Privacy policy - lake.lindt.one
← All lakes

Privacy policy

This page describes how lake.lindt.one collects, uses and protects your personal data, in accordance with the Swiss Federal Data Protection Act (FADP) and the European regulation (GDPR).

Data controller

The site lake.lindt.one is a non-commercial personal project. For any questions regarding personal data, contact: dpo@lindt.one

Data collected

  • Preferences and dashboards: stored locally in the browser. If you have an account, a copy is synchronized to the server.
  • Geolocation: used to display the nearest lake. If you have allowed geolocation, your coordinates and IP address are stored for statistical purposes. This data is not linked to your account. You can disable geolocation in your browser or deny the permission to prevent any collection.
  • Analytics (Matomo): audience analysis hosted in Switzerland, without data transfer to third parties. No account name or email address is associated with visits.
  • Error logs: technical errors are recorded temporarily (90 days) to improve the service. They may contain: the visited URL, the error message, the IP address, the browser type and, if you are logged in, your user identifier.
  • Promotions and campaigns: when an internal promotion is displayed, an anonymous identifier (hash) is recorded to avoid showing it multiple times. Events (display, click, dismissal) are retained for 90 days. The deduplication table is kept longer to ensure proper operation.

Additional data (logged-in users)

  • User account (optional): email address and password (hashed with Argon2id). Passkey authentication (WebAuthn/FIDO2) is also available; in that case, only the public key is stored on the server. No other personal information is required.
  • Sessions: each session records the IP address and browser type for security purposes (unauthorized access detection). An audit log records security events (login, password change) for 90 days.
  • Device tracking: a unique identifier (UUID) is assigned to your browser and stored for 2 years via a cookie. This allows recognizing your devices for preference synchronization and geolocation status.
  • Push notifications: if you enable notifications, the push service endpoint, encryption keys and device name are stored on the server. You can disable them at any time from your profile. Maximum 8 devices per account.
  • Swim journal: if you use the swim journal, entries (location, temperature, conditions, personal notes) are stored on the server and linked to your account. You can delete your entries at any time.
  • Temperature alerts: if you set up alerts, the rules (lake, temperature thresholds, frequency) are stored on the server. Notifications are sent via push or email depending on your configuration.

Third-party services

  • QR code generation: when displaying a payment QR code (Revolut), the payment URL is sent to api.qrserver.com to generate the image. This third-party service only receives the payment link URL, not your personal data.
  • Maps: embedded maps come from Swisstopo (map.geo.admin.ch), a Swiss federal government service. Your IP address and the map coordinates viewed are transmitted to this service.
  • Payments: donations and purchases are processed by third-party services (Revolut, Twint). These services have their own privacy policies. No payment data (credit card, IBAN) is stored on lake.lindt.one.

Cookies

The site uses cookies strictly necessary for operation (session, language, preferences). No third-party advertising or tracking cookies are used. Matomo uses an anonymous audience cookie.

Your rights

You can at any time: export your data (from your profile), delete your account (permanent deletion after 30 days), and request data rectification by email.

Data retention

Deleted accounts are purged after 30 days. Sessions expire after 30 days of inactivity. Email tokens expire after 24 hours. Error and audit logs are deleted after 90 days. Promotional events are deleted after 90 days. Transactional email logs (type, status, recipient) are retained for 90 days. Security events (blocked requests) are deleted after 30 days. The device identifier is kept for 2 years.

Hosting

The site is hosted in Switzerland. No data is transferred outside of Switzerland or the European Economic Area, except for the third-party services mentioned above (api.qrserver.com).

Contact

For any questions about your data protection: dpo@lindt.one