Sign in Subscribe

Privacy Policy

Last updated: March 19, 2026

1. Introduction

Ivan Steiner and Justin Boucher ("we", "us", or "our") operate the website swissfluent.ch. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or use our services, in accordance with the Swiss Federal Act on Data Protection (FADP), the Swiss Data Protection Ordinance (DPO), and the European General Data Protection Regulation (GDPR).

2. Data Controller

Justin Boucher, Zurich, Switzerland

3. Data We Collect

3.1 Newsletter Subscription Data

When you subscribe to our newsletter or create a free membership account via our website, we collect:

  • Name
  • Email address
  • Date and time of subscription

This data is collected based on your explicit consent (Art. 6(1)(a) GDPR / Art. 31 FADP).

3.2 Website Analytics Data

We use Tinybird, a privacy-focused analytics platform, to understand how visitors use our website. Tinybird does not use cookies and does not track individual users across websites. The following anonymised data may be collected:

  • Pages visited and time of visit
  • Referring website (how you arrived at our site)
  • General device and browser information (e.g., browser type, screen resolution)
  • Approximate geographic location (country/region level, derived from anonymised IP address)

IP addresses are not stored in a personally identifiable form. This data is collected based on our legitimate interest in improving our website (Art. 6(1)(f) GDPR / Art. 31(1) FADP).

3.3 Server Log Data

Our hosting provider, Hetzner Online GmbH, automatically collects technical data when you access our website, including:

  • IP address (anonymised)
  • Date and time of access
  • Requested URL
  • HTTP status code
  • Browser type and operating system

This data is necessary for the secure operation of the website and is processed based on our legitimate interest (Art. 6(1)(f) GDPR).

3.4 Email Communications

When we send transactional emails (e.g., subscription confirmations) or newsletters, the following service providers process your data on our behalf:

  • Mailgun: Transactional email and newsletter delivery

These providers may process your email address, email open/click data, and related metadata solely for the purpose of delivering our communications.

4. Cookies and Embedded Content

Our website does not use tracking cookies, advertising cookies, or third-party analytics cookies. Our analytics solution (Tinybird) operates without cookies.

Essential technical cookies may be set by our content management system (Ghost) solely for the purpose of enabling core website functionality such as membership authentication. These are strictly necessary and do not require consent under the FADP or the ePrivacy Directive.

Embedded YouTube Videos

We embed videos from YouTube using YouTube's privacy-enhanced mode (youtube-nocookie.com). In this mode, YouTube does not set cookies or collect personal data until you actively click to play a video. Once you interact with an embedded video, YouTube may set cookies and process data in accordance with Google's Privacy Policy (https://policies.google.com/privacy). This data processing is governed by Google's terms, and we have no control over it.

5. How We Use Your Data

We use the collected data exclusively for the following purposes:

  • Delivering newsletters and content updates you have subscribed to
  • Analysing website usage to improve content and user experience
  • Ensuring the security and technical operation of our website
  • Complying with legal obligations

We do not use your data for automated decision-making or profiling.

6. Data Sharing and Third-Party Processors

We share personal data only with the following categories of service providers, who process data strictly on our behalf and under contractual obligations:

Service Provider Purpose Location
Hetzner Online GmbH Website hosting EU
Tinybird.co Website analytics EU
Mailgun.com Newsletter delivery EU
Google LLC (YouTube) Embedded video content US (EU SCCs in place)
Ghost Foundation Content management system Self-hosted in the EU
Tally.so Survey platform EU
Make.com Automation platform US/EU (SCCs in place)

We do not sell, rent, or trade your personal data to any third party for marketing or advertising purposes.

7. International Data Transfers

Where data is processed outside of Switzerland or the EU/EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission or adequacy decisions by the Swiss Federal Council or the European Commission.

8. Data Retention

  • Subscription/membership data: Retained for as long as you remain subscribed. Upon unsubscribing, your data is deleted within 30 days.
  • Analytics data: Stored in aggregated, non-identifiable form. No individual user data is retained.
  • Server logs: Logs are retained on a rolling basis and deleted automatically.
  • YouTube data: Governed by Google's data retention policies. We do not store any data from YouTube interactions.

9. Your Rights

Under the FADP and the GDPR, you have the following rights:

  • Right of access: Request information about what personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data.
  • Right to restrict processing: Request that we limit how we use your data.
  • Right to data portability: Receive your data in a structured, commonly used format.
  • Right to object: Object to the processing of your data based on legitimate interests.
  • Right to withdraw consent: Withdraw your consent to data processing at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

To exercise any of these rights, contact us at:

We will respond to your request within 30 days. If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

  • Switzerland: Federal Data Protection and Information Commissioner (FDPIC), https://www.edoeb.admin.ch
  • EU: The supervisory authority of your country of residence

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include SSL/TLS encryption, access controls, regular security updates, and secure hosting infrastructure within the EU.

11. Children's Privacy

Our website is not directed at children under the age of 16. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will take steps to delete such data promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

13. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us at: