Privacy Policy

Last updated: 27 April 2026

1. Introduction

With this Privacy Policy, we inform you about how DeepDB GmbH collects, uses, stores and protects personal data. This Privacy Policy applies to our website, our online services, our communication channels and our business activities, including services provided to customers, partners and interested parties.

"Personal data" means all information that relates to an identified or identifiable natural person. This may include, for example, names, contact details, IP addresses, communication content or information relating to contractual relationships.

This Privacy Policy is based primarily on the Swiss Federal Act on Data Protection (FADP). Where applicable, in particular if we offer services to persons or companies in the European Union or the European Economic Area, the EU General Data Protection Regulation (GDPR) may also apply.

Table of Contents

• Controller
• Data Protection Contact
• Overview of Data Processing
• Legal Basis
• Website and Hosting
• Contact and Communication
• Business Services and Contractual Relationships
• Cookies and Similar Technologies
• Analytics, Monitoring and Optimisation
• Social Media Presence
• Embedded Content and Fonts
• International Data Transfers
• Data Retention and Deletion
• Rights of Data Subjects
• Changes to this Privacy Policy
• Definitions

2. Controller

DeepDB GmbH
represented by Michael Kaufmann
Stirnrütistrasse 60
6048 Horw
Switzerland

Email: info@deepdb.ch

Website: www.deepdb.ch

3. Data Protection Contact

For questions regarding data protection, you may contact us at:

michael.kaufmann@deepdb.ch

4. Overview of Data Processing

The following overview summarises the categories of data we may process, the persons concerned and the purposes of processing.

Categories of Personal Data

• Contact data, such as names, email addresses, postal addresses and telephone numbers.
• Business and contract data, such as company names, roles, project information, contractual details and billing information.
• Communication data, such as emails, messages, meeting notes and enquiries.
• Technical and usage data, such as IP addresses, browser type, operating system, access times, log files and website usage information.
• Content data, such as information submitted through forms, messages or project-related documents.
• Payment and accounting data, where required for invoicing, bookkeeping or contract fulfilment.

Categories of Data Subjects

• Website visitors.
• Customers and prospective customers.
• Business partners and suppliers.
• Communication partners.
• Users of our online services and digital offerings.

Purposes of Processing

• Providing and maintaining our website and online services.
• Responding to enquiries and communicating with interested parties, customers and partners.
• Preparing, concluding and performing contracts.
• Providing consulting, development, database, hosting, operational and related IT services.
• Ensuring IT security, system stability and fraud prevention.
• Improving our website, services and communication.
• Complying with legal, accounting and tax obligations.
• Protecting our rights and legitimate business interests.

5. Legal Basis

If you are located in Switzerland, we process personal data in accordance with the Swiss Federal Act on Data Protection (FADP). Under Swiss data protection law, personal data must be processed lawfully, in good faith and proportionately. Personal data may only be collected for a specific purpose that is recognisable to the data subject and may only be processed in a manner compatible with that purpose.

Where the EU General Data Protection Regulation (GDPR) is applicable, we process personal data on the following legal bases:

• Performance of a contract or pre-contractual measures, Art. 6(1)(b) GDPR.
• Compliance with legal obligations, Art. 6(1)(c) GDPR.
• Legitimate interests, Art. 6(1)(f) GDPR.
• Consent, Art. 6(1)(a) GDPR, where consent is required.

Our legitimate interests include the secure and efficient operation of our website and services, communication with customers and interested parties, internal administration, IT security, business development and the protection of our legal and commercial interests.

6. Website and Hosting

When you visit our website, technical data is automatically processed in order to display the website, ensure its stability and security, and prevent misuse. This may include IP addresses, date and time of access, pages accessed, browser type and version, operating system, referrer URL and similar technical information.

Our website is hosted by cyon, a Swiss web hosting provider based in Basel, Switzerland. As part of the hosting services, cyon may process technical access data and server log files on our behalf.

