Skip to main content
Background

Privacy Policy

 

1. Preamble and consent


We are aware of the importance of Personal Data (defined below) privacy, especially as we use such data to provide relevant services and information to our visitors. The EU General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (“FADP”), mandate high standards on how your Personal Data is collected, processed and stored, and give you the right to access the Personal Data and request its erasure, and much more. In accordance with the legislation and recognizing the importance of this matter, we have prepared below explanations on the protection of your Personal Data when visiting this website https://dcaf.ch/ (the “Website”) and the rights you have as data subjects.
Please read these explanations carefully. 
By browsing our Website, you agree to be bound by the terms of this policy. If you do not consent to these terms, we kindly ask you not to use our Website.

 

2. What is Personal Data?


Personal Data means any information relating to an identified or identifiable natural person, i.e. an individual, regardless of the form in which it is expressed (hereafter, “Personal Data”). Personal data is information that identifies you as an individual, directly or indirectly, in particular by reference to identifiers such as a name, surname, location data, an online identifier, e-mail address, etc.

 

3. What Personal Data do we collect? 


(1)    In addition to Personal Data you provide us with, for instance by filling out a contact form or subscribing to a newsletter, we collect the following Personal Data through cookies and analytics:IP address of the requesting internet-enabled device,
(2)    location of the requesting internet-enabled device based on the IP address,
(3)    date and time of access,
(4)    accessed resources on the Website,
(5)    name and URL of the retrieved file,
(6)    Website/application from which the access was made (referrer URL), 
(7)    browser you use,
(8)    if necessary, the operating system of your internet-capable computer as well as the name of your access provider.

The sole cookie we use is the Google Analytics session cookie.  

 

4. Why we collect such Personal Data? 


We use cookies and the Personal Data collected:

(1)    to make the functionalities of our Website available to you and to offer you additional functionalities, 
(2)    to improve the Website or our dedicated pages on social media,
(3)    to store information about your preferences, allowing us to customize our Website according to your individual interests,
(4)    to speed up your searches,
(5)    to compile behavioral and statistical information about uses of our Website or our dedicated pages on social media, in particular to estimate our audience size and usage patterns,
(6)    to produce aggregate insights that do not identify you,
(7)    to identify you and log your use, recognize you when you return to our Website, track the activity on our Website and hold certain information. 

The purpose for implementing all of the above is to maintain and monitor the performance of our Website and to constantly look to improve the site and the services it offers to our users. The legal basis we rely on to process your Personal Data is article 13(1) FADP and article 6(1)(f) of the GDPR, which allows us to process Personal Data when its necessary for the purposes of our legitimate interests.

 

5. Who is the Personal Data Controller ? 


The controller of Personal Data on this Website is DCAF, Chemin Eugène-Rigot 2E, 1202 Genève, Switzerland.

 

6. Where do we store Personal Data and for how long ?


Your Personal Data is stored on servers located in London/United Kingdom. 
We retain the Personal Data you provide to the extent necessary to provide you access to and use of our Website and its functionalities, but anyway not longer than one year. 
The storage period of cookies depends on their purpose and is the same for everyone. 
We may retain de-personalized (anonymous) information after the deletion of your Personal Data.

 

7. Sharing, Selling and Transferring Personal Data 


With third parties: The Personal Data collected are primarily intended for communicating with you and improving our services. However, we may give certain independent contractors and affiliates access to the Personal Data in order to assist us with the operation of our Website, as well as data management and marketing activities.
Cross-border data transfer: For some of the third-party service providers, we may transfer your data to one of their databases outside Switzerland or the European Economic Area, potentially including countries which may not have an adequate level of protection for your Personal Data. In such event, we enter into agreements with such third-parties ensuring an adequate level of protection for your Personal Data. By providing us with your Personal Data or by accepting analytic cookies, you agree that we may transfer, store and process your Personal Data outside of Switzerland and the European Economic Area – in particular in the USA – and acknowledge that governments in certain countries such as the USA have broad powers to access data for security, crime prevention and detection and law enforcement purposes.
Selling Personal Data:  We will not sell your Personal Data to third parties. We will not share or otherwise make available your Personal Data to third parties except as provided in this Privacy Policy.
Sharing with authorities: It is possible that we will need to disclose Personal Data when required by law or if we have a good faith belief that disclosure is necessary to investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies, investigate and defend ourselves against any third-party claims or allegations, protect the security or integrity of our Website or our dedicated pages on social media, or exercise or protect the rights and safety of our users, personnel, or others.
We attempt to notify users about legal demands for their Personal Data when appropriate in our judgment and technically feasible, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.

 

8. Withdrawal of consent for processing of Personal Data


At any time, you have the right to withdraw your consent for the processing of Personal Data for a particular purpose or for all purposes with which you have consented.
For the withdrawal of your consent, please send a written request to: DCAF, Chemin Eugène-Rigot 2E, 1202 Genève, Switzerland, or by e-mail to: communications@dcaf.ch.
In case of withdrawal of your consent, we will delete all collected Personal Data or exclude them from automatic processing in accordance with the specificities of your request. 
Please be aware that the withdrawal of your consent will not impact the lawfulness of processing based on your consent before it was withdrawn and the use of Personal Data as needed to comply with our legal obligations.

 

9. Your rights in the field of Personal Data 


Right to update, correct and erasure: At any time, you have the right to obtain from us the correction of inaccurate or incomplete Personal Data. At any time, you also have the right to obtain from us access to the Personal Data that we have collected and the right to obtain immediate erasure of your Personal Data. 

Right to restriction of processing: You have the right to request that we restrict the processing of your Personal Data.

Right to data portability: You have the right to be provided with a copy of the Personal Data we have on you in a structured, machine-readable and commonly used format.

Right to object: You have the right to object to our processing of your Personal Data.

Right of access: At any time, you have the right to obtain from us confirmation as to whether your Personal Data are being processed and, where that is the case, access to the Personal Data.

Personal data breach:  In the case of a Personal Data breach, we will without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the Personal Data breach to the competent supervisory authority.

Right to complain to an authority: You have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA) or in Switzerland.

 

10. Security of your Personal Data 


The security of your Personal Data is important to us, but no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use technical and organizational commercially acceptable means to protect your Personal Data against manipulation, partial or complete loss and unauthorized access by third party, we cannot guarantee its absolute security.

 

11. Amendment of this Privacy Policy


We may change this Privacy Policy at any time by posting a new version on this page or on a successor page, without prior notification. By continuing to access or use our Website or our dedicated pages on social media after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, please stop using the Website and our dedicated pages on social media.


****
Last update on January 2021