Privacy Policy

We are pleased that you have visited our website, laemassage.ch, and are interested in our company.

The protection of your personal data—such as your date of birth, name, phone number, address, etc.—is very important to us.

The purpose of this Privacy Policy is to inform you about the processing of your personal data that we collect when you visit our website. Our data protection practices comply with the legal provisions of the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The following privacy policy serves to fulfill the information obligations under the FADP and the GDPR. These can be found, for example, in Art. 19 et seq. of the FADP and Art. 13 et seq. of the GDPR.

Owner or person in charge

The controller within the meaning of Art. 5(j) of the Data Protection Act (DSG) or Art. 4(7) of the General Data Protection Regulation (GDPR) is the person who, alone or jointly with others, determines the purposes and means of the processing of personal data. The controller under Art. 4(7) of the GDPR is also the recipient of the personal data within the meaning of Art. 4(9) of the GDPR. Any third-party recipient is identified separately.

The owner and controller of our website is:

LAE by Laetitia Vouillon
Beckenweg 9
4056 Basel Stadt
Switzerland
Email: info@laemassage.ch
Phone: 0772846220

Website hosting and log file generation

Every time you visit our website, our system automatically collects data and information about the device used to access the site (e.g., computer, mobile phone, tablet, etc.).

What personal data is collected, and to what extent is it processed?

(1) Information about the browser type and version used;
(2) The operating system of the device used to access the site;
(3) Hostname of the accessing computer;
(4) The IP address of the device used to access the site;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) accessed on our website;
(7) Websites from which the user’s system accessed our website (referrer tracking);
(8) Notification of whether the request was successful;
(9) Amount of data transferred

This data is stored in our system's log files. This data is not stored together with the personal data of any specific user, so individual visitors to the site cannot be identified.

Legal basis for the processing of personal data

The processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6(1) of the Data Protection Act) and the principle of good faith (Art. 6(2) of the Data Protection Act and Art. 2 of the Civil Code), as well as Art. 6(1)(f) of the GDPR (legitimate interest).

Purpose of data processing

The temporary (automated) storage of data is necessary for the proper functioning of a website visit in order to enable the website to be displayed. The storage and processing of personal data also serves to ensure that our website remains compatible for as many visitors as possible, as well as to combat misuse and resolve technical issues. To this end, it is necessary to log the technical data of the accessing computer in order to be able to respond as quickly as possible to display errors, attacks on our IT systems, and/or malfunctions of our website. In addition, the data helps us optimize the website and generally ensure the security of our IT systems.

Duration of storage

The aforementioned technical data will be deleted as soon as it is no longer needed to ensure the website’s compatibility for all visitors, but no later than 3 months after the website is accessed.

Right to restrict processing, object, rectify, and erase data

You may at any time request the restriction of processing in accordance with Article 18 of the GDPR, object to processing in accordance with Article 21 of the GDPR, or request the rectification or erasure of your data in accordance with Articles 16 and 17 of the GDPR. You can find information about your rights and how to exercise them at the bottom of this Privacy Policy.

Special features of the website

Our website offers various features, and when you use them, we collect, process, and store personal data. Below, we explain what happens to this data:

Order Form

  • What personal data is collected, and to what extent is it processed?

    The data you enter in the form fields, such as your address, last name, first name, etc., will be processed by us for the purpose described below.

  • Legal basis for the processing of personal data

    The processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6(1) of the Data Protection Act) and the principle of good faith (Art. 6(2) of the Data Protection Act and Art. 2 of the Civil Code), as well as Art. 6(1)(b) of the GDPR (implementation of (pre)contractual measures).

  • Purpose of data processing

    The purpose of processing your data is to process your order so that we can fulfill or initiate the contract we have entered into with you.

  • Duration of storage

    The data will be deleted as soon as it is no longer needed to process the order and there are no longer any legal retention requirements. Generally, the law requires data to be retained for 10 years.

