Privacy Policy
Protecting your personal data (data) and protecting your privacy is important to us. We handle your data responsibly. We process personal data under the Swiss Data Protection Act and, where applicable, the EU General Data Protection Regulation. Consequently, we consider it to be, of course, the Swiss federal law on data protection (DSG), the regulation of the Federal Data Protection Act (VDSG) and other applicable data protection regulations, such as the EU General Data Protection Regulation (GDPR) to comply with.
In this data protection policy, we inform you about the collection of personal data on our website and its processing offline.
We reserve the right to revise the data protection policy at any time. You can always find the latest version on the website when you visit it.
1. Contact
1.1 Identity and contact details of the controller of your data: responsible in terms of data protection law is:
Obersee Bilingual School AG
Sihleggstrasse 9
CH-8832 Wollerau
Email address: dataprotection@obs.school
2. Scope and purpose of processing personal data
2.1 Visiting our website
When you visit our site, we collect data about you through online identifiers (cookies and IP), which are stored in log files:
When you visit our website, our servers temporarily automatically store the following data in a log file, the so-called server log files:
– IP address of the requesting computer
– Entry page (website from which you came to our website)
– Browser settings
– Browser software language and version
– Date and time of access/retrieval
– Name and URL of retrieved data
– Operating system of your computer and the browser you are using
– Country from which our website is accessed
– Name of your internet access provider
– Time zone difference to Greenwich Mean Time (GMT)
– Content of the request (specific page)
– Access Status/HTTP Status Code
– the amount of data transferred in each case
– Last visited website
– Enabled browser plugins
This data is processed to enable the use of our website (connection setup) to ensure system security and stability over the long term for optimization of our offer and internal statistical purposes. A personal user profile will not be created.
The legal basis for processing your personal data is our legitimate interest in processing this data.
Non-essential cookies are not used without your consent.
2.2 Contacting us
On our website, you can contact us by e-mail or complete an application form to get in touch.
We process the information you provide on the legal basis of our legitimate interests in correspondence with you or to process your inquiry/application and their processing. This information includes your name and contact information, other essential information, identification and background information you share with us.
You can object to this data processing at any time. If you object, we will no longer process your personal data for this purpose. Submit your objection to the following e-mail address: dataprotection@obs.school
2.3 Information enquiry – Application process
You have the option of sending us your enquiry by e-mail or via our online portal. However, the enrolment process for the school takes place via an online portal which stores the data directly in our school administration system.
We will process the data you provide as part of checking and processing your enquiry. This information usually includes: your name and contact information, identification and background information about you and your child/children.
By submitting an enquiry or an application, you consent to the data you provide being processed for the purpose stated at the time of collection. The data processing thus serves to fulfil the purpose of the school and to fulfil any contracts.
You can object to this data processing at any time and withdraw the enquiry/application. If you object, we will no longer process your personal data for this purpose. Please send your objection to the following e-mail address: dataprotection@obs.school
2.4 Downloads
You have the option to download documents from the website. For this purpose, we may have your e-mail address. We use your e-mail address exclusively to send you the downloaded documents and process them on the legal basis of our legitimate interest. We do not pass them on to third parties. We process your e-mail address to process your download and its completion.
You can object to this data processing at any time. If you object, we will no longer process your data for this purpose. Submit your objection to the following e-mail address: dataprotection@obs.school
2.5 Use of customer data for marketing measures
We also use your personal data for the following purposes:
– To maintain the customer relationship with you.
– To inform you occasionally about certain projects or services.
– To recommend projects or services that may be of interest to you.
You can object to this data processing at any time. If you object, we will no longer process your personal data for this purpose. Please send your objection to the following e-mail address: dataprotection@obs.school
2.6 Provision of Contractual Services
We also process your data to the extent required in each case to provide our contractual or pre-contractual services and to implement other services you have requested. The services are always on your direct behalf rendered. The data will be collected from you personally or in consultation with you.
