Privacy Policy

Effective Date: 17.10.2025

This Privacy Policy (“Policy”) explains how Laghbani Consulting (“we,” “us,” or “our”) collects, processes, and protects your personal data when you use our website https://laghbani-consulting.com (“Website”), our student portal (“Portal”), our email communications, and all related online services (collectively, “Services”).

We are committed to transparency, security, and compliance with applicable data protection laws, including the Swiss Federal Act on Data Protection (nFADP) and the EU General Data Protection Regulation (GDPR).

1. Data Controller

Laghbani Consulting
Ringstrasse 19
CH-8317 Tagelswangen
Switzerland
info@laghbani-consulting.com

2. Data We Collect

We may collect and process the following categories of personal data:

  • Personal Identification Data: Name, email address, phone number, postal address, nationality, and date of birth.

  • Educational and Application Information: Academic records, documents, transcripts, and related materials needed for admission or visa assistance.

  • Financial and Payment Information: Processed securely through third-party payment providers (e.g., Stripe). We do not store full payment details on our servers.

  • Technical Data: IP address, browser type, and device identifiers collected through cookies and analytics tools.

  • Account Data: Information used to create and manage your student account on our Portal via Clerk.

3. How We Collect Your Data

We collect personal data through:

  • Direct interactions: When you submit forms, upload documents, or contact us directly.

  • Automated technologies: Cookies and analytics tools that capture limited technical information.

  • Third-party integrations: Data shared securely through service providers that support our operations.

4. How We Use Your Data

We use your personal data for the following purposes:

  • Providing our services: To manage student applications, assist with university and visa processes, and offer consultation support.

  • Administrative operations: To maintain records, issue invoices, and fulfill contractual or legal obligations.

  • Communication: To send updates about your application status, consultations, or other service-related matters.

  • Account management: To operate and secure your student account on our Portal (via Clerk).

  • Performance optimization: To improve the functionality and usability of our systems.

If you use our visa application support, we may temporarily create or assist in managing your account on third-party portals (e.g., the German embassy or university portals). Such accounts and related data remain under your ownership and control.

5. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

  • Consent – You have given consent for specific processing activities.

  • Contractual necessity – Processing is required to perform our services or fulfill a contract with you.

  • Legal obligation – Processing is necessary to comply with Swiss or EU legal requirements.

  • Legitimate interests – When processing is necessary for our operational efficiency, security, or service improvement, provided your fundamental rights are not overridden.

6. Third-Party Services and Data Sharing

To ensure efficient and secure service delivery, we integrate with the following third-party platforms:

Airtable

Purpose: Internal student management, file organization, and workflow automation.
Data Stored: Student profiles, document references, and internal progress notes.
Security Measures: Airtable applies TLS encryption in transit, AES-256 encryption at rest, and strict access controls.
Airtable Privacy Policy

Clerk

Purpose: Authentication and secure account management for the student portal.
Data Stored: Login credentials, authentication tokens, and account metadata.
Security Measures: Clerk complies with GDPR and uses end-to-end encryption, MFA, and zero-knowledge architecture for sensitive authentication data.
Clerk Privacy Policy

Vercel

Purpose: Hosting and performance optimization for our student portal and web applications.
Data Stored: Non-personal technical data such as IP logs and performance metrics.
Security Measures: Vercel adheres to SOC 2 and GDPR compliance with encrypted data processing and strict access protocols.
Vercel Privacy Policy

Google Drive

Purpose: Secure document storage for application materials, invoices, and communication records.
Data Stored: Copies of submitted documents, letters, and files relevant to consulting or application processes.
Security Measures: Google Workspace provides end-to-end encryption and multi-factor authentication (MFA).
Google Privacy Policy

Jotform

Purpose: Collecting online forms, student information, and uploaded documents.
Data Stored: Application details and file uploads submitted via forms.
Security Measures: Jotform uses SSL encryption and secure European data centers.
Jotform Privacy Policy

Stripe

Purpose: Processing payments for consulting services.
Data Stored: Payment tokens, transaction IDs (no full card data stored).
Security Measures: Stripe is PCI DSS Level 1 certified.
Stripe Privacy Policy

7. Data Retention

We retain personal data only as long as necessary to fulfill the purposes described or as required by applicable laws.

After the end of your service relationship, you may request the deletion of your data stored within our systems (e.g., Airtable, Clerk, Google Drive). Upon verified request, your information will be securely deleted from our systems within 30 days.

Important:
We cannot delete or modify data shared with third-party entities such as universities, embassies, or governmental institutions, as those systems operate independently and are governed by their own data protection rules. You may need to contact those institutions directly to exercise your rights with them.

8. Data Security

We employ administrative, organizational, and technical safeguards to protect your personal data against unauthorized access, disclosure, or loss. These include encryption, access control, secure connections (HTTPS), and multi-factor authentication for sensitive systems.

9. International Data Transfers

When personal data is transferred outside Switzerland or the European Economic Area (EEA), we ensure that appropriate safeguards are in place — including Standard Contractual Clauses (SCCs) or equivalent legal mechanisms — to maintain a high level of protection.

10. Your Rights

You have the following rights under applicable data protection laws:

  • Access: Request a copy of your personal data.

  • Rectification: Request correction of inaccurate information.

  • Erasure: Request deletion of your data (except where retention is required by law or third-party control applies).

  • Restriction: Limit the processing of your data under certain conditions.

  • Portability: Receive a copy of your data in a structured, machine-readable format.

  • Objection: Object to processing where based on legitimate interest.

To exercise these rights, contact us at info@laghbani-consulting.com. We will respond within the timelines prescribed by law.

11. Cookies and Analytics

We use cookies and analytics tools to improve website functionality, analyze traffic, and enhance user experience. You can manage your cookie preferences through your browser settings or via our Cookie Policy.

12. Changes to This Policy

We may update this Privacy Policy periodically to reflect new technologies, legal requirements, or operational changes. The latest version will always be available on our website.

13. Contact

For questions or concerns regarding data protection, please contact:
Laghbani Consulting
Ringstrasse 19
CH-8317 Tagelswangen
Switzerland
info@laghbani-consulting.com