Back to all policies

Privacy Policy – ResilioTech (Internal)

Last Updated: March 6, 2026 Status: Compliant with Swiss nFADP & EU GDPR Entity: Resilio SA, Lausanne, Switzerland

Introduction

ResilioTech is a digital environmental footprint assessment platform provided by Resilio SA. This policy explains how we collect, use, and protect our employees' internal metadata, access logs, and account details when administering, maintaining, or supporting the ResilioTech platform.

Data Controller

Resilio SA EPFL Innovation Park 1015 Lausanne, Switzerland

Email: privacy@resilio-solutions.com

DPO: CISO Maximilien Valenzano

Types of Data Collected

  • Internal Accounts: Employee names, business emails, usernames, job roles, and platform permissions.
  • Access Logs: Login times, IP addresses, OS, device information, and feature usage within the admin or developer portals.
  • Administrative Actions: Traceable records of configuration changes and code deployments made by internal users.
  • Communications: Internal support tickets or issue tracking involving the platform.

Sensitive Data: We do not collect sensitive data as defined by Swiss nFADP or GDPR regarding employees interacting with this system.

Purpose of Processing

Maintenance and Administration: To perform operations necessary to maintain platform uptime and features. Security: To monitor and secure the platform against unauthorized access or breaches (internal threat detection). Optimization: To improve internal processes and the developer/admin experience.

Legal Basis for Processing

  • Legitimate Interest: To ensure platform security, stability, and proper auditing.
  • Contractual Necessity: As part of fulfilling employee roles (i.e., providing access tools for authorized personnel).

Data Storage and Retention

  • Employee Accounts: Duration of employment + 10 years (as part of general HR access records).
  • Access and Admin Logs: 1 year.
  • Metrics/Usage: Anonymized continuously for platform analytics.

Data Localization: All logs and backend data are stored on secure servers in Switzerland (Infomaniak) or the EEA (DGTZ), both compliant with GDPR/nFADP.

Your Rights

Under Swiss nFADP and GDPR, you have the following rights as an employee:

  • Right to Access: Request a copy of your login data and admin logs on ResilioTech.
  • Right to Rectification: Correct inaccurate or incomplete role profiles or assignments.
  • Right to Erasure: Request deletion (subject to operational auditing or HR retention policies).
  • Right to Portability: Receive your data in a machine-readable format.

How to Exercise Your Rights:

Data Security

  • Encryption: SSL/TLS for data in transit and at rest.
  • Access Control: Strict "need-to-know" and role-based access for employees, including Zero-Trust architecture elements.
  • Audits: Regular security reviews and compliance checks to prevent internal abuse.

Updates

This policy may be updated to reflect changes in administrative workflows or platform features. Updates will be communicated via internal channels.