  • Right to object, right to data access, right to rectification, and right to erasure

    You may at any time restrict processing in accordance with Article 18 of the GDPR, object to processing in accordance with Article 21 of the GDPR, and request the rectification or erasure of your data in accordance with Articles 16 and 17 of the GDPR. You can find information about your rights and how to exercise them at the bottom of this Privacy Policy.

  • Requirement to Provide Personal Information

    The information on the order form is required to complete the contract. If you do not fill out the required fields, or do not fill them out completely, we will not be able to process your order.

Booking Request Form

  • Scope of the processing of personal data

    We will process the information you provide in our booking request form (date, number of guests, etc.) for the following purpose.

  • Legal basis for the processing of personal data

    The processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6(1) of the Data Protection Act) and the principle of good faith (Art. 6(2) of the Data Protection Act and Art. 2 of the Swiss Civil Code), as well as Art. 6(1)(b) of the GDPR (implementation of (pre-)contractual measures).

  • Purpose of data processing

    An exchange of information prior to signing the contract is necessary to review your booking so that we can prepare for a potential future contract.

  • Duration of storage

    The data will be deleted as soon as it is no longer needed to process the booking and there are no longer any legal retention requirements.

  • Right to object, right to data access, right to rectification, and right to erasure

    You may at any time restrict processing in accordance with Article 18 of the GDPR, object to processing in accordance with Article 21 of the GDPR, and request the rectification or erasure of your data in accordance with Articles 16 and 17 of the GDPR. You can find information about your rights and how to exercise them at the bottom of this Privacy Policy.

  • Requirement to Provide Personal Information

    The information on the booking request form is required so that we can process your booking properly. If you do not fill out the required fields, or do not fill them out completely, we will not be able to process your booking request.

Appointment Request Form

  • Scope of the processing of personal data

    The information you provided in our appointment booking form.

  • Legal basis for the processing of personal data

    The processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6(1) of the Data Protection Act) and the principle of good faith (Art. 6(2) of the Data Protection Act and Art. 2 of the Civil Code), as well as Art. 6(1)(b) of the GDPR (implementation of (pre)contractual measures).

  • Purpose of data processing

    We will use the data collected through our appointment booking form solely for the purpose of processing appointment requests received via the form.

  • Duration of storage

    We will delete your appointment booking immediately after 12 months have elapsed since the appointment was scheduled, provided there are no legal retention requirements. We reserve the right to delete the booking without providing a reason and without prior or subsequent notice.

  • Right to restrict processing, object, rectify, and erase data

    You may at any time request the restriction of processing in accordance with Article 18 of the GDPR, object to processing in accordance with Article 21 of the GDPR, or request the rectification or erasure of your data in accordance with Articles 16 and 17 of the GDPR. You can find information about your rights and how to exercise them at the bottom of this Privacy Policy.

  • Requirement to Provide Personal Information

    You must use our appointment booking form if you wish to book an appointment with us online. To book online, you must provide certain required information. If you do not fill out all the required fields, your appointment request cannot be accepted or processed.

Disclosure of Information to Third Parties

The processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6(1) of the Data Protection Act) and the principle of good faith (Art. 6(2) of the Data Protection Act and Art. 2 of the Civil Code).

The disclosure of information to third parties depends on the scope of the activities or services described below on our website or within our business model.

As a general rule, we retain your information only for as long as necessary and treat it confidentially. Exceptions to this include the transfer of personal data to debt collection agencies, public bodies and authorities, as well as to private individuals who are entitled to such data pursuant to legal provisions, court decisions, or official orders, as well as the transfer to authorities for the purpose of initiating legal proceedings or for law enforcement purposes if our legally protected rights are infringed.

Statistical analysis of visits to this website - Webtracker

When you visit this website or access individual files on the website, we collect, process, and store the following data: IP address, the website from which the file was accessed, the name of the file, the date and time of access, the amount of data transferred, and a notification of whether the access was successful (so-called web log). We use this access data exclusively in a non-personalized form to continuously improve our website and for statistical purposes.

