboration with outsourcing service providers:

The financial institution may outsource certain services to third parties (hereinafter referred to as “service providers”), particularly regarding business process management, IT security and system administration, market research and prospecting, assessment of relevant credit and market risks, and the administration of contractual relationships (e.g. handling of applications and contracts, debt collection, client communication). The financial institution provides these providers with the data necessary for fulfilling their contractual obligations and may also transfer such data abroad for this purpose. The service providers, as well as their employees and subcontractors, are contractually bound to comply with the Swiss Federal Data Protection Act, respect banking secrecy in accordance with the Federal Banking Act, and uphold confidentiality obligations. The user acknowledges that their data may be transmitted to providers based in countries that may not offer data protection equivalent to that of Switzerland.

The user agrees that the financial institution may use electronic means to communicate with them or the intermediary. The user also accepts the transmission of data via the Internet and acknowledges that the Internet is an open network accessible to everyone. Therefore, Lica and the financial institution cannot guarantee the confidentiality of data transmitted over the Internet. As a result, third parties may infer the existence of a current or future business relationship (possibly a banking one) between the user and the financial institution.

Processing and transmission of your personal data in connection with an application for a "Certo! One Mastercard" credit card^® Lica MyDesign "

Lica offers the "Certo! One Mastercard" credit card on behalf of Cembra Money Bank.^® Lica MyDesign". The issuer of the credit card is Cembra Money Bank SA Zurich. If the user decides to apply for the credit card "Certo! One Mastercard^® Lica MyDesign" proposed on the Lica site, it is redirected to the site https://certo-card.ch/ to complete your application online. It is important to note that Lica has no control over the site. https://certo-card.ch/ and is not responsible for the protection of the data collected there. Once your data has been transmitted, Cembra Money Bank SA is authorized to process your data as it sees fit and in accordance with its own data protection guidelines. Please note that we are not responsible for the data processing practices of Cembra Money Bank SA. If you wish to obtain information about, rectify or delete data transmitted to Cembra Money Bank SA, please contact Cembra Money Bank SA directly for information. We do not have precise information on how long Cembra Money Bank SA keeps your data. If you have any questions on this subject, please contact Cembra Money Bank SA directly. All actions relating to the transmission and processing of your data between Lica and Cembra Money Bank SA are carried out in accordance with the Swiss Federal Data Protection Act (DPA).

Cembra Money Bank (Certo!): Visit our website

Processing and transmission of your personal data in the context of a supplementary unemployment insurance application with Helvetia Insurance

As part of a supplementary unemployment insurance application, the user acknowledges and agrees that Lica may transmit their data to Helvetia, the insurer providing this coverage, for the purpose of receiving an offer and entering into an insurance contract.

By submitting your request via our online form, you explicitly consent to the transmission of your data to Helvetia. In addition to the information described under the section “Application for supplementary unemployment insurance,” we may also transmit to Helvetia all data necessary for assessing the risk associated with your application. This may include, but is not limited to, identification data and information regarding your professional and financial situation. Once transmitted, Helvetia is authorised to process your data as it deems appropriate and in accordance with its own data protection policies. Please note that we are not responsible for Helvetia’s data processing practices. If you wish to access, rectify or delete any data transmitted to Helvetia, you must contact Helvetia directly. We do not have specific information regarding the duration for which Helvetia retains your data. For such inquiries, please contact Helvetia directly. All actions related to the transmission and processing of your data between Lica and Helvetia are carried out in accordance with the Swiss Federal Data Protection Act (FADP).

Lica also acts as an independent insurance intermediary and is subject to the Insurance Supervision Act (ISA). For more information, please refer to the chapter titled “Legal Information pursuant to Article 45 of the Insurance Supervision Act (ISA).”

Helvetia: Visit our website

Processing of your personal data in the context of advice on health insurance or motor vehicle insurance

In the course of providing advice on health insurance or motor vehicle insurance, the user acknowledges and accepts that Lica may process the personal data he or she has provided as part of a service offered on the Lica website. This processing only takes place if the user has expressly given Lica his/her prior consent by e-mail, telephone or any other communication channel (e.g. WhatsApp). This consent is also valid for members of the user's family if Lica has had access to their insurance contracts or personal data as part of the customer relationship. Lica uses this data for the sole purpose of providing personalized advice and, where appropriate, proposing an offer of health or motor vehicle insurance.

