zum Inhalt springen

Privacy Policy

The protection of your privacy is important to NTC.swiss (hereinafter "we", "us"). We process your data only in accordance with the statutory provisions. In this privacy policy, we explain how we collect or otherwise process personal data and what rights you have in this regard. Personal data is understood to be all information that relates to an identified or identifiable person.

Please read the following terms carefully so that you are aware of our stance and procedure for processing your personal data and how we use cookies.


Responsible for the data processing specified in this privacy policy is:

National Cyber Security Testing Institute | NTC
Baarerstrasse 53
6300 Zug

Phone: +41 41 317 00 11
E-mail: office@ntc.swiss

Scope and purpose of the processing of personal data

We process your data only for specified purposes and only in cases permitted by law. You will find below the individual data processing operations on our website, with the purposes for data processing.

We collect, process and store the data of individuals that we collect in the operation of our website or other applications or that we collect in the course of our business relationship with our customers and other business partners from these and other individuals involved.

When you visit our website, our servers store the access in a log file (so-called log files). The following technical data about the use of our website is collected automatically and without your intervention, as is generally the case with every connection to a web server, for example:

  • IP adress,
  • MAC adress of the smartphone or computer, 
  • Information about your device and settings (browser type, device identifier, operating system, etc.),
  • Cookies,
  • Date and time of the visit,
  • accessed pages and content,
  • used functions, 
  • referring websites,
  • location information.

This data is collected and processed for the purpose of enabling the use of our website (connection establishment), ensuring and increasing the system security and stability of our systems and offers, analyzing the use of our offers and services, collecting general demographic information and enabling the optimization of our Internet offer (in particular, but not exclusively, product improvements, marketing measures, target group-specific advertising, etc.), as well as for internal statistical purposes.

Furthermore, it is possible that we collect and process the following data about you:

  • Information you submit by filling out forms on this website. This includes any information you provide at the time of registering for our newsletter or registering for an event;
  • If you contact us, we may keep records of that correspondence.

In this context, we process the personal data required for the conclusion, implementation or termination of a business relationship or a contract.

This includes in particular:

First name, last name of the contact person;
Contact details (e.g. address, e-mail address, telephone number);
Billing and shipping address;
Billing and payment information.

  • Company;
  • First name, last name of the contact person;
  • Contact details (e.g. address, e-mail address, telephone number);
  • Billing and shipping address;
  • Billing and payment information.

We may also receive personal data about you from third parties. This data may include the following categories:

  • Information from publicly available sources (e.g., media, Internet);
  • Information from public registers (e.g. commercial register, debt collection register, land register);
  • Information in connection with official or judicial proceedings;
  • Information about you in correspondence and meetings with third parties;
  • Creditworthiness information (insofar as we conduct personal business with you);
  • Information about you that people close to you give us so that we can enter into or process contracts with you (e.g. references, your address for deliveries, powers of attorney, information on compliance with legal requirements, information from banks, insurance companies, sales and other contractual partners).

Legal Basis

The data protection principles are based on the Swiss Data Protection Act (DPA) and the European General Data Protection Regulation (GDPR), if and to the extent that the latter is applicable.
When you share personal information with us, it is collected and processed strictly in accordance with the relevant laws and regulation.

Other possible legal grounds are as follows:

  • Your consent;
  • The execution of a contract or pre-contractual measures;
  • Compliance with legal requirements;
  • Our legitimate interests, unless your interests or fundamental rights are overridden;
  • To safeguard vital interests of you or another person or to perform a task in the public interest;
  • Other relevant statutory legal bases.

If you have given us consent to process your personal data for specific purposes, we will process your data within the scope of this consent unless we have another legal basis. You can revoke your consent at any time. Data processing that has already taken place is not affected by this.

Data Sharing

We cooperate with other companies or persons or commission other companies or persons with the processing and storage of data. They may have access to your personal data or usage data, but only to the extent necessary to perform their tasks. If external processors are used, they are contractually obligated and technical and organizational measures are applied to ensure that they comply with the same data protection law requirements and other obligations specified by applicable data protection law to which we are subject.