Any processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6(1) of the Data Protection Act) and the principle of good faith (Art. 6(2) of the Data Protection Act and Art. 2 of the Civil Code). We also use the following web trackers to analyze visits to this website:

  • Adobe Typekit

    On our website, we use the Adobe Typekit service provided by Adobe Systems Software Ireland Limited, 4-6 Riverwalk Citywest Business Campus, 24 Dublin, Ireland, email: contact.de@adobe.com, Website: https://www.adobe.com/de. According to Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the United States. With regard to the transfer of personal data to the United States, there is an adequacy decision by the European Commission regarding the EU-US Data Privacy Framework pursuant to Article 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The service provider is certified under the DPF, so the standard level of protection under the GDPR applies to the transfer of data.

    The legal basis for the transfer of personal data is the consent you provided on our website in accordance with Art. 6(6) of the DSG or Art. 31(2) of the DSG, and in accordance with Art. 6(1)(a) of the GDPR or Art. 9(2)(a) of the GDPR.

    We use the Adobe Typekit service to incorporate attractive fonts into our site and to display our website in a more visually appealing format. The service may also be used on our website if other Adobe services are loaded on our website that require Adobe Typekit fonts to function. This is the case, for example, when our website uses Adobe services that require Adobe Typekit to function.

    To process this data, the service—or we—collect the following information: Data regarding fonts, the visitor’s IP address, statistics on font usage, and other data from Adobe services related to our website.

    If the service is enabled on our website, our website establishes a connection to the servers of Adobe Systems Software Ireland Limited and transmits the necessary data. As part of data processing on behalf of Adobe, personal data may also be transmitted to the servers of Adobe Inc., 345 Park Avenue, San Jose, California 95110-2704, USA. When the Google service is used on our website, Adobe may transmit and process information from other Adobe services to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Adobe services Document Cloud, Creative Cloud, and Acrobat in accordance with the Adobe Privacy Policy. You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list.

    You may withdraw your consent at any time. For more information on how to withdraw your consent, please refer to the consent form itself or the end of this Privacy Policy.

    For more information on how the transferred data is handled, please refer to the provider’s privacy policy at https://www.adobe.com/de/privacy.html.

    The provider also offers an opt-out option at https://www.adobe.com/de/privacy/opt-out.html.

  • Google Maps

    On our website, we use the Google Maps service provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, Ireland, email: support-deutschland@google.com, Website: https://www.google.com/. According to Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the United States. With regard to the transfer of personal data to the United States, there is an adequacy decision by the European Commission regarding the EU-US Data Privacy Framework pursuant to Article 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The service provider is certified under the DPF, so the standard level of protection under the GDPR applies to the transfer of data.

    The legal basis for the transfer of personal data is the consent you provided on our website in accordance with Art. 6(6) of the DSG or Art. 31(2) of the DSG, and in accordance with Art. 6(1)(a) of the GDPR or Art. 9(2)(a) of the GDPR.

    On our behalf, Google will use the information collected via Google Maps to display the map to you. Google Maps allows you to find us more quickly and accurately than a simple, non-interactive map. The relevant data is also used to identify website visitors who view our Google Maps map—potentially using the Google Advertising ID—and to link them to physical visits and accesses of other contact information listed on Google. In this way, Google can estimate expected visitor traffic.

    For the processing itself, the service—or we—collect the following data: Data required to visualize and display location data in the form of a map, including, in particular, IP address, information from Google background services such as Google APIs, search terms, IP address, coordinates, starting point and destination when using the route planner, location data, Google Advertising ID, and Android Advertising ID.

