Privacy statement

Protecting your personal data and safeguarding your privacy is important to us. You can expect us to handle your personal data sensitively and carefully and to ensure a high level of data security.

Personal data is information that makes it possible to identify a natural person. This includes in particular name, date of birth, address, telephone number, e-mail address and IP address.

Anonymous data exists if no personal reference to the user can be established.

We are committed to handling your personal data responsibly. Consequently, we consider it a matter of course to comply with the Swiss Federal Data Protection Act (FADP), the Ordinance to the Federal Data Protection Act (OFADP) and other data protection regulations that may be applicable.

With Microsoft - as the operator of our IT infrastructure - we have chosen a proven partner that is committed to the highest standards of trustworthiness, transparency and compliance.

In this privacy statement, we inform you about the most important aspects of data processing in our company as well as about the data protection rights to which you are entitled.

 


1.0 Contact

2.0 Scope and purpose of the collection, processing and use of personal data

2.1 Visit of our website

2.2 ClickDimensions

2.3 Newsletter

2.4 Contact forms

2.5 Feedback forms

2.6 Live Chat «Social Intents»

2.7 Training and events

2.8 Advertising purposes existing customers

2.9 Provision of contractual services

3.0 Cookies

4.0 Analytic tools

4.1 Google Universal Analytics

4.2 Google Ads (formerly Google AdWords)

4.3 LinkedIn Ads

4.4 Google Maps

4.5 YouTube

5.0 Social Plugins

6.0 Disclosure to third parties

7.0 Storage duration

8.0 Data security

9.0 Use of the website by minors

10.0 Your rights

11.0 Changes to the privacy statement

 


1.0 Contact

Swiss Infosec AG
Centralstrasse 8A
6210 Sursee
Schweiz

Telefon: +41 41 984 12 12

E-Mail: infosec@infosec.ch
Website: www.infosec.ch

 

2.0 Scope and purpose of the collection, processing and use of personal data

We collect, process and use your personal data for the following purposes:

2.1 Visit of our website

When you visit our website, our servers temporarily store the following data in the so-called server log files:

  • IP address of the requesting computer
  • Date and time of access/retrieval
  • Name and URL of the retrieved data
  • Operating system of your computer and the browser you are using
  • Country from which our website is accessed
  • Name of your internet access provider
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred
  • Last visited website
  • Browser settings
  • Language and version of browser software
  • Activated browser plug-ins
This data is processed for the purpose of enabling the use of our website ( connecting ), to ensure system security and stability on a permanent basis, to optimise our offer as well as for internal statistical purposes and, thus, on the basis of our legitimate interests. No personal user profile is created.

 

2.2 ClickDimensions

We use the ClickDimensions marketing automation platform within our Dynamics 365 CRM system, a service provided by ClickDimensions LLC., 5901 Peachtree Dunwoody Road, Suite B500, Atlanta GA 30328, USA ("ClickDimensions").

ClickDimensions allows us to analyse your visit to our website and your interactions with our web forms, our social media postings and our email marketing (newsletter). For example, if you click on a link in one of our newsletters, this is attributed to your behaviour. The data evaluated by ClickDimensions on our behalf is imported into our customer database (CRM).

The results of these analyses help us to continuously improve our information and content and to make our website more interesting in general.

As part of the website analysis, ClickDimensions uses cookies that are stored on your computer. This allows us to evaluate the usage behaviour on our website and to use the statistics obtained to make our offer more interesting.

We have set ClickDimensions so that the information collected about your use of our website (e.g. the pages visited on our website) is transmitted to a ClickDimensions server in Europe (Netherlands), but we cannot rule out the possibility that data may also be disclosed to the USA. ClickDimensions uses this information to evaluate your use of our website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage

You may refuse the use of cookies by selecting the appropriate settings on your browser. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.

For further information, please refer to the ClickDimensions Acceptable Use Policy and Privacy Policy.

 

2.3 Newsletter

You have the possibility to subscribe on our website to our newsletter (in German only). With this newsletter we inform you monthly about current expert topics and events, our offers and services.

If you would like to subscribe to our newsletter, the following information is required (*mandatory). The other details are voluntary:

  • Salutation
  • First name
  • Last name
  • Company
  • Address
  • Postcode
  • City
  • E-mail address*

The mandatory information is required in order to send you the newsletter digitally. The voluntary provision of further data (e.g. title, first name, surname) enables us to address you more personally. All further details serve us to inform you even more specifically about professional topics and customer events (e.g. by letter).