Lica also acts as an independent insurance intermediary and is subject to the Insurance Supervision Act (ISA). For more information, please refer to the chapter titled “Legal Information pursuant to Article 45 of the Insurance Supervision Act (ISA).”

General information on cookies and pixels

By browsing the Lica website, you acknowledge and accept that Lica may place a cookie on your browsing device (whether a computer, tablet, smartphone or any other device). Consent to the placement of a cookie on your device is deemed to have been given when you click the “OK” button at the bottom right of the corresponding banner.

This cookie ensures a smooth and enhanced user experience on our platform. These cookies, also known as tracking files, are small text files that help us identify your device during visits in order to adjust and personalise the services we offer.

The information collected through these cookies does not provide us with any personal data about you. Their primary purpose is to enhance the user experience by making our website more interactive and relevant based on your preferences. Please note that this data is not shared with any third party unless you have explicitly consented to it or if required by law, court order, or a competent authority.

To provide you with full transparency on how cookies work, below is a description of the cookies we use on the Lica website, their purpose, and how long they are retained.

Audience analysis cookies :

Our website uses Google Analytics to monitor and analyse traffic. Google Analytics operates through cookies, which are files stored on your device to understand how you interact with our site. The data collected by these cookies is sent to a Google server in the United States for storage. However, before this data is transmitted, your IP address is anonymised by Google within EU member states or other countries that are part of the European Economic Area. In rare cases, the full IP address may be sent to a Google server in the USA and anonymised there. Google uses this data to evaluate your interaction with our website, to generate reports on site activity, and to provide other internet usage-related services. If required by law, or if third parties process this data on Google’s behalf, the data may be shared. Please note that the IP address transmitted by your browser through Google Analytics is not combined with other data held by Google.

You can refuse cookies by adjusting your browser settings. However, this may affect the full functionality of our website. In addition, to prevent Google from collecting and processing information about your use of the website, you can download and install an add-on for your browser from this link : https://tools.google.com/dlpage/gaoptout?hl=fr. Another way is to click on the link mentioned, which will place an opt-out cookie on your device to prevent data collection on future visits to our site.

Google AdWords conversion tracking cookies :

Our website uses the Google AdWords advertising service, which also includes conversion tracking. When a visitor clicks on a Google ad, a tracking cookie is placed on their device. The lifetime of these cookies is 360 days, and they are not used to recognize individual users. If, during this period, you access specific sections of our website, we and Google can deduce that you interacted with the ad before arriving on the relevant page.

Each Google AdWords advertiser has a unique cookie, making it impossible to track a user across different advertiser sites. The data collected via these cookies enables us to produce conversion analyses. These analyses reveal the number of people who interacted with our ad and then accessed a page with a tracking script. However, we do not receive any data that could help us identify individual visitors. If you prefer not to be tracked, you can simply disable the cookie associated with conversion tracking from your browser settings. You will then not be included in our conversion analyses.

Conversion tracking cookies from Microsoft Advertising :

Our website uses the Microsoft Advertising service (Bing) and, in this context, also uses the conversion tracking system. When a visitor clicks on an advertisement displayed by Bing, a cookie for this purpose is placed on his or her device. The lifetime of these cookies is 360 days, and they are not used to recognize individual users. If, during this period, you access specific sections of our website, we and Bing can deduce that you interacted with the ad before arriving on the relevant page.

Each advertiser on Microsoft Advertising has a unique cookie, making it impossible to track a user across different advertiser sites. The data collected via these cookies enables us to develop conversion analyses. These analyses reveal the number of people who interacted with our ad and then accessed a page with a tracking script. However, we do not receive any data that could help us identify individual visitors. If you prefer not to be tracked, you can simply disable the cookie associated with conversion tracking from your browser settings. You will then not be included in our conversion analyses.

Pixel TikTok:

Our website uses the TikTok event analysis module. As part of this, we have integrated the TikTok pixel, which tracks visitors to our site anonymously, without revealing their identity. When you log on to TikTok, a secure, non-identifiable hash of your interaction data is transmitted to TikTok for analysis and marketing strategy purposes. This enables TikTok to link your browsing on our website to your user profile. This data then helps us target ads on TikTok. The cookie associated with this process comes from TikTok. For detailed information about TikTok's data collection, processing and use, as well as your privacy options, please see TikTok's privacy policy.

