Privacy Policy (Datenschutzerklärung)

1. Overview

The protection of your personal data is important to us. This privacy policy explains what data we collect when you visit www.beyond-family-travel.com, how we use it, and what rights you have. This policy complies with the Swiss Federal Act on Data Protection (DSG/nDSG), the EU General Data Protection Regulation (GDPR), and the ePrivacy Directive.

2. Controller

Roger J. Tedoldi
Beyond Family Travel
Switzerland
Email: info@beyond-family-travel.com

3. Data We Collect

3.1 Server Log Files

When you visit this website, your browser automatically transmits certain data to our web server. This includes your IP address, date and time of access, pages visited, browser type and version, operating system, and the referring URL. This data is stored in server log files and is necessary for the technical operation of the website. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in stable website operation) and Art. 31 DSG.

3.2 Contact by Email

If you contact us by email, your message, email address, and any personal data you provide will be stored for the purpose of processing your inquiry. This data will not be shared with third parties without your consent. The legal basis is Art. 6(1)(b) GDPR (contract performance or pre-contractual measures) and Art. 31 DSG.

3.3 Shop & Digital Product Purchases (Lemon Squeezy)

When you purchase digital products (e-books, presets) through our shop, the checkout and payment processing is handled by Lemon Squeezy (Lemon Squeezy LLC, USA). Lemon Squeezy collects the data necessary to process your order: name, email address, billing address, and payment information.

Important: We exclusively sell digital downloadable products. No physical goods are shipped, and no shipping address is required. Your download link is provided immediately after successful payment via Lemon Squeezy.

We do not store your credit card details or payment information on our server. All payment data is processed and stored by Lemon Squeezy. The legal basis is Art. 6(1)(b) GDPR (contract performance) and Art. 31 DSG. For more information, see Lemon Squeezy's Privacy Policy.

Order data is retained for the duration required by Swiss and EU tax and commercial law (typically 10 years).

4. Cookies

This website uses cookies — small text files stored on your device by your browser.

Essential cookies: Required for the website and shop to function (e.g., shopping cart, session management). These are set without consent as they are strictly necessary.

Analytics: We use Umami Analytics, a privacy-focused analytics tool that does not use cookies and does not collect any personal data. Umami is GDPR compliant by design — no consent banner is required. All data is aggregated and anonymous. No individual visitor can be identified.

You can configure your browser to block or delete cookies. However, some website features may not work properly without essential cookies.

5. Third-Party Services

5.1 Hosting

This website is hosted on a web server. The hosting provider processes server log data on our behalf. A data processing agreement is in place.

5.2 Lemon Squeezy

Our shop checkout is powered by Lemon Squeezy (Lemon Squeezy LLC, USA). Lemon Squeezy acts as the Merchant of Record and handles all payment processing, tax collection, and order fulfillment for digital products. Data transfer to the USA is covered by the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework, or Standard Contractual Clauses (SCCs).

5.3 Payment Providers

Payments are processed through Lemon Squeezy, which supports various payment methods including credit cards and PayPal. Lemon Squeezy uses Stripe (Stripe Inc., USA) as its underlying payment processor. These providers have their own privacy policies and are independent data controllers for payment processing.

5.4 Umami Analytics

We use Umami (cloud.umami.is) for website analytics. Umami is a privacy-focused, cookie-free analytics tool that collects only anonymous, aggregated data such as page views, referrers, and device types. No personal data or IP addresses are stored. Umami is fully GDPR and DSG compliant. For more information, see Umami's Privacy Policy.

5.5 Google Fonts

If this website uses Google Fonts, they may be loaded from Google servers, causing your browser to transmit data (including your IP address) to Google LLC, USA. Where possible, fonts are hosted locally to avoid this data transfer.

6. Your Rights

Under the GDPR and the Swiss DSG, you have the following rights regarding your personal data:

  • Right of access — You can request information about what personal data we hold about you.
  • Right to rectification — You can request correction of inaccurate data.
  • Right to erasure — You can request deletion of your data, unless legal retention obligations apply.
  • Right to restriction of processing — You can request that processing be limited under certain conditions.
  • Right to data portability — You can request your data in a structured, machine-readable format.
  • Right to object — You can object to processing based on legitimate interest at any time.
  • Right to withdraw consent — Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at info@beyond-family-travel.com.

7. Supervisory Authority

Switzerland: Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern, www.edoeb.admin.ch

EU: You also have the right to lodge a complaint with the supervisory authority of your country of residence.

8. Data Transfer to Third Countries

Some of our service providers are based in the USA. Data transfers to the USA are safeguarded by the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework, or EU Standard Contractual Clauses (SCCs) in accordance with Art. 46 GDPR and Art. 16 DSG.

9. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy or as required by law. Specifically:

  • Server log files: 30 days
  • Email correspondence: Duration of the business relationship + 1 year
  • Order/purchase data: 10 years (tax and commercial law obligations)
  • Consent records: 3 years after withdrawal

10. Security

We use SSL/TLS encryption for all data transmission. We take appropriate technical and organizational measures to protect your data against unauthorized access, loss, or alteration.

11. Changes to This Policy

We may update this privacy policy from time to time. The current version is always available on this page.

Last updated: April 2026