Privacy policy LEANmade

The following data protection declaration provides information on how your personal data is processed in connection with the website (website) or in the context of the client relationship by LEANmade (LEANmade, we, us).

The following information is regularly reviewed and updated to ensure it is current.

The aim of this information is:

  • to provide you with comprehensive information about the processing of your personal data by LEANmade;
  • to inform you of your rights in relation to the processing of your personal data; and
  • to provide you with the contact details of the entity responsible for the processing of your personal data.

Your trust is important to us, therefore we take the issue of data protection seriously and pay attention to appropriate security. We commit ourselves to a responsible handling of your personal data. Of course, we comply with the provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (FADP), General Data Protection Regulation (GDPR) (EU) 2016/679, the Telecommunications Act (TCA) and, as far as applicable, other provisions of data protection law.

In order for you to know what personal data we collect from you and for what purposes LEANmade uses it, please take note of the following information.


1. Scope and purpose of the collection, processing and use of personal data

1.1 Visiting the website

When you visit the website, the servers of our IT-provider temporarily stores each access in a log file. The following data is collected without your intervention and stored until automated deletion by LEANmade:

  • Date and time of the access
  • IP address
  • By IP address the approximate location of the Internet connection is tracked
  • The operating system used e.g. Apple or Windows
  • The browser type e.g. Safari, Firefox, Explorer etc.
  • Where the access comes from; via Google, Yahoo etc. or directly by entering the https:// domain
  • Error messages
  • Details of the transferred data (e.g. the size of a question, answer or comment in the case of a blog post, for example)

The collection and processing of this data is done for the purpose of enabling the use of the website (connection establishment), to ensure system security and stability on a permanent basis and to enable the optimization of our Internet offer as well as for internal statistical purposes. In the purposes described above, there is a legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.

In the event of an attack on the network infrastructure or suspicion of other unauthorized or abusive website use, the IP address will be evaluated for reconnaissance and defense and, if necessary, used in criminal proceedings for identification and civil or criminal action against the users concerned. In the purposes described above, there is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.

Finally, cookies and other applications based on cookies are used when you visit the website. For further information, please refer to section 3 “Cookies”.


1.2 Contact by e-mail

You are responsible for the message and/or the transmitted content that you send to LEANmade. Personal data is only collected if you provide it to LEANmade voluntarily. Therefore, you are responsible for what data you transmit. In order to answer your questions, we may ask you to provide us with additional information, such as your address, telephone number, etc. LEANmade only collects personal data from you if this is necessary to answer your questions or to provide the services you have requested.

When processing your inquiry by e-mail, there is a legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR. You can object to this data processing at any time.

1.3 Contact via contact form

On our website, you can contact us via the contact form. Although the connection is secure, we ask you not to send us confidential data via this channel.

When processing your inquiry by contact form, there is a legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR. You can object to this data processing at any time.

1.4 Client relationship

In the context of a client relationship, LEANmade processes the following personal data, among others:

  • Your name and contact details (for example, name, address, telephone number or email address), information about the company for which you represent, your position or title and/or your relationship with a person, and other basic information);
  • Identification and background information that you provide to us or that we collect from you in the course of establishing the client relationship;
  • Billing and financial information, such as payment information;
  • Information that you have provided to us or that we collect from you in the course of providing services to you in connection with and for the purposes of the engagement, including communications related to the engagement;
  • Information related to documents and communications that we send to you electronically;
  • Any other information related to you that you provide to us.

LEANmade processes the information in order to communicate with you, to carry out conflict and reputation checks before beginning a client relationship, to be able to offer you the services or compliance advice you have requested, to bill you for the services and to manage the business relationship with you, including the assertion, enforcement and defense of legal claims.

The legal basis for the processing of your personal data for the preceding purposes lies in pre-contractual measures and the execution of a contract within the meaning of Art. 6 para. 1 lit. b GDPR, in the fulfillment of legal obligations according to Art. 6 para. 1 lit. c GDPR and, if applicable, in our legitimate interest in the targeted and efficient support of the client relationship within the meaning of Art. 6 para. 1 lit. f GDPR.


