Privacy policy

Last updated: 13. April 2026

1. Controller

The controller responsible for processing personal data in connection with this website is:

Huzur GmbH
Feldstrasse 12
8853 Lachen SZ
Switzerland

Privacy contact: leyla.bayraktar@psychologie.ch

2. Legal framework (Switzerland)

We process personal data in accordance with the Swiss Federal Act on Data Protection (FADP; revised FADP) and, where applicable, the accompanying ordinance and other relevant laws.

This notice covers the website and its features (in particular the contact form). It does not replace professional confidentiality rules applicable in a therapeutic relationship.

3. Purposes and legal bases

We process personal data to operate this website, respond to enquiries, prevent abuse (e.g. spam), and maintain IT security. Depending on the situation, legal bases may include contract or pre-contractual measures, legitimate interests (e.g. secure operation, communication), or — where required — consent.

4. Categories of data

  • Technical metadata: e.g. IP address, date and time of access, requested resource, user agent, referrer — where generated by hosting or server logs.
  • Content and contact details: information you submit via the contact form (e.g. name, email address, selected service, free text).

5. Hosting and server logs

The site runs on infrastructure provided by a hosting provider. Server and access logs may be created automatically. Processing supports secure, stable operation and troubleshooting and is based on our legitimate interests.

6. Contact form and email delivery (SMTP)

When you use the form, we process your details to receive your message and forward it by email to the configured practice inbox. Delivery uses SMTP; the email provider may process technical metadata.

Messages are not stored long-term in a separate on-site database; retention of emails follows our internal policies and legal obligations.

7. Google reCAPTCHA v3 ("necessary" category)

If a reCAPTCHA key is configured, we use Google reCAPTCHA v3 from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to detect automated abuse of the contact form. In our consent model, this service belongs to necessary and only loads after you explicitly accept necessary cookies.

Further information: Google Privacy Policy, Terms of Service, reCAPTCHA v3.

For transfers to the US, see Google's documentation on international transfers and safeguards (including standard contractual clauses and, where applicable, participation in the EU-US Data Privacy Framework). Processing starts only after your explicit consent to the necessary category; without that consent, reCAPTCHA-protected submission remains disabled.

8. Google Fonts and Material Symbols ("functional" category)

We load fonts via Google Fonts (domains such as fonts.googleapis.com and fonts.gstatic.com). Your browser may transmit technical data (notably your IP address) to Google.

Some text fonts are loaded through Next.js next/font, which typically fetches fonts at build time and serves them from this site, so those fonts do not require a runtime request to Google. The Material Symbols icon font is loaded only when you allow the functional category.

Google's note: Privacy & Google Fonts.

9. Images and third-party resources

We prefer first-party hosted media served from our own domain. If future runtime resources from third parties are introduced, they are loaded only through consent components and only after you approve the matching category (typically functional).

10. Google Maps links

We link to Google Mapsto open the practice address. Data is shared with Google only after you activate the link; Google's policies then apply.

11. Cookies and similar technologies

Our consent management uses the categories necessary, functional, analytics, and marketing. Your preference is stored locally so it can be respected on future visits.

reCAPTCHA is assigned to necessary, but it still loads only after your explicit first acceptance. Google Analytics loads only when you consent to analytics; marketing is not enabled by default.

12. Recipients and processors

We disclose personal data only where necessary for the purposes described, where legally required, or where you have consented. Recipients may include hosting providers, SMTP/email providers, and — when the relevant features are used — Google (reCAPTCHA in necessary; Google Analytics in analytics; optional Google runtime resources in functional).

13. International transfers

Google may process data in the United States and other countries. Where required, we rely on appropriate safeguards and refer to each provider's documentation (including standard contractual clauses and certifications).

14. Retention

We keep personal data only as long as needed for the respective purposes or as required by law. Server logs are usually deleted or anonymised after a limited period according to the hosting configuration.

15. Your rights

Under the FADP, you may have the right to information, rectification, erasure, restriction of processing, objection to processing based on legitimate interests, and — where applicable — data portability. You may withdraw consent with effect for the future.

16. Supervisory authority

You may lodge a complaint with the competent supervisory authority. In Switzerland this is the Federal Data Protection and Information Commissioner (FDPIC): www.edoeb.admin.ch.

17. Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse (e.g. TLS in transit, restricted server access).

18. Changes

We may update this privacy policy when our processing activities or the law change. The version published on this page with the date above applies.

Back to home

Cookie preferences

We use cookies to keep the website secure and reliable. Necessary cookies are only set after you make a choice.