Legal
Privacy policy
Last updated: 25 November 2025
We take your privacy very seriously. This Privacy Policy explains how Flow Health Massonnet, a company registered in Switzerland with its registered office at Chemin de Belle Combe 37, 1093 Lutry, collects, uses, shares and protects your personal data when you visit www.flowhealth.ch or purchase our dietary supplement products.
This policy complies with the Swiss Federal Act on Data Protection (FADP, rev. 2023), the EU General Data Protection Regulation (GDPR) and other applicable European data-protection laws.
1. Data Controller
Flow Health Massonnet
Chemin Belle Combe 37, 1093 Lutry, Switzerland
Email: sales_support@flowhealth.ch
2. What personal data we collect and why
| Situation | Data collected | Purpose | Legal basis |
|---|---|---|---|
| Creating an account | Name, email, encrypted password | Account management & login | Contract (Art. 6(1)(b) GDPR) |
| Placing an order | Name, billing & shipping address, phone, email, payment details | Fulfil and ship your order, tax & customs | Contract + legal obligation |
| Payment processing | Card or bank details (never stored by us — tokenised by PCI-DSS certified partners) | Secure payment | Contract |
| Newsletter & marketing | Email, first name, optional interests & past purchases | Send offers, new products, wellness tips | Consent (Art. 6(1)(a) / Art. 31 FADP) |
| Abandoned-cart & order follow-ups | Email, cart contents | Remind you & improve conversion | Legitimate interest (Art. 6(1)(f) / Art. 31 FADP) |
| Customer support & contact form | Name, email, order number, message | Help you & solve issues | Contract / Legitimate interest |
| Website analytics & advertising | IP address, browser, device, pages visited, UTM parameters, Facebook/Instagram/TikTok/Google pixels | Understand & improve user experience, retargeting | Consent (via cookie banner) |
| Reviews & user-generated content | Name or nickname, photo (if uploaded), review text | Show authentic reviews | Consent + Legitimate interest |
3. Cookies & tracking technologies
We use strictly necessary, performance and marketing cookies. You can manage your preferences at any time via the cookie banner or the "Cookie Settings" link in the footer.
4. Who we share your data with
- Shopify (Ireland) — e-commerce platform
- Stripe, PayPal, PostFinance — payment processing
- DHL, Swiss Post, Planzer — shipping & customs
- Klaviyo — email marketing (US with EU/Swiss SCCs + Data Processing Agreement)
- Google Analytics, Meta Pixel, TikTok Pixel — analytics & advertising (consent-based)
- Trusted third-party testing labs — only anonymised batch data
All processors are bound by Data Processing Agreements and, where required, Standard Contractual Clauses or the new EU–U.S. Data Privacy Framework / Swiss–U.S. DPF.
5. International transfers
Data may be processed in the European Union, Switzerland, the United Kingdom and the United States. Whenever we transfer data outside Switzerland/EU → USA, we rely on:
- EU–U.S. Data Privacy Framework & Swiss–U.S. DPF (for certified partners), or
- Standard Contractual Clauses (SCCs) + Technical & Organisational Measures.
6. How long we keep your data
| Data type | Retention period |
|---|---|
| Order & customer data | 10 years (Swiss/EU accounting & tax laws) |
| Newsletter subscribers | Until you unsubscribe |
| Analytics data | 26 months (Google Analytics) |
| Support tickets | 3 years |
After the retention period, data is securely deleted or anonymised.
7. Your rights (Switzerland & EU)
You have the right to:
- Access your data
- Rectify inaccurate data
- Delete your data ("right to be forgotten")
- Restrict or object to processing
- Data portability
- Withdraw consent at any time
- Lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or your local EU supervisory authority
To exercise any right, write to sales_support@flowhealth.ch. We will respond within 30 days.
8. Children
Our products and website are not intended for persons under 18. We do not knowingly collect data from children.
9. Security
We use TLS encryption, regular penetration testing, and strict access controls. Payment data is never stored on our servers.
10. Changes to this policy
We may update this policy from time to time. The new version will be published on this page with an updated "Last updated" date. Significant changes will be communicated by email or via a banner on the website.
11. Contact us
Email: sales_support@flowhealth.com
Post: Flow Health, Chemin de Belle Combe 37, 1093 Lutry, Switzerland
Thank you for trusting us with your data.
Flow Health Team