Privacy Policy

Last Updated: March 24, 2026

This website is operated by Mayer Advisory GmbH, Switzerland.

Next Position Advisory is a brand of Mayer Advisory GmbH.

Mayer Advisory GmbH (“we”, “us”, “our”) is the data controller responsible for the processing of your personal data under the Swiss Federal Act on Data Protection (nFADP) and, where applicable, the EU General Data Protection Regulation (GDPR).

We take your privacy seriously and are committed to handling personal data lawfully, transparently, and securely.

1. Personal data we collect

We collect personal data in the following ways:

a) Information you provide to us

When you:

– Purchase a digital product, playbook, or advisory service

– Complete an intake questionnaire or the Am I At Risk? assessment

– Book a Decision Call or engage with advisory services

– Enrol in a course or cohort programme

– Subscribe to a newsletter

– Contact us directly via email or support

This may include:

– Name

– Email address

– Billing address

– Payment and transaction details (processed securely via Stripe)

– Professional background and career situation details shared during intake

– Information you voluntarily provide as part of a diagnostic, assessment, or strategic review

We only collect data that is necessary for the specific purpose.

b) Information collected automatically

When you visit the website, we may automatically collect limited technical information, including:

– IP address

– Browser type and version

– Device information

– Time zone and access times

– Cookies or similar technologies

– Pages visited and interaction data

– Referral source

This information is used for security, website performance, and basic analytics. It is not used to identify you personally unless required for security or legal reasons.

2. Why we process your data

We process personal data for the following purposes:

To deliver services

– Process payments for all products and services, including playbooks, the Am I At Risk? assessment, Outside Read, Decision Calls, Monthly Advisory, Priority Advisory, Inside the Restructuring course, and cohort programmes

– Conduct client intake and diagnostic questionnaires

– Deliver written advisory responses, call summaries, and strategic analysis

– Provide ongoing support for advisory clients

– Grant access to purchased digital products and course materials

To communicate with you

– Respond to enquiries and support requests

– Send service-related communications (booking confirmations, delivery notifications, payment requests)

– Send newsletters (only with your consent)

To operate and improve the service

– Manage payments and transactions via Stripe

– Store intake data and advisory summaries securely

– Operate and secure the website

– Improve service quality based on anonymised usage patterns

To meet legal obligations

– Comply with legal, tax, and accounting requirements

– Respond to lawful requests by authorities

We do not:

– Sell personal data to third parties

– Use data for profiling or automated decision-making beyond the structured intake process (which is designed to gather information for human strategic review, not to make automated decisions about you)

3. Legal basis for processing

Performance of a contract: When you purchase a service or product, we process your data to deliver what you have paid for.

Your consent: When you subscribe to newsletters or provide information voluntarily in intake questionnaires.

Compliance with legal obligations: To meet tax, accounting, and regulatory requirements.

Legitimate business interests: To operate and secure the website, prevent fraud, and improve services.

You may withdraw consent at any time where processing is based on consent. This will not affect the lawfulness of processing before withdrawal.

4. Data sharing and third parties

We may share personal data only with trusted third parties where necessary to deliver our services:

Payment processing

– Stripe – Processes all payments securely. Stripe’s privacy policy: stripe.com/privacy

Data storage and automation

– Notion – Primary workspace for client documents, course content, and product delivery

– Zapier – Automates workflows between Stripe, Notion, and email notifications

– Fillout – Intake form processing

Email and communication

– Gmail / Google Workspace – Sends service-related emails and notifications

AI-powered intake and content

– Claude (Anthropic) – Powers structured intake questionnaires and the AI-powered Positioning Strategy Report generator used in the cohort programme. Anthropic’s privacy policy: anthropic.com/privacy

– OpenAI – May be used for structured data processing in certain tools. OpenAI’s privacy policy: openai.com/privacy

Website hosting

– Hostinger – Website infrastructure hosting

All third parties are contractually required to handle data securely and lawfully in accordance with applicable data protection standards.

5. International data transfers

Some service providers may process data outside Switzerland or the European Economic Area, including in the United States (Stripe, Google, Anthropic, OpenAI, Zapier).

