Privacy Notice


The protection of your personal data and the preservation of your privacy is important to us. We are committed to handling your data responsibly. Consequently, we consider it a matter of course to comply with the Swiss Federal Data Protection Act (DPA), the Ordinance to the Federal Act on Data Protection (OFAD) and other data protection regulations that may be applicable.

In this privacy statement, we inform you about the acquisition of personal data as well as its processing both online and offline.

Balthasar Legal AG reserves the right to revise the data protection statement at any time. The most current version at the time of use will always apply.

Nicht bearbeiten
Responsible parties

Balthasar Legal AG
Rigistrasse 61
8006 Zürich


Kurvenstrasse 17
8006 Zürich

Tel.: 043 233 87 77

Scope and purpose of the processing of personal data
Visiting our website

When you visit our website, our servers temporarily and automatically store the following data in a log file, the so-called server log files:

  • IP address of the requesting computer
  • Entry page (website from which you arrived at our website)
  • Browser settings
  • Language and version of the browser software
  • Date and time of access/retrieval
  • Name and URL of the retrieved data
  • Operating system of your computer and the browser you are using
  • Country from which our website is accessed
  • Name of your Internet access provider
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • access status/HTTP status code
  • amount of data transferred
  • last visited website
  • activated browser plugins

This data is processed for the purpose of enabling the use of our website (establishing a connection), ensuring system security and stability on a permanent basis, optimizing our offering and for internal statistical purposes. A personal user profile is not created.


Contact form

On our website, you have the option of contacting us via a contact form and/or by e-mail. In this case, the information you provide will be processed for correspondence with you or for the purpose of processing your request and its settlement. To use the contact form, the entry of your e-mail address and your message is required to process your request.


Use of customer data for marketing measures
We also use your personal data for the following purposes:
  • to maintain the customer relationship with you;
  • to occasionally inform existing business customers (business to business) about certain services; and
  • to recommend services that may be of interest to you.

You may object to this data processing at any time. If you object, we will no longer process your personal data for this purpose. Please send your objection to the following email address:


Provision of contractual services

We also process personal data to the extent necessary in each case in order to provide you with our contractual or pre-contractual services and for the performance of other services requested by you. The data processed in this context, the type, scope, purpose and necessity of its processing, are determined by the underlying contractual relationship.

The processed data includes master data (e.g. name and address), contact data (e.g. e-mail address and telephone number) as well as contractual data (e.g. services used, content of the contract, contractual communication, names of contact persons) and payment data (e.g. bank details, payment history).

The data is deleted when it is no longer required for the fulfillment of contractual or legal obligations, whereby the necessity of retaining the data is reviewed at irregular intervals. In all other respects, the statutory retention obligations apply.

Disclosure to third parties

As a matter of principle, we treat your personal data as confidential and only pass it on if you have expressly consented to this, if we are legally obliged or entitled to do so, or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship.

In addition, we disclose your personal data to third parties to the extent that this is necessary or appropriate in the context of the use of the website or for the possible provision of services requested by you (including outside the website).

We disclose your personal data to the following categories of recipients:

  • IT service providers
  • Providers to whom we have outsourced certain support services such as translation work or document reviews;
  • Third parties engaged in connection with services we provide to our clients with their prior consent, such as other law firms or other service consulting firms;
  • Our fiduciaries
  • Third parties who are also involved in the implementation or organization of events and seminars.
  • Authorities and courts

In the case of disclosure to third parties, the legal regulations governing the disclosure of personal data to third parties are, of course, complied with. If we use order processors to provide our services, we take appropriate legal precautions as well as corresponding technical and organizational measures to ensure the protection of your personal data in accordance with the relevant legal regulations.

Data transfer abroad

If we also transfer your personal data to third parties abroad (i.e., outside of Switzerland or the European Economic Area (EEA)), they are obligated to comply with data protection to the same extent as we are. If the level of data protection in the country concerned is not adequate, we will ensure that the protection of your personal data has such a level.

We provide this assurance in particular by concluding so-called standard data protection clauses of the EU Commission with the companies concerned, and/or by the existence of Binding Corporate Rules (BCR) recognized by a European data protection authority at the companies concerned. Where this is not possible, we base the data transfer on your express consent or the necessity of the transfer for the fulfilment of the contract.


