Privacy Policy — ParallelSignal GmbH

1. Data Controller

The data controller responsible for the processing of your personal data is:

ParallelSignal GmbH
c/o ExpertFid & Audit AG
Marktgasse 8
4051 Basel, Switzerland

Represented by: Daniel Avshalom, Geschäftsführer
Email: info@parallelsignal.ch
UID: CHE-373.604.276

2. Data We Collect

We collect and process the following personal data when you use our services:

Information you provide

Contact information: Name, email address, company name
Order information: Brand name, website URL, competitor details (submitted during checkout)
Communication data: Content of emails or messages you send us

Information collected automatically

Technical data: IP address, browser type, operating system, referring URL
Usage data: Pages visited, time of access (via server logs)

Payment data

Payment processing is handled entirely by Stripe, Inc. We do not store, process, or have access to your full credit card number, CVV, or other sensitive payment details. Stripe processes your payment data in accordance with PCI DSS Level 1 standards. See Stripe's Privacy Policy.

3. Purpose & Legal Basis

Under the Swiss FADP (nDSG), data processing is lawful provided it does not unlawfully violate the personality rights of the data subject (Art. 6 nDSG). We process your personal data for the following purposes, justified under Art. 31 nDSG:

Contract performance: Processing your order, delivering audit reports, and communicating about your order (justified by overriding private interest, Art. 31 para. 2 lit. a nDSG)
Service improvement and security: Improving our services, preventing fraud, and ensuring website security (justified by overriding private interest)
Legal compliance: Tax and accounting record-keeping as required by Swiss commercial law (Art. 958f OR), justified by legal obligation

4. Third-Party Services

We share personal data with the following third-party service providers, solely for the purposes described:

Stripe, Inc. (USA) — Payment processing. Data transferred under Standard Contractual Clauses (SCCs).
Airtable, Inc. (USA) — Order management and CRM. Data transferred under SCCs.
Resend, Inc. (USA) — Transactional email delivery (order confirmations, report delivery). Data transferred under SCCs.

We do not sell, rent, or trade your personal data to any third party. We do not use your data for advertising purposes beyond our direct business relationship.

5. Cookies & Analytics

This website is a static site and uses no cookies for tracking or advertising purposes. We do not use third-party analytics tools on this website.

If we introduce analytics in the future, this policy will be updated accordingly and consent will be obtained where required.

6. Data Retention

We retain your personal data for the following periods:

Order and invoice data: 10 years from the date of the transaction, as required by Swiss commercial law (Art. 958f OR, Obligationenrecht)
Communication data: For the duration of our business relationship, plus 3 years
Technical logs: Maximum 90 days

After the applicable retention period, data is securely deleted or anonymized.

7. Your Rights

Under the Swiss Federal Act on Data Protection (FADP / nDSG, revised 1 September 2023), you have the following rights:

Right of access: You may request information about what personal data we hold about you
Right to rectification: You may request correction of inaccurate data
Right to deletion: You may request deletion of your data, subject to legal retention obligations
Right to data portability: You may request your data in a structured, machine-readable format
Right to object: You may object to data processing based on legitimate interest

To exercise any of these rights, contact us at info@parallelsignal.ch. We will respond within 30 days.

You also have the right to lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC): www.edoeb.admin.ch.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encrypted data transmission (TLS/SSL), access controls, and regular security reviews.

9. International Data Transfers

Some of our service providers are based in the United States. Where personal data is transferred outside of Switzerland, we ensure adequate protection through:

EU Standard Contractual Clauses (SCCs), recognized by Switzerland
Selecting providers that maintain appropriate certifications (e.g., SOC 2, PCI DSS)

10. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date. We recommend reviewing this page periodically.

11. Applicable Law

This privacy policy is governed by the Swiss Federal Act on Data Protection (FADP / nDSG), effective 1 September 2023, and applicable Swiss law. The competent supervisory authority is the Federal Data Protection and Information Commissioner (FDPIC).