The personal data processed here, the type, scope, purpose and necessity of processing your data are determined by the privacy notice in the contract between you and OBS—the underlying contractual relationship. The processed data usually includes the master data (e.g. name and address), the contact data (e.g. e-mail address and telephone number), as well as the contract data (e.g. services, contract content, contractual communication, names of contact persons). The data will be deleted if they are no longer required to fulfil contractual or legal obligations, with the need to check the data at irregular intervals.
We do not use collected information for automated decision-making or profiling.
3. Cookies and Third Parties services used by our website
3.1. Cookies
Our website uses cookies and similar technologies (for simplicity, all of these are summarized under the term “cookies”). These tiny files are saved on your computer, tablet computer or smartphone when you visit it. In this way, the portal can save specific entries and settings (e.g. login, language, font size and other viewing preferences) over some time, and you need them not to be applied again on each subsequent visit and when navigating in the portal.
Most of the cookies we use are so-called session cookies. These will automatically deleted when you log out or close the browser. Other cookies remain stored on your computer beyond the respective usage process and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit to our website.
As far as other cookies (e.g. cookies for analyzing your surfing behaviour) are stored, they will be treated separately, as explained in this data protection policy.
You can refuse unnecessary cookies by selecting the appropriate settings in your browser and cookies toolbar. Please note, however, that this can affect the possibilities regarding using our website.
We use the Borlabs cookie banner (Borlabs Cookie) to obtain your consent to the use of cookies. For more information on how Borlabs Cookie stores data, see What data does Borlabs Cookie store? For more information about cookies and how you can manage, reject or delete them, please visit www.allaboutcookies.org.
Most internet browsers are regularly set to accept cookies. If you do not want this, you can set your browser to inform you about the setting of Cookies, and you allow the acceptance of cookies for certain cases only in individual cases or rule them out in general. You can also have the cookies automatically deleted. Enable closing of the browser. You can also use cookies that have already been set at any time to delete an internet browser or other software program. The procedure for Controlling and deleting cookies depends on your browser. Information on this can be found in the help menu of your browser. You can use the links below to learn more about this facility for the most used.
Inform browsers:
Explorers
Firefox
Google Chrome
safari
Opera
3.2. Google Services
We use the following services from Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, or if your habitual residence is in the European Economic Area (EEA) or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”):
– Google Web Fonts
– reCAPTCHA
Google uses cookies. The cookies used by Google enable us to analyze the use of our website. The information generated by the cookie about your use of our website (including your IP address) is sent to a Google server in Switzerland, Ireland or the USA and stored there.
You can find more information about Google services here: Datenschutzerklärung – Datenschutzerklärung & Nutzungsbedingungen – Google.
Google web fonts
To display our content correctly and graphically appealing across browsers, we use script libraries, font libraries, and Google Webfonts on our website to display writing. Google web fonts are cached in your transfer browser. Content is displayed in a standard font if your browser does not support Google Webfonts or access is prevented. Calling scripts or font libraries automatically releases a connection to the librarys’ operator. It is theoretically possible – but currently, it is also unclear whether and if necessary, for what purposes – that the operator collects Google data in this case.
We do not collect any personal data through the integration of Google Webfonts. For more information about Google Web Fonts, see Frequently Asked Questions Frequently Asked Questions | Google Fonts | Google Developers and in Google’s privacy policy: Datenschutzerklärung – Datenschutzerklärung & Nutzungsbedingungen – Google.
You can object to data processing by Google Webfonts by executing Disable JavaScript in your browser or installing a JavaScript blocker. Please note that this can lead to functional restrictions on the website.
reCAPTCHA
Captcha is an abbreviation for “Completely Automated Public Turing test to tell Computers and Humans Apart” (fully automated public Turing test to distinguish computers from humans)—a test designed to distinguish people from machines/robot programs, or “bots” for short. reCAPTCHA is a service that tries to indicate whether a particular action on the Internet is performed by a human or by a computer program. reCAPTCHA will be part of the double opt-in when submitting forms on our website.
