Privacy Policy

1. Principle

The protection of your privacy is an important concern for S-GE. This privacy policy explains which personal data S-GE processes from you and how, when S-GE provides services for you or when you visit and use the website www.s-ge.com and other online platforms of S-GE.

S-GE collects and processes your personal data carefully and only for the purposes described in this privacy policy, to the extent necessary and in accordance with the Federal Data Protection Act (FDPA, SR 235.1, in force since September 1, 2023) and the Data Protection Ordinance (DPO).

If you register on the website or an online platform of S-GE, you guarantee the accuracy of the transmitted personal data and other information, and in the case of registering for a third party, your authorization to register and disclose the personal data of this third party.

2. Responsible entity and contact

For the data processing described in this privacy policy, Switzerland Global Enterprise (S-GE), based in Zurich, is responsible, unless otherwise specified. If you have any data protection concerns, you can contact us using the contact details provided below.

Switzerland Global Enterprise (S-GE)

Stampfenbachstrasse 85

8006 Zurich

Phone: +41 44 365 51 51

Email: privacy@s-ge.com

3. Services and online platforms of S-GE

S-GE provides the following services, among others, to both members and non-members, during which S-GE may collect and process personal data:

- Consulting services;

- Information services;

- Event and trade fair services;

- Business trips (Business Trips / Fact-Finding Missions);

- Rental services

The provision of these services requires the collection and processing of personal data such as name, first name, position, company, address, phone number, and email address. These are used for contract processing, communication, invoicing, and informing about S-GE’s services and offers.

S-GE also currently offers the following online platforms. Depending on the platform, registration with disclosure of personal data may be necessary.

- My S-GE, accessible via the website www.s-ge.com and at my.s-ge.com

- Annual Report, accessible via the website s-ge.com and at report.s-ge.com

- Expert Directory, accessible at expertdirectory.s-ge.com;

- Ticketing platform for event registrations

- Application platform Refline for job offers.

- Booking platform for consultations (Calenso), accessible via the corporate website

Depending on the online platform, a personal user account registration may be required. In the context of using the online platforms, we collect and process the following data in particular: name, first name, position, company, address, phone number, email address, as well as usage behavior and preferences on the platform.

4. Collection and processing of personal data

In fulfilling the services of S-GE and acquiring membership, you disclose to S-GE the personal data necessary for this purpose. There is generally no legal obligation to provide S-GE with personal data. Without this data, however, S-GE will not be able to process services for you or the company you represent. The S-GE website and online platforms cannot be used either if certain minimum personal data is not disclosed.

In this context, S-GE collects and processes the following categories of personal data in particular:

- Name, first name, position, company

- Address, phone number, email address

- Payment information

- Communication and correspondence data

- Usage data of the S-GE website and online platforms

In addition to the aforementioned personal data, information about turnover, number of employees, and business area can be collected and processed when acquiring membership. Where permitted, S-GE also takes data from publicly accessible sources and adds this to the relevant personal data.

The processing of the collected personal data takes place in Switzerland, in a member state of the European Union, or in another contracting state of the European Economic Area Agreement. If data processing occurs in a third country, S-GE ensures compliance with the necessary data protection regulations through appropriate measures, particularly by concluding standard contractual clauses or equivalent contractual guarantees with the relevant third parties (Art. 16 FDPA).

5. Purposes of data processing

5.1 General processing

The personal data collected by S-GE is primarily used by S-GE to provide their services and make the website and online platforms available to you. Furthermore, as a member, S-GE processes personal data to administer the membership.

