1. Who we are
Suter Lim & Co Global Advisory (SLC) is a Switzerland-registered advisory firm providing services in three areas: AI Governance, Supply Chain Excellence, and Leadership Capability Build. SLC operates the website at slcglobal.co.
For data protection purposes, SLC is the data controller for personal data collected through this website and in connection with its advisory and training services.
SLC is not a law firm. This policy does not constitute legal advice.
Contact: info@slcglobal.co
2. What data we collect and why
| Data Collected | Purpose and legal basis |
|---|---|
| Name and email address (website contact form) |
To respond to your enquiry. Legal basis: Legitimate interest (responding to an inbound request). |
| Message content (website contact form) |
To understand and respond to your enquiry. Legal basis: Legitimate interest. |
| Self-assessment responses (Stage 0 AI Governance tool) |
To generate your governance maturity summary and, where submitted, to follow up with relevant information. Legal basis: Consent (submission is voluntary). |
| Email address (self-assessment submission) |
To send your results and, with your permission, follow-up communications. Legal basis: Consent. |
| Name, email, role and organisation (client and prospect communications) |
To manage the advisory relationship, provide services, and communicate about relevant SLC work across AI Governance, Supply Chain Excellence and Leadership Capability Building. Legal basis: Legitimate interest / contractual necessity. |
| Training and workshop participant details (name, email, organisation, role) |
To administer training programmes, issue attendance records and maintain training records. Legal basis: Contractual necessity / legitimate interest. |
| Assessment and diagnostic outputs generated during engagements |
To deliver advisory services and produce client deliverables. |
SLC does not collect payment data, sensitive personal data, or personal data of children through this website or its services.
For detailed provisions on how client engagement data is handled, refer to SLC-POL-002 (Client Data Handling Policy) and the applicable engagement agreement.
3. How we use your data
SLC uses personal data only for the purposes stated in Section 2. SLC does not sell, rent, or share personal data with third parties for their own marketing purposes.
SLC does not input personal data submitted through this website or through client engagements into any third-party AI tool. Contact form submissions, self-assessment responses, and engagement data are handled within SLC’s controlled internal environment only.
4. Third-party services
This website uses the following third-party service for form submission processing:
• Service: Formspree
• Purpose: Contact form and self-assessment submission processing
• Provider: Formspree, Inc. (USA)
• Privacy information: formspree.io/legal/privacy-policy
SLC has assessed Formspree against its AI tool selection criteria. Formspree does not process submissions using AI and does not use submission data for training purposes.
SLC is not responsible for the privacy practices of third-party providers. You are encouraged to review the privacy policies of any third-party services linked from this website.
5. Data retention
SLC retains personal data for as long as necessary to fulfil the purpose for which it was collected, and no longer.
| Data type | Retention period |
|---|---|
| Website contact form enquiries | 24 months from the date of last contact, unless an engagement relationship is established |
| Self-assessment submissions | 12 months from submission date, unless an engagement relationship is established |
| Client and prospect communications | Duration of the relationship plus 36 months, unless an engagement agreement specifies otherwise |
| Training and workshop participant records | 5 years from the date of the training event, consistent with professional records retention practice. |
| Engagement data | Governed by SLC-POL-002 and the applicable engagement agreement |
On expiry of the applicable retention period, personal data is securely deleted.
6. Your rights
Depending on your location, you may have the following rights regarding your personal data held by SLC:
| Right | What it means |
|---|---|
| Access | Request a copy of the personal data SLC holds about you |
| Rectification | Ask SLC to correct inaccurate personal data |
| Erasure | Ask SLC to delete your personal data, where no legal obligation to retain it applies |
| Objection | Object to SLC processing your data based on legitimate interest |
| Portability | Request your data in a portable format, where applicable under GDPR or equivalent law |
These rights apply under the Swiss Federal Act on Data Protection (nFADP), the EU General Data Protection Regulation (GDPR) where applicable, and equivalent data protection laws in other jurisdictions.
To exercise any of these rights, contact SLC at: info@slcglobal.co. SLC will respond within 30 days, or within the shorter period required by the applicable law.
7. Cookies and analytics
This website does not currently use cookies for tracking or analytics purposes. If this changes, this policy will be updated and visitors will be notified.
8. Data security
SLC takes appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure. These measures apply across all SLC services: AI Governance, Supply Chain Excellence, and Leadership Capability Build and are consistent with SLC’s internal data handling standards (SLC-POL-002) and the requirements of the Swiss nFADP.
9. International data transfers
SLC is based in Switzerland. SLC does not transfer personal data to third-party organisations outside Switzerland or the EEA, except as described in Section 4 (Formspree, USA). Where SLC personnel access data from locations outside Switzerland in the course of delivering advisory services, this constitutes internal access by authorised SLC personnel and is governed by SLC's internal data handling standards.
10. Governing law
This policy is governed by and construed in accordance with the laws of Switzerland. Any disputes arising in connection with this policy that cannot be resolved by good-faith negotiation within 30 days are subject to the exclusive jurisdiction of the competent courts of Switzerland.
| Cross-territory note | Where a visitor or client is located in a jurisdiction with data protection law that provides rights beyond those described in this policy, SLC will apply the more protective standard in handling that individual’s personal data. |
|---|
11. Policy owner, version history and review
| Policy owner | Wendy Suter Lim, Founder at Suter Lim & Co Global Advisory (SLC) |
|---|---|
| Document reference | SLC-POL-001 |
| Version | 1.0 |
| Effective date | 1 June 2026 |
| Next review date | 1 June 2027 |
| Governing Law | Switzerland: Swiss Code of Obligations and applicable Swiss law |
| Contact | info@slcglobal.co |
© 2026 Suter Lim & Co Global Advisory (SLC). All rights reserved.
Collective Intelligence Statement
This document was produced with AI assistance under human authorship and editorial oversight. SLC uses AI tools ethically and responsibly as part of our practice of governance by example.
Suter Lim & Co Global Advisory (SLC) uses AI tools to support research, drafting, and content development. All content produced through AI assistance is reviewed, validated, and finalised under human authorship by qualified SLC practitioners. This reflects SLC’s commitment to responsible AI use. We govern the AI tools we use, following the same standards we guide our clients to follow. AI assistance does not replace professional judgment; it extends our capacity to serve clients thoroughly and efficiently.
SLC is not a law firm. This document provides governance advisory guidance based on international standards and regulatory frameworks. It does not constitute legal advice. For formal legal counsel, consult a qualified legal advisor in your jurisdiction.