Privacy policy
1. Responsible body
optolux lichttechnik gmbh
Jutenbühl
6086 Hasliberg Reuti
Switzerland
E-mail: info@optolux.ch
Data protection officer: Johannes Rusch
UID: CHE-477.453.752
2. General information and scope
This privacy policy explains how optolux lichttechnik gmbh (hereinafter “we”) collects, processes and protects personal data. It applies to all services provided via our website and software.
This privacy policy is based on the Swiss Data Protection Act (NdSG, in force since September 1, 2023) and the EU General Data Protection Regulation (GDPR) for users from the European Economic Area.
3. Collection and processing of personal data
Automatically collected data
When you visit our website, the following data is automatically collected: IP address (anonymized), browser type and version, operating system, referrer URL, time of access, pages viewed.
Data provided by the user
When registering and using our services, we collect: name, email address, user name, contact details for support inquiries.
Data collected by desktop software
Our locally installed software (app for macOS and Windows) communicates with our servers for license verification. The following are transmitted: user ID, subscription status, device information (operating system, anonymized hardware ID), time of license check. The software stores all work data (images, projects, settings) exclusively locally on the user's device.
Payment details
Payment data (credit card numbers, bank details, etc.) are processed exclusively by our payment service provider Paddle. We don't have access to full payment details.
4. Purpose of data processing
We process personal data for the following purposes: providing and operating the website, providing our software services, managing user accounts and authentication, processing payments and subscriptions (via Paddle), customer support and communication, improving our services (when consenting to analytics cookies), fulfilling legal obligations.
5. Legal bases
Swiss Data Protection Act (nDSG)
Processing is carried out on the basis of Art. 6 nDSG (processing of personal data), Art. 14 nDSG (information during procurement) and Art. 31 nDSG (data transfer abroad).
GDPR (for EU users)
For users from the EEA, we rely on Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR (contract performance), Art. 6 para. 1 lit. f GDPR (legitimate interest).
6. Transfer of data to third parties
We only share personal data with third parties to the extent necessary to provide our services:
Paddle (payment processing)
Paddle (paddle.com) acts as our Merchant of Record and processes all payment transactions, invoicing, and tax administration. Paddle also receives: email address, name, payment information, billing address, transaction data. Paddle is subject to its own privacy policy (paddle.com/privacy).
Auth0/Okta (authentication)
Auth0 (auth0.com), an Okta service, processes data for user authentication. Auth0 also receives: email address, user name, login times, IP address upon login. Auth0 stores this data for account management and security.
Webflow (hosting)
Our website is hosted by Webflow (webflow.com). Webflow automatically processes collected access data (IP address, browser information, access times).
optolux license server
Our desktop software communicates with the optolux license server to verify and manage software licenses. The following data is processed: user ID (Auth0), subscription status (via Paddle), device information (operating system, hardware ID for license activation), time of license check. This data is used exclusively for license verification and is processed on servers in Switzerland or in the EEA.
7. Cookies and tracking
Essential cookies
These cookies are necessary for the operation of the website and cannot be deactivated. They include: session cookies for website functionality, authentication cookies (Auth0), HTTPS/TLS security cookies, cookie consent settings.
Analytical cookies (optional)
With your consent, we use analytical cookies to improve the user experience. These include only Webflow's own analysis functions. We don't use any additional tracking tools such as Google Analytics, Hotjar or comparable services.
You can adjust your cookie settings at any time via the cookie banner or cookie settings on our website.
8. Data security
We take appropriate technical and organizational measures to protect your data, including: encrypted data transfer (TLS/SSL), access control and authorization management, secure storage with certified providers, regular review of security measures.
9. Data transfer abroad
Some of our service providers (Paddle, Auth0, Webflow) are based in the USA. The transfer of data is based on standard contractual clauses (SCCs) in accordance with Art. 46 GDPR and Art. 16 para. 2 NdSG as well as the EU-US Data Privacy Framework, where applicable.
10. Retention period
11. Rights of data subjects
You have the following rights with regard to your personal data:
Right to information (Art. 25 nDSG/Art. 15 GDPR): You can request information about your stored data.
Right of rectification (Art. 32 nDSG/Art. 16 GDPR): You can request that incorrect data be corrected.
Right of deletion (Art. 32 nDSG/Art. 17 GDPR): You can request the deletion of your data, provided that there are no legal storage obligations to the contrary.
Right to object: You can object to the processing of your data at any time.
Right to data portability (Art. 28 nDSG/Art. 20 GDPR): You can request that your data be provided in a standard format.
To exercise your rights, contact us at info@optolux.ch. We process inquiries within 30 days.
12. Supervisory authorities
Switzerland: Federal Data Protection and Information Commissioner (EDÖB), Feldeggweg 1, 3003 Bern, edoeb.admin.ch
EU: You can contact the data protection authority in your member state.
13. Changes to this privacy statement
We reserve the right to amend this privacy policy at any time. The latest version is always available on our website.
14. Contact
optolux lichttechnik gmbh
Jutenbühl
6086 Hasliberg Reuti
Switzerland
email: info@optolux.ch
Data protection officer: Johannes Rusch
Last update: February 2026