Privacy Policy
Transparent handling of personal data is very important to us. This data protection statement provides information on what personal data we collect, for what purpose and to whom we pass it on. We regularly review and update this privacy policy to ensure the highest level of transparency.
1. What services we use
- Matomo Analytics
- Calendly
- Adobe Fonts
- Webflow
- Cloudflare Turnstile
2. Contact Information
If you have any questions or concerns about our protection of your data, you can always reach us by email at hello@sunnysite.studio. Responsible for data processing done through this website is:
SunnySite Studio
Bächimattstrasse 6
3075 Worb
Schweiz
Data protection officer:
Dries Vanderborght
dries@sunnysite.studio
+41798196917
3. General principles
3.1 What data we collect from you and from whom we receive this data
First and foremost, we process personal data that you provide to us or that we collect when operating our website. We may also receive personal data about you from third parties. These may be the following categories:
- Personal master data (name, address, dates of birth, etc.);
- Contact information (cell phone number, email address, etc.);
- Financial data (e.g. account details);
- Online identifiers (e.g. cookie identifier, IP addresses);
- Location and traffic data;
- Sound and image recording;
- particularly sensitive data (e.g. biometric data or information about your health).
3.2 Under what conditions do we process your data?
We process your data in good faith and for the purposes set out in this privacy policy. In doing so, we ensure transparent and proportionate processing.
If, in exceptional cases, we are unable to comply with these principles, the data processing may still be lawful because there is a justification. A justification reason may be in particular:
- Your consent;
- the execution of a contract or pre-contractual measures;
- our legitimate interests, unless your interests are overridden.
3.3 How can you withdraw your consent?
If you have given us consent to process your personal data for specific purposes, we will process your data within the scope of this consent unless we have another justification.
You can revoke your consent at any time by sending an e-mail to the address given in the imprint. Data processing that has already taken place is not affected by this.
3.4 In which cases can we share your data with third parties?
a. Principle
We may need to rely on the services of third parties or affiliates and engage them to process your data (known as processors). Categories of recipients are namely:
- Accounting, fiduciary and auditing firm;
- Consulting firms (legal, tax, etc.);
- IT service provider (web hosting, support, cloud services, website design, etc.);
- Payment service provider;
- Provider of tracking, conversion and advertising services.
We ensure that these third parties and our affiliates comply with the requirements of data protection and treat your personal data confidentially.
We may also be required to disclose your personal information to government authorities.
b. Visiting our social media channels
We may have embedded links to our social media channels on our website. This is apparent to you in each case (typically via corresponding icons). If you click on the icons, you will be redirected to our social media channels.
In this case, the social media providers learn that you are accessing their platform from our website. The social media providers can use the data collected in this way for their own purposes. We would like to point out that we have no knowledge of the content of the transmitted data or its use by the operators.
c. Transfer abroad
Under certain circumstances, your personal data may be transferred to companies abroad in the course of order processing. These companies are obligated to data protection to the same extent as we are. The transfer may take place worldwide.
If the level of data protection does not correspond to that in Switzerland, we carry out a prior risk assessment and ensure contractually that the same level of protection is guaranteed as in Switzerland (for example, by means of the new standard contractual clauses of the EU Commission or other legally prescribed measures). If our risk assessment is negative, we take additional technical measures to protect your data. You can access the EU Commission's standard contractual clauses at the following link. https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_de
3.5 How long do we keep your data?
We store personal data only for as long as is necessary to fulfill the individual purposes for which the data was collected.
Data that we store when you visit our website is kept for twelve months. An exception is made for analysis and tracking data, which may be kept longer.
We store contract data for longer, as we are obliged to do so by legal regulations. In particular, we must retain business communications, concluded contracts and accounting records for up to 10 years. As far as we no longer need such data from you to perform the services, the data will be blocked and we will only use it for accounting and tax purposes.
3.6 How do we protect your data?
We will keep your information secure and take all reasonable steps to protect your information from loss, access, misuse or alteration.
Our contractual partners and employees who have access to your data are obliged to comply with data protection regulations. In some cases, it will be necessary for us to pass on your requests to companies affiliated with us. In these cases, too, your data will be treated confidentially.
Within our website, we use the SSL (Secure Socket Layer) procedure in conjunction with the highest encryption level supported by your browser.
3.7 What rights do you have?
a. Right to information
You can request information about the data we have stored about you at any time. We ask you to send your request for information together with proof of identity to hello@sunnysite.studio.
