Primea Consulting ( Adress ) operates the website www.primea-consulting.com (hereinafter referred to as “we,” “our,” or “us”). Through this website, you can learn more about our firm, access our online services, and get in touch with us. Protecting your personal data is of the utmost importance to us. In this Privacy Policy, we provide transparent and easy-to-understand information about what data we collect through our website and how we handle it.

In this Privacy Policy, we explain: - Who is responsible for processing your personal data - What types of data we collect - For what purposes this data is collected - With whom we may share this data - How you can object to certain types of data processing - What rights you have and how you can exercise them

Personal data (also referred to as “personally identifiable information”) includes any information relating to an identified or identifiable natural person. This may include details such as your name, address, date of birth, email address, telephone number, or IP address. It can also cover information about personal preferences, such as hobbies, interests, or memberships.

Special categories of personal data (also referred to as “sensitive data”) include: - Data revealing religious, ideological, political, or trade union views or activities - Data relating to health, private life, racial or ethnic origin, sexual life, or sexual orientation - Data concerning administrative or criminal proceedings and sanctions, as well as measures of social assistance - Genetic and biometric data that uniquely identify a person Where necessary, and only if you voluntarily disclose such information to us, we may process data belonging to these special categories. In such cases, the processing of this data is subject to stricter confidentiality requirements.

Processing (also referred to as “handling”) means any operation performed on personal data, regardless of the methods or procedures used. This includes, in particular, the collection, storage, retention, use, modification, disclosure, archiving, deletion, or destruction of personal data.

Disclosure refers to the transfer or making available of personal data — for example, by publishing it or by sharing it with a third party.

If you have any questions or concerns regarding the protection of your personal data, please contact our Data Protection Officer: Primea Consulting Ritesh Sood Street + NR. City + PLZ + Country

We store your data securely and take all appropriate measures to protect it against loss, unauthorized access, misuse, or alteration. Our employees and contractual partners who have access to your data are obligated to comply with applicable data protection laws. In some cases, it may be necessary, as part of order processing, to forward your requests to affiliated companies. Even in such cases, your data will be handled with strict confidentiality. On our website, we use the SSL (Secure Socket Layer) protocol in combination with the highest level of encryption supported by your browser.

You have the right to request information at any time about the personal data we hold about you. Please send your request for access together with a valid proof of identity to info@primea-consulting.ch

The information will be provided in writing or in another appropriate form, including electronic format if requested. If you prefer, we can also provide the information orally, provided that you can verify your identity in another way. If you submit your request electronically, we will provide the information in a commonly used electronic format unless you specify otherwise. As a rule, access to your data is free of charge. However, if you request additional copies, we may charge a reasonable fee. The right to obtain a copy of your personal data must not adversely affect the rights and freedoms of others. In cases of manifestly unfounded or excessive requests, we reserve the right to refuse to provide the requested information or to charge a reasonable fee, in accordance with applicable law. Your request will be processed within the statutory deadline of 30 days. This period may be extended by up to two additional months if necessary due to the complexity or number of requests. If an extension is required, you will be informed within one month of your request, along with the reasons for the delay.

You have the right to request the deletion, rectification, or completion of your personal data at any time, provided that no statutory retention obligations or other legal grounds require us to retain the data. Please note that exercising these rights may, in certain cases, conflict with contractual obligations and could have implications for the performance of the contract (e.g., early termination of the agreement or additional costs).

You also have the right to request the restriction of processing if you contest the accuracy of the data, if the processing is unlawful, if the data is no longer needed, or if you have objected to the processing. Where processing is restricted, the data may only be stored. Any further processing may only take place with your consent, for the establishment, exercise, or defense of legal claims, to protect the rights of another person, or for reasons of important public interest. You will be notified if the restriction is lifted.

You have the right to receive your personal data in a commonly used electronic format, or (where technically feasible) to have it transferred directly to a third party, if we process your data by automated means and if: - you have given your consent to the processing of such data; or - the data was provided in connection with the conclusion or performance of a contract.

You have the right, at any time and on grounds relating to your particular situation, to object to the processing of your personal data — including profiling — where such processing is based on our legitimate interests. This right also applies to processing carried out for the purposes of direct marketing.

If you are affected by the processing of personal data, you have the right to enforce your rights through legal action or to file a complaint with the competent supervisory authority. In Switzerland, the competent authority is the Federal Data Protection and Information Commissioner (FDPIC).

