Privacy Policy

Last updated: 20.02.2025

We place great value on transparency in handling personal data. This privacy policy explains which personal data we collect, for what purposes, and to whom we may disclose it. To ensure high transparency, this privacy policy is regularly reviewed and updated.

1. Services We Use

• YouTube

2. Contact Information

If you have questions or concerns about the protection of your data by us, you can contact us at any time by email at shc@swisscyberstorm.com or by mail:

Swiss Cyber Storm
Eichhofweg 3
6205 Eich
Switzerland

3. General Principles

3.1 What Data Do We Collect From You and Where Do We Get It?

Primarily, we process personal data that you provide to us or that we collect during the operation of our website. In some cases, we may also receive personal data about you from third parties. These can include the following categories:

• Personal data (name, address, date of birth, etc.)
• Contact data (mobile number, email address, etc.)
• Financial data (e.g., account information)
• Online identifiers (e.g., IP addresses)
• Location and traffic data

3.2 Under What Conditions Do We Process Your Data?

We handle your data confidentially and in accordance with the purposes set out in this privacy policy. We ensure a transparent and proportionate processing of your data.

If we are exceptionally unable to follow these principles, data processing may still be lawful if there is a justifiable reason. Justifiable reasons include:

• Your consent
• The execution of a contract or pre-contractual measures
• Our legitimate interests, provided your interests do not outweigh them.

3.3 How Can You Withdraw Your Consent?

If you have given us consent to process your personal data for specific purposes, we will process your data within the framework of this consent unless we have another legal basis.

You can withdraw your consent at any time by sending an email to the address listed in the imprint. Data processing that has already occurred will not be affected.

3.4 When Can We Disclose Your Data to Third Parties?

a. Principle

We may need to rely on third-party services or affiliated companies for data processing (so-called processors). Categories of recipients may include:

• Accounting, trust, and auditing companies
• Consulting companies (legal advice, taxes, etc.)
• IT service providers (web hosting, support, cloud services, website design, etc.)
• Payment service providers
• Providers of tracking, conversion, and advertising services

We ensure that these third parties and our affiliated companies comply with data protection requirements and handle your personal data confidentially.

In some cases, we may also be required to disclose your personal data to authorities.

b. Visiting Our Social Media Channels

We may have embedded links to our social media channels on our website. This is typically visible through corresponding symbols. By clicking on the symbols, you will be redirected to our social media channels.

In this case, social media providers will learn that you accessed their platform from our website. Social media providers may use this data for their own purposes. We want to point out that we have no knowledge of the content of the transmitted data or how the operators use it.

c. Data Transfer Abroad

In some cases, data transfer to companies abroad may occur as part of processing activities. These companies are bound by the same data protection obligations as we are. Data transfer can occur worldwide.

If the level of data protection in the recipient country is not equivalent to Switzerland’s, we will assess the risk beforehand and contractually ensure that the same level of protection is guaranteed (e.g., using the EU Commission’s standard contractual clauses or other legally required measures). If our risk assessment is negative, we will take additional technical measures to protect your data. You can access the EU Commission’s standard contractual clauses at the following link: https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_de

3.5 How Long Do We Keep Your Data?

We store personal data only as long as necessary to fulfill the purposes for which the data was collected.

Data stored during your visit to our website will be retained for twelve months. Exceptions apply to analysis and tracking data, which may be stored longer.

We store contract data longer as we are legally obligated to do so. Specifically, we must retain business correspondence, concluded contracts, and booking records for up to 10 years. If we no longer need such data for the provision of services, it will be locked and only used for accounting and tax purposes.

3.6 How Do We Protect Your Data?

We will securely store your data and take all reasonable measures to protect it from loss, access, misuse, or modification.

Our partners and employees who have access to your data are required to comply with data protection regulations. In some cases, we may need to forward your requests to affiliated companies. Even in these cases, your data will be treated confidentially.

On our website, we use the SSL (Secure Socket Layer) protocol in conjunction with the highest encryption level supported by your browser.

3.7 What Rights Do You Have?

a. Right to Information

You can request information about the data we store about you at any time. Please send your request along with proof of identity to shc@swisscyberstorm.com.

You also have the right to receive your data in a common file format if we process it automatically and if:

• You have given consent for the processing of this data, or
• You have provided the data in connection with the conclusion or execution of a contract.

We may limit or refuse to provide information if this conflicts with our legal obligations, legitimate interests, or the interests of third parties.

The processing of your request is subject to a legal processing time of 30 days. However, this period may be extended due to high request volumes, legal or technical reasons, or if we need further details from you. You will be informed about the extension in writing.

b. Deletion and Correction

You can request the deletion or correction of your data at any time. We may refuse the request if legal provisions require us to retain the data for a longer period or if a legal basis contradicts your request.

Please note that exercising your rights may conflict with contractual agreements and may impact the contract’s execution (e.g., premature contract termination or financial consequences).

c. Legal Recourse

If you are affected by the processing of personal data, you have the right to enforce your rights through legal means or to file a report with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch

3.8 Changes to the Privacy Policy

We may change this privacy policy at any time. Changes will be published on https://www.swiss-hacking-challenge.ch/privacy, and you will not be separately notified.

4. Specific Data Processing Activities

4.1 Providing the Website and Creating Log Files

What Information Do We Receive and How Do We Use It?

By visiting https://www.swiss-hacking-challenge.ch, certain data is automatically stored on our servers or servers of services and products we use or have installed. This data is stored for system administration, statistical, backup, or tracking purposes. This includes:

• The name of your internet service provider
• Your IP address (if applicable)
• Your browser software version
• The operating system of the computer accessing the URL
• The date and time of access
• The website from which you accessed the URL
• The search terms you used to find the URL

Why Are We Allowed to Process This Data?

This data cannot be assigned to any specific person, and no data is merged with other sources. The log files are stored to ensure the functionality of the website and to ensure the security of our information technology systems. This constitutes our legitimate interest.

How Can You Prevent Data Collection?

The data will be stored only as long as necessary for the purpose for which it was collected. Accordingly, the data will be deleted after each session. The storage of log files is essential for the operation of the website, and you cannot object to this.

4.2 YouTube

On our website, videos from YouTube, a platform of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”), are embedded. When the videos are displayed or the play button is clicked, data including your IP address and information about your browser will be transmitted to Google’s servers and stored there. This data is used to provide the video, monitor performance, and improve user experience.

If you are logged into your YouTube account, YouTube can directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.

BrainBox Generators

BrainBox Generators is a service of BrainBox Solutions GmbH to identify all data protection-relevant services on a website, including assisting in creating the privacy policy. No personal data is collected or processed in this process.