• Processed data: IP addresses, access times, browser information, operating system, requested pages, log files and technical metadata.
• Purpose: Provision of the website, IT security, system stability, error analysis and prevention of misuse.
• Retention: Server log files are generally stored only for as long as necessary for security and operational purposes, unless a longer retention period is required for evidence or legal reasons.

7. Contact and Communication

If you contact us by email, contact form, telephone, LinkedIn or another communication channel, we process the information you provide in order to respond to your enquiry and communicate with you.

This may include your name, email address, telephone number, company, role, message content, attachments, metadata and any other information you choose to provide.

• Processed data: Contact data, communication data, content data and metadata.
• Purpose: Responding to enquiries, providing information, preparing offers, maintaining business relationships and documenting communication.
• Retention: Communication data is stored for as long as necessary to process the enquiry and, where applicable, in accordance with legal retention obligations.

8. Business Services and Contractual Relationships

We process personal data of customers, prospective customers, suppliers and business partners in order to prepare, conclude, perform and manage contractual relationships. This includes, in particular, the provision of consulting, development, database, hosting, operational, security and related IT services.

The data processed may include names, business contact details, company information, roles, project details, contractual data, service documentation, billing and payment information, communication history and any information required for the performance of our services.

Where necessary for the performance of a contract, we may also process data that is provided to us by customers in the context of a project or service. Such data is processed in accordance with contractual agreements, applicable law and appropriate technical and organisational security measures.

• Processed data: Contact data, business data, contract data, project data, billing data, payment data and communication data.
• Data subjects: Customers, prospective customers, business partners, suppliers and their employees or representatives.
• Purpose: Contract preparation, contract performance, project management, service delivery, support, invoicing, accounting, documentation, compliance and protection of legal rights.
• Retention: Business and contractual data is stored for as long as necessary for the contractual relationship and in accordance with statutory retention obligations.

9. Cookies and Similar Technologies

Our website may use cookies and similar technologies. Cookies are small text files that are stored on your device and allow certain website functions to operate properly.

We distinguish between technically necessary cookies and optional cookies. Technically necessary cookies are required for the operation, security and functionality of the website. Optional cookies, such as analytics or marketing cookies, are only used if you have given your consent, where such consent is required.

You can configure your browser to block or delete cookies. However, some functions of our website may not work properly if cookies are disabled.

• Processed data: Technical metadata, IP addresses, browser information, cookie identifiers and usage information.
• Purpose: Website functionality, security, user preferences, analytics and optimisation, where applicable.
• Retention: Session cookies are deleted when the browser session ends. Persistent cookies remain stored for a defined period, usually no longer than necessary for their purpose.

10. Analytics, Monitoring and Optimisation

We may use analytics, monitoring or optimisation tools to understand how visitors use our website, improve our content and ensure the technical performance of our online services.

If such tools process personal data or use non-essential cookies, they are only activated where legally permitted or after obtaining your consent. Where possible, we use privacy-friendly settings, such as IP anonymisation or masking.

If Google Tag Manager, Google Analytics or similar services are used on this website, the relevant tools are used to manage website tags, measure website usage and improve our online presence. Depending on the configuration, data may be transferred to Google or other service providers. Further information can be found in the privacy policies of the respective providers.

• Processed data: Usage data, technical metadata, IP addresses, device information, browser information and interaction data.
• Purpose: Website optimisation, performance monitoring, usage statistics and improvement of our services.
• Legal basis under GDPR, where applicable: Consent, Art. 6(1)(a) GDPR, or legitimate interests, Art. 6(1)(f) GDPR, depending on the specific tool and configuration.

11. Social Media Presence

We may maintain profiles on social networks, in particular LinkedIn, in order to inform about our company, communicate with interested parties and maintain business contacts.

When you visit or interact with our social media profiles, personal data may be processed by the respective platform provider. This may include profile information, interactions, messages, device information, IP addresses and usage behaviour. The platform provider may process this data for its own purposes, including analytics and advertising.

For detailed information about data processing by LinkedIn, please refer to LinkedIn's Privacy Policy: https://www.linkedin.com/legal/privacy-policy

If you contact us through a social network, we process the information you provide in order to respond to your message and communicate with you.