We primarily process personal data that you provide to us or that we collect in the course of operating our website. In some cases, we may also receive personal data about you from third parties. These may include the following categories:

- Personal identification details (e.g., name, address, date of birth) - Contact information (e.g., mobile number, email address) - Financial information (e.g., bank account details) - Online identifiers (e.g., cookie IDs, IP addresses)

Such data may originate from the following sources:

- Information from publicly available sources (e.g., media, internet) - Information from public registers (e.g., commercial register, debt collection register, land register) - Information in connection with administrative or judicial proceedings - Information relating to your professional roles and activities (e.g., business networks) - Information about you contained in correspondence and meetings with third parties - Creditworthiness information (where we engage in personal business transactions with you) - Information provided by persons from your personal or professional environment, enabling us to conclude or perform contracts with you - Data related to your use of our website

We process your data in good faith and for the purposes set out in this Privacy Policy. In doing so, we ensure that processing is transparent and proportionate. In exceptional cases where these principles cannot be strictly observed, data processing may still be lawful if a valid legal basis exists. Such legal bases include, in particular:

- your consent; - the performance of a contract or pre-contractual measures; - compliance with legal obligations; - our legitimate interests, provided that your interests do not override them.

In some cases, you may be required to provide us with certain personal data in order to establish or conduct a business relationship. Without such data, we are generally unable to conclude or perform a contract. Similarly, the use of our website may not be possible if certain information necessary for the secure transmission of data — such as your IP address — is not disclosed.

If you have given us your consent to process your personal data for specific purposes, we will process your data within the scope of that consent, unless another legal basis applies. You may withdraw your consent at any time with effect for the future by sending an email to the address provided in our legal notice. Please note that any processing carried out prior to the withdrawal remains lawful and unaffected.

In certain situations, we may rely on the services of third parties or affiliated companies and instruct them to process your data on our behalf (so-called processors). Categories of such recipients may include, in particular:

- Accounting, fiduciary, and auditing firms - Consulting firms (e.g., legal, tax, or business advisors) - IT service providers (e.g., web hosting, support, cloud services, website development) - Payment service providers (only with your prior consent) - Providers of tracking, conversion, and advertising services

We ensure that data is only shared with your explicit consent, unless the disclosure is part of commissioned data processing. Furthermore, we take steps to ensure that such third parties and affiliated companies comply with data protection requirements and handle your personal data confidentially. In some cases, we may also be legally required to disclose your personal data to government authorities.

We also collaborate with various companies and partners that may publish their offerings on our website. These are clearly identifiable as third-party offers (marked as “advertising”). If you choose to make use of such an offer, we will transfer your personal data (e.g., name, role, communication details, etc.) to the respective partner or cooperation company whose offer you wish to access, but only with your explicit prior consent. These partners and cooperation companies are independently responsible for the personal data they receive. Once your data has been transferred, the privacy policies of the respective partner will apply.

In certain cases, as part of commissioned data processing, your personal data may be transferred to companies located outside Switzerland. These companies are obligated to comply with data protection requirements to the same extent as we are. Such transfers may take place worldwide. If the level of data protection in the receiving country does not correspond to that of Switzerland, we conduct a prior risk assessment and contractually ensure that equivalent protection is guaranteed (e.g., through the EU Commission’s latest Standard Contractual Clauses or other measures required by law). If our risk assessment results in a negative outcome, we implement additional technical safeguards to protect your data. You may review the EU Commission’s Standard Contractual Clauses at the following link: Standard Contractual Clauses (SCCs).

We retain personal data only for as long as necessary to fulfill the specific purposes for which it was collected. Contract-related data is stored for longer periods where required by statutory obligations. In particular, we are legally obliged to retain business correspondence, executed contracts, and accounting records for up to 10 years. Once such data is no longer required for the provision of services, its processing will be restricted, and it will be used solely for accounting and tax purposes.

When you visit www.primea-consulting.com without registering or otherwise providing information, only the data that your browser automatically transmits to our server is collected. These data are technically necessary for the operation of the website.

What Data Do We Process? For the provision of the website and the creation of log files, we process in particular the following data:

- Name of the internet service provider - IP address - Technical information such as browser type, operating system, or screen resolution - Date and time of access - Referrer URL

These data cannot be attributed to a specific individual, and they are not merged with other data sources.

For What Purpose Do We Process the Data? The processing of log files is carried out to ensure the functionality of the website and to safeguard the security of our IT systems.

With Whom Do We Share the Data? Data disclosure follows our general provisions on data sharing (see Section 7.4).

How Can You Prevent Data Processing? The data are stored only as long as necessary to achieve the purpose for which they were collected. Accordingly, the data are deleted after each session. Since the storage of log files is technically necessary for the operation of the website, you cannot object to this processing — except by refraining from visiting our website.

You can get in touch with us in several ways. Whenever you contact us and provide personal data, we process this data. This applies to all forms of communication — whether oral, written, or through other channels.

What Data Do We Process? When you contact us, we process all the data you provide, in particular:

- Name - Email address - Content and time of your inquiry - Contact details

In some cases, you may be required to provide certain data in order to contact us — for example, when using a contact form or requesting a callback.

For What Purpose Do We Process the Data? The purpose of processing depends on the nature of your inquiry. However, we never use your data for unexpected or unrelated purposes. The most common purposes are communication and response, customer service, and handling of business inquiries.

With Whom Do We Share the Data? Data disclosure follows our general provisions on data sharing (see Section 7.4). If the purpose of your inquiry requires us to involve third parties, we will share your data to the extent necessary.

