Privacy Policy

Controller

The controller responsible for data processing through this website is:

Scope

This privacy policy applies to the collection and processing of personal data in connection with the use of this website, business interactions, and the use of our platform services. It informs you about the nature, scope, and purpose of data processing within our offering.

What data we collect

We may collect the following categories of personal data:

• Contact data: name, email address, phone number, and company details when you contact us or submit an inquiry.
• Account data: information you provide when creating an account on our platform, including login credentials and business profile details.
• Usage data: IP address, browser type and version, pages visited, date and time of access, and referring URL. This data is collected automatically through server logs.
• Communication data: content of inquiries, correspondence, and any information you share with us through contact forms or email.

Purposes of processing

We process your personal data for the following purposes:

• Provision of our services and performance of contractual obligations.
• Responding to your inquiries and maintaining business communication.
• Ensuring the functionality, security, and stability of our website.
• Compliance with legal obligations, including retention of commercial records for the statutory period (Art. 958f of the Swiss Code of Obligations).
• Analysis and improvement of our services and website content.

Legal basis

Under the Swiss Federal Act on Data Protection (nDSG), the processing of personal data is lawful unless it unlawfully infringes upon the personality rights of the data subject (Art. 30 and 31 nDSG). Our processing is justified by overriding legitimate interests (in particular, the interest in providing and improving our services), consent where you have given it, the necessity of processing for the performance of a contract, or compliance with a legal obligation.

Where the EU General Data Protection Regulation (GDPR) applies — in particular for individuals in the EU/EEA — we rely on the following legal bases: performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR), and compliance with a legal obligation (Art. 6(1)(c) GDPR).

Data sharing and recipients

We may share personal data with the following categories of recipients in order to provide our services:

• Hosting and infrastructure providers (Vercel, Supabase) for the operation of our website and platform.
• AI service providers (Anthropic) for the processing of AI-assisted features within our platform.
• Payment processors, as applicable, for the handling of payment transactions.
• Public authorities, where we are legally obligated to disclose data.

We do not sell your personal data to third parties.

International data transfers

Your data may be transferred to and processed in countries outside Switzerland, including the United States (in connection with services provided by Vercel, Supabase, and Anthropic). We only transfer data to countries that have been recognized by the Swiss Federal Council as providing an adequate level of data protection (Annex 1 of the Data Protection Ordinance), or we ensure appropriate safeguards through EU Standard Contractual Clauses adapted for use under Swiss law. Where applicable, we also rely on the Swiss-U.S. Data Privacy Framework.

Data retention

We retain personal data for the duration of the business relationship and for the legally required retention periods thereafter. In particular, commercial records are retained for ten years in accordance with Art. 958f of the Swiss Code of Obligations. Server logs are retained for a limited period necessary for security and operational purposes. Data is deleted or anonymized once it is no longer required for the purposes for which it was collected and no legal retention obligations apply.

Cookies and tracking

We use only technically necessary cookies for the operation of this website, such as session management and language preference cookies. We do not currently use analytics, advertising, or other non-essential cookies. Under Swiss law, no cookie consent banner is required for essential cookies that are strictly necessary for the functioning of the website.

Data security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or alteration. These measures include encryption of data in transit and at rest, access controls, and regular security reviews. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

Your rights

Under the Swiss Federal Act on Data Protection (nDSG), you have the following rights regarding your personal data:

• Right of access: You may request information about whether and what personal data we process about you (Art. 25 nDSG).
• Right to rectification: You may request that inaccurate or incomplete personal data be corrected (Art. 32 nDSG).
• Right to deletion: You may request that your personal data be deleted, provided there is no legal obligation to retain it (Art. 32 nDSG).
• Right to data portability: You may request that your personal data be provided to you in a commonly used electronic format (Art. 28 nDSG).
• Right to object: You may object to certain processing activities based on legitimate interests.
• Right to withdraw consent: Where processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before the withdrawal.
• Right regarding automated decisions: You have the right not to be subject to a decision based solely on automated processing that produces legal effects or significantly affects you, and to request human review (Art. 21 nDSG).

To exercise any of these rights, please contact us at:

Email: info@vemente.com

We will respond to your request within 30 days. The exercise of your rights is free of charge.

Automated decision-making

We do not currently make decisions based solely on automated processing, including profiling, that produce legal effects or similarly significantly affect individuals.

Supervisory authority

If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC).

Changes to this privacy policy

We reserve the right to amend this privacy policy at any time. Material changes will be communicated on this website. The date of the most recent update is indicated at the top of this page. We recommend reviewing this page periodically.

Contact

If you have any questions or concerns regarding data protection, please contact us at: