Privacy Policy

Fresh Strategy GmbH CHE-411.612.741 Neuenburgstrasse 150 2505 Biel/Bienne Switzerland

Fresh Solutions GmbH CHE-407.539.213 Neuenburgstrasse 150 2505 Biel/Bienne Switzerland

Last updated: 9 July 2026 Privacy contact: stephanie@freshstrategy.ch

Fresh Solutions AI is a brand used by Fresh Solutions GmbH.

The short version

We collect only what we need to work with you, provide our services, run our website, deliver assessments and communicate with people who may benefit from our work.

Your data may be processed by Fresh Strategy GmbH, Fresh Solutions GmbH, or both, depending on the service or contract. We do not sell your personal data. We do not share it with third parties for their own marketing.

We use selected service providers such as Google Workspace, Squarespace, Google Analytics, Google Search Console and LinkedIn. Where required, we use consent banners, contractual safeguards and data protection agreements.

You can contact us at any time to ask what data we hold about you, request correction or deletion, object to outreach, or withdraw consent.

1. Who we are

This privacy policy applies to Fresh Strategy GmbH and Fresh Solutions GmbH. Together, we refer to them as "Fresh", "we", "us" or "our".

Depending on the context, either Fresh Strategy GmbH or Fresh Solutions GmbH may be the contracting entity. Both companies operate from the same registered address and may share relevant business data internally to deliver services, manage client relationships, run assessments, prepare reports, and follow up with you where appropriate.

Where both companies are involved in the same activity, they act as joint controllers under a mutual arrangement. Your single point of contact for all privacy matters, whichever company holds your data, is stephanie@freshstrategy.ch.

2. What this policy covers

This policy covers:

  • our websites and landing pages

  • the AI Readiness Assessment

  • contact forms and email communication

  • newsletters and LinkedIn content

  • workshops, trainings, events and webinars

  • business development and outreach

  • client projects and consulting work

  • tools, reports, prototypes and AI-supported services delivered by Fresh

It also applies where Fresh Solutions AI appears as a brand or service name.

3. When you visit our website

Our website runs on Squarespace. Squarespace processes technical data needed to display and secure the website. This may include IP address, browser type, device information, pages viewed and timestamps.

We also use Google Analytics and Google tags to understand how people use our website and which content is useful. This may involve cookies or similar technologies. Analytics and marketing cookies are used only with your consent where consent is required.

We use Google Search Console to understand how our website appears in search results. We use this in aggregate and do not use it to identify individual visitors.

If we activate additional tracking technologies in the future, such as LinkedIn Insight Tag, Meta Pixel or Instagram-related advertising tracking, we will update our cookie settings and use them only where legally permitted, including consent where required.

Legal basis under GDPR and UK GDPR: your consent for analytics and marketing cookies; our legitimate interest in running and securing the website for essential technical processing.

4. Cookies and similar technologies

We may use:

  • essential cookies needed for the website to work

  • analytics cookies to understand website performance

  • marketing or advertising cookies only if activated and consented to where required

You can manage cookies through the cookie banner where available and through your browser settings.

We do not currently use Meta Pixel or Instagram tracking.

5. When you contact us

If you email us, use a contact form, book a call or otherwise contact us, we process the information you provide. This usually includes your name, email address, organisation, role, message and any other information you choose to share.

We use this data to respond to you, prepare conversations, follow up, and take steps at your request before entering into a contract.

Legal basis under GDPR and UK GDPR: contract preparation or performance, legitimate interest, and where relevant your consent.

6. When you take the AI Readiness Assessment

When you complete the AI Readiness Assessment, we process your answers to generate your readiness score and report.

Depending on what you enter, this may include:

  • your assessment answers

  • your score and dimension results

  • your name

  • your email address

  • your organisation

  • your role

  • your sector or association type

  • free-text answers, if included

Your answers are stored in Google Sheets. Individual reports are generated and stored in Google Drive and may be sent to you by email.

We use your data to:

  • calculate your results

  • generate and send your individual report

  • understand readiness patterns across organisations

  • improve the assessment

  • create anonymised or aggregated benchmarks

  • follow up with you only where you have requested or consented to this, or where you are an existing client

Your answers are confidential. Only Fresh Strategy and Fresh Solutions see them. Your individual answers are never published or shared with anyone else. Benchmarking is done on an anonymised or aggregated basis.

The AI Readiness Assessment is a self-assessment. It is designed to provide practical guidance and benchmarking insight. It does not produce legal advice and has no legal or similarly significant effect on you.

Assessment responses linked to an identifiable person are kept for up to 24 months, unless a longer period is needed for an active client relationship or legal obligation. Anonymised and aggregated benchmark data may be kept for longer.

Legal basis under GDPR and UK GDPR: your consent (report delivery and follow-up) and our legitimate interest (improving the assessment and anonymised benchmarking).

7. When you subscribe to newsletters or content

If you subscribe to a newsletter, LinkedIn newsletter, event update or other content, we process your name, email address and subscription preferences where available.

We use this data to send you the content you requested and related updates.

You can unsubscribe at any time. Every email includes an unsubscribe link.

Legal basis under GDPR and UK GDPR: your consent, or an existing client relationship for updates about similar services.

8. When we communicate with you on LinkedIn

We use LinkedIn to publish content, send newsletters, connect with relevant professionals and communicate with people in our network.

If you interact with us on LinkedIn, LinkedIn also processes your data under its own privacy policy and terms. We can see the information you make available through LinkedIn, such as your name, role, organisation, profile, comments, reactions and messages.

