Privacy policy

Last update: 06.01.2025

1. Introduction

Welcome to Yuh eCommerce platform (hereinafter referred to as «Yuh», «Shop», «we», «us», or «our»). We are committed to protecting your privacy and safeguarding your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you visit the Shop on our website, make a purchase, or engage with us in other ways regarding the Shop. By using our services, you agree to the terms of this Privacy Policy. In addition, the Yuh App & Website Privacy Policy applies.

2. Data Controller

Yuh Ltd, located at Chemin de la Crétaux 33, Case postale 319, 1196 Gland, Switzerland, is the Data Controller responsible for the processing of your personal data. For privacy-related inquiries, please contact us via the website contact form.

3. Independence from Yuh App

Please note that the Yuh eCommerce platform operates independently from the Yuh financial app. Personal data collected on the eCommerce platform is used solely for its operations and is not exchanged with data from the financial app, ensuring your privacy is upheld in all interactions.

4. Data Collection and Usage

We collect and process diverse types of personal data to provide and improve our services, including:

  • Personal Identification Information: Name, email address, phone number, shipping, and billing address.
  • Payment Information: Details necessary to process your payment, including credit/debit card information, which are handled securely in compliance with PCI-DSS standards.
  • Account Information: Username, password, and settings if you create an account.
  • Order Information: Details of products purchased, delivery instructions, and any returns or exchanges.
  • Technical Information: IP address, browser type, device type, operating system, collected via cookies and similar technologies.
  • Communication Data: Data from communications with us via email, phone, or other means.

5. Purposes of Data Processing

Your personal data is processed for the following purposes:

  • To process and fulfill orders, including handling returns and exchanges.
  • To manage payments, billing, and account verification.
  • To communicate with you regarding orders, inquiries, or relevant updates.
  • To enhance our website, services, and customer experience.
  • To send personalised recommendations and marketing, with your consent.
  • To comply with legal obligations and resolve disputes.

6. Legal Basis for Processing

We process your personal data based on:

  • Performance of a Contract: Necessary for fulfilling sales contracts when you make a purchase.
  • Consent: For purposes such as marketing communications.
  • Legal Obligation: Compliance with regulatory requirements.
  • Legitimate Interests: Including fraud prevention and service improvement.

7. Data Sharing and Disclosure

We do not sell or rent your personal data. Data sharing is limited to:

  • Service Providers: We engage third-party service providers, such as payment processors (e.g., TWINT), shipping companies, and IT support, to assist us in providing our services. These providers are contractually obligated to protect your data and only process it on our behalf under strict data protection agreements.
  • Compliance with Laws: We may disclose your personal data to law enforcement or regulatory authorities if required by law or in response to a valid request.
  • Business Transfers: In the event of mergers, acquisitions, or any form of sale of some or all our assets, your data may be transferred as part of that business transaction.

8. International Data Transfers

Your data is processed primarily within Switzerland. If transferred outside Switzerland or the EEA, we ensure protection through mechanisms such as standard contractual clauses in compliance with GDPR.

9. Data Retention Policies

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Order Information: Retained for ten years as required by Swiss tax and commercial laws.
  • Payment Data: Retained for the duration necessary to process payments and as required by financial regulations, typically up to ten years.
  • Account Information: Retained until account deletion or inactivity for a defined period, subject to applicable laws.
  • Communication Data: Retained for five years unless a longer retention period is required for legal or compliance purposes.

10. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request access to your personal data.
  • Correction: Request correction of inaccurate data.
  • Deletion: Request deletion of your data under certain conditions.
  • Objection: Object to processing for marketing purposes
  • Data Portability: Receive your data in a structured format.
  • WithdrawConsent: Withdraw consent at any time.
    To exercise these rights, contact us via the website contact form.

11. Cookies and Tracking Technologies

Our website uses cookies to improve your browsing experience. We use the following types of cookies:

  • Essential Cookies: Necessary for the operation of our website, such as maintaining your shopping cart.
  • Performance Cookies: Collect information on how visitors use our website to help us improve the site.
  • Functional Cookies: Allow us to remember your preferences and personalise your experience.
  • Marketing Cookies: Used to deliver relevant advertising and track the effectiveness of marketing campaigns.

You can manage your cookie preferences through your browser settings or via our Cookie Consent Tool, accessible at our Cookie Policy link.

12. Security Measures

We implement technical and organisational measures to protect your data, including:

  • Encryption: All payment transactions are encrypted using SSL technology.
  • Access Controls: Only authorised personnel with specific roles have access to personal data.
  • Shopify Compliance: As our platform operates on Shopify, we adhere to Shopify’s robust security standards, including compliance with PCI-DSS for all payment-related data handling.

However, please note that no method of transmission over the internet is completely secure.

13. Third-Party Websites and Social Media Integration

Our website may contain links to third-party websites or services, including social media plugins (e.g., Facebook, Instagram). These third-party platforms may collect data directly from you according to their own privacy policies. We encourage you to review these policies as we are not responsible for their data handling practices.

14. Payment Methods and External Payment Service Providers

We offer various payment methods to facilitate your transactions, including Visa, Mastercard, American Express, Maestro, Apple Pay, Google Pay and TWINT. Payments are processed through secure, external payment service providers who ensure that your financial data is handled in compliance with industry standards.

The data processed by these payment providers include:

  • Payment Details: Such as credit or debit card information, bank account details, and transaction data necessary to process the payment.
  • Personal Information: Name, billing address, and other relevant information required for verification and fraud prevention.

The external payment service providers we use include:

  • Visa and Mastercard: Credit card payments through Visa and Mastercard comply with PCI-DSS standards to ensure the protection of your card details.
  • TWINT: Payments made using TWINT are processed in accordance with TWINT's security protocols, ensuring the secure transfer of funds.
  • Maestro: Payments via Maestro are handled securely, ensuring compliance with international standards for transaction security.
  • American Express: American Express transactions are securely processed in accordance with industry standards, ensuring the protection and confidentiality of your payment information.
  • Apple Pay: Apple Pay transactions use device-specific numbers and unique transaction codes, with data encryption to ensure your financial information is secure.
  • Google Pay: Google Pay transactions are processed securely with data encryption and are subject to Google’s privacy standards.

These service providers process your data solely to execute your payment instructions and do not make your financial data available to any unauthorised third parties. Please refer to the respective privacy policies of these payment providers for further details on their data processing practices:

Your payment information is not stored on our servers and is used only for transaction processing as necessary to fulfill your purchase.

15. Consent Management

Your consent is required for optional data processing activities, such as marketing communications. You can manage or withdraw your consent at any time by:

  • Adjusting settings in your account profile.
  • Contact us directly via the website contact form.

Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

16. Changes to This Privacy Policy

We may update this policy periodically. Significant changes will be communicated directly to registered users via email or highlighted on the website. Please review this policy regularly to stay informed about how we protect your data.

17. Contact Us

For any questions or concerns, please contact us at:
Contact: via the website contact form.
Address: Yuh Ltd, Chemin de la Crétaux 33, Case postale 319, 1196 Gland, Switzerland.
Phone: +41 44 825 87 89 (Monday to Friday, 08:00 – 19:00)