Privacy Policy

Privacy Policy

We attach great importance to the protection of your personal data. With this Privacy Policy, we would like to comprehensively inform you about which data we collect in connection with your visit to our website https://aiara.ch, for what purposes this data is processed, and what rights you have as a data subject.

Personal data comprises all information that relates to an identified or identifiable natural person -- for example, your name, your address, your email address, or your usage behaviour on our website.

Our data protection practices are guided by the applicable legal provisions, in particular the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation of the European Union (GDPR), insofar as it is applicable to our data processing activities. The following explanations serve to fulfil our information obligations under Art. 19 et seq. FADP and Art. 13 et seq. GDPR.

Controller

The data protection responsibility for the data processing carried out via this website lies with:

Sidora AG
Sulzeralle 70
8404 Winterthur
Switzerland

Email: support@sidora.ch
Phone: +41 44 500 25 55
Website: aiara.ch
Commercial register/UID: CHE-295.753.613

As the controller, we determine the purposes and means of data processing within the meaning of Art. 5 let. j FADP.

Data Protection Officer

For questions and concerns regarding data protection, our Data Protection Officer is available to assist you. You can reach them using the following contact details:

Sidora AG

Email: info@sidora.ch

Technical Provision of the Website and Server Log Files

When you access our website, our hosting system automatically collects and stores technical access data that your device (computer, smartphone, tablet, etc.) transmits to our server. This data is technically essential for delivering and displaying the website content.

Specifically, the following data is collected:

  • Type and version of the web browser you are using
  • Operating system of your device
  • The Internet Protocol address (IP address) of your internet connection
  • Date, time, and time zone of the page access
  • Pages, files, and resources accessed on our website
  • The URL of the referring page (referrer URL), if you reached our website via an external link
  • HTTP status code (success or failure of the request)
  • Volume of data transferred
  • Hostname of the accessing computer

This data is stored in the log files of our server. As a general rule, this technical data is not merged with other personal data collected separately, so that we do not draw conclusions about individual persons.

Legal basis: Processing is based on our legitimate interest in the technically flawless provision and security of our website (Art. 6 para. 1 FADP; Art. 31 para. 1 FADP; Art. 6 para. 1 let. f GDPR).

Processing purpose: The temporary storage of technical access data is necessary to deliver the website to your device, to ensure compatibility and functionality, to detect and prevent unauthorised access and cyber attacks, and to ensure system stability and security.

Storage duration: The collected access data is deleted after the technical necessity has expired, but no later than three months, unless further retention is required for security reasons or due to statutory provisions.

Hosting: Our website is hosted by Sidora AG. In the context of hosting, the aforementioned data is processed on our behalf.

Contact via Contact Forms

On our website, we provide you with one or more contact forms through which you can get in touch with us. When you use one of these forms, the data you enter -- in particular your name, your email address, and the content of your message -- is transmitted to us and stored.

Legal basis: Processing of your information is based on our legitimate interest in responding to your enquiry (Art. 6 para. 1 FADP; Art. 6 para. 1 let. f GDPR). If your contact is aimed at concluding or performing a contract, the initiation or performance of the contract also constitutes the legal basis (Art. 31 para. 2 let. a FADP; Art. 6 para. 1 let. b GDPR).

Processing purpose: The data submitted via the contact form is used exclusively to process and respond to your specific enquiry. You may receive a confirmation email from us acknowledging receipt of your enquiry.

Storage duration: Your contact data will be deleted once the processing of your enquiry is complete and no further factual connection requires retention, unless statutory retention obligations prevent deletion.

Voluntariness: The use of our contact forms is voluntary. You also have the option of reaching us via the alternative contact channels indicated on our website at any time. The fields marked as mandatory in the form are required for us to properly process your enquiry; without this information, processing may not be possible.

Newsletter and Email Communication

On our website, you have the option of subscribing to our newsletter. For this purpose, we require your email address and, where applicable, additional contact information that you enter in the registration form.

For registration, we use the so-called double opt-in procedure: after entering your email address, you will receive a confirmation message with an activation link. Your registration only becomes effective once you click this link. This procedure serves to verify that the registration was indeed made by the owner of the specified email address.

For sending our newsletter, we use the service Brevo. In this context, your email provider receives your registration data for the purpose of sending on our behalf.

Legal basis: The legal basis for processing is your express consent pursuant to Art. 6 para. 6 FADP and Art. 6 para. 1 let. a GDPR, which you granted by completing the double opt-in procedure.

Processing purpose: We use your data exclusively for sending the newsletter, in which we inform you about our services, news, and relevant topics.

Withdrawal and unsubscription: You may unsubscribe from the newsletter at any time by clicking the unsubscribe link at the end of each newsletter edition or by contacting us directly. After unsubscription, your data will be deleted immediately, unless statutory retention obligations prevent this.

