The data controller responsible for processing personal data in connection with this website and the services described on it is:
AOLONE SARL
acting under the brand Aolone Digital Group
Head office: Saint-Prex, Switzerland
For any questions regarding this Privacy Policy or the way we process personal data, you can contact us at:
Email: info@aolone.com
Website: https://www.aolone.com
Unless stated otherwise, references to “we”, “us” or “Aolone Digital Group” in this Privacy Policy refer to AOLONE SARL as the data controller.
We collect and process only the personal data that is necessary to provide our services, operate our website, and respond to institutional and commercial enquiries.
Data you provide directly
- Identification and professional details (such as name, job title, company name, business unit, country).
- Contact details (such as business email address, business telephone number, preferred language).
- Content of messages and files (such as information included in contact forms, RFPs, audit requests, or documents you voluntarily share with us).
- Account and preference information, where you register for alerts, newsletters, or specific digital services.
Data collected automatically
- Technical data (such as IP address, browser type and version, device identifiers, operating system, time zone setting, and approximate location based on IP).
- Usage data (such as pages visited, content viewed, referral sources, and interaction with website features).
Data from third parties
- Business contact details and company information from professional networking platforms, conference lists, or partners where this is lawful.
- Information from service providers supporting analytics, security, or marketing, to the extent permitted by applicable law.
We do not intentionally collect sensitive personal data (such as health or biometric data) through this website. If you choose to share such information with us, we will handle it with particular care and may ask you to remove it where not necessary.
We process personal data in line with applicable Swiss and European data protection regulations, including the EU General Data Protection Regulation (GDPR) where it applies.
Each processing activity is based on a clear purpose and a corresponding legal basis. Typically, we rely on one of the following legal bases:
- Performance of a contract or steps taken at your request prior to entering into a contract.
- Legitimate interests, where our interests are not overridden by your rights and interests.
- Compliance with legal obligations to which we are subject.
- Consent, where you have clearly agreed to a specific use of your data (for example, certain marketing communications).
The table below provides an overview of the main processing purposes, related data categories, and legal bases.
| Purpose | Data categories | Legal basis | Typical channels |
|---|---|---|---|
| Responding to contact, audit or RFP requests | Identification data, contact details, message content | Performance of a contract or pre-contractual steps; legitimate interests in responding to B2B enquiries | Website contact forms, direct email |
| Delivering consulting and packaged solutions | Identification data, professional details, project documentation | Performance of a contract; legitimate interests in managing client relationships | Contractual documentation, secure file exchange, email |
| Operating and improving our website and digital platforms | Technical and usage data | Legitimate interests in ensuring security, performance and relevance of our digital channels | Website logs, analytics tools |
| Sending institutional communications and insights | Identification data, contact details, preference information | Consent, where required by law; otherwise legitimate interests in informing existing or prospective clients | Newsletter registration, event forms, direct email |
| Compliance, risk management and legal claims | Identification data, contact details, transaction records, correspondence | Compliance with legal obligations; legitimate interests in establishing, exercising or defending legal claims | Corporate records, correspondence archives |
Our website uses cookies and similar technologies to function properly, to secure our digital environment, and to understand how visitors interact with our content.
Types of cookies we may use
- Strictly necessary cookies, which are required for basic site functionality such as security features and navigation.
- Performance and analytics cookies, which help us understand how visitors use the site so we can improve structure, content, and performance.
- Preference cookies, which remember certain choices (such as language preferences) to create a more consistent experience.
You can manage your cookie preferences through your browser settings and, where available, through a cookie banner or preference center on our website. If you disable certain categories of cookies, some parts of the site may not function optimally.
Where required by applicable law, we will ask for your consent before setting non-essential cookies. You can withdraw or update your consent at any time using the same mechanisms.
We do not sell personal data. We share personal data only when this is necessary, lawful, and subject to appropriate safeguards.
Service providers (processors)
We may engage carefully selected third-party providers to support our operations, such as providers of hosting, security, analytics, email delivery, event management, or professional tools. These providers act as processors and may only process personal data on our documented instructions and under contractual obligations of confidentiality, security, and compliance.
Professional advisers and partners
Where relevant, we may share data with external lawyers, auditors, tax advisers, or strategic partners involved in specific projects or transactions, always on a need-to-know basis and subject to appropriate confidentiality obligations.
