Privacy Policy

The data controller responsible for your personal data is:

CryBloc AG
Bahnhofstrasse 42
6300 Zug, Switzerland
Email: privacy@crybloc.io

We are registered with the Swiss commercial register under CHE-XXX.XXX.XXX. If you have questions or concerns about how we handle your data, you can reach our data protection contact at privacy@crybloc.io.

We collect the following categories of personal data:

• → Contact data: name, email address, phone number, company name – provided when you fill in our contact form, request a quote, or enter into a project agreement.
• → Technical data: IP address, browser type and version, operating system, pages visited, time and duration of your visit – collected automatically via server logs and analytics tools.
• → Communication data: the content of emails, messages, and other communications you send us.
• → Project data: technical information shared by clients during project engagements, which may incidentally include personal data.
• → Cookie data: preferences, session identifiers, and anonymised usage statistics as described in our Cookie Policy.

We do not intentionally collect sensitive personal data (health, biometric, or financial account data) unless specifically required for a contracted service and with your explicit consent.

We process your personal data for the following purposes:

• → Responding to enquiries and providing requested information about our Services.
• → Entering into and performing contracts for the delivery of our Services.
• → Sending transactional communications related to your project (invoices, updates, requests for information).
• → Analysing website usage to improve performance and user experience.
• → Complying with legal obligations under Swiss law and applicable regulations (e.g. anti-money laundering, KYC requirements for certain engagements).
• → Protecting our legitimate business interests, including fraud prevention and security.

We do not use your personal data for automated decision-making or profiling.

We rely on the following legal bases to process your personal data:

• → Contract performance: processing necessary to perform a contract with you or to take steps at your request before entering into a contract (Art. 6(1)(b) GDPR).
• → Legitimate interests: processing necessary for our legitimate business interests, such as improving our website and preventing fraud, where these interests are not overridden by your rights (Art. 6(1)(f) GDPR).
• → Legal obligation: processing necessary to comply with a legal obligation (Art. 6(1)(c) GDPR).
• → Consent: where we rely on your consent, you have the right to withdraw it at any time without affecting the lawfulness of prior processing.

We do not sell your personal data. We may share your data with:

• → Service providers: third-party processors who help us operate our website and deliver services (e.g. hosting providers, email services, analytics tools). All processors are contractually obligated to handle your data securely and only as instructed.
• → Professional advisors: lawyers, accountants, or auditors bound by professional confidentiality obligations.
• → Regulatory authorities: where required by applicable law, a court order, or regulatory obligation.

Where we transfer your data outside of Switzerland or the European Economic Area, we ensure appropriate safeguards are in place (e.g. EU Standard Contractual Clauses or adequacy decisions).

We retain your personal data only for as long as necessary for the purposes for which it was collected:

• → Contact form submissions: up to 2 years after your last interaction with us.
• → Project data: 10 years after project completion to comply with Swiss commercial law record-keeping requirements.
• → Technical/log data: 90 days.
• → Cookie data: as described in our Cookie Policy.

When data is no longer needed, it is securely deleted or anonymised.

Under applicable data protection law, you have the following rights:

• → Right of access: obtain a copy of your personal data and information about how we use it.
• → Right to rectification: request correction of inaccurate or incomplete data.
• → Right to erasure: request deletion of your data in certain circumstances.
• → Right to restrict processing: request that we limit how we use your data.
• → Right to data portability: receive your data in a structured, machine-readable format.
• → Right to object: object to processing based on legitimate interests or for direct marketing.
• → Right to withdraw consent: where processing is based on consent, withdraw it at any time.

To exercise any of these rights, email privacy@crybloc.io with your request. We will respond within 30 days. We may ask you to verify your identity before processing your request.

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful access, loss, destruction, or alteration. These measures include:

• → Encrypted data transmission (TLS/HTTPS) across all web properties.
• → Access controls limiting data access to authorised personnel on a need-to-know basis.
• → Regular security assessments and penetration testing.
• → Secure data disposal procedures.

Despite our best efforts, no data transmission or storage system is completely secure. If you have reason to believe that your interaction with us is no longer secure, please notify us immediately.

Our website uses cookies and similar technologies. For detailed information about the cookies we use, their purpose, and how to manage your preferences, please read our Cookie Policy.

You can manage your cookie preferences at any time by adjusting your browser settings or using our cookie consent tool.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will post the updated version on this page with a revised "Last updated" date.

For significant changes, we will notify you by email (if we hold your email address) or by a prominent notice on our website prior to the change becoming effective.

For any privacy-related queries, requests, or complaints, please contact:

CryBloc AG — Data Protection
Bahnhofstrasse 42, 6300 Zug, Switzerland
Email: privacy@crybloc.io

If you are not satisfied with our response, you have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC): www.edoeb.admin.ch

EU/EEA residents may also lodge a complaint with the data protection authority of their EU member state.