1. Why Data Protection Information
The following Data Protection Information provides an overview of the collection and processing of your data. Throughout this Information, “personal data” refers to all information collected that is related to your person. We would like to use the following Information to explain how we process your personal data. In addition, we would like to give you an overview of your rights under the European Data Protection Law. Which data are processed in detail and how they are used depends largely on the services requested or agreed to.
2. Responsible body – Who can I contact?
The company responsible for the processing of your personal data is PhACT GmbH, Christoph Merian-Ring 11, 4153 Reinach/Switzerland.
Dr. Barbara Jentges
Christoph-Merian Ring 11
Phone: 0041 – (0) 61 717 14 15
3. Where do we obtain personal data from?
We process personal data that we receive from our customers and interested parties in the course of our business relationship. Furthermore, if this is necessary for the provision of our services, we process personal data that we may obtain from publicly accessible sources or that was submitted to us by third parties.
4. What types of personal data are processed?
The personal data we process includes various categories of personal data such as master data (e.g. name, address, date of birth, email address), order data (e.g. order and invoice number and date), data on the use of our elearning courses (e.g. performance and test results), correspondence with you, advertising and sales data and other data comparable with these categories.
5. For what purpose and on what legal basis do we process your data?
We process your personal data in accordance with the regulations, including the EU General Data Protection Regulation (GDPR) for the following purposes
On the basis of your consent (Article 6 Para. 1 a of the GDPR): lf you have given us consent to process personal data for certain purposes (e.g. within the scope of using the learning platform), the legitimacy of this processing is given on the basis of your consent. You may revoke your consent at any time.
To fulfil contractual obligations (Article 6, Para. 1 b of the GDPR): We process data in order to fulfil our contractual obligations to provide services for our customers or to carry out contractual measures that are taken on request. The purposes of data processing are primarily governed by the specific product (e.g. use of the learning platform or ordering via our Online Shop) or the type of our service and are regulated in our respective General Terms and Conditions (GTCs).
Due to legal requirements (Article 6 Para. 1 c of the GDPR) or in the public interest (Article 6 Para. 1 e of the GDPR): PhACT is subject to different legal obligations, such as commercial and fiscal retention obligations. The purposes of processing include inter alia the fulfilment of fiscal control and reporting obligations.
In the context of balancing of interests (Article 6 Para. 1f of the GDPR): As far as required, we process your data beyond the actual fulfilment of the contract to protect legitimate interests of ours or of third parties, for example:
Revision and improvement of procedures for general business management and further development of products and service
Advertising, market and opinion research, provided you have not objected to the use of your data
Assertion of legal claims and defence in legal disputes
Elimination, investigation and prevention of criminal offences
Maintenance of the EDP (incl. the learning platform) and ensuring IT security
The data collected is evaluated for the purpose of improving training.
The data collected are used in the context of potential identification within the context of personnel development of our customers.
6. Who gets my data (recipient)?
The transfer of data to third parties for purposes other than those mentioned in point 5 does not take place. The data passed on may be used by the third party exclusively for the purposes mentioned.
7. ls data transferred to a third country or to an international organisation?
The data we collect is processed in Switzerland. An active data transfer to other countries outside the EU or the EEA (so-called third countries) only takes place if this is necessary for the execution of your orders or is prescribed by law (e.g. tax reporting obligations), you have given us consent or in the context of an order data processing. lf Service Providers are deployed in third countries, they are obliged to comply with the data protection level pursuant to the GDPR in addition to instructions in writing in the Agreement.
8. How long will my data be stored?
The personal data collected by us for contacting you or in the context of our business relationship will be deleted if it is no langer necessary for the purposes for which it was collected or otherwise processed , at the latest upon expiry of statutory retention periods, unless a longer storage period is necessary for the fulfilment of legal obligations or for the enforcement, exercise or defence of legal claims or storage in accordance with Art. 6 Para. 1 sentence 1 lit. a of the GDPR.
9. What data protection rights do I have?
Each data subject has the following rights under the GDPR:
Right of access (Article 15 of the GDPR)
Right to correction (Article 16 of the GDPR)
Right to deletion (Article 17 of the GDPR)
Right to restrict processing under (Article 18 of the GDPR)
Right to data transferability (Article 20 of the GDPR)
Right of objection (Article 21 of the GDPR)
Right of appeal (Article 77 of the GDPR)
You can revoke your consent to the processing of personal data at any time. In case of using our learning platform, the revocation can lead to the full functionality of the learning platform no longer being available. A repayment or partial repayment of fees is not possible in this case. Provided that the processing occurs within the context of an employment contract, the right of withdrawal can be limited.