    We have entered into a joint processing agreement with Google regarding Google Maps. You can find the terms of the agreement at https://privacy.google.com/intl/de/businesses/mapscontrollerterms/. If the service is active on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the necessary data. As part of the order processing, personal data may also be transferred to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When the Google service is used on our website, Google may transmit and process information from other Google services to provide background services for the display and data processing of the services provided by Google. For this purpose, data processing may also be carried out by the Google services Google APIs, Google Cloud, and Google Fonts in accordance with the Google Privacy Policy, with Google bearing responsibility under data protection law. You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list.

    You may withdraw your consent at any time. For more information on how to withdraw your consent, please refer to the consent form itself or the end of this Privacy Policy.

    For more information on how the transferred data is handled, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

  • Gstatic

    On our website, we use the Gstatic service provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, Ireland, email: support-deutschland@google.com, Website: https://www.google.com/. According to Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the United States. With regard to the transfer of personal data to the United States, there is an adequacy decision by the European Commission regarding the EU-US Data Privacy Framework pursuant to Article 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The service provider is certified under the DPF, so the standard level of protection under the GDPR applies to the transfer of data.

    The legal basis for the transfer of personal data is the consent you provided on our website in accordance with Art. 6(6) of the DSG or Art. 31(2) of the DSG, and in accordance with Art. 6(1)(a) of the GDPR or Art. 9(2)(a) of the GDPR.

    Gstatic is a background service used by Google to fetch static content, with the aim of reducing bandwidth usage and preloading necessary catalog files. In particular, the service loads background data for Google Fonts and Google Maps.

    As part of order processing, personal data may also be transferred to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. You can view the provider’s certification under the EU-U.S. Data Privacy Framework at https://www.dataprivacyframework.gov/list.

    You may withdraw your consent at any time. For more information on how to withdraw your consent, please refer to the consent form itself or the end of this Privacy Policy.

    For more information on how the transferred data is handled, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

Integration of external web services and processing of data outside the EU

On our website, we use active content from external providers, known as web services. When you visit our website, these external providers may receive personal information about your visit. This may involve the processing of data outside of Switzerland and the EU. You can prevent this by installing an appropriate browser plugin or by disabling the execution of scripts in your browser. This may result in functional limitations on the websites you visit.

We use the following external web services:

  • Google Cloud APIs

    On our website, we use the Google Cloud APIs service provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, Ireland, email: support-deutschland@google.com, Website: https://www.google.com/. According to Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the United States. With regard to the transfer of personal data to the United States, there is an adequacy decision by the European Commission regarding the EU-US Data Privacy Framework pursuant to Article 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The service provider is certified under the DPF, so the standard level of protection under the GDPR applies to the transfer of data.

    The legal basis for the transfer of personal data is the consent you provided on our website in accordance with Art. 6(6) of the DSG or Art. 31(2) of the DSG, and in accordance with Art. 6(1)(a) of the GDPR or Art. 9(2)(a) of the GDPR.

    We use Google APIs to load additional Google services on our website. Google APIs are a collection of interfaces that enable communication between the various Google services used on our website. In particular, this service is used to display Google Fonts and to provide Google Maps.

    For processing purposes, the service—or we—collect the following data: IP address

    If the service is enabled on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the necessary data. As part of data processing on behalf of a client, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When the Google service is used on our website, Google may transmit and process information from other Google services to provide background services for the display and data processing of the services provided by Google. To this end, data may also be transferred to the Google services Google Cloud, Google Maps, Google Ads, and Google Fonts in accordance with Google’s Privacy Policy, under Google’s responsibility for data protection. You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list.

    You may withdraw your consent at any time. For more information on how to withdraw your consent, please refer to the consent form itself or the end of this Privacy Policy.

    For more information on how the transferred data is handled, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

  • Google Fonts

    On our website, we use the Google Fonts service provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, Ireland, email: support-deutschland@google.com, Website: https://www.google.com/. According to Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the United States. With regard to the transfer of personal data to the United States, there is an adequacy decision by the European Commission regarding the EU-US Data Privacy Framework pursuant to Article 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The service provider is certified under the DPF, so the standard level of protection under the GDPR applies to the transfer of data.