Additionally, S-GE processes personal data for the following purposes, where S-GE has a corresponding and legitimate interest:

- Offering and developing offers, services, and websites, apps, and online platforms;

- Reviewing and optimizing needs analysis procedures;

- Advertising and marketing, including organizing events, fairs, and business trips

- Assertion of legal claims and defense in connection with legal disputes and administrative procedures;

- Cooperation in the prevention and investigation of crimes and other misconduct (e.g., conducting internal investigations; data analyses for fraud prevention, etc.);

- Ensuring IT operations and the security of websites, apps, and online platforms

5.2 Information, newsletter, and chat

If you have provided S-GE with your personal data, you agree to be informed by S-GE, the Swiss Business Hubs abroad, and other network partners (namely chambers of commerce, universities, etc., overview available at www.s-ge.com/network) by mail, telephone, or email about own or general economic activities. If you are no longer interested in receiving information and do not wish to be contacted, you can notify S-GE at any time.

S-GE also regularly sends emails to registered interested parties with a newsletter containing general information about markets, international business opportunities, events, and trade fairs by S-GE, etc. Subscribers who are no longer interested in receiving the newsletter may unsubscribe at any time.

S-GE operates a chat service on the websites and online platforms to promptly answer customer inquiries. The personal data transmitted in this context is used solely to process the respective request.

6.1 Cookies

S-GE uses cookies and similar technologies on their websites and online platforms to identify your browser or device. A cookie is a small file sent to your computer or automatically stored on your computer or mobile device by your web browser when you visit a website. Cookies enable S-GE to recognize you upon your return visit, even if S-GE does not know who you are.

There are two types of cookies:

• Session cookies: Used only during a session and automatically deleted after your website visit.

• Persistent cookies: Store user settings and other information for a predefined period (e.g., two years).

You can configure your browser to reject cookies, only store them for a session, or delete them early. Most browsers accept cookies by default. If you block cookies, some features of S-GE websites or online platforms may not function properly.

S-GE uses the CookieYes solution on their online platforms, enabling users to set their cookie preferences individually or reject cookies. Detailed information about the individual tools and cookies used – including providers, purpose, storage duration, and possible third-country transmissions – can be found directly in CookieYes' cookie preference center.

6.2 Server log files

The log files of S-GE websites and online platforms store access data in a log file (server log). In particular, the following data is recorded:

• Time and http status of the request

• The request that the user's browser made to the server

• The referral website (from which the user accessed the requested page)

• Product and version information of the used browser (user-agent)

The log files can be used to further develop the websites and online platforms and to identify potential errors (e.g., broken links or program errors). S-GE or third parties commissioned by S-GE can link the website and online platform page views and usages stored in the server log with individual persons if there is suspicion that users are using the websites or online platforms illegally or in breach of contract, or for the purpose of further development and optimization of their own offerings.

6.3 Security

S-GE uses a script from Fastly to protect their websites from automated access and malicious bots. This determines whether access is from a genuine user or an automated program. This serves the security and stability of the websites.

6.4 Analysis and tracking tools

S-GE uses analysis and tracking services on their websites and online platforms to understand user behavior and continually improve offerings. Third parties may track your use of these services, combine this data with information from other websites they operate or track, and use it for their own purposes (e.g., ad targeting). If you have registered with the respective third-party provider yourself, they also know you personally. S-GE does not receive any information about you as an individual from the third-party providers, only aggregated evaluations of the use of their own websites. These services are only used with your consent.

S-GE uses the following analysis and evaluation services:

• Google Analytics (Google Ireland Limited, Ireland): Measures and evaluates the use of the websites and online platforms. The IP address is transmitted anonymously. User data is stored for 30 days. More information: policies.google.com/privacy

• Hotjar (Hotjar Ltd., Malta): Analyzes user-friendliness, among others, via heatmaps and session recordings to understand user behavior on the websites.

• Google Data Studio/Looker Studio (Google Ireland Limited, Ireland): Creates analysis reports to evaluate website use and marketing activities.

• Tableau (Salesforce, Seattle/USA): Analysis software to evaluate usage data and identify companies visiting the S-GE website to acquire potential customers.

• HubSpot (HubSpot, Inc., Massachusetts/USA): Used for account-based marketing (ABM), to identify companies visiting the S-GE website and acquire potential customers.

