Privacy Policy

SkillRForge operates a platform for professional qualification upgrade and continuing education. This privacy policy describes what personal data we collect when you use SkillRForge.digital, how we process it, and the rights available to individuals. We apply principles of data minimisation, purpose limitation and technical organisational measures appropriate to the risk. Our practices align with Swiss data protection requirements and take account of EU General Data Protection Regulation (GDPR) provisions where they apply. The policy covers learners, instructors, corporate clients and visitors to our website.

04-03-2026 SkillRForge [email protected]

Definitions

This section clarifies key terms used throughout the policy to ensure a consistent understanding of data types, roles and processing activities relevant to SkillRForge.digital.

Personal data means any information relating to an identified or identifiable individual, including name, contact details, professional identifiers, training records and other information that can be linked to a person.
Processing refers to any operation performed on personal data, including collection, storage, access, use, disclosure, alteration and deletion, whether automated or manual.
User denotes any individual interacting with SkillRForge.digital, such as learners, instructors, hiring managers, corporate account administrators and site visitors.
Service refers to the set of online offerings provided by SkillRForge to support professional qualification upgrades, including course delivery, assessments, certification management and administrative tools.
Cookies are small text files placed on a device to store information about the user's interaction with the website. Similar technologies include local storage and web beacons used to improve functionality and measure usage.

Data we collect

We collect data that is necessary to provide the platform and to meet legal and contractual obligations. Collection is limited to what supports onboarding, course delivery, certification, billing, security and user support.

Data you provide directly

When registering and using SkillRForge, you may provide the following categories of information voluntarily or as required to create an account and participate in courses:

  • Identity and contact: full name, email address, telephone number, postal address and professional affiliation.
  • Professional and qualification information: job title, employer, certifications, CV details, training history and evidence required for course enrolment or accreditation.
  • Account credentials and preferences: username, encrypted password, language preferences and communication preferences.
  • Payment and billing: billing address, invoicing information and payment transaction details processed by authorised payment providers.
  • Course interaction content: submitted assignments, assessment responses, feedback, certificates earned and transcripts.
  • Support communications: messages platform with our support team, including case notes and any attachments you provide during support interactions.

Data collected automatically

Technical and usage data is collected automatically to operate, secure and improve the platform. This information helps diagnose issues, personalise the service and maintain platform integrity.

  • Device and browser data: device type, operating system, browser version and screen resolution.
  • Usage and interaction data: pages visited, features used, session duration, timestamps and course progress metrics.
  • IP address and approximate location derived from IP for security and fraud prevention purposes.
  • Performance and error logs: crash reports, error diagnostics and system events.
  • Cookies and similar identifiers used to manage sessions, preferences and analytics.
  • Aggregated or pseudonymised analytics data used for product improvement and research.

Data from third parties

We may receive data about you from third parties for account verification, payments, integrations or corporate client arrangements. Such data is processed in accordance with this policy and applicable law.

  • Identity verification and background checks provided by vetted identity service providers when required for specialised accreditation or compliance checks.
  • Payment processors and invoicing services that handle payment card or bank transfer details on our behalf.
  • Corporate customer administrators who supply employee enrolment data and role assignments for enterprise accounts.

Purposes of processing

We process personal data to deliver and improve the SkillRForge service, to meet contractual and legal obligations, and, where permitted, to inform users about relevant offerings.

  • Account management: create and maintain user accounts, authenticate access and manage user preferences.
  • Course delivery and certification: provide access to learning content, assessments, competency tracking and issuance of certificates or transcripts.
  • Billing and business administration: process invoices, payments and refunds through authorised providers.
  • Support and communications: respond to enquiries, provide technical support and communicate important service information.
  • Security and fraud prevention: detect and prevent unauthorised access, abuse and other security incidents.
  • Product improvement and research: aggregate usage data to enhance platform features, user experience and course quality.
  • Compliance and legal obligations: respond to lawful requests from authorities and maintain records required by applicable law.
  • Marketing and optional communications: send information about courses and events where you have given consent or when you are an existing customer and communications are permitted by law.

Legal bases for processing

When processing personal data we rely on lawful bases set out in applicable data protection law. The relevant basis depends on the processing activity.

  • Performance of a contract: necessary to provide the platform and fulfil service agreements with users and corporate customers.
  • Legal obligation: compliance with statutory requirements, tax and regulatory obligations under Swiss and other applicable law.
  • Legitimate interests: for platform security, fraud prevention, product improvement and business administration, balanced against individual rights and freedoms.
  • Consent: where required, for marketing communications, cookies and optional processing not covered by other legal bases. Consent may be withdrawn at any time.

GDPR and data subject rights

If GDPR applies to your personal data, you have a set of rights to exercise in relation to processing by SkillRForge. We describe these rights and how to contact us to make a request.

  • Right of access: request confirmation of whether we process your personal data and obtain a copy of that data.
  • Right to rectification: ask us to correct inaccurate or incomplete personal data.
  • Right to erasure (right to be forgotten): request deletion of personal data where there is no overriding lawful reason for retention.
  • Right to restrict processing: request a temporary block on certain processing activities in specified circumstances.
  • Right to data portability: obtain personal data in a structured, commonly used and machine-readable format and transmit it to another controller where applicable.
  • Right to object: object to processing based on legitimate interests or direct marketing; we will assess and respond in line with legal requirements.

Cookies and similar technologies

SkillRForge.digital uses cookies and similar technologies to ensure functionality, enhance performance and provide analytics. We explain the main categories and how you can manage your preferences.

Common cookie types used include necessary cookies to operate the service, preference cookies to remember settings, performance/analytics cookies to understand usage patterns, and marketing cookies for personalised communications where consent is obtained.

