BCS
BAD CODE STUDIO

Privacy Policy

At Bad Code Studio, we take your privacy seriously. This policy explains how we collect, use and protect your data in accordance with the Swiss Federal Act on Data Protection (nFADP).

11. Data Controller

The data controller is: BadCodeStudio - Domenjoz, P.O. Box, 1095 Lutry, Switzerland. Contact: info@badcodestudio.ch.

22. Data Collected

We only collect information that you voluntarily submit through our project submission form: name, email address, company name (optional), project type, description, budget and desired timeline. We also log your IP address for security purposes.

33. Legal Basis for Processing

The processing of your data is based on your consent (Art. 31 para. 1 nFADP), on the execution of pre-contractual measures at your request, and on our legitimate security interests (abuse protection, rate limiting).

44. Purpose of Processing

Your data is used exclusively to: process your project request, generate an AI-powered estimate, send you a confirmation email, follow up on your project, and ensure the security of our platform.

55. Sub-processors and Third Parties

We use the following sub-processors: Infomaniak (hosting and SMTP email, Switzerland), Google Gemini (AI analysis, anonymized data), Notion (internal CRM), Slack (internal notifications). No data is sold to third parties.

66. International Transfers

Some data may be processed by services located outside Switzerland (Google, Slack). In such cases, we ensure that appropriate safeguards are in place in accordance with Art. 16 nFADP.

77. Data Retention

Project submission data is retained for 2 years after the last contact, unless a legal obligation requires otherwise. IP addresses logged for security purposes are automatically deleted after 1 hour.

88. Cookies

Our website does not use any tracking or marketing cookies. Only strictly necessary technical cookies may be used (language preference).

99. Data Security

We implement appropriate technical and organizational measures to protect your data: TLS/SSL encryption, security headers (CSP, HSTS), CSRF protection, input validation, and IP-based rate limiting.

1010. Your Rights

Under the nFADP, you have the following rights: right of access to your data, right to rectification, right to erasure, right to data portability, right to object to processing. To exercise these rights, contact us at info@badcodestudio.ch.

1111. Protection of Minors

Our services are intended for professionals and businesses. We do not knowingly collect data from persons under the age of 18.

1212. Data Breach

In the event of a data security breach likely to pose a high risk to your rights, we will inform you as soon as possible and notify the Federal Data Protection and Information Commissioner (FDPIC) in accordance with Art. 24 nFADP.

1313. Supervisory Authority

The competent supervisory authority is the Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern, Switzerland. Website: www.edoeb.admin.ch.

1414. Changes

We reserve the right to modify this privacy policy at any time. Any changes will be published on this page with the update date.

Dernière mise à jour : 15.05.2026