• Microsoft Marketing (Microsoft Corporation, Redmond/USA): Used for account-based marketing (ABM), to understand the interests of the visitors who visit the S-GE website to derive potential customers.

6.5 Advertising and remarketing

S-GE uses advertising and remarketing services on their websites and online platforms to address past visitors on third party websites and report on the success of marketing measures. These services are only used with your consent.

S-GE uses the following advertising and remarketing services:

• LinkedIn Insight Tag (LinkedIn Ireland Unlimited Company, Ireland): Analysis of campaigns and website visits for marketing purposes. User data is stored for 90 days and not shared with third parties. More information: linkedin.com/legal/privacy-policy

• StackAdapt (StackAdapt Inc., Canada): Targeted engagement with relevant audiences using marketing and tracking cookies. In addition to analyzing website usage behavior and measuring advertising effectiveness, StackAdapt allows for retargeting of website visitors. More information: stackadapt.com/privacy

• Google Ads (Google LLC, USA) and Microsoft Advertising (Microsoft Corporation, USA): Used for remarketing and conversion tracking. S-GE promotes previous visitors to their websites through third-party sites (including Google and Bing), especially those who have not completed an action (e.g., filling out a contact form). The promotion appears as ads in search results, on YouTube, and in display networks. You can opt out of remarketing through the Google Ads Preference Manager or Microsoft Advertising settings at any time.

• Social Media Tags (LinkedIn, Facebook, X.com, YouTube): S-GE uses social media tags (plug-ins) from these social networks on its websites and online platforms. These tags enable detailed campaign reports and tracking of conversions for advertisements and content on social networks.

• Shirareru (Microad Co., Ltd., Japan): Targeted engagement with relevant audiences using marketing and tracking cookies. In addition to analyzing website usage behavior and measuring advertising effectiveness, Shirareru allows for retargeting of website visitors. More information: https://www.microad.co.jp/privacy/

• Teads: Targeted engagement with relevant audiences for programmatic display campaigns. More information: Teads Advertising Privacy Policy.

• Microsoft Dynamics: A script from Microsoft Dynamics is used on the S-GE website to capture visits and activities of identified or logged-in users and assigns them to the respective CRM profile. These data are used to provide personalized communication and marketing measures in accordance with applicable data protection regulations.

6.6 Map Services

S-GE uses the Google Maps (Google LLC, USA – google.com) map service on its websites and online platforms. By using S-GE’s websites and online platforms, you consent to the collection, processing, and use of data automatically collected by Google LLC, its representatives, and third parties.

6.7 Lead Forms

In connection with the use of Google Lead Form Extensions and LinkedIn Lead Gen Forms, information from users is collected and used solely for the purpose described in the respective lead forms, as long as it is consistent with this data protection statement. The collected data is neither sold nor otherwise misused. User data is stored by Google for 30 days and by LinkedIn for 90 days; they are not shared with third parties.

6.8 Email Tracking

S-GE newsletters and marketing emails may include visible and invisible image elements, where legally permissible, that allow S-GE servers to determine whether and when you have opened the email. This information helps S-GE better understand the use of its offerings and tailor communications to you more precisely. You can disable this tracking by turning off the automatic loading of images in your email program.

In addition, S-GE uses technologies on online platforms you have registered for that determine how you use the respective platform. By registering for an online platform, you expressly agree to this tracking.

6.9 Use of Artificial Intelligence (AI)

S-GE uses AI-powered technologies to further develop its services and digital offerings. S-GE employs Langdock, an AI platform that allows the use of various foundational AI models.

Purposes of Use

AI tools are used at S-GE particularly for creating and editing content (such as texts and images) for the website and other digital channels, as well as supporting internal work processes. AI-generated content that is publicly released is editorially reviewed before publication.

Data Protection and Security

The AI platform Langdock used by S-GE operates on servers within the European Union. Customer data is not used for training AI models. The platform is certified under ISO 27001, audited according to SOC 2 Type II, and GDPR-compliant. There is a data processing agreement in place between S-GE and Langdock in accordance with applicable data protection regulations.

