Privacy Policy - Automatiqa GmbH

1. Controller

Automatiqa GmbH
Switzerland
Email: automate@automati.qa
Phone: +41 76 455 24 41

Automatiqa GmbH is the data controller responsible for the processing of your personal data under the Swiss Federal Act on Data Protection (nFADP, effective 1 September 2023) and the EU General Data Protection Regulation (GDPR).

2. Data We Collect

2.1 Data You Provide

When you use our contact form, chat with Synthax, or communicate with us:

• Name and email address
• Company name and role
• Phone number (optional)
• Message content

2.2 Data Collected Automatically

When you visit automati.qa, we may collect:

• IP address (anonymised where possible)
• Browser type and operating system
• Pages visited and time on site
• Referral source
• Country-level location

2.3 Cookies

Essential cookies: Required for site functionality. No consent needed.

Analytics cookies: Used to understand visitor behaviour. Loaded only with your consent. We currently do not use third-party analytics services. If this changes, this policy will be updated.

3. Legal Basis for Processing

We process personal data on the following grounds (Art. 6 GDPR / Art. 31 nFADP):

• Consent - for optional cookies and marketing communications
• Performance of a contract - to respond to inquiries and deliver consulting services
• Legitimate interest - to improve our website and protect against misuse
• Legal obligation - to comply with Swiss and EU law

4. How We Use Your Data

• Respond to your inquiries and provide consulting services
• Send service-related communications (with consent for marketing)
• Improve website functionality and user experience
• Prevent fraud and ensure security
• Meet legal and regulatory obligations

We do not sell your personal data. We do not share it with third parties for their own marketing purposes.

5. Data Sharing

We share data only with:

• Hosting provider (Hetzner, Germany) - for website infrastructure
• Email provider - for transactional communications
• Legal authorities - when required by law

All processors are bound by data processing agreements that meet GDPR and nFADP requirements.

6. International Transfers

Automatiqa GmbH is based in Switzerland. Switzerland has an adequacy decision from the European Commission. If data is transferred outside Switzerland/EEA, we ensure safeguards via Standard Contractual Clauses (SCCs) or adequacy decisions.

7. Data Retention

• Contact form submissions: 3 years after last contact, then deleted
• Analytics data: maximum 13 months
• Contractual data: 10 years after contract end (Swiss commercial law, Art. 958f OR)

8. Your Rights

Under GDPR and nFADP, you have the right to:

• Access - request a copy of your personal data
• Rectification - correct inaccurate or incomplete data
• Erasure - request deletion ("right to be forgotten")
• Restrict processing - limit how we use your data
• Data portability - receive your data in a structured, machine-readable format
• Object - object to processing based on legitimate interest
• Withdraw consent - at any time, without affecting prior processing

To exercise any right, email automate@automati.qa. We respond within 30 days.

9. Complaints

If you believe your data protection rights have been violated, you may lodge a complaint with:

• Switzerland: Federal Data Protection and Information Commissioner (FDPIC)
• EU/EEA: Your local supervisory authority

10. Data Security

We implement appropriate technical and organisational measures, including:

• TLS encryption for all data in transit
• Access controls on a need-to-know basis
• Regular security reviews
• Secure hosting within the EU (Hetzner, Germany)

11. Children

Our services are directed at businesses, not individuals under 16. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this policy to reflect changes in law or our practices. Material changes will be communicated via our website. Continued use after changes constitutes acceptance.

Last updated: 2 April 2026