Everybodys got a right to privacy 

Privacy Policy

At MASSIF Web Studio (collectively, “us,” “we” and “our”), we are committed to protecting the privacy and security of your personal information.

1. Contact Address

MASSIF Web Studio
Yves Torres
St.-Christoph-Str. 8
5400 Baden
studio@massif.ch

We will indicate if there are other persons responsible for processing personal data in specific cases.

2. Terms & Legal Bases

2.1 Terms

Personal data refers to all information related to a specific or identifiable natural person. An affected person is an individual whose personal data we process.

Processing includes any handling of personal data, regardless of the means or methods used, such as querying, aligning, adjusting, archiving, storing, retrieving, disclosing, acquiring, recording, collecting, deleting, revealing, arranging, organizing, saving, altering, disseminating, linking, destroying, or using personal data.

2.2 Legal Bases

We process personal data in compliance with Swiss data protection law, particularly the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP).

3. Type, Scope, and Purpose

We process personal data necessary to carry out our activities reliably, securely, and user-friendly. Such data may include categories such as basic and contact details, browser and device data, content data, metadata, usage data, contract, and payment details.

Personal data is processed for as long as needed for the respective purpose or as legally required. Data no longer needed will be anonymized or deleted.

We may process personal data through third parties or jointly with them. These are specialized providers whose services we use, and we ensure data protection even when involving third parties.

We process personal data only with consent unless otherwise legally permitted, such as fulfilling contracts, safeguarding our legitimate interests, or when evident from the circumstances.

This includes data provided voluntarily by the individual, e.g., through email, phone, or messaging. If data about others is shared with us, the sharer must ensure its accuracy and compliance with privacy laws.

We also process publicly available or third-party data, provided it complies with legal standards.

4. Applications

We process applicant data necessary to assess suitability for employment or to manage employment contracts. This includes data from applications, such as resumes and online profiles, as well as additional data applicants provide voluntarily.

5. Personal Data Abroad

We fundamentally process personal data in Switzerland. However, in exceptional cases and with your consent, we may disclose or export personal data to other countries, particularly to process or have it processed there.

We may disclose personal data to any countries and territories on Earth, provided that their laws ensure adequate data protection as determined by the Swiss Federal Council.

We may disclose personal data to countries whose laws do not ensure adequate data protection if adequate protection is guaranteed by other means. Adequate protection may be ensured, for example, through appropriate contractual agreements, based on standard data protection clauses, or other suitable safeguards.

In exceptional cases, we may export personal data to countries without adequate or suitable data protection if the specific requirements of data protection law are met, such as the explicit consent of the affected individuals or a direct connection with the conclusion or execution of a contract.

Upon request, we are happy to provide affected individuals with information about any safeguards or supply a copy of the safeguards.

6. Rights of Affected Individuals

6.1 Data Protection Claims

We grant affected individuals all claims in accordance with applicable data protection laws. Affected individuals, in particular, have the following rights:

• Access: Affected individuals may request information on whether we process personal data about them and, if so, what personal data is being processed. They will also receive information necessary to assert their data protection claims and ensure transparency. This includes the personal data being processed as well as details about the purpose of processing, the duration of retention, any disclosure or export of data to other countries, and the origin of the personal data.
• Correction and Restriction: Affected individuals may request the correction of inaccurate personal data, the completion of incomplete data, and the restriction of data processing.
• Deletion and Objection: Affected individuals may request the deletion of personal data ("right to be forgotten") and object to the processing of their data with future effect.
• Data Provision and Transfer: Affected individuals may request the provision of their personal data or the transfer of their data to another responsible party.

We may postpone, restrict, or deny the exercise of affected individuals' rights within the legally permissible framework. We may inform affected individuals of any prerequisites for exercising their data protection claims. For example, we may fully or partially deny access by referring to business secrets or the protection of other persons. Similarly, we may fully or partially deny the deletion of personal data by referencing legal retention obligations.

We may, in exceptional cases, impose costs for the exercise of rights. Affected individuals will be informed in advance of any potential costs.

We are obligated to reasonably identify affected individuals who request information or assert other rights. Affected individuals are required to cooperate in this process.

6.2 Right to Lodge a Complaint

Affected individuals have the right to enforce their data protection claims through legal proceedings or to lodge a complaint with a competent data protection supervisory authority.

The data protection supervisory authority for private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

7. Data Security

We take appropriate technical and organizational measures to ensure data security that is proportionate to the respective risk. However, we cannot guarantee absolute data security.

Access to our website is secured via transport encryption (SSL/TLS, particularly using Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.

Our digital communication is subject – as is essentially all digital communication – to mass surveillance without cause or suspicion, as well as other monitoring by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We have no direct influence over the processing of personal data by intelligence agencies, police forces, or other security authorities.

8. Use of the Website

8.1 Cookies

We may use cookies. Cookies – both our own (first-party cookies) and those from third parties whose services we use (third-party cookies) – are data stored in the browser. Such stored data is not necessarily limited to traditional text-based cookies.

Cookies can be temporarily stored in the browser as "session cookies" or for a specified period as so-called permanent cookies. "Session cookies" are automatically deleted when the browser is closed. Permanent cookies have a specific storage duration. Cookies enable, among other things, the recognition of a browser during the next visit to our website, allowing, for example, the measurement of our website’s reach. Permanent cookies can also be used for online marketing purposes.

Cookies can be disabled or partially deleted in the browser settings at any time. Without cookies, our website may no longer be fully available. We explicitly request your consent for the use of cookies – at least insofar as it is required.

For cookies used for performance and reach measurement or advertising, a general opt-out is available for many services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

8.2 Server Log Files

We may collect the following information for each access to our website, provided it is transmitted by your browser to our server infrastructure or can be determined by our web server: date and time, including time zone; Internet Protocol (IP) address; access status (HTTP status code); operating system, including interface and version; browser, including language and version; accessed subpage of our website, including data volume transferred; and the last webpage visited in the same browser window (referer or referrer).

We store such information, which may also constitute personal data, in server log files. This information is necessary to provide our website in a permanent, user-friendly, and reliable manner and to ensure data security – particularly the protection of personal data – even through third parties or with the help of third parties.

Technology

9.1 Digital Infrastructure

We use services from specialized third parties to access the digital infrastructure required for our activities and operations. This includes, for example, hosting and storage services from selected providers.

We specifically use:

• Vercel Inc.: Hosting; provider: Vercel Inc. (USA); privacy information: Privacy Policy.

9.2 Audio and Video Conferences

We use specialized services for audio and video conferences to communicate online. This allows us to hold virtual meetings or conduct online courses and webinars, for example. Additional terms of use and privacy policies apply for participation in audio and video conferences, depending on the service used.

We recommend muting your microphone by default and either blurring your background or using a virtual background, depending on your situation.

We specifically use:

• Microsoft Teams: Platform for audio and video conferences; provider: Microsoft; Teams-specific information: “Privacy and Microsoft Teams”.
• Zoom: Video conferencing; provider: Zoom Video Communications Inc. (USA); privacy information: Privacy Policy, “Privacy at Zoom”, “Legal Compliance Center”.

10. Final Provisions

We may adjust and supplement this privacy policy at any time. We will inform you about such changes in an appropriate manner, particularly by publishing the latest version of the privacy policy on our website.

Baden, 09.01.25