Privacy Policy

24th of May  2018

1.  INTRODUCTION

Data protection is a key concern for us. This privacy statement is intended to help you understand how we may use the data you provide to us as a user of our site.

2.  LEGAL BASIS

This privacy statement is based on the Federal Data Protection Act (FDA) and the European General Data Protection Regulation (GDPR).

3.  UPDATE

Our privacy policy may require periodic updates, including as part of the evolving regulatory framework for data protection. We invite you to check this page regularly to make sure you have read the latest version. Last update: 24th of May 2018

4.  Our site URL:

https://ww.gcsp.ch 

5.  Definitions

Personal data

Any information relating to an identified or identifiable natural person (data subject). In particular by reference to an identifier such as the name, the first name or the address, the email, the telephone number, etc.

CMS

CMS is the acronym for Content Management System. This is the system for managing the content displayed on a website.

Consent

Consent means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Cookies

A cookie is a text file that the site you are visiting stores on the hard disk or in the browser memory of the computer that you use to access the internet. A cookie allows your computer to store various technical data allowing the general control of public access to a site (number of visits, duration of the visit, connection to other sites, etc.) or the customisation of the displayed pages for your next interactions with the same site (your account, the most visited pages,etc.)

Privacy Impact Assessment (PIA)

A PIA is a detailed study to establish the risk to privacy that a personal data processing could have on the privacy of the data subject should an incident occur.

Purpose of processing

The purpose of processing is the reason why the data is collected.

Plugins

A plugin or plug-in is a computer program designed to add functionality to other software (called host software). For example, the buttons of social networks. Equivalent terms; "Plug-in", "Add in", "Add on".

Data subject

Any natural person subject to a processing of personal data.

Controller

The controller is the natural person or legal person on whose behalf the treatment is carried out. It determines alone or jointly the purposes of the treatment. 

Processor

The processor is any natural or legal person, public authority, service or other body that processes personal data on behalf of the controller. For example, a web host or an online service provider.

Tag

Tag or HTML tags are the basic elements of the HTML coding of a web page. They are invisible to the user (except by activating the display of the source code). They are interpreted by the browser for the composition of the page. They allow the formatting and structuring of content and some are specifically taken into account by the algorithms of search engines for setting the score of the page on a query and the return of results.

Processing

Any transaction or set of transactions involving personal data, whether or not performed using automated processes, including the collection, recording, organisation, retention, adaptation, modification extraction, consultation, use, communication by transmission, dissemination or any other form of provision, reconciliation or interconnection and limitation, erasure or destruction.

 

6.  PROCESSING YOUR DATA

We only process data that you choose to transmit to us and for which you explicitly consent to the treatment.

CONTACT FORM

Through our website, you can fill out a contact form. The following personal data will be requested:

  • SenderName
  • FirstName
  • E-mail
  • Job title

You have the opportunity to write a message related to your contact request. We recommend that you remain concise in your message and not provide us with any personal information.

NEWSLETTER

You can also choose to receive our newsletter by ticking the option provided for this purpose. You will then receive a request for consent by email which will clearly indicate the purposes of processing your personal data that you can accept or refuse selectively.

If you have subscribed to our newsletter and do not wish to receive it anymore, you can unsubscribe by clicking on the "unsubscribe" link at the bottom of the newsletter. By doing so, you will receive an automatic confirmation of unsubscription and your data will be automatically deleted from the file provided for this purpose.

 

7.  PURPOSES OF TREATMENT

We treat your data only in order to best meet your expectations. By collecting some of your personal data, two purposes stand out:

  1. Operational purposes
    1. Respond to requests for contacts or information
    2. Establishment of an offer(s)
  2. Marketing purposes
    1. Sending newsletters
    2. Sending commercial offers

 

8.  TRANSFER OF YOUR DATA

As part of the implementation of this privacy policy, we use subcontractors, processors based in Switzerland and abroad to execute our various data processing.

We draw your attention to the fact that the servers of our subcontractors, processors may be located in states whose legislation does not include data protection rules appropriate or equivalent to the LPD or the GDPR.

If this is the case, we ensure that our subcontractors, processors, provide data protection safeguards and that they apply equivalent or GDPR-compliant standards, regardless of the geolocation of their servers. 

9.  DATA PROTECTION MEASURES

We strive to maintain a high level of security in the collection, processing and retention of data by relying on organisational and technical measures and taking the necessary precautions regarding the nature of the personal data that you are likely to communicate to us and the risks presented by their treatment in order to preserve its security and prevent such that they are altered, damaged, destroyed or that unauthorised third parties have access to it. 

However, we draw your attention to the fact that it is impossible to guarantee absolute protection and invite you to apply good practices in order to contribute to the security of your data, in particular not to communicate your identifiers and passwords to other users. third parties, to disconnect systematically from your profiles and customer accounts, to close your browser window after your session, to clean the browsing history, especially if you access the Internet from a public post to which others people have access and not to save your credentials and passwords in the browser.

We supervise the processing of data by technical and organisational measures specific to the processing of personal data. All of our staff, agents and partners are required to adhere to these measures.

