Privacy policy

The data controller within the meaning of the nFADP is:

ORMA Swiss SA

Rue du Lac 22b, 1020 Renens, Switzerland

Email: info@orma.ch

Phone: +41 848 848 849

Single point of contact for any question relating to your personal data: info@orma.ch.

Depending on your interaction with ORMA Swiss SA, we may process:

• Identification data: first name, last name, title, postal address, email address, phone number.
• Professional data: company, role, sector of activity, role in the project.
• Project data: content of your requests, plans, preferences, items provided as part of an assignment.
• Contractual and billing data: contract references, quotes, invoices, payments.
• Browsing data: IP address, session identifiers, pages visited, visit duration, device type, data from cookies.
• Application data: CV, cover letter, references, where applicable.

We do not process any sensitive data (health, opinions, etc.) without express necessity and, where applicable, without your prior consent.

We process your data for the following purposes:

• Responding to your contact, quote or information requests.
• Concluding and performing the contracts relating to our services (consulting, planning, manufacturing, delivery, installation).
• Managing the client relationship, billing and after-sales service.
• Ensuring the quality, security and continuous improvement of our services and the site.
• Sending you, with your agreement, our news and communications about our services.
• Processing your application as part of a recruitment process.
• Complying with our legal and regulatory obligations (in particular tax and accounting).

In accordance with the nFADP, our processing relies on the principles of lawfulness, good faith, proportionality, transparency and purpose limitation. Depending on the context, it is based on:

• The performance of a contract or pre-contractual measures you have requested.
• Our legitimate interest in running and developing our business, securing the site and improving our services.
• Your consent, in particular for the newsletter and cookies that are not strictly necessary.
• Compliance with a legal obligation, in particular in accounting, tax or contractual matters.

Your data is only shared with those who strictly need it for the purposes described. Depending on the case, this may be:

• Our authorised staff, in Switzerland and at our partner sites.
• Technical providers acting as processors within the meaning of the nFADP: hosting, email, customer relationship management (CRM), analytics tools, messaging services, accounting, carriers.
• Authorities, where required by law or a court decision.

We select our processors with care and require them to maintain a level of data protection equivalent to ours, governed contractually.

Our main processors are:

• Infomaniak Network SA (Switzerland) — site hosting and email.
• Google Ireland Ltd / Google LLC — audience measurement (Google Analytics).

Some of your data may be processed outside Switzerland, in particular within the European Economic Area, where our providers are established. We only communicate data abroad to states offering an adequate level of protection recognised by the Federal Council.

If a transfer to a country without an adequate level of protection is necessary, we put in place the safeguards required by the nFADP (recognised standard contractual clauses, binding corporate rules or express consent).

In practice, hosting and email are provided in Switzerland (Infomaniak). The audience-measurement tool Google Analytics may involve a transfer of data to the United States (Google LLC), governed by standard contractual clauses and the safeguards provided for by the nFADP.

Your data is kept for as long as strictly necessary for the purposes for which it was collected, extended, where required by law, by the statutory retention periods.

• Contact or quote request: up to 3 years from the last exchange.
• Contractual relationship: duration of the contract, then 10 years to meet Swiss accounting and limitation obligations.
• Unsuccessful applications: up to 6 months after the end of the process, unless agreed for an extended follow-up.
• Browsing data and cookies: up to 13 months.
• Newsletter: until you unsubscribe.

ORMA Swiss SA implements appropriate technical and organisational measures to protect your data against any unauthorised access, alteration, accidental or unlawful loss or disclosure.

• Encryption of exchanges via the HTTPS (TLS) protocol.
• Access to data strictly limited to authorised persons.
• Regular backups and logging of sensitive access.
• Staff awareness and training on data protection.
• Rigorous contractual oversight of our processors.

In accordance with the nFADP (and, where applicable, the GDPR), you have the following rights:

• Right of access: obtain confirmation that data concerning you is being processed and receive a copy.
• Right of rectification: have inaccurate or incomplete data corrected.
• Right to erasure: request the deletion of your data when it is no longer necessary.
• Right to object: object to processing based on our legitimate interest.
• Right to withdraw your consent at any time, without affecting the lawfulness of prior processing.
• Right to restriction and portability in the cases provided for by the GDPR.
• Right to lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern — or with the competent European authority.

To exercise these rights, write to us at info@orma.ch enclosing proof of identity. We will respond as soon as possible, and at the latest within the legal time limit.

The site uses cookies — small files placed on your device — to ensure it works properly, measure its audience and improve your experience.

Categories of cookies used:

• Strictly necessary cookies: essential for the site to function (security, language preferences, session).
• Audience-measurement cookies: help us understand how the site is used and improve it. Set only with your consent.
• Personalisation cookies: allow the experience to be adapted to your preferences.

You can configure or withdraw your consent at any time via your browser settings. Refusing non-essential cookies does not prevent access to the main content of the site.

Tools used on this site:

• Google Analytics (statistics) — set only after your consent.
• External content (embedded Facebook / YouTube videos) — loaded only after your consent.

You can change your choices at any time via the “Cookie preferences” link at the bottom of the page.

ORMA Swiss SA does not take any decision producing legal effects concerning you based solely on automated processing, and does not carry out high-risk profiling within the meaning of the nFADP.

ORMA Swiss SA may adapt this policy to reflect changes in its services, the tools used or the legal framework. Any change is published on this page, together with an update date.

Last updated : May 2026