Privacy Policy
Privacy Policy compliant with the new Swiss Federal Act on Data Protection
(nFADP- Effective September 1, 2023)
At OCIM Cybersecurity and IT (OCIM), we prioritize the privacy of every individual. We meticulously adhere to privacy policies and data protection practices not just to fulfill legal requirements but to also uphold the trust that our customers, both existing and potential, place in us.
Our commitment to safeguarding personal data isn't limited to OCIM alone; it extends to our suppliers and partners through contractual agreements. Everyone at OCIM, from our Board of Directors to our employees and representatives, is well-versed with these protocols and is pledged to abide by them.
This privacy statement serves as a comprehensive guide, offering insights into our privacy practices. It will inform you about how we handle and utilize your personal data, including details gleaned from your online interactions and any information you might provide to OCIM for recruitment or job purposes.
Outlined below is the OCIM Privacy Statement, encapsulating the principles we uphold to ensure the confidentiality and privacy of all visitors to our website.
I Principles
1.1 Lawfulness and fairness
We process personal data in accordance with the new Swiss Federal Act on Data Protection and the General Data Protection Regulation of the European Union (GDPR) and with transparency and fairness to you.
Our data processing activities are conducted:
1) with your consent;
2) in order to fulfill our obligations to you;
3) for the legitimate purposes of operating our business, or
4) otherwise in accordance with law.
1.2 Transparency and consent
We are transparent and provide clear notice and choice to you about the types of personal data collected and the purposes for which it is collected and processed. We will not use personal data for purposes that are incompatible with these Principles or our Privacy Statement.
1.3 Data access
We provide you with reasonable access along with the ability to review, correct, amend or delete the personal data you have shared with us.
1.4 Accuracy and integrity
We take reasonable steps to ensure that personal data is accurate, complete and current.
1.5 Purpose limitation
We use the personal data collected in accordance with the law and this privacy statement.
1.6 Data security
We implement information security controls in our own operations to protect personal data from unauthorized use or disclosure.
1.7 Data transfer
We do not communicate the data either free of charge or against payment to any other legal or natural person except in the event of a legal obligation.
1.8 Special categories of personal data
OCIM does not collect or retain special categories of personal data (sensitive personal information). Sensitive personal information includes: information revealing racial or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; processing of genetic or biometric data for the purpose of uniquely identifying a natural person; information concerning health; information concerning the sex life or sexual orientation of a natural person.
II What does data-processing mean and who is responsible?
"Processing of personal data" means any operation or set of operations, whether or not carried out by means of an automated process and applied to personal data or toa set of personal data, such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction.
OCIM Cochard Infomatique & Multimédia, with registered office at Chemin en Purian, 5, 1197 Prangins, company registration number CHE-115.608.085, is responsible for processing your data. You have the legal right to request details of the personal information we hold about you.
III How do we collect, use, protect and disclose your data?
3.1 Use of our website
Registration is not required for you to use our Website. If you are merely a visitor, we do not collect any personal information about you except to a limited extent through the use of cookies, which are described in the Cookie Statement. However, there may be circumstances in which you choose to register and receive updates or information from OCIM. In these cases, OCIM may contact registrants to invite them to special events, provide them with information about our services, publications and products, or for other marketing purposes.
3.1.1 Contact forms
OCIM offers various contact forms (e.g. registration for an event, contact for information, application, etc.). Personal information may be collected via these forms. The type of information collected is contact information, including first name, last name, postal address, telephone number, e-mail address and other similar information.
Third party applications that comply with data protection laws are used to capture and mail the data entered in the forms. Your data is stored in the databases of the third-party applications. When you register on our website, your personal information is stored in our customer relationship management (CRM) system. Data from registrants who have not been actively used for 24 months will be deleted from our CRM system.
3.2 Mailing
OCIM uses the list for targeted mailing campaigns (e.g. newsletter, advertisement, etc.).
3.3 Security
We implement information security controls in our own operations to protect personal data from unauthorized use or disclosure.
3.4 Disclosure
We do not communicate the data either free of charge or against payment to any other legal or natural person except in the event of a legal obligation.
3.4.1 Services providers
We use service providers to manage or support certain aspects of our operations on our behalf. These service providers may provide services such as IT services, courier services, data hosting or customer relationship management. Our service providers are contractually bound to protect the personal data they receive from us and are prohibited from using this personal data for any purpose other than to perform the services requested by OCIM. We also take steps to ensure adequate protection for any transfer of your personal data in accordance with applicable law.
3.5 Customer satisfaction surveys
Receiving feedback from our customers is very important to improve the quality of our services. This is the reason why our quality team may send a survey to our customers on a regular basis by email at the end of the provision of our services.
Please see 3.2 for more information regarding the way OCIM processes personal data in the context of mailings.
Given that each satisfaction survey is being linked to a specific service, we ask respondents to fill in their email in the form. In the context of the survey, respondents will also be asked to provide OCIM with feedback.
Such individual feedback is used for the following purposes:
- link the feedback to a specific project;
- give the account manager assigned to the respondent's organization the opportunity to contact the respondent (if and only if the respondent gives his express consent to it); and
- aggregate the individual feedback into an aggregated feedback report.
The individual feedback will only be kept for a period of 6 months after the survey and is accessible only to the quality team and the account manager assigned to the respondent’s organization.
After these 6 months, only aggregated reports containing non-personal data will be kept and used for the following reasons: draw up evolving statistics, share customer experience feedback on our projects for possible audits, prioritize and carry out the necessary actions internally within the framework of the improvement of our services.
The processing or personal data as described under 3.5 is based on the legitimate interests of OCIM (it being understood that, as explained above, respondents will only be contacted in respect of the feedback they have provided if they have explicitly consented to it).
The respondent has the right to object at any time to the processing of his/her personal data for the purpose of performing customer satisfaction surveys and/or to exercise his/her other rights in accordance with section 4 below.
IV How-to control your personal information and exercise your right?
OCIM provides you with the ability to keep your personal information accurate and up-to-date. If at any time you would like OCIM to rectify, erase or restrict the processing of your personal information, or you would like to obtain confirmation whether or not your personal information is processed by OCIM, access your personal information, ask to whom the data is disclosed, exercise your right to data portability or with draw your consent to processing, please contact us at dataprotection@ocim.ch.
V Third-party links
Please be aware that OCIM sometimes contains links to other sites that are not governed by this privacy statement. Visitors to Website may be directed to third-party sites for more information.
OCIM makes no representations or warranties regarding how your information is stored or used on third-party servers. We recommend that you review the privacy statement of each third-party site linked from the Website to determine the way they use your personal information.
VI Contact
Questions, comments and requests regarding this privacy statement are welcomed and should be addressed to dataprotection@ocim.ch.
VII Modifications
If you have any questions relating to our Privacy Policy and how OCIM uses and protects your personal data, please contact us to dataprotection@ocim.ch.
We may update this policy from time to time. If we make significant changes, we will let you know but please regularly check this policy to ensure you are aware of the most updated version.
This policy was last reviewed on 5th of September 2023.