We will only share your personal information if one of the following conditions is met:

  • Your consent has been given;
  • there is a legal obligation;
  • if this is necessary for the enforcement of our rights, in particular the enforcement of claims arising from the contractual relationship;

  • if this is necessary for the fulfillment of the contract or the implementation of pre-contractual measures;
  • if we have a legitimate interest in doing so and your interests to the contrary do not outweigh ours;
  • if another legal permission exists.

Transfer of personal data abroad

We are also entitled to transfer your personal data to commissioned third-party companies abroad. These are obligated to data protection to the same extent as we ourselves. If the level of data protection in a country does not correspond to that in Switzerland or the EU, we contractually ensure that the protection of your personal data corresponds to that in Switzerland or the EU at all times. This can be done through so-called standard contractual clauses of the European Commission or a supervisory authority or approved and authorized codes of conduct together with binding and enforceable obligations of the recipient or approved certification mechanisms together with binding and enforceable obligations of the recipient.


This website uses cookies. Cookies are small text files that are stored permanently or temporarily when you visit this website. The purpose of the cookies is in particular the analysis of the use of this website for statistical evaluation as well as for continuous improvements.
In the settings of your browser, you can disable cookies in whole or in part at any time. If cookies are deactivated, not all functions of this website may be available to you.

Google Analytics

We do not use Google Analytics.


On this website, we use the service HubSpot for various purposes. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland. Within the scope of processing via HubSpot, data may be transmitted to the USA.  Hubspot is an integrated software solution that we use to cover various aspects of our online marketing.

These include, among others:

  • E-Mail-Marketing (Newsletter as well as automated mailings, e.g. to provide downloads)
  • Chat Function
  • Social Media Publishing & Reporting
    Reporting (e.g. traffic sources, accesses, etc.)
  • Contact management (e.g. user segmentation & CRM)
  • Landing pages and contact forms

This information, as well as the content of our website, is stored on servers of our software partner HubSpot. It can be used by us to contact visitors to our website and to determine which of our company's services are of interest to them.

When you use our websites, your browser automatically transmits certain information to HubSpot's servers to enable an analysis of your behavior on our website. HubSpot only provides us with anonymized information about access times, visited subpages, origin of visitors, country of the user or duration of stay. It is not possible for us to assign the accesses to your person. In particular, HubSpot does not permanently store your IP address, but only infers geographical information and then deletes the address.

We also use Hubspot CRM on this website. The provider is Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (hereinafter referred to as Hubspot CRM). Hubspot CRM enables us, among other things, to manage existing and potential customers as well as customer contacts. With the help of Hubspot CRM, we are able to capture, sort and analyze customer interactions via email, social media or phone across different channels. The personal data collected in this way can be evaluated and used for communication with the potential customer or for marketing measures (e.g. newsletter mailings). With Hubspot CRM, we are also able to record and analyze the user behavior of our contacts on our website.

Furthermore, if you use our contact form, the data you enter will be forwarded to HubSpot servers and stored there. Since the contact form is only intended for business relationships, only general contact information of our contact persons at customers or interested parties is processed. During your input, the specified e-mail address is also forwarded to HubSpot's servers for validation. This enables us to ensure that the email address you provide is valid and that you will receive our response.

We have concluded an order processing contract with Hubspot or Hubspot CRM. This is a contract required by data protection law, which ensures that Hubspot only processes personal data according to our instructions and in compliance with Swiss and European data protection law. Details can be found here: https://www.hubspot.de/data-privacy/privacy-shield.

More information about Hubspot's privacy policy can be found here: https://legal.hubspot.com/de/privacy-policy.

Data security

We use appropriate technical and organizational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously adapted and improved in line with technological developments.

Within our website, we use the SSL (Secure Socket Layer) procedure in conjunction with the highest encryption level supported by your browser. You can see whether an individual page of our website is transmitted encrypted by the closed display of the lock symbol in the status bar of your browser.