The basis for processing your personal data after registration for our newsletter is the existence of your consent. For the processing of your personal data, your consent is therefore obtained during the registration process and reference is made to this data protection declaration.

Registration for the newsletter takes place in a so-called double opt-in process. This means that after registration you will receive an e-mail with an activation link in which you must click on a link to confirm your registration.

You have the option to unsubscribe from the newsletter at any time and to revoke the consent you have given. To do this, click on the corresponding button (link) in the newsletter sent to you. You will find this link to cancel the newsletter at the end of each newsletter. Alternatively, you can send your cancellation of the free newsletter subscription to the following e-mail address: infosec@infosec.ch with the subject "Cancellation Newsletter".

 

2.4 Contact forms

On our website, you have the option of contacting us via various contact forms and/or by e-mail. In this case, the information you provide will be processed for correspondence with you or for the purpose of processing your enquiry and handling it.

If you would like to contact us online via the contact form, the following information (*mandatory) is required. The other details are voluntary:

  • Surname*
  • First name*
  • Company*
  • E-mail address*
  • Subject area*
  • Message*

This mandatory information is required to process your request.

The basis for processing your personal data is our legitimate interest in processing your enquiry. If the purpose of contacting you is to fulfil a contract to which you are a party or to carry out pre-contractual measures, this is an additional basis for processing your personal data.

You can object to this data processing at any time. Please send your objection to the following e-mail address: infosec@infosec.ch with subject "Request to stop data processing".

 

2.5 Feedback forms

On the occasion of our rendered services in the area of consulting, training, services, tools and events, you have the possibility to give us your feedback via various feedback forms in digital form or in paper form by letter and/or e-mail. In this case, the information you provide will be processed for correspondence with you or for the purpose of processing your feedback or your request and their handling

If you would like to give us feedback, the following information - depending on the service provided and the scope - is (*mandatory). The other details are voluntary:

  • Surname*
  • First name*
  • Company*
  • E-mail address
  • Telephone
  • Title Event*
  • Date Event*
  • Title Project*
  • Date Project start*
  • Rating*
  • Communication*

This mandatory information is required to process your feedback.

The basis for processing your personal data is our legitimate interest in processing your feedback. If the feedback serves the fulfilment of a contract to which you are a party or the implementation of pre-contractual measures, this is an additional basis for processing your personal data.

You can object to this data processing at any time. Please send your objection to the following e-mail address: infosec@infosec.ch with subject "Request to stop data processing".

 

2.6 Live Chat «Social Intents»

We use the live chat service of Social Intents LLC, 4880 Lower Roswell Rd, Suite 165-112, Marietta, GA 30068, USA ("Social Intents") on our website.

The live chat allows you to contact us directly. The information you provide will be processed for the purpose of handling your enquiry and processing it. The basis for processing your personal data is our legitimate interest in processing your enquiry. If contacting us serves the fulfilment of a contract to which you are a party or the implementation of pre-contractual measures, this is an additional basis for the processing of your personal data.

All data generated by the use of Live Chat is processed on Social Intents' servers. According to Social Intents, this data is not passed on or sold, nor is it used for advertising or analysis.

You can obtain further information on the handling of your data and data protection at Social Intents via the following links: https://help.socialintents.com/article/83-whats-social-intents-eu-gdpr-compliance and https://www.socialintents.com/privacy.html.

You can object to this data processing at any time. Please send your objection to the following e-mail address: infosec@infosec.ch with subject "Request to stop data processing".

 

2.7 Training and events

SYou have the opportunity to register for various training courses and events via a registration form on our website. For our registration form we need (*mandatory) the following information from you. The other details are voluntary:

Dates:

  • Date*

Price:

  • Booking price*

Information participant(s)

  • Number participants*
  • Salutation*
  • Title
  • First name*
  • Surname*
  • E-Mail adress*

Information for company training:

  • Desired location
  • Desired start

Contact address:

  • Company/organisation
  • Department
  • Title
  • Street*
  • Post office box
  • Postcode*
  • City*
  • Country*
  • Telephone*
  • Referrer
  • Message
  • Acceptance of the T&C*

Billing address (if different from contact address):

  • Company/organisation
  • Street
  • Postcode
  • City
  • Country
  • Telephone

This mandatory information is required in order to process your registration. The voluntary provision of further data makes it easier for us to process your request correctly and enables us to provide you with advice and information that is suitable for your company.

The basis for processing your personal data is our legitimate interest in the administration and implementation of the training courses and events.

