Data protection policy

1 - General information

Data protection is important to us. We therefore treat your personal data (“Personal Data”) with great care and in accordance with the applicable legal provisions. StudyPeak GmbH, c/o Bratschi AG, Gubelstrasse 11, 6300 Zug, processes your Personal Data for various purposes and informs you transparently about these data processing activities. The term “Personal Data” refers to any information that can be associated with a specific or identifiable natural person. The term “processing” includes any handling of personal data, such as collection, disclosure, storage, deletion, etc. Please read the entire privacy policy carefully to understand how and why we process your personal data and what rights you have in relation to this data processing. 

Who does this privacy policy apply to and when?

  • If you receive services or products from us or are contractually affiliated with us
  • Visitors to our website www.studypeak.ch
  • When you contact us, e.g. by email, letter, via our contact form or another contact method
  • If you receive information or marketing communications from us
  • If you register for specific offers (e.g., events)
  • If you subscribe to our newsletter
  • If you apply to us
  • When you interact with us in connection with other data processing activities related to our offerings

2 - Responsibility 

The company responsible for processing personal data is the one that determines the purpose and means of processing. For data processing within the scope of this privacy policy, the following company or person is the “controller” within the meaning of the GDPR, i.e. the data protection authority, unless otherwise specified in individual cases (identity): 
 StudyPeak GmbH 
 c/o Bratschi AG 
 Gubelstrasse 11 
 6300 Zug 
 If you have any concerns or questions about data protection, you can contact us at the following address 
 datenschutz@studypeak.ch
 If you are in contact with another company in the group, e.g. because you are directly connected to that company, that company is responsible for data protection. 

3 – Personal data to be processed

We process different categories of personal data for different purposes. For business partners that are companies, we process less personal data—primarily data about contact persons within the companies (e.g., name, email address, position within the company, communication data). Much of the following personal data is provided by you. However, you are generally not obliged to provide it. If you provide us with data about other people, we assume that you are authorized to do so and that the data is correct. By submitting third-party data to us, you automatically confirm this. Please ensure that the third parties concerned are aware of this privacy policy.

3.1 – Basic data and contact information

Invoices are sent by email at the beginning of the following month and are due within 15 days. Extensions to this payment period are not permitted. In the event of late payment, StudyPeak GmbH reserves the right to exclude the student from the course and to forward outstanding amounts to a collection agency. From the due date, an annual interest rate of up to 15% may be charged on the outstanding amount, together with reminder and collection fees. 

Basic data and contact information refer directly to you and your characteristics (e.g., to contact you).
For example, we process the following data:

Basic data

  • Last name, first name
  • Gender
  • Date of birth
  • Address
  • E-Mail address
  • Phone number
  • Nationality and residence permit status
  • Language preferences
  • Information from your identity card or passport
  • Family details (e.g., marital status)
  • Information on professional role and employment (e.g., employment status, employer)
  • Information on education
  • Information on the living situation 
  • Signatory powers and declarations of consent 
  • School grades and exam results 

We obtain this basic data directly from you. However, under certain circumstances, we may also obtain personal data from third parties, e.g., from our business partners, associations, address brokers, and publicly accessible sources such as the Internet.

3.2 Contract data

Contract data are details that arise in connection with the execution of the contract.

We process the following data: 

  • Details from the preliminary contract phase and information about the conclusion of the contract itself (e.g., subject matter of the contract), as well as the information required or used for its execution
  • Date, type, duration, and terms of the contract, information on contract termination
  • Customer history
  • Payment information and payment terms, mutual claims
  • Details about complaints, information about customer satisfaction, feedback
  • Responses to customer and satisfaction surveys
  • Access data and logins

3.3 Application data

Application data is information that is collected in connection with your application to us, e.g. the following data: 

  • Resume, cover letter
  • Employment and degree certificates
  • Information about your current position (e.g. notice period)
  • Salary expectations
  • Information related to an interview

3.4 Communication data

Communication data is data that arises in connection with communication with you, e.g. the following data: 

  • Contact information such as postal address, e-mail address and telephone number
  • Content of all correspondence
  • Details of the type, time and other metadata of the communication

3.5 Location data and technical data

When you visit our website, technical data is collected. This includes, for example, the following data: 

  • Location and traffic data
  • IP address of the device and device ID
  • Information about your device, your device's operating system
  • Information about your Internet service provider
  • Content accessed or logs that record the use of our systems
  • Date and time of access to the website

3.6. Other possible data

Depending on requirements, we may also process the following additional data:

  • We may also process photos or videos in which you can be identified (e.g., from events).
  • We may collect data about who attends events and when.

4. Purposes of our data processing

We process your personal data, to the extent permitted, for various purposes for which we have a legitimate interest that is commensurate with the purpose: 

  • For the fulfillment of the contract
  • To improve our services and products
  • For marketing and informational purposes (to inform you about offers or new activities based on your personal interests)
  • Evaluation of your application (to assess whether you are suitable for a position with us)
  • To maintain our IT security (in particular to monitor the performance of our website)
  • To enforce measures for operational and building security and to protect our employees, other persons and valuables
  • For internal administration (e.g., for accounting or data archiving purposes)
  • To comply with legal requirements (e.g., handling complaints, preventing and investigating criminal offenses or other misconduct)
  • Assertion of legal claims (if necessary, we also process personal data in order to assert claims in court, out of court and before authorities in the US and abroad, or to defend ourselves against legal claims)
  • For corporate development (e.g., corporate management, execution of the purchase and sale of business units and the associated transfer of personal data)

5. Data processing in connection with social media

If you contact us via social media and our profiles there, e.g. on Facebook, Instagram, LinkedIn, Twitter, etc., comment on content or share posts, we collect data that we may use for marketing purposes. The respective provider of a social media platform also collects data during your visit to our profile. For more information about data processing by a social media provider, please refer to the privacy policy of the respective provider. We offer you the option of using a social media plugin from Facebook or Instagram on our website to integrate the functions of the respective provider on our website. These plugins are disabled by default, but are activated when you click on the social media icon on the website. Access requests and other inquiries regarding these social media providers can be directed to the respective provider. 

