Privacy Policy

1. Data Controller and Contact Information

Octigen GmbH
Riedpark 17, 6300 Zug, Switzerland
Email: [email protected]

Octigen GmbH is the data controller responsible for the processing of your personal data in connection with our website and services.

2. Legal Basis for Processing

We process your personal data based on the following legal grounds under the GDPR:

• Consent (Art. 6(1)(a) GDPR): For cookies, analytics, and marketing communications
• Legitimate Interest (Art. 6(1)(f) GDPR): For website security, fraud prevention, and business communications
• Contract Performance (Art. 6(1)(b) GDPR): For providing requested services and responding to inquiries
• Legal Obligation (Art. 6(1)(c) GDPR): For compliance with applicable laws

3. Personal Data We Collect

3.1 Information You Provide Directly

• Contact Information: Name, email address, company name, phone number
• Communication Data: Messages, inquiries, and correspondence
• Account Information: When you join our waiting list or subscribe to updates

3.2 Information Collected Automatically

• Technical Data: IP address, browser type, device information, operating system
• Usage Data: Pages visited, time spent, click patterns, referral sources
• Cookie Data: As detailed in our Cookie Policy below

4. How We Use Your Personal Data

We process your personal data for the following purposes:

• Service Provision: To respond to your inquiries and provide requested information
• Communication: To send updates about our services, with your consent
• Website Improvement: To analyze usage and improve our website functionality
• Security: To protect against fraud and unauthorized access
• Legal Compliance: To comply with applicable laws and regulations
• Marketing: To inform you about new services, with explicit consent

5. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. You can manage your cookie preferences using our cookie banner or by clicking Cookie Settings.

5.1 Types of Cookies We Use

• Necessary Cookies: Essential for website functionality (cannot be disabled)
• Analytics Cookies: Google Analytics for understanding website usage (with consent)
• Preference Cookies: To remember your settings and preferences (with consent)
• Marketing Cookies: For targeted advertising and marketing (with consent)

5.2 Third-Party Services

• Google Analytics: Website analytics with IP anonymization enabled
• Formspree: Contact form processing
• MailerLite: Email marketing and newsletter management

6. Data Sharing and Transfers

We may share your personal data in the following circumstances:

• Service Providers: With trusted third-party processors under strict data protection agreements
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In case of merger, acquisition, or asset sale

6.1 International Transfers

Some of our service providers are located outside the EU/EEA. We ensure adequate protection through:

• EU Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Contact Inquiries: 3 years from last contact
• Marketing Lists: Until you unsubscribe or 5 years of inactivity
• Analytics Data: 26 months (Google Analytics default)
• Legal Requirements: As required by applicable law

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of Access (Art. 15): Request information about your personal data
• Right to Rectification (Art. 16): Correct inaccurate or incomplete data
• Right to Erasure (Art. 17): Request deletion of your personal data
• Right to Restrict Processing (Art. 18): Limit how we use your data
• Right to Data Portability (Art. 20): Receive your data in a portable format
• Right to Object (Art. 21): Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time for consent-based processing

To exercise these rights, contact us at [email protected]. We will respond within one month.

8.1 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption: Data transmission via HTTPS/SSL
• Access Controls: Limited access on a need-to-know basis
• Regular Security Assessments: Ongoing security monitoring
• Staff Training: Regular data protection training for our team
• Incident Response: Procedures for handling data breaches

10. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data, please contact us immediately.

11. Changes to This Privacy Policy

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. Significant changes will be communicated through:

• Prominent notice on our website
• Email notification to subscribers
• Updated "Last Modified" date

Your continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

For any questions about this privacy policy or our data practices, please contact:

Data Protection Officer
Octigen GmbH
Riedpark 17, 6300 Zug, Switzerland
Email: [email protected]