You also have the right to receive your data in a common file format if we process your data automatically and if:
- you have given your consent for the processing of this data; or
- you have disclosed data in connection with the conclusion or performance of a contract.
We may restrict or refuse to provide information or data if this conflicts with our legal obligations, our own legitimate interests, public interests or the interests of a third party.
The processing of your request is subject to the statutory processing period of 30 days. However, we may extend this period due to a high volume of requests, for legal or technical reasons, or because we need more detailed information from you. You will be informed of the extension of the deadline in good time, at least in text form.
b. Deletion and correction
You have the option of requesting the deletion or correction of your data at any time. We may reject the request if statutory provisions oblige us to store the data for a longer period or to retain it unchanged or if your request conflicts with a legal requirement.
Please note that exercising your rights may be in conflict with contractual agreements and may have corresponding effects on the performance of the contract (e.g. premature termination of the contract or cost consequences).
c. Legal process
If you are affected by the processing of personal data, you have the right to enforce your rights in court or to file a complaint with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch
3.8 Changes to the privacy policy
We may change this privacy policy at any time. The changes will be published on https://www.sunnysite.studio/, you will not be informed separately.
4. Individual data processing operations
4.1 Providing the website and creating log files
What information do we receive and how do we use it?
By visiting https://www.sunnysite.studio/, certain data is automatically stored on our servers or on servers of services and products that we obtain and / or have installed, for purposes of system administration, for statistical or backup purposes or for tracking purposes. These are:
- the name of your Internet service provider;
- Your IP address (in some circumstances);
- the version of your browser software;
- the operating system of the computer with which the URL is accessed;
- the date and time of access;
- the web page from which you are visiting URL;
- the search words you used to find the URL.
Why may we process this data?
This data cannot be assigned to a specific person and there is no merging of this data with other data sources. The log files are stored in order to guarantee the functionality of the website and to ensure the security of our information technology systems. This is our legitimate interest.
How can you prevent data collection?
The data is only stored for as long as is necessary to achieve the purpose for which it was collected. Accordingly, the data is deleted after the end of each session. The storage of the log files is mandatory for the operation of the website, you therefore have no possibility to object.
4.2 Matomo Analytics
We use the service "Matomo Analytics" on our website, which is provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. Matomo is an open source software that enables detailed web analytics and places great emphasis on protecting the privacy of users.
Matomo Analytics allows us to analyze the behavior of our visitors in order to continuously improve the user experience and the content of our website. This includes information about which website a visitor comes from, which areas of our site they visit and how often and how long they view these areas.
Matomo Analytics uses cookies to enable the analysis of user behavior. These cookies collect information in anonymized form, including the number of website visitors, from where the visitors came to the website and which pages they visited. Since Matomo places a high priority on data protection, IP addresses are anonymized before being stored.
One of the main reasons for using Matomo Analytics is data privacy. Unlike other analytics tools, the data is not shared with third parties.
4.3 Calendly
Our website integrates functions of the online appointment scheduling service Calendly, offered by Calendly LLC, 271 17th Street NW, Atlanta, GA 30363, USA. With Calendly, visitors to our website can make appointments with us directly online.
When you book an appointment through Calendly, you will be asked to provide certain personal data such as your name, email address and, if applicable, your phone number. This data is needed to coordinate the appointment, to inform you about the appointment status and to send reminders if necessary.
Calendly has its own privacy policies and practices, which may differ from those of our website. For more information about privacy in relation to Calendly, please see Calendly's privacy policy: https://calendly.com/pages/privacy. If you have any questions about the data collected by Calendly or wish to exercise your rights with respect to that data, you should contact Calendly LLC directly.
4.4 Adobe Fonts
Adobe Fonts is a service provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA. Adobe Fonts is an online service that allows users to embed high-quality fonts on their websites.
We use Adobe Fonts to integrate certain fonts on our website. This allows us to ensure a consistent and responsive design that helps improve the user experience.
To provide the fonts, Adobe Fonts may use cookies or other tracking technologies to collect information such as the visitor's IP address, browser type and version, and other information about the website visit.
4.5 Webflow
We use services on our website from Webflow, a web design tool and hosting service provided by Webflow, Inc, 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA. Webflow allows us to create and host a responsive and user-friendly design for our website.
By visiting our website hosted via Webflow, various data may be collected, including your IP address, date and time of access, browser type, operating system, as well as information about the pages and content you have accessed. This data is mainly used for statistical purposes and to optimize the user experience.
Webflow may set cookies on your device to store your preferences and interactions with our website. This is to facilitate navigation and ensure a consistent user experience.
