Privacy Policy / Disclaimer

This privacy policy (“Privacy Policy”) sets out how Helm SA and affiliated partnerships, offices and undertakings authorised to practice under the name ‘Helm ’ (and references to ‘Helm ’, ‘we ‘or ‘us’ are to one or more of those partnerships, offices and undertakings, as appropriate) collects, uses and protects the personal information that you provide to us through this website (“Website”) or elsewhere. You should also check the terms on our Website and any additional terms and conditions as notified to you from time to time that may regulate your use of this Website. Without prejudice to the foregoing, if you or your organisation is an Helm client, these terms of use should be read in conjunction with our applicable Engagement Letter and Terms of Business, which will prevail in the event of any conflict with this Privacy Policy.

For the purpose of this Privacy Policy the data controller of personal data is Helm and our contact details are set out in the Contact section at the end of this Privacy Policy. We also aim to satisfy the obligation of transparency under the EU General Data Protection Regulation 2016/679 ("GDPR") and national laws implementing GDPR.

Changes to our Privacy Policy
We reserve the right to revise this Privacy Policy at any time. If we make any changes to our privacy policy, we will advise you of any material changes or updates by E-Mail.

The Information we collect
We collect personal information from you if you use this Website (for example, when you supply your contact details to sign-up to receive alerts, register for events or request other information). Provision of personal information is voluntary but failure to provide certain personal information requested may render you unable to use or access certain services or parts of this Website. The type of personal information we require will be set out on the relevant page of the Website at the time you register with us and will include your name and E-Mail address as well the voluntary divulging of your contact telephone number and details of the reasons for contact. This personal information is referred to in this Privacy Policy as “Your Information”.

Our Use of Cookies
Cookies are small pieces of information sent by the web server that hosts our Website to the web browser (for example, Internet Explorer, Safari, Google Chrome or Firefox) on the computer or device you use to access our Website. These cookies enable our web server to collect information from the browser on your device about your browsing activity when using this device to access our Website. Our use of Cookies is subject to our separate Cookie Policy, available as a separate page on this site.

How we use your Personal Information
We may use Your Information and other information we gather about your use of this

Website for the purposes of:

  1. dealing with your enquiries and providing you with information about services which are similar to services you previously received from us;
  2. marketing, as referred to in the section headed ‘Direct Marketing’ below;
  3. letting you know about new legal developments; and
  4. providing you with alerts, newsletters and information about events or conferences.

You can opt-out from receiving further marketing communications from us at any time by E-Mailing us at the link in each of our E-Mails.

Legal Obligations
We will collect and use Your Information in accordance with the EU General Data Protection Regulation 2016/679 ("GDPR") and national laws implementing GDPR as well as equivalent data protection laws that apply to our operations in the European Union and elsewhere in the world.

Disclosing Your Information to Third Parties
We do not sell, trade, or rent Your Information to others. We do not disclose Your Information to third parties without your consent unless we are legally required to do so or where such disclosure is necessary to enable third parties with whom we work to assist us in providing our services to you or to respond to your enquiry. Where we pass Your Information to any third parties, we will require those third parties to act in accordance with our instructions and adopt appropriate security measures to protect Your Information. We will take reasonable steps to ensure that Your Information is used by those third parties in accordance with this Privacy Policy.

We will only share your personal information with trusted third parties where we have retained them to provide services that you have requested or for our legitimate business purposes, such as IT or specialised legal services. These services are provided to us under the coverage of Data Processing Agreements binding the provider to the same level of obligation with your data as Helm.

International Transfers
Given the international scope of our business, by using this Website and providing us with Your Information, you acknowledge and agree to us sharing Your Information between our offices located in Switzerland and other parts of the world (as referred to on this Website) to be used in accordance with this Privacy Policy. Your Information will only be disclosed to our staff, contractors and consultants who all share our commitment to treating Your Information responsibly.

How we share your Personal Information
In certain circumstances we will share your personal information with other parties. Details of those parties are set out below along with the reasons for sharing it.

Transfer of Information outside the EEA
Under the General Data Protection Regulation (GDPR), we are required to tell you if we transfer or intend to transfer information which we hold on you to countries outside the European Economic Area ("EEA"). We currently transfer such information outside the EEA in the following circumstances:

  1. to Helm employees, contractors or consultants who are based outside the EEA; and
  2. with a highly select list of heavily vetted contractors supporting Helm based outside the EEA who will not use your information for any business purpose or contact you directly.

Details of companies outside of the EEA with whom we may share your data are available on request.

We apply equal rigour to the security of data held and processed by us or on our behalf outside of the EEA.  We have taken steps to ensure that our subsidiaries and affiliates and those who process data on our behalf enter into the standard contractual clauses approved by the European Commission, to safeguard the personal information which is transferred to and from the European Economic Area and beyond.

