Privacy Policy
We attach great importance to the protection of your personal data. With this privacy policy, we wish to provide you with comprehensive information about which data we collect in connection with your visit to our website https://aiara.ch, for what purpose this data is processed and what rights you are entitled to as a data subject.
Personal data includes all information that relates to an identified or identifiable natural person — for example, your name, your address, your email address or your usage behaviour on our website.
Our data protection practice is guided by the applicable legal provisions, in particular the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation of the European Union (GDPR), insofar as these are applicable to our data processing activities. The following explanations serve to fulfil our information obligations pursuant to Art. 19 et seq. FADP and Art. 13 et seq. GDPR.
Responsible Body
The data protection responsibility for the data processing carried out via this website lies with:
Aiara (Sidora AG)
Sulzerallee 70
8404 Winterthur
Switzerland
Email: support@aiara.ch
Phone: +41 44 500 25 55
Website: aiara.ch
Commercial register/UID: CHE-295.753.613
As the responsible body, we decide on the purpose and means of data processing within the meaning of Art. 5 let. j FADP.
Data Protection Officer
For questions and concerns regarding data protection, our data protection officer is available to you. You can reach them at the following contact details:
Sidora AG
Email: info@sidora.ch
Technical Provision of the Website and Server Log Files
When you access our website, our hosting system automatically collects and stores technical access data that your device (computer, smartphone, tablet, etc.) transmits to our server. This data is technically essential for the delivery and display of the website content.
The following data is collected in detail:
- Type and version number of the web browser you are using
- Operating system of your device
- The Internet Protocol address (IP address) of your internet connection
- Date, time and time zone of the page access
- Pages, files and resources accessed on our website
- The internet address of the referring page (referrer URL), if you accessed our website via an external link
- HTTP status code (success or failure of the request)
- Volume of data transferred
- Hostname of the accessing computer
This data is stored in our server's log files. As a rule, this technical data is not merged with other personal data collected separately, so that we do not draw conclusions about individual persons.
Legal basis: Processing is based on our legitimate interest in the technically flawless provision and security of our website (Art. 6 para. 1 FADP; Art. 31 para. 1 FADP; Art. 6 para. 1 let. f GDPR).
Processing purpose: The temporary storage of technical access data is necessary to deliver the website to your device, ensure compatibility and functionality, detect and prevent abusive access and cyber attacks, and guarantee system stability and security.
Storage duration: The collected access data is deleted after the technical necessity has expired, but no later than three months, unless further retention is required for security reasons or due to legal requirements.
Hosting: Our website is hosted by Sidora AG. In the context of hosting, the aforementioned data is processed on our behalf.
Contact via Contact Forms
On our website, we provide you with one or more contact forms through which you can get in touch with us. When you use one of these forms, the data you enter — in particular your name, your email address and the content of your message — is transmitted to us and stored.
Legal basis: The processing of your information is based on our legitimate interest in responding to your enquiry (Art. 6 para. 1 FADP; Art. 6 para. 1 let. f GDPR). If your contact is aimed at concluding or performing a contract, the initiation or fulfilment of the contract additionally constitutes the legal basis (Art. 31 para. 2 let. a FADP; Art. 6 para. 1 let. b GDPR).
Processing purpose: We use the data submitted via the contact form exclusively for processing and responding to your specific enquiry. You may receive an email confirmation from us that your enquiry has been received.
Storage duration: Your contact data will be deleted as soon as the processing of your enquiry is completed and no further factual context requires retention, unless legal retention obligations prevent deletion.
Voluntariness: The use of our contact forms is voluntary. You always have the option of reaching us via the alternative contact channels listed on our website. The fields marked as mandatory in the form are required so that we can properly process your enquiry; without this information, processing may not be possible.
Newsletter and Email Communication
On our website, you have the option of subscribing to our newsletter. For this purpose, we require your email address and, where applicable, further contact information that you enter in the registration form.
For registration, we use the so-called double opt-in procedure: after entering your email address, you will receive a confirmation message with an activation link. Your registration only becomes effective once you click on this link. This procedure serves to verify that the registration was indeed made by the owner of the specified email address.
