Privacy statement

Privacy Notice

Ethics and Compliance Switzerland

Last updated September 2024

Ethics and Compliance Switzerland (“ECS”, “we”, “our”, or “us”) is committed to protecting and respecting your privacy. This Privacy Notice explains how we collect, use, disclose, and safeguard your information when you visit our website www.ethics-compliance.ch, register for our meetings and conferences, or otherwise engage with us. This notice complies with the new Swiss Data Protection Act (“nFADP”) and the EU General Data Protection Regulation (“GDPR”).

We advise you to regularly consult this Privacy Notice, as we strive to keep this updated. At the top of this document you can see the date of the latest update.

Any questions can be addressed to the data protection contact that is provided at the end of this document.

This Privacy Notice contains the following information:

  1. Which personal data we collect
  2. How we protect your personal data
  3. For what purpose we use your personal data
  4. The legal basis for processing your personal data
  5. In what circumstances and how do we share and disclose your personal data
  6. In what circumstances and how we transfer your personal data internationally
  7. For how long we retain your personal data
  8. What rights you have as the data subject
  9. How you can contact us

If you want to share personal data of third parties with us (e.g. work colleagues) you need to ensure that these third parties have taken note of this Privacy Notice, that you have the right to share them with us, and that the data is correct.

1. Which personal data do we collect?

We may collect and process personal data about you. Personal data is data that is any information that on its own or taken together with other information can directly or indirectly identify a living person.

We may collect and process the following personal data about you:

Personal identification information:

  • Name
  • Address
  • Email address
  • Telephone number

Professional information:

  • Job title
  • Employer
  • Biography

Technical information:

  • IP address
  • Browser type and version
  • Time zone setting
  • Browser plug-in types and versions
  • Operating system and platform
  • Other technology on the devices you use to access this website

Usage data:

  • Information about how you use our website, products, and services

Marketing and communications data:

  • Your preferences in receiving marketing from us and your communication preferences

2. How do we protect your personal data?

We put appropriate organisational, technical and contractual measures in place to protect your personal data against unauthorised access or misuse. We only collect those personal data that are necessary for the exercise of our activities. We share data on a need-to-know basis only.

3. For what purpose do we use your personal data?

We use the personal data we collect in the following ways:

To provide and improve our services:

  • To manage registrations and attendance at our meetings and conferences
  • To improve our website and services

To communicate with you:

  • To send you updates about our activities, including newsletters and event information
  • To respond to your inquiries and provide customer support

To comply with legal obligations:

  • To comply with legal and regulatory requirements

For marketing purposes:

  • To deliver relevant content and advertisements to you
  • To measure and understand the effectiveness of the advertising we serve to you

4. What is the legal basis for processing your personal data?

We process your personal data based on the following legal grounds:

  • Consent: When you have given us explicit consent to process your data for a specific purpose.
  • Contractual Necessity: When processing is necessary for the performance of a contract with you or to take steps at your request before entering into such a contract.
  • Legal Obligation: When processing is necessary for compliance with a legal obligation.
  • Legitimate Interests: When processing is necessary for our legitimate interests, provided these interests are not overridden by your rights and interests.

5. In what circumstances and how do we share and disclose your personal data?

We do not sell, trade, or otherwise transfer your personal information to outside parties except in the following circumstances:

  • Service Providers: We may share your data with third-party service providers who assist us in our activities, including operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential and to abide by all data protection regulations.
  • Legal Requirements: We may disclose your information where we are legally required to do so to comply with applicable laws, regulations, or legal processes.

6. In what circumstances and how do we transfer your personal data internationally?

As an organization based in Switzerland, your personal data may be transferred to, and stored at, a destination outside the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection by implementing appropriate safeguards, including:

  • Ensuring transfers are to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • Using specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
  • In case data is transferred to a country that is not deemed to provide an adequate level of protection for personal data, we contractually oblige the transferee to abide by our data protection regulations through contractual arrangements that follow the revised EU data protection contracts. However, these contractual arrangements may partially make up for the lower legal protection in a given country but may not protect against all risks. In some cases, transfer into countries without adequate personal data protection may also be legal on other grounds, e.g. upon consent or in connection with legal proceedings or the execution of contractual obligations.

7. For how long do we retain your personal data?

We will retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements including the period of the statute of limitation against potential claims against us.

As soon as it is no longer necessary to retain your personal data for the above-mentioned purposes, it will be, as far as possible, deleted, blocked or anonymised.

8. What rights to you have as the data subject?

Under the nFADP and GDPR, you have the following rights:

  • Right to Access/Information: You have the right to request access to your personal data that we process free of charge.
  • Right to Rectification: You have the right to request that we correct or complete any information you believe is inaccurate or incomplete unless this is impossible or would involve an disproportionate effort
  • Right to Erasure: In certain circumstances you have the right to request that your personal data is erased. In certain cases that right to erasure can be excluded.
  • Right to Restrict Data Processing: In certain circumstances you have the right to restrict the processing of your personal data.
  • Right to Data Portability: In certain circumstances you may have the right to receive the personal data you provided to us in a format that is readily readable to you/portable.
  • Right to Withdraw/Revoke an Earlier Consent: You have the right to withdraw an earlier consent at any time. Any data processing activities that have taken place up to the point of your withdrawal/revocation of your consent remain legal.
  • Right to Lodge a Complain: If you are concerned about an alleged breach of privacy law or any other regulation, you have the right to complain to the competent data protection authority. For Switzerland, the competent authority is the Federal Data Protection and Information Commissioner (FDPIC) (https://www.edoeb.admin.ch/edoeb/en/home.html).

9. How can you contact us?

The data controller is Ethics and Compliance Switzerland.

If you have any questions about the processing of your personal data, or if you wish to exercise your rights, you can contact us by sending us an email at info@ethics-compliance.ch or contacting us on Data Protection, Ethics and Compliance Switzerland, c/o Basel Institute of Governance, Steinenring 60, 4051 Basel, Switzerland.

These are the upcoming dates for our Annual General Meetings:

Thursday, 20 March 2025
Thursday, 19 March 2026

If you are an ECS member, you are cordially invited to our Annual General Meetings! Each AGM is followed by discussion on current compliance topics and an networking Apèro.