Privacy Policy

1. Introduction

Alpinify GmbH ("Alpinify", "we", "us") is committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit the Alpinify website (www.alpinify.com) and when you or your clients use the Alpinify programs and services.

This policy applies in accordance with the Swiss Federal Act on Data Protection (FADP/DSG) and, where applicable, the European General Data Protection Regulation (GDPR).

2. Data Controller

The data controller for the processing of personal data on this website is:

Alpinify GmbH
Gerliswilstrasse 30
6020 Emmen­brücke, Switzerland
Email: [email protected]
Phone: +41 78 858 66 33

3. Data We Collect

3.1. Website Visitors

When you visit this website, we collect the following data:

  • Cookie consent preference: Your acceptance or rejection of cookies is stored locally in your browser using localStorage. This data is not transmitted to our servers.
  • Contact form submissions: When you use our contact form, we collect your name, email address, and message content. This data is used solely to respond to your enquiry.
  • Cloudflare Turnstile: Our contact form uses Cloudflare Turnstile for spam protection. Cloudflare may process certain technical data (such as IP address and browser information) in accordance with its own privacy policy.

3.2. Customers (Alpinify Program Users)

When you use the Alpinify programs as a customer, the following data may be processed:

  • Account information: Business name, contact person name, email address, phone number, and billing information.
  • Business data: Services, staff members, schedules, pricing, and other operational data you enter into the programs.
  • Usage data: Login activity, feature usage, and technical logs necessary for providing and securing the service.

3.3. End Users (Your Clients and Patients)

When your clients or patients use the Alpinify programs to make bookings or receive automated messages, the following data may be processed on your behalf:

  • Booking data: Name, email address, phone number, selected service, preferred staff member, and appointment date and time.
  • Health and sensitive data: Where the Alpinify programs are used by healthcare providers (dental clinics, medical practices, therapists), patient health records, treatment information, and other sensitive personal data may be processed. This data is processed by Alpinify solely on behalf of the customer as data processor.
  • Communication data: Automated appointment reminders, confirmations, and follow-up messages sent via SMS, email, WhatsApp, or Viber.

4. Purpose and Legal Basis

We process personal data for the following purposes:

  • To provide our services: Processing is necessary for the performance of our contract with the customer (Art. 6(1)(b) GDPR / Art. 31 FADP).
  • To respond to enquiries: When you contact us via the contact form, we process your data based on your consent and our legitimate interest in responding to your request.
  • To protect our services: Spam protection and security measures are based on our legitimate interest in maintaining a secure and functional website and service (Art. 6(1)(f) GDPR).
  • To comply with legal obligations: Where required by Swiss or EU law (Art. 6(1)(c) GDPR).

5. Data Processing on Behalf of Customers

When we process personal data of your clients or patients through the Alpinify programs, we act as a data processor on your behalf. You, as the customer, are the data controller and are responsible for ensuring that the collection and processing of such data has a lawful basis, including obtaining any required consents. The terms of our data processing relationship are set out in our Terms and Conditions (section 1.5).

6. Data Sharing and Third Parties

We do not sell personal data to third parties. We may share personal data with the following categories of recipients only as necessary to provide our services:

  • Cloud infrastructure providers: For hosting and storing data on servers located in Switzerland and/or the European Union.
  • Messaging service providers: SMS gateways, WhatsApp Business API, Viber Business Messages, and email delivery services, for the purpose of sending automated messages on behalf of the customer.
  • Spam protection: Cloudflare, for Turnstile captcha functionality on the contact form.

All third-party providers are bound by data protection obligations and are selected to ensure an adequate level of data protection.

7. Data Storage and Hosting

All customer and end-user data is stored on servers located in Switzerland and/or the European Union. We do not transfer personal data to countries outside of Switzerland or the EU/EEA unless adequate safeguards are in place as required by applicable law.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Contact form submissions: Retained for as long as necessary to handle the enquiry, then deleted.
  • Customer account data: Retained for the duration of the contract and for the period required by applicable law thereafter.
  • End-user data (bookings, patient records): Retained for the duration of the customer's contract. Upon termination, data is returned or deleted within 30 days in accordance with our Terms and Conditions (section 1.5.8), unless retention is required by law.

9. Cookies and Local Storage

This website uses browser localStorage to store your cookie consent preference ("accepted" or "declined"). This is a technically necessary function and does not involve tracking or profiling. No third-party analytics or advertising cookies are used on this website.

You can manage or delete localStorage data through your browser settings at any time.

10. Your Rights

Under applicable data protection law, you have the following rights regarding your personal data:

  • Right of access: You may request information about what personal data we hold about you.
  • Right to rectification: You may request correction of inaccurate or incomplete data.
  • Right to erasure: You may request deletion of your personal data, subject to legal retention obligations.
  • Right to restriction: You may request that we restrict the processing of your data under certain circumstances.
  • Right to data portability: You may request to receive your data in a structured, commonly used, and machine-readable format.
  • Right to object: You may object to the processing of your personal data where it is based on legitimate interests.

To exercise any of these rights, please contact us at [email protected].

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or, where applicable, with a supervisory authority in the EU/EEA.

11. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of data in transit, access controls, and regular security reviews.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The current version is always available on this page. We encourage you to review this policy periodically.

13. Contact

If you have any questions about this Privacy Policy or about how we handle your personal data, please contact us:

Alpinify GmbH
Gerliswilstrasse 30
6020 Emmen­brücke, Switzerland
Email: [email protected]
Phone: +41 78 858 66 33