Privacy and data

Privacy Policy

This page explains what personal data is processed, for which purposes, under which legal bases, and how to exercise your rights under GDPR (EU) and the Swiss nLPD.

Last updated: 2026-02-25

Overview

Non-essential analytics are enabled only after consent.
Data is minimized and processed for clear purposes: contact handling, security, and site improvement.
You can withdraw consent at any time via Cookie settings.
You have data protection rights, including access, correction, deletion, and objection, depending on applicable law.

Controller / responsible party

Controller: Saber Dhib (independent consultant)
Address: (add business address)
Email: contact@saberdhib.com

The controller determines the purposes and means of personal data processing on this website.

Data we process

Technical data: truncated or partially masked IP address, device type, browser, operating system.
Usage data: page views, navigation paths, timestamps, and referrer.
Interaction data: functional events (for example CTA clicks), pseudonymized event identifiers.
Contact data: information voluntarily provided through forms or email.

We follow a minimization approach and process only data that is relevant for the stated purpose.

Purposes and legal bases

Audience measurement and analytics: Consent for non-essential cookies and trackers.
Contact request handling: Pre-contractual steps and/or legitimate interest in responding to incoming requests.
Security, reliability, abuse prevention: Legitimate interest in securing the website, detecting incidents, and preventing misuse.

Cookies and analytics

Strictly necessary cookies may be used for core website functionality. Non-essential analytics cookies are off by default and activated only after explicit consent.

You can update your choice at any time via "Cookie settings" or review the dedicated page: /cookie-policy.

If consent is rejected, non-essential third-party analytics scripts are not loaded.

Recipients and processors

Hosting: Vercel (infrastructure and application delivery).
Technical service providers needed for operations, maintenance, and analytics (only after consent where required).
No unauthorized commercial sale of personal data.

International transfers

Some providers may process data outside the EU/EEA or Switzerland.

When this happens, appropriate safeguards are applied under applicable law, such as Standard Contractual Clauses (SCC) or equivalent mechanisms.

Retention periods

Technical and security logs: typically 30 to 180 days.
Aggregated or pseudonymized analytics data: typically 13 to 25 months depending on tool configuration.
Contact requests: up to 24 months after the last exchange, unless legal obligations require longer retention.

Exact retention periods can vary based on technical configuration and legal requirements.

Your rights (EU and Switzerland)

Access, rectification, and deletion.
Restriction and objection where applicable.
Data portability where applicable.
Withdrawal of consent at any time for consent-based processing.

To exercise your rights, contact: contact@saberdhib.com. Reasonable identity verification may be requested before processing your request.

Security measures

Encryption in transit (HTTPS).
Restricted access to systems and data on a need-to-know basis.
Data minimization and periodic access reviews.
Technical and organizational measures proportionate to risk.

No system can guarantee zero risk, but reasonable safeguards are maintained to reduce unauthorized access, loss, and alteration risks.

Changes to this policy

This policy may be updated to reflect legal, technical, or organizational changes.

The latest revision date is displayed at the top of this page: 2026-02-25.

Contact and complaints

For privacy-related requests: contact@saberdhib.com.

You may lodge a complaint with your local supervisory authority if you believe your rights were not respected (for example CNIL in France or FDPIC in Switzerland).