Skip to content

Privacy Policy

I. Scope

This privacy policy applies when you interact with Data Guardians SA (“Data Guardians”, “we”, “our”, “us”) as:

  • A client or prospect;
  • A visitor to our website;
  • A business partner or service provider;
  • An employee;
  • A candidate in a recruitment process.

It describes how we collect, use, disclose, retain, and protect your personal data in accordance with applicable data protection laws and regulations, including the Swiss Federal Act on Data Protection (FADP), as well as any other applicable national or international data protection legislation.

We reserve the right to modify this policy at any time. The current version is the one published on our website. In case of substantial changes, we will inform you by appropriate means.

II. Definitions

For the purposes of this policy, the following definitions apply:

  • Personal Data: Any information relating to an identified or identifiable natural person, directly or indirectly, including by reference to a name, email address, phone number, postal address, IP address, or any other identifier.
  • Data Controller: The entity that determines the purposes and means of processing personal data. For the processing described in this policy, Data Guardians acts as the Data Controller.
  • Processing: Any operation or set of operations performed on personal data, whether automated or not, such as collection, recording, organization, structuring, storage, adaptation, consultation, use, disclosure, restriction, deletion, or destruction.

III. Personal Data We Collect

The categories of personal data collected depend on your relationship with Data Guardians:

1. Clients and Prospects

In the context of our consulting, auditing, support, and operational services in information security and data protection, we may collect, in particular:

  • Identification data: name, surname, position, company, professional contact details (address, phone, email);
  • Professional data: role, responsibilities, scope of activities, organizational information;
  • Contractual data: contracts, purchase orders, professional correspondence, billing information;
  • Data related to our assignments: information necessary for risk analyses, compliance audits, security assessments, data governance, or regulatory framework implementation;
  • Any other data strictly necessary to fulfill our contractual or legal obligations.

2. Website Visitors

When visiting our website, certain data is collected automatically via cookies and technical trackers, including:

  • IP address;
  • Browser type and operating system;
  • Pages visited;
  • Date and time of connection;
  • Technical data used for security, performance, or anonymized statistical purposes.

3. Employees of Data Guardians

Within the employment relationship, we process, in particular:

  • Identification data: name, surname, date of birth, contact details;
  • Professional data: position, role, skills, career history, evaluations;
  • Administrative and contractual data: employment contract, authorizations, social security;
  • Financial data: salary, bank details, tax information related to employment;
  • Sensitive data, if applicable and within legal limits (e.g., medical certificates);
  • Login data for internal IT systems (technical logs, access) for security purposes.

4. Job Candidates at Data Guardians

In the recruitment process, we collect, in particular:

  • Name, surname, contact details;
  • Resume and cover letter;
  • Information about professional experience, education, and qualifications;
  • Professional references;
  • Any other information you choose to provide.

IV. Purposes and Legal Bases for Processing

We process your personal data based on the following grounds:

1. Performance of a Contract or Pre-contractual Measures

When processing is necessary for the performance of a contract or pre-contractual measures, we use your data to:

  • Manage the contractual relationship with our clients and partners;
  • Provide our consulting and support services in cybersecurity and data protection;
  • Ensure invoicing, administrative management, and follow-up of assignments;
  • Respond to requests for information or contact;
  • Manage employment relationships with our employees;
  • Process job applications.

2. Legitimate Interests of Data Guardians

When necessary to pursue our legitimate interests and provided your fundamental rights do not prevail, we may process your data to:

  • Ensure the security of our information systems;
  • Prevent unauthorized access, security incidents, and malicious acts;
  • Meet internal governance, compliance, and risk management obligations;
  • Manage relationships with partners and service providers;
  • Maintain reasonable professional communication with existing contacts.

3. Legal Obligations

We process and, where necessary, disclose your personal data when required to comply with a legal or regulatory obligation applicable to our activities.

4. Consent

In certain cases, we process your data based on your explicit consent, in particular:

  • For the use of cookies not strictly necessary for the functioning of our website or other platforms;
  • Where the law requires it for specific processing activities.

You may withdraw your consent at any time, without retroactive effect.

V. Data Retention

Your personal data is retained only as long as necessary for the purposes pursued or in accordance with applicable legal obligations. At the end of these periods, data is deleted or anonymized, unless otherwise required by law.

VI. Recipients and Data Sharing

We may engage service providers or subcontractors (e.g., IT providers, hosting providers, auditors). In this context:

  • Data is processed solely according to our instructions;
  • Confidentiality and security contractual obligations are in place;
  • Data processing agreements (DPAs) are concluded where required.

We never sell your personal data.

VII. International Transfers

Where possible, data is processed and stored in Switzerland or the European Union. In case of transfers to countries not providing an adequate level of protection, we implement appropriate safeguards (standard contractual clauses, technical and organizational measures).

VIII. Cookies and Trackers

Data Guardians uses cookies to ensure proper site functionality, enhance security, and analyze usage in an aggregated and anonymized manner. You can manage your preferences via your browser or the cookie management tool available on our site.

IX. Data Security

We implement appropriate technical and organizational measures, in line with industry best practices, to protect your data against loss, unauthorized access, alteration, or disclosure.

X. Your Rights

Subject to applicable law, you have the following rights:

  • Right of access;
  • Right to rectification;
  • Right to erasure;
  • Right to restriction of processing;
  • Right to object;
  • Right to data portability;
  • Right to withdraw consent;
  • Right not to be subject to automated decisions.

You may also lodge a complaint with the competent data protection authority.

XI. Contact

For any questions regarding this policy or to exercise your rights, you can contact us:

By email: dpo@dataguardians.ch

By postal mail:

Data Guardians SA
Cours des Bastions 13, 1205 Geneva
Switzerland

We will process your request as soon as possible, in accordance with applicable legal requirements.

Powered by  GDPR Cookie Compliance
Privacy Policy Summary

This site uses cookies so that we can provide you with the best possible user experience. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team understand which sections of the site you find most interesting and useful.

To learn more, please see our privacy policy.