Encryption

We use Secure Socket Layer (SSL) encryption to protect our website from the loss, destruction, access, modification and dissemination of your data by unauthorised third parties. SSL encryption encrypts content when you provide data on our site. We use the TLSstandard.

Sensitisation

We make our employees and partners aware of the risks associated with the processing of personal data.

Limitation of processing

We limit the collection and processing of personal data to the strict minimum necessary to fulfil the intended purpose. 

Access control

We control and limit access to the processing of personal data to a limited number of people.

Keeping your data

Your data is stored in our systems for the time necessary for the intended processing. After processing, the data is archived and anonymised or destroyed.

PIA

We carry out a Privacy Impact Assessment before implementing any personal data processing that may involve a risk for the data subjects privacy.

Selection of subcontractors, processors

We endeavour to select mainly subcontractors, processors, established in Switzerland or the European Union who contractually undertake to respect the confidentiality of personal data and who are guaranteed by the adoption of organisational and technical measures consistent with the LPD and RGPD.

10.  COOKIES &PLUGINS

Our site uses plugins and cookies that may automatically record information. Their use aims to make the use of the site more pleasant by improving its ergonomics from the data collected. 

This data can also be used in particular for statistical measurement purposes, analysis of internet user behaviours and anonymised geolocation in order to personalise our commercial offer.

When you browse our site, the computer you use will interact with a server that provides all the requested resources by automatically saving each operation to a specific file in which the computer used is identified by its IP address. This is how the browser that you use gives us some standard data, including the browser used and its features, the operating system of the computer, tablet or smartphone used, the identification of third-party sites (Facebook, Linked-in, etc.) from which you may have logged in as well as dates and times of access to our site.

This data and in particular the IP address of the computer, tablet or smartphone used do not allow us to identify you by name.

MARKETING ANALYSIS AND TARGETING PLUGINS

Our site uses marketing analysis and targeting services. His services use cookies. The data generated by the cookie about your use of the website, including your IP address is transmitted and stored on servers that may be located abroad, including in a country offering a lower level of data protection compared to Switzerland or the European Union.

The provider will use this information for the purpose of evaluating your use of the site, compiling reports on website activity and providing other services relating to website activity and internet usage. The supplier is likely to communicate this data to third parties in case of a legal obligation or when these third parties process these data for their own account, including in particular the publisher of the site.

Our site uses the following analytics and advertising services:

  • Google Tag Manager de GoogleInc.
  • GoogleAnalytics

PLUGINS OF SOCIAL NETWORKS

Our website uses social plugins ("plugins"). These plugins are marked with logos.

If you open a page of our website containing one of these plugins, your Internet browser then establishes a direct link with the servers of the social network concerned. The content of the plugin is directly transmitted by the social network concerned to your Internet browser and integrated into the web page by it.

Thanks to the inclusion of cookies on the pages of our site, the social network concerned is informed that you have consulted one or more pages of our website. If you are connected to a social network when you visit our site, it is able to attribute your visit to our site to your account at home. If you interact with plugins, eg. By clicking on the "Like" button or by entering a comment, the corresponding information is sent directly by your Internet browser to the social network and saved on their servers.

To know the purposes and scope of the collection and processing of data by the social networks of which you are a member, as well as your rights in this area and the possibilities of setting up your account to protect your privacy, we recommend that you consult their privacy policy.

The following social plugin is installed on our site: “Addthis”

  • Facebook.com (FacebookInc.)
  • Linkedin.com (LinkedinCorporation)
  • Twitter.com (TwitterInc.)

11. MEANS YOU HAVE TO CONTROL YOUR TRACES

1. You have the option to disable plugins and cookies via the console provided for this purpose. This is accessible through the cookies banner that appears on the bottom of the home page when you visit our website. To customise or disable plugins and cookies, select the "customise" button.

2. Recent versions of the main browsers allow not only to oppose the registration of cookies but also to perform browsing sessions at the end of which all cookies installed during this session are automatically deleted regardless of their lifespan provided, thus providing better protection for traces.

12.  YOUR RIGHTS 

The Federal Data Protection Act and the EU General Data Protection Regulation grant the following rights to the data subjects. 

  • Right of information
  • Right to access your data
  • Right to rectification of your data (complete, updated)
  • Right to oppose the processing of your data
  • Right to limit the processing of your data (Purpose & duration of treatment)
  • Right to the portability of your data (transmitted to a third party on your instruction)
  • Right to erase your data (Right to be forgotten)

 

13.  EXERCISE YOUR RIGHTS &INFORMATION

You can exercise your rights or request information by contacting us via the email address privacy@gcsp.ch or by using our contact form or by post to the address below. We will do what is necessary to answer you as soon as possible.

Company

Geneva Centre for Security Policy Address:

Maison de la paix
Chemin Eugène-Rigot 2D
P.O. Box 1295
CH - 1211 Geneva1

Tel. +41 22 730 9600
Fax. +41 22 730 9649
Email: privacy@gcsp.ch