For sending our newsletter, we use the service Brevo. Your email provider receives your registration data for the purpose of sending on our behalf.
Legal basis: The legal basis for processing is your express consent pursuant to Art. 6 para. 6 FADP or Art. 6 para. 1 let. a GDPR, which you granted by completing the double opt-in procedure.
Processing purpose: We use your data exclusively for sending the newsletter, in which we inform you about our services, news and relevant topics.
Revocation and unsubscription: You can unsubscribe from the newsletter at any time by clicking the unsubscribe link at the end of each newsletter edition or by contacting us directly. After unsubscription, your data will be deleted immediately, unless legal retention obligations prevent this.
Protected Area and User Accounts
Our website offers a protected area that is only accessible after prior registration or login. In the context of account creation and use of the protected area, we process your registration and login data (in particular email address or username and password).
Legal basis: Processing is carried out for the purpose of contract performance or the implementation of pre-contractual measures (Art. 31 para. 2 let. a FADP; Art. 6 para. 1 let. b GDPR).
Processing purpose: Your access data is required to verify your authorisation to access the protected area and to provide you with the corresponding content and features.
Storage duration: Your account data will be retained for as long as you maintain an active user account with us. After deletion of the account, the data will be promptly removed, unless further retention is required for legal reasons.
Voluntariness: Creating a user account is voluntary. Without registration, the protected content cannot be viewed; the remaining areas of our website remain fully accessible.
Orders and Purchase Processing
When you order products or services through our website, we collect the data necessary for the execution of the purchase contract. This includes in particular your name, your address, your email address and the information required for payment processing and delivery.
Payment processing: For payment processing, we work with the following payment service providers: Stripe. During the payment process, the data required for this purpose is transmitted directly to the respective service provider. The service provider's own privacy policy applies to data processing by the payment service provider.
Legal basis: Processing is necessary for the performance of the purchase contract concluded with you (Art. 31 para. 2 let. a FADP; Art. 6 para. 1 let. b GDPR).
Processing purpose: We process your order data exclusively for the purpose of processing your order, including delivery, invoicing and, where applicable, handling complaints.
Storage duration: The data will be deleted after the contractual relationship has been fully completed, unless commercial or tax law retention obligations prevent this. As a rule, the statutory retention period is ten years.
Live Chat Function
Our website offers a live chat function that allows you to communicate with us in real time. When you use the chat, the messages you enter and, where applicable, your name are stored.
For the provision of the live chat, we use the service Odeo. When using the chat, data is transmitted to the service provider on our behalf.
Legal basis: Art. 6 para. 1 FADP (legitimate interest); Art. 6 para. 1 let. f GDPR.
Processing purpose: Chat contents are used exclusively for processing your enquiry.
Storage duration: Chat histories are deleted after the conversation has been completed and your enquiry has been processed, unless legal retention obligations exist.
Voluntariness: The use of the live chat is voluntary. Alternatively, you can reach us via the other contact channels listed on our website.
Web Analytics via Google Analytics
This website uses Google Analytics, an analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses cookies that enable a statistical analysis of your usage behaviour on our website.
In the context of using Google Analytics, data such as your (anonymised) IP address, pages visited, time spent, device and browser used, and the origin of your website visit are transmitted to Google servers. We use Google Analytics with IP anonymisation enabled, so that your IP address is truncated within the member states of the European Union or the European Economic Area beforehand.
Transmission to servers of Google LLC in the United States cannot be ruled out. Google is certified under the EU-US Data Privacy Framework (verifiable at https://www.dataprivacyframework.gov/list).
Legal basis: Data processing is based on your consent (Art. 6 para. 6 FADP; Art. 6 para. 1 let. a GDPR), which you granted via our cookie notice.
Processing purpose: We use Google Analytics for the analysis and improvement of our online offering. The statistics generated enable us to optimise our website and adapt it to the needs of our visitors.
Revocation: You can revoke your consent at any time with effect for the future by adjusting your cookie settings on our website. Additionally, you can prevent data collection by Google Analytics by installing the browser add-on for disabling Google Analytics (available at https://tools.google.com/dlpage/gaoptout).