We may record relevant business contact details from LinkedIn in our own systems where there is a legitimate business reason to do so.

Legal basis under GDPR and UK GDPR: our legitimate interest in maintaining professional relationships.

9. When we reach out to you

We may contact people who may benefit from our work, especially leaders, board members, executives, association professionals, education leads, marketing leads and innovation or AI decision-makers.

For this, we may process basic business contact data, such as:

  • name

  • role

  • organisation

  • business email address

  • LinkedIn profile

  • sector

  • event or source where we met or found the contact

  • communication history

Sources may include public websites, LinkedIn, event participant lists, referrals, previous conversations and our own network.

Legal basis under GDPR and UK GDPR: legitimate interest.

You can object at any time. Email stephanie@freshstrategy.ch and we will remove you from outreach lists.

10. When you attend a training, workshop, webinar or event

If you attend a Fresh session, we process information needed to organise and deliver it. This may include your name, email address, organisation, role, registration details, attendance, workshop inputs, feedback, and communications before or after the session.

If a session is organised for a client, we may share attendance or feedback information with that client where appropriate and expected.

We do not publish participant names, workshop notes or identifiable feedback without permission.

11. When we work with you as a client, partner or supplier

When we work together, we process business contact details, correspondence, contracts, proposals, invoices, meeting notes, project documents and other information needed to deliver the work.

Where Fresh processes personal data on behalf of a client, the client usually acts as controller and Fresh acts as processor. In that case, the processing is governed by the client contract and, where required, a data processing agreement.

Where Fresh decides how and why personal data is processed, Fresh acts as controller.

Legal basis under GDPR and UK GDPR: contract performance, legal obligation and legitimate interest.

Accounting, contract and invoicing records are generally kept for 10 years to meet Swiss legal retention requirements.

12. When we use AI tools and automation

Fresh works with AI tools, automation and digital systems as part of its services.

We may use AI-supported tools to help with research, summarisation, drafting, analysis, workshop preparation, reporting, prototyping, workflow design and client deliverables.

Where personal or confidential client data is involved, we limit the data used, use appropriate settings and tools, and process the data only for the agreed purpose. Our AI providers are contractually barred from using our data to train their models.

If a project requires more sensitive data handling, the specific rules are agreed in the client contract, statement of work or data processing agreement.

13. Service providers we use

We use selected service providers to run our business and services. These providers process data only where needed for their function.

Current or expected providers include:

  • Google Workspace: email, Google Drive, Google Docs, Google Sheets, Google Forms, calendar and related business tools

  • Squarespace: website hosting, forms and website analytics

  • Google Analytics and Google tags: website usage analytics and tag management

  • Google Search Console: search performance monitoring

  • LinkedIn: company presence, newsletter, content distribution and professional communication

  • Email, calendar, accounting, banking and administrative tools: business operations, invoicing and communication

  • AI and automation tools: project delivery, analysis, drafting, workflow support and prototyping, where relevant

If we add material new providers that change how personal data is processed, we will update this policy.

14. International data transfers

We are based in Switzerland. Some of our service providers are based outside Switzerland, the European Economic Area or the United Kingdom, including in the United States.

Where data is transferred internationally, we rely on appropriate safeguards such as adequacy decisions, the Swiss-US or EU-US Data Privacy Frameworks and the UK Extension to the EU-US Data Privacy Framework, standard contractual clauses, data processing agreements, or equivalent safeguards recognised under applicable data protection law.

Google Workspace is configured with the data region set to Europe for covered Workspace data. Some processing by Google and other providers may still take place outside Europe where necessary for support, security, availability or service delivery.

15. How long we keep data

We keep personal data only as long as needed for the purpose for which it was collected, unless a longer period is required by law or needed to protect legitimate interests.

Typical retention periods:

  • website analytics: according to analytics settings and cookie consent configuration

  • contact enquiries that do not lead to work: up to 24 months

  • AI Readiness Assessment responses linked to an identifiable person: up to 24 months

  • anonymised or aggregated benchmark data: longer, because it no longer identifies individuals

  • newsletter subscriptions: until you unsubscribe or the list is discontinued

  • outreach contact data: reviewed periodically and deleted on objection

  • client project records: for the duration of the project and a reasonable period afterwards

  • contracts, invoices and accounting records: generally 10 years

16. Your rights

Depending on where you are located and which law applies (the Swiss FADP, the GDPR or the UK GDPR), you may have the right to:

  • ask whether we process your personal data

  • receive a copy of your personal data

  • correct inaccurate data

  • request deletion

  • restrict processing

  • object to processing based on legitimate interest

  • object to outreach or direct marketing

  • withdraw consent at any time

  • receive certain data in a portable format

To exercise these rights, email stephanie@freshstrategy.ch.

We may need to verify your identity before responding.

You can also contact the Swiss Federal Data Protection and Information Commissioner (FDPIC), your local EU or EEA data protection authority, or the UK Information Commissioner's Office (ICO) where the UK GDPR applies.

17. Security

We use organisational and technical measures to protect personal data, including access controls, account security, provider safeguards and internal handling rules.

No system is completely risk-free. We limit access to personal data to people and providers who need it for their work.

18. Children

Our website, assessments and services are designed for professional and organisational use. They are not directed at children.

19. Changes to this policy

We may update this privacy policy when our services, tools, legal obligations or data practices change.

The latest version will be published on our website with the updated date.