Privacy Notice

1. Data Controller Information

Data Controller: [Company Name TBD]

Address: [Company Address], Switzerland

Email: privacy@sommy.wine

DPO Contact: dpo@sommy.wine

2. Data We Collect

Information You Provide:

  • Email Address: When you subscribe to our newsletter or create an account
  • Marketing Preferences: Your consent to receive marketing communications
  • Contact Information: Name and other details if you contact our support

Information We Collect Automatically:

  • Analytics Data: Page views, session duration, referral sources via Google Analytics
  • Technical Data: IP address, browser type, device information
  • Cookies: Small files stored on your device for functionality and analytics
  • Geographic Data: IP geolocation for content localization

3. Purposes and Legal Bases

PurposeLegal Basis
Email newsletter deliveryConsent (Article 6(1)(a) GDPR)
Website analytics and optimizationLegitimate interest (Article 6(1)(f) GDPR)
Customer supportLegitimate interest (Article 6(1)(f) GDPR)
Legal complianceLegal obligation (Article 6(1)(c) GDPR)
Content localizationLegitimate interest (Article 6(1)(f) GDPR)

4. Data Sharing and International Transfers

Service Providers:

  • Buttondown: Email newsletter service (USA) - adequacy decision covers data transfers
  • Google Analytics: Website analytics (USA) - based on Google's data processing agreement
  • Firebase: Website hosting and functions (USA) - Google Cloud data processing terms apply

International Transfers: Some of our service providers are located outside the EU/EEA. We ensure appropriate safeguards are in place, including adequacy decisions, standard contractual clauses, or certification schemes as approved by the European Commission.

5. Data Retention

  • Email subscribers: Until you unsubscribe or withdraw consent
  • Analytics data: 26 months (Google Analytics default retention)
  • Contact inquiries: 3 years or until resolution of inquiry
  • Legal compliance data: As required by applicable law

6. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of Access (Article 15): Request a copy of your personal data
  • Right to Rectification (Article 16): Correct inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your data
  • Right to Restrict Processing (Article 18): Limit how we use your data
  • Right to Data Portability (Article 20): Receive your data in a structured format
  • Right to Object (Article 21): Object to processing based on legitimate interest
  • Right to Withdraw Consent: Withdraw consent for marketing communications

How to Exercise Your Rights:

Email us at: privacy@sommy.wine

We will respond to your request within 30 days.

7. Cookies and Tracking

We use cookies and similar technologies to improve your experience. For detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption of data in transit and at rest, regular security assessments, and access controls.

9. Age Restrictions

Our services are not intended for individuals under the legal drinking age. We do not knowingly collect personal data from minors. If you are under 18 (or the legal drinking age in your jurisdiction), please do not provide us with your personal information.

10. Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated notice on our website and updating the "Last Updated" date.

11. Supervisory Authority

If you believe we have not handled your personal data in accordance with this notice or applicable law, you have the right to lodge a complaint with your local data protection authority or the Swiss Federal Data Protection and Information Commissioner (FDPIC).

12. Contact Us

If you have any questions about this Privacy Notice or our data processing practices, please contact:

Privacy Team

Email: privacy@sommy.wine

Data Protection Officer: dpo@sommy.wine

Last Updated: January 28, 2025