Data protection declaration

Data protection declaration for the internet presence of Bold Brains

The protection of your personal data (data) and the protection of your privacy is important to us. We are committed to handling your data responsibly. Consequently, we consider it a matter of course to comply with the Swiss Federal Data Protection Act (FADP), the Ordinance to the Federal Data Protection Act (DPO) and other data protection regulations that may be applicable, such as the EU General Data Protection Regulation (GDPR).

In this Data protection declaration, we inform you about the collection of personal data on our website as well as its processing offline.

We reserve the right to revise the Data protection declaration at any time. The most current version at the time of use shall always apply.

1. Contact

1.1 1.1 Name and address of the data controller

The person responsible within the meaning of data protection laws is:

Bold Brains AG
Sihleggstrasse 9
CH-8832 Wollerau


1.2 Name and address of the EU representative

We have the following data protection representatives in the European Economic Area (EEA), including the European Union (EU) and the Principality of Liechtenstein, as an additional point of contact for supervisory authorities and data subjects regarding the processing of personal data falling within the scope of the GDPR:

Digiscovery GmbH
Gutenbergring 2
69168 Wiesloch


2. Scope and purpose of processing of personal data

2.1 Visit of our website

When you visit our website, our servers temporarily store the following data automatically in a log file, the so-called server log files:

  • IP address of the requesting computer
  • Entry page (website from which you arrived at our website)
  • Browser settings
  • Language and version of the browser software
  • Date and time of access/retrieval
  • Name and URL of the retrieved data
  • Your computer’s operating system and the browser you are using
  • Country from which our website is accessed
  • Name of your internet access provider
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access Status/HTTP Status Code
  • Data volume transferred in each case
  • Last visited website
  • Last visited website

This data is processed for the purpose of enabling the use of our website (to establish a connection), to ensure system security and stability on a permanent basis, to optimise our offer and for internal statistical purposes. A personal user profile is not created.

The legal basis for processing your personal data is our legitimate interest in processing this data.

2.2 Contacting us

On our website, you have the option of contacting us by e-mail or via the product application form.

We process the information given by you on the legal basis of our legitimate interest in corresponding with you or for the purpose of processing your enquiry/application and handling it.

You can object to this data processing at any time. If you object, we will no longer process your personal data for this purpose. Send your objection to the following e-mail address:

2.3 Processing customer data for marketing measures

We also process your personal data for the following purposes:

  • to maintain a relationship with you;
  • to occasionally inform you about certain projects or services; and
  • to recommend projects or services that might interest you.

You can object to this data processing at any time. If you object, we will no longer process your personal data for this purpose. Send your objection to the following e-mail address:


You may have the possibility to download documents from the website. We may require your email address for this purpose. We use your e-mail address solely for the purpose of providing you with the download. We do not pass it on to third parties.

We process your e-mail address for the purpose of processing your download and handling it.

You can object to this data processing at any time. If you object, we will no longer process your personal data for this purpose. Send your objection to the following e-mail address:

2.5 Provision of contractual services

We process your personal data to the extent necessary in each case to provide you with our contractual or pre-contractual services and to carry out other services requested by you. The services are always provided on your direct behalf. The data collected is collected from you or in consultation with you.

The personal data processed, the type, scope, purpose and necessity of processing your data are determined by the underlying contractual relationship. The processed data includes in general name and address, the contact data (e.g. e-mail address and telephone number) as well as the contractual data (e.g. services used, content of the contract, contractual communication, names of contact persons).

The deletion of the data takes place when it is no longer necessary for the fulfilment of contractual or legal obligations, whereby the necessity of keeping the data is reviewed at irregular intervals.

3. Cookies

On our website, we use cookies and similar technologies (for simplicity, all of these are grouped together under the term “cookies”). These are small files that a web portal leaves on your computer, tablet computer or smartphone when you visit it. They allow the portal to “remember” certain entries and settings (e.g. login, language, font size and other display preferences) over a certain period of time so you do not need to reapply them each time you visit and navigate the portal.

Most of the cookies we use are so-called session cookies. These are automatically deleted when you log out or close the browser. Other cookies remain stored on your computer beyond the respective usage process and enable us or our partner companies (third-party cookies) to recognise your browser on your next visit. Insofar as other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are treated separately in this data protection declaration.

