We place great importance on handling personal data transparently. This privacy policy provides information about which personal data we collect, for what purpose, and to whom we disclose it. To ensure a high level of transparency, this privacy policy is regularly reviewed and updated. 1. Services we use Google Tag Manager Bookly 2. Contact information If you have any questions or concerns regarding data protection, you can contact us at any time by email at [jay@one4ten.media](mailto:jay@one4ten.media). The entity responsible for data processing on this website is: ExpatLaw Nidaugasse 14 2502 Biel Switzerland Data protection officer: Jean-Michel Scheidegger jay@one4ten.media 076 495 33 12 3. General principles 3.1 What data we collect and from whom we receive it

Primarily, we process personal data that you provide to us or that we collect while operating our website. In some cases, we may also receive personal data about you from third parties. This may include the following categories: Personal master data (name, address, date of birth, etc.); Contact details (mobile number, email address, etc.); Financial data (e.g. bank details); Online identifiers (e.g. cookie IDs, IP addresses); Location and traffic data; Audio and image recordings; Sensitive data (e.g. biometric data or information about your health). 3.2 Under what conditions do we process your data?

We treat your data confidentially and in accordance with the purposes set out in this privacy policy. We ensure that processing is transparent and proportionate. If, in exceptional cases, we are unable to comply with these principles, the data processing may still be lawful if there is a legal basis. Such legal bases may include: Your consent; The performance of a contract or pre-contractual measures; Our legitimate interests, provided your interests do not prevail. 3.3 How can you withdraw your consent?

If you have given us consent to process your personal data for specific purposes, we will process your data within the scope of this consent unless we have another legal basis. You may withdraw your consent at any time by sending an email to the address provided in the imprint. Data processing that has already taken place remains unaffected. 3.4 In which cases can we disclose your data to third parties?

a. Principle In certain cases, we rely on third-party services or affiliated companies and may commission them to process your data (so-called data processors). Categories of recipients include: Accounting, fiduciary and auditing companies; Consulting firms (legal advice, tax, etc.); IT service providers (web hosting, support, cloud services, website design, etc.); Payment service providers; Providers of tracking, conversion, and advertising services. We ensure that these third parties and affiliated companies comply with data protection requirements and treat your personal data confidentially. In certain cases, we may also be required to disclose your personal data to authorities. b. Visiting our social media channels We may have embedded links to our social media channels on our website. This is visible to you (typically via corresponding icons). If you click on these icons, you will be redirected to our social media channels. In this case, the social media providers will be informed that you have accessed their platform from our website. These providers may use the collected data for their own purposes. Please note that we have no knowledge of the content of the transmitted data or its use by the operators. c. Data transfer abroad In some cases, your personal data may be transferred to companies abroad as part of processing activities. These companies are obliged to comply with the same level of data protection as we are. The transfer may take place worldwide. If the level of data protection does not correspond to that of Switzerland, we carry out a prior risk assessment and ensure contractually that the same level of protection is guaranteed (e.g. through the EU Commission’s standard contractual clauses or other legally required measures). If our risk assessment is negative, we take additional technical measures to protect your data. You can access the EU Commission’s standard contractual clauses at the following link: [https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_de](https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_de) 3.5 How long do we store your data?

We store personal data only as long as necessary to fulfill the purposes for which it was collected. Data collected during your visit to our website is stored for twelve months. An exception applies to analysis and tracking data, which may be stored longer. We store contractual data for longer due to legal obligations. In particular, we must retain business communications, concluded contracts, and accounting records for up to 10 years. If we no longer need such data for service provision, it will be restricted and only used for accounting and tax purposes. 3.6 How do we protect your data?

We store your data securely and take all reasonable measures to protect it from loss, access, misuse, or alteration. Our contractual partners and employees with access to your data are required to comply with data protection regulations. In some cases, it may be necessary to forward your requests to affiliated companies. In such cases, your data will also be treated confidentially. Within our website, we use SSL (Secure Socket Layer) encryption in combination with the highest level of encryption supported by your browser. 3.7 What rights do you have? a. Right of access You can request information about the data we store about you at any time. Please send your request along with proof of identity to [jay@one4ten.media](mailto:jay@one4ten.media). You also have the right to receive your data in a commonly used file format if we process your data automatically and if: You have given consent for the processing of this data; or You have provided data in connection with the conclusion or execution of a contract. We may restrict or refuse access or data disclosure if this conflicts with legal obligations, our legitimate interests, or the interests of a third party. The processing of your request is subject to a statutory period of 30 days. However, we may extend this period due to high request volumes, legal or technical reasons, or if we require additional information from you. You will be informed of any extension in due time, at least in text form. b. Deletion and correction You may request the deletion or correction of your data at any time. We may reject the request if legal requirements oblige us to retain the data longer or unchanged, or if a legal basis conflicts with your request. Please note that exercising your rights may conflict with contractual agreements and may have consequences for contract performance (e.g. early termination or costs). c. Legal remedies If you are affected by the processing of personal data, you have the right to enforce your rights in court or to file a complaint with the competent supervisory authority. The competent authority in Switzerland is the Federal Data Protection and Information Commissioner: [https://www.edoeb.admin.ch](https://www.edoeb.admin.ch) 3.8 Changes to this privacy policy

We may amend this privacy policy at any time. Changes will be published; you will not be notified separately. 4. Individual data processing activities 4.1 Provision of the website and creation of log files

What information do we receive and how do we use it? When you visit our website, certain data is automatically stored on our servers or on servers of services and products we use and/or have installed, for system administration, statistical, security, or tracking purposes. This includes: The name of your internet service provider; Your IP address (if applicable); The version of your browser software; The operating system of the device used to access the URL; The date and time of access; The website from which you accessed our URL; The search terms used to find our URL. Why are we allowed to process this data? This data cannot be assigned to a specific person and is not merged with other data sources. Log files are stored to ensure the functionality of the website and the security of our IT systems. This constitutes our legitimate interest. How can you prevent data collection? The data is stored only as long as necessary for the purpose of its collection and is deleted after each session ends. The storage of log files is essential for the operation of the website; therefore, you have no option to object. 4.2 Google Tag Manager

We use Google Tag Manager, a service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), to manage website tags via an interface. Google Tag Manager itself (which implements the tags) is a cookie-less domain and does not process personal data. The service triggers other tags that may collect data. Google Tag Manager does not access this data. If deactivation has been performed at the domain or cookie level, it remains in effect for all tracking tags implemented via Google Tag Manager. By using Google Tag Manager, scripts (so-called tags) can be automatically activated on our website and data from your browser can be transmitted to Google. This data may include information about your IP address, the browser you use, the subpages you visit on our website, and other interactions during your visit. 4.3 Bookly

Our website uses Bookly, an online booking system and scheduling plugin that allows users to book appointments for services directly via the website. When you book an appointment or request a service via Bookly, you will be asked to provide certain personal data, such as your name, email address, phone number, and, if applicable, additional information relevant to the service. This data is required to process your booking, inform you about its status, and provide the requested service. The data collected via Bookly is stored on our servers and is only accessible to authorized persons responsible for processing your booking or request. This data will not be shared with third parties without your explicit consent, unless required by law or necessary for contract performance. Bookly also uses cookies to improve user experience and optimize the booking process. These cookies are technically necessary and serve to store your settings and preferences during the booking process. BrainBox Generators BrainBox Generators is a service provided by BrainBox Solutions GmbH to identify all data protection-relevant services on a website and assist in creating the privacy policy. No personal data is collected or processed in this context.