Skip to content

Privacy Policy

We collect as little data as possible. This policy sets out exactly what we collect, why, how long we retain it, and what rights you have. As of: 23.05.2026.

1. Data Controller

The controller responsible for processing your personal data within the meaning of Art. 5 lit. j revFADP (Swiss Federal Act on Data Protection) is:

Beherzig Group (sole proprietorship)
André Beherzig
Oberwil near Zug
Switzerland
UID: CHE-319.247.389

Contact for privacy enquiries: datenschutz@beherzig-group.ch

2. Our Principles

  • Data minimisation: We collect only what we genuinely need (Art. 6 para. 3 revFADP).
  • Purpose limitation: Data is used solely for the stated purpose.
  • Swiss data residency: Servers in Europe, no US cloud.
  • No tracking: No advertising cookies, no third-party analytics, no profiling.
  • Transparency: What we do is written here. What is not written here, we do not do.

3. What Data We Process

3.1 When you simply visit the website

Each time a page is loaded, your browser transmits technically necessary data to our server (Hetzner, Falkenstein, Germany):

  • IP address (anonymised in server logs after 7 days)
  • Date and time of the request
  • URL requested
  • Referrer URL (where you came from)
  • Browser type and operating system (user agent)

Purpose: Delivery of the website, security (defence against attacks), error analysis.
Legal basis: Legitimate interest in operating a functioning website (Art. 31 para. 2 lit. b revFADP).
Retention period: 7 days in the logs, then deleted automatically.

3.2 When you contact us

When you write to us by email (kontakt@beherzig-group.ch, datenschutz@beherzig-group.ch, investor@beherzig-group.ch), we process the data you submit (name, email address, message content, and any further details you provide).

Purpose: Responding to your enquiry.
Legal basis: Legitimate interest in responding to enquiries and, where applicable, pre-contractual measures (Art. 31 para. 2 lit. a revFADP).
Retention period: Until the enquiry is resolved, then archived according to standard commercial retention periods (generally 10 years for business correspondence under Art. 958f CO).

3.3 Forms (planned for a later phase)

No forms are currently active. Once newsletter or contact forms are added, we will document the exact data types, legal bases, and retention periods here. The newsletter will use a double-opt-in process (Art. 3 lit. o UWG).

3.4 Analytics (planned for a later phase)

No analytics solution is currently active. We plan to use self-hosted Matomo with IP anonymisation and without tracking cookies. Once this is live, we will add the details here. You will be able to object to tracking at any time.

4. Recipients and Data Processors

We do not pass your data to third parties unless we are legally required to do so or you have given your explicit consent. The following data processors support us in operating the website:

4.1 Hosting

  • Hetzner Online GmbH, Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (server location: Falkenstein/Saxony, Germany).
    Purpose: Provision of server infrastructure.
    Legal basis: Data processing agreement (DPA) pursuant to Art. 9 revFADP.
    Privacy policy: hetzner.com/datenschutz

4.2 Email Infrastructure

  • Self-hosted email servers in Switzerland and Germany.
    Purpose: Sending and receiving email.

4.3 Planned Sub-processors

The following data processors are planned for later phases and will be added here once active:

  • Self-hosted Matomo (analytics, IP-anonymised) – Phase 8
  • Self-hosted Mautic (newsletter, marketing automation) – Phase 6
  • Self-hosted n8n (form processing) – Phase 6

4.4 International Data Transfers

Our hosting provider Hetzner is based in Germany (EU). Germany has an adequate level of data protection under Art. 16 revFADP in conjunction with Annex 1 of the Data Protection Ordinance. No data is transferred to third countries, including the United States.

5. Your Rights

Under Art. 25–32 revFADP you have the following rights:

  • Access (Art. 25 revFADP): You may request information at any time as to whether and which data we hold about you.
  • Rectification (Art. 32 para. 1 revFADP): You may request that inaccurate data be corrected.
  • Erasure or destruction (Art. 32 para. 2 revFADP): You may request that your data be deleted, provided no statutory retention obligation applies.
  • Restriction of processing in certain circumstances.
  • Data portability (Art. 28 revFADP): You may receive your data in a common electronic format.
  • Objection to processing based on legitimate interest.
  • Withdrawal of consent with effect for the future.

To exercise your rights, an informal email to datenschutz@beherzig-group.ch. We aim to respond within 30 days.

6. Right to Lodge a Complaint

If you believe we are not processing your data correctly, you may contact the competent supervisory authority:

Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1
3003 Bern
Switzerland
edoeb.admin.ch

7. Data Security

We take appropriate technical and organisational measures to protect your data against loss, misuse, and unauthorised access (Art. 8 revFADP):

  • Encrypted transmission (TLS 1.3) between your browser and our server
  • Servers in access-controlled data centres within the EU
  • Regular security updates and backups
  • Access to personal data restricted to named, authorised individuals
  • No storage of sensitive data in plain text

8. Cookies

This website currently sets no cookies. Should technically necessary cookies (e.g. for language preferences) be required in a later phase, we will inform you here.

We use no tracking, advertising, or third-party cookies.

9. Changes to This Policy

This privacy policy may be updated when legal requirements, technical circumstances, or our processing activities change. The current version is always available here. The "as of" date is shown at the top of the page.

10. Contact

For questions about this policy or the processing of your data:
datenschutz@beherzig-group.ch