The same applies when someone provides me with their contact information in any other way,
for example by giving me their business card.
In the case of oral conversations, I sometimes write, exclusively for my personal purpose of
being able to remind myself, brief notes on where we have met and/or on what we talked about,
together with the relevant contact information, so that I can personally contact you again.
I do this systematically in the case of business networking conversations of all
When I have a reason to do so, I will also find published contact information e.g. on
websites or on LinkedIn.
I will use contact information collected in any of the above-mentioned ways only when seeking to contact someone
personally, individually. (I am quite strongly opposed to practices of “list-building” where
people are added to mailing lists without explicitly requesting that.)
When I make an appointment with someone, I always note the appointment in my electronic agenda,
because I would probably forget about most my appointments if I didn't do that.
When I coach someone, I create electronic records in regard to whom I have coached, as well
as the date, time and duration of the coaching sessions.
The only way in which this information is processed in an automated manner is to determine the
total amount of time that I have spent coaching during a given period of one or more months.
I also keep the coachee's contact information and the written coaching agreement.
All of this information in relation to business communications and business activities
is deleted when it is between ten and eleven years old. In addition, you can ask me at any time
to immediately delete all personal data concerning you to the extent that I'm allowed to do so.
(I am legally required to keep copies of some kinds of documents, e.g. invoices that I send,
for ten years.)
I have organized my business activities so that they avoid generating personal data in
any other way except as documented here.
In particular, I do not create any kind of records about the content of coaching
conversations. My business website is hosted on a webserver which I have
personally set up to avoid generating logfiles that would contain personal information.
(This uses the “anonip” logfile
“web analytics” or externally hosted graphics or fonts.
In my interactions with professional organizations in the field of coaching such as the
International Coach Federation (ICF), I have a need to
be able to not only make claims about my total number of coaching hours, but in addition to
allow them to potentially audit my records to allow them to verify the veracy of my claims.
Such potential audits aside, I will, to the extent that is legally possible, avoid disclosing
to anyone any of the personal information that I have collected in the context of my
The legal basis of all my processing of personal data consists on one hand in the fact that
when someone sends me an email or otherwise communicates their contact information, by the very
act of communication, implicitly permission is given to receive and store the contents of the
communication. On the other hand the permission to create records of my coaching activity,
containing the information when I have coached whom for how long, is based on the written
You have all the rights foreseen in the Swiss data protection law (Datenschutzgesetz, DSG)
and in the EU's General Data Protection Regulation (GDPR), including in particular the right of
access to and rectification or erasure of your personal data, the right to object to processing of
your personal data, the right to data portability, and the right to lodge a complaint with a
supervisory authority. In practical terms, as the only processing which takes place is for
purposes of storing the information so that I can access it, any objection to processing will be
addressed by means of erasure of the data. In the case of requests based on the right to data
portability, emails will be provided in mbox format, all other information in csv format.
All requests on the basis of these rights will be acknowledged and executed promptly.
Name and address of the “controller”
An important notion in the context of the Swiss data protection law (Datenschutzgesetz, DSG),
the EU's General Data Protection Regulation (GDPR), and other data protection laws is the
notion of the “controller” of the data. In this case this is:
Norbert Bollow Coaching and Framework Solutions
Phone: +41 44 972 20 59
As foreseen in Article 27 of the EU's General Data Protection Regulation (GDPR), there is,
in addition to the above-mentioned “controller” of the data, an EU representative who can be
contacted in addition to or instead of the above-mentioned “controller”, on all issues related
to processing of personal data by this company.
This EU representative is:
Dr. Anna Bollow-Mannzen