Privacy Policy – The Girl Code

Effective Date: 20.08.2025

The Girl Code (“we,” “our,” “us”) respects your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website, register for events, join our community, or otherwise interact with us.

1. Data Controller

The data controller within the meaning of the Swiss Federal Act on Data Protection (revDSG) and, where applicable, the EU General Data Protection Regulation (GDPR) is:

The Girl Code

Route d’Hermance, 1247 Anières, Geneva, Switzerland

Email: hello@thegirlcode.ch

2. Personal Data We Collect

We may collect and process the following categories of personal data:

From our business activities (events & community):

  • Identification data: name, email address, phone number, billing details.
  • Event participation data: ticket purchases, attendance records, preferences.
  • Community data: profile information, messages or content you share within our groups.
  • Website usage data: IP address, browser type, cookies, analytics.
  • Media (Photos & Videos): At our events, we sometimes take photos or videos to capture the atmosphere and share the experience with our community. We will always ask for your consent in advance before taking any photo or video in which you are clearly identifiable. If you do not wish to appear in photos or videos, you can simply let us know at the event, and we will make sure to respect your choice. Group or background images where individuals are not the main subject may still be used for documentation and promotional purposes.

From our website & technical services:

  • Comments: data entered in the comment form, IP address, browser user agent (for spam detection).
  • Gravatar: an anonymized string (hash) from your email may be sent to Gravatar to display your profile picture. Gravatar’s Privacy Policy: Automattic Privacy Policy.
  • Cookies: login, screen preferences, comment convenience.
  • Embedded content: pages may include content from other websites (e.g. YouTube, Instagram). These third parties may collect data about you.
  • Usage data: IP address, browser type, analytics data.

3. Purposes of Processing

We process your personal data in order to:

  • Provide and manage events, workshops, and community activities.
  • Process ticket sales, memberships, and payments.
  • Communicate with you regarding events, updates, and promotions.
  • Maintain safe, respectful community spaces.
  • Improve our services and website.
  • Comply with legal and accounting obligations.

4. Legal Basis

We process your data on the following legal bases:

  • Performance of a contract – e.g., to deliver event tickets or memberships.
  • Consent – e.g., for newsletters, or when using identifiable photos.
  • Legitimate interests – e.g., to ensure community safety, prevent fraud, improve services.
  • Legal obligations – e.g., retaining invoices for tax/accounting purposes.

5. Data Sharing

We only share your personal data with:

  • Service providers (e.g., ticketing platforms like Luma, payment providers like Stripe).
  • Business partners for co-hosted events (only where necessary).
  • Authorities if legally required.

We do not sell your data to third parties.

6. Cookies

  • If you leave a comment, you may opt-in to saving your name, email, and website in cookies (1 year duration).
  • A temporary cookie is set on the login page to check if your browser accepts cookies (deleted when you close the browser).
  • Login cookies last 2 days (or 2 weeks if “Remember Me” is selected). Screen option cookies last 1 year.
  • If you log out, login cookies are removed.
  • Editing or publishing content sets a temporary cookie (1 day).

You can disable cookies in your browser settings, but some functions may not work properly.

7. Data Sharing

We only share your data with:

  • Service providers (e.g. ticketing platforms such as Luma, payment providers such as Stripe).
  • Trusted partners for co-hosted events (only when necessary).
  • Authorities if required by law.

We do not sell personal data.

8. Data Retention

  • Comments and their metadata are retained indefinitely for automatic follow-up recognition.
  • Registered users (if any) can see, edit, or delete their personal profile data at any time (username cannot be changed).
  • For events, tickets, and memberships, we keep data as long as needed for contractual purposes or legal retention (e.g. invoices for 10 years under Swiss law).

9. Your Rights

Under the revDSG and GDPR, you have the right to:

  • Access, correct, or delete your data.
  • Restrict or object to certain processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time (for processing based on consent).
  • Lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC) or an EU supervisory authority.

10. International Transfers

If data is transferred outside Switzerland or the EEA, we ensure adequate protection through contractual safeguards (e.g., EU standard contractual clauses).

11. Security

We implement technical and organizational measures to protect your data against unauthorized access, misuse, loss, or disclosure.

12. Where Your Data Is Sent

  • Visitor comments may be checked through an automated spam detection service.
  • Analytics tools (if used) may process anonymized usage data outside Switzerland/EEA, with appropriate safeguards.

13. Contact

For privacy-related questions, please contact us at:

hello@thegirlcode.ch