1. Controller and Scope of Application

We, Modus Consulting (details see Imprint), are the Controller within the meaning of applicable Swiss data protection law (nDSG); to the extent the GDPR is applicable in individual cases, it applies supplementary. This notice informs about the processing of personal data in connection with the operation of this website, communication, and the provision of our consulting services.

2. Categories of Personal Data

Data processed includes, in particular:

• Usage and log data (e.g., IP address, date/time, pages viewed, user agent).
• Communication and contact data (e.g., name, business email, telephone number, content of inquiries).
• Data related to appointment scheduling (e.g., date, time, contact details), provided such functions are used.
• Contract/billing data, to the extent necessary for quotation, contract, and execution.

3. Purposes and Legal Bases

Processing is carried out for the following purposes; the legal bases are provided supplementarily where the GDPR is applicable:

• Operation and security of the website (legitimate interest, Art. 6 Para. 1 lit. f GDPR).
• Communication, quotation preparation, contract performance (pre-contractual/contractual, Art. 6 Para. 1 lit. b GDPR).
• Appointment scheduling via integrated tools (if used, Art. 6 Para. 1 lit. b GDPR).
• Compliance with legal obligations (e.g., statutory retention obligations, Art. 6 Para. 1 lit. c GDPR).
• Consent-based processing (e.g., optional cookies/analytics) only after consent (Art. 6 Para. 1 lit. a GDPR).

In doing so, we observe the principle of data minimization.

4. Hosting, Data Processing by Order and Services Used

• Website platform/Hosting: Operation via WordPress.com (Automattic). To the extent Automattic acts as a processor, corresponding agreements are in place (e.g., Data Processing Agreements).
• Appointment scheduling (if integrated): external appointment service (e.g., Calendly). If used, the provider processes the necessary data; contractual/data protection safeguards are in place (e.g., Data Processing Agreements).
• Other potential recipients (situational): IT service providers, tax consultancy/accounting, legal advice – each on an appropriate legal basis and, where required, with a data processing agreement. A current overview of service providers can be provided upon request.

5. Transfers to Third Countries

In the case of processing by service providers outside Switzerland or the EU/EEA (e.g., USA), appropriate safeguards are used, in particular EU Standard Contractual Clauses (SCCs) and – where required – additional measures to ensure an adequate level of protection.

6. Storage Duration

Personal data is stored only for as long as necessary for the respective purposes or as long as statutory retention obligations exist. Communication data without contractual relation are reviewed and deleted at reasonable intervals; contract/billing data are retained in accordance with commercial and tax law requirements.

7. Rights of Data Subjects

Subject to statutory requirements, rights exist in particular to information, rectification, erasure, restriction, data portability, objection to processing based on legitimate interests, and withdrawal of granted consent with effect for the future. The competent supervisory authority in Switzerland is the FDPIC; in the EU/EEA area, it is the locally competent data protection authority. Contact for data protection concerns: see Imprint (email address and postal address).

8. Cookies, Embedded Content, and Analytics

Technically necessary cookies are used to enable the operation and basic functions of the website. Optional technologies (e.g., analytics, marketing cookies, convenience integrations) are used only after prior consent; information on the purpose, provider, storage duration, and withdrawal/opt-out is provided in the consent dialogue. For embedded third-party content (e.g., appointment widget), data transmission to the provider may occur as early as when the element is loaded. A notice is provided at the integration point; if required, integration only occurs after consent.

9. Data Security

Technical and organizational measures are implemented to secure the data (including access restrictions, encryption, authorization concepts, logging). Service providers are carefully selected and contractually obligated to adhere to appropriate security standards.

10. Necessity of Provision

The provision of certain data is necessary for the operation of the website and the processing of inquiries. Without necessary information, functions may be limited or inquiries may not be processed.

11. External Links

References to external websites lead to third-party content, for which the respective providers are responsible. Their privacy and terms of use apply.

12. Disclaimer

The contents of this website serve as general information about our consulting services and do not constitute legal, tax, or other professional advice. Despite careful maintenance, we assume no liability for the topicality, completeness, and correctness. Only individually concluded contracts are binding.

13. Copyright

All content published on the website (texts, graphics, layouts) is subject to copyright. Any use beyond statutory limits requires our prior consent.

14. Update of this Notice

This notice will be adjusted as needed, e.g., in case of legal changes or the use of additional services. Status: October 2, 2025.