Privacy Notice for Data Safety and Literacy Training

DatenTopWeg collects and processes personal data to deliver training, manage accounts and improve course content through analysed outcomes. This notice explains categories of information we obtain, the purposes of processing, legal bases we rely on and the rights available to learners and organisation representatives. Content emphasises case examples and scenarios used during courses and explains how we keep training records to track learning progress without unnecessary retention.

2026-03-13 DatenTopWeg, Avenue Paul-Ceresole 14, 1800 Vevey, Switzerland. Phone: +41768671026. Business ID: CHE-757.704.287. Avenue Paul-Ceresole 14, 1800 Vevey, Switzerland [email protected]

Key definitions

To help interpret this notice, we define core terms used across our privacy statements, with examples tied to training activities and participant interactions.

Personal data means any information relating to an identified or identifiable natural person. Examples in the training context include names, email addresses, employer, role, and course completion records used in case-study feedback.
Processing covers any operation performed on personal data, such as collection, storage, analysis, anonymisation, reporting and secure disposal. Practical processing examples include scoring scenario exercises and producing anonymised training summaries.
User refers to a trainee, course administrator or trainer who accesses DatenTopWeg services. Users participate in scenario workshops, submit exercises and receive feedback specific to their training pathway.
Service refers to the data safety and literacy training offered by DatenTopWeg, including online modules, live workshops, scenario simulations and reporting tools hosted at DatenTopWeg.pro.
Cookies are small data files placed on a device to support session management, remember preferences and collect analytics. We describe cookie types used during course access and for user experience improvements.

What data we collect

We collect only the data necessary to deliver training, evaluate outcomes and comply with legal requirements. Data categories and practical examples are listed below to show typical items collected during course enrolment, participation and follow-up.

Data you provide directly

During registration and participation learners may supply personal and organisational information to create accounts, personalise learning and support scenario-based training.

  • Contact information: full name, business email and phone number supplied at registration for course access and scheduling.
  • Organisation details: employer name, department, role and business ID when courses are purchased or tailored for a corporate client.
  • Training inputs: answers to scenario exercises, uploads used in case studies, and free-text reflections submitted for feedback.
  • Payment and billing information: invoicing details and organisation billing contact used to process course fees for paid plans.
  • Preferences and consent choices: language preferences, communication preferences and recorded consents relevant to optional features.
  • Support correspondence: messages platform with trainers or support staff when troubleshooting access or clarifying a scenario outcome.

Data collected automatically

Some information is generated by systems when users interact with the platform. These items help improve course delivery, measure scenario effectiveness and secure the service.

  • Usage metrics: module completion timestamps, quiz scores and time spent on scenario exercises captured for performance tracking.
  • Technical data: IP address ranges, browser type, device type and operating system used to access training resources.
  • Session logs: login attempts, session durations and error reports used to diagnose technical problems during live simulations.
  • Aggregated analytics: anonymised summaries of outcomes across cohorts used to refine case scenarios and identify common gaps.
  • Cookie identifiers and similar technologies used to maintain session state and track preferences across visits.
  • Performance telemetry from simulation tools that helps trainers evaluate response times and decision-making patterns.

Data from third parties

Occasionally we receive information from external partners to enrich training context or manage corporate accounts. Third-party data is handled consistently with this privacy notice.

  • Corporate HR or training administrators may supply participant lists and role data for group enrolments and tailored scenarios.
  • Payment processors provide transaction confirmations and billing details necessary to reconcile invoices for paid courses.
  • Analytics providers supply aggregated usage reports and anonymised benchmarks to improve course design.

Why we process personal data

Processing serves defined purposes tied to delivering practical training, running scenario exercises, maintaining security and fulfilling legal or contractual obligations.

  • To deliver training modules, simulate breach scenarios and provide personalised feedback to participants and authorised managers.
  • To manage accounts, handle enrolment, billing and scheduling of workshops for individual learners and corporate clients.
  • To evaluate learning outcomes and improve course content using anonymised case-study analytics and cohort comparisons.
  • To provide support and communications about course logistics, scenario updates and follow-up recommendations.
  • To maintain security of the platform, detect misuse during simulations and respond to suspected incidents affecting course data.
  • To comply with legal obligations and respond to lawful requests from regulators, courts or other competent authorities.
  • To enable optional research collaborations with partners after obtaining appropriate consents and anonymising personal identifiers.
  • To preserve records of completed training where retention is required for contractual compliance or internal audit purposes.

