We at COR2ED GmbH respect the privacy of the users of our websites with educational resources (the “User” or “you“) and are committed to protecting the personal information that Users may share with us. This Privacy Statement describes our practices regarding the collection, use and disclosure of personal information (i.e. personal data under applicable data privacy laws) relating to potential and existing Users of COR2ED GmbH educational resources and which we may obtain when you visit our websites from which you are accessing this Privacy Statement (the “Sites“) or when you participate in any of the online forums, platforms, newsletters or other digital activities carried out by us on the Sites (“Activities“). This Privacy Statement also describes your choices regarding the use, access and correction of your personal information.
The controller of your personal data is COR2ED GmbH, Bodenackerstrasse 17, 4103 Bottmingen, Switzerland.
1 | WHAT INFORMATION WE COLLECT FROM YOU
• Log Data: As is true of most websites, our servers automatically collect and record information that the browser on your computer or mobile phone, tablet or similar device you use to access our Sites (a “Device“) sends whenever you visit our Sites (“Log Data”). Log Data may include Internet protocol (IP) addresses, browser type and language, referral and exit pages and URL’s, language information, the domain from which you are visiting and additional information in respect to your usage and browsing of the Sites. We do not link this automatically collected data to other information we collect about you. We also may collect information about various aspects of your use of our Site or your participation in any Activity, such as the dates and time of your login, the content you have viewed, the pages you have visited, the searches and/or registrations you may have made and any clickstream data.
• Location Data: When you access our Sites on a mobile Device (such as a tablet or a mobile phone), we may collect information about your location through location information accessible through your Device. You can change the privacy settings of your Device at any time, in order to turn off the functionality of sharing location information. If you have any queries about the privacy settings of your Device, we suggest you contact the manufacturer of your Device or your mobile service provider for help.
• Social Media Widgets: Our Sites also includes some social media features, such as a Facebook “like” button, and widgets, such as a “share” button. These features may collect your Internet Protocol address, which page you are visiting on the Site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Site. Your interactions with these features are governed by the privacy statement of the companies that provide them.
We collect this information when you interact with us, for example when you communicate with our staff, attend one of our programmes, sign up to receive information by e-mail or visit our Sites. We also collect your personal data from publicly available sources, for instance when we try to identify potential attendees for a course in a certain domain.
You are generally under no obligation to disclose personal data to us, unless you or your employer has a contractual relationship with us which foresees such obligation. Yet, in order to conclude and perform a contract, we must collect and process the personal data which is necessary for such conclusion and for the fulfilment of the contractual and associated obligations as well as for the fulfilment of legal obligations. Moreover, when using a website, it is necessary to process log data and certain other data. Also in relation to communications between you and us, we must process at least the personal data that you provide to us or that we provide to you.
2 | HOW WE USE YOUR INFORMATION
We may use your personal information for the following general purposes:
• to communicate with you in general, including for the purpose of providing you information about our services or responding to your questions and comments;
• to measure interest in and improve our Sites and/or Activities;
• to enable some of our business purposes, such as data analysis, audits, researching and developing or improving new Activities, enhancing our Sites, and determining the effectiveness of our promotional campaigns relating to our services;
• subject to applicable law, to send you information that we believe may be of interest to you, regarding our services. You may choose not to receive such information and opt-out of such future communications. All such communications sent to you will contain the instructions for opting-out;
• as otherwise described to you at the point of collection.
Log Data and other non-personal information that we gather and collect is used mainly for the purpose of administering the Sites; analysing trends in the aggregate in the use of our Sites (for instance, we may use such information to create user predicted preferences and social characteristics); enhancing user experience on our Sites (for instance, we may use such information to determine which areas of our Sites are more popular than others), estimating and reporting total audience size and traffic; investigating, detecting, preventing or otherwise taking action regarding illegal activities, suspected fraud or abuse; and providing analytics and reporting with respect to the use of the Sites.
Your personal information is held in our systems for the duration of your interaction with our events, websites and webmail communications up to two years after your last interaction with us. You may request to be removed from our systems at any time, however, please note that if you have registered as an attendee to one of our events, your data must be retained for as long as local accounting regulations require us to keep it, and generally for 7 years.
3 | WITH WHOM WE SHARE YOUR INFORMATION
We may share your personal information under the following circumstances:
• We may share your personal information to respond to subpoenas, court orders, or legal process, to enforce our legal rights, to defend against legal claims or in such circumstances where, in our judgment, a disclosure is necessary or appropriate in accordance with applicable law.
• We may share your personal information if we believe it is necessary in order to investigate, detect, prevent or otherwise take action regarding illegal activities, suspected fraud or abuse, situations involving potential threats to the physical safety of any person, violations of our various terms of service or as otherwise required by applicable law.
• We may share information that you voluntarily make public, including information that you post on any blogs, message boards, chat rooms or other similar forums, whether or not such forums are owned by COR2ED GmbH. Since such public information can be accessed by others and used by any member of the public, such use by third parties is beyond our control. To request removal of your personal information please contact us at [email protected] In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
We may share aggregated or anonymous information or statistics (which in any event does not contain any of your personal information) with third parties, such as our existing or potential supporters, investors, vendors, service providers and other business partners.
