Privacy policy
How MCDev Sàrl collects, uses and protects your personal data, in accordance with the Swiss Federal Act on Data Protection (FADP) and the GDPR.
Introduction
MCDev Sàrl is committed to protecting the confidentiality and security of your personal data. This privacy policy explains how we collect, use, store and protect your personal information in accordance with the Swiss Federal Act on Data Protection (FADP) and, for individuals established in the European Union, the General Data Protection Regulation (GDPR).
Our commitment: We never sell your personal data to third parties, and we limit its collection to what is strictly necessary to provide our services.
Data controller
MCDev Sàrl
Registered office: Canton of Valais, Switzerland
Email: contact@mc-dev.ch
Phone: +41 77 285 36 20
As data controller, MCDev Sàrl determines the purposes and means of processing your personal data and ensures compliance with the applicable regulations.
Personal data collected
Contact data
- First and last name
- Email address
- Phone number
- Company name
- Role/position
Technical connection data
- IP address (host's server logs, for security purposes)
- Browser type and version
- Operating system
Project data
- Information about your project
- Technical requirements expressed
- Approximate budget
- Desired timeline
Purposes of processing
| Purpose | Legal basis | Retention period |
|---|---|---|
| Responding to contact requests | Consent / legitimate interest | 3 years after last contact |
| Provision of services | Performance of a contract | 10 years (accounting obligations) |
| Business development | Legitimate interest | 3 years after last contact |
| Compliance with legal obligations | Legal obligation | As required by law |
Cookies
Our website does not set any tracking, analytics or marketing cookies. No audience-measurement tools (such as Google Analytics) or advertising trackers are used.
No consent banner is therefore required: your browsing on our website is not profiled, nor is any data collected for statistical or commercial purposes.
Should we integrate such tools in the future, this policy will be updated and your consent will be obtained beforehand, in accordance with the FADP and the GDPR.
Data sharing and transfers
Sharing with third parties
We do not sell, rent or share your personal data with third parties for commercial purposes. However, we may share certain data in the following cases:
- Technical providers: Web hosting, email services (under confidentiality agreements)
- Legal obligations: Responding to requests from judicial or administrative authorities
- Subcontractors: Partners involved in delivering your project (confidentiality agreements)
International transfers
Some of our providers may be located outside Switzerland and the European Union. In such cases, we ensure that transfers comply with the FADP and the GDPR, in particular through:
- Standard contractual clauses recognised by the FDPIC and the European Commission
- Certification under the Data Privacy Framework (formerly Privacy Shield)
- Adequacy decisions of the Swiss Federal Council or the European Commission
Your rights
Under the FADP and the GDPR, you have the following rights regarding your personal data:
Right of access
You may ask what data we hold about you and how it is used.
Right to rectification
You may request the correction of inaccurate or incomplete data.
Right to erasure
You may request the deletion of your data under certain conditions ("right to be forgotten").
Right to restriction
You may request that the processing of your data be restricted in certain cases.
Right to data portability
You may retrieve your data in a structured format and transfer it to another controller.
Right to object
You may object to the processing of your data on legitimate grounds.
Automated decision-making
You have the right not to be subject to a decision based solely on automated processing.
Exercising your rights:
Contact us at contact@mc-dev.ch, stating your request and enclosing a copy of an identity document.
Response time: 1 month maximum (extendable by 2 months if necessary).
Data security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction:
Technical measures
- Encryption: Sensitive data encrypted in transit and at rest (SSL/TLS)
- Authentication: Secure access with strong passwords and multi-factor authentication
- Backups: Regular, secure backups
- Updates: Systems and software kept up to date
Organisational measures
- Training: Data-protection awareness across our teams
- Restricted access: Least-privilege principle (access limited to what is strictly necessary)
- Contracts: Confidentiality clauses with all our providers
- Audits: Regular reviews of our security measures
Data breach: In the event of a data breach likely to result in a high risk to your rights and freedoms, we will inform you as soon as possible (within 72 hours of discovery).
Changes to this policy
This privacy policy may be amended from time to time to reflect changes in our practices or for legal, regulatory or operational reasons.
Notification of changes: We will inform you of any significant change by email or via a notice on our website. The date of the last update is shown at the top of this page.
Acceptance: By continuing to use our website after changes are published, you accept the revised privacy policy.
Contact and complaints
Questions and complaints
For any question regarding this privacy policy or the processing of your personal data, you can contact us using the details above.
Supervisory authority: If you are not satisfied with our response, you have the right to lodge a complaint with the FDPIC (Federal Data Protection and Information Commissioner):