To optimize our offer, we use cookies on our website. These are small files that a web portal leaves on your computer, tablet computer or smartphone when you visit it. This allows the portal to “remember” certain entries and settings (e.g. login, language, font size and other display preferences) over a certain period of time and you do not need to reapply them each time you visit and navigate the portal.

Most of the cookies we use are so-called session cookies. These are automatically deleted when you log out or close the browser. Other cookies remain stored on your computer beyond the respective usage process and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit. Insofar as other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are treated separately in this data protection declaration.

Most Internet browsers are regularly set to accept cookies. If you do not wish this, you can set your browser so that it informs you about the setting of cookies and you allow the acceptance of cookies for certain cases only in individual cases or generally exclude. You can also activate the automatic deletion of cookies when closing the browser. In addition, you can delete cookies that have already been set at any time via an Internet browser or other software programs. The procedure for controlling and deleting cookies depends on the browser you use. You can find information on this in the help menu of your browser. You can find out about this option for the most commonly used browsers via the following links:

Google Services

We use the following services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or if you are a resident of the European Economic Area (EEA) or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”):

  • Google Analytics 4
  • Google Tag Manager
  • Google Maps
  • Google Fonts

Google uses cookies. The cookies used by Google allow us to analyse the use of our website. The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in Ireland, Switzerland or the United States.


Google Analytics 4

On our website, we use Google Analytics 4, a web analytics service provided by Google, which enables an analysis of your use of our website.

Google Analytics uses cookies that are stored on your end device (laptop, tablet, smartphone or similar) and enable an analysis of your use of our website. This enables us to evaluate the usage behaviour on our website and to make our offer more interesting by means of the statistics/reports obtained.

In Google Analytics 4, the anonymisation of IP addresses is activated by default. This means that your IP address is shortened by Google within Switzerland or the EU/EEA before it is transmitted. Only in exceptional cases will the full IP address be transmitted to a Google server and shortened there.

We have concluded an order processing contract with Google, which ensures the protection of our site visitors’ data and prohibits unauthorised disclosure to third parties. For the transfer of data to the USA, Google refers to standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection. Further legal information on Google Analytics 4 including a copy of the aforementioned standard contractual clauses can be found here.

Demographic characteristics: Google Analytics 4 uses the special “demographic characteristics” function and can use this to generate statistics that make statements about the age, gender and interests of site visitors. This is done by analysing advertising and information from third-party providers. This allows target groups to be identified for marketing activities. However, the collected data cannot be assigned to a specific person and is deleted after being stored for a period of two months.

Google Signals: As an extension to Google Analytics 4, Google Signals can be used on the website to have cross-device reports generated. If you have activated personalised ads and linked your devices to your Google account, Google can analyse your usage behaviour across devices to use Google Analytics 4 and create database models, including on cross-device conversions. We do not receive any personal data from Google, only statistics. If you want to stop the cross-device analysis, you can deactivate the “Personalised advertising” function in the settings of your Google account. To do so, follow the instructions on this page.

UserIDs: As an extension to Google Analytics 4, the “UserIDs” function can be used on the website. If you log in with this account on different devices, your activities, including conversions, can be analysed across devices.

Google uses this information to evaluate your pseudonymous use of our websites, to compile reports on website activity and to provide us with other services related to website and internet use. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data, according to Google. When you visit our websites, your user behaviour is recorded in the form of events (such as page views, purchase activities incl. sales, interaction with the website or your “click path”) as well as other data such as your approximate location (country and city), technical information about your browser and the end devices you use or the referrer URL, i.e. via which website / advertising material you came to our website.

You can prevent the collection and transmission of the data generated by the cookie and related to your use of our websites (incl. your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser add-on to deactivate Google Analytics. If you wish to object to interest-based advertising by Google, you can use the settings and opt-out options provided by Google.

If you allow cookies to be stored, Google Analytics will retain your data for two months. Data for which the end of this retention period has been reached will be automatically deleted. An overview of the use of data in Google Analytics and the measures taken by Google to protect your data can be found in the Google Analytics Help.