Most internet browsers are regularly set to accept cookies. If you do not wish this to be the case, you can set your browser so that it informs you about the setting of cookies, and you only allow the acceptance of cookies in individual cases or generally exclude them. You can also activate the automatic deletion of cookies when closing the browser. In addition, you can delete cookies that have already been set at any time via an Internet browser or other software programs. The procedure for checking and deleting cookies depends on the browser you are using. Information can be found in the help menu of your browser.

You can find out about this option for the most commonly used browsers via the following links:

Explorer | Firefox | Google Chrome | Safari | Opera

3.1 Google Services

We use the following services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or if you have your habitual residence in the European Economic Area (EEA) or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”):

  • Google WebFonts

Google uses cookies. The cookies used by Google enable us to analyse the use of our website. The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in Ireland, Switzerland or the United States.

Learn more about Google services here: Privacy Policy – Privacy Policy & Terms of Use – Google

Google Web Fonts

In order to display our content correctly and in a graphically appealing way across browsers, our website uses script libraries and font libraries from Google Web Fonts to display fonts. Google Web Fonts are transferred to your browser’s cache to avoid multiple loading. If your browser does not support Google Web Fonts or prevents access, content is displayed in a standard font.

Calling up script libraries or font libraries automatically triggers a connection to the operator of the library. It is theoretically possible – although it is currently unclear whether and for what purposes – that the operator collects Google data in this case. We do not collect any personal data through the integration of Google Web Fonts.

Further information on Google Web Fonts can be found at Frequently Asked Questions | Google Fonts | Google Developers and ingoogle’s privacy policy.

You can object to data processing by Google Web Fonts by deactivating JavaScript in your browser or installing a JavaScript blocker. Please note that this may result in functional restrictions on the website.


Captcha is an abbreviation for “completely automated public Turing test to tell computers and humans apart”. It is a test that is supposed to distinguish humans from machines/robot programs, in short “bots”.

reCAPTCHA is a service that attempts to distinguish whether a certain action on the Internet is performed by a human being or by a computer program. reCAPTCHA is used as part of the double-opt-in when submitting a form on our website.

For more information on data processing and privacy notices by reCAPTCHA, please visit Google Terms of Use – Privacy Policy & Terms of Use – Google.

3.2 Matomo

It is important to us to design our website as optimally as possible and thus make it attractive for our visitors. To do this, it is necessary for us to know how our visitors react to individual parts of the design.

On the basis of legitimate interest, on our website we use the open-source software tool Matomo (formerly PIWIK; (, a service of the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, to analyse and statistically evaluate its use. Cookies are used for this purpose. The information generated by the cookie

about website usage is transmitted to our servers and compiled into pseudonymous usage profiles. The data is used to evaluate the use of the website and to enable us to design our website to meet the needs of our users.

If individual pages of our website are visited, the following data is stored:

  • Two bytes of the IP address of the user’s calling system
  • The web page visited
  • The web page from which the user accessed the web page visited (referrer)
  • The sub-pages visited from the web page visited
  • The time spent on the web page
  • The frequency with which the web page is accessed

The software runs exclusively on the servers of our website. Personal data of the users is only stored there. The data is not passed on to third parties.

The software is set in such a way that the IP addresses are not stored completely, but 2 bytes of the IP address are masked (e.g.: In this way, it is no longer possible to associate the shortened IP address with the calling computer.

The information is not passed on to third parties. Under no circumstances will the IP address be linked to other data relating to the user. The IP addresses are anonymised, so that an attribution is not possible.

The data is deleted as soon as it is no longer required for our recording purposes.

You can object to the collection and processing of data at any time and with effect for the future by clicking on the following link Configure Privacy Settings in Matomo FAQ – Analytics Platform – Matomo. In this case, a so-called opt-out cookie will be stored in your browser, which means that Matomo will not collect any session data. Please note that if you delete your cookies completely, the opt-out cookie will also be deleted and you may have to reactivate it. Your software settings can be changed accordingly Privacy-Friendly Web Analytics User Privacy Protected | Matomo Analytics.

4. Social Plugins

We use the following social plugins (plugins) on our website based on our legitimate interest:

  • LinkedIn Inc., Irleand Unlimited Company, Dublin 2, Irland

Our website only integrates these plugins as an external link. Your personal data is therefore only processed when you click on the integrated plugins. You will then be redirected to the page of the respective provider. We have no influence on the type and scope of the data that is then collected by the social networks. If you do not want the aforementioned providers to receive your data, please do not click on the plugins.

If you select “Block third-party cookies” in your browser settings, your browser will not send any cookies to the respective server of the social network. However, in addition to the plugins, other cross-page functions of other providers may no longer work.

