Skip to Content

Privacy

PRIVACY POLICY — Dynaev GMBH

Compliant with Swiss Federal Act on Data Protection (FADP 2023) | As of: March 2026

Valid for all brands: Dynaev GMBH | My tinkerer

Data Controller:

Dynaev GMBH | Kirchstrasse 67 | 6473 Silenen | Canton Uri | UID: CHE-146.148.688

Privacy contact: hello@dynaev.ch | Website: www.dynaev.ch

1. Data Controller and Scope

Dynaev GMBH is the data controller pursuant to the Swiss Federal Act on Data Protection (FADP) of 25 September 2020 (in force since 1 September 2023). This policy applies to all brands operated by Dynaev GMBH: Dynaev GMBH (corporate/B2B) and MeinTüftler (moving, cleaning, handyman, household services, gardening). For clients in the EU/EEA, the GDPR applies additionally.

2. What Personal Data Do We Collect?

2.1 Client data: Name, company name (B2B), addresses, phone number, email, order information

2.2 Communication data: Emails, WhatsApp messages, SMS, call notes

2.3 Accounting/payment data: Invoice address, IBAN (only for refunds), payment history

2.4 Photo documentation: Photos of apartments, properties, and transported items

2.5 Key protocol/access data: Key documentation; access/alarm codes (deleted immediately after order completion)

2.6 Website usage data: IP address (anonymised), browser type, device, pages visited, cookies

2.7 Applicant data: CV, references, contact details

2.8 Platform booking data: Data transmitted from booking platforms (Movu, Umzug123, Houzy)

3. Purpose and Legal Basis of Data Processing

Purpose

Legal Basis

Contract initiation, offer, order confirmation

Art. 31 para. 2 lit. a FADP

Contract fulfillment and service provision

Art. 31 para. 2 lit. a FADP

Invoicing, dunning, accounting

Art. 31 para. 2 lit. c FADP (legal obligation)

Quality assurance, damage documentation, key management

Art. 31 para. 2 lit. b FADP (legitimate interests)

Communication (email, telephone, WhatsApp)

Art. 31 para. 2 lit. a FADP

Direct marketing (newsletter, offers)

Consent (Art. 31 para. 1 FADP)

Platform bookings

Art. 31 para. 2 lit. a FADP

Application procedures

Consent/pre-contractual measures

Website analysis and optimization

Consent (cookies)

4. Data Disclosure and Third-Party Recipients

No data is sold. Disclosure only for the fulfillment of a contract, legal obligations or with consent.

Sub-processors: only necessary data; contractually bound to data protection compliance.

Trustees/Accounting: invoice data, payment processing.

**IT service provider/cloud (Infomaniak Network AG, Odoo S.A., Google LLC):** As a processor according to our instructions; AVV completed (Details: §5.1 of this declaration)

Platforms (Movu, Moving123, Houzy): Order data for platform bookings

Insurance: In the event of damage (photos, protocols)

Authorities/courts: Upon legal order

5. Processor & data transfer abroad

5.1 Sub-Processors

The following service providers process personal data on our behalf (order processing agreement / AVV concluded):

| Service provider | Purpose | Server location | Legal basis |

| --- | --- | --- | --- |

Art. 9 FADP — no third-country transfer

Art. 16 para. 1 FADP — adequate protection level

Art. 16 para. 1 FADP in conjunction with EU-U.S. DPF

Art. 16 para. 1 FADP / DPF

5.2 International Data Transfers

Transfers to countries with an adequate level of data protection (EU/EEA per Annex 1 of the FADP Ordinance) are permitted without additional safeguards (Art. 16 para. 1 FADP). Transfers to the USA are made exclusively to DPF-certified providers. For transfers to other third countries: EU Standard Contractual Clauses (SCCs) pursuant to Art. 16 para. 2 lit. d FADP.

6. Retention Periods

Data Category

Retention Period

Contract data, invoices, accounting documents

10 years (Art. 958f CO, tax law)

Communication data (email, WhatsApp)

3 years after completion of the order

Photo documentation

2 years after completion of the order

Key protocols

2 years after key return

Applicant data without employment

6 months after completion of the procedure

Website/analytics data

According to consent, max. 26 months

Access/alarm codes

Immediately after completion of the order

7. Rights of Data Subjects (Art. 25 ff. FADP)

Right to information: You can request information about your data

Right to rectification: have incorrect data corrected

Right to deletion: Request deletion (unless there is a statutory retention requirement)

Right to restrict: have editing restricted

Data portability: Receive data in machine-readable format

Right to object: For direct marketing at any time; unsubscribe via link or hello@dynaev.ch

Processing time for requests: 30 days. Contact: hello@dynaev.ch | +41 44 442 01 38

8. Cookies and Website Tracking

8.1 Technically necessary cookies (Art. 45c Swiss Telecommunications Act / TCA): No consent required. Includes session cookies, CSRF protection, login status, language settings. Storage: session duration or max. 30 days.

8.2 Analytical cookies (e.g. Google Analytics): Only with your explicit consent. Purpose: analysis of user behaviour to improve the website. IP anonymisation enabled. Data transfer to Google LLC (USA), certified under EU-U.S. Data Privacy Framework.

8.3 Marketing cookies (e.g. Meta Pixel, Google Ads): Only with your explicit consent. Purpose: remarketing and conversion tracking.

8.4 No tracking without consent: Before your consent, no analytical or marketing cookies are set. Our website is configured so that the cookie banner appears before non-essential cookies are loaded.

8.5 Withdraw consent: You may withdraw your consent at any time via the “Cookie Settings” link in the website footer (Art. 7 para. 3 GDPR analogous / Art. 31 FADP).

8.6 Google Maps: For location display — only with consent. Data transfer to Google LLC (USA), DPF-certified.

9. WhatsApp Communication

Dynaev GMBH communicates via WhatsApp Business (Meta Platforms Ireland Ltd./Inc.). Meta has access to metadata. Content is end-to-end encrypted. By contacting us via WhatsApp, you consent to this form of communication. Alternative: Email (hello@dynaev.ch).

10. Data Security

We implement technical and organisational measures pursuant to Art. 32 FADP: SSL/TLS encryption; access controls; regular staff training.

11. Changes to this Privacy Policy

Current version at www.dynaev.ch/privacy (English) and www.dynaev.ch/datenschutz (German). For material changes: email notification.

12. Right to Lodge a Complaint with the FDPIC

Federal Data Protection and Information Commissioner (FDPIC)

Feldeggweg 1 | 3003 Bern | Switzerland | www.edoeb.admin.ch

As of: March 2026 | Dynaev GMBH | Kirchstrasse 67 | 6473 Silenen