Privacy Policy
1. Scope
This privacy policy explains how le dot collects, processes, and uses personal data in connection with this website. It applies to all persons who visit this website or contact le dot.
2. Responsible body
le dot - E-Solution Stanic
Mirko Stanic
Birmensdorferstrasse 240
8003 Zürich
Switzerland
UID: CHE-130.745.803
Email: mail@le-dot.com
3. Principles of data processing
le dot processes personal data in accordance with the Swiss Data Protection Act (DSG). Personal data is:
- processed lawfully (DSG Art. 6 Abs. 1)
- collected only for a specific and recognisable purpose (DSG Art. 6 Abs. 3)
- processed only to the extent necessary for the respective purpose (DSG Art. 6 Abs. 2)
- retained only as long as the purpose requires (DSG Art. 6 Abs. 4)
- verified for accuracy (DSG Art. 6 Abs. 5)
- protected by appropriate technical and organisational measures (DSG Art. 8)
4. What data is collected
4.1 Server log files
When visiting this website, the hosting provider automatically records the following data in server log files:
- IP address (anonymised or complete, depending on server configuration)
- Date and time of access
- Page or file accessed
- Referrer URL (previously visited page)
- Browser and operating system used
- Amount of data transferred
Legal basis: Legitimate interest in ensuring trouble-free operation and detecting and preventing misuse (DSG Art. 31 Abs. 1).
Retention period: Server log files are automatically deleted after 30 days, unless further retention is required for evidentiary purposes.
4.2 Contact form
When you use the contact form on this website, the following data is collected:
- Name
- Email address
- Message (free text)
Legal basis: The processing serves pre-contractual communication and our legitimate interest in answering your enquiry. Where consent is required, you give it by actively submitting the form; the requirements for valid consent follow from DSG Art. 6 Abs. 6.
Purpose: Processing and responding to your enquiry.
Retention period: Contact enquiries are deleted after processing is complete, unless a statutory retention obligation exists.
4.3 Cookies and local storage
This website uses technically necessary cookies required for operation (no consent needed), as well as optional analytics and feedback cookies that are only loaded after explicit consent via the cookie banner (opt-in).
4.3.1 Technically necessary cookies
- Session cookie (PHP)
- Purpose: Session management
- Retention period: End of session
cookieconsent_status- Purpose: Stores your cookie consent
- Retention period: 1 year
theme(localStorage)- Purpose: Stores selected colour scheme (light/dark)
- Retention period: Unlimited
Legal basis: These storage mechanisms are technically required for the operation of the website. We load them on the basis of our legitimate interest in a functioning, secure operation and handle them in line with the transparency principles of the DSG. For users in the EU, the requirements of the GDPR and the ePrivacy rules may additionally apply.
4.3.2 Analytics and feedback cookies (only with consent)
The following services are loaded exclusively after your explicit consent via the cookie banner.
Google Analytics: Web analytics
Provider: Google LLC, USA. Sets cookies (_ga, _gid, etc.) for statistical analysis of website usage. IP anonymisation is enabled. Data transfer to the USA relies on the Swiss-US Data Privacy Framework, to the extent the recipient in the USA is certified under it.
Privacy policy: policies.google.com/privacy
PostHog: Product analytics Provider: PostHog Inc., USA. In our configuration, it collects anonymised usage data (page views, clicks, session duration) to improve the website; in this configuration no personal profiling takes place. The actual scope depends on the PostHog settings used (such as IP capture, session replay or identifiers). Privacy policy: posthog.com/privacy
Legal basis: Consent via cookie banner (opt-in); the requirements for valid consent follow from DSG Art. 6 Abs. 6. You can revoke your consent at any time by deleting the cookies in your browser.
4.4 Cookieless web analytics (Umami)
To evaluate the use of this website statistically, le dot uses Umami, a data-minimising, cookieless analytics tool. Umami is self-hosted by le dot on its own infrastructure in Switzerland; no data is passed to third parties and no data is transferred abroad.
Umami sets no cookies and uses no cross-device or cross-site identifiers. Only aggregated metrics that cannot be traced back to an individual are collected, for example pages viewed, the referring page, approximate location at country level, and browser and device type. The IP address is processed only transiently to derive these metrics and is not stored.
