Privacy Policy

This Privacy Policy governs how STORM Partners Sàrl, a limited liability company duly incorporated under the laws of Switzerland whose registered address is Chemin de Madame de Warens 2, 1816 Montreux (CH-VD), Switzerland, whose registration number is CHE-435.083.916 (hereinafter referred to as the “Company”), in quality of data controller, collects, uses, maintains, and discloses information collected through its website from you as data subject (hereinafter referred to as “User”).

This Privacy Policy complies with both the European Union General Data Protection Regulation (hereinafter referred to as “GDPR”) and the Swiss Federal Data Protection Act (hereinafter referred to as “FADP”).

The Company may collect personal data from Users in a variety of ways, including, but not limited to, when Users visit the Company’s website, fill out a form, and in connection with other activities, services, features, or resources the Company makes available on its website. Users may be asked for, as appropriate, a name and email address. Users may, however, visit the Company’s website anonymously. The Company will collect data from Users only if this is strictly necessary to achieve one of the purposes laid down in section 4 of the Privacy Policy, or if he has given his consent. Users can always refuse to supply personal identification information, except that this may prevent them from engaging in certain site-related activities.

Every data collected by the Company will be processed according to the following principles outlined in Art. 5 GDPR and in Art. 6  FADP:

  1. Lawfulness: the data must be processed according to the relevant legislation, with transparency and good faith,
  2. Determination of purposes: the data must be collected for a determined purpose,
  3. Minimisation: the data must be adequate and proportionate to the purpose they are aimed to achieve,
  4.  Accuracy: the data must be correct, and updated when necessary,
  5. Storage limitation: the data must be stored in a way that allows the recognition of the Users for a period no longer than the one necessary to achieve the purpose they are processed for, and
  6. Safety: the data must be stored in a safe place that can guarantee protection through technology and internal procedures.

The Company will process data to:

  1. Drive Marketing strategies,
  2. Send the newsletter,
  3. Deliver a requested performance,
  4. Negotiate the delivery of a performance,
  5. Comply with the applicable legislation,
  6. Protect and defend the company’s or third-party rights,
  7. Improve the service and customer care, and
  8. Simplify administrative procedures.

The legal basis for the processing, according to the GDPR will be:

  1. The necessity to comply with existing laws (art. 6 par. 1 lett. B GDPR),
  2. The performance of a contractual or pre-contractual obligation (art. 6 par. 1 lett. C GDPR),
  3. The legitimate interest of defending the Company’s or third parties’s rights, of having an efficient administration, and of improving the Company’s services and client experience (art. 6 par. 1 lett. F GDPR), and
  4. If none of these legal bases can apply, the processing of the User’s data will take place only upon an informed, free, and explicit consent of the User (art. 6 par. 1 lett. A GDPR).

The Users can withdraw consent at any time and without formality by just communicating it to the email they will find in section 13 of the Privacy Policy.

The Company does not sell, trade, or rent Users’ Data to others. The Company shares the User’s personal data only for the purposes and under the legal basis outlined in section 4 of the Privacy Policy and with adequate guarantees for the rights of the User under the Privacy Policy and the relevant legislation.

In any case, the User’s personal data will be processed either internally by adequately trained personnel or externally by contractors (for example, tax consultants or insurers) that will give enough guarantees to protect the User’s data.

In accordance with applicable laws, the Company will use the User’s Personal Data for as long as necessary to satisfy the purposes for which their Personal Data were collected or to comply with applicable legal requirements.

The Company may transfer the User’s Personal Data to partners located in Switzerland, in the European Union, in the United States, or in another country that grants a similar level of protection of Personal Data based cumulatively on an adequacy decision issued by the European Commission (art. 45 GDPR) and on a decision issued by the Swiss Federal Council (art. 16 par. 1 FADP).

Transfers of data to a country with a lower level of protection are still possible, but in that case, the Company will ensure that the User’s Personal Data will be guaranteed by contractual agreements or other legally binding acts that will provide a level of data protection in line with the Privacy Policy and the relevant legislation.

The Company adopts appropriate data collection, storage, and processing practices and security measures to protect against unauthorised access, alteration, disclosure, or destruction of the User’s personal information, username, password, transaction information, and data.

The Company applies high industry standards and will always apply adequate technical and organisational measures in accordance with applicable laws to ensure that the Users’ Personal Data is processed in their best interest.

In the event of a Personal Data breach, the Company shall, without undue delay, and where feasible, not later than seventy-two (72) hours after having become aware of it, notify the breach to the competent supervisory authority.

Under the relevant data protection law (art. 15-22 GDPR, art. 25-29 FADP), the Users have the following rights:

  1. Right of access – The Users have the right to ask the Company for copies of their personal information,
  2. Right to rectification – the Users have the right to ask the Company to rectify the personal data they think are inaccurate. they also have the right to ask the Company to complete the pieces of information they think are incomplete,
  3. Right to erasure – the Users have the right to ask the Company to erase their personal information in certain circumstances,
  4. Right to restriction of processing – the Users have the right to ask the Company to restrict the processing of their personal information,
  5. Right to object to an automated individual decision-making process – The Users have the right to object to the automated processing of their personal data, and
  6. Right to data portability – The Users have the right to ask that the Company will transfer the personal data they gave to it to another organisation, or to the User himself.

The User can at any moment, submit to the Company a request based on the above-mentioned rights by contacting it through the contacts provided for in section 13 of the Privacy Policy.

The Users are not required to pay any charge for exercising their rights. If they make a request, the Company will have one month to respond to such a request.

Furthermore, if the Users think that their rights under applicable data protection laws are infringed, they have the right to lodge a complaint to the competent national data protection authority.

Users may find advertising or other content on the website that links to websites and services of the Company’s partners, suppliers, advertisers, sponsors, licensors, and other third parties. The Company does not control the content or links that appear on them, and it is not responsible for the practices employed by websites linked. These websites and services have their own privacy policies. Browsing and interacting on them, including those that have a link to the Company’s website, is therefore subject to their terms and policies.

The Company has the discretion to update this Privacy Policy at any time. When it does so, it will revise the updated date at the bottom of this page. The Company encourages Users to frequently check this page for any changes to stay informed about how it is protecting the personal information it collects. The Users acknowledge and agree that it is their responsibility to review this Privacy Policy periodically and become aware of modifications.

By using this website, the Users signify their knowledge of the Privacy Policy. If they do not agree to it, they should not use this website.

If the Users have any questions about the Privacy Policy, or if he would like to make a complaint under section 9 of the Privacy Policy, he can reach the Company through the following email: [email protected].