Public Data Protection Policy Statement
Your data privacy is important to us. We have made a commitment to comply with the requirements of the General Data Protection Regulation and Swiss Data Protection Law. We will only use personal data where we have specifically been informed of a person’s agreement for us to do so, and only for the purposes that they have agreed to. If we believe there is an additional need, we will make a new request to anyone whose personal data is needed to deliver a specific business objective.
If you wish to find out what data we hold about you, or to exercise your right to be forgotten, please contact us either by e-mail at dataprivacy at akceso.ch or by telephone at +41 61 225 4393. We aim to respond within 48 hours during normal business conditions.
Akceso Advisors AG
Aeschengraben 29.
CH-4051 Basel, Switzerland
Phone: +41 61 225 4393
Mail: contact@akceso.ch
LinkedIn: https://www.linkedin.com/company/akceso-advisors-ag
Data Privacy Policy
Valid as of 01-Sept-2023
Akceso Advisors AG (hereinafter Akceso) understands and fully supports the need for appropriate data privacy protection. This policy lays out the company’s approach to managing confidential and personal data, describing process steps, responsibilities and actions to be taken in ensuring that we comply with our legal obligations.
This document provides the key information from the detailed internal standard operating procedure.
Table of Contents
DEFINITIONS
This policy covers confidential data and personal identifying data. We define these terms as follows:
- Confidential data: any information from a third party that is not within the public domain, provided under confidentiality agreement to a representative of Akceso or entered into a system owned by Akceso
- Personal identifying data: any information related to an identifiable person who can be directly or indirectly identified in particular in reference to an identifier
INTRODUCTION
In the conduct of our business, Akceso Advisors AG sometimes needs to gather and use personal data about individuals and confidential data about organisations. These individuals and organisations can include customers, suppliers, business contacts, employees and other people that we have a business relationship with or may need to contact.
WHY THIS POLICY EXISTS
This policy describes how this data must be collected, handled, stored and deleted to meet our data protection standards, and to comply with legal requirements.
POLICY SCOPE
This policy applies to all staff, volunteers, contractors, suppliers and other parties working for or on behalf of Akceso.
It applies to all data that the company holds relating to identifiable individuals covered under the European Commission’s General Data Protection Regulation (GDPR) and Swiss Data Protection Law (nDSG, “neues Datenschutzgesetz”). This includes any personal information by which a specific individual can be identified, such as:
- Names of individuals
- Personal postal addresses
- Personal e-mail addresses
- Personal telephone numbers
- Company
- Role
DATA PROTECTION LAW
Akceso adheres to data protection standards as described under the European Commission’s General Data Protection Regulations (GDPR) and Swiss Data Protection Law (nDSG, “neues Datenschutzgesetz”), governing how an organisation must collect, handle, store and delete personal information that it holds in internal systems. These rules apply regardless of whether data is stored electronically, on paper or on other materials. To comply with legal requirements, personal information as defined by GDPR and nDSG (including, but not limited to, “data to be especially protected” such as administrative or judicial proceedings and sanctions and measures related to social support) as well as confidential information, must be collected and used fairly, stored safely and not disclosed unlawfully. In particular, it protects the rights of individuals to have their personal data removed from an organisation’s data management and storage systems.
DATA PROTECTION GUIDELINES
DATA COLLECTION
In any initial contact with an individual whose personal identifying data we require for execution of a project or for communication purposes, we shall request their explicit acceptance for us to store their personal data using an opt-in request, proof of which must be captured either in writing or by e-mail from the specific individual.
DATA USE
Akceso only uses personal identifying information and confidential data in the conduct of its business. Such data will only be used to share information updates, or as reference information for preparing reports, either for specific clients or general publications. Where it is intended for use in a report Akceso will obtain specific written agreement from the individual owner of the data intended to be used prior to incorporating it into any report or publication. If such agreement is not provided by the individual owner, the data in question will not be used but may be retained within Akceso’s systems unless requested to remove it.
Personal identifying data will not be sent outside of the Akceso e-mail environment using standard e-mail.
EXTERNAL DATA CONTROLLERS
This section of our Data Protection Policy outlines the key external partners who may have access to personal data, explains their roles as data controllers, and provides insights into how they handle the information by linking to their respective privacy policies.