No Automated Individual Decisions

S-GE does not make decisions based solely on automated processing that significantly affect individuals legally or in a similarly significant manner (no profiling in the sense of the revDSG).

7. Data Transfer to Third Parties

7.1 General

S-GE uses the collected personal data to enable third parties in Switzerland or abroad to carry out technical, logistical, or other services on behalf of S-GE (e.g., Swiss Business Hubs, network partners such as chambers of commerce and universities, event agencies, IT service providers, etc.). If S-GE shares your personal data with third parties, it does so when it is necessary for providing services or technical services for the website and online platforms. These third parties use your personal data only for the specified purpose or as otherwise agreed unless otherwise indicated or you explicitly agree to a different use.

If you agree to the data protection terms of third-party platforms while using S-GE services, be aware that these may differ from this privacy statement and S-GE has no influence on the data processing by these third parties.

If data is transferred to countries deemed by the Federal Council to have no equivalent level of data protection, S-GE ensures adequate safeguards before the transfer – such as data processing agreements or standard contractual clauses.

If you participate in an S-GE partner workshop, your participant data will also be transmitted to the respective partner, who may use the data for their own (marketing) purposes. The use of your data by the respective partner is not the responsibility of S-GE; relevant inquiries should be directed to the partner.

Should you download content from S-GE partner companies on the website or online platforms, S-GE may share your data with the respective partner, provided you have expressly consented.

7.2 Online Events and Activities

When participating in an S-GE online event or similar activities, other participants and speakers may, if necessary, see your data (notably in the form of video and audio transmission) as needed for the event. You acknowledge that third parties can see your data and explicitly agree to this data sharing by participating in such an event. S-GE has no control over how other participants handle this data.

Conducting Webinars and Online Events via Microsoft Teams

For conducting webinars and online events, S-GE uses Microsoft Teams, a service provided by Microsoft Corporation or Microsoft Ireland Operations Limited (EU). When participating in such events, personal data (especially name and email address) is processed by Microsoft according to their own terms of use and privacy policy. S-GE has no influence over this data processing by Microsoft.

Personal data collected during event registration (name, email address) is also processed by S-GE in its systems to manage participation and follow-up of the event. S-GE is solely responsible for this further processing. Among other uses, the data is used to gather participant feedback on the event (via Microsoft Customer Voice).

7.3 Strategic Partnership – SOS International

In the context of the strategic partnership between S-GE and SOS International, certain personal data may be transferred to SOS International. Should you download documents from the SOS International website through S-GE and register with your personal data for this purpose, you agree that SOS International may contact you for its own purposes and process your personal data.

7.4 Association Membership

All members of S-GE are published on the S-GE website in a member database. This publication may also include generally accessible data about association members. By signing the application for membership or submitting the online application form, you explicitly authorize S-GE to do so.

Sensitive data of association members, such as business purpose, market and business interests, employee functions, or revenue, will only be shared with third parties with the member's explicit consent.

7.5 Authorities

S-GE is authorized and potentially obligated to share personal data with authorities or other third parties in Switzerland or abroad if required by law or in the legitimate interest of S-GE or third parties (e.g., to assert legal claims, to prevent crimes, or to fulfill official information requirements).

8. Storage and Deletion of Personal Data

8.1 Principle

S-GE processes and stores your personal data as long as necessary to fulfill contractual and legal obligations or for other purposes pursued with processing. Once the personal data is no longer needed for the aforementioned purposes, it is generally deleted or anonymized, unless legal retention or documentation obligations oppose deletion (e.g., commercial or tax law retention periods) or there is an overriding interest of S-GE in further retention.

You can request the deletion of your personal data at any time. S-GE will comply with this request unless there are legal or contractual obligations that prevent it. You can assert your right to deletion via the contact address provided in section 2.

8.2 Applications

If an application does not lead to employment with S-GE, the submitted personal data will be retained for a period of six months and then deleted from the systems, unless legal retention obligations prevent this or you have expressly consented to longer retention (e.g., for future job offers).