You can object to this data processing at any time. If you object, we will no longer process your personal data for this purpose. Please send your objection to the following e-mail address: infosec@infosec.ch with the subject "Request to stop data processing for the purpose of training/events".

 

2.8 Advertising purposes existing customers

We also use your personal data on the basis of our legitimate interest for the following purposes:

  • to maintain the customer relationship with you;
  • to occasionally inform existing business customers (business to business) about certain professional topics, services or offers; and
  • to recommend products or services that may be of interest to you.

You can object to this data processing at any time. If you object, we will no longer process your personal data for this purpose. Please send your objection to the following e-mail address: infosec@infosec.ch with the subject "Request to stop data processing for the purpose of advertising".

 

2.9 Provision of contractual services

We also process personal data to the in each case necessary extent to provide you with our contractual or pre-contractual services and to carry out other services requested by you. The data processed in this way, the type, scope, purpose and necessity of its processing are determined by the underlying contractual relationship.

The processed data includes the master data (e.g. name and address), the contact data (e.g. e-mail address and telephone number) as well as the contractual data (e.g. services used, contract content, contractual communication, names of contact persons) and the payment data (e.g. bank account details, payment history).

The deletion of the data takes place when the data is no longer required for the fulfilment of contractual or legal obligations, whereby the necessity of keeping the data is reviewed at irregular intervals. In all other respects, the statutory retention obligations apply.

 

3.0 Cookies

We use so-called cookies on our website on the basis of legitimate interests. Cookies are small text files that are placed and stored on your end device (laptop, tablet, smartphone or similar) with the help of the browser. They serve to make our website more user-friendly and effective overall and to make your visit to our website as pleasant as possible. Cookies do not cause any damage to your end device. They cannot execute any programs or contain any viruses.

Most of the cookies we use are so-called session cookies. These are automatically deleted when you log out or close the browser. Other cookies remain stored on your computer beyond the respective usage process and enable us or our partner companies (third-party cookies) to recognise your browser on your next visit. Insofar as other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are treated separately in this privacy statement.

Most internet browsers are regularly set to accept cookies. If you do not wish this, you can set your browser so that it informs you about the setting of cookies and you only allow the acceptance of cookies for certain cases in individual cases or generally exclude them. You can also activate automatic cookie deletion when closing the browser. In addition, you can delete cookies that have already been set at any time via an internet browser or other software programs.

The process for checking and deleting cookies depends on the browser you are using. You can find information on this in the help menu of your browser. You can find out about this option for the most commonly used browsers via the following links:

 

4.0 Analytic tools

Our website uses features of the following web analytics services:

  • Google Universal Analytics
  • Google Ads
  • Google Maps
  • YouTube-Videos

The details of the individual web analytics services can be found in the following explanations:

4.1 Google Universal Analytics

Based on our legitimate interests, we use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or if you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

Google uses cookies that are stored on your computer and enable an analysis of your use of our website. This enables us to evaluate the usage behaviour on our website and to make our offer more interesting by means of the statistics obtained.

We use Google Analytics in the form of "Universal Analytics". Universal Analytics allows us to analyse the activities on our pages across devices (e.g. access via laptop and later via tablet). This makes it possible to assign data, sessions and interactions across several devices to a pseudonymous user ID and thus to analyse the activities of a user across devices.

The information generated by the cookie about your use of our website (including your IP address) will generally be transmitted to and stored by Google on servers in the United States or Ireland.

We only use Google Analytics with IP anonymisation activated. This means that your IP address is shortened by Google within Switzerland or the EU/EEA before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

Google uses this information to evaluate your use of our website, to compile reports on website activity and to provide us with other services related to website and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You may refuse the collection and processing of cookies by selecting the appropriate settings on your browser. However, please note that if you do this you may not be able to use the full functionality of this website. In addition, you can prevent the collection of the data generated by the cookie and related to your website use (incl. your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link http://tools.google.com/dlpage/gaoptout?hl=en. An opt-out cookie will be set to prevent future collection of your data when visiting our website. To prevent collection by Universal Analytics across different devices, you must perform the opt-out on all systems used.

You can find further information on Universal Analytics herer: https://support.google.com/analytics/answer/2838718?hl=en&ref_topic=6010376.

For more information on Google's terms of use and privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/us/ and https://policies.google.com/privacy?hl=en.