For further information on the purpose and scope of data collection and the further processing and use of your personal data, please refer to the data protection notices of the respective networks. There you will also find further information on your rights in this regard and setting options for protecting your privacy as well as your right to object to the creation of user profiles:

5. Disclosure of data to third parties

As a matter of principle, we treat your personal data as confidential and only disclose it if you have expressly consented to this, or if we are legally obliged or entitled to do so, or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship with you.

In addition, we disclose your personal data to third parties insofar as this is necessary or expedient within the scope of use of our website or, if applicable, for the provision of the services requested by you (also outside the website).

We disclose your personal data to the following categories of recipients:

  • IT-service provider
  • Third parties to whom we have outsourced support services such as logistics partners for the book mailings
  • Third parties we use to provide other services we offer to our users, such as consultants, law firms and trustees
  • Third parties involved in the implementation or organisation of events and seminars
  • Authorities and courts, if applicable

In the case of disclosure to third parties, the legal provisions on the disclosure of personal data to third parties are of course complied with. If we use contractors to provide our services, we take appropriate legal precautions as well as corresponding technical and organisational measures to ensure the protection of your personal data in accordance with the relevant legal regulations.

6. Data transfer abroad

If we also transfer your personal data to third parties abroad (i.e. outside of Switzerland or the European Economic Area (EEA)), they are obliged to comply with data protection to the same extent as we are. If the level of data protection in a country in which the data is processed does not comply with the applicable data protection regulations, we will contractually ensure that the protection of your personal data will at all times correspond to that in Switzerland or the EU/EEA.

We ensure this in particular by concluding so-called standard data protection clauses of the EU Commission with the companies concerned, and/or by the existence of Binding Corporate Rules (BCR) recognised by a European data protection authority at the companies concerned, and/or by the existence of further guarantees that comply with the applicable law. Where this is not possible, we base the transfer of data on your express consent or the necessity of the transfer for the performance of the contract.

7. Retention period

We process and store your personal data only for the period of time required to achieve the stated purpose or if this is provided for in laws or regulations to which we are subject. If the purpose of storage no longer applies or if a prescribed retention period expires, your data will be routinely blocked or deleted in accordance with the statutory provisions. In addition, we will delete your data if you request us to do so and if we have no legal or other obligation to retain or secure this personal data.

8. Data security

We take technical and organisational security precautions to protect your personal data against manipulation, loss, destruction or against access by unauthorised persons and to ensure the protection of your rights and compliance with the applicable data protection regulations.

The measures taken are intended to ensure the confidentiality and integrity of your data and to guarantee the availability and resilience of our systems and services in processing your data on an ongoing basis. They are also intended to ensure the rapid restoration of the availability of your data and access to it in the event of a physical or technical incident.

Our security measures also include encryption of your data. When transmitting your data to us, encryption is carried out using Transport Layer Security (TLS) / encryption Https. All information that you enter online is transmitted via an encrypted transmission path. This means that this information cannot be viewed by unauthorised third parties at any time.

Our data processing and security measures are continuously adapted in line with technological developments.

We also take our own internal data protection very seriously. Our employees and the service companies commissioned by us are obliged to maintain confidentiality and to comply with the provisions of data protection law. Moreover, they are only granted access to personal data to the extent necessary.

9. Use of the website by children

This website is intended for an adult audience. Minors, in particular children under the age of 16, are prohibited from transmitting personal data to us or registering for a service without the consent of their parents or legal guardians. If we discover that such data has been transmitted to us, it will be deleted immediately.

The child’s parents (or legal guardian) may contact us to request deletion or deregistration at the following e-mail address:

10. Your rights

You have the following rights in relation to your personal data:

  • Right of access: You have the right to know why your personal data is needed, what happens to it and how long it is kept.
  • Right to rectification: You have the right to supplement, correct, delete or block your personal data at any time.
  • Right to erasure: You have the right to request erasure of your personal data at any time.
  • Right to transfer your data: You have the right to request all your personal data from the data controller and to transfer it in full to another data controller (data portability).
  • Right to object: You can object to the processing of your data. We will comply unless there are legitimate grounds for processing.
  • Right to withdraw consent: If you give us your consent to process your data, you have the right to withdraw this consent and have your personal data deleted.

Send your request to the following e-mail address:

You can also lodge a complaint with a local supervisory authority if you believe that the processing of your personal data violates data protection law. In Switzerland, the competent authority is the Federal Data Protection and Information Commissioner.