Download here – NatureFinance Data Privacy Policy
NatureFinance Privacy Policy
Nature Finance is committed to protecting the confidentiality and privacy of information entrusted to us. We comply with the EU General Data Protection Regulation (GDPR), the Swiss Federal Act on Data Protection (FADP) and the UK Data Protection Act 2018. Please read this Privacy Policy to learn about your rights, what information we collect, how we use and protect it.
1.Who are we?
We, Nature Finance, located at Rue du Rhône 65, 1204 Genève, Switzerland, are the operator of the website www.naturefinance.net and are, unless otherwise stated in this Privacy Policy, responsible for the data processing described in this Privacy Policy. This Privacy Policy covers all our operations.
2. Who can you contact for privacy questions or concerns?
If you have questions or comments about this Privacy Policy or how we handle personal data, please direct your correspondence to: contact@naturefinance.net . We aim to respond within 10 days from the date we receive privacy-related communications.
You may also contact the Swiss Federal Data Protection and Information Commissioner (FDPIC) or the data protection authority at your place of residence to report concerns you may have about our data handling practices.
3. How do we collect personal data?
We collect personal data directly from individuals in various ways, such as when individuals provide us with their business cards, contact us via email, subscribe to our newsletters, apply for recruitment opportunities, or establish a business relationship with us (e.g., through professional services or contracts).
3.1 We also obtain personal data indirectly from sources including, but not limited to:
-Recruitment agencies.
-Clients or partners in consulting projects.
-Public sources, such as Companies House, professional networks, or social media platforms (e.g., LinkedIn)
3.2 What Categories of Personal Data Do We Collect?
We may collect the following categories of personal data either directly from you or indirectly through client engagements, applicants, suppliers, and other interactions outlined in this Privacy Policy:
Personal Data:
-Contact details, such as name, company name, job title, work and personal email addresses.
-Additional data you provide, such as requests or information submitted in job applications.
Sensitive Personal Data:
-General: We do not typically collect sensitive or special categories of personal data.
-Children: We do not hold or process data on children.
-Consulting Projects: In certain consulting projects, we may process partially identifiable data, such as geographical location or anonymized sensitive data (e.g., wage data). This data is limited to project use, stored offline, and deleted after project completion.
3.3. Security and Retention
We implement robust technical and organizational measures to secure personal data, such as encryption, access controls, and offline storage for sensitive data. Personal data is retained only for as long as necessary for its intended purpose or as required by law. Sensitive data is securely deleted or anonymized upon project completion.
3.4. Your Rights
You have the right to access, correct, delete, or object to the processing of your personal data. You can also request data portability or restrict processing under certain conditions. For any inquiries or to exercise your rights, please contact us see section “2. Who can you contact for privacy questions or concerns?”).
4. What lawful reasons do we have for processing personal data?
We may rely on the following lawful reasons when we collect and use personal data to operate our business and provide our products and services:
-Consent – We may rely on your freely given consent at the time you provided your personal data to us (e.g. when you sign up for our Newsletter). You can withdraw your consent at any time by notifying us.
-Performance of a contract – we may rely on the fulfilment of a contract with you or the necessity of taking pre-contractual measures.
-Legitimate interests – We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. These include:
-Delivering services to our clients – To deliver the professional services our clients have engaged us to provide.
-Marketing – To deliver timely market insights and specialty knowledge that we believe is welcomed by our business clients, subscribers and individuals who have interacted with us.
-Website and service improvement – To enhance website performance and improve user experience.
-Fraud prevention – To detect and prevent misuse of our services.
-Legal obligation – We may process personal data to comply with a legal or regulatory requirement (e.g., tax reporting or responding to legal claims).
5. Why do we need personal data?
Typically, we use personal data to communicate with you, provide our services, send newsletters, offer professional advice, and deliver reports. Additionally, we promote the work of the Taskforce to existing and prospective communities, send invitations to workshops, arrange your participation in events, seek qualified candidates, and contact journalists regarding press releases.
On our website, personal data is collected when a visitor submits an enquiry form or visits our site (e.g., log file data and cookies, see section “9. What data do we process when you visit our website?” and “10. Do we use cookies?”).
We process personal data based on your consent, our legitimate interests, or as necessary to fulfill contractual obligations. Personal data is retained only as long as necessary for the stated purposes unless a longer retention period is required by law.
We implement robust technical and organizational measures to ensure the security of personal data and may share it with trusted third-party service providers, when necessary, under strict confidentiality and data protection agreements.
