top of page

Privacy & Legal Terms

(version 5 May 2023)

1. Who we are

DataLimits is a Swiss based non-profit association which aims to raise greater awareness about an individual’s data privacy rights and the opportunity to seek the legal enforcement of such rights on a worldwide basis..

2. Scope

This website has been designed with the main purpose of providing to the public some general information about DataLimits and to share news, articles, publications, opinions and updates on relevant events and activities organized by DataLimits.

3. Types of information we collect

We may collect the following types of your Personal Data:
Contact information, financial information, digital information, professional and academic information, that is provided by you on a voluntary basis, when you are:

- A website visitor
- A registered member
- A staff member or volunteer
- A spon
- Willing to repo
rt a data privacy violation


For your safety we use reCAPTCHA, a security technology developed by Google to prevent automated software (bots) from performing actions on websites that are meant to be performed by humans. ReCAPTCHA collects and analyzes how users navigate the website to determine whether the activity is suspicious. It uses machine learning algorithms to analyze the user's behavior on the website and determine whether they are likely to be a bot or a human. For the efficient performance of its services reCAPTCHA may collect the following types of your Personal Data:

  • Ip and URL address

  • User Google account information

  • Behavior, like scrolling on a page, moving the mouse, clicking on links, time spent completing forms, and typing patterns

  • Browser history

  • Date and language settings

  • Screen resolution


You can minimize the Personal Data the reCAPTCHA sends to Google by:

  • Logging out of your Google accounts

  • Deleting history


We do not use “cookies” or similar tracking technologies to collect information about site visitors except for Strictly Necessary “cookies” which is mandatory for the proper functionality of our website and reCAPTCHA, thereby improving a user’s online experience. You can find more information about our “cookies” policy on the website. The Privacy Policy and Terms of Service of reCAPTCHA can be found here.

4. Lawful basis and use of your information

We process your Personal Data under one or more of the following conditions:


  • When you have provided “consent” (which may be withdrawn at any time).

  • When it is necessary to comply with contractual obligations with you.

  • When the processing is in DataLimits’ legitimate interest.

  • When you have authorized us to include you in a class action complaint or a lawsuit.

Some examples of legitimate interests of DataLimits are the following:


  • provide you with member services, including setting up your membership account;

  • prepare and submit class actions or private claims in relevant countries;

  • investigate a complaint related to a violation of data privacy and cybersecurity laws and standards; and

  • terminate membership participation.

5. Membership Age

In order to become a DataLimits member, a person must be at least 16 years old. We do not knowingly collect
Personal Data at any time from any person under the age of 16 years old without the prior written consent of
their parent or legal guardian.


You represent that you meet the minimum age requirement by making an application for membership.


If DataLimits later determines that you have replied incorrectly to the question on the membership form, then DataLimits will have the right to terminate immediately your membership.

6. Other Websites

The Privacy & Legal Terms apply solely to Personal Data collected through this website.


Our website may contain links to external websites for your convenience (such as other non-profit organizations involved in data privacy and cybersecurity activities or fund-raising website platforms to make financial contributions to DataLimits).


Such links do not signify our endorsement of such websites or their contents. For this reason, we encourage you to
read and be aware of the terms and conditions of other websites that you visit.

7. Other Recipients

We may disclose Personal Data to third party recipients when this is reasonably permitted in order to pursue our
goals as a non-profit association, in compliance with the relevant applicable laws & regulations. Such disclosure
relates to the following recipients:


  • public authorities;

  • other non-profit organizations and governmental institutions related to data privacy and security rights and obligations; and

  • our external suppliers, such as postal service companies, print service providers, researchers or research companies, banks or financial companies, IT professionals as well as legal, financial, tax and accounting businesses.

Personal Data may be nevertheless transferred to third parties who are not based in Switzerland or an EU/EEA
country. In this case, before we transfer the Personal Data, we ensure that sufficient safeguards are in place to
ensure that there is an adequate level of data protection in the recipient’s country.

8. Data Storage

Your Personal Data is securely stored on servers managed by in Europe and the United States.


We will retain your Personal Data for no longer than is necessary for the processing purpose for which your Personal Data was collected.


We will delete your Personal Data after all legal document retention obligations are discharged, cancelled, or expire.


Google retains Personal Data collected through the ReCAPTCHA service for a limited period of time, which varies depending on the type of Personal Data and the specific circumstances of its collection.


In order to delete your Personal Data that re CAPTCHA collects and sends to Google, you need to contact Google Support to have all your Personal Data deleted.

9. Security measures

We take commercially reasonable physical, electronic and managerial precautions to prevent the loss and misuse of Personal Data under our control.


To that end we will also execute, where necessary, adequate data transfer arrangements, for any cross-border data transfers from Switzerland to third parties established in the EU/EEA and in the USA, with the aim to achieve an adequate level of data protection of the Personal Data we retain.

10. Your rights

As a data subject whose Personal Data we hold, you have the following rights:


Your right of access - You have the right to ask us for copies of your Personal Data.


Your right to rectification - You have the right to ask us to rectify or correct Personal Data you think is inaccurate. You also have the right to ask us to complete information about Personal Data that you think is incomplete.


Your right to erasure (“right to be forgotten”) - You have the right to ask us to erase or delete your Personal Data in certain circumstances.


Your right to restriction of processing - You have the right to ask us to restrict the processing of your Personal Data in certain circumstances.


Your right to object to processing - You have the right to object to the processing of your Personal Data in certain circumstances, including your right to withdraw or revoke your consent to the processing in certain circumstances.


Your right to data portability - You have the right to ask that we transfer the Personal Data you gave to us to be transferred to another organization, or to you, in certain circumstances.


If you wish to exercise any of the rights relating to your Personal Data set out above, or if you have any questions or comments about privacy issues, or you wish to raise a complaint about how we are using your Personal Data, you can contact us by sending an email to the attention of the Data Protection Officer:

11. Contact Us

For any questions, comments or suggestions about the DataLimits website, please let us know:
Name: DataLimits

12. Copyright

The website and all of its content are the subject of exclusive intellectual property rights of either DataLimits or third party partners and collaborators of DataLimits and are subject to the protection of the relevant intellectual property laws, whether such protection is governed under local country laws or established in accordance with international conventions and treaties. For the avoidance of doubt, such content includes all text, images, graphics, visualizations, audio and/or image files and the website’s “look and feel”.

13. Amendments

DataLimits reserves the right to amend this Privacy & Legal Terms from time to time to reflect technological advancements as well as legal and regulatory changes. If DataLimits changes its practices, an updated version of
this document will reflect those changes by posting any revisions with a notice showing the respective new date
listed on the top of this document.


Such modification shall be effective immediately upon posting on this website.

Your continued access or use of the website after the modifications have become effective shall be deemed your
acceptance of the modified terms and conditions.

DataLimits will have the right to terminate your website access and use if your conduct is determined by the Board
of Directors to be unlawful, violent or otherwise incompatible with the spirit of the purpose of DataLimits and any
code of conduct that it has adopted. In addition, we reserve the right to remove all material that we consider
inappropriate, illegal or in any way contrary to our accepted values and ethical standards.

14. Legal disclaimer

This website and the information it contains is made available “as is” without warranty of any kind, either express or implied. DataLimits gives no guarantees or warranties, and does accept any legal liability or responsibility for the content, the accuracy, the correctness or the data integrity of the information presented on this website, and you should not rely on it for any decision or to take any action.


DataLimits disclaims any warranty that the information on this website will be free of interruption, or that the website is free of viruses, worms, trojan horses or other code that manifest contaminating or destructive properties. In no event will DataLimits be liable for any indirect or consequential damages or losses, including loss of business, loss of reputation, loss of profit or loss of goodwill.

bottom of page