Privacy Policy

Last updated: April 25, 2026

1. Data Controller

This website (cathyyersin.com) is published by Cathy Yersin, an independent illustrator. Any inquiries can be sent to contact@cathyyersin.com. Cathy Yersin is responsible for the processing of personal data collected on this site.

2. Applicable Laws

The processing complies with:

• the Swiss Federal Act on Data Protection (nFADP), in force since September 1, 2023;
• the General Data Protection Regulation (GDPR, EU 2016/679) for visitors residing in the European Union.

3. Data Collected and Purposes

The site collects only the data necessary for the exchanges you initiate:

Contact form (page /contact):

• name, email address, message;
• browser IP address (used only to limit abuse, retained for 24 hours).

Purpose: to respond to your quote or information request.

Appointment scheduling (page /rendez-vous):

• name, email address;
• project description;
• date and time of the selected appointment.

Purpose: to organize and confirm the appointment.

4. Legal Basis

The processing is based on the execution of pre-contractual measures (quotes, contact requests, appointments) taken at your request, as well as on your consent evidenced by the submission of the form.

5. Retention Period

• Messages received via the contact form: 3 years from the last exchange, then deletion.
• Appointments: 3 years from the appointment date, for accounting and follow-up purposes.
• IP addresses: 24 hours (anti-spam).

6. Data Recipients

Your data is shared only with:

• Cathy Yersin, the sole recipient to process your request;
• HB Digitals, the site hosting provider (server in Europe);
• OVH SAS, the provider of transactional email services (headquarters in France, hosting in Europe).

No data is sold, rented, or transferred to commercial third parties.

7. Transfers Outside the EU / Switzerland

No data transfers to countries outside the European Union or Switzerland are carried out.

8. Cookies

The site does not use any tracking, advertising, or audience measurement cookies. A single strictly necessary cookie is set when logging into the admin area (admin_session) — it is exempt from consent under Article 5(3) of the ePrivacy Directive and the nFADP.

9. Your Rights

In accordance with the nFADP and GDPR, you have the following rights at any time regarding your data:

• right of access;
• right to rectification;
• right to erasure;
• right to restriction of processing;
• right to object;
• right to data portability;
• right to withdraw your consent at any time.

To exercise these rights, write to contact@cathyyersin.com. A response will be provided within one month.

10. Security

The site is served over HTTPS (TLS encryption). Data is stored on a dedicated server managed by HB Digitals. Access to the admin area is password-protected.

11. Complaint

If you believe your rights are not being respected, you may file a complaint with:

• Federal Data Protection and Information Commissioner (FDPIC), Switzerland — edoeb.admin.ch;
• French Data Protection Authority (CNIL), France — cnil.fr.

12. Changes

This policy may evolve. The date of the last update is indicated at the top of this page.