Privacy Policy

1. Introduction

 

This Privacy Policy is intended to inform visitors of the site www.sb-itm.ch and clients of SB-ITM about how their personal data is collected, used, stored, and protected.
By using this site or placing an order for one of our services, you agree to the practices described in this policy.

​

2. Data Controller

Sébastien Bartholomé (Sébastien Bartholomé | IT Management)
Chemin des Tournesols 2, 1182 Gilly – Switzerland
📧 sebastien@sb-itm.ch

​

3. Data Collected

 

Personal data may be collected directly or indirectly when you:

• fill out a contact or subscription form

• sign up for a newsletter or service

• contact us by email

• visit the site (via cookies or analytics tools such as Google Analytics

 

The data may include:

• First and last name

• Email address

• Phone number

• Navigation data (IP address, browser type, etc.)

​

4. Purposes of Processing

 

Data is collected to:

• respond to your requests

• send content or a service you subscribed to

• prepare commercial offers or contracts

• track agreed missions

• improve the site and user experience

• comply with legal obligations (billing, archiving, etc.)

​

5. Legal Basis

 

In accordance with the GDPR and the Swiss Federal Data Protection Act (nLPD), processing is based on:

• your explicit consent

• the performance of a contract or mission

• a legal obligation

• legitimate interest

​

6. Data Sharing & Location

 

No personal data is sold or transferred to third parties.

​

Service providers used include:

• Microsoft Ireland Operations Ltd: hosting and processing via Microsoft 365

• Microsoft Dataverse (Switzerland): database storage

• Exchange Online (EU): email sending and receiving

• SharePoint and OneDrive (EU): file storage

• Microsoft Teams (EU): internal communication

• Jotform Inc.: data collection via online forms, hosted in the EU

​

Data flow: Data entered through our Jotform forms (hosted in the EU) is transferred to Microsoft Dataverse (Switzerland) for storage, and then used within our Microsoft 365 ecosystem hosted in the EU. These transfers occur between two territories benefiting from mutual adequacy decisions (Switzerland ↔ EU), ensuring a level of protection compliant with GDPR and nLPD.

​

7. Consent Management

 

When subscribing to our services, your consent is collected via a mandatory checkbox and recorded along with the date, time, and IP address at the time of form submission. This evidence of consent is stored as required by law and can be provided upon request.

​

8. Data Retention

 

Data is retained:

• for the duration necessary to provide the requested service or process the request

• up to 10 years for billing-related data (Swiss legal requirement)

• or until your explicit request for deletion, provided this does not conflict with our legal obligations

​

9. Your Rights

 

You have the following rights:

• access to your data

• rectification

• deletion

• restriction of processing

• objection

• portability (in certain cases)

​

To exercise your rights: 📧 sebastien@sb-itm.ch

An identity document may be requested to confirm your identity.

​

10. Data Security

 

We implement strict technical and organizational measures, including:

• HTTPS protocols

• firewalls and access control

• enhanced authentication

• access limited to authorized personnel only

​

11. Cookies

 

The site may use cookies to:

• analyze traffic (e.g., Google Analytics)

• enhance user experience

• remember your preferences

​

You may accept or decline cookies on your first visit, and adjust your preferences in your browser.

​

12. Transfers outside Switzerland/EU

 

No data transfers are made outside Switzerland or the European Union.
If exceptions occur in the future, they will only be made to countries with adequacy decisions or under standard contractual clauses compliant with GDPR/nLPD.

​

13. Contact

For any questions:
Sébastien Bartholomé (Sébastien Bartholomé | IT Management)
📧 sebastien@sb-itm.ch