Privacy Policy

At MSF, we understand that trust is fundamental to any successful partnership. As a provider of OT and IT security expertise to our corporate clients, we place the highest priority on safeguarding both our and our clients’ data. Below, we outline how we ensure the protection of information and maintain privacy across all our operations.

Our Commitment to Security

We are committed to the protection of all information assets from threats, both external and internal. We have implemented comprehensive security measures and continuously monitor our systems to uphold a safe and secure environment. Our approach to information security includes:

• Continuous Monitoring – We ensure that any potential threats are continuously identified and mitigated.
• Proactive Threat Detection – By Using advanced threat intelligence tools, we proactively identify and address vulnerabilities to keep your data safe from evolving cyber threats.
• Incident Response – We have a well-defined incident response plan that enables us to quickly contain, eradicate, and recover from any security incident to minimize potential impact.

Data Protection and Privacy Practices

We respect your privacy and are committed to protecting your personal and corporate information. Our data protection strategy includes:

• Data Minimization – We collect and process only the information that is necessary for delivering our services, and we limit the storage of data to the minimum duration required for business purposes.
• Encryption – Sensitive information is protected using industry-standard encryption both in transit and at rest. This ensures that any data we store or transmit remains confidential.
• Access Control – Access to client information is strictly restricted to authorized personnel only, following the ‘least privilege’ and ‘need to know’ security principles. All access is continuously monitored and logged.

Compliance and Regulatory Adherence

We adhere to all applicable legal and regulatory requirements related to data privacy and security, including:

• Data Privacy Laws – We comply with the data protection regulations New Federal Act on Data Protection (nFADP) and General Data Protection Regulation (GDPR).
• Information Security Management System – Our security practices align with the established standard ISO 27001.

Risk Management and Employee Training

To ensure that our security practices remain effective and responsive:

• Risk Assessments – We conduct regular risk assessments to identify and manage vulnerabilities in our systems. This includes internal and external security audits to ensure all practices are up-to-date and robust.
• Staff Training – Each member of our team undergoes regular security awareness training to understand the importance of data security, privacy, and incident response. We foster a culture of vigilance to protect our clients’ information.

Third-Party Security

When working with third-party service providers, we conduct due diligence to ensure their security practices meet our standards. We have established agreements to ensure that all third parties adhere to strict confidentiality and data protection obligations.

Access to your data by our agency

In order to maintain and develop the website, analyse the website traffic data, administer competitions and answer queries, we have signed a data processing contract with Compresso AG, Seestrasse 49, 8702 Zollikon, tel. +41 43 488 86 00, , compresso.ch.

Your data is processed for the purposes to which you have consented and is not transferred to third parties under any circumstances.

Cookies

This website uses cookies, which are small text files stored on your device and accessed by your browser. Using cookies makes this website more user-friendly and secure.

Common browsers offer the option not to accept cookies. Note: unrestricted access to all the functions of this website cannot be guaranteed if you make the corresponding settings.

We use the “Cookiebot” service to monitor and ensure consent to all cookies on the website. The latest summary of all cookies can be accessed at any time via this link. Users can also make individual cookie acceptance settings here.

Your Rights and Contact Information

We understand that our clients and users may have questions or concerns regarding the handling of their data. You have the right to:

• Request Access – Obtain information about the data we hold about you.
• Request Correction or Deletion – Ask us to update or delete any inaccurate or unnecessary information.
• Raise Concerns – Report any security or privacy concerns you may have.

For any inquiries related to security or data protection, please contact our Data Protection Officer at

Changes to This Policy

We reserve the right to update this policy as needed to reflect changes in our practices, legal requirements, or advancements in technology. Any updates will be posted on our website.

Thank you for placing your trust in MSF. Our commitment to protecting your data and maintaining the highest standards of security and privacy remains at the core of everything we do.