9. Data Security

9.1 Technical and Organizational Measures

S-GE takes appropriate technical and organizational security precautions to protect your personal data from unauthorized access, loss, misuse, alteration, or destruction. These measures include, in particular:

• IT and network security solutions (e.g., firewalls, intrusion-detection systems)

• Encryption of data during transmission (SSL/TLS) and, where appropriate, during storage

• Access controls and restrictions so that only authorized persons can access personal data

• Pseudonymization and anonymization of data, where this is possible and reasonable

• Regular review and adjustment of security measures

S-GE limits access to confidential personal data to those employees, agents, and third parties who need them to fulfill their tasks and are obligated to confidentiality.

9.2 Data Security in Transmission

The websites and online platforms operated by S-GE use SSL or TLS encryption for security reasons and to protect the transmission of confidential content.

Please note that data transmission over the Internet (e.g., via email communication) may generally have security vulnerabilities. Complete protection against access by third parties is not possible.

9.3 Reporting Data Security Breaches

In the event of a data security breach that is likely to result in a high risk to the affected individuals, S-GE will promptly inform the affected individuals, provided this is required by law or in the interest of the individuals. In such cases, S-GE takes immediate measures to contain the incident and prevent further damage.

9.4 Responsibility of Users

If you access online services or platforms from S-GE, you are responsible for the security of your login credentials. S-GE recommends using secure and unique passwords and keeping them confidential. Please inform S-GE immediately at privacy@s-ge.com if you have any indications of misuse of your login credentials.

10. Rights of the data subjects

10.1 Overview of rights

Under the applicable data protection laws, you have the right to:

• Information: You can request information at any time on whether and what personal data S-GE processes about you (Art. 25 revDSG).

• Correction: You can request the correction of incorrect or incomplete personal data.

• Deletion: You can request the deletion of your personal data, provided there are no legal retention obligations or overriding interests of S-GE against it.

• Restriction of processing: You can request that the processing of your personal data be restricted under certain circumstances.

• Data provision and data portability: You can request the provision of personal data that you have provided to S-GE in a commonly used electronic format, provided the processing is based on your consent or to fulfill a contract and takes place by automated means.

• Objection: You can object to the processing of your personal data, especially if the processing is for marketing purposes or based on a legitimate interest.

• Withdrawal of consent: If you have given consent to the processing of your personal data, you can withdraw this at any time. The withdrawal does not affect the lawfulness of processing carried out until then.

10.2 Assertion of rights

As a rule, asserting your rights requires you to clearly prove your identity (e.g., by a copy of an ID). To exercise your rights, please contact:

Switzerland Global Enterprise (S-GE) Stampfenbachstrasse 85, CH-8006 Zurich Email: privacy@s-ge.com

S-GE will review your request and respond within the legally prescribed period.

10.3 Limitations

S-GE reserves the right to enforce the limitations provided for by law, for example, if:

• S-GE is obligated to retain or process certain personal data

• there is an overriding interest by S-GE or third parties

• the information or deletion would violate statutory retention periods (e.g., 10-year retention for business records)

• the rights of other persons would be violated

Please note that asserting your rights might contradict existing contractual agreements and have corresponding consequences, such as premature termination of the contract or cost-related implications. S-GE will inform you in advance in such a case.

10.4 Right to lodge a complaint

If you believe that the processing of your personal data violates applicable data protection law, you have the right to lodge a complaint with the competent data protection authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC), reachable at www.edoeb.admin.ch.

11. Changes to this Privacy Policy

S-GE may amend this privacy policy at any time, particularly in the event of changes in legal foundations, new processing activities, or organizational adjustments. The current version is available on the S-GE website at www.s-ge.com.

12. Translation disclaimer
This translation was generated using artificial intelligence. In the event of any discrepancies, the German version shall prevail and is the legally binding version.

We recommend that you regularly consult this privacy policy.