• Processed data: Contact data, profile data, communication data, content data and usage data.
• Purpose: Communication, public relations, business development and information about our services.

12. Embedded Content and Fonts

Our website may include embedded content or technical functions provided by third parties, such as maps, videos, forms, security tools or similar services. When such content is loaded, the third-party provider may process your IP address and other technical data, as this is required to deliver the content to your browser.

Where possible, we use privacy-friendly configurations and only integrate third-party services where they are necessary for the operation, security or functionality of our website, or where you have given your consent.

If Google Fonts are used on this website, they are hosted locally on our own server whenever possible. In that case, no personal data is transmitted to Google when the fonts are loaded.

• Processed data: IP addresses, browser data, device information, technical metadata and usage data.
• Purpose: Display of website content, user-friendly presentation, technical functionality and website security.

13. International Data Transfers

We primarily process personal data in Switzerland and, where applicable, in the European Economic Area. However, when using certain service providers, personal data may be transferred to or accessed from other countries.

If we transfer personal data to countries without an adequate level of data protection, we ensure appropriate safeguards in accordance with applicable data protection law. Such safeguards may include standard contractual clauses, recognised certification mechanisms, contractual guarantees or other legally permitted measures.

For transfers of personal data to certified companies in the United States, we may rely on the Swiss-U.S. Data Privacy Framework, provided that the recipient company is certified under this framework. Additional safeguards, such as standard contractual clauses, may be used where appropriate.

14. Data Retention and Deletion

We retain personal data only for as long as necessary for the purposes for which it was collected, or for as long as we are legally required or entitled to retain it.

Data that is no longer required is deleted or anonymised, unless legal retention obligations, contractual obligations, evidentiary purposes or legitimate business interests require a longer retention period.

Under Swiss law, certain business records, accounting documents, invoices and related documents must generally be retained for ten years. Contractual claims may also require retention for the duration of applicable limitation periods.

• Business and accounting records: generally up to 10 years.
• Contract and project data: for the duration of the contractual relationship and applicable retention or limitation periods.
• Communication data: for as long as necessary to process the enquiry or maintain the business relationship.
• Technical log data: for as long as necessary for security, troubleshooting and operational purposes.

15. Rights of Data Subjects

Under applicable data protection law, you may have the following rights with regard to your personal data:

• Right of access: You may request information about whether and how we process your personal data.
• Right to rectification: You may request the correction of inaccurate or incomplete personal data.
• Right to deletion: You may request the deletion of your personal data, unless we are legally required or entitled to retain it.
• Right to object: You may object to the processing of your personal data, particularly where processing is based on legitimate interests.
• Right to data portability: Where applicable, you may request that certain personal data be provided in a commonly used electronic format.
• Right to withdraw consent: Where processing is based on consent, you may withdraw your consent at any time with effect for the future.

To exercise your rights, please contact us at: michael.kaufmann@deepdb.ch

We may need to verify your identity before responding to a request. Please note that legal restrictions or retention obligations may apply.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, especially if we change our data processing activities, our website functionality, our service providers or if legal requirements change.

The version published on this website is the current version.

17. Definitions

• Personal data: Any information relating to an identified or identifiable natural person.
• Processing: Any handling of personal data, such as collection, storage, use, disclosure, modification, deletion or destruction.
• Controller: The person or organisation that determines the purposes and means of processing personal data.
• Processor: A service provider that processes personal data on behalf of the controller.
• Contact data: Information used to contact a person or organisation, such as name, email address, telephone number or postal address.
• Usage data: Information about how a website or online service is used, such as pages viewed, access times, interactions and technical device information.
• Log data: Technical records generated by servers, systems or applications, for example IP addresses, timestamps, browser information and access events.
• Cookies: Small text files stored on a user's device that enable website functionality, preferences, analytics or similar functions.
• International data transfer: The disclosure or accessibility of personal data to recipients in countries outside Switzerland or the European Economic Area.