Necessary: required for core platform functionality. Preferences: store language and display settings. Analytics: collect anonymous usage metrics. Marketing: support tailored outreach and third-party integrations where consent is provided.

You can manage cookie preferences through our cookie settings interface and via browser controls to block or delete cookies. Note that disabling certain cookies may affect the functionality of the service.

Detailed cookie policy and preference settings

Data sharing and disclosures

We share personal data only as necessary with trusted third parties to provide the service, comply with legal obligations or with your consent. We limit disclosures and put contractual safeguards in place.

  • Service providers: cloud hosting, platform infrastructure, analytics and payment processors acting on our instructions.
  • Accreditation partners and training providers: where sharing is required to validate enrollment, issue certifications or fulfil course requirements.
  • Corporate customers: for enterprise accounts, authorised corporate administrators may receive information about their enrolled employees as agreed in account terms.
  • Legal and regulatory bodies: disclosures required to respond to lawful requests, contribute or to meet compliance obligations.
  • Professional advisors: auditors and legal advisors under appropriate confidentiality safeguards.
  • Affiliates and successors: in connection with a business reorganisation, merger, sale of assets or corporate restructuring, subject to contractual protections.

International data transfers

SkillRForge is based in Switzerland and may transfer personal data to jurisdictions outside Switzerland and the European Economic Area (EEA) for hosting, processing or service provision. Transfers are conducted in accordance with applicable law and only when appropriate safeguards are in place.

Safeguards include relying on adequacy decisions, standard contractual clauses adopted for international transfers, binding corporate rules where applicable and contractual commitments with processors to ensure adequate protection of personal data.

Data retention

We retain personal data only as long as necessary for the purpose for which it was collected, to satisfy legal obligations and to establish or defend legal claims. Retention periods vary by data type and purpose.

Account information is retained for the duration of the active account. After account closure, account data is retained for a period required for compliance, billing reconciliation and legitimate business purposes, typically not exceeding a defined retention schedule consistent with applicable law.

Support tickets, communications and related records are kept for the time required to resolve issues and for a reasonable period thereafter to enable quality assurance, training and legal compliance.

Technical logs and audit trails used for security and troubleshooting are retained for a limited period to enable incident contribute and system improvement, subject to periodic deletion or anonymisation.

When retention periods expire or upon valid deletion requests, we securely delete or anonymise personal data in accordance with our deletion procedures, unless further retention is required by law.

Security of personal data

We apply technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration or destruction. Security measures are reviewed periodically and adapted to evolving risks to maintain an appropriate level of protection.

  • Encryption: use of TLS for data in transit and encryption at rest for sensitive storage locations where appropriate.
  • Access controls: role-based access and least-privilege principles combined with multi-factor authentication for administrative accounts.
  • Operational controls: regular vulnerability scanning, security audits, incident response procedures and staff training on data protection.

Your rights

You can exercise your rights by contacting our data protection contact. We verify requests to protect privacy and will respond within applicable timeframes under relevant law.

  • Access: obtain a copy of personal data we hold about you and information about processing activities.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure and restriction: request deletion or limited processing where grounds exist under applicable law.
  • Data portability: request a machine-readable copy of personal data you provided, where technically feasible.
  • Withdraw consent and lodge complaints: withdraw consent for processing where consent is the basis, and lodge a complaint with a supervisory authority if you consider your rights have been infringed.
  • Right to withdraw consent: where processing is based on consent, you may withdraw that consent at any time for future processing without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to lodge a complaint: you have the right to lodge a complaint with the competent data protection authority if you consider that the processing of your personal data infringes applicable data protection law. In Switzerland this may include the Federal Data Protection and Information Commissioner.
  • Right to be informed about automated decisions: you may request meaningful information about any automated decision-making, including profiling, and request human intervention where applicable and permitted by law.

Exercising your data protection rights

To exercise any of your data protection rights (access, rectification, erasure, restriction, portability, objection, withdrawal of consent), please contact our privacy team with a clear description of the request and any supporting identity verification. Send requests to: Data Protection Officer, SkillRForge, Rte des Mayens de Salins 143, 1992 Sion, Switzerland, or email [email protected]. We may ask for reasonable information to verify your identity before responding.

[email protected]

We aim to acknowledge receipt of rights requests within 5 business days and to provide a substantive response within 30 calendar days. Where requests are complex or numerous we will inform you if additional time is required and explain the reason for any extension.

Marketing communications

We send marketing communications about courses, platform updates and professional development opportunities only to those who have opted in. Marketing emails are based on the preferences you set in your account and on the lawful basis applicable to each communication. We use professional mailing systems and track delivery metrics to improve relevance and delivery performance.

Every marketing email contains an unsubscribe link. You may also change your communication preferences in your SkillRForge account settings or request removal from marketing lists by contacting [email protected].

Children's privacy

SkillRForge is intended for professionals and persons eligible to enter into contractual agreements; the platform is not aimed at children under 16. We do not knowingly collect personal data from children under 16. If we learn that we have inadvertently collected data from a minor, we will take steps to delete that information unless retention is required by law.

Third-party links and services

SkillRForge may link to third-party websites, plugins and services (for example payment processors, learning content partners and analytics providers). These third parties have their own privacy practices and policies. We recommend that you review their privacy statements before providing personal data. SkillRForge is not responsible for third-party privacy or information security practices.

Changes to this privacy notice

We periodically review and may update this privacy notice to reflect changes in our data practices or legal requirements. Material changes will be posted on SkillRForge.digital with an updated effective date. We encourage users to review this notice regularly to stay informed about how we process personal data.