- Newsletter service: MailChimp operated by The Rocket Science Group LLC | Privacy Policy: https://mailchimp.com/legal/
- CRM: OnePageCRM by Novus Via Limited | Privacy Policy: HTTPS://WWW.ONEPAGECRM.COM/PRIVACY/
- Data center/server hosting provider: Nine Internet Solutions AG | Privacy Policy: HTTPS://WWW.NINE.CH/EN/PRIVACY-POLICY
- File store: Tresorit AG | Privacy Policy: HTTPS://TRESORIT.COM/LEGAL
- Electronic Signature: DropBox Sign | Privacy Policy: HTTPS://WWW.HELLOSIGN.COM/ABOUT/PRIVACY
- Office Applications provided by Microsoft | Privacy Policy: HTTPS://PRIVACY.MICROSOFT.COM/
DATA RETENTION/STORAGE
Employees and contract staff take all reasonable steps to ensure that all personal and confidential data is kept secure within company systems.
DATA DISCLOSURE
Personal identifying data is never shared informally. Such data will never be disclosed to unauthorised people, either within the company or externally, without the express permission of the specific individual, and only for the agreed purpose in disclosing that data.
DATA DISPOSAL
Akceso retains all information associated with specific projects for at least 5 years following the final completion date of the project, unless requested to remove information from its systems by its clients. Any personal or confidential information held as part of these archived projects is held solely for internal record keeping in the event of a follow-up project or as supporting evidence for any legal proceedings.
DATA BREACH
Although we will use our best efforts to protect all personal and confidential data, we recognise that a breach may still arise. All employees and contract staff are required
to immediately communicate the nature of an actual or suspected breach to the Data Protection Officer and the CEO, as soon as they become aware of the issue. Anyone whose personal data might be affected by a breach will be contacted within 72 hours of the breach being discovered to ensure that they are aware of what has happened and can take any additional steps required to mitigate the incident.
SUBJECT ACCESS REQUESTS
If an individual contacts the company to request what information Akceso holds on them, this is called a subject access request. All individuals whose personal data is held by Akceso are entitled to:
- Ask what information the company holds about them and why.
- Ask how to gain access to it.
- Be informed how to keep it up to date.
- Be informed how the company is meeting its data protection obligations.
- Request that their data be removed from Akceso’s systems
Subject access requests from individuals should be made by email, addressed to the Data Protection Officer at dataprivacy at akceso.ch. The data protection officer can supply a standard request form, although individuals do not have to use this. The data protection officer will aim to provide the relevant data within 14 days. The data protection officer will always verify the identity of anyone making a subject access request before handing over any information.
PROVIDING INFORMATION EXTERNALLY
Akceso aims to ensure that individuals are aware that their data is being processed, and that they understand:
- How the data is being used
- How to exercise their rights
To these ends, the company has a privacy statement, setting out how data relating to individuals is used by the company. The following text will be provided on the Akceso web site and as a link in electronic and paper marketing communications
Public Data Protection Policy Statement
Your data privacy is important to us. We have made a commitment to comply with the requirements of the General Data Protection Regulation and Swiss Data Protection Law. We will only use personal data where we have specifically been informed of a person’s agreement for us to do so, and only for the purposes that they have agreed to. If we believe there is an additional need, we will make a new request to anyone whose personal data is needed to deliver a specific business objective. If you wish to find out what data we hold about you, or to exercise your right to be forgotten, please contact us either by e-mail at dataprivacy at akceso.ch or by telephone at +41 61 225 4393. We aim to respond within 48 hours during normal business conditions.
Read the recent posts in our blog
Mind the communication gap in patient access
Read the story of how the clear communication unlocked the market access potential of an innovative product for our client.
Akceso’s ‘Evidence-based Asset Valuation’ methodology
What the three-part evidence-gathering method includes and how it helps to achieve both patient- & public health benefit and long-term economic success.
How a hostage negotiator can inspire business leaders?
Read the thoughts of András Incze related to the Advanced High-Performance Leadership (HPL) program led by Professor George Kohlrieser.