 

4.2 Google Ads (formerly Google AdWords)

On the basis of our legitimate interests, we use the online advertising programme Google Ads, a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, which is part of Google's marketing services, or if you have your habitual residence in the European Economic Area (EEA) or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

Google Ads sets a cookie on your end device (a so-called "conversion cookie") if you have reached our website via a Google ad. These cookies lose their validity after 30 days, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognise that you have clicked on the ad and have been redirected to our website. Each Google Ads customer receives a different cookie. Thus, there is no way that cookies can be tracked across Ads customers' websites. The information obtained using the conversion cookie is used to create conversion statistics for Ads customers who have opted in to conversion tracking. We do not receive any information that identifies you personally.

The information collected by the cookie about your use of our website is usually transmitted to a Google server in the USA or Ireland and stored there. On the basis of the information collected, interest-relevant categories are assigned to your browser. These categories are used for the placement of interest-related advertising.

By using Google Ads, we reach users who have already visited our website. This allows us to present our advertising to target groups who are already interested in our products or services.

You have the option to object to interest-based advertising by Google. To do this, you must click on the link from any of the internet browsers you use: https://adssettings.google.com/authenticated?hl=en and make the desired settings.

Further information on the subject of terms of use and data protection within the framework of Google AdWords can be found under this link: https://policies.google.com/technologies/ads?hl=en

 

4.3 LinkedIn Ads

Based on our legitimate interests, we use LinkedIn Insight Ads, a service of LinkedIn Corporation 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA, or if you are habitually resident in the European Economic Area (EEA) or Switzerland, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn”).

LinkedIn Ads stores and processes information about your user behaviour on our website. LinkedIn Ads uses, among other things, cookies that are stored locally in the cache of your web browser on your end device and that enable an analysis of your use of our website.

We use LinkedIn Ads for marketing and optimisation purposes, in particular to analyse the use of our website and to continuously improve individual functions and offers as well as the user experience.

You may refuse the use of cookies by selecting the appropriate settings on your browser. In this case, you may not be able to use all the functions of our website to their full extent.

You can also prevent the collection of the aforementioned information by LinkedIn by setting an opt-out cookie on one of the following linked websites:

If you delete your cookies, you must set a new opt-out cookie.

You can find more information on data protection at LinkedIn at https://www.linkedin.com/legal/privacy-policy?_l=en_EN.

 

4.4 Google Maps

Based on our legitimate interests, we use Google Maps to display our location, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or if you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

By using Google Maps, information about your use of our website (including your IP address) may be transmitted to and stored by Google on servers in the United States or Ireland. Google stores this data as usage profiles for the purpose of tailoring its services, advertising and market research. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish this, you must log out beforehand. You can prevent the use of Google Maps by deactivating JavaScript in your browser settings. However, this may lead in individual cases to functional restrictions in the use of our website.

For more information on the terms of use and privacy policy of Google Maps, see https://www.google.com/intl/en_us/help/terms_maps/ and https://policies.google.com/privacy?hl=en.

 

4.5 YouTube

Based on our legitimate interests, we use the provider YouTube for the integration of videos. YouTube is a service of YouTube LLC ("YouTube"), 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube LLC is a subsidiary of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, or if you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google”).

We have integrated YouTube videos into our online offer, which are stored on https://www.YouTube.com and can be played directly from our website. These are all integrated in "extended data protection mode", which means that no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in the next paragraph be transferred. We have no influence on this data transmission.

By visiting the website, YouTube receives the information that you have accessed the corresponding sub-page of our website. This occurs regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish your data to be associated with your YouTube profile, you must log out before activating the button.

YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. You must contact YouTube to exercise this right.

For further information on the processing of data within the framework of YouTube as well as your rights in this respect and setting options for protecting your privacy, please refer to the terms of use and data protection information: https://www.youtube.com/t/terms und https://policies.google.com/privacy?hl=en.

 

5.0 Social Plugins

We use the following social plugins ("plugins") on our website based on our legitimate interests.

  • Twitter Inc.,1355 Market Street, Suite 900, San Francisco, CA 94103, USA
  • YouTube, ein von Google LLC betriebener Dienst, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
  • LinkedIn Inc., 2029 Stierlin Ct, Mountain View, CA 94043, USA
  • Xing SE, Dammtorstrasse 30, 20354 Hamburg, Deutschland
  • ShareThis Inc., 4005 Miranda Avenue, Suite 100, Palo Alto, CA 94304, USA

With the help of these plugins, you can, for example, share content or recommend products. Our website only integrates these plugins as an external link. Your personal data is therefore only processed when you click on the integrated plugins. You will then be redirected to the page of the respective provider. We have no influence on the type and scope of the data that is then collected by the social networks. If you do not want these providers to receive your data, please do not click on the plugins.

