Privacy policy
This policy explains what personal data we collect through this website, why, on what legal basis, and what rights you have. It is drafted to satisfy the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR) where applicable.
Last updated: 14 May 2026
The controller for personal data processed in connection with this website is:
Dornfeld & Partner Rechtsanwälte
Zurich, Switzerland
Email: [email protected]
Phone (DE): +49 69 757 884 210
Full registry and supervisory-authority details are set out in the Impressum.
This website is intentionally minimal. The following categories of data may be processed:
df_lang) is set if you switch site language to remember your choice. It contains no identifier beyond en or de, expires after twelve months, and is sent only to this domain.We do not use Google Analytics, marketing or retargeting pixels, social-network widgets, A/B testing services, heat-map / session-recording tools, or any third-party data-processors for analytics or advertising.
We do not sell, rent, or share your personal data with third parties for marketing purposes.
Personal data may be disclosed to:
This website is hosted in the European Economic Area or in Switzerland (a country with an adequacy decision under EU law and adequate protection under Swiss law). Cross-border mandates may require transfers to local counsel outside the EEA / Switzerland; in those cases we rely on contractual safeguards or your explicit consent under Art. 49 GDPR.
Server logs are retained for short technical periods (typically 14 days, never more than 90 days). The functional language cookie expires after twelve months. Email enquiries and mandate files are retained for the periods required by Swiss professional rules, currently ten years from the end of the mandate, subject to longer periods where applicable law mandates them.
Subject to the FADP / GDPR, you have the right to:
The only cookie this site sets is df_lang — a strictly functional cookie used to remember your language preference (EN or DE). It contains no identifier, is not shared with third parties, expires after twelve months, and is set only when you actively switch language. Under FADP / GDPR, strictly functional cookies do not require prior consent; nonetheless we surface a low-friction notice for transparency.
You can delete this cookie at any time through your browser's settings. No site features will break, your language preference will simply not persist between visits.
The website is served over HTTPS with modern TLS ciphers and HTTP Strict Transport Security enabled. Production traffic passes through a CDN configured in strict-encryption mode, with origin-only certificate validation. We apply reasonable technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction.
To exercise any of the rights set out above, or for any privacy question, please write to [email protected] with the subject line "Data request". We respond to verifiable requests within statutory deadlines (typically one calendar month).
We may update this policy from time to time to reflect changes in our practices or in applicable law. The "Last updated" date at the top of this page indicates when the policy was last revised. Material changes will be flagged on the homepage for a reasonable period.