Authorities and legal obligations
We may disclose personal data where required to do so by applicable law, regulation, court order, or regulatory authority, or to establish, exercise, or defend legal claims.
In all cases, we limit access to those who need the information to perform their role and ensure that recipients understand and respect applicable data protection obligations.
AOLONE SARL is headquartered in Switzerland and serves clients and partners across EMEA, the Americas, and Asia-Pacific. As a result, personal data may be transferred to, and processed in, countries outside the country in which it was originally collected.
When we transfer personal data internationally, we do so in line with applicable data protection requirements. Depending on the situation, this may include:
- Relying on adequacy decisions or equivalent mechanisms, where the destination country offers an appropriate level of data protection.
- Entering into standard contractual clauses or similar contractual safeguards with recipients.
- Implementing additional technical and organisational measures designed to protect data during transfer and in the destination location.
We will take steps to ensure that any international transfer of personal data is carefully assessed and that appropriate safeguards are in place to protect your information and your rights.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, to meet legal or regulatory requirements, and to resolve potential disputes.
Retention periods can differ depending on the type of data, the context of collection, and applicable legal obligations. Where it is not possible to specify a fixed period, we use clear criteria to determine how long data is kept.
The table below provides indicative retention periods and criteria for key data categories.
| Data category | Typical retention period or criteria | Main purpose |
|---|---|---|
| Contact and enquiry records | Generally up to 3 years after the last meaningful interaction, unless a longer period is required for legal or contractual reasons | Managing institutional relationships and responding to enquiries |
| Client and project documentation | For the duration of the engagement and for a period typically ranging from 5 to 10 years thereafter, subject to legal requirements | Providing services, contract management, compliance, and potential claims |
| Marketing and communication preferences | Until you withdraw consent, opt out, or we determine that the data is no longer accurate or relevant | Providing institutional updates and insights |
| Technical and usage data (logs, analytics) | For periods aligned with security, performance, and analytics needs, typically ranging from a few months to a few years in aggregated or anonymised form | Securing and improving our digital platforms |
Depending on the jurisdiction and the specific circumstances, you may have a number of rights in relation to your personal data.
These may include the right to:
- Access your personal data and receive information about how it is processed.
- Rectify inaccurate or incomplete personal data.
- Erase personal data in certain situations, for example where it is no longer needed for the purposes for which it was collected.
- Restrict the processing of your data in specific circumstances.
- Object to certain types of processing, in particular where processing is based on legitimate interests or relates to direct marketing.
- Data portability, where applicable, by receiving your data in a structured, commonly used, machine-readable format and transmitting it to another controller.
- Withdraw consent at any time where processing is based on your consent, without affecting the lawfulness of processing prior to withdrawal.
To exercise your rights, please contact us using the channels indicated in the “Privacy Contact Channels” section below. We may need to verify your identity before responding. We will handle your request in line with applicable data protection laws and within the relevant time limits.
We apply a combination of technical and organisational measures designed to protect personal data against unauthorised access, misuse, alteration, and loss.
These measures include, for example:
- Using secure hosting environments and network protections appropriate for enterprise-grade platforms.
- Implementing access controls and role-based permissions, so that only authorised personnel can access relevant data.
- Maintaining logical and physical safeguards, including monitoring for unusual activity and applying security updates.
- Using encryption and other protective measures where appropriate, in particular for data in transit.
- Providing internal guidance and awareness on data protection, confidentiality, and information security.
While no system can be completely secure, we regularly review and enhance our controls to align with evolving best practices and regulatory expectations.
We may update this Privacy Policy from time to time to reflect developments in our services, changes in applicable law, or adjustments to our internal governance and security practices.
When we make material changes, we will indicate this on our website and, where appropriate, notify relevant contacts through suitable channels (for example, institutional communications or direct email).
We encourage you to review this page periodically to stay informed about how we protect and use personal data.
If you have questions, concerns, or requests relating to this Privacy Policy or to the way AOLONE SARL processes personal data, you can contact us using the details below.
Primary contact for privacy matters
Email: info@aolone.com
Reference: “Privacy enquiry – Aolone Digital Group”
Please include sufficient information for us to understand your request and to identify you, so that we can respond efficiently and in a secure manner. We may contact you to clarify aspects of your request where necessary.
Where applicable, you may also have the right to lodge a complaint with a competent data protection authority. We encourage you to contact us first so that we can address your questions directly.