Privacy policy

With this privacy policy, we inform you about the processing of personal data in connection with our activities and operations, including our website, https://www.consultingbsd.com. We specifically detail why, how, and where we process personal data. We also provide information about the rights of individuals whose data we process. Additional privacy policies and other legal documents such as Terms and Conditions (T&C), Usage Terms, or Participation Terms may apply to specific or additional activities and operations.

1. Contact addresses

Responsible for the processing of personal data:

David Barreto Schmidt
Barreto Schmidt Consulting Services LCC
Chamerstrasse 172
6300 Zug
Switzerland

We will notify you if, in individual cases, there are other responsible parties for processing personal data.

Data Protection Officer:
We have the following Data Protection Officer as a contact point for affected individuals and as a point of contact for supervisory authorities for data protection-related inquiries:

David Barreto Schmidt
Barreto Schmidt Consulting Services LCC
Chamerstrasse 172
6300 Zug
Switzerland

2. Terms and legal basis

2.1 Terms

Personal data refers to all information that relates to a specific or identifiable person. An affected person is an individual whose personal data is processed. Processing refers to any handling of personal data, irrespective of the means and methods used, including storage, disclosure, acquisition, collection, deletion, storage, alteration, destruction, and use of data.

2.2 Legal basis

We process personal data in accordance with Swiss data protection laws, particularly the Federal Data Protection Act (DSG) and the Ordinance to the Federal Data Protection Act (VDSG).

3. Type, scope and purpose

We process personal data that is necessary to carry out our activities and operations continuously, user-friendly, securely, and reliably. Such data may include categories like personal, contact, browser, device, content, meta, or marginal data, usage data, location data, sales data, and contract and payment data.
We process this data for the duration required for the respective purposes or as required by law. Personal data that is no longer needed for processing is anonymized or deleted.
We may process personal data through third parties or share it with third parties. These third parties are specialized providers whose services we use. We ensure data protection with these third parties.
We only process personal data with the consent of the affected person, unless processing is permissible for other legal reasons. For example, processing without consent may be permissible to fulfill a contract with the affected person and for related pre-contractual measures, to protect our overriding legitimate interests, because processing is apparent from the circumstances, or after prior information. In this context, we process information that an affected person voluntarily provides to us when contacting us, such as by postal mail, email, instant messaging, contact forms, social media, or telephone, or when registering for a user account. We may store such information in an address book, a Customer Relationship Management (CRM) system, or similar tools. When we receive data about other individuals from other people, the people who provide the data are required to ensure data protection for those individuals and to ensure the accuracy of this personal data.
We also process data that we receive from third parties, obtain from publicly accessible sources, or collect during the exercise of our activities and operations, to the extent that such processing is legally permissible.

4. Personal data abroad

We generally process personal data in Switzerland. However, we may disclose or export this data to other countries, especially for processing or having it processed.

We may transfer data to any state or territory on Earth or elsewhere in the universe, provided that the local law, as assessed by the Swiss Federal Data Protection and Information Commissioner (FDPIC) or based on a decision of the Swiss Federal Council, guarantees adequate data protection.
We may transfer personal data to countries where the law does not guarantee adequate data protection if there are other suitable safeguards, such as appropriate contractual agreements, based on standard data protection clauses, or other appropriate guarantees. Exceptionally, we may export personal data to countries without adequate or suitable data protection, if the special data protection requirements are met, such as the explicit consent of the affected person or a direct connection with the conclusion or fulfillment of a contract. Upon request, we will provide affected individuals with information about any guarantees or provide a copy of such guarantees.

5. Rights of affected individuals

Affected individuals, whose data we process, have rights according to Swiss data protection laws. This includes the right to access, correct, delete, or block the processed personal data. Affected individuals, whose personal data we process, have the right to file a complaint with a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Swiss Federal Data Protection and Information Commissioner (FDPIC).

6. Data security

We implement appropriate technical and organizational measures to ensure data security commensurate with the respective risk. However, absolute data security cannot be guaranteed in practice. Access to our website is secured using transport encryption (SSL/TLS, specifically HTTPS). Most browsers indicate transport encryption with a padlock icon in the address bar. Like all digital communications, our digital communication is subject to mass surveillance without cause or suspicion, as well as other surveillance by law enforcement agencies in Switzerland, Europe, the United States of America (USA), and other countries around the world. We cannot directly influence the processing of personal data by intelligence services, law enforcement agencies, and other security authorities.

7. Website usage

7.1 Cookies

We may use cookies. Cookies, both first-party and third-party cookies, are data stored in the browser. Such stored data need not be limited to traditional text-based cookies. Cookies can be stored in the browser temporarily as "session cookies" or for a specified period as "persistent cookies." Session cookies are automatically deleted when the browser is closed. Persistent cookies have a specified storage duration. Cookies enable the browser to recognize our website upon a return visit, allowing us to measure the reach of our website, among other things.
However, our website may not be fully functional without cookies. We request your explicit consent for the use of cookies, at least when and to the extent necessary.
For cookies used for success and reach measurements or advertising, many services offer a general opt-out (AdChoices, Network Advertising Initiative, YourAd-Choices, Your Online Choices).

