Privacy policy
What personal data crypter.ch collects, why we process it, and how you can exercise your rights. Applies to the website only — our products Mellisense.ai and P2Print.net publish their own notices.
1. Controller
For any data-protection enquiry, contact us at the email above. We do not have a formally designated Data Protection Officer; enquiries are handled by the managing director.
2. What we collect, when, and why
2.1 When you visit the site
When you load any page on crypter.ch, our hosting provider (Microsoft Azure Static Web Apps) automatically logs technical metadata: your IP address, the requested URL, the timestamp, your browser's user-agent string, and the referrer URL. These logs are kept for security and operational purposes — defending against abuse, diagnosing errors, and capacity planning. They are not used to build profiles of individual visitors.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operating a secure website); Art. 31(1)(c) FADP.
Retention: raw access logs are retained by Microsoft Azure for a maximum of 30 days.
2.2 When you submit the contact form
If you complete the contact form on the home page, we process:
- the email address you provide,
- the company or channel field (optional),
- the topic you select,
- the message you write, and
- the IP address from which the request was sent.
We use this data solely to read your message and reply to you by email.
Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures at your request); Art. 31(2)(a) FADP.
Retention: kept as long as needed to respond and conclude the matter, and subsequently archived to the extent required by Swiss commercial-records obligations (Art. 958f CO — up to 10 years for accounting-relevant correspondence).
2.3 Bot protection (Cloudflare Turnstile)
To protect the contact form against automated abuse, we use Cloudflare Turnstile. When you interact with the form, your browser exchanges metadata with Cloudflare — including your IP address and limited environmental signals — so Cloudflare can issue a challenge token that proves you are a human. Turnstile is privacy-respecting by design and does not perform cross-site user tracking.
Cloudflare's own privacy policy: cloudflare.com/privacypolicy.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in preventing spam and automated abuse).
3. Third-party processors
We rely on the following processors. All are bound by data-processing agreements where applicable.
| Processor | Purpose | Data location |
|---|---|---|
| Microsoft Azure Static Web Apps | Static site hosting and serverless contact endpoint | West Europe (NL) |
| Microsoft Azure Communication Services | Email delivery for contact-form messages | Switzerland (ZH) |
| Cloudflare, Inc. | Bot protection (Turnstile) | Global edge |
| Microsoft 365 / Exchange Online | Inbound mailbox for info@crypter.ch | EU |
4. International data transfers
Message content sent via the contact form is processed by Azure Communication Services in Switzerland. Static site hosting runs in West Europe (EU). Cloudflare Turnstile may process bot-detection metadata at edge locations outside Switzerland and the EU; Cloudflare relies on Standard Contractual Clauses (SCCs) and the Swiss-U.S. Data Privacy Framework for international transfers.
5. Cookies and similar technologies
crypter.ch does not set any first-party tracking cookies. The site does not use analytics, advertising, or social-media trackers.
Cloudflare Turnstile may set a short-lived technical cookie or local-storage entry that is strictly necessary for bot detection on the contact form. No consent banner is presented because no non-essential cookies are used; this is consistent with revFADP and ePrivacy guidance for strictly necessary cookies.
6. Your rights
Under the revised Swiss Federal Act on Data Protection (revFADP, in force since 1 September 2023) and the EU General Data Protection Regulation (GDPR, where applicable), you have the right to:
- obtain confirmation of, and access to, the personal data we hold about you;
- rectify inaccurate or incomplete data;
- request erasure ("right to be forgotten") subject to legal retention obligations;
- restrict or object to processing;
- data portability for data you provided based on consent or contract;
- withdraw consent at any time without affecting the lawfulness of prior processing;
- lodge a complaint with a supervisory authority — in Switzerland the Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern; in the EU your local data-protection authority.
To exercise any of these rights, write to info@crypter.ch. We will respond within 30 days.
7. Security
The site is served exclusively over HTTPS. The contact endpoint validates inputs server-side, rate-limits abuse via Turnstile, and never stores message content outside the email recipient mailbox. Azure resources are configured with least-privilege access and audited via Microsoft Defender for Cloud.
8. Children
crypter.ch is not directed at children under the age of 16, and we do not knowingly collect personal data from children. (Our family-friendly YouTube channels are produced under separate COPPA-compliant policies on YouTube.)
9. Changes to this policy
We may update this policy as the site evolves or as legal requirements change. The "Effective" date at the top of the page reflects the most recent version. Material changes will be highlighted in the page header for at least 30 days after publication.