    The legal basis for the transfer of personal data is the consent you provided on our website in accordance with Art. 6(6) of the DSG or Art. 31(2) of the DSG, and in accordance with Art. 6(1)(a) of the GDPR or Art. 9(2)(a) of the GDPR.

    We use the Google Fonts service to incorporate attractive fonts into our site, allowing us to display our website in a more visually appealing format. The service may also be used on our website if other Google services are loaded on our website that require Google Fonts to function. This is the case, for example, when our website uses Google services that absolutely require Google Fonts to function.

    For processing purposes, the service—or rather, we—collect the following data: Data regarding fonts, the visitor’s IP address, statistics on font usage, and other data from Google services related to our website.

    If the service is enabled on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the necessary data. As part of data processing on behalf of a client, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google APIs, Google Cloud, and Google Ads in accordance with the Google Privacy Policy. You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list.

    You may withdraw your consent at any time. For more information on how to withdraw your consent, please refer to the consent form itself or the end of this Privacy Policy.

    For more information on how the transferred data is handled, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

  • Legally compliant legal text snippets and modules

    We use the Legally ok legal text snippet service and modules provided by Legally ok GmbH, Schochenmühlestrasse 6, 6340 Baar, Switzerland, email: hello@legally-ok.com, website: https://www.legally-ok.com/, on our site. Data processing takes place exclusively in Switzerland in accordance with the data protection laws applicable there. Processing also takes place in a third country outside the EU. An adequacy decision has been issued by the Commission for this third country. You can find a current list of all adequacy decisions on the European Commission’s website (link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de).

    The legal basis for the transfer and processing of data is Article 31(1) of the DSG and Article 6(1)(c) of the GDPR. Using this service helps us comply with our legal obligations.

    This service is used to load the content of our legal texts onto our website. The integration on our site ensures that the most up-to-date legal texts are loaded. This integration may also be used to load additional technical modules related to the legal texts or legally required elements.

    You can find out what rights you have regarding the processing of your data at the end of this privacy policy.

    For more information on how the transferred data is handled, please refer to the provider’s privacy policy at https://www.legally-ok.com/datenschutz/.

  • SQUARESPACE

    On our website, we use the SQUARESPACE service provided by Squarespace Ireland Ltd., Le Pole House, 8 Great Ship Street, Dublin, Ireland, email: privacy@squarespace.com, Website: https://de.squarespace.com/. According to Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the United States. With regard to the transfer of personal data to the United States, there is an adequacy decision by the European Commission regarding the EU-US Data Privacy Framework pursuant to Article 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The service provider is certified under the DPF, so the standard level of protection under the GDPR applies to the transfer of data.

    The legal basis for the transfer of personal data is our legitimate interest in processing such data, in accordance with Article 6(1)(f) of the GDPR. Our legitimate interest lies in achieving the purpose described below.

    This service is the technical system that powers our website. We need it to display our website to you.

    You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list.

    With regard to the processing of your data, you have the right to object as set forth in Article 21 of the GDPR. Further information can be found at the end of this Privacy Policy.

    For more information on how the transferred data is handled, please refer to the provider’s privacy policy at https://de.squarespace.com/privacy/.

Information About the Use of Cookies

Scope of the processing of personal data

We use cookies on various pages to enable certain features of our website and to integrate external web services. "Cookies" are small text files that your browser can store on your device. These text files contain a unique string of characters that uniquely identifies your browser when you return to our website. The process of storing a cookie file is also referred to as "setting a cookie." Cookies can be set by both the website itself and by external web services.

Legal basis for the processing of personal data

The relevant provisions are Art. 6 et seq. of the DSG (principles), as well as Art. 6(1)(f) of the GDPR (legitimate interest) and Art. 6(1)(a) or Art. 9(2)(a) of the GDPR (consent).

The applicable legal basis is set forth in the cookie table provided later in this section.

In general, for cookies collected on the basis of a legitimate interest, our legitimate interest consists in ensuring the functionality of our website and the services integrated into it (technically necessary cookies). In addition, these cookies may enhance user-friendliness and enable a more personalized experience. In this regard, we have weighed your interests against our own.

We can identify, analyze, and track individual website visitors using cookie technology only if the visitor has consented to the use of cookies in accordance with Section 6(6) of the DSG or Article 6(1)(a) of the GDPR.

Purpose of data processing

Cookies are set by our website or external web services to ensure the full functionality of our website, improve user-friendliness, or to fulfill the purpose specified with your consent. Cookie technology also allows us to recognize individual visitors using pseudonyms, such as unique or random IDs, so that we can offer more personalized services. Details are listed in the table below.

Duration of storage

The cookies listed below are stored in your browser until they are deleted or, in the case of session cookies, until the session expires. Details are provided in the table below:

Cookie name Server Provider Purpose Legal basis Retention period Type
crumb www.laemassage.ch, laemassage.ch Website operator This cookie is set in conjunction with the Squarespace website builder. It prevents cross-site request forgery (CSRF). Legitimate interest Meeting Security
ss_cvr www.laemassage.ch SQUARESPACE The cookie assigns a unique identifier to visitors and tracks their sessions on the website. Consent approximately 24 months Analytics
ss_cvt www.laemassage.ch SQUARESPACE The cookie assigns a unique identifier to visitors and tracks their sessions on the website. Consent about 30 minutes Analytics

Right to object, withdrawal of consent, and erasure

You can configure your browser to prevent cookies from being set altogether. You can then decide on a case-by-case basis whether to accept cookies or accept them by default. Cookies can be used for various purposes, such as to recognize that your device is already connected to our website (persistent cookies) or to save recently viewed content (session cookies). If you have expressly granted us permission to process your personal data, you may revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent prior to its revocation.

Data Security and Privacy, Email Communication

Your personal data is protected through technical and organizational measures during collection, storage, and processing to ensure that it remains inaccessible to third parties. In the case of unencrypted email communication, we cannot guarantee complete data security during transmission to our IT systems; therefore, we recommend using encrypted communication or sending information by mail for data requiring a high level of confidentiality.

Duration of data storage and rights of the data subject

Duration of storage

We store personal data only to the extent and for as long as is necessary to fulfill the purposes for which the personal data was collected, we have a legitimate and overriding interest in retaining it, or we are legally required to do so.

Right to information

You have the right to request confirmation as to whether we process your personal data. If this is the case, you have the right to access the information specified in Sections 25 et seq. of the DSG or Article 15(1) of the GDPR, provided that the data controller cannot refuse, restrict, or postpone the disclosure of such information (see Art. 26 et seq. of the DSG or Art. 15(4) of the GDPR). We would also be happy to provide you with a copy of the data.

Right to correction

Pursuant to Art. 32(1) of the DSG or Art. 16 of the GDPR, you have the right to request that inaccurate personal data (such as your address, name, etc.) be corrected, provided that no legal obligation precludes such a request. You may also request at any time that the data we have stored be supplemented. Any necessary corrections will be made immediately.

Right to erasure

Pursuant to Article 17(1) of the GDPR, you have the right to request that we erase the personal data we have collected about you if

  • the data is no longer needed;
  • the legal basis for the processing has ceased to exist without replacement due to the withdrawal of your consent;
  • there are no longer any legitimate grounds for processing;
  • your data is processed unlawfully;
  • a legal obligation requires it.

Pursuant to Article 17(3) of the GDPR, this right does not apply if

  • the processing is necessary for the exercise of the right to freedom of expression and information;
  • your data has been collected based on a legal obligation;
  • the processing is necessary for reasons of public interest;
  • the data is necessary for the assertion, exercise, or defense of legal claims.

Right to restrict processing

Pursuant to Article 18(1) of the GDPR, you have the right to request the restriction of the processing of your personal data in certain cases.

