Privacy Policy
Fresh Strategy GmbH CHE-411.612.741 Neuenburgstrasse 150 2505 Biel/Bienne Switzerland
Fresh Solutions GmbH CHE-407.539.213 Neuenburgstrasse 150 2505 Biel/Bienne Switzerland
Last updated: 9 July 2026 Privacy contact: stephanie@freshstrategy.ch
Fresh Solutions AI is a brand used by Fresh Solutions GmbH.
The short version
We collect only what we need to work with you, provide our services, run our website, deliver assessments and communicate with people who may benefit from our work.
Your data may be processed by Fresh Strategy GmbH, Fresh Solutions GmbH, or both, depending on the service or contract. We do not sell your personal data. We do not share it with third parties for their own marketing.
We use selected service providers such as Google Workspace, Squarespace, Google Analytics, Google Search Console and LinkedIn. Where required, we use consent banners, contractual safeguards and data protection agreements.
You can contact us at any time to ask what data we hold about you, request correction or deletion, object to outreach, or withdraw consent.
1. Who we are
This privacy policy applies to Fresh Strategy GmbH and Fresh Solutions GmbH. Together, we refer to them as "Fresh", "we", "us" or "our".
Depending on the context, either Fresh Strategy GmbH or Fresh Solutions GmbH may be the contracting entity. Both companies operate from the same registered address and may share relevant business data internally to deliver services, manage client relationships, run assessments, prepare reports, and follow up with you where appropriate.
Where both companies are involved in the same activity, they act as joint controllers under a mutual arrangement. Your single point of contact for all privacy matters, whichever company holds your data, is stephanie@freshstrategy.ch.
2. What this policy covers
This policy covers:
our websites and landing pages
the AI Readiness Assessment
contact forms and email communication
newsletters and LinkedIn content
workshops, trainings, events and webinars
business development and outreach
client projects and consulting work
tools, reports, prototypes and AI-supported services delivered by Fresh
It also applies where Fresh Solutions AI appears as a brand or service name.
3. When you visit our website
Our website runs on Squarespace. Squarespace processes technical data needed to display and secure the website. This may include IP address, browser type, device information, pages viewed and timestamps.
We also use Google Analytics and Google tags to understand how people use our website and which content is useful. This may involve cookies or similar technologies. Analytics and marketing cookies are used only with your consent where consent is required.
We use Google Search Console to understand how our website appears in search results. We use this in aggregate and do not use it to identify individual visitors.
If we activate additional tracking technologies in the future, such as LinkedIn Insight Tag, Meta Pixel or Instagram-related advertising tracking, we will update our cookie settings and use them only where legally permitted, including consent where required.
Legal basis under GDPR and UK GDPR: your consent for analytics and marketing cookies; our legitimate interest in running and securing the website for essential technical processing.
4. Cookies and similar technologies
We may use:
essential cookies needed for the website to work
analytics cookies to understand website performance
marketing or advertising cookies only if activated and consented to where required
You can manage cookies through the cookie banner where available and through your browser settings.
We do not currently use Meta Pixel or Instagram tracking.
5. When you contact us
If you email us, use a contact form, book a call or otherwise contact us, we process the information you provide. This usually includes your name, email address, organisation, role, message and any other information you choose to share.
We use this data to respond to you, prepare conversations, follow up, and take steps at your request before entering into a contract.
Legal basis under GDPR and UK GDPR: contract preparation or performance, legitimate interest, and where relevant your consent.
6. When you take the AI Readiness Assessment
When you complete the AI Readiness Assessment, we process your answers to generate your readiness score and report.
Depending on what you enter, this may include:
your assessment answers
your score and dimension results
your name
your email address
your organisation
your role
your sector or association type
free-text answers, if included
Your answers are stored in Google Sheets. Individual reports are generated and stored in Google Drive and may be sent to you by email.
We use your data to:
calculate your results
generate and send your individual report
understand readiness patterns across organisations
improve the assessment
create anonymised or aggregated benchmarks
follow up with you only where you have requested or consented to this, or where you are an existing client
Your answers are confidential. Only Fresh Strategy and Fresh Solutions see them. Your individual answers are never published or shared with anyone else. Benchmarking is done on an anonymised or aggregated basis.
The AI Readiness Assessment is a self-assessment. It is designed to provide practical guidance and benchmarking insight. It does not produce legal advice and has no legal or similarly significant effect on you.
Assessment responses linked to an identifiable person are kept for up to 24 months, unless a longer period is needed for an active client relationship or legal obligation. Anonymised and aggregated benchmark data may be kept for longer.
Legal basis under GDPR and UK GDPR: your consent (report delivery and follow-up) and our legitimate interest (improving the assessment and anonymised benchmarking).
7. When you subscribe to newsletters or content
If you subscribe to a newsletter, LinkedIn newsletter, event update or other content, we process your name, email address and subscription preferences where available.
We use this data to send you the content you requested and related updates.
You can unsubscribe at any time. Every email includes an unsubscribe link.
Legal basis under GDPR and UK GDPR: your consent, or an existing client relationship for updates about similar services.
8. When we communicate with you on LinkedIn
We use LinkedIn to publish content, send newsletters, connect with relevant professionals and communicate with people in our network.
If you interact with us on LinkedIn, LinkedIn also processes your data under its own privacy policy and terms. We can see the information you make available through LinkedIn, such as your name, role, organisation, profile, comments, reactions and messages.