Legal basis: Legitimate interest in the needs-based design and statistical evaluation of the offering (DSG Art. 31 para. 1). As no cookies are set and no personal data is permanently stored, this cookieless measurement takes place without consent. The browser "Do Not Track" signal is respected: if it is enabled, no data is collected.
5. Disclosure of data to third parties
Personal data is generally not disclosed to third parties. Exceptions exist in the following cases:
- Hosting provider: This website is hosted by Metanet AG, Zurich, Switzerland. Metanet processes data on behalf of le dot and is contractually obligated to comply with data protection requirements (DSG Art. 9). Data is stored in Swiss data centres.
- Google Analytics (only with consent): Data transfer to Google LLC in the USA. The transfer relies on the Swiss-US Data Privacy Framework, to the extent Google is certified under it (Federal Council adequacy decision pursuant to DSG Art. 16).
- PostHog (only with consent): Data transfer to PostHog Inc. in the USA.
- Legal obligation: If le dot is legally required to do so, data may be disclosed to authorities or third parties (DSG Art. 19 Abs. 1).
Data transfer abroad: The consent-based analytics services (Google and PostHog, USA) are only loaded after your consent via the cookie banner. For this transfer to the USA we rely on the Swiss-US Data Privacy Framework, to the extent the recipient is certified under it; the basis for a disclosure abroad is the Federal Council adequacy decision (DSG Art. 16). It is our intention not to transfer any personal data abroad without your consent. Technically necessary components such as fonts, embedded content, spam protection or mail delivery may nevertheless trigger a transfer in individual cases; we keep the actual situation under review.
6. Rights of data subjects
You have the following rights under the DSG regarding your personal data:
6.1 Right of access (DSG Art. 25)
You may request information at any time as to whether and what personal data le dot processes about you.
6.2 Right to rectification (DSG Art. 6 Abs. 5)
You may request the rectification of inaccurate personal data.
6.3 Claims for deletion or destruction (DSG Art. 32)
Swiss data protection law does not provide a general right to erasure as the GDPR does. Personal data is in any case destroyed or anonymised once it is no longer required for the processing purpose (principle under DSG Art. 6 Abs. 4). Beyond that, through the civil-law claims under DSG Art. 32 you may request the destruction of personal data, provided no statutory retention obligation exists.
6.4 Right to data portability (DSG Art. 28)
You may request that your personal data be provided to you in a commonly used electronic format.
6.5 Right to lodge a complaint
You have the right to lodge a complaint with the Federal Data Protection and Information Commissioner (EDÖB).
For enquiries regarding your data protection rights, contact: mail@le-dot.com
7. Data security
le dot takes appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, or destruction (DSG Art. 8). These include, among others:
- Encrypted data transmission (TLS/SSL)
- Regular security updates
- Access restrictions
Despite these measures, absolute security cannot be guaranteed. Data transmission over the internet inherently carries security risks.
8. Retention period
Personal data is retained only as long as necessary for the respective processing purpose or as required by statutory retention obligations. Specifically:
- Server log files: 30 days
- Contact enquiries: until processing is complete, then deleted
- Contract-related data: according to statutory retention period (generally 10 years pursuant to OR Art. 958f)
9. Changes to this privacy policy
le dot reserves the right to amend this privacy policy at any time to adapt it to changed legal requirements or changes to the website. The current version applies from the time of publication on this website.
10. Supervisory authority contact
Federal Data Protection and Information Commissioner (EDÖB) Feldeggweg 1 3003 Bern Switzerland
References
- DSG Art. 6: Principles of data processing
- DSG Art. 8: Data security
- DSG Art. 9: Processing by data processors
- DSG Art. 16: Disclosure abroad (Federal Council adequacy decision)
- DSG Art. 19: Duty to provide information on collection
- DSG Art. 20: Exceptions to the duty to provide information
- DSG Art. 25: Right of access
- DSG Art. 28: Right to data portability
- DSG Art. 31: Justification grounds
- DSG Art. 32: Legal claims and procedures
- VDSG Art. 1–4: Data security (technical and organisational measures, logging)
- VDSG Art. 13: Modalities of the duty to provide information