Privacy policy

Irene M. Staehelin Foundation ("IMS Foundation", "we", "us" or "our") protects the confidentiality and security of the personal data that we collect or receive in the course of our business activities. We process personal data in accordance with the Swiss Federal Data Protection Act of 1 September 2023 ("FADP") and, if applicable, the European Union General Data Protection Regulation 2016/679 ("GDPR").

This privacy and cookie policy ("Privacy Policy") explains how we may collect and use personal data that you provide to us or which we collect about you in connection with our website or when offering or providing our services (collectively, the "Services") as well as your rights in relation to your personal data. Personal data is any information directly or indirectly relating to an identified or identifiable individual. In our terminology, we follow the GDPR, but also include the terminology of the FADP, unless expressly stated otherwise.

We may provide you with additional privacy policies if we consider it useful. Such additional privacy policies are supplementary to this Privacy Policy and should be read together with it.

We are responsible for your personal data


We are responsible for your personal data provided to us or collected by us during the course of our business.

Irene M. Staehelin Foundation 
Mr. Urs Boesch 
Wiesenstrasse 10 
8008 Zurich 
Switzerland 

What information do we collect and process?


To provide our Services and conduct our business activities, we collect and process personal data about existing and prospective partner organisations, related persons, counterparties, authorities, third parties and other persons as well as their representatives, beneficial owners and (former) employees. Moreover, we collect and process personal data when you offer us services or products, when we examine your products or services and in general, whenever you ask us for or supply us with information.

The type of personal data that we collect includes, for example, names and contact data (such as postal address, e-mail address and telephone number), nationality, business sectors of interest, employment history and all kinds of information from correspondence, contacts and interactions with us. We also process all kinds of information disclosed to or collected by us in relation to our Services. Such information may exceptionally include sensitive personal data. Whenever necessary, we will seek your consent before processing sensitive personal data.

We collect the following personal data from applicants: their personal details, contact data, application documents (e.g. letter of motivation, CV, certificates of employment, diplomas, letters of reference, etc.) as well as excerpts from criminal records and debt collection registers.

Finally, our website server temporarily saves information about your use of our website. Such information includes, among other things, the IP address, date and time of access, the name and URL of the file opened, the website from which the access is made, the browser used (including the version), the operating system (including the version) of the computer used and the name of the user’s access provider.

Why and on what basis do we collect and process personal data?


We will only use your personal data if and to the extent that applicable law allows.

Within the scope of the FADP, the principle of lawfulness (Articles 6, 30 FADP) applies, whereby private persons may process data without an explicit justification, provided that they comply with the general principles of data processing. These are set out in the FADP and include, for example, the principle of purpose limitation (data may only be collected and processed for a specific purpose) and the principle of data minimisation (data must be limited to the amount necessary for the purpose of the processing).

To provide our Services and manage IMS Foundation
We collect and process personal data in order to perform our Services and to manage IMS Foundation’s business (e.g., to carry out administrative and organisational processes, risk management).

To support and further develop our business relationship with you
In addition, we use personal data to support and develop our business relationship with you, to send you publications and messages, to invite you to our events and to follow up on them, to monitor and analyse our business, to improve our Services and products for you, and to conduct due diligence on potential partners from an anti-money-laundering perspective. We also use personal data to protect the integrity, safety, or security of our Services or you, other users or business partners, comply with applicable legal or regulatory obligations or enforce compliance with this Privacy Policy, or other regulations placed on your use of our Services.

To analyse the use of our website
We collect and process personal data about you in order to ensure the smooth functioning and system security of our website and to improve the website and analyse your use of the website.

To handle applications
Whenever you apply for a position, you are required to make certain personal data known to us. By submitting your application, you make it possible for us to use and examine that information (among other things, to check references, background, identity, excerpts from debt enforcement register and criminal records) so that we can invite you to an application interview and determine whether you are suitable for the position. We work with a third-party service provider in Germany to store and manage such information.

If we need information in order to hire you and you fail to provide us with it on request, we will be unable to continue processing your application.

Do we use cookies on our website?


In addition, we use cookies ("Cookies") on our website, which also collect your personal data insofar as this is necessary for the functionality of the website or you have consented to the use of Cookies.

Our website only uses necessary cookies to enable you to use our Website and its features and ensure the functionality of our website. The information collected by these cookies relate to the operation of our website, for example, language detection, scripting language and security tokens to maintain secure areas of our website.

How you disable cookies


Some internet browsers are automatically set up to accept cookies. If you want to change your cookie preferences or refuse or delete any cookies, please refer to the help and support area on your internet browser for instructions on how to block or delete cookies.

Where does your personal data come from?


We get your personal data directly from you, our partner organizations, clients, other persons involved and their respective representatives and employees. Moreover, we collect personal data from third parties such as employers, other organisations with which you are contact, regulatory authorities, government agencies, or professional advisors. We also get personal data from publicly accessible sources (such as commercial registers, debt collection and land registries and credit reference agencies).

How do we protect personal data?


We take appropriate measures to store your personal data securely in electronic and physical form and to protect it against unauthorised access, misuse, disclosure, unauthorised changes or deletion, as well as against loss.