Where this occurs, we ensure appropriate safeguards are in place in accordance with Swiss and EU data protection laws, including:

– Standard Contractual Clauses (SCCs)

– Adequacy decisions

– Certification under recognised frameworks

6. Data retention

We retain personal data only for as long as necessary to:

Active service delivery

– For the duration of your service engagement (Decision Call, Monthly Advisory, Priority Advisory, cohort programme, or course access)

– For ongoing access to purchased digital products and playbooks

Legal and accounting requirements

– Payment records: 10 years (Swiss tax and accounting obligations)

– Intake data and advisory summaries: Retained for the duration of service plus 2 years for quality assurance and continuity of care if you return

Marketing communications

– Newsletter subscriptions: Until you unsubscribe

When data is no longer required, it is securely deleted or anonymised.

You can request deletion of your data at any time (subject to legal retention requirements for payment records).

7. Your rights

Under Swiss data protection law (nFADP) and, where applicable, GDPR, you have the right to:

Right to be informed: Understand how your data is processed (this Privacy Policy).

Right of access: Request a copy of your personal data.

Right to rectification: Request correction of inaccurate data.

Right to erasure (“right to be forgotten”): Request deletion of your data (subject to legal retention requirements).

Right to restriction: Request restriction of processing in certain circumstances.

Right to object: Object to processing based on legitimate interests.

Right to data portability: Request your data in a structured, machine-readable format.

Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time.

Right to lodge a complaint: You can lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or your local data protection authority.

To exercise your rights, contact us using the details in Section 12 below.

8. Cookies and tracking technologies

This website uses cookies and similar technologies to:

– Ensure proper functionality

– Remember your preferences

– Provide basic analytics on website usage

Types of cookies we use:

– Essential cookies: Required for website functionality

– Analytics cookies: Help us understand how visitors use the site (if applicable)

You can control or disable cookies through your browser settings. Disabling cookies may affect certain website features.

We do not use cookies for third-party advertising or tracking.

9. AI use

Next Position Advisory uses AI tools in the following ways:

How it works

– The Am I At Risk? assessment uses structured questions to route you to the appropriate playbook or service

– Advisory intake questionnaires gather professional context that Lisa reviews personally

– The AI-powered Positioning Strategy Report generator (used in the cohort programme) processes your responses to generate a personalised report for Lisa’s review and refinement

– AI is used for structure, organisation, and report generation only – all strategic judgment is provided by Lisa Mayer

Data processing

– Your intake responses may be processed by Anthropic (Claude) or OpenAI to generate structured summaries or reports

– API-based processing does not use your data to train AI models (per the API terms of both providers)

– All intake data is stored securely in Notion

– Lisa reviews all intake data personally; AI is used only for structure, not strategic judgment

Your rights

– You can request deletion of your intake data at any time

– You can request a copy of your intake data

– You can correct any inaccuracies in your intake summary

10. Links to other websites

Our website may contain links to external websites (e.g., Stripe payment pages, LinkedIn, social media).

We are not responsible for the privacy practices or content of those sites. Please review their privacy policies separately.

11. Data security

We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, or misuse, including:

Technical measures

– Encrypted data transmission (HTTPS/SSL)

– Secure cloud storage with encryption

– Access controls and authentication

– Regular security updates

Organisational measures

– Limited access to personal data (only Lisa Mayer and authorised personnel)

– Confidentiality agreements with service providers

– Regular review of data protection practices

No online transmission or storage system can be guaranteed to be completely secure. We cannot guarantee absolute security but take all reasonable precautions.

12. Legal disclosure

We may disclose personal data if:

– Required by law or legal process

– Necessary to protect our legal rights

– Required to comply with regulatory obligations

– Necessary to respond to lawful requests by Swiss or EU authorities

– Necessary to prevent fraud or protect security

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

Updated policies will be posted on this page with a new “Last Updated” date.

For material changes, we will notify active clients via email.

14. Contact information

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:

Next Position Advisory

A brand of Mayer Advisory GmbH

Email: contact@nextpositionadvisory.com

Website: nextpositionadvisory.com

Data Protection Officer: contact@nextpositionadvisory.com

Swiss Data Protection Authority

Federal Data Protection and Information Commissioner (FDPIC)

www.edoeb.admin.ch