Privacy Policy
1- Data controller
Data processing is the responsibility of Mr. David Claivaz. For any request relating to data protection, you can write to us at the following address: chemin de Préville 3,1003 Lausanne – email: info@lemania.ch
2- Purposes of data processing
We collect, process and store your personal data to the extent that this is necessary for the conclusion and performance of the contract and meets our internal guidelines, in particular for the following purposes:
– Delivery of education and management of the operation of the school
– Management of student files
– Operation of electronic educational platforms
– Communication with authorities, federations, training partners, companies hosting trainees, accreditation bodies and third parties (e.g. employers)
– Updating the directory of former students and communicating with them
– Archiving of personal data (e.g. diplomas)
We may also process your personal data in particular for the following purposes:
– Communication with third parties and processing their requests (e.g. applications, media requests)
– Verification and optimization of direct communication with customers, as well as collection of personal data from publicly accessible sources for canvassing purposes
– Advertising and marketing (including organization of events), as long as you have not objected to this use of your data
– Exercise and enforcement of rights, as well as defense in the event of a legal dispute or administrative procedure
– Prevention and investigation of punishable acts and other reprehensible acts (e.g. carrying out internal investigations, disciplinary investigations, etc.)
– Guarantee of our operation, particularly in terms of IT, and of our websites, use of messaging services such as SMS, applications and other platforms, and development of their use
– Automatic use of cookies/tracking devices and other technologies, for the purpose of collecting and storing data relating to educational platforms
– Video surveillance with the aim of guaranteeing the right of domicile and other measures intended to ensure the security of computer systems, buildings and installations as well as the protection of our staff, third parties and values in our possession or under our responsibility (e.g. access control, network security system, email analysis tool).
– Purchase and sale of business areas, companies or parts of companies and other transactions under corporate law which give rise to a transfer of personal data as well as corporate management and compliance measures legal and regulatory obligations.
If you have consented to the processing of your personal data for certain purposes (e.g. for the publication of photographs and videos), we process these within the framework and on the basis of this consent, to the extent that we have no other legal basis and where a legal basis is necessary. Any consent given may be withdrawn at any time, without affecting previous processing and uses of data.
3- Transfer and communication of data abroad
As part of our business activities and the purposes referred to in point 2, we also communicate data to third parties. The recipients include:
– People requesting personal contact details for the organization of alumni events, as long as you have not objected to the communication of your data
– Other clients in the school setting
– Swiss or foreign authorities, official services or courts, e.g. ex. to assert and collect debts
– The media
– The public, in particular visitors to our websites and our social networks
– Other parties in the context of possible or ongoing legal proceedings
If a recipient is located in a country where data protection law is insufficient, he or she contractually undertakes to respect the applicable rules in this area. An exception may apply to legal proceedings abroad, but also in cases where the public interest is overriding or if the performance of a contract requires that your data be communicated, you have given your consent or This is data that you have made publicly accessible and of which you have not refused processing.
4- Duration of retention of personal data
We process and store your personal data for as long as this is necessary for the performance of our contractual (both at the stage of establishment and execution and termination of the contract) and legal obligations (e.g. obligations legal retention and documentation requirements), compliance with our internal directives or the achievement of objectives requiring data processing.
In this context, personal data may be stored for as long as third parties can assert claims against our company and to the extent that we are otherwise legally obliged to do so or our commercial interests legitimate reasons require it (e.g. for evidentiary and documentation purposes). As soon as your personal data is no longer necessary for the purposes mentioned above, they are in principle and wherever possible deleted or anonymized.
5- Data security
We adopt appropriate technical and organizational security provisions to protect your data from unauthorized access or misuse.
6- Obligation to make personal data available
In order for us to establish and perform a contract with you (or the person representing you), you must provide us with the necessary personal data and authorize us to process some of this particularly sensitive data (as part of a declaration of separate consent). Any consent to data processing granted to us can in principle be withdrawn at any time. However, in the event of withdrawal of consent essential to the execution of the contract, this cannot be continued. In this case, we reserve the right to terminate the said contract (see also point 8 below).
7- Profiling and automated decision making
In principle, we do not use fully automated decision-making for the establishment and execution of the business relationship or any other aspect (as provided for in Art. 22 GDPR). If we use such devices in individual cases, we will notify you specifically, to the extent required by law, and inform you of the corresponding rights.]
8- Rights of data subjects
You have the following rights:
– Access, rectification, erasure
– Limitation of data processing
– Objection to the processing of data by us, in particular for direct marketing purposes and other legitimate interests in the processing
– Transmission of certain personal data with the aim of providing them to a third party (“data portability”)
Please note, however, that we reserve the right to assert for our part the limitations provided for by law, in particular when we are required to store or process data, when there is an overriding interest for us in said processing (in the to the extent that we are entitled to rely on this ground) or when we need this data to assert our rights.
Please also note that the exercise of these rights may conflict with certain contractual provisions and, therefore, result in consequences such as early termination of the contract or additional costs. If applicable, we will inform you in advance in the absence of an existing contractual provision.
To exercise these rights, you must prove your identity. If you wish to assert your rights, you can write to us at the address indicated in point 1.
Any data subject may also assert their rights in court or file a complaint with the competent data protection authorities. The competent authority for data protection in Switzerland is the Federal Data Protection and Transparency Commissioner (www.edoeb.admin.ch).
9- Entry into force
This privacy policy comes into force on 1.11.2023