Further information can be found in Google's privacy policy at https://policies.google.com/privacy.
Use of Cookies and Similar Technologies
Our website uses so-called cookies and comparable storage technologies (e.g. local storage, session storage). Cookies are small text files that your web browser places on your device when you visit our website. They contain a characteristic string of characters that enables unique identification of your browser on a subsequent visit.
We distinguish between the following cookie categories:
Necessary cookies: These cookies are essential for the technically flawless operation of our website. They enable basic functions such as page navigation and access to protected areas. Without these cookies, the website cannot function properly. These cookies are set without your prior consent.
Functional cookies: Functional cookies enable extended functionalities and personalisations, such as storing your language settings or regional preferences. Without these cookies, certain convenience features may not be available.
Analytics cookies: These cookies enable us to statistically record and analyse the use of our website. The insights gained are used to continuously improve our offering and adapt it to the needs of our visitors.
Marketing cookies: Marketing cookies are used to display relevant advertising to visitors. They serve to track usage behaviour across different websites and enable advertisers to deliver targeted advertisements.
A detailed list of the cookies used on our website, including provider, purpose and storage duration, can be found in our cookie settings.
Legal basis: We set necessary cookies based on our legitimate interest (Art. 6 para. 1 FADP; Art. 6 para. 1 let. f GDPR). For all other cookies, we obtain your express consent (Art. 6 para. 6 FADP; Art. 6 para. 1 let. a GDPR).
Management and revocation: You can view and change your cookie settings at any time via the cookie management dialogue provided on our website. You also have the option of blocking cookies in whole or in part in your browser settings or deleting cookies that have already been stored. Please note that this may restrict the functionality of our website.
Privacy-friendly default settings: Non-essential cookies on our website are only technically activated after you have been informed about their use and — where legally required — have given your express consent. Until then, only technically necessary cookies are set (privacy-friendly default setting pursuant to Art. 7 para. 3 FADP).
Joint controllership with third-party services: Insofar as third-party services are integrated on our website (e.g. analytics, advertising or social media services), we enable these third parties to collect personal data via our website. For the process of this data collection, there is joint controllership within the meaning of Art. 5 let. j FADP between us and the respective third-party provider. The details of data processing by the respective third-party providers can be found in the following sections of this privacy policy and in the privacy notices of the respective providers.
Storage Duration and Overview of Cookies Used
The cookies listed below are stored in your browser until they are deleted or — in the case of a session cookie — until the browser session is ended. The list provides you with an overview of all cookies used on our website, their provider, purpose, legal basis, storage duration and category.
| Cookie Name | Server | Provider | Purpose | Legal Basis | Storage Duration | Type |
|---|---|---|---|---|---|---|
| XSRF-TOKEN | aiara.ch | Aiara | Protection against Cross-Site Request Forgery. | Legitimate interest | 2 hours | Necessary |
| aiara-privacy-suite-session | aiara.ch | Aiara | Stores the current session. | Legitimate interest | 2 hours | Necessary |
| aiara_consent | aiara.ch | Aiara | Stores the visitor's cookie consent (selected categories). | Legitimate interest | 1 year | Necessary |
| aiara_vid | aiara.ch | Aiara | Pseudonymous visitor ID for consent logging. | Legitimate interest | 6 months | Necessary |
| aiara_banner_config | aiara.ch | Aiara | Cache of the banner configuration for faster loading times. | Legitimate interest | 1 year | Necessary |
| _ga | .aiara.ch | Distinguishes individual visitors. | Consent | 2 years | Analytics | |
| _ga_JC77FQRMYC | .aiara.ch | Set by Google Analytics. Stores and updates a unique value for each page visited and is used for session attribution. | Consent | 2 years | Analytics |
If cookies have been set based on your consent, you can revoke your consent at any time in the cookie settings of our cookie banner. You can access the cookie settings via the cookie icon on our website.
Google Consent Mode
Our website implements Google Consent Mode (Version 2), which controls the operation of the Google services used depending on your consent status. As long as you have not given consent, all consent-dependent Google services are operated in a restricted mode in which no personal data is collected or cookies are set.