Protected Area and User Accounts

Our website offers a protected area that is only accessible after prior registration or login. In the course of account creation and use of the protected area, we process your registration and login data (in particular email address or username and password).

Legal basis: Processing is carried out for the purpose of contract performance or for the implementation of pre-contractual measures (Art. 31 para. 2 let. a FADP; Art. 6 para. 1 let. b GDPR).

Processing purpose: Your access data is needed to verify your authorisation to access the protected area and to provide you with the corresponding content and features.

Storage duration: Your account data will be retained for as long as you maintain an active user account with us. After deletion of the account, the data will be promptly removed, unless further retention is required for legal reasons.

Voluntariness: Creating a user account is voluntary. Without registration, however, the protected content cannot be viewed; the remaining areas of our website remain fully accessible.

Orders and Purchase Processing

When you order products or services through our website, we collect the data necessary for the performance of the purchase contract. This includes in particular your name, your address, your email address, and the information required for payment processing and delivery.

Payment processing: For payment processing, we work with the following payment service providers: Stripe. During the payment process, the data required for this purpose is transmitted directly to the respective service provider. The service provider's own privacy policy applies to data processing by the payment service provider.

Legal basis: Processing is necessary for the performance of the purchase contract concluded with you (Art. 31 para. 2 let. a FADP; Art. 6 para. 1 let. b GDPR).

Processing purpose: We process your order data exclusively for the purpose of fulfilling your order, including delivery, invoicing, and, where applicable, complaint handling.

Storage duration: The data will be deleted after full performance of the contractual relationship, unless commercial or tax retention obligations prevent this. As a rule, the statutory retention period is ten years.

Live Chat Function

Our website provides a live chat function through which you can communicate with us in real time. When using the chat, the messages you enter and, where applicable, your name are stored.

For the provision of the live chat, we use the service Odeo. When using the chat, data is transmitted to the service provider on our behalf.

Legal basis: Art. 6 para. 1 FADP (legitimate interest); Art. 6 para. 1 let. f GDPR.

Processing purpose: The chat content is used exclusively to process your enquiry.

Storage duration: Chat histories are deleted after the conversation has ended and your enquiry has been processed, unless statutory retention obligations apply.

Voluntariness: Use of the live chat is voluntary. Alternatively, you can reach us via the other contact channels indicated on our website.

Web Analytics via Google Analytics

This website uses Google Analytics, an analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses cookies that enable a statistical analysis of your usage behaviour on our website.

In the context of using Google Analytics, data such as your (anonymised) IP address, pages visited, time spent, device and browser used, and the origin of your website visit is transmitted to Google servers. We use Google Analytics with IP anonymisation enabled, so that your IP address is truncated beforehand within the Member States of the European Union or the European Economic Area.

A transfer to servers of Google LLC in the United States cannot be excluded. Google is certified under the EU-US Data Privacy Framework (verifiable at https://www.dataprivacyframework.gov/list).

Legal basis: Data processing is based on your consent (Art. 6 para. 6 FADP; Art. 6 para. 1 let. a GDPR), which you granted via our cookie notice.

Processing purpose: We use Google Analytics to analyse and improve our online offering. The statistics generated enable us to optimise our website and adapt it to the needs of our visitors.

Withdrawal: You may withdraw your consent at any time with effect for the future by adjusting your cookie settings on our website. In addition, you can prevent data collection by Google Analytics by installing the browser add-on for the deactivation of Google Analytics (available at https://tools.google.com/dlpage/gaoptout).

For further information, please refer to Google's Privacy Policy at https://policies.google.com/privacy.

Use of Cookies and Similar Technologies

Our website uses so-called cookies as well as comparable storage technologies (e.g. Local Storage, Session Storage). Cookies are small text files that your web browser stores on your device when you visit our website. They contain a characteristic string that enables unique identification of your browser upon a subsequent visit.

We distinguish between the following cookie categories:

Necessary cookies: These cookies are essential for the technically flawless operation of our website. They enable basic functions such as page navigation and access to protected areas. Without these cookies, the website cannot function properly. These cookies are set without your prior consent.

Functional cookies: Functional cookies enable enhanced functionalities and personalisation, such as saving your language settings or regional preferences. Without these cookies, certain convenience features may not be available.

Analytics cookies: These cookies allow us to statistically record and analyse the use of our website. The insights gained are used to continuously improve our offering and adapt it to the needs of our visitors.

Marketing cookies: Marketing cookies are used to display relevant advertising to visitors. They track user behaviour across different websites and enable advertisers to deliver targeted advertisements.

A detailed list of the cookies used on our website, including provider, purpose, and storage duration, can be found in our cookie settings.