Legal bases for processing

We rely on appropriate legal bases depending on the processing purpose and user relationship. Examples below explain typical bases used for training operations.

  • Performance of a contract: processing necessary to provide the training services requested by a learner or corporate client.
  • Consent: where optional features (such as research participation or marketing communications) require explicit user consent.
  • Legal obligation: processing necessary to comply with statutory or regulatory duties relevant to business records and billing.
  • Legitimate interests: limited processing for platform security, fraud prevention and improvement of services, balanced against user rights.

Rights under applicable data protection laws

Participants have rights regarding their personal data. Although Switzerland has its own data protection framework, we align practices with common international standards and describe rights available to learners.

  • Right of access: request a copy of personal data we hold about you, including training records and scenario submissions.
  • Right to rectification: ask us to correct inaccurate or incomplete personal information used in course administration.
  • Right to erasure: request deletion of personal data when retention is no longer necessary and no legal or contractual reason requires continued storage.
  • Right to restriction and objection: in certain circumstances you may ask us to limit processing or object to specific uses such as direct marketing.
  • Right to data portability: where applicable, receive personal data in a structured, commonly used format for transfer to another provider.
  • To exercise rights or ask questions, contact our privacy team at the address listed below; we respond with steps and, where required, identity verification.

Cookies and similar technologies

DatenTopWeg uses cookies to enable session functionality, remember preferences and collect anonymised analytics to improve scenario effectiveness. Below we describe types and how to manage them.

We use session cookies for login, persistent cookies for preferences, and analytics cookies to measure usage patterns across training modules. No profiling cookies are used without consent.

Categories include strictly necessary cookies for platform operation, performance cookies for aggregated analytics, and optional cookies for personalised settings or A/B testing.

Users can manage cookie preferences via the cookie banner on DatenTopWeg.pro or via browser settings. Opting out of performance cookies will not prevent access to essential learning modules.

Read our full cookie policy at DatenTopWeg.pro/cookie-policy

When we share data

Sharing is limited to processors and partners that support training delivery and improvement. Contracts require appropriate controls and permitted uses aligned with this notice.

  • Service providers: cloud hosting, learning platform vendors and analytics providers process data on our behalf under written agreements.
  • Corporate clients: with consent or contractual basis, training results and completion records are shared with an authorised client contact for internal reporting.
  • Research partners: anonymised and aggregated outcome data may be shared for educational research under strict confidentiality terms.
  • Legal and regulatory requests: personal data may be disclosed to comply with lawful orders, subpoenas or claims by competent authorities.
  • Professional advisers: auditors and legal advisers may receive limited information when necessary for compliance or dispute resolution.
  • Acquirers or business partners: in the event of a restructuring or sale, personal data necessary for transfer of the training relationship may be shared under confidentiality safeguards.

International data transfers

Training services may involve processing in jurisdictions outside Switzerland. Transfers occur only when appropriate safeguards are in place to protect personal data and preserve participant rights.

We rely on mechanisms such as data processing agreements with standard contractual clauses, reliance on adequacy decisions where applicable, and careful vendor selection to ensure equivalent protection during cross-border processing.

Data retention

We retain personal data only as long as necessary for the purposes described, for contractual obligations, or to meet legal or regulatory requirements. Retention periods take into account the needs of scenario documentation and organisational audits.

Account information for active learners is retained for the duration of the training relationship and for a defined period thereafter to support refresher courses and certificate verification.

Support correspondence and case-study submissions are retained for up to 24 months unless a longer period is required for dispute resolution or compliance reasons.

Technical logs and session data are kept for a limited period (typically up to 12 months) to support incident analysis and platform stability improvements, then aggregated or deleted.

When data is no longer required, it is deleted or irreversibly anonymised. Requests for earlier deletion are assessed against contractual and legal constraints and handled on a case-by-case basis.