If you grant consent for certain cookie categories, Google is informed and the respective services are fully activated. If you revoke your consent, the affected services are immediately returned to restricted mode.
Disclosure of Personal Data to Third Parties
As a matter of principle, we treat your personal data confidentially and only disclose it to the extent necessary for the purposes described in this privacy policy or if you have consented to it.
Disclosure may occur in the following cases:
- To service providers commissioned by us (processors) who process data on our behalf and according to our instructions — for example, hosting providers, email sending services or IT service providers.
- To third parties, insofar as we are legally obligated to do so or this is necessary for the enforcement of our legal claims — for instance, to law enforcement authorities, courts or supervisory authorities.
- In the context of the use of external services and tools integrated on our website, as described in the preceding sections of this privacy policy.
Data Security
We employ appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, loss or destruction. Our security measures are continuously adapted to technological developments.
Our website uses SSL/TLS encryption for the transmission of data between your browser and our server. You can recognise an encrypted connection by the lock icon in the address bar of your browser and by the fact that the address bar begins with "https://".
Please note that communication by email without additional encryption is not fully secure. For confidential information, we therefore recommend using postal mail or encrypted email communication.
Use of Customer Data for Reference Purposes
If you register a user account with Aiara and use our service, we reserve the right to use the company name and logo of your company as a customer reference on our website (e.g. on the homepage, partner page or in marketing materials). This use is based on our legitimate interest in promoting our services (Art. 31 para. 1 FADP; Art. 6 para. 1 lit. f GDPR).
The legal basis for this processing also derives from Section 12.2 of our General Terms and Conditions (GTC), according to which the customer grants Aiara the right to use the company name and logo as a reference, unless the customer expressly objects.
Right to object: You can object to the use of your company name and logo for reference purposes at any time by contacting us by email at support@aiara.ch. We will remove the reference promptly upon receipt of your objection.
Storage Duration and Your Rights as a Data Subject
General storage duration: We retain your personal data only for as long as is necessary for the achievement of the respective processing purposes or as prescribed by legal retention obligations. Subsequently, the data is deleted or further processed in anonymised form.
Your rights: As a data subject, you are entitled to the following rights under applicable data protection law:
Right of access (Art. 25 FADP; Art. 15 GDPR): You can request information at any time as to whether and which personal data we process about you, as well as further information about the processing.
Right to rectification (Art. 32 para. 1 FADP; Art. 16 GDPR): You have the right to request the rectification of inaccurate data or the completion of incomplete data.
Right to erasure (Art. 17 GDPR): Under certain conditions, you can request the deletion of your personal data — in particular, if the data is no longer necessary for the original processing purpose, you revoke your consent or the data was processed unlawfully.
Right to data portability (Art. 28 FADP; Art. 20 GDPR): You can request that we provide you with the data relating to you in a commonly used, machine-readable format or transfer it to another controller.
Right to revocation: Insofar as data processing is based on your consent, you can revoke this at any time with effect for the future. The processing carried out until revocation remains unaffected.
Exercising your rights: To exercise your rights, please contact:
Aiara (Sidora AG)
Email: support@aiara.ch
Phone: +41 44 500 25 55
Right to lodge a complaint: You also have the right to lodge a complaint with the competent data protection supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC), reachable at https://www.edoeb.admin.ch. In addition, you can contact the competent data protection authority in your EU/EEA member state.
Notes on This Privacy Policy
Validity and currency: We reserve the right to update this privacy policy at any time to adapt it to changed legal conditions, new technical circumstances or extensions of our offering. The version published at the time of your website visit always applies. We recommend that you review this privacy policy regularly.
Responsibility of the website operator: This privacy policy was generated automatically based on the information provided by the website operator. The website operator is responsible for the accuracy, completeness and currency of the information contained in this privacy policy. This applies in particular to the correct specification of the services, cookies and data processing activities used, as well as the consistency of this information with the actual practice on the website. The use of automatically generated legal texts does not replace individual legal advice. The website operator is recommended to have the privacy policy reviewed by a qualified professional to ensure compliance with the applicable data protection regulations.
Last updated: 05.04.2026