Frizzy Foundation
Data Protection Declaration for Frizzy Foundation
The following data protection declaration deals with all processing of personal data by the Frizzy Foundation (FF or we).
FF is a non-profit organisation established as a foundation under the laws of Switzerland. FF is registered in the commercial registry of the canton Graubünden under the number CHE-407.298.498 located Via dal Bagn 3, 7500 St. Moritz, Switzerland.
The website located at (FF-website) is operated by FF.
We take data protection very seriously and are committed to the protection of personal data. We comply with the legal requirements of the Swiss Federal Data Protection Act, the Ordinance on the Federal Data Protection Act and other data protection provisions that may be applicable, in particular the General Data Protection Regulation of the European Union (GDPR).
In the following, we would like to inform you of how we treat personal data.
Please note that we may amend this privacy policy from time to time. We therefore recommend that you consult this privacy policy regularly.
1. Scope and purpose of personal data collection, processing and use
a. when visiting our website
When you visit our website, our servers temporarily store each access in a log file. The following data is collected and stored, without any action on your part, until it is automatically deleted after twelve months at the latest:
This data is collected and processed for the purpose of allowing the use of our website (establishing a connection), ensuring system security and stability in the long term.
The IP address will be evaluated for clarification and defence purposes only in the event of an attack on the website’s network infrastructure or in case of a suspicion of unauthorized or abusive use of the website. It may further be used for identification purposes in criminal proceedings and in the context of civil and criminal proceedings against the concerned individual, as necessary and required.
In the case that GDPR applies to the processing of your personal data ,we rely on our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR to process the data for the above mentioned purposes.
b. within the scope of the foundation's purpose
In addition to the aforementioned data processing in connection with the website, we might process on- and offline, the following personal data of our correspondents, e.g. donors or other interested and/or supporting parties, grantees, grantees under exploration, parents, legal guardians of grantees or other supporting individuals or partners etc.:
This data is collected and processed for the foundation’s purpose to supporting projects that help children with learning difficulties and, in general, children in need in Switzerland and abroad. Further, data processing can occur within the framework of activities, which are only indirectly related to the foundation, but are of fundamental importance for the achievement of the foundation's purpose (e.g. fundraising events).
In the case that GDPR applies to the processing of your personal data, our legal basis for the mentioned data processing activities is the execution of a contract within the meaning of art. 6 para. 1 lit. b GDPR (execution and administration of scholarships). We further rely on our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR.
c. when contacting us via e-mail
On our website, we have provided our e-mail-address (, which you can use to get in touch with us regarding questions about our foundation, its purposes, projects etc. We collect and process your e-mail-address and all further information that you voluntarily disclose in order to answer your request and / or questions. In the case that GDPR applies to the processing of your personal data, we rely on our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR to process the data for these purposes.
2. Disclosure or transfer of personal data to third parties
We will only transfer your personal data to third parties if you have given your express consent, if there is a legal obligation to do so, or if it is necessary for the enforcement of our rights, in particular to assert claims arising out of the contractual relationship. In addition, we may transfer your data to third parties as far as it is necessary for the use of the website or the foundation's purpose, the processing of your contact requests or the sending of communications. The use of the data forwarded for these purposes by third parties is strictly limited to the stated purposes.
3. Transmission of personal data abroad
In relation to the above uses of your personal information and the above sharing arrangements, your personal data may be transferred to, stored and processed in one or more countries outside the European Economic Area (EEA), including countries, which do not provide equivalent protection for personal information. If the level of data protection in any country does not meet the requirements of the DPA and the GDPR, we will take reasonable steps to ensure that your personal data is adequately protected.
4. Cookies
Cookies help to make your visit to our website easier, more convenient and more relevant. Cookies are small files containing information, which are automatically stored on your computer's hard disk when you visit our websites.
This website does only use so-called session cookies. Session cookies are not permanently stored on your computer and disappear automatically when the browser is closed. The use of the session cookies is strictly limited to the session’s transmission of identifiers (consisting of random numbers generated by the server) necessary to enable safe and efficient website exploration. The session cookies used on this website avoid the use of other information technologies that could potentially compromise your privacy.
5. Information, deletion, limitation of processing and correction rights, right to data transferability; right to complain to a supervisory authority
You can object to data processing at any time, especially data processing in connection with direct advertising (e.g. against advertising e-mails). You also have the following rights:
Information right:
You have the right at any time to request access to your personal data stored by us. This gives you the opportunity to check which personal data we process about you and that we use it in accordance with applicable data protection regulations.
Correction right:
You have the right to have inaccurate or incomplete personal data corrected and to be informed of the correction. We will inform the individual concerned of the adjustments made to any incorrect data, unless such notification is impossible or involves a disproportionate effort.
Deletion right:
You have the right to require us to erase your personal information which we are handling in the following circumstances
Right to limitation of processing:
You have the right, under certain conditions, to request that the processing of your personal data be restricted.
Data transferability right:
Provided that you have your residence in an EU or EEA member country, you have under certain circumstances the right to receive from us the personal data that you have provided to us free of charge in a readable format.
Complain right:
Provided that you have your residence in an EU or EEA member country, you have the right to lodge a complaint with a competent supervisory authority against the way in which your personal data is processed.
Right of revocation:
In principle, you have the right to revoke your consent at any time. In the past, however, processing activities based on your consent will not become unlawful as a result of your revocation.
6. Data security
We use suitable technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
We also take internal company data protection very seriously. Our employees and all service providers that we retain are required to maintain a secrecy and to comply with applicable data protection legislation. In addition, they are granted access to personal data only insofar as this is necessary for them to carry out their respective tasks or mandate.
7. Data retention
We only save personal data for as long as necessary for the purposes as mentioned above. Contractual data, if available, will be retained longer by us as this is stipulated by statutory retention obligations. Retention obligations that require us to retain data result from accounting regulations and thus under fiscal law. In accordance with these provisions, business communication and concluded contracts are to be retained for up to 10 years. If we no longer require these data to carry out services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.
8. Contact
If you have any questions regarding data protection, if you would like to receive information or exercise your rights, please contact us by email at
November 29th, 2019