Access to our office is controlled and our electronic data collections are protected by logins and passwords.

Our partners, employees and third-party service providers having access to confidential information (including personal data) are bound by duties of confidentiality and, to the extent required, have entered into the necessary data processing agreements.

Why and how we may share your personal data?


We may share your personal data with the following recipients (in compliance with the applicable legal requirements):

  • Service providers: We may share your personal data with external service providers who support us and the provision of our Services. This can include IT service providers, business analytics providers, newsletter service providers, marketing and event management service providers, etc.
  • Advisors: We may share your personal data with accountants, auditors and other legal and professional advisors.
  • Contractual partners: We may share your personal data with contractual partners to the extent the disclosure results from such contracts.
  • Business partners: We may share your personal data with business partners.
  • Competent authorities: We may share your personal data with competent authorities, including tax authorities and courts (in Switzerland and abroad), if we are legally obliged or entitled to such disclosure or if it appears necessary to protect our interests.
  • Transaction partners and advisors: We may share your personal data in relation to mergers, acquisitions or other business transactions involving us.

Will your personal data be transferred abroad?


In connection with the disclosures described in the section above, we may transfer your personal data to the following countries that offer adequate protection pursuant to the FADP and GDPR: European Economic Area member states, UK and USA (if the recipient is certified under the EU-US and Swiss-US Data Protection Framework ("DPF").

To the extent necessary for the aforementioned purposes, we may also transfer your personal data to the following countries, which do not offer adequate protection pursuant to the FADP and/or GDPR: USA (if the recipient is not certified under the DPF) and potentially other countries. Such transfer is secured by appropriate safeguards (such as Standard Contractual Clauses ("SCCs") including amendments necessary under Swiss law) or based on a statutory exemption (e.g., if you have given your consent to the transfer, if the transfer is directly connected with the conclusion or performance of a contract with you or if the transfer is necessary for the establishment, exercise or enforcement of legal claims before a foreign authority). Within the scope of the GDPR, you may ask us for a copy of the relevant safeguards by contacting us as indicated at the beginning of this Privacy Policy.

How long do we store your personal data?


We will store your personal data as long as necessary for the purposes for which it is processed. We also store your personal data to comply with our various statutory and regulatory obligations of documentation and record-keeping, as long as claims can be asserted against us or as long as required by our legitimate interests, particularly the security of our data.

Personal data of applicants to whom we cannot offer a job will be deleted six months after cancellation at the latest. With the consent of applicants, we may store the collected personal data for a longer period in order to offer the applicant any other positions at IMS Foundation.

What are your rights?


You may be entitled to the following rights:

  • You can request information about your personal data and certain aspects of the processing;
  • You can request rectification of your personal data;
  • You can request erasure of your personal data;
  • You can request limitation of the processing of your personal data;
  • You can object to the processing of your personal data;
  • You can request that your personal data be released or transferred to you or to another data controller in a machine-readable format.

If you have consented to the collection, processing or disclosure of your personal data for a certain purpose, you can revoke your consent at any time. Upon receiving notice of the revocation of your consent, we will cease processing your personal data, unless there is another legitimate interest in doing so.

Please note that the granting of such rights may sometimes be refused or restricted for legal reasons or based on the applicable data protection law. We will inform you of the grounds for our decision to the extent permitted or required by law.

In general, you will not have to pay a fee to exercise any of your rights. However, we may charge a fee for access to your personal data if applicable data protection law allows us to do so, in which case we will inform you.

If you wish to exercise your rights, please contact our COO, Urs Boesch, by sending an e-mail to info@imsfoundation.ch or by mailing a letter to the address set out above.

If you believe that we have not handled your question or concern to your satisfaction or that we do not process your data in accordance with the applicable data protection law, you may address the competent supervisory authority, which in Switzerland is the Federal Data Protection and Information Commission ("FDPIC"):

Federal Data Protection and Information Commissioner 
Feldeggweg 1 
3003 Berne 
Switzerland 
https://www.edoeb.admin.ch

Based on your residence, you may have the possibility to lodge a complaint with the appropriate data protection authority of your place of residence.

Changes to this Privacy Policy


We reserve the right to update and change this Privacy Policy from time to time in order to take into account changes in how we process your personal data and changes in the statutory requirements. All changes that we make to our Privacy Policy in the future will be published on our website.

The version published on our website is the version that currently applies.

Last update: July 2025

We believe lasting change comes from visionary ideas, projects, and organisations. Our approach is characterised by a proactive search for innovative initiatives that have the potential to create lasting change and align with our vision for a more just, inclusive, and sustainable world.

We work by invitation only and do not accept unsolicited funding requests.

We are dedicated to purposeful and responsible giving, guided by the legacy of Irène M. Staehelin-Schindler, whose lifelong commitment to human and women rights, development and sustainability continues to inspire our work today.

Wiesenstrasse 10
8008 Zurich
Switzerland

info@
imsfoundation.ch

©2025 Irene M. Staehelin Foundation Legal Privacy policy Code of Conduct Visibility guidance
Please use a modern web browser