Privacy Policy

1. Controller

The controller for the processing of personal data within the meaning of FADP and GDPR is:

Trib3s GmbH Vogtsrain 45 CH-8049 Zurich Switzerland

Email: hello@trib3s.com

For data protection enquiries please contact us at the same address.

2. Principles

We only process personal data to the extent necessary for operating the website, providing our services, or complying with legal obligations. We do not use advertising cookies, profiling or automated individual decisions. For statistical web analytics we use Google Tag Manager and Google Analytics 4 — but only after you have given your explicit consent via our cookie banner (see section 8). As long as you do not consent, no scripts are loaded and no cookies are set.

3. Server logs (hosting)

When you access the website, technical data is recorded in server logs: IP address, date and time, requested URL, referrer, user agent, HTTP status code. This data is necessary to deliver the website, to ensure security and to analyse errors.

Legal basis: Art. 31 para. 2 lit. c FADP / Art. 6 (1) (f) GDPR (legitimate interest in the secure and stable operation of the website).

The website is hosted by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA. Delivery happens via the global edge network; logs are typically deleted after a short time. We have a Data Processing Agreement (DPA) with Vercel as well as EU Standard Contractual Clauses for transfers to the United States.

4. Self-hosted fonts

We use the typefaces MuseoModerno, Newsreader, Geist Mono and Lora. They are integrated locally into our deployment bundle at build time via Next.js's `next/font` feature and served from the same server as the website. Your browser does NOT establish any connection to Google Fonts servers; in particular, no IP address is transmitted to Google.

5. Booking via Cal.com (EU)

On the contact page (/kontakt or /contact) you can schedule a meeting via an embedded booking widget. We use the EU instance of Cal.com (cal.eu), operated by Cal.com EU Cooperative U.A., Netherlands. The servers are located in the European Union.

When you open the widget and book a meeting, the data you provide (name, email address, chosen time, optional notes) is sent directly to Cal.com and stored in their booking system. We then receive the confirmed appointment in our calendar.

Already when you load the contact page, the embed script (https://app.cal.eu/embed/embed.js) is fetched from Cal.com. In doing so, Cal.com may process technical connection data (in particular the IP address). When the widget is opened, Cal.com may set cookies that are technically necessary (function, session management).

Legal basis: Art. 6 (1) (b) GDPR / Art. 31 para. 1 FADP (initiation and performance of a contract on your request) and, for the prior loading of the script, Art. 6 (1) (f) GDPR (legitimate interest in providing a smooth booking experience). Cal.com privacy notice: https://cal.com/privacy.

As an alternative, you can always arrange a meeting by emailing hello@trib3s.com without using the booking widget.

6. Email contact

When you send us an email, we process your address, your name and the content of your enquiry to respond. This data is retained for as long as necessary to handle your enquiry and any follow-up communication, at most within statutory retention periods.

Legal basis: Art. 31 para. 1 FADP / Art. 6 (1) (b)/(f) GDPR.

7. Newsletter — book release notification

On the theory page (/theory-digital-society) you can register to be notified when our book on the theory of digital society is released.

Data processed: first name, last name, email address, the selected language (de/en), a timestamp, and your browser's user-agent. The latter is collected solely to protect against automated abuse.

Purpose: one-off notification when the book is released; in limited scope additional notes about keynote dates.

Storage: registrations are stored in a Google Sheet operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Transfer to the United States is based on the EU-U.S. Data Privacy Framework and supplementary EU Standard Contractual Clauses.

Legal basis: Art. 6 (1) (a) GDPR / Art. 31 para. 1 FADP (explicit consent given by actively submitting the form).

Retention: until book release plus a reasonable window after; at most 24 months from registration unless you request further correspondence.

Withdrawal: an informal message to hello@trib3s.com is sufficient — your address will be deleted promptly.

Once we move to a full newsletter provider with double opt-in, we will update this section accordingly.

8. Web analytics (Google Tag Manager / Google Analytics)

We use Google Tag Manager (GTM) on this website and, through it, Google Analytics 4 (GA4), to understand how the website is used and where we can improve it. These services are provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland; parts of the processing may also be carried out by Google LLC (USA).

GTM and GA4 are loaded exclusively after you have given your explicit consent via the cookie banner. As long as you have not consented, neither GTM nor GA4 are executed, no related cookies are set and no data is sent to Google. You can withdraw your consent at any time at the bottom of this page.

With consent given, Google processes in particular: shortened IP address, device and browser information, requested URLs, time spent on the site, interactions, and a pseudonymous identifier (Google Analytics cookies). The data is analysed to provide aggregated usage statistics. We do not instruct Google to combine this data with other data (advertising profiles or your identity in other Google services).

Legal basis: Art. 6 (1) (a) GDPR / Art. 31 para. 1 FADP in conjunction with your consent.

Retention: GA4 user data is generally retained for 14 months and then automatically deleted.

Cross-border transfer: When Google servers are called, data may be transferred to the United States. This transfer is covered by the EU–U.S. Data Privacy Framework (Google LLC is listed as a certified company) and supplementary EU Standard Contractual Clauses.

Google privacy notice: https://policies.google.com/privacy. Browser add-on to deactivate GA: https://tools.google.com/dlpage/gaoptout.

9. Cookies

We do not set any first-party tracking cookies on the website itself. Cookies may be set once (a) the Cal.com booking widget loads and that is technically necessary (see section 5), or (b) you consent to web analytics via the cookie banner and Google Tag Manager and Google Analytics are loaded (see section 8). You can deactivate cookies in your browser at any time or delete existing ones; certain functions may then be limited. You can withdraw your consent to web analytics at any time at the bottom of this page.

10. Recipients / processors

We only share your data with third parties where necessary to deliver the requested service, where required by law, or where you have consented. We currently use the following processors:

• Vercel Inc. (USA) — hosting and delivery of the website. • Cal.com EU Cooperative U.A. (NL) — booking via the embedded widget. • Google Ireland Ltd. (IE) / Google LLC (USA) — web analytics via Google Tag Manager and Google Analytics 4 (only with consent) and storage of newsletter registrations in Google Sheets (see section 7).

With all of them we have the legally required data processing agreements in place.

11. Cross-border transfers

Where data is transferred to a country outside Switzerland or the EEA, we rely on permitted transfer mechanisms (e.g. EU Standard Contractual Clauses, the EU–U.S. Data Privacy Framework adequacy decision for certified recipients, equivalent Swiss mechanisms).

12. Retention

We store personal data only for as long as necessary for the respective purposes or as required by statutory retention obligations. Afterwards the data is deleted or anonymised.

13. Your rights

Where FADP and/or GDPR apply, you have the following rights: access to the personal data we process about you, rectification of inaccurate data, erasure, restriction of processing, data portability, and objection to processing based on a legitimate interest. You can withdraw any consent already given at any time with effect for the future.

To exercise your rights, an informal message to hello@trib3s.com is sufficient.

14. Right to lodge a complaint

If you believe that we are not processing your data lawfully, you can lodge a complaint with a supervisory authority:

• Switzerland: Federal Data Protection and Information Commissioner (FDPIC / EDÖB), Feldeggweg 1, CH-3003 Bern, www.edoeb.admin.ch. • EU/EEA: with the data protection supervisory authority responsible for your place of residence or workplace.

15. Changes to this policy

We may update this privacy policy when services, legal requirements or website features change. The version published on this page is the version that applies.

Cookie settings

You decided via the cookie banner at the top of the site whether to allow web analytics. You can revoke or change that choice here at any time.