Regardless of whether you are a client, a project partner, a person interested in our programmes, a job applicant or a visitor to our website, we, Skat consulting Ltd. and Skat Foundation (hereinafter referred to as “Skat” or “we”) take the protection of your personal data very seriously, but what does that actually mean?
The information below will enable you to gain an insight into which personal data we collect from you and in which form we process them. In addition, you will gain an overview of the rights which you are entitled to under the applicable data protection legislation. We also inform you whom to contact if you have any further questions.
Who are we?
Skat Consultung Ltd. is a Swiss consulting company working together with partners in transition and developing countries to improve lives. Skat Foundation is a non-profit organisation established in 2002.
Since our inception 1978, Skat has an established track record of successful, high-impact projects and partnerships, adding value to companies, organizations, and government agencies at home and abroad. We are well-known as independent resource centre and consultancy working in the fields of development and humanitarian aid. Our services range from knowledge sharing to policy and strategy development. Our experts provide technical expertise and management support as well as training, research facilities and project implementation successfully since almost 40 years in over 100 countries. In all our activities we are committed to reducing the gap between rich and poor through the promotion of sustainable livelihoods and the improvement of the living conditions of disadvantaged and marginalised people. As the responsible party within the meaning of the applicable data protection legislation we
Skat Consulting Ltd.
9000 St. Gallen
Tel: +44 (0) 71 228 54 54
take all measures required under applicable data protection legislation to ensure the protection of your personal data.
For all questions relating to this Privacy Statement we kindly ask you to contact our data protection officer under email@example.com or call Tel: +44 (0) 71 228 54 54
2. Scope of Application of the Privacy Statement
The legislator defines the processing of personal data as activities such as the collection, recording, organisation, ordering, storage, adjustment or alteration, reading, retrieval, usage, disclosure by transfer, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction of personal data. Personal data is all information relating to an identified or identifiable natural person.
This Privacy Statement deals with the personal data of clients, project partners, interested parties, job applicants or visitors. This Privacy Statement applies to both of our websites www.skat.ch, www.skat-foundation.ch as well as to our project website www.apasan.md
3. Which personal data do we process?
Your personal data is collected by us when you visit any of our websites or establish any contact with us. This can occur for instance if you are interested in our projects, contact us via our communication channels, or if and when you use our products or services in the course of existing relationships.
The following types of personal data are processed by us:
- Data generated by your access of the website (“server logfiles“) and online behaviour,
e.g. IP addresses, user names, data on your visits to our website(s), the actions taken on our websites, the browser used, the operating system used, the time and location of access, the link from which you accessed the website, quantity of data sent
- Details of your personal identity (if you have informed us about these),
e.g. first and last name, address details, e-mail address, telephone number, fax number
- Information on the career progression of job applicants and experts (if you have informed us of these), e.g. professional training, previous employers, other qualifications, language skills, project experience
- and other information comparable with these data categories.
3.1 Sensitive data
We do not collect any sensitive data, i.e. special categories of personal information such as details of religious or trade union affiliations by this method.
3.2 Personal data of underage persons
We do not collect any personal data of/about children or underage persons (with the exception of access data in server logfiles in which we cannot verify age).
What are cookies?
Cookies are files stored on your computer by our website when you call up the site. These files contain information making your use of this website more efficient.
Most of the cookies we use are so-called “session cookies” which will be deleted, automatically, at the end of your visit. Other cookies remain stored on your device until you delete them. You can adjust your browser settings so that you are informed when cookies are created and only allow cookies in individual cases, exclude acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when you close your browser. If you deactivate the storage of cookies the functionality of this website may be impaired. As an open source web analytics service, we use Google Analytics to analyse usage behaviour on our website. The usage information created by the cookie (including the shortened IP address of the user) will be transferred to our servers and stored there for usage analysis purposes. We use the usage analysis to optimise our own websites, and the way we address our clients and other advertising measures. The IP address of the user is shortened in this process before storage so that the identification of the user via the IP address is no longer possible.
The information created by the cookie about your use of this website will not be transferred to any third parties.
If you do not agree to the storage and analysis of this data from your visit, you can object to the storage and use at any time by a click of the mouse below. In this case, a so-called opt-out cookie will be stored on your browser which has the effect that Google Analytics does not collect any session data. Please note: if you delete all your cookies this has the result that the opt-out cookie will also be deleted and you will need to reactivate it.
