FlowAlp SAGL Privacy Policy

Privacy Policy for FlowAlp SAGL

Effective Date: 12 December 2025

1. Introduction

FlowAlp SAGL (“FlowAlp”, “we”, “us”, “our”) is committed to protecting your privacy and processing your personal data responsibly.

This Privacy Policy describes how we collect, use, store, and safeguard personal data when:

• You visit flowalp.com,
• You use our event-related and organizational management services (“Services”), or
• You are part of a contractual relationship with us as an event organizer, organization, director, member, participant, or staff member.

By using our Website or Services, you acknowledge and agree to the terms of this Privacy Policy.

2. Data Controller

FlowAlp SAGL
Casella postale 1046
Via A. e M. Pini 32
6710 Biasca
Switzerland

Email: info@flowalp.com

3. Applicable Law & Jurisdiction

This Privacy Policy and all data-processing activities carried out by FlowAlp are governed exclusively by Swiss law, in particular the Swiss Federal Act on Data Protection (nFADP).

FlowAlp is not an EU-based company; however, the EU General Data Protection Regulation (GDPR) may apply only to the extent required when we process the personal data of individuals located in the European Union in the context of offering services to them.

Regardless of location, Swiss law is always the primary and exclusive jurisdiction.

4. Personal Data We Collect

We collect and process personal data necessary to provide and maintain our Services. This includes, but is not limited to:

Identity and Contact Data

Names, addresses, emails, phone numbers, organizational roles.

Contractual & Operational Data

Account setup information, event information, organization details, communication history.

Payment & Financial Data

Billing information, payment details, transaction history, invoicing data, and fraud-prevention data.

Event-Specific Data

Information required by event organizers, including clothing sizes, staff attributes, identification details, or any other data necessary for event participation or staff management.

Technical Information

IP addresses, device identifiers, logs, usage data, and cookies.

Additional Information (upon request)

We reserve the right to request and store additional information at any time, even after the contractual relationship has started, if required to deliver the Services or meet legal obligations.

5. Purpose of Processing

We process personal data for the following purposes:

• To provide, operate, and improve our Services
• To maintain contractual relationships
• To manage user accounts and event configurations
• To process payments and prevent fraud (including through partners such as Stripe, Payrexx, or similar providers)
• To ensure the security and integrity of our systems (including the use of Cloudflare)
• To comply with legal and regulatory obligations

We do not process more data than necessary for these purposes.

6. Legal Basis for Processing

Under Swiss law, we process personal data primarily based on:

• Contractual necessity
• Legitimate interests (e.g., service operation, fraud prevention, security)
• Legal obligations

Where GDPR applies (EU users only), processing is based on:

• Art. 6(1)(b) – contractual necessity
• Art. 6(1)(f) – legitimate interests
• Art. 6(1)(c) – legal obligation
• Art. 6(1)(a) – consent (only when explicitly required)

7. Data Sharing & International Transfers

We may share your data with:

• Payment processors: Stripe, Payrexx, and others
• Technical and hosting partners
• Security providers: including Cloudflare
• Event organizers, where necessary
• Legal authorities, when required by law

Data Location

• Our primary data storage is in Switzerland and the EU.
• Some service providers may process data outside Switzerland and the EU (e.g., USA).

Where international data transfers occur, we ensure adequate protection through contractual or legal safeguards.

8. Data Retention

We retain data only for as long as required:

• To fulfil contractual obligations
• To provide Services
• To comply with legal, tax, and accounting requirements
• To protect our legitimate business interests

Data that is no longer required will be securely deleted or anonymized.

9. Cookies & Tracking Technologies

Our Website uses cookies and technical mechanisms to ensure functionality, security, analytics, and service optimization.

Users may disable non-essential cookies through browser settings, though this may limit website functionality.

10. Rights of Data Subjects

You have the following rights under Swiss law—and, where applicable, under GDPR:

• Right to access your personal data
• Right to request rectification
• Right to request deletion (“right to be forgotten”)
• Right to restrict or object to certain processing
• Right to data portability (GDPR only)
• Right to withdraw consent (when processing is based on consent)

To exercise any of these rights, contact us at info@flowalp.com.

We may retain certain information when legally required (e.g., payment records for tax purposes).

11. Data Security

We implement industry-standard administrative, technical, and organizational measures to protect personal data from unauthorized access, loss, misuse, or alteration.

This includes encryption, secure servers, access controls, and continuous monitoring.
No method of transmission or storage is fully secure, but we take all reasonable steps to safeguard your data.

12. Changes to This Privacy Policy

We may update this Privacy Policy at any time. Changes will be published on this page with an updated effective date. Continued use of our Services constitutes acceptance of the revised policy.

13. Contact Information

For questions, data requests, or concerns related to this Privacy Policy or your personal data, contact us at:

FlowAlp SAGL
Casella postale 1046
Via A. e M. Pini 32
6710 Biasca
Switzerland
Email: info@flowalp.com