  1. Place of data storage

The personal data affected by and mentioned in the data protection regulations are stored exclusively in Switzerland.


  1. Cookies

A cookie is a small record stored in text files that are placed on your browser or other device when websites are loaded in the browser. Cookies are used to “remember” you and your preferences when you visit our website, either for a single visit (through a “session cookie”) or for multiple repeat visits (referred to as a “persistent cookie”). A session cookie is deleted when you close your browser or after a short period of time. A persistent cookie is kept for a specified period of time, after which it expires and is deleted.

Both the technical data LEANmade collects and cookies generally do not contain any personal data. However, personal data that LEANmade or third-party providers contracted by us store from you (e.g., if you have a user account with us or these providers) may be linked to the technical data or to the information stored in and obtained from cookies and thus possibly to your person.

Currently, the use of cookies is limited to the use of Google reCAPTCHA, a service of Google LLC, USA.  This set of cookies (rc::f, _grecaptcha, rc::a, _GRECAPTCHA and Priority) is set solely to identify and filter automated bots in order to protect the website against malicious spam attacks. We cannot attribute this information to you personally. You can refuse the use of cookies by selecting the appropriate settings in your browser. Please note, however, that this may affect the use of our website.

In the purposes described above, there is our legitimate interest in maintaining a stable and functioning website within the meaning of Art. 6 para. 1 lit. f GDPR.


  1. Links to our social media appearances

We also use social media plug-ins, which are small pieces of software that create a connection between your visit to our website and a third-party provider. The social media plug-in tells the third-party provider that you have visited our website and may send the third-party provider cookies that the third-party provider has previously placed on your web browser. For more information about how these third-party providers use your personal data collected through their social media plug-ins, please see below.

There are links on the Website to our social media appearances on the following social networks:

  • LinkedIn Corp, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA;
  • Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland

If you click on the corresponding icons of the social networks, you will automatically be redirected to our profile of the respective social network. In order to use the functions of the respective network there, you must partially log into your user account for the respective network.

When you open a link to one of our social media profiles, a direct connection is established between your browser and the server of the social network in question. This provides the network with the information that you have visited our website with your IP address and accessed the link. If you access a link to a network while logged into your account on the network in question, the content of our site may be linked to your profile on the network, i.e. the network may link your visit to our website directly to your user account. If you want to prevent this, you should log out before clicking on the relevant links. An assignment is made in any case when you log into the relevant network after clicking on the link.

We thereby receive data from you (e.g., when you communicate with us or comment on our content) and from the platforms (e.g., statistics). The providers of the platforms may analyze your usage and process this data together with other data they have about you. They also process this data for their own purposes (e.g., marketing and market research purposes and to manage their platforms), and act as their own data controllers for this purpose. For more information on processing by the platform operators, please refer to the privacy statements of the respective platforms.

If you click on one of these links, you thereby give your consent within the meaning of Art. 6 para. 1 lit. a GDPR to the following data processing.


  1. Disclosure of data to third parties

Personal data is passed on for the purpose of providing and maintaining the functionalities of the websites.

We share your personal data with the following categories of recipients:

Service providers: We work with service providers in Switzerland who process data about you on our behalf or in joint responsibility with us, or who receive data about you from us in their own responsibility (e.g. IT providers, accounting, contract processing and event organizer). We agree on contracts with these third parties regarding the use and protection of personal data.

Authorities: we may disclose personal data to offices, courts and other authorities in Switzerland and abroad if we are legally obliged to do so. The authorities then process this data on their own responsibility.

Counterparties and persons involved: If necessary for the fulfillment of our contractual obligations, in particular for the management of the client relationship, we will also disclose your personal data to counterparties and other involved persons (e.g. guarantors, financiers, affiliated companies, other law firms, respondents or experts, etc.).

