Privacy for trainings and inquiries

We would like to inform you about the processing of personal data carried out by CertX AG.
CertX AG, Passage Du Cardinal 13b, 1700 Fribourg, Switzerland (CertX, we) is responsible for processing your personal data in accordance with the General Data Protection Regulation (GDPR). You can contact us at info@certx.com.

 

In the following, we have compiled the most important information on typical data processing for you, separated by topics and data subjects. For certain data processing that only affect specific groups, the information obligations are fulfilled separately.
If the term “data” is used in the text, only personal data within the meaning of the GDPR is meant.

1. General information and rights of data subjects

Your rights as data subject
If you have any questions about the processing of your personal data by us, we will of course be happy to provide you with information about the data concerning you (Art. 15 GDPR). In addition, if the legal requirements according to the GDPR are met, you have the
right to correction (Art. 16 GDPR), restriction of processing (Art. 18 GDPR), objection to processing (Art. 21 GDPR) and the right to data transferability (Art. 20 GDPR). Finally, you have the right to complain to a competent data protection supervisory authority (Art. 77 GDPR, Section 19 Federal Data Protection Act).

 

Your right of objection
If you wish to revoke a granted consent or object to the processing of your personal data for advertising purposes or due to your special situation, a short message by e-mail to info@certx.com is sufficient at any time.

2. Privacy notice according to Art. 13 and Art. 14 GDPR for customers and seminar participants (open, in-house and online)

We process your data for the purpose of offering and providing services in connection with the execution of the respective legal transaction and for invoicing (Art. 6 section 1 b DSGVO, Art. 6 section 1 f DSGVO). In addition, we process your personal data in order to inform you by email about products, services and specialist events for training and further education and personal certification as well as due examinations from these areas and for customer analyses (Art. 6 section 1 f DSGVO).

 

With your consent, which can be revoked at any time, we will also inform you about products, services and specialist events for training and further education and personal certification as well as due examinations from these areas and for customer analyses by e-mail (Art. 6 section 1 a&f GDPR). We also inform our business customers about this by telephone.

 

In individual cases, your personal data is transmitted to licensing and examination bodies (e.g. public authorities, accreditation bodies, Federal Employment Agency) as part of examinations conducted by CertX AG.

 

We may carry out practice trainings during our training courses and record them on local storage media as temporary video files (Art. 6 section 1 f DSGVO). In order to improve your learning success, these recorded videos are used in debriefings and discussed with the trainers and the other participants. Afterwards, at the latest at the end of the training, these video recording files will be deleted.

 

We use service providers by way of order processing in the provision of services within Switzerland, in particular for the provision, maintenance and servicing of IT systems.

 

We store your contract data and the associated documents for 10 years after termination of the business relationship unless other legal provisions or regulations apply.

 

When conducting online training courses or digital events in which you participate, the information above under 2. Privacy policy according to Art. 13 and Art. 14 GDPR for customers and seminar participants (open, in-house and online) also applies in addition to the information below. Such events are generally not recorded.

 

The processed data is your registration data (surname, first name, email address) from the event. If you activate the camera and / or the microphone of your device, we also process the transmitted data. If you take part in chats, whiteboards or voting, this data will also be processed.

 

The legal basis for the processing of data from participants in events is Art. 6 section 1 b GDPR (contract for the implementation of the event), Art. 6 section 1 f GDPR (legitimate interest of the person responsible to provide his service to third parties such as the employer of participants) and Art. 6 section 1 c GDPR (legal obligations, in particular tax and commercial regulations). The legal basis for possible data processing in third countries when using Microsoft Teams is your consent (Art. 6 section 1 a GDPR). In the USA there is no data protection level comparable to the requirements of the GDPR. It is possible for government agencies to access personal data without us or you knowing about it. An effective enforcement of your rights is probably not possible in the USA.
By joining the online event, the participant consents to the processing of his or her personal data.

 

We use processors (service providers) in particular for the provision, maintenance and care of IT systems.

 

We store your contract data and the associated documents for 10 years after termination of the business relationship unless other legal provisions or regulations apply.

 

The specification of the registration data is contractually binding for the participation in digital events.

3. Privacy information for interested parties and communication partners

We process the personal data of interested parties and communication partners for the purpose of communicating with those affected. There are no plans to change these purposes.

 

The legal basis for the processing of data from interested parties and communication partners is Art. 6 section 1 f GDPR (legitimate interest of the person responsible to contact interested parties and communication partners).

We use processors (service providers) in particular for the provision, maintenance and care of IT systems.
Inquiries and communications are deleted after two calendar years.

4. Privacy information for examinees in online exams

We process your personal data for the purpose of performing online exams on the online platform “Exam.net” as part of the implementation of contractual or pre-contractual measures (Art. 6 Paragraph 1 b GDPR, Art. 6 Paragraph 1 f GDPR). Please read further details on the exam.net platform regarding their privacy and cookie policy.

 

In individual cases, your personal data will be transmitted to approval and testing bodies (e.g. authorities, accreditation bodies) as part of tests by CertX AG.
We use service providers for the provision of services by way of order processing, in particular for the provision, maintenance and care of IT systems.

 

A transfer of your personal data to third countries does not take place.
Exceptions are data from participants and clients who are based in third countries.

 

If the data are no longer required for the fulfilment of contractual or legal obligations and rights, they are regularly deleted, i. d. Usually after 10 years, unless their – limited – further processing is necessary for the fulfilment of the purposes out of an overriding legitimate interest.