LakeHill GRC

ServiceS
CONTACT
ABOUT US
downloads
SME special
recommendations

Privacy Policy

Effective Date: June 17, 2025

General Information

We value your privacy and are committed to protecting your personal data. This Privacy Policy outlines how LakeHill GRC LLC and LakeHill GRC Reto H. Wenger collects, uses, and safeguards personal data in accordance with applicable data protection laws, including the Swiss Federal Act on Data Protection (FADP), the General Data Protection Regulation (GDPR) of the European Union, and relevant U.S. state and federal data privacy regulations.

Data Collection and Purpose of Processing

We collect and process personal data only when necessary and for the following purposes:

  • To provide professional services (e.g., consulting, executive search, GRC advisory)
  • To respond to inquiries via contact forms or email
  • For client communication and relationship management
  • For legal, contractual, and compliance obligations
  • For website analytics and performance monitoring

The types of personal data collected may include your name, email address, company affiliation, job title, phone number, and any additional information you voluntarily provide.

European Union (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data in accordance with the GDPR. Under the GDPR, you have specific rights, including:

  • The right to access, rectify, or erase your personal data
  • The right to restrict or object to processing
  • The right to data portability
  • The right to withdraw consent at any time
  • The right to lodge a complaint with your local data protection authority

We only process your personal data based on a lawful basis as defined under Article 6 GDPR, such as your consent, a contractual obligation, legal requirement, or our legitimate interest.

Switzerland (FADP)

If you are located in Switzerland, we process your data according to the revised Federal Act on Data Protection (revFADP) effective since September 1, 2023. We ensure transparency in data handling and only process data where there is a lawful purpose. You have the right to request access to your data, correction, and deletion, and may object to data processing under applicable Swiss law.

Personal data may be stored in Switzerland or abroad, provided the destination country ensures adequate data protection, or appropriate safeguards are in place (e.g., standard contractual clauses).

United States

While there is no comprehensive federal data protection law, we endeavor to comply with applicable U.S. regulations, such as:

  • The California Consumer Privacy Act (CCPA) / CPRA
  • The Virginia Consumer Data Protection Act (VCDPA)
  • The Colorado Privacy Act, among others

If you are a resident of a U.S. state with privacy rights, you may have the right to:

  • Know what personal information we collect and why
  • Access or delete personal data
  • Opt out of data sharing or sales (we do not sell personal data)
  • Correct inaccurate personal information

To exercise your rights, please contact us as outlined below.

Third-Party Services & Data Transfers

We may use third-party service providers (e.g., website analytics, hosting, cloud storage) that may process your data on our behalf under strict confidentiality agreements and in compliance with relevant data transfer mechanisms, including Standard Contractual Clauses (SCCs) or adequacy decisions.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse. This includes encryption, access control, and regular data security assessments.

Contact

If you have any questions or would like to exercise your rights under applicable privacy laws, please contact:

LakeHill GRC LLC
7901 4th St. N Ste 300
St. Petersburg, FL 33702
United States of America
📧 info@lakehillgrc.com

LakeHill GRC Reto H. Wenger
Hungerstrasse 51
8832 Wilen bei Wollerau
Switzerland
📧 reto.h.wenger@lakehillgrc.com

HOME