How Can You Prevent Data Processing? If you contact us, the processing of your data cannot be avoided. If you do not wish your data to be processed, please refrain from contacting us.

Our website uses cookies. Cookies are text files that are stored on your device’s operating system via your browser when you visit our website. Cookies do not cause any harm to your computer and do not contain viruses. Some cookies are technically necessary to ensure the website functions properly. Most of the cookies we use are so-called “session cookies,” which are automatically deleted after your visit. Other cookies remain stored on your device until you delete them or until they expire.

For What Purpose Do We Process the Data? We use cookies to make our website more user-friendly, efficient, and secure. In particular, cookies are used to:

- store your preferences (e.g., language and location settings), - ensure fast and appealing delivery of website content (e.g., through fonts or content delivery networks), - analyze the use of our website for statistical purposes and continuous improvement (often via third-party cookies).

The specific purposes for which we use non-essential cookies are explained in more detail in the relevant sections of this Privacy Policy.

With Whom Do We Share the Data? Data disclosure follows our general provisions on data sharing (see Section 7.4). Further details can be found in the descriptions of individual processing activities within this Privacy Policy.

How Can You Prevent Data Processing? Cookies are stored on your device. You can delete them at any time or adjust your browser settings to disable or restrict the use of cookies. Please note that if you deactivate cookies for our website, certain features may no longer be fully functional. Instructions for managing cookies in the most common browsers can be found here:

For cookies used in performance measurement, reach measurement, or advertising, you may also opt out through the following initiatives:

On our website, you have the option to subscribe to our newsletter. The newsletter provides you with information about new articles, events, and offers. We also collect performance and reach measurement data related to the newsletter.

What Data Do We Process? To send the newsletter and measure its performance, we process in particular the following data: - IP address (usually anonymized so that it can no longer be linked to you personally) - Contact details - Date and time of subscription - Technical information such as browser, operating system, or screen resolution - Interactions with the newsletter (e.g., opens, clicks)

For What Purpose Do We Use the Data? The data collected are used for: - sending the newsletter, including personalization and proper display on your device, - verifying your subscription, - recording your subscription (IP address, date, and time) to detect and prevent misuse, - analyzing the approximate location from anonymized IP addresses to assess the relevance of our offers in different regions and to segment marketing campaigns, - evaluating interactions with the newsletter in order to optimize our campaigns, content, and offers. - Your data are stored for as long as you remain subscribed to the newsletter.

With Whom Do We Share the Data? For the technical handling of newsletters and performance measurement, we use specialized service providers. These providers may operate servers worldwide, which means that your data may be transferred globally. In addition, our general provisions on data sharing (see Section 7.4) apply.

How Can You Prevent Data Processing? You may unsubscribe from our newsletter at any time by clicking the unsubscribe link included in each email you receive from us. Alternatively, you may also unsubscribe by sending us an email.

On our website, you may have the option to comment on certain content.

What Data Do We Process? To publish a comment, you are required to provide the following information: - Content of the comment - Name (or alias, if you do not wish your real name to be displayed) - Email address (not published)

For What Purpose Do We Process the Data? The comment content is collected in order to display your comment. The name is collected to associate a comment with a specific user. If you do not wish your real name to appear, we recommend using an alias. We use your email address for verification, to notify you of replies to your comment, or to contact you if a third party reports your comment as unlawful. To prevent unauthorized use of email addresses and to protect your data, we use a double opt-in process: you will receive an email asking you to confirm that you are the owner of the email address and that you wish to receive notifications. You may unsubscribe from these notifications at any time by clicking the link provided in the email. Your personal data — including email address, registration timestamps, and IP address — will be stored until you unsubscribe from the notification service.

With Whom Do We Share the Data? Data disclosure follows our general provisions on data sharing (see Section 7.4).

How Can You Prevent Data Processing? You can prevent the collection of your data by refraining from posting comments. If you choose to publish a comment, the processing of your data is unavoidable.

We may use tracking pixels (also referred to as web beacons) on our website or in our emails. Tracking pixels are small, usually invisible images that are automatically retrieved when you visit our website or open our emails.

What Data Do We Process? Tracking pixels can capture the same information as log files and may also be used to generate movement profiles of an entire session. In particular, tracking pixels are often implemented by third parties whose services we use. Details about such third-party services are provided in the following sections of this Privacy Policy.

For What Purpose Do We Process the Data? Tracking pixels are used by various analytics and tracking services to analyze the use of our website, generate statistical evaluations, and support continuous improvements. They may also be used for email tracking.

With Whom Do We Share the Data? Data disclosure follows our general provisions on data sharing (see Section 7.4). Please also refer to the relevant sections of this Privacy Policy for more information on specific third-party tracking services.

How Can You Prevent Data Processing? You can prevent the use of tracking pixels by installing suitable browser extensions (e.g., uBlock Origin) and by blocking external images in your email client.

We may update this Privacy Policy from time to time. Any changes will be published on www.primea-consulting.com . You will not be notified separately of such changes.