Skip to content Skip to footer
Logo
0 items - CHF0.00 0
Sémafor Conseil, votre guide en cybersécurité!
Contact Us
0 items - CHF0.00 0
Sémafor Conseil, votre guide en cybersécurité!
Contact Us
Logo
0 items - CHF0.00 0
Sémafor Conseil, votre guide en cybersécurité!
Contact Us
Close

Privacy Policy

1. Introduction and Identity of the Data Controller

Sémafor Conseil SA, based in Pully, Switzerland (hereinafter “we”), places great importance
on the protection of your privacy. This policy aims to inform you transparently
about the collection and processing of your personal data via our website

https://www.semafor-conseil.swiss
,
in accordance with the Swiss Federal Act on Data Protection (nFADP) and, where applicable,
the General Data Protection Regulation (GDPR).

2. Purposes and Legal Bases of Processing

We process your personal data for the following purposes, based on the corresponding
legal grounds (Art. 6 GDPR / Art. 31 nFADP):

  • Performance of a contract and pre-contractual measures:
    processing your service orders (e.g., “The Cybersecurity Comic”,
    “Course Towards Compliance”), managing the customer relationship and providing
    our consulting services.
  • Legitimate interests:
    website security (via reCAPTCHA), improvement of services through anonymized
    audience statistics, responding to contact or support requests.
  • Legal obligation:
    retention of accounting records, invoices and business correspondence
    in accordance with the Swiss Code of Obligations (Art. 958f CO).
  • Consent:
    sending newsletters (if you are not yet a client) or the use of non-essential cookies.
    Consent may be withdrawn at any time.

3. Data Collected

  • Identity and contact data:
    Last name, first name, email address, phone number, company (via forms).
  • Technical data:
    IP address, browser information, automatically collected for security and
    statistical purposes.

4. Data Retention Period

  • Accounting and contractual data:
    retained for the duration of the contractual relationship, then archived
    for 10 years in accordance with Swiss legal obligations.
  • Marketing / Newsletter data:
    retained until unsubscription or after 3 years of inactivity.
  • Cookies and technical logs:
    automatically deleted after a maximum period of 13 months.

5. Data Security and Protection

All processing is carried out with appropriate technical and organizational
measures to ensure a high level of information security. These measures
are regularly reviewed as part of our cyber-risk analysis.

6. International Data Transfers

Data is primarily processed in Switzerland. The use of certain third-party services
(notably Google reCAPTCHA and Google Analytics) may involve transfers to
the United States. These transfers rely on the Swiss–U.S. Data Privacy Framework,
which entered into force on September 15, 2024, as well as the EU–U.S. framework.
The relevant providers, such as Google LLC, are certified under these frameworks.

7. Form Security (reCAPTCHA)

In order to protect our forms against bots and spam, we use Google reCAPTCHA v3.
This service analyzes user behavior to distinguish humans from automated systems.
This processing is based on our legitimate interest in ensuring the security
of our web infrastructure and is subject to Google’s privacy policy and
terms of service.

8. Your Rights

In accordance with applicable legislation, you have the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure (subject to legal obligations)
  • Right to restriction and objection
  • Right to data portability (Art. 28 nFADP)
  • Right to lodge a complaint:
    In Switzerland: Federal Data Protection and Information Commissioner (FDPIC),
    Feldeggweg 1, CH-3003 Bern.
    In the EU: Data protection authority of your place of residence.

9. Contact

To exercise your rights or for any questions, please contact us at:
dpo@semafor-conseil.ch

For more details, please consult the legal notice (impressum) of this website.