Security of personal data

DatenTopWeg implements technical and organisational measures to protect training data from unauthorised access, accidental loss or misuse. Security decisions are informed by incident case studies and risk-based reviews performed periodically.

  • Encryption in transit and at rest for stored course materials and participant records, following industry-standard encryption protocols.
  • Role-based access controls and least-privilege principles for trainers, administrators and service providers involved in scenario delivery.
  • Regular backups, vulnerability testing and documented incident response procedures exercised through simulated breach scenarios.

Your rights and how to exercise them

Participants and contacts have rights to access, correct and control their personal data. We provide clear channels to submit requests and describe typical timelines for responses.

  • Access: request a copy of personal data we hold, including training records and scenario submissions. We will verify identity and respond within a reasonable timeframe.
  • Rectification and deletion: ask for incorrect data to be corrected or for personal data to be deleted, subject to legal and contractual retention obligations.
  • Object and portability: where applicable, object to certain processing activities or request a machine-readable export of personal data for transfer to another provider.
  • Right to restriction of processing: You may request that DatenTopWeg limit processing of your personal data in specific scenarios such as when accuracy is contested or processing is unlawful but you oppose erasure. Requests are assessed case by case and prioritized according to applicable Swiss and EU data protection rules.
  • Right to data portability: Where processing is based on consent or contract and automated, you can request a machine-readable copy of personal data you provided. We provide data in common formats (CSV, JSON) and include examples and step-by-step scenarios to help you reuse the dataset safely.
  • Right to object: You may object to processing based on legitimate interests or public tasks. For training or analytics that rely on operational needs, we explain activity-offs via practical case studies and offer alternatives where feasible.
  • Right to withdraw consent: If you previously gave consent for newsletters, analytics, or research participation, you can withdraw it at any time. Withdrawal stops future processing but does not affect processing performed before withdrawal; example scenarios are provided to show effects.
  • Right to lodge a complaint: If you consider your rights infringed, you can contact our data protection contact or, for Swiss/EU residents, file a complaint with the relevant supervisory authority. We document complaint handling with case examples and response timelines.

How to exercise your rights

To exercise any privacy right, submit a request via our contact form at DatenTopWeg.pro/contact or by postal mail to Avenue Paul-Ceresole 14, 1800 Vevey, Switzerland. In your request describe the right you want to exercise and include identifiers to help us locate your data. We provide templates and illustrative scenarios to guide you through the process.

[email protected]

We aim to respond to rights requests within one calendar month. Complex requests or those requiring verification may extend the response time; in such cases we will inform you about the expected timeframe and provide a practical example of the verification steps.

Marketing communications and choices

DatenTopWeg uses contact details you provide for relevant updates about our data safety and literacy training programs. Marketing messages are minimal and clearly labeled. We include sample preferences and real-world scenarios in our help centre showing how to manage consent and tailor communications.

To stop receiving marketing communications, use the unsubscribe link in any email or adjust your preferences via your account settings on DatenTopWeg.pro. For guided examples, consult our unsubscribe walkthrough with screenshots and expected timing.

Children and young people

Our services are designed for professionals and adult learners. We do not knowingly collect personal data from children under 16. If we become aware of such collection, we will take steps to delete the data. The site contains case studies about teaching digital safety to teenagers framed for educators and parents.

Links to third-party sites

DatenTopWeg.pro may link to external resources and partners. These links are provided for convenience and educational value in case studies and do not imply endorsement. Third-party sites have their own privacy practices; we recommend reviewing their policies before sharing personal data.

Changes to this privacy policy

We update this policy to reflect legal, technical, or operational changes. Substantial updates will be announced on DatenTopWeg.pro and summarized in case-style change notes that explain what changed and how it affects learners. The effective date is shown at the top of the policy.

Contact for privacy matters

For privacy inquiries, data access requests or to discuss training data practices, contact: DatenTopWeg Data Protection, Avenue Paul-Ceresole 14, 1800 Vevey, Switzerland. Business ID CHE-757.704.287. You may also use the contact form at DatenTopWeg.pro/contact; include details and relevant case references for faster handling.