Google Web Fonts
For the homogenous display of fonts, this website uses so-called web fonts that are provided by Google. On retrieving a website your browser downloads the necessary web fonts to your browser cache in order to correctly display texts and fonts.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
4. For which purpose do we process your personal data – and on what legal basis?
4.1 Contractual performance (Article 6 (1) (b) GDPR)
We process your personal data to be able to execute our contracts. This also applies to details you provide to us in the course of pre-contractual correspondence. The actual purposes of the data processing depend upon the relevant circumstances of the specific undertaking.
Initiation or implementation of contractual relations
For the initiation or implementation of contractual relations we need your name, your address, your telephone number or your e-mail address so that we can contact you.
If you send us an enquiry via a contact form your details from this enquiry form, including the contact details given by you on this form, are used to deal with the enquiry and stored by us in case of follow-up queries. We do transfer this data to any third parties without your consent.
We will not use your applicant information for any other purposes than for internal acquisition processes.
4.2 According to balancing of interests: to ensure your security and improve the reliability of our web applications (Article 6 (1) (f) GDPR)
Measures that serve your security
We use your personal data for cases including the following:
- In order to protect you or your enterprise from fraudulent activities, we analyse your data. This can occur, for instance if you are the victim of identity theft or if unauthorised persons gain access to your user account in some other way;
- In order to improve the reliability of our web applications, our IT support sector will closely collaborate with you in the case of technical problems. In this connection, we also analyse reports of website accesses, actions carried out, etc.;
- In order to be able to ensure IT security;
- In the case of possible legal disputes, to record facts and provide proof.
4.3 On the basis of your consent (Article 6 (1) (a) GDPR)
If you have agreed to the processing of your personal data for one or more specified reasons, then the processing of your personal data by us is permissible. You can withdraw this consent with effect for the future at any time without incurring any costs other than the transmission costs in line with basic tariffs (costs of your Internet connection). The withdrawal of your consent does not however affect the legality of processing carried out up until the withdrawal of consent.
4.4 On the basis of statutory provisions or in the public interest (Article 6 (1) (c) GDPR)
As a company, we are subject to various statutory requirements (e.g. under taxation legislation). In order to comply with our statutory obligations, we process your personal data to the extent legally required and permitted and may be required to retain this data.
5. Where we transfer your Data to and Why
5.1 Data utilisation within Skat
Within Skat only those employees who need access to your personal data to fulfil our contractual or legal duties or to protect our legitimate interests have access to your data.
5.2 Data utilisation outside Skat
We respect the protection of your personal data and only transfer information about you when this is required by any legal provisions, if you have given your consent, or for the fulfilment of our contractual obligations.
For instance in the case of the following recipients there may be a legal obligation to transfer your personal details:
- Public offices or supervisory authorities, e.g. tax authorities, customs authorities, external audit offices of ministries or public authorities;
- Judicial or criminal investigation authorities, e.g. police, courts, office of the public prosecutor;
- Lawyers or notaries, e.g. in legal disputes;
In order to be able to fulfil our contractual obligations we cooperate with other companies. These include:
- Postal and transport service providers;
- Event organisers and training providers if you have registered through us for certain exhibitions or events;
- Banks and financial service providers for the settlement of all financial matters;
- Partners in programmes (e.g. water utilities, government agencies, NGO’s) which implement projects
Own service providers
In order to enable us to organise our business efficiently we use the services of external service providers who may receive personal data relating to you to fulfil the described purposes, including IT service providers, printing and telecommunications services, collection and consultation firms and file deletion and archiving service providers.
Important: We look after your personal data carefully!
In order to ensure that the same legal data protection standards apply to our service providers as in our own enterprise we have concluded corresponding contracts for order processing. Among other things, these contracts provide that third parties only gain access to data which they need to complete the tasks assigned to them; that at the service providers only employees who are explicitly obliged to comply with data protection law provisions have access to your data;
that at the service providers technical and organisational measures are maintained which ensure data security and data protection; for what happens to your data when the contractual relationship between the service provider and us ends.
In the case of service providers who have their registered headquarters outside the European Free Trade Area (EFTA) or European Economic Area (EEA), we take specific security measures (e.g. through use of specific contractual clauses) to ensure that the data is/are handled with the same level of care as within the EFTA and EEA. We check all our service providers regularly for compliance with these provisions.
Very important: Under no circumstances do we sell/lease your personal data to third parties!
