Last updated: March 12, 2026
The controller responsible for data processing on this website pursuant to Art. 19 of the Swiss Federal Act on Data Protection (nFADP) and Art. 13 of the EU General Data Protection Regulation (GDPR) is:
BlackIoT Sagl
Via Stefano Franscini 2A
6833 Vacallo, Switzerland
Email: info@blackiot.swiss
Phone: available upon request via email
Commercial register: CHE-192.005.916
If you have any questions about data protection, please contact us at info@blackiot.swiss.
This privacy policy is governed by:
Switzerland benefits from an EU adequacy decision (Decision 2000/518/EC, reconfirmed), meaning the European Commission recognizes Swiss data protection as providing an adequate level of protection.
As a Swiss company that may offer services to individuals in the EU/EEA, we are in the process of designating an EU representative pursuant to Art. 27 GDPR. Until such designation is completed, you may direct any GDPR-related inquiries to our controller address above. We will respond within the timeframes required by the GDPR (typically within one month).
When you access our website, our web server automatically records the following information:
Purpose: Ensuring the security, stability, and proper operation of our website; detecting and preventing abuse.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in IT security) / Art. 31(1) nFADP (overriding interest).
Retention: 30 days, then automatically deleted.
Provision requirement: This data is collected automatically and is technically necessary. Without it, we cannot serve the website to you.
When you use our contact form, we collect:
Purpose: Responding to your inquiry and, where applicable, initiating pre-contractual measures at your request.
Legal basis: Art. 6(1)(a) GDPR (your explicit consent via checkbox) and Art. 6(1)(b) GDPR (pre-contractual measures) / Art. 31(1) nFADP (consent and overriding interest).
Retention: Until your inquiry is fully resolved, then deleted — unless statutory retention obligations (e.g., Swiss Code of Obligations Art. 958f, 10-year commercial retention) require longer storage.
Provision requirement: Name and email are required to respond to your inquiry. If you do not provide them, we cannot process your request. Subject is optional.
Withdrawal of consent: You may withdraw your consent at any time by emailing info@blackiot.swiss. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal (Art. 7(3) GDPR / Art. 31(1) nFADP).
Our website uses the following cookies:
| Cookie Name | Category | Purpose | Duration | Provider |
|---|---|---|---|---|
blackiot_consent |
Strictly Necessary | Stores your cookie notice acknowledgement to avoid showing the banner repeatedly | 365 days | BlackIoT (first-party) |
Strictly necessary cookies are exempt from the consent requirement under Art. 5(3) of the ePrivacy Directive (2002/58/EC) and Swiss telecommunications law (FMG Art. 45c), as they are essential for providing the service explicitly requested by the user.
We do not use:
This website uses the typefaces Inter and JetBrains Mono. All font files are self-hosted on our own server. No connections to external font services (such as Google Fonts or Adobe Fonts) are established. No personal data is transmitted to third parties for font delivery.
The following table summarizes the legal bases for our data processing activities:
| Processing Activity | GDPR Basis | nFADP Basis |
|---|---|---|
| Server log files | Art. 6(1)(f) — legitimate interest | Art. 31(1) — overriding interest |
| Contact form | Art. 6(1)(a) — consent; Art. 6(1)(b) — pre-contractual measures | Art. 31(1) — consent |
| Cookie (consent storage) | Art. 6(1)(f) — legitimate interest (ePrivacy Art. 5(3) exemption) | Art. 31(1) — overriding interest |
| Legal retention obligations | Art. 6(1)(c) — legal obligation | Art. 31(2)(b) — statutory duty |
We do not sell, rent, or trade your personal data.
Your data may be disclosed to the following categories of recipients, solely for the purposes described above:
Cross-border transfers: We do not currently transfer personal data outside Switzerland or the EU/EEA. Should this change, we will ensure appropriate safeguards are in place:
Switzerland is recognized by the European Commission as providing an adequate level of data protection (adequacy decision). Data transfers between the EU/EEA and Switzerland are therefore permitted without additional safeguards.
We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law:
After the applicable retention period expires, data is securely deleted or anonymized.
We do not use automated decision-making (Art. 22 GDPR) or profiling (Art. 4(4) GDPR / Art. 5(f) and Art. 21 nFADP) that produces legal effects or similarly significantly affects you. No decisions about you are made solely by automated means.
Under the nFADP and the GDPR, you have the following rights regarding your personal data:
| Right | Description | Legal Reference |
|---|---|---|
| Access | Request information about what personal data we hold about you, the purposes, recipients, and retention periods | Art. 15 GDPR / Art. 25 nFADP |
| Rectification | Request correction of inaccurate or incomplete data | Art. 16 GDPR / Art. 32(1) nFADP |
| Erasure | Request deletion of your data ("right to be forgotten"), subject to legal retention obligations | Art. 17 GDPR / Art. 32(2)(c) nFADP |
| Restriction | Request limitation of processing in certain circumstances | Art. 18 GDPR |
| Data portability | Receive your data in a structured, commonly used, machine-readable format | Art. 20 GDPR / Art. 28 nFADP |
| Object | Object to processing based on legitimate interests, including profiling | Art. 21 GDPR / Art. 32(2)(b) nFADP |
| Withdraw consent | Withdraw consent at any time, without affecting the lawfulness of prior processing | Art. 7(3) GDPR / Art. 31(1) nFADP |
| Lodge a complaint | File a complaint with a supervisory authority (see Section 10) | Art. 77 GDPR / Art. 49 nFADP |
To exercise any of these rights, contact us at info@blackiot.swiss. We will respond within 30 days (nFADP) or one month (GDPR), with possible extension in complex cases. We may ask you to verify your identity before processing your request.
Exercising your rights is free of charge. However, we may charge a reasonable fee for manifestly unfounded or excessive requests (Art. 12(5) GDPR / Art. 25(6) nFADP).
If you believe that our processing of your personal data violates data protection law, you have the right to lodge a complaint with a supervisory authority:
Federal Data Protection and Information Commissioner (FDPIC / EDOEB)
Feldeggweg 1
3003 Bern, Switzerland
Phone: +41 58 462 43 95
www.edoeb.admin.ch
If you are located in the EU/EEA, you may also contact the data protection supervisory authority in your country of residence. A list of EU supervisory authorities is available at: edpb.europa.eu/about-edpb/about-edpb/members.
We implement appropriate technical and organizational measures (TOMs) to protect your personal data in accordance with Art. 8 nFADP and Art. 32 GDPR. These include:
Despite these measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.
Our website and services are not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at info@blackiot.swiss and we will promptly delete such data.
We reserve the right to update this privacy policy at any time. The most current version will always be available on this page with the "Last updated" date shown above. For significant changes, we will provide notice via our website. We encourage you to review this policy periodically.
This policy does not form part of any contract for the provision of services or products.