Buy This Webflow Template

This website serves as a demonstration of the Brave premium Webflow template. It is designed for creative studios, designers, photographers, and all types of creative individuals.

privacy policy

© 2025 TOMA Studio. Privacy Policy. DSG & GDPR compliant.
Scroll Down

We respect your privacy and handle personal data in accordance with the Swiss Federal Act on Data Protection (DSG) and—where applicable—the EU General Data Protection Regulation (GDPR).
This Policy explains what personal data we collect, how and why we process it, and the rights you have. It applies to TOMA Studio’s website www.tomastudio.ch and related online presences.
Last updated: 11 2025

1. Controller (Who we are)

TOMA Studio
Email: hello@tomastudio.ch
Postal address: Hinteruttenberg 60, CH-8934, Knonau, Switzerland
If another party is the controller for a specific activity, we will say so at the point of collection.

2. What data we process and why

We process only the data needed to provide a reliable, secure and user-friendly website and to respond to enquiries.

Categories of data
Contact details you provide (e.g., name, email, message content) when you contact us.
Usage/technical data generated by your device and browser (e.g., IP address, date/time, pages viewed, referrer URL, device and browser information).
Social interactions if you click our social media links or view embedded content from third-party platforms (see section 6).

Purposes
Provide and improve our website and services.
Respond to enquiries and pre-contract steps.
Ensure security, error monitoring and abuse prevention.
Perform reach and performance measurement (analytics).

Sources
We obtain data directly from you (e.g., contact form/email) and automatically from your device when you use the site. We may also receive data from third parties where this is lawful.

3. Legal bases

We process personal data on the following bases (as applicable):
Contract / pre-contract (Art. 6(1)(b) GDPR): responding to your requests.
Legitimate interests (Art. 6(1)(f) GDPR): operating a secure, reliable website; analytics to understand and improve our content; enforcing or defending legal claims.
Legal obligation (Art. 6(1)(c) GDPR) where applicable.
Consent (Art. 6(1)(a) GDPR): for non-essential cookies/trackers where required.
Swiss law (DSG/VDSG) applies alongside or instead of GDPR depending on the situation.

4. Retention

We keep personal data only as long as necessary for the purposes described or to meet legal retention duties. Afterwards we delete or anonymise it.

5. Security

We use appropriate technical and organisational measures to protect your data (including HTTPS/SSL). However, no internet transmission is ever 100% secure.

6. Cookies, tags and similar technologies

We use cookies and comparable technologies:
Essential cookies – required for the site to function.
Analytics/performance cookies – help us understand how the site is used.

You can control cookies in your browser (block, delete, receive prompts). If you reject non-essential cookies, some features may be limited.

We manage scripts via Google Tag Manager. GTM itself does not read personal data; it loads other tags (e.g., Google Analytics). The legal basis for loading non-essential tags is your consent where required.

7. Analytics

We use Google Analytics (with IP anonymisation and, where enabled, Google Signals) provided by Google Ireland Limited / Google LLC. Analytics helps us measure usage (e.g., page views, session duration) and improve our content.
Data processed can include cookie IDs, device/browser information, approximate location, and on-site actions.
IP addresses are truncated before being stored by Google.
You can opt out via your browser’s settings, Google’s Ads Settings, and the Google Analytics Opt-out Browser Add-on.

8. Social media and third-party platforms

We maintain profiles and may embed content or provide links on:
Behance, LinkedIn, Pinterest, Instagram.
When you visit pages that display embedded content or click these links, the respective providers may set cookies and process data (e.g., your IP address, the page you were on). Those providers act under their own privacy policies and may process data outside Switzerland/EEA. Your interaction with these services is subject to their terms and settings.

9. Hosting and server logs

Our hosting provider automatically records server log files for each request (e.g., IP address, date/time, requested URL, referrer, browser/device details, HTTP status). This is necessary to deliver the site and maintain security. Log files are kept only as long as needed and then deleted or anonymised.

10. Processors, sharing and international transfers

We may share data with trusted service providers (e.g., hosting, analytics) who process it on our behalf and under contract. Some providers may be located outside Switzerland/EEA. In such cases, we ensure an adequate level of protection (e.g., adequacy decision, Standard Contractual Clauses, or equivalent safeguards).

We do not sell personal data. We disclose data only if required by law or necessary to establish, exercise, or defend legal claims.

11. Your rights

Subject to legal limits, you have the right to:
Access your personal data,
Rectify inaccurate data,
Erase data (“right to be forgotten”),
Restrict or object to processing,
Data portability (GDPR),
Withdraw consent at any time (where processing is based on consent).

You also have the right to lodge a complaint with a supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC).

To exercise your rights, contact us at hello@tomastudio.ch.

12. Changes to this Policy

We may update this Policy from time to time. The current version is published on this page and indicates the “Last updated” date.

Have a project in mind?
Let's Talk
behance
behance
Instagram
Instagram
pinterest
pinterest
LinkedIn
LinkedIn
Back to top

toma

Studio

Let's talk! Say hello!