Privacy Policy

Last updated: 11.06.2025

1. Who We Are

This privacy policy explains how we handle your personal information. The entity responsible for your data is:

Bugscale SA
Route de Denges 28D
1027 Lonay, Switzerland
Email: contact@bugscale.ch
Phone: +41 21 903 1337

2. Information We Collect

2.1 Information You Share With Us

When you interact with our services, you may provide us with:

  • Your name, email address, and phone number when reaching out to us
  • Business details when requesting cybersecurity consultations
  • Message content in emails or contact forms
  • Additional details you choose to share during our communications

2.2 Technical Information We Gather

Our website automatically collects certain technical data to help us understand how visitors use our site and improve their experience.

This includes:

  • Your device's IP address (anonymized for privacy)
  • Web browser type and version
  • Device operating system
  • Which pages you visit and how long you stay
  • The website that referred you to us
  • Your approximate location (country/region level only)

3. Why We Process Your Information

Legitimate Business Interests

We analyze website usage to enhance user experience and operate our cybersecurity business effectively.

Your Consent

When you contact us, you're giving us permission to use your information to respond and assist you.

Service Delivery

We process data necessary to provide the cybersecurity services you've requested from us.

4. How We Use Your Information

Communication & Support

  • Answer your questions and provide assistance
  • Deliver cybersecurity consulting services
  • Follow up on service inquiries

Website Improvement

  • Understand how visitors navigate our site
  • Identify popular content and services
  • Optimize website performance and design

Legal & Security

  • Meet legal and regulatory requirements
  • Protect against fraudulent activities
  • Maintain security of our systems

Business Operations

  • Analyze market trends and demands
  • Improve our service offerings
  • Make informed business decisions

5. Website Analytics with Matomo

Privacy-First Analytics

We use Matomo Analytics, a privacy-focused alternative to traditional analytics tools. Matomo is developed by InnoCraft Ltd (New Zealand) and prioritizes user privacy by design.

What Makes Matomo Different:

  • No Data Sharing: Analytics data stays exclusively with us
  • IP Anonymization: Your IP address is masked before any data storage
  • Cookie-Free Option: Can function without tracking cookies
  • GDPR Compliant: Built with European privacy standards in mind

Data We Collect Through Matomo:

  • Visitor count and session duration
  • Pages viewed and navigation patterns
  • Traffic sources and referral websites
  • Device and browser information (anonymized)
  • General geographic region (not precise location)

Opt-out: You can disable Matomo tracking at any time by adjusting your browser's cookie settings. This will not affect your ability to use our website.

6. When We Share Your Information

We believe in keeping your data private. We never sell or rent your personal information to third parties. We only share data in these specific situations:

1

Trusted Service Partners

Essential third-party services that help us operate our website and business (like hosting providers or email services)

2

Legal Obligations

When required by law enforcement, court orders, or regulatory authorities

3

Security Protection

To safeguard our business, users, or the public from fraud, abuse, or security threats

4

With Your Permission

When you explicitly authorize us to share your information for specific purposes

7. How Long We Keep Your Information

Contact & Communication Data

Kept for the duration needed to fulfill your requests and provide ongoing support, typically until you ask us to delete it or it's no longer relevant.

Matomo Analytics Data

Automatically purged after 24 months to ensure we only keep recent, relevant usage patterns.

Business Records

Maintained for up to 7 years to comply with Swiss business record-keeping requirements and tax obligations.

We conduct regular reviews to ensure we're not holding onto data longer than necessary.

8. Your Privacy Rights

Swiss data protection law and GDPR give you significant control over your personal information. Here's what you can do:

Access & Transparency

  • • See what personal data we have about you
  • • Get a copy of your information
  • • Understand how we use your data
  • • Receive data in a portable format

Control & Correction

  • • Update incorrect or outdated information
  • • Request deletion of your data
  • • Limit how we process your information
  • • Complete erasure of your records

Objection & Withdrawal

  • • Object to certain data processing
  • • Withdraw consent you've previously given
  • • Opt out of analytics tracking
  • • Stop marketing communications

Legal Protection

  • • File complaints with data protection authorities
  • • Seek legal remedies if rights are violated
  • • Request compensation for damages
  • • Get independent legal advice

How to Exercise Your Rights

Contact us at contact@bugscale.ch to exercise any of these rights. We'll respond within 30 days and may ask you to verify your identity to protect your privacy.

Most requests are free, but we may charge a reasonable fee for excessive or repetitive requests.

9. How We Protect Your Data

As cybersecurity specialists, we apply the same rigorous security standards to protect your personal data that we recommend to our clients:

Encryption

All data is encrypted both when stored and when transmitted between systems

Access Controls

Strict authentication and authorization measures limit who can access your information

Regular Updates

Continuous security monitoring, updates, and vulnerability assessments

Additional Security Measures:

  • Secure hosting infrastructure
  • Regular security training for staff
  • Incident response procedures
  • Data breach notification protocols
  • Regular security audits and assessments
  • Backup and disaster recovery systems

10. International Data Handling

Matomo Analytics (New Zealand)

Matomo is operated by InnoCraft Ltd in New Zealand, which maintains strong data protection standards. Unlike many analytics services, Matomo allows us to keep all analytics data processing within privacy-friendly jurisdictions.

Our Commitment

We carefully evaluate any service providers to ensure they meet Swiss and EU data protection standards. When data must be transferred internationally, we use appropriate safeguards like standard contractual clauses or adequacy decisions.

11. Cookies and Website Tracking

Minimal Cookie Usage

Our website uses very few cookies, and only those necessary for analytics and functionality. We don't use advertising cookies or tracking pixels from social media platforms.

Cookies We Use:

Matomo Analytics Cookies

_pk_id: Recognizes returning visitors (expires after 13 months)

_pk_ses: Tracks current session (expires after 30 minutes)

Purpose: Help us understand website usage patterns while respecting your privacy

Essential Website Cookies

We may use essential cookies for website functionality, security, and user preferences. These are necessary for the site to work properly.

Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to:

  • View and delete existing cookies
  • Block cookies from specific websites
  • Block all cookies (may affect website functionality)
  • Get notified when cookies are set

12. Protection of Minors

Age Restrictions

Our cybersecurity services are designed for businesses and adults. We do not knowingly collect personal information from individuals under 16 years of age.

If we discover that we have inadvertently collected data from a minor, we will delete such information immediately. Parents or guardians who believe their child's information has been collected should contact us right away.

13. Updates to This Policy

We may update this privacy policy periodically to reflect changes in our practices, technology, legal requirements, or business operations.

How We'll Notify You:

  • • Update the "Last updated" date at the top of this page
  • • Post the revised policy on our website

We encourage you to review this policy periodically. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

14. Get in Touch

Have questions about this privacy policy or how we handle your data? We're here to help and committed to transparency.

Email

contact@bugscale.ch

Phone

+41 21 903 1337

Address

Route de Denges 28D
1027 Lonay, Switzerland

Response Time: We aim to respond to all privacy-related inquiries within 48 hours, and formal data protection requests within 30 days as required by law.

Data Protection Authority

If you're not satisfied with how we've handled your privacy concerns, you have the right to file a complaint with the relevant data protection authority.

Swiss Authority

Federal Data Protection and Information Commissioner (FDPIC)

www.edoeb.admin.ch

EU Residents

Contact your local data protection authority

Find your local authority