Last updated: 29 June 2025
1. Data Controller
Mind Insights by Krish Phua
Tiong Eng (Krish) Phua
Sumatrastrasse 25
8006 Zurich, Switzerland
contact@mindinsights.ch
www.mindinsights.ch
2. Personal Data We Collect
We may collect and process the following personal data:
– Contact details (name, email address, phone number)
– Appointment information (via Calendly)
– Communication content (via contact form or email)
– Payment and invoicing data (via MILKEE, TWINT, Payrexx)
– IP address and browser data (via server log files or embedded tools)
3. Purpose of Data Processing
We process your data to:
– Schedule and conduct counselling sessions
– Manage payments, invoicing, and accounting
– Communicate with you regarding appointments or enquiries
– Ensure legal compliance and protect our IT infrastructure
4. Use of Third-Party Services
We use trusted third-party providers to deliver and support our services. These include:
– Calendly (appointment booking)
– Payrexx AG (online payment processing) (coming soon)
– TWINT AG (QR code payments)
– MILKEE GmbH (invoicing and accounting): We have concluded a data processing agreement (DPA) with MILKEE GmbH in accordance with the Swiss Data Protection Act (revDSG). MILKEE processes only the data necessary for invoicing and accounting purposes, on our behalf and under strict confidentiality obligations.
These providers may store and process data in accordance with their own privacy policies. We ensure that any third-party services we use are compliant with applicable data protection laws.
5. Use of Calendly (Appointment Scheduling)
We use the service Calendly, provided by Calendly LLC, 115 E Main St, Suite A1B, Buford, GA 30518, USA, to allow clients to book counselling appointments online.
Calendly processes personal data such as your name, email address, and appointment details. All data is processed in accordance with Calendly’s Data Processing Addendum (DPA), which is an integral part of their Terms of Use. Calendly complies with the Swiss Data Protection Act (revDSG) and the EU General Data Protection Regulation (GDPR) through the use of:
– Standard Contractual Clauses (SCCs)
– Certification under the Swiss–U.S. Data Privacy Framework
– ISO 27001 and SOC 2 security standards
– TLS encryption and access control
Calendly stores data in secure environments and offers full transparency on its list of sub-processors.
By booking an appointment via Calendly, you consent to the processing of your personal data as described above. You may also contact us directly to arrange appointments without using the online tool.
6. Server Log Files & Technical Data
When you access our website, certain technical data is automatically collected and stored in server log files. This may include:
– Browser type and version
– Operating system
– Referrer URL
– Date and time of access
– IP address
– Internet service provider
– Pages visited
This data is collected for system security, troubleshooting, and to protect against cyberattacks. It may also be used in the event of legal obligations.
7. Definition of Personal Data
“Personal data” refers to any information relating to an identified or identifiable natural person. This includes, for example, names, email addresses, and appointment details.
We only collect personal data that is necessary for providing our services or for legal reasons.
8. Duration of Data Storage
We retain personal data only for as long as it is necessary to fulfill the purposes described above or to comply with legal obligations. Once the data is no longer needed, it will be deleted or anonymised.
8a. Data Processing Agreements (DPAs) Duration of Data Storage
To ensure lawful processing and data protection, we have concluded data processing agreements with all service providers who process personal data on our behalf (e.g. MILKEE GmbH). These agreements comply with the requirements of the Swiss Data Protection Act (revDSG) and, where applicable, the EU General Data Protection Regulation (GDPR).
9. Data Security
We take appropriate technical and organisational measures to safeguard your data against loss, misuse, or unauthorised access. However, no method of data transmission over the internet is completely secure. We cannot guarantee absolute security and disclaim liability for security breaches beyond our control.
10. External Links
Our website may contain links to external websites. We are not responsible for the content, availability, or privacy practices of those websites. Please review their privacy policies separately.
11. Cookies and Third-Party Content
Our website may use cookies or similar technologies to improve functionality and user experience. These include technically necessary cookies for basic site operations (e.g., session handling or security-related features).
We may also embed third-party content such as Google Maps or YouTube videos. These services can collect personal data (such as your IP address) when loaded. By using our website, you acknowledge that such content may process personal data according to the respective third-party privacy policies.
No cookie consent banner is currently in use. Therefore, we recommend that users who do not agree with this data processing refrain from using the website until a full consent solution is implemented.
More details can be found in the privacy policies of the respective providers (e.g., Google, YouTube).
12. Communication and Contact
When you contact us via email, phone, or contact form, your personal information will be used solely for the purpose of responding to your inquiry or managing your appointment.
Please note: We cannot guarantee full confidentiality of data sent via the internet. For sensitive personal matters, we recommend direct consultation rather than sharing confidential data electronically.
13. Your Rights
Under the Swiss Federal Act on Data Protection (revDSG), and where applicable the GDPR, you have the right to:
– Access your personal data
– Request correction or deletion
– Restrict or object to data processing
– Withdraw consent for future processing
– File a complaint with the relevant data protection authority
To exercise any of these rights, please contact: contact@mindinsights.ch
14. Changes to this Privacy Policy
We reserve the right to amend this privacy policy at any time. The current version is published on our website. If the privacy policy forms part of a contractual relationship with you, we will inform you of substantial updates by email or another appropriate method.