Other persons: This refers to other cases where the inclusion of third parties results from the purposes according to section 1. This concerns, for example, delivery addressees or payment recipients specified by you, third parties in the context of agency relationships (e.g. your lawyer or your bank) or persons involved in official or legal proceedings. We may also disclose your personal data to our supervisory authority, in particular if this is necessary in individual cases to release you from our professional duty of confidentiality. If we cooperate with the media and provide them with material (e.g. photos), you may also be affected. In the course of business development, we may sell or acquire businesses, parts of businesses, assets or companies, or enter into partnerships, which may also result in the disclosure of data (including data about you, e.g. as a client or supplier or as their representative) to the persons involved in these transactions. Communications with our competitors, industry organizations, associations and other bodies may also involve the exchange of data relating to you.

All of these categories of recipients may in turn involve third parties, so that your data may also be made available to them. We can restrict the processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities).


  1. Job application

If you apply for a job with us, we obtain and process the relevant data for the purpose of reviewing the application and in order to assess your suitability for the position in question, conducting the application process and, in the case of successful applications, for the preparation and conclusion of a corresponding contract. For this purpose, in addition to your contact details and the information from the corresponding communication, we also process in particular the data contained in your application documents, the data mentioned in the job advertisement and the data as we can additionally obtain about you, for example from job-related social networks, the Internet, the media and from references, if you consent to our obtaining references.


  1. Right to information, deletion and correction

You can object to data processing at any time. You have the following rights:

  • Right to information: you have the right to request at any time, free of charge, to inspect your personal data stored by us, if we process them. This gives you the opportunity to check what personal data we process about you and that we use it in accordance with the applicable data protection regulations.
  • Right to rectification: you have the right to have inaccurate or incomplete personal data rectified and to be informed about the rectification. In this case, we will inform the recipients of the data concerned of the adjustments made, unless this is impossible or involves disproportionate effort.
  • Right to erasure: You have the right to have your personal data erased under certain circumstances. In individual cases, the right to erasure may be excluded.
  • Right to restriction of processing: you have the right, under certain circumstances, to request that the processing of your personal data be restricted.
  • Right to data transfer: you have the right, under certain circumstances, to receive the personal data you have provided to us free of charge in a readable format.
  • Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a competent supervisory authority about the way in which your personal data is processed.
  • Right of revocation: You generally have the right to revoke any consent you have given at any time. However, processing activities based on your consent in the past will not become unlawful as a result of your revocation.

If you wish to exercise your rights, please contact us; you will find our contact details below. In order to exclude misuse, we need to identify you (e.g. with a copy of your ID, if necessary). Please note that conditions, exceptions or limitations apply to these rights (e.g., to protect third parties or trade secrets, or due to our professional duty of confidentiality). We reserve the right to black out copies or to provide only excerpts for reasons of data protection or confidentiality.


  1. Retention periods

We will only retain your personal data for as long as necessary to provide you with services you have requested or for purposes for which you have given your consent.

Please note that certain data may be subject to special legal retention periods. This data must be stored by us until the end of the retention period. After that, business communication or concluded contracts, for example, must be stored for up to 10 years. We use them exclusively to fulfill our legal obligations.


  1. Data Security

We protect your personal data with appropriate physical, electronic and procedural safeguards, including firewalls, personal passwords, encryption and authentication technologies. Where personal data is collected via the website in individual cases, transmission is encrypted using the most common and secure data transmission method currently available, SSL “Secure-Socket-Layer”.

In this context, please also note that data transmitted via an open network such as the Internet or an e-mail service is openly accessible. If you share personal data over an open network, you should be aware that third parties can access this data and collect and use it for their own purposes.


  1. Contact

If you have any questions about data protection, if you would like information, or if you would like to request the deletion of your personal data, please contact us by email at Alternatively, you can write to:


LEANmade AG, General Wille Strasse 201, 8706 Meilen, Switzerland


Date: 27.09.2023