GDPR Compliance

Last updated: June 9, 2025

Introduction

eNexus is fully committed to complying with the European Union's General Data Protection Regulation (GDPR). This page details our approach to data protection and your rights as an individual.

What is GDPR?

GDPR is an EU regulation that strengthens and unifies data protection for all individuals within the European Union. It also applies to organizations outside the EU that process data of European residents.

Your Rights under GDPR

GDPR grants you several rights regarding your personal data:

Right to Information

To be informed about the collection and use of your personal data.

Right of Access

To obtain access to your personal data and additional information.

Right to Rectification

To have inaccurate or incomplete personal data corrected.

Right to Erasure

To have your personal data deleted in certain circumstances.

Right to Restriction

To restrict the processing of your personal data in certain cases.

Right to Portability

To obtain and reuse your personal data for your own purposes.

Right to Object

To object to the processing of your personal data in certain circumstances.

Rights related to Automated Decision Making

Not to be subject to a decision based solely on automated processing.

Legal Basis for Processing

We process your personal data based on:

  • Your explicit consent for certain processing
  • The performance of a contract or pre-contractual measures
  • Compliance with a legal obligation
  • Protection of vital interests
  • Performance of a task in the public interest
  • Our legitimate interests or those of a third party

Data Processing

Data Collection

  • Data provided directly by you
  • Data collected automatically when using our services
  • Data obtained from third parties with your consent

Data Usage

  • Provision of our recruitment and training services
  • Communication and customer support
  • Improvement of our services
  • Legal and regulatory compliance

Data Retention

We retain your personal data only for as long as necessary for the purposes for which it was collected, in accordance with our retention policies and legal requirements.

Data Security

We implement appropriate technical and organizational measures:

  • Encryption of data in transit and at rest
  • Strict access controls and multi-factor authentication
  • Regular security audits and penetration testing
  • Staff training on data protection
  • Data breach notification procedures

International Transfers

When we transfer data outside the EEA, we ensure that an adequate level of protection is in place through adequacy decisions, standard contractual clauses or other appropriate safeguards.

Exercising Your Rights

To exercise your GDPR rights, contact our Data Protection Officer. We will respond to your request within one month.

Note: We may ask you to verify your identity before processing your request.

Complaints

If you are not satisfied with how we handle your personal data, you have the right to file a complaint with your local data protection authority.

Contact

For any questions regarding our GDPR compliance or to exercise your rights:

Email: legal@enexus.ch

Adresse: eNexus, Zurich, Switzerland