Connexa GmbH – Switzerland
Last updated: 12 May 2025
Connexa GmbH (“we,” “us,” or “our”) is committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains which personal data we collect through our website and associated services, how and why we process it, where we store it, and which rights you have. We comply with the Swiss Federal Act on Data Protection (FADP) and, where applicable, the EU General Data Protection Regulation (GDPR).
By using our website or uploading content via our forms, you consent to the practices described below.
We limit our data collection to what is necessary for the operation of our services:
We process your photos and texts solely to provide, maintain, and improve the features you request (Art. 6 para. 1 lit. b GDPR / Art. 31 para. 2 lit. a FADP – contract performance) and to safeguard the security of our platform (legitimate interest, Art. 6 para. 1 lit. f GDPR / Art. 31 para. 1 FADP). We do not use your content for marketing, profiling, or automated decision-making.
Photos and texts you submit are stored on Google Firebase, specifically Firebase Storage (for images) and Cloud Firestore (for text data). Both services are part of Google Cloud. We have concluded a Data Processing Agreement (DPA) with Google, and Google implements technical and organisational measures in line with ISO 27001 and ISO 27018 certifications.
Firebase gives us the option to choose a regional storage location; we currently use the eu-west (Belgium) region to ensure that data is hosted within the EU/EEA, thereby providing an adequate level of protection under the GDPR and Swiss adequacy decisions.
Our hosting provider automatically records technical information (IP address, user-agent string, timestamps, etc.) in server log files to detect errors and defend against attacks. We review these logs only if required for security or debugging and delete them automatically after 30 days.
We implement TLS/SSL encryption in transit and rely on Firebase-built encryption at rest for stored content. Access to Firebase projects is restricted through role-based access controls and two-factor authentication. Regular backups and security updates are performed to prevent data loss and unauthorised access.
We keep your photos and texts for as long as you maintain an account or until you delete the respective content. If you request deletion (see Section 9), we erase the files from Firebase within 30 days, including all backups, unless legal obligations require longer storage.
Apart from the storage described above, we do not share your personal data with external third parties, unless we are legally obliged to do so (e.g. by court order) or you explicitly instruct us.
In accordance with Chapter 3 GDPR and Art. 25–28 FADP, you have the right to:
To exercise these rights, contact us at the address below. We will respond within 30 days.
Our services are not targeted at children under 16. If we learn that photos or texts from a child have been uploaded without parental consent, we will delete the content immediately.
We may amend this policy to reflect changes in technology, legislation, or our services. The current version is always available on this page; significant changes will be announced at least 14 days in advance.
If you have questions about this Privacy Policy or your personal data, please reach out: