Privacy Policy

We value transparency in the handling of personal data. This Privacy Policy explains what personal information we collect, for what purposes, and with whom we may share it. To ensure clarity and accuracy, this Privacy Policy is reviewed and updated on a regular basis.

1. Services We Use

• Weblication^©

2. Contact Information
If you have any questions or concerns about how we process your personal data, you may contact us at any time via email at nfdrch.
The controller responsible for data processing in connection with this website is:

Edori GmbH
Buolterlistrasse 12
6052 Hergiswil NW
Switzerland

nfdrch

3. General Principles

3.1 What data do we collect?
We primarily process personal data that you provide to us directly or that we collect when you use our website. In some cases, we may also receive personal data about you from third parties. Categories of data may include:

• Basic personal details (e.g., name, address, date of birth);
• Contact details (e.g., phone number, email address);
• Financial data (e.g., bank account information);
• Online identifiers (e.g., cookie IDs, IP addresses);
• Location and traffic data;
• Audio or visual recordings;
• Special categories of data (e.g., biometric data or health information).

3.2 Legal bases for processing
We process your personal data confidentially and only for the purposes described in this Privacy Policy. Processing is carried out transparently and proportionately.

If an exception arises, we may still process your data lawfully on one of the following legal bases:

• Your consent;
• Performance of a contract or pre-contractual measures;
• Our legitimate interests, provided these are not overridden by your interests or fundamental rights.

3.3 Withdrawal of consent
If you have provided consent for the processing of your personal data, you may withdraw it at any time by sending an email to the contact address provided in the legal notice (imprint). Please note that withdrawal does not affect processing carried out prior to your withdrawal.

3.4 Disclosure of data to third parties

a. Processors and service providers
We may engage third-party providers or affiliated companies to process data on our behalf («processors»). Typical categories of recipients include:

• Accounting, fiduciary, and auditing firms;
• Legal, tax, and business consultants;
• IT service providers (web hosting, cloud services, website support, etc.);
• Payment service providers;
• Providers of analytics, conversion tracking, and advertising services.

We ensure that all third parties and affiliates comply with applicable data protection obligations and treat your personal data confidentially.

We may also be legally obliged to disclose personal data to public authorities.

b. Social media channels
Our website may include links to our social media channels, identifiable through corresponding icons. Clicking these icons will redirect you to the respective platform. In doing so, the platform provider may learn that you accessed their services from our website and may use this information for their own purposes. We have no influence over such processing.

c. International transfers
In some cases, personal data may be transferred to companies abroad, including worldwide. All such companies are required to comply with equivalent data protection standards.

If the level of protection does not match Swiss standards, we will conduct a risk assessment in advance and implement contractual safeguards (e.g., EU Standard Contractual Clauses or other legally required mechanisms). If the risk assessment is negative, we will take additional technical measures to protect your data.
For more information on the EU Standard Contractual Clauses, see:
https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_en

3.5 Data retention
We retain personal data only as long as necessary to fulfill the purposes for which it was collected.

• Website-related data is generally retained for 12 months, except for analytics and tracking data, which may be retained longer.
• Contract-related data must be retained for up to 10 years in accordance with statutory requirements (e.g., business correspondence, contracts, accounting records). Where such data is no longer required for service delivery, it will be restricted and used only for accounting and tax purposes.

3.6 Data security
We take appropriate technical and organizational measures to protect your personal data against loss, misuse, unauthorized access, alteration, or disclosure.
Our employees and partners with access to your data are contractually obligated to maintain confidentiality.
Our website uses SSL (Secure Socket Layer) technology with the highest level of encryption supported by your browser.

3.7 Your rights

a. Right of access
You may request information at any time about the personal data we hold about you. Please send such requests along with proof of identity to nfdrch.

If your data is processed automatically, you also have the right to receive it in a commonly used, machine-readable format if:

• You provided consent; or
• The data was supplied in connection with a contract.

We may restrict or refuse disclosure where this conflicts with legal obligations, legitimate interests of our own or of third parties, or overriding public interests. Requests will generally be processed within 30 days. If more time is required (e.g., due to volume, legal, or technical reasons), we will notify you in writing.

b. Rectification and erasure
You may request correction or deletion of your personal data at any time. Requests may be denied where legal obligations require continued retention or where overriding legitimate grounds apply.
Please note that exercising these rights may conflict with contractual obligations and could affect the performance of such contracts (e.g., early termination, costs).

c. Legal remedies
If you believe your data protection rights have been infringed, you may seek judicial remedy or lodge a complaint with the competent supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC):
https://www.edoeb.admin.ch

3.8 Amendments
We may amend this Privacy Policy at any time. Updates will be published on this page; no separate notification will be provided.

4. Specific Data Processing Activities

4.1 Provision of the website and log files

Data collected:
When you access our website, the following information may be automatically stored for system administration, security, statistical, or tracking purposes:

• Name of your internet service provider;
• IP address (where applicable);
• Browser version;
• Operating system;
• Date and time of access;
• Referring website;
• Search terms used to find our website.

Purpose:
These data cannot be attributed to specific individuals and are not combined with other data sources. They are stored to ensure the functionality and security of the website, which constitutes our legitimate interest.

Retention:
Log files are deleted once the purpose has been fulfilled and the session ends. Storage is essential for website operation and cannot be objected to.

4.2 Weblication^©
Our website is built using the Content Management System (CMS) Weblication^©, developed by Scholl Communications AG. Weblication^© enables efficient management and presentation of website content.

When using Weblication^©, certain technical data (such as IP addresses or browser details) may be processed to ensure correct functionality. These data are not permanently stored or disclosed to third parties unless required for website operation or legal purposes.
Weblication^© may also use cookies to provide specific website functions and improve user experience. These cookies are strictly technical and do not contain personal data.

BrainBox Generators
We use BrainBox Generators, a service provided by BrainBox Solutions GmbH, to identify privacy-relevant services on our website and assist in creating this Privacy Policy. No personal data is collected or processed by this service.