10. ls there an obligation for me to provide data and what are the possible consequences of not providing data?
Within the context of our business relationship, you must provide those items of personal data that are necessary for the establishment and implementation of a business relationship and the fulfilment of the associated contractual obligations or that we are legally obliged to collect. Without these items of data, we will usually have to refuse the conclusion of the contract or the execution of the order or we will no longer be able to execute an existing contract and may have to terminate it.
11. Automated decision making (including profiling)
In principle, we do not use fully automated decision making according to Article 22 of the GDPR for the establishment and implementation of the. business relationship. Should we use these procedures in individual cases, we will inform you separately, insofar as this is required by law. Within the scope of elearning courses, no profiling in the sense of the GDPR takes place. Here, tests can form the basis for the proof of the required qualification for the completion of a course. Tests are evaluated automatically. The test questions are technically compiled by the course instructors for the individual course.
12. Information on your right of objection pursuant to Article 21 of the GDPR
12.1 Individual case-related rights of objection
You have the right, for reasons arising from your particular situation, to object at any time against the processing of your personal data, which on the basis of Article 6 Para. 1 e of the GDPR (data processing in the public interest) and Article 6 Para. 1f of the GDPR (data processing on the basis of a balancing of interests). This also applies to profiling based on this determination within the meaning of Article 4 Para. 4 of the GDPR. lf you object, we will no langer process your personal data, unless we can prove compelling legitimate reasons for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise, or defend legal claims.
12.2 Right to object to the processing of data for advertising purposes
In individual cases, we process your personal data for direct marketing purposes. You have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling, insofar as it is connected with such direct advertising. lf you object to the processing of your personal data for direct marketing purposes, we will no longer process your personal data for these purposes. The objection can be sent in any form by email to email@example.com.
13. Additional Data Protection Information for users of our website
When you visit our website www.phact.ch the browser used an your device sends certain technical data to the web server of our website in a so-called logfile fan. This data includes the IP address and operating system of your device, the data, the access time, the type of browser and the browser request including the origin of the request (referrer). This is necessary for technical reasons to make our website available to you . Our Web Hosting Provider protects this data with technical and organisational measures against unauthorised access and does not pass it on to third parties.
When using our websites, cookies may be stored by your Browser. By using our website you agree to this procedure.
A cookie is a short text snippet sent from a website you visit to your browser. For example, it stores information about your last visit, such as your preferred language or other settings. This will help you to find your way around the website faster and more effectively the next time you call it up.
Cookies play an important role. Without them, surfing the web would often be frustrating. Cookies can also be used on our pages to analyse the website usage. This enables us to optimise our website and deliver more targeted relevant content.
Cookies on our websites do not serve to collect personal or customisable data.
You can specify how cookies are processed by setting your cookie preferences. The steps differ depending on the web browser; please follow the instructions in your browser settings:
Click on the “Chrome” menu in the toolbar of your browser. Select “Settings”. Click “Showadvanced settings”. In the “Data Protection” section click an “Content Settings”. In the “Cookies” section select one of the following cookie settings:
Delete local data after exiting the browser
Disable local data storage for all websitesAllow local data storage
Keep local data and website data by default until the browser is closed
Exceptions for cookies and website data.
Open Firefox and open the Firefox menu.
Select the Data Protection settings and then in the drop-down menu “Create time-line by user-defined settings”.
Now you can disable and enable cookies, and then further refine the settings under “Accept cookies from third parties” and “Keep until”.
Microsoft Internet Explorer
Click on Tools and select “Internet Options”.
Click an the “Data Protection” tab, under Settings move the slider up, to block all cookies or down to accept all cookies.
Click the “OK” button.
Select Safari and “Preferences”.
Click on “Data Protection”.
In the “Block Cookies” section, specify whether and when Safari should accept cookies from web pages.
For an explanation of the options, click on Help (question mark).
Note: To see which websites store cookies onyour computer, click on Details. lf you set Safari to block cookies, you may need to temporarily accept cookies, to open a page. Repeat the above steps and click on Never. When you have finished, block the cookies again and remove the cookies from the page.
13.2 Google Analytics
Deactivating Google Analytics
As a user of this website you have the possibility to object to the use of Google Analytics Services. Here are the following options available for this:
Disable the collection of data from Google Analytics for this website: By clicking on this opt-out link you disable the collection of data by Google Analytics for this web page.
You can find more detailed information at
Some error has occured.