Privacy Policy

1. Data controller

Green Nations Foundation
Gartenstrasse 6
6300 Zug, Switzerland

Email: welcome@greennations.org

For inquiries regarding data protection, please contact us by email with the subject line “Data Protection.”

2. Collection and Processing of Personal Data

2.1 Server Log Files

When you visit our website, our hosting provider, Webflow Inc., automatically collects technical information in what are known as server log files:

• IP address of the requesting device
• Date and time of access
• Name and URL of the retrieved file
• Browser type and version, as well as operating system
• Referrer URL (previously visited website)
• HTTP status code and amount of data transferred

This data is technically necessary for the secure operation of the website and is automatically deleted after 30 days at the latest. It is not combined with data from other sources.

2.2 Contact Form

When you use our contact form, we collect the following information:

• First and last name
• Organization / Institution
• Email address
• Phone number (optional)
• Inquiry category (e.g., Partnership, Program, Media)
• Content of your message and category-specific details

This information will be used solely to process your inquiry and will not be shared with third parties without your express consent.

2.3 Contacting us directly via email

If you contact us by email, we will store your email address, your name, and the content of your message in order to process your inquiry. The data will be deleted as soon as the inquiry has been fully processed and any applicable legal retention requirements have expired.

3. Legal Basis for Data Processing

The processing of your data is based on the following legal grounds under the Swiss Data Protection Act (DSG):

• Consent (Art. 6(6) DSG): Where you have given your explicit consent, e.g., by accepting the privacy policy in the contact form.
• Performance of a contract: To the extent that processing is necessary for the initiation or performance of a contractual or cooperative relationship.
• Legitimate interests (Art. 31 DSG): For processing that is technically necessary to ensure the operation of the website, provided that your fundamental rights do not take precedence.
• Legal obligation: Where processing is required by law, such as in the case of tax-related retention obligations.

4. Purpose of Data Processing

We process your data for the following purposes:

• Processing and responding to contact and partnership inquiries
• Establishing and maintaining partnerships, networking relationships, and program participation
• Hosting, operation, and technical improvements to our website
• Ensuring IT security and preventing misuse
• Compliance with legal retention and documentation requirements
• Communication through events, dialogue sessions, and roundtables
• Handling media and press inquiries

5. Retention period

We store your data only for as long as is necessary for the respective purposes or as required by legal retention obligations:

• Server log files: automatic deletion after 30 days at the latest
• Contact requests: generally 12 months after the request is completed
• Cooperation and partner data: for the duration of the partnership plus statutory retention periods (max. 10 years in accordance with the Swiss Code of Obligations)
• Webflow form data: stored for up to 6 months in the Webflow dashboard in accordance with Webflow's privacy policy

Once the retention period has expired, your data will be deleted or anonymized, unless there are compelling legal reasons not to do so.

6. Disclosure of Data to Third Parties

We do not, as a rule, share your data with third parties. Exceptions apply only in the following cases:

• Data processors: Technical service providers such as Webflow Inc. act solely in accordance with our instructions and are contractually obligated to comply with data protection regulations.
• Legal obligation: In the event of an official order or court order.
• With your consent: If you have given your explicit consent.

We expressly do not share or sell your data for marketing purposes.

7. Third-party services

7.1 Webflow (Hosting)

Our website is hosted by Webflow Inc., 398 11th Street, San Francisco, CA 94103, USA. Webflow processes technical access data on servers located in the United States and the EU. Data transfers to the United States are based on the EU Standard Contractual Clauses (SCCs), which Switzerland recognizes as providing an equivalent level of protection. For more information, please visit webflow.com/legal/privacy.

7.2 Google Fonts

Our website may use fonts from Google Fonts (Google LLC, USA). When fonts are embedded locally, no data is transmitted to Google. If fonts are loaded externally, Google may process your IP address; Google is subject to the EU-US Data Privacy Framework.

7.3 External Links

Our website contains links to external websites. The operators of these linked sites are solely responsible for data protection on their sites. We recommend that you read their respective privacy policies.

8. International Data Transfer

When using Webflow, your data may be transferred to the United States. The United States does not have a level of data protection comparable to that of Switzerland. The transfer is based on appropriate safeguards in accordance with Art. 16 of the Swiss Data Protection Act (DSG), in particular through EU Standard Contractual Clauses (SCCs). Should a transfer to other third countries without an adequate level of data protection occur, we will obtain your express consent.

9. Cookies and Tracking

9.1 Technically necessary cookies

Our website uses technically necessary cookies that are essential for its proper functioning. These cookies do not store any personal data and are deleted at the end of your browsing session. Consent is not required for this.

9.2 Analytics Cookies

We currently do not use any analytics or tracking cookies beyond those strictly necessary for the technical operation of the site. Should we use web analytics services in the future, we will ask for your explicit consent in advance.

9.3 Cookie Settings

You can restrict or disable the use of cookies at any time through your browser settings. Please note that disabling technically necessary cookies may affect the functionality of the website.

10. Your rights under the Swiss Data Protection Act

As a data subject, you have the following rights under the revised Swiss Data Protection Act (DSG):

• Right of access (Art. 25 DSG): You have the right to know whether we process data about you, what data we process, for what purpose, and for how long.
• Right to rectification (Art. 32 DSG): You may request the rectification of inaccurate or incomplete data.
• Right to erasure: You may request that your data be erased, provided that there are no legal obligations to retain it.
• Restriction of processing: Under certain conditions, you may request a restriction of processing.
• Right to object: You may object at any time to the processing of your data based on legitimate interests.
• Data portability: You have the right to request that your data be provided to you in a machine-readable format.
• Withdrawal of consent: You may withdraw your consent at any time, effective for the future.

To exercise your rights, please contact welcome@greennations.org (Subject: “Data Protection”). We will process your request within 30 days.

Right to file a complaint: You may file a complaint with the Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern (edoeb.admin.ch).

11. Data Security

We implement appropriate technical and organizational security measures to protect your data from loss, misuse, and unauthorized access. Our measures include:

• Secure data transmission via SSL/TLS (indicated by "https://" in the address bar)
• Restrictions on access to personal data based on the need-to-know principle
• Regular review and updating of our security measures
• Our service providers' contractual obligation to ensure data security

Despite all protective measures, complete security cannot be guaranteed when transmitting data over the Internet.

12. Minors

Our website is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If such data is inadvertently provided to us, we will delete it immediately.

13. Changes to this Privacy Policy

We reserve the right to update this Privacy Policy at any time to reflect current legal requirements or changes to our services. The most recent version published on our website is the one that applies. In the event of significant changes, we will notify you in advance, where possible.

As of April 2026