Privacy Policy

Last updated: December 11, 2025

Astro Swiss, Vincent Heimann ("we", "our", or "us") operates astroswiss.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and purchase our products.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and Swiss data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

Astro Swiss, Vincent Heimann
CH-2882 St-Ursanne
Switzerland
Email: hello@astroswiss.com

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address when you create an account or make a purchase
  • Payment Information: Payment details processed securely through Stripe (we do not store full credit card information)
  • Support Communications: Any information you provide when contacting our support team

2.2 Information Collected Automatically

  • Usage Data: IP address, browser type, operating system, pages visited, time spent on pages
  • Cookies: We use cookies to enhance your experience. See our Cookie Policy for details
  • Analytics: We use Google Tag Manager to understand how visitors use our site

3. How We Use Your Information

We use your personal data for the following purposes:

  • Order Fulfillment: Process purchases and deliver digital products
  • Customer Support: Respond to your inquiries and provide technical assistance
  • Product Updates: Send you updates, bug fixes, and new features
  • Website Improvement: Analyze usage patterns to improve our services
  • Legal Compliance: Comply with legal obligations and protect our rights
  • Marketing: Send promotional emails (with your consent, you can opt-out anytime)

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

  • Contractual Necessity: To fulfill your purchase and provide support
  • Consent: For marketing communications and non-essential cookies
  • Legitimate Interests: To improve our services and prevent fraud
  • Legal Obligation: To comply with tax and financial regulations

5. Third-Party Services

We use the following third-party services that may collect and process your data:

Stripe (Payment Processing)

Processes payments securely. Stripe collects payment information and transaction details.

View Stripe Privacy Policy →

Supabase (Database & Authentication)

Stores user accounts and purchase records. Data is hosted in secure cloud infrastructure.

View Supabase Privacy Policy →

Google Analytics 4 & Tag Manager

We use Google Analytics 4 (GA4) via Google Tag Manager to analyze website traffic and user interaction. This includes tracking page views, button clicks, and scroll depth to improve user experience. Data is anonymized and processed in accordance with GDPR.

View Google Privacy Policy →

Microsoft Clarity (UX Analytics)

Records user sessions and heatmaps to understand user behavior and improve website usability. Data is anonymized.

View Microsoft Privacy Statement →

Resend (Transactional Emails)

Sends order confirmations, download links, and support responses.

View Resend Privacy Policy →

6. Data Storage and Security

We implement appropriate technical and organizational measures to protect your data:

  • ✓ SSL/TLS encryption for data transmission
  • ✓ Secure cloud storage with access controls
  • ✓ Regular security updates and monitoring
  • ✓ Payment data encrypted by PCI-DSS compliant Stripe

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your personal data for as long as necessary to:

  • • Provide you with access to purchased products (indefinitely for lifetime access)
  • • Comply with legal, tax, and accounting requirements (typically 7 years)
  • • Resolve disputes and enforce our agreements

You may request deletion of your data at any time (see Your Rights section below).

8. Your Rights Under GDPR

If you are a resident of the European Economic Area (EEA) or Switzerland, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for marketing or cookies at any time

To exercise any of these rights, please contact us at hello@astroswiss.com. We will respond within 30 days.

9. International Data Transfers

Your data may be transferred to and stored in countries outside the EEA/Switzerland. Our third-party service providers (Stripe, Supabase) use appropriate safeguards such as Standard Contractual Clauses to ensure your data is protected in accordance with GDPR.

10. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: hello@astroswiss.com

← Back to Home