Privacy Policy

Introduction

Suich SA (hereinafter: “Suich”, “we”, “us”, “our”) operates the website www.suich.ch and the Suich mobile application (hereinafter: our “Service”).

This Privacy Policy informs you about our policy on the processing of personal data, as well as the choices available to you regarding such data.

By using our Service, you agree to the collection and use of data in accordance with this Privacy Policy.

Identity of the data controller

Suich SA, located at Cours des Bastions 13, 1205 Geneva (contact@Suich.ch), acts as the data controller for the personal data collected in connection with the use of our Service.

Definitions

  • Service: the website suich.ch and the Suich application, operated by Suich SA.

  • Personal Data: any information relating to an identified or identifiable natural person.

  • Data Subject (user): any natural person who uses our Service and whose personal data is processed.

  • Usage Data: data collected automatically during use of the Service (e.g., the duration of a page visit).

  • Processing: any operation performed on personal data, including collection, recording, storage, use, modification, disclosure, archiving, erasure or destruction of data.

  • Cookies: a small block of data sent by the Service to be stored on your device and retrieved on the next connection.

  • Data Controller: the natural or legal person who determines the purposes and means of processing personal data (here: Suich SA).

  • Service Provider (processor): the natural or legal person who processes personal data on behalf of the data controller.

Data collected

  • Identification data: last name and first name, email address, phone number, driving licence, professional authorization, trip history, ratings, comments, earnings, cookies and usage data.

  • Usage data: IP address, browser, operating system, logs, pages visited, timestamps, device type used, etc.

  • Ride data: pickup and drop-off addresses, times.

  • Payment data: depending on the payment method chosen.

  • Geolocation data: your location is used in real time during the ride. If you do not wish to be geolocated, you can disable sharing in your device settings.

Purpose of processing

The personal data collected is processed for the following purposes:

  • Provision, management and improvement of our Service: ensuring operation, maintenance, personalization and optimization of the website and mobile application.

  • User account management: creation, authentication, access management and notifications relating to your account.

  • Geolocation: enabling real-time location of users and drivers during rides to ensure proper service delivery.

  • Payment: transmitting the information necessary for the transaction (amount, reference, identification) to our third-party payment provider, which then processes your banking data securely and independently.

  • Security and fraud prevention: securing data, detecting and preventing fraudulent or unlawful activities.

  • Dispute management and legal obligations: retaining information relating to rides and interactions in the event of a claim or regulatory inspection.

  • Verification of drivers’ documents: checking documents strictly necessary for drivers’ activity under applicable law.

  • Interactive features: access to communication, rating and review tools between users and drivers.

  • Customer support and assistance: processing requests, complaints and user feedback.

  • Detection and resolution of technical incidents: identifying and fixing bugs or platform malfunctions.

  • Sending information, news and commercial offers: communicating updates, promotional offers or service-related information, subject to your consent or unless you object.

  • Notification of important changes: informing the user of any significant changes to the service, terms of use or the privacy policy, in order to ensure transparency regarding data use and to allow you to exercise your rights with full knowledge.

Legal bases (GDPR and FADP)

We process your data on the following bases:

  • Performance of a contract (in particular orders, ride management, geolocation, payment).

  • Compliance with legal obligations (in particular security, verification of drivers’ documents).

  • Legitimate interest (in particular security, service improvement, dispute management).

  • Consent (for processing not necessary for our Service, in particular sending information, news and commercial offers).

Data recipients

Your data may be shared with:

  • Drivers (for the performance of the ride).

  • Our IT service providers (hosting): e.g., Infomaniak.

  • Our payment service providers (secure payment): e.g., Stripe, OPP.

  • Advertising platforms: e.g., Google Ads, Facebook Ads.

  • Competent authorities, where required by law.

Our partners are subject to strict contractual confidentiality obligations.

In the event of a sale or merger, all partners are contractually bound by confidentiality and compliance with applicable legal provisions (GDPR and FADP).

Data transfers

Your data may be transferred to countries other than your country of residence (for example, to Switzerland). We ensure that appropriate security measures are complied with during transfer and processing.

If data is transferred outside Switzerland or the EU, we ensure that an adequate level of protection is guaranteed in accordance with applicable law (standard contractual clauses, adequacy decisions, etc.).

Retention period

Data is retained for as long as necessary to achieve the purposes set out above, then archived or deleted in accordance with legal requirements.

Usage data may be retained for a shorter period, unless used for analysis related to the security or operation of our Service.

Third-party services

We use, among others, the following service providers:

  • Infomaniak (IT and hosting services)

  • Stripe/OPP (payment processing)

  • Google Analytics / Firebase (web & app analytics)

  • Zendesk (customer support)

  • AppFly (digital services)

  • Facebook Ads (remarketing)

For more details on how these providers process your data, please refer to their respective privacy policies.

Payments

Payments are processed by external providers (Stripe / OPP). Processing is carried out in accordance with PCI-DSS security standards.

Cookies

We use cookies and similar technologies (such as tags and scripts) to ensure the proper functioning of our Service, to analyze its use and to improve your user experience. Depending on their purpose, these cookies may be:

  • Session cookies: essential for the technical operation of the Service and secure browsing.

  • Preference cookies: allowing us to remember your choices and settings (language, region, etc.).

  • Security cookies: used to ensure the security of the Service and detect potential malicious activities.

Some cookies are strictly necessary and do not require your consent. For others, your consent may be requested during your first visit, in accordance with applicable law.

A banner is displayed during your first visit to inform you about the use of cookies and similar technologies. You can accept, refuse or customize the placement of these cookies. Non-essential cookies will only be placed with your explicit consent.

You can configure or disable cookies at any time through your browser settings. Please note that disabling certain cookies may affect the optimal functioning of some features of our Service.

Your rights

In accordance with the GDPR and the FADP, you have the following rights:

  • Right of access to your data.

  • Right to rectification.

  • Right to erasure (“right to be forgotten”).

  • Right to restriction of processing.

  • Right to object.

  • Right to data portability.

  • Right to withdraw your consent at any time.

  • Right to lodge a complaint with the data protection authority (Federal Data Protection and Information Commissioner).

To exercise your rights, contact us at contact@suich.ch. Any request will be processed within the legal time limits. If there is doubt about your identity, supporting documentation may be requested.

Data security

We implement appropriate technical and organizational measures to ensure the security and confidentiality of your data and to prevent unauthorized access, loss or disclosure. However, no method of transmitting or storing data is 100% secure.

Notification in case of a breach

In the event of a personal data breach presenting a high risk to your rights and freedoms, we will inform you as well as the competent authority, in accordance with the law.

Processing of minors’ data

Personal data relating to minors is processed with particular attention, in accordance with the principles of proportionality and security.

The parent or guardian of the minor may at any time request access to, rectification or deletion of data from the adolescent’s account.

Parental or guardian consent is required for any collection or processing of a minor’s personal data, as well as for any substantial modification to the service’s terms of use.

Changes to this privacy policy

This policy may be amended at any time. The version in force is the one published on our website.

Changes will be published on this page. In the event of significant changes, you will be informed by email or via our application.

Supervisory authority

In Switzerland, the competent supervisory authority for data protection is the Federal Data Protection and Information Commissioner (FDPIC).