Pixel Meta (formerly Facebook):

Our website uses the Meta event analysis module. As part of this, we have integrated the Meta pixel, which tracks visitors to our site anonymously, without revealing their identity. When you log on to Meta, a secure, non-identifiable hash of your interaction data is transmitted to Meta for analysis and marketing strategies. This enables Meta to link your browsing on our website to your user profile. This data then helps us target ads on Meta. The cookie associated with this process comes from Meta. For detailed information about Meta's data collection, processing and use, as well as your privacy options, please consult Meta's privacy guidelines.

Setting cookies on your browser :

Most browsers are initially set up to accept cookies. However, you can adjust these settings to accept or reject certain cookies. By deactivating cookies, certain functionalities of the Lica site may be affected. Lica assumes no responsibility for any inconvenience caused by this deactivation. Your browser allows you to delete cookies and to be informed when new ones are added. To effectively manage cookies on your browser, please refer to the guidelines below.

Cookie settings vary depending on the browser you use. Here's how to adjust these settings on the most common browsers:

Chrome : https://support.google.com/chrome/answer/95647?hl=fr&co=GENIE.Platform%3DDesktop
Firefox : https://support.mozilla.org/fr/kb/effacer-cookies-donnees-site-firefox
Edge: https://support.microsoft.com/fr-fr/windows/supprimer-et-g%C3%A9rer-les-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Opera : https://help.opera.com/en/latest/web-preferences/
Safari : https://support.apple.com/fr-ch/guide/safari/sfri11471/mac

Security and data protection

We use systems and networks that comply with current technical standards. To guarantee the security of your data, we implement technical and organizational measures. These measures aim to defend your information against loss, destruction, alteration, manipulation and unwanted access. This includes specific policies, training, technological solutions, security protocols and encryption systems. However, given that the Internet is a space open to all, neither we nor our partners can guarantee absolute confidentiality of data when transmitted online, or guarantee total anonymity when browsing our digital platforms.

Aware of the importance of protecting our users' data, we undertake to apply the following measures:

• Encryption : Use of SSL/TLS protocols provided by our Web service providers to secure exchanges between your browser and our Web sites. Encryption of all data stored on our websites to ensure their security in the event of unauthorized access.
• Firewall : Implementation of a series of technological barriers designed to prevent unauthorized access to our infrastructure using tools provided by our Web service providers.
• Malware protection : We use advanced tools provided by our Web service providers to detect and prevent malware threats.
• Managing access rights : A rigorous system that limits access to data to only those members of our team who need it to carry out their tasks.
• Two-factor authentication : An additional identity verification system to reinforce access security.
• Continuing education : Our employees receive regular training in data security best practices.
• Constant technological updates : We ensure that all our tools, software and hardware are regularly updated with the latest security versions.
• Regular backups : Regular backups of all data to prevent loss.
• Strict security policy : Each member of our team is required to comply with our internal data protection policy.
• Proactive vulnerability management : We apply recommended patches as soon as a vulnerability is detected by our web service providers.

Authorized service providers and data transfers to countries other than Switzerland or the European Union 

Lica informs you that it uses qualified suppliers to help collect and manage the information you share with us. These suppliers may operate outside Switzerland or the European Union and may have access to data collected via various forms on the Lica website.

Lica wishes to make it clear that, although it makes every effort to choose reliable and reputable service providers for data processing, it cannot be held responsible for the way in which these third parties manage or secure the information shared. In particular, Lica works with Zapier, Brevo and Timetonic, three service providers who have access to certain information for the purposes of the services they provide.

In addition, certain data may be analyzed by artificial intelligence services, including ChatGPT (OpenAI) and Mistral AI, with the aim of improving service quality, facilitating the processing of requests and optimizing our internal processes.

Users are advised to read the privacy policies of these service providers to better understand how their data is used. However, Lica's liability for any failure, loss of data or other incident relating to these service providers is expressly excluded.