6. Online advertising techniques

We use online advertising techniques such as cookies on our website. This enables us to measure the user-friendliness and success of the website and online advertising campaigns.

6.1. What are online advertising techniques such as cookies?

When we track you, we can distinguish your access from that of other users, ensure the functionality of the website, and perform statistical analyses. Each time you visit a page, you are recognized as an individual visitor and distinguished from other users by assigning a unique identification number to your browser (this is called a “cookie”). Cookies are automatically stored on your device when you visit our website. We use cookies to store settings between your visits to the website or to collect statistical, technical data.

6.2. What cookies or online advertising techniques do we use?

We use analytics services to optimize our website. Below, we explain the functions of our most important analytics service providers. Other third-party tool providers process personal data in a similar manner.

  • Google Analytics, an analytics service provided by Google LLC and Google Ireland Ltd. Google Ireland Ltd. is responsible for processing personal data. Google uses cookies and online advertising techniques to analyze specific information about the behavior of individual users on the website. Based on the analyzed data, Google provides us with evaluations, but also processes the data for its own purposes. Information on data protection at Google Analytics can be found here: https:// policies.google.com/privacy
  • Facebook Pixel, an analytics tool from Meta Platforms Ireland Ltd. This enables us to control ads on Facebook and Facebook partners so that they are only shown to users who may be interested in the relevant advertising. The data is stored on servers in the EEA and the US. Users can direct access requests and other inquiries directly to Meta. Information on data protection at Meta can be found here: https://www.facebook.com/privacy/policy. 

7. Disclosure of data to other companies and recipients

We share your personal data with service providers. These primarily include IT service providers, but also analytics service providers, debt collection service providers, credit agencies, marketing service providers, etc. Insofar as these service providers process personal data as processors, they are obligated to process personal data exclusively in accordance with our instructions and to implement data security measures. The data may also be passed on to other recipients, e.g., courts and authorities in legal proceedings. We may disclose your personal data to other companies within the group of companies. Such disclosure may be for internal administrative purposes or to support the respective group companies and their own processing purposes. In individual cases, we may disclose personal data to other third parties for their own purposes, e.g. if you have given us your consent or if we are legally obliged or entitled to do so. 

8. Personal data abroad

The recipients of the data (e.g., other companies or authorities) are not only located in Switzerland. This applies in particular to group companies and certain service providers. These may also be located outside the European Economic Area (EEA) and Switzerland, in particular worldwide, i.e., in other countries around the world. For example, we may transfer data to authorities abroad if we are required to do so by law. Not all countries outside Switzerland and the EEA offer the same level of data protection as Switzerland. We therefore compensate for the lower level of protection by means of appropriate contracts, in particular the standard contractual clauses issued by the European Commission and recognized by the Federal Data Protection and Information Commissioner (FDPIC). In certain cases, we also transfer data in compliance with data protection regulations without these agreements, for example if you have consented to a specific data transfer or if the transfer is necessary for the fulfillment of the contract or the enforcement of legal claims or for overriding public interests. 

9. Duration of data processing

We store and process your personal data for as long as it is necessary for the purpose of processing (in the case of data related to contracts, this is usually for the duration of the contractual relationship), as long as we have a legitimate interest in storing the data (e.g., to enforce legal claims or to ensure IT security) and as long as the data is subject to a legal retention obligation (certain data is subject to a ten-year retention period, which we must comply with). After expiry of the storage or processing period, we will destroy or anonymize your personal data, unless there are legal or contractual obligations to the contrary. 

10. Rights of the data subject

Under applicable data protection law, you have certain rights that enable you to obtain further information about our data processing and to influence it. These are, in particular, the following rights: 

  • Google Analytics, an analytics service provided by Google LLC and Google Ireland Ltd. Google Ireland Ltd. is responsible for processing personal data. Google uses cookies and online advertising techniques to analyze specific information about the behavior of individual users on the website. Based on the analyzed data, Google provides us with evaluations, but also processes the data for its own purposes. Information on data protection at Google Analytics can be found here: https:// policies.google.com/privacy
    Facebook Pixel, an analytics tool provided by Meta Platforms Ireland Ltd. This enables us to control ads on Facebook and Facebook partners so that they are only shown to users who may be interested in the relevant advertising.
    The data is stored on servers in the EEA and the US. Users can direct access requests and other inquiries directly to Meta. Information on data protection at Meta can be found here: https: //www.facebook.com/privacy/policy.
  • Right to erasure and objection: You can object to our processing of your data and prevent us from further processing your data. You can also request the erasure of your personal data. However, we would like to point out that we may continue to process and store your data if we are legally obliged to do so. 
  • Right to data portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format or to have it transferred to a third party, provided that the data processing is based on your consent or is necessary for the performance of a contract.

If you exercise your rights as a data subject, we must verify your identity (e.g., by sending us a copy of your ID). The rights of data subjects described above are subject to legal requirements and restrictions. This means that it may not be possible to exercise these rights in full in every case. For example, we may still need to process your personal data in order to fulfill an order you have placed with us, to protect our own legitimate interests, or to comply with legal obligations. To the extent permitted by law (e.g., to protect the privacy of third parties and to protect our own legitimate interests, such as the existence of trade secrets), we may restrict or deny the exercise of your rights. Please also note that you have the option of contacting the competent data protection authority with your concern. 

11. Status of the Privacy Policy

This privacy policy is up to date and dated June 1, 2024.