7.2 Server log files

For each access to our website, we can capture the following information, as sent by your browser to our server infrastructure or as determined by our web server: date and time, including the time zone; Internet Protocol (IP) address; access status (HTTP status code); operating system, including interface and version; browser, including language and version; individual sub-page of our website accessed, including transferred data volumes; last website visited in the same browser window (referer or referrer). We store such information, which may constitute personal data, in server log files. The information is necessary to provide our website continuously, user-friendly, and reliably, to ensure data security, and in particular to protect personal data, even through third parties or with the help of third parties.

7.3 Pixel tracking

We may use pixel tracking on our website. Pixel tracking is also known as web beacons. Pixel tracking, including those from third parties whose services we use, are small, typically invisible images that are automatically retrieved when visiting our website. Pixel tracking can capture the same information as in server log files.

7.4 Comments

We allow you to publish comments on our website. In this context, we process the information that a commenting individual sends to us, including the Internet Protocol (IP) address, date, and time. This information is necessary to enable the publication of comments and to ensure protection against misuse, which is in our predominant legitimate interest.
We allow you to subscribe to email notifications about new comments from other individuals. In this regard, we particularly need your email address so that we can notify you by email. You can unsubscribe from such comment notifications at any time.

8. Notifications and communications

We use notifications and communications via email and other communication channels such as instant messaging or SMS.

8.1 Success and reach measurement

Notifications and communications may contain web links or pixel tracking to determine if a single message has been opened and which web links have been clicked. Such web links and pixel tracking can also capture the personal use of notifications and communications. We require this statistical measurement of use for the success and reach measurement to effectively and user-friendly send notifications and communications, as well as to ensure their long-term, safe, and reliable delivery based on the recipients' needs and reading habits.

8.2 Consent and objection

You must generally give explicit consent for the use of your email address and other contact information, unless such use is legally permissible for other reasons. Whenever possible, we use the double opt-in procedure for consent. This means you will receive an email with a web link that you must click to confirm, to prevent misuse by unauthorized third parties. We may log such consents, including Internet Protocol (IP) addresses, date, and time, for evidential and security reasons.

You can generally object to receiving notifications and communications such as newsletters at any time. With such an objection, you can also object to the statistical measurement of use for the success and reach measurement. Required notifications and communications related to our activities and operations remain reserved.

8.3 Notification and communication service providers

We send notifications and communications with the help of specialized service providers.

9. Social media

We are present on social media platforms and other online platforms to communicate with interested individuals and inform about our activities and operations. In connection with such platforms, personal data may also be processed outside of Switzerland. The terms and conditions (AGB) and usage conditions as well as privacy policies and other provisions of the individual operators of such platforms also apply. These provisions inform in particular about the rights of affected individuals directly against the respective platform, including the right to information.

10. Third-party services

We use services from specialized third parties to perform our activities and operations in a permanent, user-friendly, safe, and reliable manner. With such services, we can embed functions and content into our website. When such embedding occurs, the used services, for technical reasons, record at least temporarily the Internet Protocol (IP) addresses of users.
For necessary security-related, statistical, and technical purposes, third parties whose services we use may process data related to our activities and operations in an aggregated, anonymized, or pseudonymized manner. This includes performance or usage data, to offer the respective service. We use the collected data in compliance with data protection regulations and only work with reputable and well-known third-party providers.

10.1 Digital infrastructure

We use services from specialized third parties to obtain the necessary digital infrastructure in connection with our activities and operations. This includes hosting and storage services from selected providers.

11. Success and reach measurement

We use services and programs to determine how our online offering is used. In this context, we can measure, for example, the success and reach of our activities and operations and the impact of third-party links on our website. We can also, for example, experiment and compare how different versions of our online offering or parts of our online offering are used (A/B test method). When using services and programs for success and reach measurement, the Internet Protocol (IP) addresses of individual users must be stored. IP addresses are generally truncated (IP masking) to follow the principle of data minimization and thus improve the data protection of users. When using services and programs for success and reach measurement, cookies may be used, and user profiles may be created. User profiles may include, for example, pages visited or content viewed on our website, screen size or browser window size, and at least approximate location. User profiles are created exclusively in a pseudonymized manner. We do not use user profiles to identify individual users. Individual third-party services where users are logged in may potentially link the use of our online offering to the user's account or user profile with the respective service.

12. Final provisions

We have created this privacy policy with a privacy policy generator. The base language of this website is German. All provided translations are intended to simplify use for the end user. Legally binding is solely the original version of the website.

We can adapt and supplement this privacy policy at any time. We will inform about such adjustments and supplements in an appropriate manner, especially by publishing the current privacy policy on our website.

Scroll to Top