top of page

Privacy Policy

1. Identity and data controller

The WorkLab Sarl is a limited liability company incorporated under Swiss law, with its registered office in Rolle, Vaud, Switzerland. Its activity focuses on leadership transformation.

Contact: info@theworklab.org

 

This policy informs users of theworklab.org and its associated subdomains (including scorecard.theworklab.org) of how their personal data is collected, processed, and protected.

 

Primary legal basis: The Swiss Federal Act on Data Protection (revFADP, in force since 1 September 2023). The WorkLab Sarl also ensures compliance with the European Union General Data Protection Regulation (GDPR) where individuals based in the EU/EEA are concerned.

2. Data collected and purposes

2.1 Via the main website (theworklab.org)

Data provided directly by the user:

  • Contact form: first name, last name, email address, message. Purpose: to respond to your enquiry.

 

Data collected automatically (analytics):

  • Anonymised IP address, browser type, pages visited, session duration. Technology: Google Analytics cookies (with prior consent).

2.2 Via Scorecards and registration forms (scorecard.theworklab.org)

The WorkLab Sarl offers several assessment and positioning tools accessible via scorecard.theworklab.org (hosted on the ScoreApp platform). These currently include an individual Scorecard and an organisational Scorecard, and may extend to additional questionnaires or registration forms (waiting lists, launch campaigns) depending on current activities.

 

For each tool, the following data may be collected:

  • Identification data: first name, last name, email address, job title, industry, organisation size (depending on the tool).

  • Response data: answers to the questionnaire (between 15 and 30 questions covering behavioural, organisational, or professional positioning dimensions).

  • Qualifying data: depending on the tool, this may include perceived level of urgency, tools or systems already in place, actions already taken, readiness for change, anticipated level of investment, or other contextual elements relevant to personalising the output.

 

Purposes of processing:

  • To generate a personalised report or output delivered immediately upon completion of the questionnaire.

  • To subscribe you to The WorkLab Sarl mailing list in order to send you a follow-up email sequence related to your results and The WorkLab’s activities (see section 4 — MailerLite).

  • To manage your registration on a waiting list or inform you of the opening of a programme, event, or offer.

  • To improve the quality and relevance of the tools offered.

 

Important notice: By completing any questionnaire or form available on scorecard.theworklab.org, you are automatically subscribed to The WorkLab Sarl mailing list. You may unsubscribe at any time via the link included in every email.

 

No data collected through these tools is used for commercial profiling, sold or transferred to third parties, or used for fully automated decision-making with legal or similarly significant effects.

3. Legal basis for processing

 

  • Responding to a contact request: Legitimate interest / performance of a contract (art. 6 revFADP)

  • Completing a Scorecard or questionnaire: Performance of a requested service / consent

  • Automatic subscription to the mailing list via Scorecard: Consent given upon completion of the questionnaire — information provided before submission

  • Waiting list or campaign registration form: Explicit consent at the time of registration

  • Follow-up email sequences (MailerLite): Consent (art. 6 revFADP; art. 6.1.a GDPR)

  • Analytics (Google Analytics): Consent via cookie banner

4. Sub-processors and international transfers

The WorkLab Sarl uses the following service providers for the processing of personal data. All have been selected for their level of compliance with applicable regulations. Your data is never sold or rented to third parties.

 

  • Wix.com — Website hosting · USA / Israel: DPA incorporated into Terms of Use; compliant transfer clauses

  • ScoreApp — Hosting of Scorecards and questionnaires · United Kingdom: UK GDPR compliant; data processing obligations incorporated into Terms of Use

  • Zapier Inc. — Automation between ScoreApp and MailerLite · USA: DPA incorporated into Zapier Terms of Use; certified under the Swiss-US Data Privacy Framework

  • MailerLite — Email delivery and automated sequences · Lithuania (EU): GDPR compliant; standard DPA available

  • Google Analytics — Audience measurement · USA: Consent Mode v2; anonymised IP address; Google DPA

5. Retention periods

  • Contact form data: 3 years from the date of last exchange.

  • Scorecard and questionnaire data: 2 years from the date of completion, unless an earlier deletion is requested.

  • Mailing list data (MailerLite): retained for as long as the subscription is active; deleted within 30 days of unsubscription.

  • Waiting list data: deleted within 6 months of the closure of the relevant campaign, unless the individual has entered an active programme.

  • Analytics data (Google Analytics): maximum 14 months (configured setting).

6. Your rights (revFADP 2023 + GDPR)

In accordance with the revised Swiss FADP and, where applicable, the GDPR, you have the following rights:

  • Right of access: to obtain a copy of the data held about you.

  • Right to rectification: to correct inaccurate or incomplete data.

  • Right to erasure: to request the deletion of your data (subject to legal retention obligations).

  • Right to data portability: to receive your data in a structured, machine-readable format (art. 28 revFADP).

  • Right to object: to object to processing based on legitimate interest.

  • Right to withdraw consent: to unsubscribe from the mailing list at any time via the link in any email, or by contacting info@theworklab.org.

 

To exercise any of these rights: info@theworklab.org

You may also lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC): www.edoeb.admin.ch

7. Cookies

The website uses functional cookies (essential to its operation) and analytics cookies (Google Analytics, subject to consent). A consent banner allows you to make your choice before any non-essential cookies are placed. You may manage or withdraw your consent at any time via your browser settings or by contacting us.

8. Security

The WorkLab Sarl implements appropriate technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. In the event of a data breach presenting a high risk to your rights and freedoms, you will be notified within the timeframes set out by the revFADP.

9. Amendments

This policy may be updated at any time. The version in force is the one published on theworklab.org. Date of this version: March 2026.

 

 

bottom of page