Privacypolicy.

Preamble

Duo Guardians Sàrl is committed to protecting the privacy and personal data of its clients, prospects and visitors to duoguardians.ch. This policy describes our practices for data collection, processing and protection, in compliance with the revised Swiss Federal Data Protection Act (FADP), in force since 1 September 2023.

1. Data controller

Duo Guardians Sàrl, Rue du Bourg 40, 1816 Chailly/Montreux, Switzerland. Contact for any data-related question: info@duoguardians.ch.

2. Data collected

2.1 Data you provide

When you fill in the contact form, book a meeting via Calendly or write to us by email, we collect:

• First name, last name
• Email address
• Phone number
• Subject and content of your message
• Any element you voluntarily share in the context of a mission request

2.2 Technical data

During your visit, we automatically collect:

• IP address (anonymized for statistics)
• Browser type and operating system
• Pages visited, time on site, traffic source
• Performance data (Core Web Vitals)

3. Cookies and tracking technologies

The site uses a limited number of cookies, grouped in two categories:

• Essential cookies: required for site operation (language preferences, security). No consent required.
• Analytical cookies: Google Tag Manager (GTM) and Google Analytics 4 (GA4) with IP anonymization enabled. Used to measure audience and improve the site.

The site uses no third-party advertising cookies (no retargeting via LinkedIn, Meta, TikTok, etc.). We do not sell or share your data with marketing partners.

4. Processing purposes

Data collected is used exclusively to:

1. Respond to your requests (form, email, booking)
2. Conduct an investigation or security mission under a signed mandate
3. Measure site audience and improve user experience
4. Comply with legal obligations (accounting retention, mandate archives, judicial requisitions)

5. Legal basis for processing

• Consent (contact form, analytical cookies)
• Contract execution (signed investigation mandate)
• Legitimate interest (anonymized audience measurement, site security)
• Legal obligation (accounting retention, mandate archives, requisitions)

6. Retention period

• Form requests without follow-up: 6 months
• Client files (executed mandates): 10 years after closure (Swiss legal accounting retention period)
• GA4 analytical data: 14 months
• Essential cookies: session duration or 12 months maximum

7. Hosting and data location

• Website: hosted by Vercel Inc. (USA), servers in Frankfurt (Germany) for EU/CH data residency.
• Operational case data: Swiss servers exclusively, no non-Swiss subcontracting.
• Email: Infomaniak (Switzerland).
• Calendly: US provider, data limited to booking information (name, email, time slot).

8. Security

We implement appropriate technical and organizational measures to protect your data:

• TLS 1.3 encryption on all site/server communications
• Access to client files limited to the two founders and mandated investigators
• Encrypted storage of operational data, two-factor authentication
• Secure destruction of files at the end of the retention period

9. Your rights

Under the revised FADP, you have the following rights:

1. Right of access: obtain a copy of the data we hold about you
2. Right of rectification: correct inaccurate data
3. Right to erasure: request deletion (except where legal retention applies)
4. Right to object to processing based on legitimate interest
5. Right to portability in a structured, readable format
6. Right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC): www.edoeb.admin.ch

To exercise your rights, contact us: info@duoguardians.ch or +41 79 552 08 36. We will respond within 30 days.

10. Changes to this policy

This policy may be modified at any time to reflect changes in our practices or legislation. Any modification will be published on this page with a new update date. We invite you to consult this page regularly.

Last updated · 29 avril 2026