Zapier: Visit our website
In a nutshell: Visit our website
Timetonic : Visit our website
OpenAI (ChatGPT): Visit our website
Mistral AI : Visit our website

General exclusion of liability

Lica shall not be held liable for any direct or indirect damage or data loss resulting from access to its website, the use of the information provided, or the inability to use such information. Lica, including its executives, managers, employees, collaborators and shareholders, shall not be liable for any damage caused by technical or other errors, transmission failures, overloads, service interruptions (including maintenance), delays in the transmission of information, incompatibilities between the website and the user’s hardware or software, malfunctions, or malicious acts such as viruses or intrusions, or issues originating from telecommunications or network providers. Lica also disclaims liability for actions such as hacking, efforts to block telecommunication services, mass email dispatches or denial-of-service attacks.

Right to information, rectification or deletion of your personal data

Lica gives you the opportunity to manage and control the personal data you entrust to us. To exercise your rights, please visit our contact page.

Access your data :

You can ask to see the personal data we hold about you. To ensure the confidentiality and security of your information, you may be asked to provide a copy of a valid form of identification. Excessive, manifestly unfounded or repetitive requests may be refused. If you wish to contact us by post, please use the letter template provided by the CNIL: https://www.cnil.fr/fr/modele/courrier/exercer-son-droit-dacces

Modify and update your data :

If your data is inaccurate, obsolete or incomplete, you can request that it be corrected. You also have the possibility of defining directives concerning the treatment of your data after your death. In this case, your heirs may request that your data be updated or deleted. For security reasons, you may be asked to provide proof of identity or of your status as heir. If you wish to contact us by post, please use the model letter recommended by the CNIL: https://www.cnil.fr/fr/modele/courrier/rectifier-des-donnees-inexactes-obsoletes-ou-perimees

Deleting your data :

You may request the deletion of your personal data if its retention is no longer necessary for the purposes for which it was collected, or if you withdraw your consent. This request may also be made by your heirs concerning your data after your death. For security reasons, you may be asked to provide proof of identity or of your status as heir before your data is processed. To facilitate your request, and if you wish to contact us by post, you can use the model letter proposed by the CNIL: https://www.cnil.fr/fr/modele/courrier/supprimer-des-donnees-personnelles

Refuse the use of your data :

You may object to the use of your data, either for personal reasons, or to prevent their use for commercial purposes. To make this easier, and if you wish to contact us by post, you can use the letter template provided by the CNIL: https://www.cnil.fr/fr/modele/courrier/supprimer-des-informations-vous-concernant-dun-site-internet

Response times :

We undertake to process and respond to your requests concerning your personal data within a maximum of one month of receipt.

Complaint to the competent authority :

If you feel that Lica is not properly fulfilling its responsibilities with regard to your personal information, you can lodge a complaint or request with the appropriate body. In Switzerland, the Federal Data Protection and Information Commissioner (FDPIC) is responsible for such matters. You can submit a request online via this link : https://www.edoeb.admin.ch/edoeb/fr/home.html

This privacy policy may be modified at any time

Lica reserves the right to amend this privacy policy at any time. The second line of this policy indicates the date of the most recent update.

Jurisdiction, applicable law, partial invalidity and language

The competent court for any dispute arising from or related to this privacy policy shall be the court at the company's registered office. However, Lica reserves the right to bring the dispute before any other court with jurisdiction over your place of residence.

The privacy policy of the Lica website is governed by the Swiss Federal Act on Data Protection (FADP). In addition, for activities concerning residents or citizens of the European Union, we also comply with the General Data Protection Regulation (GDPR) applicable in Europe. Lica is committed to adhering to the principles and obligations set out in both legal frameworks, thereby ensuring strong protection of our users’ personal data, regardless of their geographic location.

If any provision of this privacy policy is found to be invalid, inappropriate or unenforceable, the validity or enforceability of the remaining provisions shall not be affected. The invalid clause shall be replaced by a valid and enforceable one that best reflects the original intent and purpose.

Only the French version of this privacy policy is legally binding.

References and useful links

Federal Data Protection Act (DPA) :
https://www.fedlex.admin.ch/eli/cc/1993/1945_1945_1945/fr

Federal Data Protection and Information Commissioner (FDPIC) :
https://www.edoeb.admin.ch/edoeb/fr/home.html

General Data Protection Regulation (GDPR):
https://eur-lex.europa.eu/FR/legal-content/summary/general-data-protection-regulation-gdpr.html

Commission nationale de l'informatique et des libertés (CNIL) :
https://www.cnil.fr/fr/

European Data Protection Board (EDPB) :
https://edpb.europa.eu/edpb_fr