PRIVACY POLICY

Last updated: 13 November 2025

This privacy policy describes which personal data is processed on regulabadertscher.com, for what purposes, and which rights data subjects have. It takes into account Swiss data protection law (revFADP) and — for visitors from the EU/EEA — the GDPR.

1. Data controller

Regula Badertscher
Practice for body-oriented support & PBSP
Phone: +41 76 483 63 13
Email: hello@regulabadertscher.com
Web: https://regulabadertscher.com

Practice addresses

– Subtenant at Meriel Stanton, Lavaterstrasse 103, 8002 Zurich Enge, Switzerland
– Raum Feldegg, Feldeggstrasse 3, 9113 Degersheim, Switzerland

2. Hosting, TLS/SSL and server logs

Hosting is provided by ALL-INKL.COM – Neue Medien Münnich (DE). When you access the website, server-side log data is collected (e.g., IP address, date/time, requested URL, referrer, user agent). Purpose: operational security, abuse/error analysis. Logs are deleted after a short period. Data transmission is encrypted (TLS/SSL).

3. Contact (form & email)

When you use the contact form (Contact Form 7), we process the data you enter (name, email, message) to handle your request (revFADP; Art. 6(1)(b) GDPR – pre-contractual communication).

When you send emails to hello@regulabadertscher.com, we process the sender address, content/subject, and technical metadata.

Retention: Contact enquiries are generally stored for 12 months and then deleted, unless legal obligations require otherwise.

4. Email service (Zoho Mail – EU region)

Business email is handled via Zoho Mail in the EU data centre (.eu). A data processing agreement (DPA) is in place with Zoho. If a transfer to a third country is required in individual cases, appropriate safeguards (e.g., standard contractual clauses) are used.

5. Cookies, consent & multilingual setup

  • Consent management: The cookie banner by Complianz manages consent. You can change/withdraw your choice at any time via “Cookie settings” in the footer.

  • Strictly necessary cookies: e.g., WordPress/CF7 as well as Polylang (language cookie pll_language).

  • Optional cookies: are set only after consent (e.g., Google Analytics 4 via MonsterInsights).

6. Web analytics

6.1 WP Statistics (no third-country transfer)

For local reach measurement, we use WP Statistics. Processing takes place server-side; IP addresses are shortened/anonymised. Purpose: content optimisation, security and usage analysis. Legal basis: legitimate interests (revFADP / Art. 6(1)(f) GDPR); where cookies are required, on the basis of your consent via the banner.

6.2 Google Analytics 4 via MonsterInsights (active)

We use Google Analytics 4 via MonsterInsights for statistical analysis of website usage.

  • Types of data: e.g., page views, interactions, approximate location data, device/browser; IP anonymisation is enabled.

  • Cookies/storage: GA4 uses cookies/storage technologies; activation only after consent via the cookie banner.

  • Settings: data retention (e.g., 14 months), Google Signals/ads features only with consent.

  • Withdrawal: You can change your consent at any time via “Cookie settings” in the footer.

    Legal basis: consent (Art. 6(1)(a) GDPR / revFADP).

7. Appointment booking (Calendly)

We use Calendly to schedule appointments. Depending on what you enter, name, email address, and appointment details are processed; confirmations are sent by email. Legal bases: consent (Art. 6(1)(a) GDPR) and pre-contractual communication (lit. b). For transfers to third countries, Calendly uses recognised safeguards (e.g., standard contractual clauses).

8. Embedded content & fonts

At present, no external content (YouTube, Google Maps, Instagram) is embedded. Fonts are provided without external loading (no remote Google Fonts requests).

9. SEO plugin

Yoast SEO supports the markup of metadata/structured information and does not process personal usage profiles for marketing purposes.

10. Recipients / data processors

Data is only shared to the extent necessary, with consent, or due to legal requirements. Service providers used (including ALL-INKL, Zoho, Google for GA4, Calendly) process data on the basis of data processing agreements; for third-country transfers, appropriate safeguards are implemented.

11. Storage period

We process personal data only for as long as necessary for the respective purposes and/or as required by statutory retention obligations. After that, data is deleted or anonymised. Examples: contact enquiries 12 months; analytics data according to GA4 configuration (e.g., 14 months).

12. Rights of data subjects

Within the scope of applicable law, you have rights of access, rectification, erasure, restriction, where applicable data portability, as well as the right to object to processing based on overriding interests. Please send requests to hello@regulabadertscher.com. The competent authority in Switzerland is the FDPIC.

13. Data security

We protect data through appropriate technical and organisational measures (access control and protection, encryption, data minimisation).

14. Changes to this policy

If services or legal requirements change, this policy will be updated; the current version is available here.