You have the right to access, correct, delete, or object to the processing of your personal data at any time. For further information, please contact us see section “2. Who can you contact for privacy questions or concerns?”).
6. Do we share personal data with third parties?
We may occasionally share personal data with trusted and contracted third parties to help us deliver efficient and quality services. These third parties therefore process (e.g. maintain, store, use) personal data on our behalf. These recipients are contractually bound to safeguard the data we entrust to them.
We may also share personal data with third parties to process the personal data on their own behalf. Such third parties will be considered joint controllers of such personal data. While joint controllers have shared discretion over the purpose of processing, all such controllers agree to process such shared personal data in accordance with data protection law.
7. Do we transfer your personal data abroad?
We may transfer personal data to third parties (contracted service providers) based abroad for the purposes of the data processing described in this Privacy Policy (for the purposes see section “ 5.Why do we need personal data?”).
Such third parties are obliged to protect the privacy of individuals to the same extent as we are. If the level of data protection in a country does not correspond to the Swiss or European level, we contractually ensure that the protection of your personal data always corresponds to that in Switzerland or the EU or the European Economic Area. To this end, we agree on the EU standard contractual clauses with the third parties and implement additional technical and organizational measures, if necessary.
Certain of our third-party service providers are based in the USA (for more information regarding the protection of your data when the data is transferred in the USA see section “ 8. Do we transfer your personal data outside the European Economic Area/Switzerland?”).
8. Do we transfer your personal data outside the European Economic Area/Switzerland?
Some of the third parties (contracted service providers) are based outside Switzerland and the European Economic Area, especially in the USA. For the sake of completeness, we would like to point out for data subjects who are resident or domiciled in Switzerland or the EU that there are surveillance measures in place in the USA by US authorities, which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland or the EU to the USA. This is done without any differentiation, limitation or exception based on the objective pursued and without any objective criterion that would make it possible to limit the access of the US authorities to the data and their subsequent use to very specific, strictly limited purposes that are capable of justifying the intrusion associated with both the access to and the use of this data. In addition, we would like to point out that in the USA there are no legal remedies available for the persons concerned from Switzerland or the EU that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective legal protection against general access rights of US authorities. We explicitly draw your attention to this legal and factual situation to enable an informed decision to consent to the use of your data.
We would like to point out that, from the point of view of the European Union and the Federal Data Protection and Information Commissioner in Switzerland, the USA does not have an adequate level of data protection, partly due to the issues mentioned in this section. Insofar as we have explained in this Privacy Policy that recipients of data are based in the USA, we will ensure that your data is protected at an appropriate level by our service providers, through the choice of companies certified under the Privacy Framework agreement or through contractual arrangements with these companies and, if necessary, Additionally, we implement further technical and organizational measures, such as encryption and anonymization, to protect your data.
We transfer only the data necessary to achieve the intended purposes and work exclusively with third parties committed to maintaining an appropriate level of data protection. You have the right to object to the transfer of your data or request further information about the specific measures we have in place.
For further questions about the transfer of your personal data or to exercise your rights, please contact us see section “2. Who can you contact for privacy questions or concerns?”).
9. What data do we process when you visit our website?
When you visit our website, the web servers temporarily store every access in a log file. The following data is collected without your intervention and stored by us until automatically deleted:
-IP address of the requesting computer;
-Date and time of access;
-Name and URL of the accessed file;
-Website from which the access was made, if applicable, with the search word used;
-Operating system of your computer and the browser you are using (including type, version, and language setting);
-Device type in case of access from mobile phones;
-City or region from which the access was made; and
-Name of your internet service provider.
The collection and processing of this data is carried out for the purpose of enabling the use of our website (establishing a connection), ensuring the long-term security and stability of the system, and enabling error and performance analysis and optimisation of our website (see also section “11. we use tracking and web analytics tools?”).
In case of an attack on the network infrastructure of the website or suspicion of other unauthorised or improper use of the website, the IP address and other data will be analysed for clarification and defence purposes; if necessary, they may be used in civil or criminal proceedings for the identification of the respective user.
For the operation of our website, we use the services of our hosting provider GoDaddy Inc, 100 S. Mill Ave, Suite 1600, Tempe, Arizona 85281United States of America. As a result, your data may be stored in a GoDaddy Inc database, which may enable GoDaddy Inc to access your data if this is necessary for the provision of the software and for support in using the software. You will find information on the processing of data by third parties and on a possible transfer abroad in another section of this Privacy Policy (“7. Do we transfer your personal data abroad?” And “8. Do we transfer your personal data outside the European Economic Area/Switzerland?”). For more information on data processing in relation to GoDaddy Inc, their Data Processing Addendum; https://gcd.com/legal/data-addendum . The legal basis for this processing is our legitimate interest in using the services of third-party providers.
There is a possibility that GoDaddy Inc may want to use some of this data for its own purposes (e.g., for sending marketing emails or conducting statistical analysis). For these data processing activities, GoDaddy Inc is the controller and must ensure compliance of these processing activities with data protection laws. Information about data processing by GoDaddy Inc can be found in their Data Privacy Framework Notice; https://www.godaddy.com/en-ie/legal/agreements/data-privacy-framework-notice
When you visit our website, cookies and similar technologies may also be used. These tools enable us to enhance functionality, analyze usage, and improve your experience. See section “10. Do we use cookies?” for more information on managing your cookie preferences.
You have the right to request access to, correction of, or deletion of your personal data. For further inquiries or to exercise your rights, please contact us at see section “2. Who can you contact for privacy questions or concerns?”).
For any additional data processing by third parties (e.g., analytics, marketing emails), see “10. Do we use cookies”) act as the data controller and is responsible for ensuring compliance with applicable data protection laws. More details can be found in their Privacy Policy at; https://www.godaddy.com/en-ie/legal/agreements/privacy-policy
10. Do we use cookies?
Our websites use cookies. Cookies are information files that your web browser stores on the hard drive or in the memory of your computer when you visit our website. Cookies are assigned identification numbers that enable your browser to be identified, and allow the information contained in the cookie to be read.
Cookies are used to make your visit to our website easier, more enjoyable, and more meaningful. We use cookies for various purposes that are necessary for the desired use of the website, i.e., “technically necessary.” For example, we use cookies to enable the website to remember your actions and preferences (such as login, language, and font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the website or browse from one page to another. Furthermore, cookies perform other technical functions necessary for the operation of the website, such as load balancing, which distributes the workload of the site across various web servers to relieve the servers. Cookies are also used for security purposes, such as preventing the unauthorized posting of content. Finally, we use cookies in the design and programming of our website, for example, to enable the uploading of scripts or codes.
10.1 Your Cookie Choice.
Most internet browsers accept cookies automatically. However, when accessing our website, you can give your consent to the use of non-essential cookies, especially for the use of cookies from third parties for marketing purposes and for the generation of statistical and other information about the website use as well as user journey from other websites to our website (see section “11. we use tracking and web analytics tools?”).
You can adjust your preferences for cookies by using the corresponding buttons in the cookie banner. Details regarding the services and data processing associated with each cookie can be found within the cookie banner and in the following sections of this Privacy Policy.
You may also be able to configure your browser to prevent cookies from being stored on your computer or receive a notification whenever a new cookie is being sent. On the following pages, you will find instructions on how to configure cookie settings for selected browsers.
–Microsoft Windows Internet Explorer
–Microsoft Windows Internet Explorer Mobile
Disabling cookies may prevent you from using all the features of our website.
11. Do we use tracking and web analytics tools?
For the purpose of customising and continuously optimising our website, we use the web analytics services listed below.
In this context, pseudonymised usage profiles are created, and cookies are used (please also see section “10. Do we use cookies?”). The information generated by the cookie regarding your use of our website is usually transmitted to a server of the service provider, where it is stored and processed, together with the Log File Data mentioned in section “9. What data do we process when you visit our website?”. This may also result in a transfer to servers abroad, e.g., the USA (for information on the absence of an adequate level of data protection and the proposed safeguards, see section “ 8. Do we transfer your personal data outside the European Economic Area/Switzerland?”).
Through the data processing, we obtain, among others, the following information:
-Navigation path followed by a visitor on the site (including content viewed, products selected or purchased, or services booked);
-Time spent on the website or specific page;
-The specific page from which the website is left;
-The country, region, or city from where an access is made;
-Endpoint device (type, version, colour depth, resolution, width, and height of the browser window); and
-Returning or new visitor.
The provider, on our behalf, will use this information to evaluate the use of the website, in particular to compile website activity reports and provide further services related to website usage and internet usage for the purposes of market research and the customization of the website. For these processing activities, we and the providers may be considered joint controllers in terms of data protection to a certain extent.