Legal basis: We set necessary cookies based on our legitimate interest (Art. 6 para. 1 FADP; Art. 6 para. 1 let. f GDPR). For all other cookies, we obtain your express consent (Art. 6 para. 6 FADP; Art. 6 para. 1 let. a GDPR).

Management and withdrawal: You may view and change your cookie settings at any time via the cookie management dialogue provided on our website. In addition, you have the option of blocking cookies in whole or in part or deleting cookies already stored in your browser settings. Please note that this may restrict the functionality of our website.

Storage Duration and Overview of Cookies Used

The cookies listed below are stored in your browser until they are deleted or -- in the case of session cookies -- until the browser session is ended. The list provides you with an overview of all cookies used on our website, their provider, purpose, legal basis, storage duration, and category.

If cookies have been set based on your consent, you may withdraw your consent at any time in the cookie settings of our cookie banner. You can access the cookie settings via the cookie icon on our website.

Google Consent Mode

Our website implements Google Consent Mode (Version 2), which controls the operation of the Google services used depending on your consent status. As long as you have not given your consent, all Google services requiring consent operate in a restricted mode in which no personal data is collected and no cookies are set.

If you grant your consent for certain cookie categories, Google is informed accordingly and the respective services are fully activated. If you withdraw your consent, the affected services are immediately returned to restricted mode.

Disclosure of Personal Data to Third Parties

As a general rule, we treat your personal data confidentially and only disclose it insofar as this is necessary for the purposes described in this Privacy Policy or you have consented thereto.

Disclosure may occur in the following cases:

  • To service providers commissioned by us (processors) who process data on our behalf and according to our instructions -- for example, hosting providers, email delivery services, or IT service providers.
  • To third parties insofar as we are legally obliged to do so or this is necessary to enforce our legal claims -- for example, vis-a-vis law enforcement authorities, courts, or supervisory authorities.
  • In the context of the use of external services and tools integrated into our website, as described in the preceding sections of this Privacy Policy.

Data Security

We employ appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, loss, or destruction. Our security measures are continuously adapted to technological developments.

Our website uses SSL/TLS encryption for the transmission of data between your browser and our server. You can recognise an encrypted connection by the padlock symbol in your browser's address bar and by the address bar beginning with "https://".

Please note that communication by email without additional encryption is not fully secured. For confidential information, we therefore recommend postal mail or encrypted email communication.

Storage Duration and Your Rights as a Data Subject

General storage duration: We retain your personal data only for as long as is necessary for the achievement of the respective processing purposes or as prescribed by statutory retention obligations. Subsequently, the data is deleted or further processed in anonymised form.

Your rights: As a data subject, you have the following rights under applicable data protection law:

Right of access (Art. 25 FADP; Art. 15 GDPR): You may request information at any time as to whether and which personal data we process about you, as well as further information about the processing.

Right to rectification (Art. 32 para. 1 FADP; Art. 16 GDPR): You have the right to request the rectification of inaccurate data or the completion of incomplete data.

Right to erasure (Art. 17 GDPR): Under certain conditions, you may request the erasure of your personal data -- in particular if the data is no longer necessary for the original processing purpose, you have withdrawn your consent, or the data has been processed unlawfully.

Right to data portability (Art. 28 FADP; Art. 20 GDPR): You may request that we provide you with the data concerning you in a commonly used, machine-readable format or transfer it to another controller.

Right of withdrawal: Insofar as data processing is based on your consent, you may withdraw it at any time with effect for the future. Processing carried out prior to the withdrawal remains unaffected.

Exercising your rights: To exercise your rights, please contact:

Aiara (Sidora AG)
Email: support@aiara.ch
Phone: +41 44 500 25 55

Right to lodge a complaint: You also have the right to lodge a complaint with the competent data protection supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC), accessible at https://www.edoeb.admin.ch. In addition, you may contact the competent data protection authority in your EU/EEA Member State.

Notes on this Privacy Policy

Validity and updates: We reserve the right to update this Privacy Policy at any time to adapt it to changed legal requirements, new technical circumstances, or extensions of our offering. The version published at the time of your website visit shall apply in each case. We recommend that you review this Privacy Policy regularly.

Responsibility of the website operator: This Privacy Policy was generated automatically based on information provided by the website operator. The website operator is responsible for the accuracy, completeness, and currency of the information contained in this Privacy Policy. This applies in particular to the correct disclosure of services used, cookies, and data processing activities, as well as the consistency of this information with the actual practices on the website. The use of automatically generated legal texts does not replace individual legal advice. The website operator is advised to have the Privacy Policy reviewed by a qualified person to ensure compliance with the applicable data protection regulations.

Last updated: 05.04.2026