Google Tag Manager

We also use Google Tag Manager to integrate and manage Google analytics and marketing services on our website. Google Tag Manager, is a solution that allows us to manage website tags through one interface. The “Google Tag Manager” tool itself, which implements the tags, is a cookie-less domain and does not collect any personal data. However, the tool provides for the triggering of other tags, which in turn may collect data. Google Tag Manager itself, on the other hand, does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
For more information related to Google Tag Manager, please see the Usage Policy.


Google Maps

On our location page, Google Maps is integrated in order to clarify our locations.

By visiting our website, data (such as your IP address) is transmitted to a Google server in the USA and stored there. Google stores this data as usage profiles for the purpose of tailoring services, advertising and market research. If you are logged in to Google, this data is directly assigned to your account. If you do not wish this, you must log out beforehand. You can prevent the use of Google Maps by deactivating Javascript in your browser settings. However, this may lead to functional restrictions in the use of the website in individual cases.

Further information on data processing and notes on data protection by Google Maps can be found under privacy policies.



Captcha is the abbreviation for “completely automated public Turing test to tell computers and humans apart”. This is a test that is intended to distinguish humans from machines/robot programmes, or “bots” for short.

reCAPTCHA is a captcha service from Google that attempts to distinguish whether a certain action on the Internet is performed by a human or by a computer program. reCAPTCHA is used as part of the newsletter registration process and for online forms.

Further information on data processing and notes on data protection by reCAPTCHA can be found at:  Privacy Policy – Privacy Policy & Terms of Use – Google


Google Webfonts

In order to display our content correctly and graphically appealing across browsers, we use script libraries and font libraries Google Web Fonts on our website to display fonts. Google Web Fonts are transferred to your browser’s cache to avoid multiple loads. If your browser does not support Google web fonts or prevents access, content is displayed in a standard font.

Calling up script libraries or font libraries automatically triggers a connection to the operator of the library. It is theoretically possible – although it is currently unclear whether and for what purposes – that the operator collects Google data in this case.

We do not collect any personal data through the integration of Google Web Fonts.

Further information on Google Web Fonts can be found under FAQ and in Google’s privacy policy.

You can object to data processing by Google Web Fonts by deactivating JavaScript in your browser or installing a JavaScript blocker. Please note that this may result in functional restrictions on the website.
Learn more about Google services in the policies.

Social Plugins

We use social plugins (“plugins”) from various social networks on our website based on our legitimate interests. With the help of these plugins, you can, for example, share content or recommend products.

LinkedIn Inc, 2029 Stierlin Ct, Mountain View, CA 94043, USA
Xing SE, Dammtorstrasse 30, 20354 Hamburg, Germany

When you visit our website and one of the social plugins listed on the website is activated, a direct connection is established between your browser and the server of the relevant social network. The content of the plugin is transmitted by the social network directly to the browser, which then integrates it into the website. This provides the network with the information that you have visited our website. If you are logged in to the social network, it can assign the visit to your account. If you interact with the plugins, the corresponding information is transmitted from the browser directly to the social network and stored there.

Even if you are not logged into the social networks while visiting our website, data can be sent to the networks by websites with active social plugins. An active plugin sets a cookie with an identifier each time the website is called up. Since your browser sends this cookie with every connection to a server of the respective networks without being asked, the social networks could in principle use it to create a profile of which websites the user belonging to the identifier has called up. If necessary, it would then be possible to assign this identifier to a person later – for example, when logging in to the social network at a later time.

You can select the function “Block third-party cookies” in your browser settings, in which case your browser will not send any cookies to the respective server of the social network. However, with this setting, in addition to the plugins, other cross-page functions of other providers may no longer function.

For more information on the purpose and scope of data collection and the further processing and use of your personal data, please refer to the data protection notices of the respective networks. There you will also find further information on your rights in this regard and setting options for protecting your privacy as well as your right to object to the creation of user profiles:

Retention period

We process and store your personal data only for the period of time required to achieve the stated purpose or if this is provided for in laws or regulations to which we are subject. If the purpose of storage no longer applies or if a prescribed retention period expires, your data will be routinely blocked or deleted in accordance with the statutory provisions.
In addition, we will delete your data if you request us to do so at and we have no legal or other obligation to retain or secure this personal data.

Data security

We take technical and organizational security precautions to protect your personal data against manipulation, loss, destruction or against access by unauthorized persons and to ensure the protection of your rights and compliance with applicable data protection laws.

The measures taken are intended to ensure the confidentiality and integrity of your data and to ensure the availability and resilience of our systems and services in processing your data on a permanent basis. They are also intended to ensure the rapid restoration of the availability of your data and access to it in the event of a physical or technical incident.

Our security measures also include encryption of your data. When your data is transmitted to us, it is encrypted using Transport Layer Security (TLS) / encryption Https. All information that you enter online is transmitted via an encrypted transmission path. This means that this information cannot be viewed by unauthorized third parties at any time.

Our data processing and security measures are continuously adapted in line with technological developments.

We also take our own internal data protection very seriously. Our employees and the service companies commissioned by us are obliged to maintain confidentiality and to comply with the provisions of data protection law. Moreover, they are only granted access to personal data to the extent necessary.

Your rights

You have the right to request detailed information about what personal data we have about you and how we process it, as well as to request a copy of your personal data. You have the right to information, data correction, data deletion, restriction of data processing, data portability, revocation of your consent and objection. You may also file a complaint with a local supervisory authority, in Switzerland with the Federal Data Protection and Information Commissioner, if you believe that the processing of your personal data violates data protection law.

Edith Luginbühl


Edith Luginbühl ist eine engagierte und erfahrene Assistentin mit über 50 Jahren Berufserfahrung. Ihre berufliche Laufbahn begann mit einer kaufmännischen Ausbildung bei einer Grossbank, und führte sie durch verschiedene Branchen, darunter die Gastronomie, Hotellerie, Autovermietung, Reisebüro, Zeitungsredaktion. Zu ihren Stärken zählen ihre freundliche und professionelle Art, ihre Zuverlässigkeit sowie ihr ausgeprägtes Auge für Details.

Alexander Wild begann 2019 sein rechtswissenschaftliches Studium an der Universität Zürich. Vor und während seinem Studium konnte er bereits erste Erfahrungen in einer Compliance Abteilung einer Bank erlangen, arbeitete als IT-Supporter sowie in einer Legal Abteilung eines international tätigen Pharmaunternehmen. Seine Tätigkeiten umfassten unter anderem die Prüfung/Einhaltung von Bankweisungen, Sanktionen, Kunden und Länderrisiko; Beurteilung des generellen Kunden-Risikos für die Bank; Wet Ink Support sowie Support in der Prozessoptimierung von Vertragsunterzeichnungen. Seit 2022 arbeitet er als Anwaltsassistent bei der Balthasar Legal AG sowie LR | Rechtsanwälte. Sein Masterstudium wird er voraussichtlich 2025 abschliessen. 

Sangmo Agontsang


Sangmo Agontsang schloss 2012 ihr Diplom als Wirtschaffachfrau an der Kaderschule Zürich ab. Im Anschluss an ihrem Diplom als Wirtschaftsfachfrau arbeitete Sangmo Agontsang als CEO Assistentin unter anderem für Freitag lab ag und CBM Schweiz. Sie verfügt des Weiteren über Erfahrung in der Organisation der Kaderschule Zürich, sowie über 3 Jahre Erfahrung in der Intellectual Property Abteilung der Freitag lab ag und hat dabei international mit einem Team von Anwälten die Rechte ihres Unternehmens verteidigt. Seit 2022 arbeitet sie als Paralegal bei der Balthasar Legal AG.

Markus Bruggmann

MLaw Senior Adviser

MLaw Markus Bruggmann hat 2013 sein rechtswissenschaftliches Studium an der Universität Zürich abgeschlossen und war seitdem unter anderem bei einer Bank, einer Wirtschaftskanzlei und einer Versicherung tätig, wo er sich auf die Beratung sowie die Prüfung und Redaktion von Verträgen in den Bereichen des Kommunikations- und Technologierechts (Datenschutz) unter Berücksichtigung des Haftpflicht- und Immaterialgüterrechts spezialisierte. Zu seinen Stärken gehören seine analytischen Fähigkeiten und seine breite Erfahrung.