Further information on data processing and reports on data protection through reCAPTCHA can be found under Datenschutzerklärung – Datenschutzerklärung & Nutzungsbedingungen – Google
3.3. Social Plugins
Based on our legitimate interests, we use the following social media on our website
Plugins (Plugins):
– LinkedIn Inc., Ireland Unlimited Company, Dublin 2, Ireland
– YouTube
– X (aka Twitter)
Our website only integrates these plugins as an external link. An edit of your personal data only takes place when you click on the integrated plugins. You will then be forwarded to the website of the respective provider. We do not influence data that is then collected by the social networks. Please only click on the plugins if you want the providers mentioned to receive your data.
You can use the “Block third-party cookies” function in your browser settings. Then, your browser will not send any cookies to the respective social network server. With this setting, however, other plugins may no longer work for other providers’ cross-site functions.
For further information on the purpose and scope of data collection and further processing and use of your data, please refer to the data protection notices of the respective networks. There, you will also find additional information on your rights in this regard
Setting options to protect your privacy and your right to object to the creation of user profiles:
LinkedIn Datenschutzrichtlinie
4. Disclosure of data to third parties
We treat your data strictly confidential and only pass it on based on your consent to comply with our legal obligations or to pursue a legitimate interest.
In particular, we may transfer your data to:
– IT service providers for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our site or suppliers of customer relationship management systems
– Third parties to whom we have outsourced support services, e.g. providers of educational programmes (edTech).
– Google Services
– Regulatory and other state authorities, if required by legal or statutory requirements.
We will only disclose your data to the extent that this is strictly necessary to achieve the intended purpose. We have taken all the required measures to ensure that external service providers with access to your data have implemented physical, electronic and managerial security measures to protect your data.
This is necessary for enforcing our rights, particularly for enforcing claims from the contractual relationship.
In addition, we pass on your data to third parties insofar as this is part of the use of the website or to provide the services you have requested (including outside the website) if necessary or appropriate.
We pass on your data to the following categories of recipients:
– IT service provider
– Third parties that we use to provide other services that we provide
– consultants, law firms and trustees
– Third parties involved in the implementation or organization of events and seminars
– authorities and courts, if applicable
When passing on to third parties, the legal regulations for passing personal data to third parties are of course complied with. Suppose we use processors to process personal data. In that case, we take appropriate legal precautions and corresponding technical and organizational measures to protect your data by relevant statutory provisions.
5. Data transfer abroad
Suppose we transmit data to a country that does not have appropriate data protection. In that case, we ensure a proper level of security by employing contracts accordingly, or we act based on the following statutory/legal exemptions: consent, the performance of the agreement, the establishment, execution or enforcement of legal claims, overriding public interests, published personal data, or the need to protect the integrity of the persons in question.
Suppose we also transfer your data to third parties abroad (i.e. outside of Switzerland or the European Economic Area (EEA)). In that case, these are to the same extent as we must comply with data protection. If data protection in the country concerned has no appropriate level of protection, we ensure that the security of your data is at such level.
We make this security in particular by concluding so-called Standard data protection clauses of the EU Commission with the companies concerned and by the Presence of Binding Corporate recognized by European data protection authority Rules (BCR) at the companies involved and through the existence of further guarantees that comply with applicable law. Where this is not possible, we support data transfer to your express consent or the necessity of the transmission for the fulfilment of the contract.
6. Retention Period
Personal data is stored for as long as there is a legal obligation to retain it. In addition, personal data is stored as long as it is necessary for the purpose for which it was collected and as long as there is a legitimate interest in the personal data, e.g. to implement or defend legal claims, for archiving purposes, for IT security or to check conflicts of interest.
We will keep data in our database for at least one year from the last interaction date.
If we conclude a contract, we will not keep personal data for more than five years, calculated from the moment of termination of the agreement, except for documents that are subject to storage conditions imposed by national law (e.g. accounting data)
The data they will share with social media networks will be stored according to their policies.
