INLEAD – Privacy Policy (August 2021)
This Privacy Policy (the “Privacy Policy“) informs you (“you” or “User“) about how REVEAL LLC (Reitergasse 11, 8004 Zurich), doing business as INLEAD (“we“, “us” or “INLEAD“) treats your personal data (“Data“) according to the Swiss Federal Act on Data Protection (“DPA“) and the EU General Data Protection Regulation (“GDPR“), when you use INLEAD’s website (the “Website“) and/or access INLEAD’s e-learning platform (the “Services“).
1. Controller and Contact Details
Controller is REVEAL LLC, Reitergasse 11, 8004 Zurich, Switzerland, doing business as INLEAD under the URL inlead.ch. You may also contact INLEAD by phone (+41 44 503 70 75) or email (together[at]inlead.ch).
EU representative is VGS Datenschutzpartner GmbH, Am Kaiserkai 69, 20457 Hamburg, Germany, info@datenschutzpartner.eu.
2. Your Obligation to Provide Data
You may only use the Services based on a valid contract as per our Terms of Use and a license contract either between you and INLEAD or between your employer (or principal) and INLEAD. In order to prevent unauthorized access, you must create an account including login credentials to access the Services. If you do not provide the information required to open an account, we will not be able to provide you access to the Services.
3. Collected Data, Purpose and Legal Basis
The processing of personal data is limited to data that is required to operate, provide and secure the Website and the Services, as set out in the following table.
Area | Personal Data Affected / Description | Purpose and Legal Basis |
Access to the Website | When accessing our Website (and through our Website the Services), the following information about your device may be collected automatically in so-called server logfiles: server name, IP address, operating system, type of device, browser name and version, date and time of access, address of the website from which you were redirected to our Website (if applicable). | We use this data based on our legitimate interest (GDPR 6.1.f) to operate and secure our Website and our Services, in particular for security reasons to ensure the stability and integrity of our systems. |
Access to the Services | For the creation of an account and login credentials to access the Services, we will collect from you the following Data: Salutation, First Name, Last Name, Company, Function within the Company, Business E-Mail Address, Phone Number (direct or mobile). | We use this data based on our legitimate interest (GDPR 6.1.f) to verify whether you are authorized to access the Services and to grant you access to the Service in performance of the contract with you as per the Terms of Use (GDPR 6.1.b). |
Website Analysis | We may analyze your use of our Website with web analysis tools, including Google Analytics (with IP anonymization activated). Further information on the use of data by Google and configuration options can be found here. | We perform basic web analysis based on our legitimate interest (GDPR 6.1.f) to optimize the Website regarding usability and to gain insight about the use of our Website and Services. The collected data will not be merged with other personal data or disclosed to third parties. Enhanced web analysis using cookies is based on your consent (GDPR 6.1.a), cf. below section ‘Cookies’. |
Contact Form | If you fill out our contact form, send us an email or another form of electronic message, we may collect such information as your Name, E-Mail Address, Phone Number, Subject Matter and corresponding Message. | We use this data to process your inquiry and possible further questions you might have in relation to the performance of our Services (GDPR 6.1.b). |
Cookies | We use cookies on our Website to ensure a user-friendly experience (e.g. session cookies). Cookies are small files that are managed by your browser and are directly stored on your device whenever you visit our Website. The web analysis tools (cf. above section ‘Website Analysis’) may also use cookies for website analysis purposes. | Cookies allow us to recognize your browser on your next visit in order to provide you a user-friendly experience based on our legitimate interest (GDPR 6.1.f). Enhanced web analysis using cookies is based on your consent (GDPR 6.1.a). |
4. Transfer of Data and Crossborder Transfers
We may use service providers for the hosting and operation of our Website and Services. Such service providers may have access to the Data, strictly limited to the performance of their services for us. Otherwise we do not transfer Data to any third parties.
We do not transfer your Data to any country outside of Switzerland or the EU (or grant access to your Data to anybody in a country outside of Switzerland or the EU).
5. Retention/Storage Periods
We will retain/store your Data as follows:
- Website Access: As long as required to enable the requested access and secure the stability and integrity of our systems.
- Services Access: In general as long as you are accessing (or have the right to access) our Services: your Personal Data will be deleted after termination of your contract and/or deletion of your account, if and to the extent (a) we are not legally obliged to retain such Data (e.g. for accounting or document retention purposes) and (b) we do not have an overriding legitimate interest to retain such data for the assessment or exercise of or for the defense against legal claims.
- Website Analysis: Your Data will be stored for as long as required to perform the analysis and will thereafter be deleted or anonymized.
- Contact Form: Your Data will be deleted after responding to / completing your inquiry, if and to the extent (a) we are not legally obliged to retain such Data (e.g. for accounting or document retention purposes) and (b) we do not have an overriding legitimate interest to retain such data for the assessment or exercise of or for the defense against legal claims.
- Cookies: Cookies will be stored on your device for the time period required to achieve the related purpose and will thereafter be deleted by your browser.
6. Right to Object
Regarding any processing of your Data based on our legitimate interest (GDPR 6.1.f), you have the right to object to such processing by explaining your particular reasons and circumstances on which your objection is based.
Regarding cookies through which certain Data may be collected, you can block the setting of such cookies at any time by changing the settings in your browser accordingly. You will then be notified whenever your browser attempts to create a cookie and you can decide whether you want to allow the cookie or not. Please note that a deactivation of cookies may result in a limited user experience and you may not be able to use every function of our Website or Services or to access the Services in an appropriate manner altogether.
7. Your Rights as Affected Data Subject
You have the right to request information about your Data we process. In particular, you have – or may have, depending on the circumstances – the right to:
- Information, i.e. to ask us whether we are processing Data about you, and if so, to provide you with further in information related thereto.
- Correction, i.e. to ask us to correct your Data if it incorrect or incomplete.
- Deletion, i.e. to delete your Data (to the extent we are not under a legal obligation or have an overriding legitimate interest to retain such Data).
- Restrict Processing, i.e. to ask us to temporarily restrict our processing of your Data.
- Data Portability, i.e. to ask us to provide you in electronic form (to the extent technically feasible) the Data you have provided to us.
- Withdraw Your Consent, i.e. to withdraw your consent if and to the extent you have previously given your consent to any specific purpose of processing of your Data. This will not affect the lawfulness of any processing carried out before you withdraw your consent and it may mean that we will no longer be able to provide our Services to you.
In case you wish to exercise any of these rights, please contact us as specified in Section 1. Before responding to your request, we may ask for proof of identity. This helps us to ensure that your Data is not disclosed to any person who has no right to receive it.
8. Data Security
We have put appropriate technical and organizational security policies and procedures in place to protect your Data from loss, misuse, alteration or destruction. We limit access to personal data in general. Those individuals who have access to the data are required to maintain the confidentiality of such information.
9. Complaint / Regulatory Authority
If you believe that our processing of your Data contradicts the applicable data protection laws, you have the possibility to lodge a complaint with the appropriate data protection authority.
The data protection authority for INLEAD is the Swiss Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, CH-3003 Berne. https://www.edoeb.admin.ch