4 | ON WHAT BASIS WE USE YOUR PERSONAL INFORMATION
We process personal data on the following grounds:
• For the performance of a contract;
• For legitimate interests. This includes, for example, the interest in customer care and communication with customers outside of a contract; in marketing activities; in getting to know our customers and other people better; in improving products and services and developing new ones; in the guarantee of IT security, especially in connection with the use of websites, apps and other IT infrastructure; in the guarantee and organisation of business operations, including the operation and further development of websites and other systems; in company management and development; in the sale or purchase of companies, parts of companies and other assets; and in the enforcement or defence of legal claims;
• Based on a consent, where such consent was obtained separately; and
• For compliance with legal and regulatory obligations.
5 | COOKIES AND OTHER TRACKING TECHNOLOGIES
• Cookies and Similar Tracking Technologies: We collect certain information by automated means, using technologies such as cookies, pixel tags, browser analysis tools, server logs and web beacons “cookie” technology. For example, when you visit our websites, we place cookies on your computer.
Cookies (sometimes referred to as browser cookies) are small packets of data that a website stores on your Device’s hard drive allowing your Internet browser to save and retrieve information about your visit to the website. You can find more information about cookies at www.allaboutcookies.org and www.youronlinechoices.eu.
We may use both session cookies (which expire once you close your Internet browser) and persistent cookies (which stay on your Device until you delete them) to help us collect non-personal information about various aspects of your use of our Sites or your participation in any of the Activities, and to enhance your experience using the Sites. Cookies can also help enable the detection of certain kinds of fraud. If you do not want us to place a cookie on your Device’s hard drive, you may be able to turn that feature off on your Device. Please consult your Internet browser’s documentation for information on how to do this and how to delete persistent cookies. However, if you decide not to accept cookies from us, the Sites may not function properly.
Pixel tags and web beacons are tiny graphic images placed on website pages, emails and social posts that allow us to determine whether you have performed a specific action. When you access these pages, open or click an email, or share a post on social media, the pixel tags and web beacons generate a notice of that action. These tools allow us to measure responses to our communications and improve our web pages and promotions.
Some web browsers may transmit Do Not Track signals to websites with which the browser communicates, telling the websites not to follow its online movements. Because of differences in how browsers interpret this feature, it is not always clear whether Users intend for these signals to be transmitted, or whether they are even aware of them. Therefore, our Site currently does respond to such Do Not Track signals.
• Analytics and Remarketing Tools:
• For CrazyEgg – https://www.crazyegg.com/privacy. You can also opt out of CrazyEgg collecting and storing your data at any time by following the instructions in following link: https://www.crazyegg.com/opt-out
• For Marketo – https://legal.marketo.com/privacy.
6 | HOW WE PROTECT YOUR INFORMATION
We take commercially reasonable steps to protect your information from loss, misuse, and unauthorised access, use, disclosure, alteration, or destruction. When personal information is transferred over the Internet, we encrypt it using Transfer Layer Security (TLS) with SHA-256 with RSA encryption or similar technology. You should note, however, that no security system is impenetrable. We cannot guarantee the security of our databases or the databases of the third parties with which we may share such information, nor can we guarantee that the information you supply will not be intercepted while being transmitted over the Internet. In particular, e-mails sent to us may not be secure, and you should, therefore, take special care in deciding what information you send to us via e-mail.
7 | HOW WE RETAIN YOUR INFORMATION
We retain your personal data for as long as it is necessary for the purposes for which the data is collected, and as long as we have a legitimate interest in keeping personal data, for example to enforce or defend claims or for archiving purposes and IT security. We also retain your personal data as long as it is subject to a legal retention obligation.
8 | YOUR RIGHTS
You are entitled to ask for details of the information we hold about you and how we process it and to receive a copy of your personal data. You may also have your data rectified or deleted, restrict our processing of that information, and object to the processing of your personal data. You may also choose to withdraw your consent. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or permitted by law. You may also lodge a complaint in relation to our processing of your personal data with a competent local supervisory authority.
In addition, you may manage your receipt of non-transactional communications by clicking on the “unsubscribe” link located on the bottom of any of our e-mails. Subject to applicable law, we will use reasonable efforts to process such requests in a timely manner. You should be aware, however, that it is not always possible to completely remove or modify information in our subscription databases.
Should you have a request regarding the processing of your personal data you may contact us via letter, email or telephone via the following contact details:
COR2ED GmbH, Bodenackerstrasse 17, 4103 Bottmingen, Switzerland, [email protected]
9 | EXTERNAL SITES
The Site may contain links to websites operated by third parties (“External Sites”). Be sure to read the privacy policies, supplemental notices, and settings of all websites or platforms that you visit so you can understand their privacy practices and your options. These External Sites have separate and independent privacy policies. We have no responsibility or liability for the content and activities of these External Sites. Nonetheless, we seek to protect the integrity of our Site and welcome and feedback about these sites.
10 | CHILDREN’S PRIVACY PROTECTION
12 | INTERNATIONAL TRANSFER OF INFORMATION
We may transfer your personal data to recipients abroad, including in countries that do not provide the same level of protection as Swiss or EU/EEA law. Before we do so we will implement appropriate measures to protect your personal data, for example by requiring the recipient to agree to data processing agreements (if you would like to receive a copy of these agreements, please contact us. These agreements are usually based on the EU standard clauses, which you may review here). We may also transfer personal data with your explicit consent and in certain other situations as permitted by applicable law.
13 | AUTOMATED INDIVIDUAL DECISION-MAKING
“Automated individual decision-making” means decisions made automatically, i.e. without relevant human influence, which have a negative legal effect or other similarly negative effects on you. We will inform you separately if we should use such automated decisions in individual cases as far as this is required by law.
14 | GOVERNING LAW
15 | QUESTIONS