The session cookies are deleted when the browser is closed, but the persistent ones may have a different lifetime, which differs depending on the role of the cookie.
7. Where do we store your data
The data we receive through our website will be stored locally and on cloud servers, provided by Microsoft Azure on servers in Germany and by PCloud on servers in Luxembourg.
The data transmitted through social media networks will be stored according to their policies.
The information generated by the cookie about how you use the website will be transmitted to and stored by Google according to its policy.
We process and store your data only for the period necessary to achieve the stated purpose or where required by law or regulation, which we are subject to. If there is no storage purpose or a prescribed one is running From the retention period, your data will be routinely processed and blocked or deleted by the statutory regulations.
In addition, we delete your data if you ask us to do so, and we are not required to retain it by law or have any other obligation to maintain or secure this personal data.
8. Data Security
We take technical and organizational security precautions to protect your data from manipulation, loss, destruction or access by unauthorized persons and to ensure the protection of your rights and compliance with the applicable data protection regulations. The measures taken are intended to safeguard the confidentiality and integrity of your data and the availability and resilience of our systems and services when processing your data. They are also designed to quickly restore the availability of your data and ensure access to them in the event of a physical or technical incident.
Our security measures also include the encryption of your data. At the transmission of your data to us, it is encrypted by Transport Layer Security (TLS) /Encryption Https. All the information you enter online is processed through an encrypted transmission route. This means that this information cannot be shared with anyone or can be viewed by unauthorized third parties.
Continuously adapted technological developments carry out our data processing and security measures. We also take our in-house data protection very seriously. Our employees and the service companies we engage are committed to confidentiality and compliance with data protection regulations. In addition, they will have access to the personal data only granted to the extent necessary.
9. Use of the Website by Minors
This website is intended for an adult audience. Children under the age of 16 are prohibited without the consent of their parents or legal guardians from transmitting their data to us or registering for a service. If we determine that such data has been transferred to us, it will be deleted immediately.
The parents (or legal representative) of the child can contact us at the following e-mail address Contact and request deletion or deregistration: dataprotection@obs.school
10. Your Rights
You have the following rights concerning your data:
– Right to information: You have the right to know why your data is collected, what happens to it and how long it will be kept.
– Right to rectification: You have the right to request that OBS correct any information you believe is inaccurate. You also have the right to ask us to complete information you think needs to be completed.
You have the right to supplement your data at any time correct, delete or block;
– Right to erasure: You have the right to demand to have your data erased at any time;
– Right to transfer of your data: You have the right to request that KHM transfer the data we have collected to another organization or directly to you under certain conditions.
You have the right to have all your data from the form to request the processing and entirely to another responsible for the processing to those responsible (data portability).
– Right to object processing: You have the right to object to OBS’s processing of your data under certain conditions.
You can object to the processing of your data. We hold us unless there are legitimate reasons for processing.
If you have consented to collecting, processing, or transferring your personal information for a specific purpose, you may withdraw your consent for that specific processing at any time. Once we have received notification that you are revoking your consent, we will no longer process your personal data for these purposes unless we have another legitimate interest.
Send your request regarding your data to the following e-mail address: dataprotection@obs.school
If you make a request, we have one month to respond.
Please note that granting these rights can sometimes be refused or restricted for legal reasons or based on data protection law. We can refuse to provide information to the extent that data protection law or other laws, particularly the attorney-client privilege, allow or require us to do so. If legally required or permitted, we will inform you of the reasons for our decision.
Suppose you believe that we have yet to deal with your inquiry or concern to your satisfaction or need to process your data by data protection regulations. In that case, you can contact Switzerland’s responsible supervisory authority, the Federal Data Protection and Information Commissioner.
Right to withdraw consent: If you have permitted us to process your data, you can revoke this consent and delete personal data. You can also contact a local supervisory authority in Switzerland, the Federal Office Data Protection and Information Officer, to lodge a complaint if you believe that processing your personal data violates data protection law.
Customize cookie & privacy settings