We may record relevant business contact details from LinkedIn in our own systems where there is a legitimate business reason to do so.
Legal basis under GDPR and UK GDPR: our legitimate interest in maintaining professional relationships.
9. When we reach out to you
We may contact people who may benefit from our work, especially leaders, board members, executives, association professionals, education leads, marketing leads and innovation or AI decision-makers.
For this, we may process basic business contact data, such as:
name
role
organisation
business email address
LinkedIn profile
sector
event or source where we met or found the contact
communication history
Sources may include public websites, LinkedIn, event participant lists, referrals, previous conversations and our own network.
Legal basis under GDPR and UK GDPR: legitimate interest.
You can object at any time. Email stephanie@freshstrategy.ch and we will remove you from outreach lists.
10. When you attend a training, workshop, webinar or event
If you attend a Fresh session, we process information needed to organise and deliver it. This may include your name, email address, organisation, role, registration details, attendance, workshop inputs, feedback, and communications before or after the session.
If a session is organised for a client, we may share attendance or feedback information with that client where appropriate and expected.
We do not publish participant names, workshop notes or identifiable feedback without permission.
11. When we work with you as a client, partner or supplier
When we work together, we process business contact details, correspondence, contracts, proposals, invoices, meeting notes, project documents and other information needed to deliver the work.
Where Fresh processes personal data on behalf of a client, the client usually acts as controller and Fresh acts as processor. In that case, the processing is governed by the client contract and, where required, a data processing agreement.
Where Fresh decides how and why personal data is processed, Fresh acts as controller.
Legal basis under GDPR and UK GDPR: contract performance, legal obligation and legitimate interest.
Accounting, contract and invoicing records are generally kept for 10 years to meet Swiss legal retention requirements.
12. When we use AI tools and automation
Fresh works with AI tools, automation and digital systems as part of its services.
We may use AI-supported tools to help with research, summarisation, drafting, analysis, workshop preparation, reporting, prototyping, workflow design and client deliverables.
Where personal or confidential client data is involved, we limit the data used, use appropriate settings and tools, and process the data only for the agreed purpose. Our AI providers are contractually barred from using our data to train their models.
If a project requires more sensitive data handling, the specific rules are agreed in the client contract, statement of work or data processing agreement.
13. Service providers we use
We use selected service providers to run our business and services. These providers process data only where needed for their function.
Current or expected providers include:
Google Workspace: email, Google Drive, Google Docs, Google Sheets, Google Forms, calendar and related business tools
Squarespace: website hosting, forms and website analytics
Google Analytics and Google tags: website usage analytics and tag management
Google Search Console: search performance monitoring
LinkedIn: company presence, newsletter, content distribution and professional communication
Email, calendar, accounting, banking and administrative tools: business operations, invoicing and communication
AI and automation tools: project delivery, analysis, drafting, workflow support and prototyping, where relevant
If we add material new providers that change how personal data is processed, we will update this policy.
14. International data transfers
We are based in Switzerland. Some of our service providers are based outside Switzerland, the European Economic Area or the United Kingdom, including in the United States.
Where data is transferred internationally, we rely on appropriate safeguards such as adequacy decisions, the Swiss-US or EU-US Data Privacy Frameworks and the UK Extension to the EU-US Data Privacy Framework, standard contractual clauses, data processing agreements, or equivalent safeguards recognised under applicable data protection law.
Google Workspace is configured with the data region set to Europe for covered Workspace data. Some processing by Google and other providers may still take place outside Europe where necessary for support, security, availability or service delivery.
15. How long we keep data
We keep personal data only as long as needed for the purpose for which it was collected, unless a longer period is required by law or needed to protect legitimate interests.
Typical retention periods:
website analytics: according to analytics settings and cookie consent configuration
contact enquiries that do not lead to work: up to 24 months
AI Readiness Assessment responses linked to an identifiable person: up to 24 months
anonymised or aggregated benchmark data: longer, because it no longer identifies individuals
newsletter subscriptions: until you unsubscribe or the list is discontinued
outreach contact data: reviewed periodically and deleted on objection
client project records: for the duration of the project and a reasonable period afterwards
contracts, invoices and accounting records: generally 10 years
16. Your rights
Depending on where you are located and which law applies (the Swiss FADP, the GDPR or the UK GDPR), you may have the right to:
ask whether we process your personal data
receive a copy of your personal data
correct inaccurate data
request deletion
restrict processing
object to processing based on legitimate interest
object to outreach or direct marketing
withdraw consent at any time
receive certain data in a portable format
To exercise these rights, email stephanie@freshstrategy.ch.
We may need to verify your identity before responding.
You can also contact the Swiss Federal Data Protection and Information Commissioner (FDPIC), your local EU or EEA data protection authority, or the UK Information Commissioner's Office (ICO) where the UK GDPR applies.
17. Security
We use organisational and technical measures to protect personal data, including access controls, account security, provider safeguards and internal handling rules.
No system is completely risk-free. We limit access to personal data to people and providers who need it for their work.
18. Children
Our website, assessments and services are designed for professional and organisational use. They are not directed at children.
19. Changes to this policy
We may update this privacy policy when our services, tools, legal obligations or data practices change.
The latest version will be published on our website with the updated date.