6. Are you obliged to provide us personal data?
In the context of the business relationship between you and Skat we require from you the following categories of personal data:
- all necessary information for the commencement, implementation and ending of a business relationship;
- data which is required to fulfil contractual obligations;
- data which we are legally obliged to collect.
Without this data, it is not possible for us to enter into or implement contracts with you.
7. Deletion Periods
In accordance with the applicable data protection regulations we store your personal data for no longer than we need to fulfil the purposes of the relevant processing. When data is required no longer for the fulfilment of contractual or statutory duties, we will delete such data, unless it has to be retained for a continuing retention period. Continued retention may be required for the following reasons:
- Retention duties according to the commercial an/or taxation law: the overriding retention periods under the provisions of the German Commercial Code (HGB) and the German Tax Code (AO) are up to 10 years.
- For the preservation of evidence in the case of legal disputes within the scope of statutory provisions on the expiry of claims: expiry periods can be up to 30 years in civil law, although claims generally expire after three years after perusal.
- For the proof of proper use of subsidies within the scope of the Federal Budget Code (BHO) and the General Ancillary Provisions for Subsidies for Project Sponsorship (ANBestP) the retention duties are generally five years after submission of the proof of usage, provided a longer retention period is not required under taxation law or any other legal provisions.
8. Your Rights
Within the context of the processing of your personal data you have certain rights. For more detailed information please refer to the relevant provisions of the EU General Data Protection Regulation (Articles 15 to 21).
8.1 Right to notification and rectification
You have the right to receive notification from us about which of your personal data we are processing. Should this information not be correct (any longer), you have the right to demand us to rectify the relevant data, in the case of incomplete details to delete such data. If we have transferred data to any third parties we will inform the third parties concerned if so required by legal provisions.
8.2 Right to deletion
You have the right to demand the immediate deletion of your personal data under the following circumstances:
If your data is no longer needed for the purpose for which it was collected;
If you have withdrawn your consent to the processing and there is no other legal basis for processing the data;
If you object to the processing and there are no overriding legitimate reasons for the data processing;
If your data is being processed unlawfully;
If your data must be deleted to fulfil statutory duties.
Please note that we must check before deleting your data whether there is any legitimate reason for continuing to process your personal data.
8.3 Right to restriction of processing (“Right to have data blocked”)
For any of the following reasons you have the right demand us to restrict the processing of your personal data:
If you challenge the accuracy of the data, until we have had the opportunity to check the accuracy of the data;
If the data is being unlawfully processed, but instead of deletion you demand only restriction on the use of the personal data;
If we no longer require the personal data for the purposes of processing, but you still require this for the assertion, exercise or defence of legal claims;
If you have filed an objection to the processing and it is not yet established whether your legitimate interests outweigh ours.
8.4 Right to object
Right to object on a case-by-case basis
If the processing is in the public interest or is done as a result after balancing the mutual interests you have the right, for reasons deriving from your specific situation, to lodge an objection against the processing. Upon the successful lodging of an objection we will no longer process your personal data unless we can prove urgent grounds worthy of protection for processing your data which outweigh your interests, rights and freedoms, or because your personal data serves the assertion, exercise or defense of legal claims. The objection does not affect the legality of the processing done up to the lodging of the objection.
In case your personal data is used for advertising purposes, you have the right to lodge an objection against this form of processing, at any time. We will then no longer process your personal data for these purposes.
The objection can be made without form restrictions and should be addressed to:
Skat Consulting Ltd.
9000 St. Gallen
Tel: +44 (0) 71 228 54 54
8.5 Right to transferability of data
Upon request, you have the right to receive such personal data you have submitted to us for processing in a transferable and machine-readable format.
8.6 Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
We always try to process your enquiries and requests as quickly as possible in order to respect your rights appropriately, however, depending on the frequency of requests it may be that up to 30 days elapse before we are in the position to give you further information on your enquiry. Should it take longer than this we will notify you quickly about the reasons for the delay and discuss the further proceedings with you.
In some cases, we do not have the permission to or we may be prevented from giving you any information. If legally permissible, we will inform you about the rationale for refusing information.
If you are still not satisfied with our responses and reactions or you are of the opinion that we are in violation of applicable data protection legislation, then you are free to lodge a complaint with both our data protection officer and the responsible supervisory authority.
The supervisory authority having jurisdiction in our case is the Data Protection and Information Commissioner of Switzerland:
Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter
Mr Adrian Lobsiger
3003 Bern Tel. +41 58 462 43 95;
Fax +41 58 462 99 96
This Privacy Statement is the version from 06.08.2018.