Privacy Policy - alpinerecon.com

Last updated: [26.06.2025]

1. Who we are

Alpine Recon (sole proprietorship)
Chemin de Primerose 2, 1007 Lausanne, Switzerland
E-mail: contact@alpinerecon.com

For the purposes of Swiss data-protection law and the European General Data Protection Regulation (GDPR), Alpine Recon is the data controller for the processing described in this notice.

2. What this policy covers

This policy explains how we collect, use, share and protect personal data when you:

browse alpinerecon.com or any sub-domain;
create an account or place an order in our store;
interact with us by e-mail or other channels.

It also explains your choices and rights.

3. Personal data we collect

Category	Typical items	When we collect it	Legal basis*
Identity & Contact	First & last name, postal address, e-mail, phone	Account creation, checkout, customer-service messages	Contract
Order & Payment	Order ID, products, billing & shipping info, payment-method token (card, PayPal ID, etc.)	Checkout	Contract / Legal obligation
Usage data	IP address, browser type, pages visited, referrer URL	Browsing the site (server logs, analytics cookies)	Legitimate interest
Marketing preferences	Newsletter opt-in, purchase history relevant to offers	Sign-up forms, account settings	Consent / Legitimate interest
Cookies & similar tech	Cookie ID, advertising identifiers	See § 8 below	Consent / Legitimate interest

4. Why we use personal data and our legal bases

Purpose	Details	Legal basis
Process and deliver orders	Manage payments, tax invoices, shipping, returns	Performance of a contract
Customer support	Respond to queries, resolve issues	Performance of a contract
Marketing	Send newsletters or personalised offers	Consent (you may withdraw at any time)
Analytics & site optimisation	Aggregate statistics, fraud detection, improve UX	Legitimate interest
Accounting & compliance	Keep records for tax and consumer-protection rules	Legal obligation

5. Who has access to your data

We never sell or rent personal data. We share it only with:

Recipient	Role	Location	Safeguard
Web host – Hostinger	Infrastructure & backups	EU data-centres (per Hostinger)	EU adequacy
Shipping & logistics partners	Deliver your parcel	Switzerland / EU / worldwide	Contractual necessity
suppliers	Fulfil certain orders	China	SCCs / Art. 49(1)(b) GDPR (contract fulfillment)
(Optional) Payment gateway	Secure payment processing		Provider’s PCI-DSS compliance

6. International transfers

If we transfer data outside Switzerland or the EEA (e.g., to AliExpress suppliers in China), we rely on:

Standard Contractual Clauses (SCCs) approved by the European Commission, or
another GDPR-recognised safeguard, or
the Art. 49(1)(b) derogation when the transfer is necessary to perform the sales contract you request (e.g., shipping a product you ordered).

7. Data retention

Data set	Retention period
Customer accounts & order history	2 years after last interaction, unless you ask us to delete sooner
Invoices & accounting records	10 years (required by Swiss law)
Support e-mails / tickets	2 years
Analytics cookies	see § 8, max 14 months

8. Cookies & similar technologies

Our site uses:

Essential cookies – needed for cart, checkout and security (always active).
Analytics cookies – help us understand traffic (loaded only with consent).
Marketing cookies – allow us to show relevant ads (loaded only with consent).

A cookie banner appears on your first visit; you can adjust or withdraw consent at any time via the banner’s “Settings” link.

9. Children

Our store is not directed to children under 16. If we discover that we hold data of a minor without parental consent, we delete it immediately.

10. Your rights

Under Swiss law and, for EU/EEA residents, the GDPR, you may:

Access the personal data we hold about you.
Rectify inaccurate or incomplete data.
Erase data (“right to be forgotten”) where legal grounds permit.
Restrict or object to certain processing.
Port data to another controller.
Withdraw consent (for marketing or non-essential cookies) at any time.
Lodge a complaint with your local supervisory authority or with the Swiss Federal Data Protection and Information Commissioner (FDPIC).

To exercise any right, e-mail us at contact@alpinerecon.com.

11. Security measures

Full-site HTTPS/TLS encryption
Secure, PCI-DSS-compliant payment flow (no raw card data stored on our servers)
Daily off-site backups stored encrypted
Role-based access control and 2-factor authentication on WordPress admin
Regular plugin/theme updates and vulnerability patching
Server-level firewall and malware monitoring by Hostinger

12. Changes to this policy

We may update this notice from time to time (e.g., if we add new services). We will post the new version here

13. Contact

Questions about this policy or your data?
E-mail contact@alpinerecon.com and we’ll respond within 30 days.