Your Privacy Matters
Privacy Policy
In compliance with the Swiss FADP (revDSG) and EU GDPR
1. Who is responsible?
The data controller for this website is:
Sareefy · [FIRMENNAME]
[ADRESSE]
Switzerland
Email: support.sareefy@gmail.com
2. What data do we collect?
We collect and process the following personal data when you use Sareefy:
Account & Profile Data
- Email address (required for login)
- Full name
- Account password (encrypted, never stored in plain text)
- User role (buyer or seller)
Order & Transaction Data
- Shipping address (name, street, city, ZIP, country)
- Order history and order details
- Communication related to your orders
Seller-specific Data (if applicable)
- Shop name, description, and country
- Shop logo and product images you upload
- Subscription plan information
Technical Data
- IP address
- Browser type and device information
- Authentication tokens (managed by Supabase)
- Session cookies (essential for login functionality)
3. Why do we collect this data?
We process your data for the following purposes:
- Account management — to create and maintain your buyer or seller account
- Order processing — to facilitate transactions between buyers and sellers
- Communication — to send order confirmations, updates, and respond to inquiries
- Platform operation — to display products, run shopping cart, manage wishlist
- Legal compliance — to comply with Swiss tax, accounting, and consumer protection laws
- Security — to detect fraud, abuse, and protect our platform
4. Legal basis (GDPR / revDSG)
Under EU GDPR Art. 6 and Swiss revDSG, we process your data based on:
- Contract performance — to provide our marketplace services
- Legitimate interest — to operate, improve, and secure the platform
- Legal obligations — for tax records and consumer protection
- Your consent — for any optional features (you can withdraw anytime)
5. Who do we share your data with?
Sareefy does not sell your personal data. We share it only with:
- Sellers — your shipping address and order details are shared with the seller of your purchased product so they can fulfill the order
- Buyers — sellers see buyer contact info for orders received
- Supabase (database & authentication) — hosted in the EU
- Vercel (web hosting) — global CDN with EU data centers
- Resend (transactional emails) — for order confirmations and account emails
- Stripe (when payments launch) — for secure payment processing (PCI-DSS compliant)
All third-party providers are vetted for data protection compliance.
6. International data transfers
Since Sareefy operates worldwide, your data may be transferred to countries outside Switzerland and the EU. We ensure adequate protection through:
- EU Standard Contractual Clauses (SCCs) with our providers
- Adequacy decisions where available
- Encryption in transit (TLS) and at rest
7. How long do we keep your data?
- Active accounts — as long as your account exists
- Order records — 10 years (Swiss tax law requirement)
- Deleted accounts — most data deleted within 30 days, except where retention is legally required
- Marketing data — only with your consent, until you withdraw
8. Your rights
Under revDSG and GDPR, you have the right to:
- Access — request a copy of all data we hold about you
- Rectification — correct inaccurate or incomplete data
- Erasure — request deletion of your account and data ("right to be forgotten")
- Restriction — limit how we process your data
- Data portability — export your data in a machine-readable format
- Objection — object to certain types of processing
- Withdraw consent — at any time, for any consent-based processing
To exercise these rights, contact us at support.sareefy@gmail.com. We respond within 30 days.
You also have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC / EDÖB) at www.edoeb.admin.ch.
9. Cookies
Sareefy uses only essential cookies required for the platform to function:
- Authentication session (keeps you logged in)
- Shopping cart state
- Language and preference settings
We do not use third-party tracking, analytics, or advertising cookies at this time. If we add such services in the future, we will request your explicit consent.
10. Data security
We implement appropriate technical and organizational measures to protect your data, including:
- End-to-end TLS/HTTPS encryption
- Encrypted password storage (bcrypt)
- Row-level security in our database
- Regular security audits and updates
- Access controls and authentication
11. Changes to this policy
We may update this Privacy Policy from time to time. Significant changes will be announced via email or a notice on the platform. The latest version is always available on this page.
12. Contact
For any questions or requests regarding data protection, please contact:
Sareefy Data Protection
Email: support.sareefy@gmail.com
[FIRMENADRESSE]
Last updated: [DATUM]
← Back to Home