Privacy Policy
Last updated: 28. March 2025 / 28. März 2025
1. Data Controller
MD Crochet
Zug, Switzerland
E-Mail: hello@mdcrochet.ch
2. Data We Collect
We collect the following personal data: name, email address, delivery address, phone number (optional), payment information (processed by Stripe, not stored by us).
3. Purpose of Processing
- Processing and delivering orders
- Customer communication
- Improving our services
- Compliance with legal obligations
4. Legal Basis (Swiss nDSG)
Processing of your data is carried out in accordance with the Swiss Federal Act on Data Protection (nDSG/revFADP, in force since 1 September 2023). The legal basis is performance of a contract (Art. 31 nDSG) and our legitimate interest in operating this online shop.
5. Data Sharing
Your data is shared with: Stripe Inc. (payment processing, USA — adequate data protection per Swiss Federal Data Protection Commissioner decision). We do not sell your data.
6. Your Rights
You have the right to access, rectification, erasure, and restriction of processing of your data under the nDSG. Contact us at hello@mdcrochet.ch.
7. Data Security
We take appropriate technical and organisational measures to protect your data. Payments are processed encrypted via Stripe. Passwords are hashed with bcrypt.
8. Retention Period
Order data is retained for 10 years (statutory bookkeeping obligation under Swiss Code of Obligations). Account data can be deleted upon request.