Notice

Privacy Policy

This notice explains what personal data we process when you use afianco.ch or contact us, why we do so, who we share it with and what rights you have. We have drafted it in compliance with EU Regulation 2016/679 (GDPR) and the Swiss Data Protection Act (nFADP).

Last updated: 24 June 2026

1. Data controller

The data controller is Davide De Filippis, Lugano (Switzerland). For any request concerning your personal data you can write to davide@afianco.ch.

2. What data we process

Browsing data. When you visit the site, our systems automatically collect certain technical data (IP address, browser and device type, pages visited, date and time), necessary for operation and security.
Data you provide to us. If you fill in the contact form: name, email, phone (optional), company (optional) and the content of your message. If you write to us by email or Telegram, the data you choose to share with us.
Cookies and statistics. Only with your consent, aggregated usage data via Google Analytics. Details in the Cookie Policy.

3. Purposes and legal bases

Purpose	Legal basis (GDPR)
Responding to requests sent via the form, by email or Telegram	Pre-contractual measures at your request and legitimate interest in responding (art. 6.1.b / 6.1.f)
Operating the site and ensuring its security	Legitimate interest (art. 6.1.f)
Site usage statistics (Google Analytics)	Consent (art. 6.1.a), revocable at any time
Complying with legal obligations	Legal obligation (art. 6.1.c)

For residents in Switzerland, the corresponding bases under the nFADP apply. Providing the form data is optional, but without it we cannot follow up on your request.

4. Who we share data with

We do not sell your data. It is processed on our behalf, as processors, by a few selected providers:

Provider	Role	Where
Vercel Inc.	Site hosting	USA (DPF)
Web3Forms	Delivery of contact form messages	USA
Google Ireland Ltd	Statistics (Google Analytics), subject to consent	EU / USA (DPF)
Telegram	Only if you contact us via Telegram	Outside the EU

5. Transfers outside the EU and Switzerland

Some providers are based in the United States. Transfers take place to entities certified under the EU-US Data Privacy Framework or on the basis of the European Commission's Standard Contractual Clauses, which ensure an adequate level of protection.

6. How long we keep data

Messages and contact data: for as long as necessary to handle your request and any resulting relationship, and then for the period required by legal obligations.
Google Analytics data: in aggregated form, according to the retention set in GA (maximum 14 months).
Technical logs: for a limited period, for security purposes.

7. Your rights

You can exercise at any time the rights provided by the GDPR and the nFADP: access, rectification, erasure, restriction, objection, portability of data and withdrawal of consent (without affecting the lawfulness of prior processing). To do so, write to us at davide@afianco.ch.

If you believe the processing breaches the regulations, you can lodge a complaint with the supervisory authority: in Italy the Garante per la protezione dei dati personali (garanteprivacy.it), in Switzerland the Federal Data Protection and Information Commissioner (FDPIC) (edoeb.admin.ch).

8. Security

We adopt appropriate technical and organisational measures to protect data from unauthorised access, loss or misuse. No system, however, is 100% secure: in the event of a significant breach we will act in accordance with our legal obligations.

9. Changes

We may update this notice over time. The version published on this page, with the last-updated date, is the one in force.