The Heart Collective Lessingstrasse 13, 8002 Zürich, Schweiz info@theheartcollective.ch

Date: November 2025

Responsible for data processing on this website:

The Heart Collective
Lessingstrasse 13
8002 Zurich
Switzerland
Email: info@theheartcollective.ch

2. General Information on Data Processing

2.1 Scope of Personal Data Processing

We generally only process personal data of our users to the extent necessary to provide a functional website and our content and services. Personal data is usually only processed with the user's consent.

2.2 Legal Basis

Data processing is based on:

• Your consent (Art. 6 para. 1 lit. a GDPR / Art. 31 para. 1 revDSG)

• Performance of a contract (Art. 6 para. 1 lit. b GDPR / Art. 31 para. 2 lit. a revDSG)

• Compliance with legal obligations (Art. 6 para. 1 lit. c GDPR)

• Legitimate interests (Art. 6 para. 1 lit. f GDPR / Art. 31 para. 1 revDSG)

3. Provision of the Website and Creation of Log Files

3.1 Description and Scope of Data Processing

Each time our website is accessed, our system automatically collects data and information from the accessing computer system. The following data is collected:

• Information about browser type and version used

• User's operating system

• User's IP address

• Date and time of access

• Websites from which the user's system reaches our website

• Websites accessed by the user's system through our website

The data is also stored in our system's log files. This data is not stored together with other personal data of the user.

3.2 Legal Basis

The legal basis for temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR and Art. 31 para. 1 revDSG.

3.3 Purpose of Data Processing

Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. Storage in log files ensures the functionality of the website.

3.4 Storage Duration

Data is deleted as soon as it is no longer necessary for the purpose of collection. For data collected to provide the website, this occurs when the respective session ends. For data stored in log files, this occurs after a maximum of 30 days.

4. Use of Cookies

4.1 Description and Scope of Data Processing

Our website uses cookies. Cookies are text files stored in or by the internet browser on the user's computer system.

We use:

• Technically necessary cookies: Required for website operation

• Analysis cookies: Help us understand website usage (only with your consent)

4.2 Legal Basis

The legal basis for processing personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. For analysis cookies, the legal basis is your consent under Art. 6 para. 1 lit. a GDPR.

4.3 Opposition and Removal Options

You can configure your browser to be informed about cookie placement and allow cookies only in individual cases, reject cookies for specific cases or generally, and activate automatic deletion of cookies when closing the browser.

5. Contact Form and Email Contact

5.1 Description and Scope of Data Processing

A contact form is available on our website for electronic contact. If a user uses this option, the data entered in the input mask is transmitted and stored. This data includes:

• Name

• Email address

• Phone number (optional)

• Message text

Alternatively, contact is possible via the provided email address.

5.2 Legal Basis

The legal basis for processing data with user consent is Art. 6 para. 1 lit. a GDPR. For data transmitted via email, the legal basis is Art. 6 para. 1 lit. f GDPR.

5.3 Purpose of Data Processing

Processing personal data from the input mask serves solely to process the contact request.

5.4 Storage Duration

Data is deleted when no longer necessary for its collection purpose. For personal data from the contact form and email, this occurs when the respective conversation with the user has ended.

6. Booking Appointments and Services

6.1 Description and Scope of Data Processing

When you book an appointment or use a service, we process the following data:

• First and last name

• Contact details (email, phone number)

• Date of birth (if required)

• Health-related information (only as necessary for the service and with your explicit consent)

• Payment information

• Appointment details

6.2 Legal Basis

The legal basis for processing is Art. 6 para. 1 lit. b GDPR (contract performance). For health-related data, the legal basis is your explicit consent under Art. 9 para. 2 lit. a GDPR and Art. 34 revDSG.

6.3 Special Categories of Personal Data

In the context of our healing and ceremonial work, special categories of personal data (health data) may be processed. This only occurs with your explicit consent and only as necessary for service provision.

6.4 Storage Duration

Your data is stored for the duration of the business relationship and thereafter according to statutory retention periods (usually 10 years).

7. Newsletter (if applicable)

If you subscribe to our newsletter, we process your email address and optionally your name for newsletter delivery. The legal basis is your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time.

8. Integration of Third-Party Services

Our website integrates the following third-party services:

• Squarespace (website hosting): Privacy policy at https://www.squarespace.com/privacy

We do not use Google Fonts or Social Media Plugins.

9. Your Rights as a Data Subject

You have the following rights:

• Right of access (Art. 15 GDPR / Art. 25 revDSG): Right to request information about your processed personal data

• Right to rectification (Art. 16 GDPR / Art. 32 revDSG): Right to request correction of inaccurate data

• Right to erasure (Art. 17 GDPR / Art. 32 revDSG): Right to request deletion of your data

• Right to restriction of processing (Art. 18 GDPR)

• Right to data portability (Art. 20 GDPR / Art. 28 revDSG)

• Right to object (Art. 21 GDPR / Art. 30 revDSG): Right to object to data processing

• Right to withdraw consent (Art. 7 para. 3 GDPR): If processing is based on consent, you can withdraw it at any time

10. Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority:

For Switzerland:
Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1
3003 Bern
Switzerland
Tel.: +41 (0)58 462 43 95
Email: info@edoeb.admin.ch
Website: www.edoeb.admin.ch

For Germany (if applicable):
The competent state data protection authority

11. Data Security

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our website uses SSL encryption.

12. Changes to this Privacy Policy

We reserve the right to occasionally update this privacy policy to ensure it meets current legal requirements or to reflect changes in our services.