Privacy Policy
1. Data Controller
The Data Controller is Sara Borromeo d’Adda – Identity Coach, with registered office in Lugano, Switzerland.
For any questions regarding the processing of personal data, you may contact the Data Controller at coach@saraborromeodadda.com.
This Privacy Policy applies to the website https://saraborromeodadda.com and to the related identity coaching activities.
2. Personal Data Collected
Only personal data strictly necessary to provide the services are processed. These may include:
first and last name
email address, telephone number, and any postal address provided
billing and invoicing data (where a client relationship is established)
the content of messages sent via the contact form, email, or social media channels
limited technical data relating to website usage (such as IP address, date and time of access, and requested pages), collected solely for technical operation and security purposes
Personal data are provided voluntarily by the user when submitting a contact request, sending a message, or otherwise contacting the Data Controller.
3. Purposes and Legal Basis of Processing
Personal data are processed for the following purposes:
responding to enquiries submitted via the website, email, or social media
organising and delivering identity coaching services and related activities
managing administrative and accounting obligations, including invoicing and compliance with applicable tax laws
ensuring the security and proper functioning of the website
sending updates or communications regarding identity coaching services and events, only where the user has expressly opted to receive them
Under the GDPR, processing is based on the following legal grounds:
performance of pre-contractual or contractual obligations (Article 6(1)(b) GDPR)
compliance with legal obligations (Article 6(1)(c) GDPR)
consent (Article 6(1)(a) GDPR), where required, for newsletters or non-essential marketing communications
Under the Swiss Federal Act on Data Protection (nLPD), personal data are processed lawfully, proportionately, and for specific and identifiable purposes.
The provision of certain data is optional; however, failure to provide essential information (such as a name or email address) may prevent the Data Controller from responding to the request.
4. Processing Methods and Data Retention
Personal data are processed using electronic means and, where necessary, paper-based systems, with appropriate technical and organisational measures in place to safeguard the data against unauthorised access, loss, or misuse.
Data are retained only for as long as necessary to fulfil the purposes for which they were collected, including:
the management of enquiries and coaching relationships, as well as compliance with statutory retention obligations (e.g. accounting and tax requirements);
marketing communications, until consent is withdrawn or a deletion request is submitted.
5. Website, Cookies, and Third-Party Services
The website may use technical cookies and collect access logs to ensure its proper functioning and security.
No advanced analytics tools (such as Google Analytics or Google Search Console) and no profiling or marketing cookies are used.
Should additional services be implemented in the future, this Privacy Policy will be updated accordingly.
6. Social Media (Instagram, Facebook, LinkedIn)
The identity coaching activity maintains a presence on Instagram, Facebook, and LinkedIn. When users interact with these profiles (e.g. by liking, commenting, or sending messages), personal data may be processed both by Sara Borromeo d’Adda and by the relevant social media platforms, which act as independent data controllers under their own privacy policies.
Further information on how these platforms process personal data can be found in their respective privacy notices (e.g. Meta’s Data Policy and LinkedIn’s Privacy Policy).
7. Disclosure of Personal Data
Personal data may be disclosed only to:
service providers assisting with website hosting, email services, or accounting and administrative support (such as hosting providers, email service providers, or tax advisors), who are subject to confidentiality and data protection obligations;
public authorities or bodies, where disclosure is required by applicable law.
Personal data are not sold or disclosed to third parties for independent marketing purposes.
8. International Data Transfers
Certain service providers used by the Data Controller (such as hosting, email, or social media platforms) may be located outside Switzerland or the European Union / European Economic Area.
In such cases, appropriate safeguards are implemented, including standard contractual clauses or equivalent legal mechanisms, to ensure an adequate level of data protection in accordance with applicable data protection laws.
9. Data Subject Rights
In accordance with the nLPD and, where applicable, the GDPR, data subjects have the right to:
obtain confirmation as to whether their personal data are being processed and access such data;
request the rectification or updating of inaccurate or incomplete data;
request the erasure or restriction of processing, where legally applicable;
object to the processing of personal data, in particular for direct marketing purposes;
withdraw consent at any time, where processing is based on consent;
where applicable, request the portability of personal data.
Requests may be submitted by contacting coach@saraborromeodadda.com.
10. Complaints
If a data subject considers that the processing of their personal data violates applicable data protection laws, they may lodge a complaint with:
the Swiss Federal Data Protection and Information Commissioner (FDPIC); or
where the GDPR applies, the competent data protection authority in their country of residence, place of work, or the place of the alleged infringement.
11. Updates to This Privacy Policy
This Privacy Policy may be amended from time to time to reflect changes in legal requirements or organisational practices.
The most up-to-date version is always available at https://saraborromeodadda.com.