top of page

Privacy Policy

1. Data Controller
The person responsible for processing your data is:
Alexa Meershoek, residing in Zurich, Switzerland.

2. Scope & Legal Basis
This policy applies to all personal data collected through the website (e.g., name, email, payment data, voluntary health information). Data processing is carried out in accordance with the Swiss Federal Act on Data Protection (FADP, including the 2023 revision) and, where applicable, complemented by the EU General Data Protection Regulation (GDPR).

3. Purposes of Data Processing

  • Handling bookings and payments for Pilates, yoga, and art-therapy sessions (online and in person)

  • Communication regarding appointments

  • Compliance with legal and accounting retention requirements

  • Operation of the website (e.g., log files, cookies)

4. Categories of Data & Retention Period
Collected data includes:

  • Contact and contract data (name, email, payment information)

  • Technical data during website visits (e.g., IP addresses, browser information)

  • Voluntary health information for art-therapy sessions
    Retention: Data is kept until retention obligations expire, after which it is deleted or anonymized.

5. Disclosure to Third Parties
Personal data is shared only if required for performance of contracts (e.g., payment service providers, web hosting, authorities) or by legal obligation. Data is transferred abroad only to countries with adequate data protection or under safeguards (e.g., standard contractual clauses).

6. Cookies, Tracking & Zoom Usage
The website uses cookies and tracking technologies to optimize functionality, security, and user-friendliness. You can manage or disable cookies via your browser settings.

We use Zoom for online sessions (Pilates, yoga, professionally inspired art-therapy). Please note:

  • Zoom is not fully secure. Past incidents include security flaws (e.g., Zoombombing, issues with end-to-end encryption [E2EE]) and reports of data being shared with third parties.

  • Standard sessions have transport encryption (TLS/AES-256). True E2EE is available but must be manually enabled, which limits some Zoom features.

  • Zoom operates under U.S. law (including the Cloud Act); U.S. authorities may access data under certain conditions, even if sessions originate from Switzerland/EU.

  • We recommend you:

    1. Use password protection and waiting rooms for meetings.

    2. Enable E2EE if discussing sensitive topics.

    3. Avoid discussing highly confidential matters (e.g., deeply personal or corporate secrets) via Zoom.
      By booking, you agree to participate in Zoom sessions under these conditions.

7. Data Subject Rights
Under Swiss FADP and EU GDPR, you have rights to access, correction, restriction, deletion, data portability, and objection to certain types of processing. You may withdraw consent and lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC).

8. Contact for Data Protection Requests
Email: [your email address]
Mailing address: Alexa Meershoek, [address in Zurich]

9. Security Measures
We implement technical and organizational measures to protect against unauthorized access, loss, or misuse. However, absolute security cannot be guaranteed online.

10. Changes to This Privacy Policy
We may update this policy due to legal changes or changes in services. The current version is always available on the website.

Datenschutzerklärung
bottom of page