The main purpose of data processing by Webflow is to provide and optimize our website in order to present you with relevant content in an appealing design.
4.6 Cloudflare Turnstile
Our website uses "Cloudflare Turnstile", a service provided by Cloudflare, Inc, 101 Townsend St, San Francisco, CA 94107, USA ("Cloudflare"). Cloudflare Turnstile is a security service that helps us distinguish human traffic from automated traffic and thus protect our website from misuse.
When you attempt to access content protected by Cloudflare Turnstile, you will be asked to provide certain information, usually your email address. This information is transmitted to and stored by Cloudflare to enable access to the protected content and to provide us with an overview of the requests.
When you fill out forms on our website or perform certain actions that require verification, Cloudflare Turnstile may be used to ensure that you are a human and not a bot. In doing so, various data, including your IP address and information about your interaction with the Cloudflare Turnstile widget, is transmitted to and processed by Cloudflare.
Cookies
Technically necessary
Switzerland: Art. 45c (b), Art. 17 sentence 1 a) DSG
Name Cookie | Purpose | Storage duration |
---|---|---|
ppms_privacy_* | Used to store the cookie consent agreement, which specifies which cookies can be set. | 13 months |
Analysis / Statistics
Switzerland: Art. 45c (b), Art. 17 sentence 1 a) DSG
Name | Purpose | Storage duration |
---|---|---|
_pk_testcookie | A cookie has been set and should be immediately deleted (used to check if the visitor's browser supports cookies). | 1 Second |
mtm_consent | mtm_consent (or mtm_consent_removed) is created with a duration of 30 years to remember whether the user has given (or withdrawn) consent. | Forever |
MATOMO_SESSID | Matomo uses cookies. For this purpose, the usage information generated by the cookie is transferred to our servers and stored there. The information generated by the cookie is used for statistical purposes as well as to improve the website and server. | N.a |
mtm_consent_removed | mtm_consent (or mtm_consent_removed) is created with a duration of 30 years to remember whether the user has given (or withdrawn) consent. | N.a |
_pk_id.* | This cookie is used to record visitor behavior on the website. It is used to collect statistics on the usage of the website. Cookies do not contain personal data and are solely used for website analysis. | 13 Months |
_pk_ref.* | This cookie is used to store the login credentials of the referrer originally used to visit the website. | 13 Months |
_pk_ses.* | This cookie is used to record visitor behavior on the website. It is employed to gather statistics on the usage of the website. Cookies do not contain personal data and are solely utilized for website analysis. | 30 Minutes |
_pk_cvar.* | This cookie is inactive by default and needs to be activated through Matomo. It captures the custom variables generated during the previous page visit. | 30 Minutes |
_pk_hsr.* | To capture all page views within a session, a cookie is necessary. A cookie is generated when accessing the configured entry page. | 30 Minutes |
Switzerland: Art. 45c (b), Art. 17 sentence 1 a) DSG
Name | Purpose | Storage duration |
---|---|---|
stg_traffic_source_priority | Stores traffic source types that describe how visitors arrived at your website. | 30 Minutes |
stg_last_interaction | Determines whether the session of the last visitor is still ongoing or if a new session has started. | 365 Days |
stg_returning_visitor | Determines whether a visitor has previously visited your website – these are returning visitors. | 365 Days |
stg_externalReferrer | Stores the URL of the website that referred visitors to your site. | Session |
_pk_testcookie.1.d8de | Is used to determine if the browser is configured to block or allow cookies | N.a |
_stg_debug / stg_debug | Indicates whether the Tag Manager debugger should be displayed. Cookies are deleted when the debugger is closed. | 14 Days |
stg_fired__<*> | Determines whether the combination of tag and trigger was fired during the current visitor session. | Session |
stg_utm_campaign | Records the name of the event that brought visitors to your website. | Session |
stg_pk_campaign | Records the name of the event that brought visitors to your website. | Session |
_stg_opt_out_simulate | Is used to simulate the deactivation behavior of fragments in the debugger. This deactivates all tracking tags on the test domain. | 1 Year |
_stg_optout | Is used to deactivate all tracking tags on the test domain. | 1 Year |
stg_global_opt_out (deprecated) | Is used to deactivate all tracking tags on websites associated with a Piwik PRO account. | 1 Year |
Name | Purpose | Storage duration |
---|---|---|
ppms_webstorage | VPrevents the loss of visitor data due to certain mechanisms used by browsers, such as ITP for Safari. | Persistent |