Retention Period

We retain personal information only as long as deemed necessary to comply with applicable laws and to protect our rights or as long as necessary for the purposes for which it was collected.

Such retention obligations arise in particular from regulations on registration law, on accounting and from tax law. According to these regulations, business communication, concluded contracts and accounting vouchers must be stored for up to 10 years. As far as we no longer need such data from you for the performance of services, the data will be blocked or deleted. In this case, we will only use the data for accounting and tax purposes.

Your rights to information, correction, deletion or complaint

You can request information at any time about all data available in our data collection that concerns you. In particular, you can request information about:

  • the processing purposes
  • the category of personal data
  • the categories of recipients to whom your data have been or will be disclosed
  • the planned storage period

In the event of disproportionately high costs, we reserve the right to request proof of identity from you in advance, as well as payment of the actual costs.

Further you are entitled,

  • obtain information about the legal basis of the processing;
  • immediately demand the correction of incorrect or completion of your personal data stored by us;
  • request the erasure of your personal data, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion or defense of legal claims;
  • to request the restriction of the processing of your personal data if (i) the accuracy of the data is disputed by you, (ii) the processing is unlawful but you object to its erasure, (iii) we no longer need the data but you require it for the assertion, exercise or defense of legal claims or (iv) you have objected to the processing;
  • Receive your personal data that you have provided to us in a structured, common and machine-readable format or request that it be transferred to another responsible party.

You may revoke your consent at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future.

The exercise of your rights requires that you prove your identity (e.g. by means of a copy of your ID card if your identity cannot be established otherwise). In addition, we reserve the right, in the event of a disproportionately large expense, to demand that you pay the effective costs in advance.

We would like to point out that the exercise of your rights may be subject to legal restrictions. We reserve the right to assert these, e.g. if we are obliged to retain or process certain data, have an overriding interest in doing so (insofar as we are entitled to rely on this) or require them for the assertion of claims. Please note that the exercise of your rights may, under certain circumstances, conflict with contractual agreements and may have corresponding effects on the performance of the contract (e.g. premature termination of the contract or cost consequences). Where this is not already contractually regulated, we will inform you in advance.

You can complain to our data protection advisor or to a supervisory authority at any time. If your personal data is processed on the basis of legitimate interests, you have the right to object to the processing of your personal data if there are grounds for doing so that arise from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.


Due to the further development of our website or the implementation of new technologies, it may become necessary to change this privacy policy. We are entitled to adapt this privacy policy at any time without prior notice. The current version published on our website applies.

Terms of Use

Non-binding information

NTC.swiss always endeavors to provide correct and up-to-date information on the website, no warranty is given with regard to the content. All information contained on the NTC.swiss website is non-binding. The published information may be changed, deleted or the publication may be discontinued temporarily or permanently at any time and without prior notice. NTC.swiss does not assume any liability (neither explicit nor implicit) for the correctness, completeness and up-to-dateness of the information provided on the website. In particular, NTC.swiss is not obligated to remove any outdated information from the website or to expressly mark it as such.

Limitation of liability

The use of the content and information provided on the NTC.swiss website is at the sole risk of the user. NTC.swiss disclaims, without limitation, all liability for any loss or damage of any kind, including any direct, indirect or consequential damages, which might be incurred through the use of the NTC.swiss website, or any links to third-party websites. In addition, NTC.swiss disclaims any liability for manipulation of the Internet user's computer system by unauthorized persons.

Links to other websites

Some links on the NTC.swiss website lead to third-party websites. These are completely beyond the control of NTC.swiss, which is why NTC.swiss accepts no responsibility for the accuracy, completeness and legality of the content of such websites or for any offers contained therein. The provider of the site alone is liable for illegal, incorrect or incomplete content and in particular for damage arising from the use or non-use of links.


The entire content of the NTC.swiss website is protected by copyright. Commercial use of the content by any form of reproduction, distribution or modification is prohibited without the prior written consent of NTC.swiss. All property rights remain with NTC.swiss."



Leave your contact details so that we can respond to your request: