Privacy Notice

Personal data refers to any information that relates to an identified or identifiable living natural person.

In General:

• Personal identifiers (such as name, business affiliation, contact details, and address)
• Payment details
• Content of ISBerne’s communication with you
• Engagement with ISBerne, including events attended, donations received, and volunteer service
• Security information (such as CCTV footage)
• Cookies and other website usage data

Regarding Students and Their Families:

• Personal identifiers (such as name, unique student number, family relationships, contact details, and address)
• Characteristics (such as gender, age, language, and nationality)
• Attendance information (such as classes attended, number of absences, absence reasons, and previous schools attended)
• Assessment information (such as data scores, tracking, and internal and external testing)
• Relevant medical information (such as insurance information, health conditions, physical and mental health care, immunizations, allergies, dietary requirements, and medication)
• Special educational needs information (such as care or support plans)
• Safeguarding information
• Photographs and videos (see relevant guidelines)
• Behavioral information (such as exclusions and any relevant provisions put in place)
• Information regarding children’s pastoral care and support

Personal data is generally used for the purposes of managing our relationship with you, communicating with you and/or to provide you with information you may request from us. More specifically, in line with applicable law, personal data may be used for the following purposes and for other purposes compatible with the purposes described below:

• to support student learning
• to monitor and report on student progress
• to provide appropriate first-aid and pastoral care
• to assess the quality of our services
• to meet the statutory requirements placed upon us by the cantonal and federal authorities
• to support our admissions process
• to inform parents about events, activities, and other things happening in the school
• to help investigate any concerns or complaints you may have
• to establish, defend or exercise claims
• to terminate our contractual relationship
• build and maintain the ISB community
• make you aware and inform you about our services, news, events, and activities
• alumni: respond to your request regarding historic information about your time at ISBerne

Personal data may further be used for any other purpose you give your explicit consent to, or for purposes that may be of a legitimate interest to ISBerne.

Personal data is stored in line with the Swiss data protection regulations and EU GDPR on servers located in Switzerland, EU-EFTA countries, USA and UK. ISBerne maintains appropriate technical and organizational measures to preserve the confidentiality and integrity of your personal data (protection against unauthorized or unlawful access or processing, accidental loss, destruction or damage, cyber-security).

ISBerne does not store personal data indefinitely; data is only stored for as long as is necessary to serve the purposes described above. It may be processed beyond the end of our contractual relationship to establish, defend or exercise claims (during the applicable limitation period), meet legal or post-contractual obligations, including legal documentation requirements, and to safeguard other legitimate interests of ISBerne.

ISBerne restricts the use of and access to personal data to those who have an absolute need to know in order to provide the services and serve the purposes described above (authorized personnel or agents). ISBerne will not share your personal data with any external parties other than set out in this Privacy Notice, or except with your explicit prior consent, or as required under applicable laws or regulations.

External recipients who ISBerne routinely shares personal data with are the following:

• any company or provider where sharing the information is necessary to make payments or book benefits to you
• schools that the students attend after leaving us
• our local, cantonal and federal authorities to meet our legal obligations
• the Swiss education authorities
• the student’s family and representatives
• educators and examining bodies
• service providers to enable them to provide the service we have contracted them for (e.g., providers of IT services; academic service providers; providers of extra-curricular activities, internships and field trips; tertiary education institutions)
• our auditors
• health authorities and child protection authorities
• police forces, courts, tribunals
• Where necessary, ISBerne will oblige external recipients to comply with this Privacy Notice and to process personal data securely and exclusively for the purposes allowed by ISBerne.

Transfer of personal data is usually limited to recipients located in Switzerland. However, transfer of personal data may occur to recipients located in the following countries: EU-EFTA, UK, USA.  If external recipients or external service providers are located in countries whose legislation does not guarantee an adequate level of data protection, ISBerne will implement suitable safeguards in the form of appropriate contractual clauses, namely standard contractual clauses and model contracts for data transfers recognized by the Swiss Federal Data Protection and Information Commissioner, in order to ensure compliance with this Privacy Notice and applicable laws.

Under data protection legislation, you have some rights regarding your personal data processed by us in order to verify the lawfulness of processing. In particular, you have the right to:

• request information about your personal data processed by ISBerne
• request a copy of the personal data ISBerne holds on you; this includes the right to data portability, i.e., the right to receive your personal data in a structured, commonly used format
• restrict processing and/or object to the processing of personal data, in which case we may, however, no longer be in a position to provide any related services or perform our contractual obligations
• request that your personal data is erased where there is no compelling reason for its continued processing
• request that your personal data is amended if it is inaccurate or incomplete

Where the processing of your personal data is based on your consent, you have the right to withdraw this consent at any time. Such withdrawal of consent will not affect the lawfulness of the processing based on consent before the withdrawal.

Please note that your rights pursuant to this section may be limited in order to preserve any preponderant interest of ISBerne or any third parties.

In addition, you have the right to lodge a complaint with the competent data protection authority. The competent data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).