The legal basis for this data processing with the following services is your consent. You can withdraw your consent or oppose processing at any time by rejecting or deactivating the relevant cookies in the settings of your web browser (see section “10.2. Your cookie choice”).
Regarding the further processing of the data by the respective provider as the (sole) controller, including any potential disclosure of this information to third parties, such as authorities due to national legal regulations, please refer to the respective Privacy Policy of the provider.
11.1 Google Analytics
We use the web analytics service Google Analytics provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, or Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google).
Contrary to the description in the above section (“11. we use tracking and web analytics tools?”), IP addresses are not logged or stored in Google Analytics. For accesses originating from the EU, IP address data is only used to derive location data and is immediately deleted thereafter.
When collecting measurement data in Google Analytics, all Internet Protocol searches take place on EU-based servers before the traffic is forwarded to Analytics servers for processing. Google Analytics utilises regional data centres. When connecting to the nearest available Google data centre in Google Analytics, the measurement data is sent to Analytics via an encrypted HTTPS connection. In these centres, the data is further encrypted before being forwarded to Analytics’ processing servers and made available on the platform. The most suitable local data centre is determined based on the IP addresses. This may also result in a transfer of data to servers abroad, (eg. the USA (for information on the absence of an adequate level of data protection and the proposed safeguards, see section “8. 8. Do we transfer your personal data outside the European Economic Area/Switzerland?”).
You can prevent the data generated by the cookie relating to the use of the website by the user concerned (including the IP address) from being collected and processed by Google and revoke your consent by refusing or deactivating the cookies concerned on the cookie banner or in the settings of their web browser (see section “10. Do we use cookies? Or by downloading and installing the browser plug-in available under the following link: Tools.google.com.
12. How and where do we store your data?
If a clear identification of your person is possible, we store and link the data described in this Privacy Policy, i.e. your contact details, contract data, and your browsing behavior on our website (see sections “3.2. Error! Reference source not found.” And “9. What data do we process when you visit our website?”) in a central database. This allows for efficient management of customer data, enables us to adequately process your requests, and facilitates the efficient provision of the services you requested, as well as the performance of the related services.
We also analyze this data to further develop our services based on your needs and to provide you with the most relevant information and offers.
For the central storage and analysis of data in the CRM system, we use a software application provided by Automattic Inc., located at 60 29th Street #343, San Francisco, CA 94110, United States. Therefore, your data may be stored in a database of Automattic Inc., which may allow them to access your data if necessary for providing the software and supporting its use. Information about data processing by third parties and any transfer abroad can be found in section “6. Do we share personal data with third parties?”, “7. Do we transfer your personal data abroad?” and “8. Do we transfer your personal data outside the European Economic Area/Switzerland?” of our Privacy Policy. Further information about data processing by Automattic Inc. can be found at https://automattic.com/privacy
13. What are your data protection rights?
Your data protection rights are highlighted here. To submit a data request and therefore to exercise these rights, please send an e-mail to contact@naturefinance.net.
-Access – You have the right to request access to your personal data stored by us at any time and free of charge if we process such data. This gives you the opportunity to check what personal data concerning you we process and whether we process it in accordance with applicable data protection regulations.
-Correction – You can ask us to correct our records if you believe they contain incorrect or incomplete information about you.
-Erasure – You have the right to obtain the erasure of your personal data under certain circumstances. In individual cases, particularly in the case of statutory retention obligations, the right to erasure may be excluded. In this case, the erasure may be replaced by a blocking of the data if the requirements are met.
-Restrict – You have the right to request that the processing of your personal data be restricted.
-Data portability – In some circumstances, where you have provided personal data to us, you can ask us to transmit that personal data free of charge (in a structured, commonly used, and machine-readable format) directly to you or another company if it is technically feasible.
-Right to Object– You can object to our process of your personal data at any time, especially regarding data processing related to direct marketing purposes and opt out.
-Right to Withdraw Consent – You can withdraw your consent that you have previously given to one or more specified purposes to process your personal data at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent. It may mean we cannot provide certain products or services to you, and we will advise you if this is the case.
-Right of complaint – You have the right to lodge a complaint with a competent supervisory authority, e.g., against how your personal data is processed.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make a request unless your request is clearly unfounded or excessive.
14. What about personal data security?
We have implemented robust technical and organizational security policies and procedures to protect personal data from loss, misuse, alteration, or destruction. Access to your personal data is limited to authorized personnel required to maintain its confidentiality.
To enhance security, we apply techniques such as pseudonymization, de-identification, and anonymization where feasible. Strong encryption protocols, including TLS for data transmission and AES-256 for data storage, are used to safeguard your data.
We comply with industry-recognized standards, such as [ISO 27001/GDPR/NIST], and regularly conduct security audits, vulnerability assessments, and penetration testing to ensure our systems remain secure. Additionally, we maintain an incident response plan to mitigate risks and promptly address any potential data breaches.
Our security measures are continuously adapted in line with technological developments. However, the transmission of information via the Internet and electronic means of communication always involves certain security risks and we cannot, therefore, provide any absolute guarantee for the security of information transmitted in this way.
We encourage you to take proactive measures to protect your personal information, such as using strong passwords, enabling two-factor authentication (if available), and staying vigilant against phishing attempts.
15. How long do we retain personal data?
We only store personal data for as long as it is necessary to carry out the processing described in this Privacy Policy within the scope of our legitimate interests. For contractual data, the storage is stipulated by statutory retention obligations. Requirements that oblige us to retain data arise from the accounting and tax law regulations. According to these regulations, business communication, concluded contracts, and accounting documents must be retained for up to 10 years. If we no longer need this data to provide services for you, the data will be blocked. This means that the data may then only be used if this is necessary to fulfil the retention obligations or to defend and enforce our legal interests. The data will be deleted as soon as there is no longer any legal obligation to retain it and no legitimate interest in its retention exists.
16. Do we link to other websites?
Our websites may contain links to other sites that are not governed by this policy. Please review the destination websites’ privacy policies before submitting personal data on those sites. Whilst we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content, security, or privacy practices employed by other sites.
16.1 Social Media
On the website, we have set up links to our social media presences on the following social networks:
-Twitter International Unlimited Company, One Cumberland Place, Finnian Street, Dublin 2, Ireland, Privacy Policy,
-LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, Privacy Policy.
-Bluesky Social, PBC 113 Cherry Street, #24821, Seattle, WA 98104-2205, United States Privacy Policy
If you click on the links of the social networks, you will be automatically redirected to our profile on the respective network. This establishes a direct connection between your browser and the server of the respective social network. As a result, the social network receives the data described in the section on log files (“9. What data do we process when you visit our website?”), i.e. in particular the information that you have visited our website with your IP address and clicked on the link. This may also involve the transfer of data to servers abroad, e.g., in the USA (for further information on the absence of an adequate level of data protection and the proposed safeguards, see section “8. Do we transfer your personal data outside the European Economic Area/Switzerland?”).
If you click on a link to a social network while you are logged into your user account on that social network, the content of our website can be associated with your profile, allowing the social network to directly link your visit to our website to your account. If you want to prevent this, please log out of your account before clicking on the respective links. A connection between your access to our website and your user account will always be established if you log in to the respective social network after clicking on the link. The data processing associated with this is the responsibility of the respective provider in terms of data protection. Therefore, please refer to the privacy notices on the social network’s website.
16.2 YouTube
On our website we have especially integrated YouTube videos. YouTube is a video portal that has been a subsidiary of Google. The portal is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you access a page on our website in which a YouTube video is embedded, your browser automatically connects to the YouTube or Google servers. Various data will be transmitted (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in Europe. Information about data processing by third parties and any transfers abroad can be found in section “8. Do we transfer your personal data outside the European Economic Area/Switzerland?” of this Privacy Policy.
YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually also assign your interactions on our website to your profile with the help of cookies. This includes data such as session duration, bounce rate, approximate location, and technical information such as browser type, screen resolution or your internet provider. Other data may include contact details, any ratings, and the sharing of content via social media or adding to your favorites on YouTube. If you want to prevent this, please log out of your account before clicking on the respective links. A connection between your access to our website and your user account will always be established if you log in to YouTube after clicking on the video. The data processing associated with this is the responsibility of the respective provider in terms of data protection.
Therefore, please refer to the Privacy Policy of Google under; https://policies.google.com/privacy?hl=de.
17. Do we change this privacy policy?
We regularly review this Privacy Policy and will post any updates to it on this webpage. If we make significant changes, we will notify you through prominent notices on our website or by other appropriate means.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.
This Privacy Policy was last updated on 10th March 2025. If you have any questions or concerns, please contact us at contact@naturefinance.net.
This Privacy Policy has been developed, reviewed, and approved.