As some of our data processing locations are in the USA, transfer of our data outside the EEA is necessary to enable us to provide the services as detailed in the Terms of Engagement we hold with each Client or operate this Site. To the extent that any personal information is provided to carefully selected, trusted third parties outside the EEA (see below), or who will access the information from outside the EEA, we take steps to ensure that approved safeguards are in place, such as the approved standard contractual clauses or the EU/US, Swiss/US Privacy Shield.

Direct Marketing
Your personal data (including your name, correspondence address and E-Mail address) may be used for the purpose of marketing of our legal and advisory services but we may not do so unless we have obtained your clear and freely given consent (which includes an indication of no objection). We may contact you for such purpose by post or E-Mail. You can opt-out from receiving further marketing communications from us at any time by E-Mailing us at the link in each of our E-Mails.

Your Data Rights
In accordance with your legal rights under the GDPR and other applicable law, you have certain rights, which are detailed below along with how to exercise them. Before we are able to act on your request, proof of identity will be required.

Right of Access
You have the right at any time to ask us for a copy of the personal information about you that we hold.  Where we have good reason, and if the GDPR permits, we can refuse your request for a copy of your personal information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so.

Right of Correction or Completion
If personal information we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed.  You can let us know by contacting us at any of our offices identified here.

Right of Erasure
In certain circumstances, you have the right to request that personal information we hold about you is erased e.g. if the information is no longer necessary for the purposes for which it was collected or processed or our processing of the information is based on your consent and there are no other legal grounds on which we may process the information.

Right to object to or restrict processing
In certain circumstances, you have the right to object to our processing of your personal information by contacting us at any of our offices identified here. For example, if we are processing your information on the basis of our legitimate interests and there are no compelling legitimate grounds for our processing which override your rights and interests.   You also have the right to object to use of your personal information for direct marketing purposes (see Direct Marketing, above).

You may also have the right to restrict our use of your personal information, such as in circumstances where you have challenged the accuracy of the information and during the period where we are verifying its accuracy.

Right of Data Portability
In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format.

You can ask us to transmit that information to you or directly to a third-party organisation.

The above right exists only in respect of personal information that:

  1. you have provided to us previously; and
  2. is processed by us using automated means.

While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third-party organisation's systems. We are also unable to comply with requests that relate to personal information of others without their consent.

You can exercise any of the above rights by contacting us using any of the methods on our Contact Us webpage.

Most of the above rights are subject to limitations and exceptions.  We will provide reasons if we are unable to comply with any request for the exercise of your rights.

We may also require further information to verify your identity or locate the specific information that you seek before responding.

Security to Protect Your Information
We employ appropriate technical and organisational security measures to protect Your Information from being accessed by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. We will retain Your Information for a reasonable period or (if longer) as long as the law requires us to.

In particular, should you choose to provide us with information through the website, we will store certain categories of your personal information for the following periods of time:

Category of Personal Data Storage time period
Marketing data on customers and prospective customers 5 years
Customer contacts for accounts and invoicing purposes (We are legally obliged to keep these for contract length plus 6 years). Length of contract plus 10 years
Website and email usage and analytics data 7 years

We also endeavour to take all reasonable steps to protect Your Information from external threats. However, please be aware that there are inherent security risks of sending information by public networks or on public computers and we cannot therefore 100% guarantee the security of any data disclosed or transmitted over the internet.

If you have further comments, queries and requests relating to how we use Your Information please contact us at

If you are unhappy about our use of your personal information, you can contact us using the details on our Contact Us page. You are also entitled to lodge a complaint with the Federal Data Protection and Information Commissioner using any of the below contact methods. You also have the right to lodge a complaint with a supervisory authority in your country or member state.

Telephone:        +41 (0)58 462 43 95
Post:                   Federal Data Protection and Information Commissioner
Office of the Federal Data Protection and Information Commissioner FDPIC
Feldeggweg 1
CH - 3003 Berne

Governing Law
This Privacy Policy is subject to Swiss law. To the maximum extent legally permitted, you agree that any dispute relating to use of your data as referred to under this Privacy Policy is subject to the exclusive jurisdiction of the courts of Switzerland and any proceedings relating to a dispute shall be in the English language.

If you have any enquiries or if you would like to contact us about our processing of your personal information, including to exercise your rights as outlined above, please contact us using the details on our Contact Us webpage.

When you contact us, we will ask you to verify your identity.

Contact name:

Helm is a company registered in Switzerland, Company Registration no. CHE-366.013.271, registered office at Dreikoenigstr 34, 8002 Zurich, Switzerland.