This is the case when

  • you dispute the accuracy of your personal data;
  • the processing is unlawful and you do not consent to its deletion;
  • the data is no longer needed for the purpose for which it was processed, but the collected data is necessary for the establishment, exercise, or defense of legal claims;
  • an objection to the processing has been lodged pursuant to Article 21(1) of the GDPR, and it is still unclear which interests prevail.

Right of withdrawal

If you have given us your explicit consent to process your personal data (Art. 6(6) DSG and Art. 31(1) DSG; Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR), you may revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent prior to its withdrawal. Data that we are legally required to retain will be deleted once the retention period has expired.

Right to object

Pursuant to Article 21 of the GDPR, you have the right to object at any time to the processing of your personal data that has been collected on the basis of Article 6(1)(f) of the GDPR (in the context of a legitimate interest). If you have given us your explicit consent to the processing of your personal data (Article 6(6) of the Data Protection Act and Article 31(1) of the Data Protection Act), you may revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent prior to its revocation. You are only entitled to this right if there are special circumstances that preclude storage and processing. Data that we are legally required to retain will be deleted after the retention period expires.

How do you exercise your rights?

You can exercise your rights at any time by contacting us using the contact information below:

LAE by Laetitia Vouillon
Beckenweg 9
4056 Basel Stadt
Switzerland
Email: info@laemassage.ch
Phone: 0772846220

Right to data portability

Pursuant to Article 20 of the GDPR, you have the right to receive the personal data concerning you. We will provide the data in a structured, commonly used, and machine-readable format. The data may be sent either to you or to a controller designated by you.

Upon request, we will provide you with the following information:

  • Data collected on the basis of consent (Art. 31(1) of the Data Protection Act and Art. 6(1)(a) of the GDPR);
  • Data that we have received from you under existing contracts (Art. 31(2)(a) of the Swiss Data Protection Act (DSG), as well as Art. 6(1)(b) and Art. 9(2)(a) of the General Data Protection Regulation (GDPR));
  • Data that has been processed using an automated procedure.

We will transfer your personal data directly to the data controller of your choice, provided this is technically feasible. Please note that, pursuant to Art. 26(1)(b) of the DSG and Art. 20(4) of the GDPR, we may not transfer data that interferes with the overriding interests of third parties, or may only do so to a limited extent.

Notifications to the FDPIC and the right to file a lawsuit

Under Article 49 of the Data Protection Act (DSG), data subjects may file a complaint with the supervisory authority if there are sufficient indications that data processing may violate data protection regulations. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

For further information, please refer to the FDPIC contact form: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html

If you suspect that your data is being processed unlawfully on our website, you may seek a judicial resolution of the matter in accordance with Art. 32 of the Data Protection Act (DSG). As a rule, this should be pursued through a lawsuit under Art. 28 et seq. of the Swiss Civil Code (ZGB). If you are affected by the processing of data by federal authorities, the procedure is governed by Art. 41 of the Data Protection Act (DSG). In this case as well, you may contact the FDPIC (see the reference to the contact form above).

Right to lodge a complaint with the supervisory authority pursuant to Article 77(1) of the GDPR

If you suspect that your data is being processed unlawfully on our website, you may, of course, seek a judicial resolution of the matter at any time. In addition, you are free to pursue any other legal remedies available to you. Regardless of this, pursuant to Article 77(1) of the GDPR, you have the option of contacting a supervisory authority. You have the right to lodge a complaint pursuant to Article 77 of the GDPR in the EU Member State where you reside, where you work, and/or where the alleged infringement occurred; that is, you may choose the supervisory authority to which you wish to appeal from among the locations mentioned above. The supervisory authority to which the complaint was submitted will then inform you of the status and results of your submission, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.

Legally ok - Privacy Solution for Websites - Privacy Policy, Legal Notice, Cookie Banner

The privacy policy, legal notice, and cookie banner for this website were created free of charge using the all-in-one website privacy solution Legally ok.