Quick Links
1 — Data Processing Principles
Lawful and transparent processing
Purpose limitation and data minimisation
Accuracy and controlled retention
Security and confidentiality of data
Processing limited to stated purposes
2 — Legal Basis for Processing
Consent for submitted enquiries
Contractual necessity for demo bookings
Legitimate interests in site security and analytics
User consent management
Compliance with applicable legal duties
Processing strictly limited to website interaction
3 — Data Subject Rights
Right to access
Right to rectification
Right to erasure (“right to be forgotten”)
Right to restrict processing
Right to data portability
Right to object at any time
4 — Technical Measures
Encryption in transit and at rest
Access control and authentication policies
Continuous monitoring for malicious activity
Regular security audits
Secure log handling and storage
Regular security reviews and testing
5 — Organisational Measures
Internal data-handling procedures
Staff privacy and security training
Documented incident-response workflows
Vendor due-diligence assessments
Periodic compliance reviews
6 — International Transfers
Data stored primarily in Switzerland or the EEA
Transfers only with recognised safeguards
Standard Contractual Clauses where required
Vendor assessments before engagement
Transparent information regarding transfer grounds
7 — Data Processing Records
Records of website-related processing activities
Purpose descriptions and lawful bases
Retention schedules and deletion procedures
Security and access documentation
Vendor processing summaries
8 — Breach Notification
Prompt assessment of any suspected incident
Notification to authorities where legally required
User notification when risk thresholds are met
Containment and remediation procedures
Post-incident reporting and analysis