Last updated: June 2026

Who We Are

This Privacy Policy explains how Christen Coaching & Consulting GmbH (“we”, “us”, “our”) collects, uses, stores, shares and protects personal data. We act as the data controller responsible for your personal data.
Controller: Christen Coaching & Consulting GmbH (CHE-440.477.155)
Address: Sumpfstrasse 18, 6312 Steinhausen, Switzerland
Email: lisa@christenconsulting.ch

We process personal data in accordance with the Swiss Federal Act on Data Protection (FADP) and, where it applies, the EU General Data Protection Regulation (GDPR).

Scope

This policy applies to personal data we collect through our websites (including lisachristen.com and christenconsulting.ch), in the course of providing advisory, coaching, training and related services, through our mailing lists and social media, and through any other contact with website visitors, clients, prospective clients, subscribers and other individuals we deal with. By using our website or engaging our services, you acknowledge the practices described here.

The personal data we collect

Depending on how you interact with us, we may collect:
• Identity and contact data — name, job title, employer, email address, telephone number, postal address.
• Engagement data — information you share with us in connection with advisory, coaching or training work, including notes, assessments, correspondence and session content.
• Communication data — the content of emails, messages, forms, calls and meetings, including recordings and transcripts where these are made.
• Billing and transaction data — invoicing details, payment information and records of services purchased. We do not store full card details; these are handled by our payment provider.
• Marketing data — your preferences for receiving communications from us.
• Technical and usage data — IP address, browser type, device information, and how you use our website, collected automatically through cookies and similar technologies and through our hosting provider’s server logs.

How we collect your data

We collect personal data directly from you (when you contact us, complete a form, subscribe, or engage our services), automatically when you visit our website, and occasionally from third parties such as your employer or a person who refers you to us.

Why we process your data, and our legal bases

We process personal data only where we have a lawful basis to do so. Depending on the circumstances, we rely on one or more of the following:
• Performance of a contract — to provide our services, manage engagements, and handle invoicing and payment.
• Your consent — for example, to send you marketing emails, to record a session, or to use non-essential cookies. You may withdraw consent at any time.
• Our legitimate interests — to operate and secure our website, respond to enquiries, develop our services, and maintain our business relationships, provided your interests and rights do not override these.
• Compliance with a legal obligation — for example, to meet accounting, tax and record-keeping requirements.

Sensitive personal data

Advisory and coaching work can touch on sensitive matters. Where you choose to share sensitive personal data with us in the course of an engagement, we process it only as necessary to deliver the agreed work and on the basis of your explicit consent or another applicable legal ground. We treat such information with particular care and strict confidentiality.

Third-party services and processors

We use a number of trusted third-party providers to operate our business and website. These providers process personal data on our behalf or as independent controllers, and each is governed by its own privacy policy. We share only the data necessary for the relevant service. Our current providers, grouped by function, are:

  • Customer relationship management and email marketing — HubSpot (CRM, storing contact and relationship records) and Mailchimp (managing email subscribers and newsletters).
  • Website hosting and storage — DreamHost (website hosting and server logs) and Microsoft OneDrive (cloud storage of client and business files).
  • Website forms — Contact Form 7 (contact form submissions on our WordPress website), Tally (intake questionnaires and forms) and Google Forms (surveys and form responses).
  • Meetings and video conferencing — Zoom and Microsoft Teams (video meetings, sessions and calls).
  • Meeting transcription and AI assistance — Fireflies (recording, transcribing and summarising meetings), and Claude (Anthropic) and ChatGPT (OpenAI), which we use to help draft, organise and analyse our work.
  • Voice dictation — Wispr Flow (speech-to-text transcription of spoken notes).
  • Payments and accounting — Stripe (payment processing) and Bexio (invoicing and accounting).
  • Messaging — WhatsApp (client and contact communication).

Where calls, meetings or sessions are recorded or transcribed through these services, this is done only with the awareness of the participants involved. We do not enter confidential client material into third-party tools beyond what is necessary to deliver the agreed work. We exercise no control over these third-party providers’ own privacy practices, and we encourage you to review their privacy policies.

International data transfers

Some of our providers are based outside Switzerland and the European Economic Area, including in the United States. Where we transfer personal data abroad, we rely on a lawful transfer mechanism: a destination country recognised by the Swiss Federal Council and/or the European Commission as providing adequate protection; the Swiss–US and EU–US Data Privacy Frameworks for certified US recipients (the Swiss–US framework has been recognised by Switzerland since 15 September 2024); or appropriate contractual safeguards such as the Standard Contractual Clauses, together with additional measures where needed. You may request further information about the safeguards we apply.

Cookies and website data

Our website uses cookies and similar technologies to function correctly, to keep the site secure, and to understand how it is used. Some are essential; others are used only with your consent, which you can give, decline or change at any time through the cookie banner on our site. For the full, current list of the cookies we use and their purposes, please see the Cookie Policy on our website. Our website also loads fonts hosted by Google, which may transmit your IP address to Google.

How long we keep your data

We keep personal data only for as long as necessary for the purposes described in this policy. Client and engagement records are retained for the duration of our relationship and afterwards for as long as we have a legitimate business or legal reason to do so. Accounting and invoicing records are minimally kept for the statutory retention period required under Swiss law (currently ten years). When data is no longer needed, we delete or anonymise it.

Security

We take appropriate technical and organisational measures to protect your personal data. Information submitted through our website is encrypted in transit. Access to personal data is limited to those who need it to perform their work, and the systems and premises on which we store personal data are kept in a secure environment. No method of transmission or storage is completely secure, but we work to protect your data and to address any incident appropriately.

Your rights

Subject to applicable law, you have the right to:

  • request access to the personal data we hold about you;
  • ask us to correct inaccurate or incomplete data;
  • ask us to delete your data;
  • ask us to restrict or object to certain processing;
  • request a copy of certain data in a portable format;
  • withdraw your consent at any time, where processing is based on consent.

To exercise any of these rights, contact us at lisa@chirstenconsulting.ch. You also have the right to lodge a complaint with a supervisory authority — in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC); in the EEA, your local data protection authority.

Automated decision-making

We do not make decisions producing legal or similarly significant effects about you based solely on automated processing.

Children

Our website and services are intended for professionals and are not directed at children. We do not knowingly collect personal data from children.

Changes to this policy

We may update this Privacy Policy from time to time. We will post any changes on this page and update the date above. We encourage you to review it periodically.

How to contact us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact Lisa Christen at lisa@christenconsulting.ch