Privacy Policy

In compliance with the Swiss Federal Act on Data Protection (FADP) and, where applicable, with Regulation (EU) 2016/679 (GDPR), this document defines the privacy policy of ProgeSwiss Sàrl regarding the management of personal data processed through the ProgeSwiss Corporate Website (hereinafter referred to as the "Website").

ProgeSwiss will process personal data according to the principles of lawfulness, good faith, transparency, proportionality, purpose limitation, storage limitation, accuracy, integrity, and confidentiality.

1. Data Controller and Contact Information

The Data Controller is ProgeSwiss Sàrl, headquartered at Eysins (district of Nyon in the canton of Vaud in Switzerland), Business Park Terre-Bonne, Route De Crassier 7 – 1262.

For any inquiries related to the protection of personal data, you can contact:

Data Protection Contact:

Email: privacy@progeswiss.com

2. Personal Data Processed

The following types of personal data are processed through the Website:

Browsing data (e.g. IP addresses, device identifiers, and website usage data):
Personal data whose transmission is implicit in the use of Internet communication protocols, such as IP addresses or the domain names of the computers used by users who connect to the Website, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, and the numerical code indicating the status of the server's response (success, error, etc.).
This data is used solely to obtain anonymous statistical information on the use of the Website, to monitor its correct operation, to detect anomalies and/or misuse, and is deleted after processing.
Data voluntarily provided by the user:
Should a natural person, in using certain Services of the Website, submit Personal Data relating to third parties, they shall act as the independent Data Controller, assuming all legal obligations and responsibilities under applicable data protection laws.
In this regard, the user expressly indemnifies ProgeSwiss from any liability, dispute, or claim for compensation that may be brought against ProgeSwiss by such third parties whose Personal Data has been processed through the Website, in violation of the GDPR or other applicable data protection regulations.

3. Purpose and Legal Basis of Processing

The processing has the following purposes:

Responding to contact requests, information requests, and participation in events, meetings, webinars, workshops, etc., organized by ProgeSwiss or its parent company Proge-Software S.r.l., including those held outside the European Union;
Evaluation of job applications;
Compliance with legal obligations.

Legal basis:

FADP Art. 6 et seq. and, where applicable, GDPR Art. 6 as subsequently amended and supplemented.

Processing is based on consent, performance of pre-contractual measures, or compliance with legal obligations.

4. Data Retention

Personal data will be retained for no longer than is necessary to achieve the purposes listed above and, in any case, no longer than 2 years, unless legal obligations require a longer period.

5. Data Communication and Transfer

Personal data may be shared with:

To individuals authorized by ProgeSwiss to process Personal Data insofar as it is necessary to perform tasks directly related to the submitted requests;
Third parties, public bodies, or authorities to whom your personal data must be disclosed by law;
The Controlling company Proge-Software and business partners, including those located outside Switzerland or the European Union (where recipients are located in countries without an adequate level of data protection, ProgeSwiss will implement appropriate safeguards such as standard contractual clauses).

No public disclosure of personal data is envisaged.

6. Cookies Policy

The ProgeSwiss website, like that of the parent company Proge-Software, uses cookies to make browsing simple and efficient for users who visit its pages.

A web cookie is a small text file that stores a set of information on the user’s device when visiting a website. Cookies typically contain the domain name, the cookie’s lifespan, and a value — usually a randomly generated unique number.

Cookies are generally divided into two categories:

Essential/necessary cookies, which do not require user consent;
Other types of cookies, which require explicit user consent via a banner.

Essential/Necessary Cookies

These types of cookies are crucial for the proper functioning of the website or necessary to perform activities requested by the user, without collecting any personally identifiable data. Without these cookies, certain services may not work correctly.

Among the technical cookies that do not require explicit consent, the data protection authorities include:

Browsing or session cookies;
Analytics cookies, if used directly by the website operator to collect aggregate and anonymous statistics about site visits and preferences;
Functionality cookies, which allow the website to remember user-selected settings (e.g., preferred language) to enhance future visits.

The website uses certain cookies that are not strictly necessary and therefore require the user’s prior and explicit consent, in accordance with applicable data protection laws.

HubSpot Cookies:

__hstc
The main tracking cookie. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (current visit), and session number.
(Expiration: 2 years)
_hubspotutk
Used to track a visitor’s identity.
(Expiration: 10 years)
__hssc
Tracks sessions. It contains the domain and timestamp of session start.
(Expiration: 30 minutes)
__hssrc
Used to determine if the user has restarted the browser.
(Expiration: session)

Wix Cookies:

svSession
A persistent visitor identifier that may be used for analytics and/or tracking purposes.
(Expiration: 2 years)

Cookies Not Requiring Consent

The following cookies are considered strictly necessary for the website to function properly and do not require the user’s prior consent:

bSession
Identifies a single session for internal analysis.
(Expiration: 1 year)
consent-policy
Stores the user's cookie consent preferences.
(Expiration: 2 years)
hs
Ensures session security by protecting the site from XSS attacks.
(Expiration: session)
server-session-bind
Helps maintain the user session with the appropriate server to ensure proper load balancing.
(Expiration: session)
XSRF-TOKEN
Provides protection against Cross-Site Request Forgery (CSRF) attacks.
(Expiration: session)

Third-Party Cookies

This type of cookie integrates features developed by third parties (e.g., Facebook, Twitter, YouTube, etc.) into the website’s pages — for example, to allow content sharing or to use external software services.

These third parties have their own privacy and cookie policies, which may differ from ProgeSwiss policy. ProgeSwiss assumes no responsibility for these third-party practices.

User Consent

Consent is requested through a dedicated popup window (cookie banner).

All browsers allow users to manage their cookie preferences. This means that cookies can be deleted after visiting the website or blocked entirely beforehand. However, please note that certain parts or functionalities of the website rely on cookies, and disabling them may prevent proper operation or access to specific services.

To allow, block, or delete cookies (in whole or in part), use your browser’s specific features (e.g., Internet Explorer, Firefox, Chrome, Safari, etc.) and refer to the relevant instructions.

7. Data Security

ProgeSwiss implements appropriate technical and organizational measures to safeguard personal data against unauthorized access, loss, disclosure, or modification.

In the event that your personal data must be communicated to ProgeSwiss’s parent company or Business Partners, the Data Controller shall adopt suitable and effective security measures to ensure the protection and confidentiality of such data.

8. Data Subject Rights

In accordance with the FADP and, where applicable, the GDPR, users have the following rights:

Access to personal data;
Rectification of inaccurate data;
Erasure of data (right to be forgotten);
Restriction of processing;
Objection to processing;
Data portability.

To exercise these rights, please send a request to privacy@progeswiss.com.

9. Complaints

If users believe their rights have been violated, they may lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC), or, where applicable, with another competent supervisory authority.

10. Amendments

This Privacy Policy is subject to updates and changes. Users are encouraged to periodically review this page to stay informed about any updates.