For further information on the scope, type and purpose of data processing and on rights and setting options for protecting your privacy, please refer to the privacy policy of the respective provider of the social network:

 

6.0 Disclosure to third parties

We treat your personal data as confidential and only pass it on if you have consented to this, if we are legally obliged or entitled to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship.

In addition, we pass on your personal data to third parties insofar as this is necessary or expedient within the framework of the use of the website or for the possible provision of the services requested by you (also outside the website).

We disclose your personal data to the following categories of recipients:

  • Subsidiaries
  • Microsoft - as operator of our IT operating infrastructure
  • Service providers (e-learning, website support, hosting provider)
  • Event partner
  • Authorities and courts, if applicable

In doing so, we comply with the legal provisions on the disclosure of personal data to third parties. If we use contractors to provide our services, we take appropriate legal precautions as well as corresponding technical and organisational measures to ensure the protection of your personal data in accordance with the relevant legal regulations.

If the level of data protection in a country in which the data is processed is not equivalent to the applicable data protection regulations, we ensure by contract that the protection of your personal data is equivalent to that in Switzerland or the EU/EEA at all times, for example by including the EU standard contractual clauses.

 

7.0 Storage duration

We process and store your personal data only for the period of time required to achieve the purpose of storage or if this has been provided for in laws or regulations to which we are subject. If the purpose of storage no longer applies or if a prescribed retention period expires, your data will be routinely blocked or deleted in accordance with the statutory provisions.

 

8.0 Data security

We take technical and organisational security precautions to protect your personal data against manipulation, loss, destruction or against access by unauthorised persons and to ensure the protection of your rights and compliance with the applicable data protection regulations.

The measures taken are intended to ensure on a continuing basis the confidentiality and integrity of your data and the availability and resilience of our systems and services in processing your data. They are also designed to ensure the rapid restoration of the availability of your data and access to it in the event of a physical or technical incident.

Our security measures also include encryption of your data. When transmitting your data to us, encryption is carried out using Transport Layer Security (TLS) / encryption Https. All information that you enter online is transmitted via an encrypted transmission path. This means that this information cannot be viewed by unauthorised third parties at any time.

Our data processing and security measures are continuously improved in line with technological developments.

We also take our own internal data protection very seriously. Our employees and the service companies commissioned by us are obliged to maintain confidentiality and to comply with the provisions of data protection regulations. Furthermore, they are granted access to personal data only to the extent necessary.

 

9.0 Use of the website by minors

The website is aimed at an adult audience. Minors, in particular children under the age of 16, are prohibited from transmitting their personal data to us or registering for a service without the consent of their parents or legal guardians. If we discover that such data has been transmitted to us, it will be deleted. The child's parents (or legal guardian) can contact us and request deletion or deregistration. To do this, we need a copy of an official document that identifies you as the parent or legal guardian.

 

10.0 Your rights

Right to information
You have the right to request information from us about whether and what personal data we process about you.

Right to rectification
You have the right to request the rectification of your inaccurate personal data and, if necessary, the completion of incomplete personal data in our systems.

Right to deletion
You have the right to request that your personal data be deleted, e.g. if the data is no longer required for the purposes pursued. However, if we are obliged to retain your personal data due to legal or contractual retention obligations, we can only restrict or block your personal data in these cases to the extent necessary.

Right to limitation of processing
You have the right to request us to restrict the processing of your personal data.

Right to data portability
You have the right to receive your personal data, which we process automatically on the basis of your consent or for the performance of a contract, in a structured, common and machine-readable format or to request the transfer of this data to a third party. If you request the direct transfer of the data to another responsible party, this will only be done if it is technically feasible to do so.

Right to object
You have the right to object to the processing of your personal data at any time in accordance with the legal requirements. In particular, you have the right to object to the processing of your personal data for the purpose of direct marketing.

Withdrawal of consent
You have the right to revoke your consent to the processing of your personal data at any time, in principle with effect for the future.

Right to lodge a complaint
If you believe that the processing of your personal data violates data protection law or that your data protection rights have otherwise been violated in some way, you can complain to the supervisory authority responsible for you.

If you have any questions in connection with our data protection policy or if you would like information about your rights or wish to exercise them, you can contact us at any time using the contact details provided in section 1 of this privacy policy. If necessary, we reserve the right to request your identification in an appropriate manner for the processing of enquiries.

 

11.0 Changes to the privacy statement

We expressly reserve the right to amend or modify this privacy statement at any time. All changes and additions are at the sole discretion of the company.

 

The current status is July 2021.