Skip to main content

Privacy policy

Last updated on: 01.09.2025

We attach great importance to transparency in the handling of personal data. This privacy policy provides information about what personal data we collect, for what purpose and to whom we pass it on. To ensure a high level of transparency, this privacy policy is regularly reviewed and updated.

Contact information

If you have any questions or concerns about how we protect your data, you can contact us at any time by email. Frank-Urs Müller is responsible for data processing via this website.

Data protection officer:
Frank-Urs Müller
Verenastrasse 15
4522 Rüttenen
Switzerland

General principles

What data we collect from you and from whom we receive this data

First and foremost, we process personal data that you provide to us or that we collect when operating our website. Under certain circumstances, we may also receive personal data about you from third parties. This may include the following categories:

  • Personal master data (name, address, date of birth, etc.);
  • Contact details (mobile phone number, email address, etc.);
  • Financial data (e.g. account details);
  • Online identifiers (e.g. cookie identifiers, IP addresses);
  • Location and traffic data;
  • Audio and video recordings
  • Sensitive data (e.g. biometric data or information about your health).

Under what conditions do we process your data?

We treat your data confidentially and in accordance with the purposes set out in this privacy policy. We ensure that processing is transparent and proportionate.
If, in exceptional cases, we are unable to comply with these principles, the processing of data may still be lawful because there is a justification for doing so. Possible justifications include:

  • your consent;
  • the performance of a contract or pre-contractual measures;
  • our legitimate interests, provided that your interests do not outweigh them.

We treat your data confidentially and in accordance with the purposes set out in this privacy policy. We ensure that processing is transparent and proportionate.
If, in exceptional cases, we are unable to comply with these principles, data processing may still be lawful because there is a legitimate reason for doing so. Legitimate reasons include:

  • your consent;
  • the performance of a contract or pre-contractual measures;
  • our legitimate interests, unless your interests prevail.

How can you withdraw your consent?

If you have given us your consent to process your personal data for specific purposes, we will process your data within the scope of this consent, unless we have another legal basis for doing so.
You can withdraw your consent at any time by sending an email to the address given in the legal notice. This does not affect any data processing that has already taken place.

In which cases can we pass on your data to third parties?

a. Principle

Under certain circumstances, we may need to use the services of third parties or affiliated companies and commission them to process your data (so-called processors). The categories of recipients are specifically:

  • Accounting, trust and auditing companies;
  • Consulting companies (legal advice, taxes, etc.);
  • IT service providers (web hosting, support, cloud services, website design, etc.);
  • Payment service providers;
  • Providers of tracking, conversion and advertising services.

We ensure that these third parties and our affiliated companies comply with data protection requirements and treat your personal data confidentially.
Under certain circumstances, we may also be obliged to disclose your personal data to authorities.

b. Visiting our social media channels

We may have embedded links to our social media channels on our website. This is visible to you in each case (typically via corresponding icons). If you click on the icons, you will be redirected to our social media channels.
In this case, the social media providers will know that you are accessing their platform from our website. The social media providers may use the data collected in this way for their own purposes. We would like to point out that we have no knowledge of the content of the data transmitted or its use by the operators.

c. Transfer abroad

Under certain circumstances, your personal data may be transferred to companies abroad in the course of order processing. These companies are subject to the same data protection obligations as we are. The transfer may take place worldwide.
If the level of data protection does not correspond to that in Switzerland, we will carry out a prior risk assessment and contractually ensure that the same level of protection as in Switzerland is guaranteed (e.g. by means of the new standard contractual clauses of the EU Commission or other legally prescribed measures). If our risk assessment is negative, we take additional technical measures to protect your data. You can access the EU Commission's standard contractual clauses at the following link: https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_de

How long do we retain your data?

We only store personal data for as long as is necessary to fulfil the individual purposes for which the data was collected.
Data that we store when you visit our website is retained for twelve months. An exception applies to analysis and tracking data, which may be retained for longer.
We store contract data for longer, as we are required to do so by law. In particular, we must retain business communications, concluded contracts and booking receipts for up to 10 years. If we no longer need such data from you to perform our services, the data will be blocked and we will only use it for accounting and tax purposes.

How do we protect your data?

We will store your data securely and take all reasonable measures to protect your data from loss, access, misuse or alteration.
Our contractual partners and employees who have access to your data are obliged to comply with data protection regulations. In some cases, it may be necessary for us to forward your enquiries to companies affiliated with us. In these cases, your data will also be treated confidentially.
Within our website, we use the SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser.

What rights do you have?

a. Right to information

You may request information about the data we have stored about you at any time. Please send your request for information together with proof of identity to This email address is being protected from spambots. You need JavaScript enabled to view it..
You also have the right to receive your data in a commonly used file format if we process your data automatically and if:

  • you have given your consent to the processing of this data; or
  • you have disclosed data in connection with the conclusion or execution of a contract.

We may restrict or refuse to provide information or data if this conflicts with our legal obligations, our own legitimate interests or public interests, or the interests of a third party.
The processing of your request is subject to the statutory processing period of 30 days. However, we may extend this period due to high volume of requests, for legal or technical reasons, or because we need further information from you. You will be informed of the extension in good time, at least in text form.

b. Deletion and correction

You may request the deletion or correction of your data at any time. We may reject your request if we are required by law to retain your data for a longer period or in an unaltered form, or if your request is contrary to a legal provision.
Please note that exercising your rights may conflict with contractual agreements and may have corresponding effects on the performance of the contract (e.g. premature termination of the contract or cost consequences).

c. Legal recourse

If you are affected by the processing of personal data, you have the right to enforce your rights in court or to file a report with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch

Changes to the privacy policy

We may change this privacy policy at any time. The changes will be published on and you will not be notified separately.

Individual data processing operations

Provision of the website and creation of log files

What information do we receive and how do we use it?

When you visit our servers or the servers of services and products that we purchase and/or have installed, certain data is automatically stored for system administration, statistical or security purposes, or for tracking purposes. This includes:

  • the name of your internet service provider;
  • your IP address (under certain circumstances);
  • the version of your browser software;
  • the operating system of the computer used to access the URL;
  • the date and time of access;
  • the website from which you visited the URL;
  • the search terms you used to find the URL.

Why are we allowed to process this data?

This data cannot be attributed to any specific person and is not merged with other data sources. The log files are stored in order to guarantee the functionality of the website and to ensure the security of our information technology systems. This constitutes our legitimate interest.

How can you prevent data collection?

The data is only stored for as long as is necessary to achieve the purpose for which it was collected. Accordingly, the data is deleted after each session ends. The storage of log files is essential for the operation of the website, so you have no option to object to this.

Joomla

Joomla is an open-source content management system (CMS) developed and supported by Open Source Matters, Inc., a company registered in the United States. Joomla enables individuals and businesses to create and manage websites and online applications. Open Source Matters, Inc. is located at P.O. Box 4668 #88354, New York, NY 10163-4668, USA.
We use Joomla on our website to ensure a structured and user-friendly online presence. Joomla enables us to efficiently organise, edit and display content in order to provide our visitors with relevant information and services.
Joomla uses cookies to store certain user preferences and optimise the user experience on the website. Data such as IP addresses and browser information may also be collected to ensure the functionality of the website and to implement security measures.

BrainBox Generator

BrainBox Generators is a service provided by BrainBox Solutions GmbH to identify all data protection-related services on a website and, among other things, to assist in the creation of a privacy policy. No personal data is collected or processed in the process.