Privacy Policy
(Version: May 2026)
1. Data Controller Controller
Slow&Well is committed to protecting your personal data. This Privacy Policy explains what we collect, why, how we handle it, and what rights you have.
2. Applicable Law
This Privacy Policy is issued in accordance with:
- Swiss Federal Act on Data Protection (nFADP), in force since 1 September 2023
- EU General Data Protection Regulation (GDPR 2016/679), applicable where we process personal data of EU residents
This Policy applies to all personal data collected through: this website (slowandwell.ch), the Slow&Well Dream Valley digital platform, booking forms, email communications, B2B partner referrals, and marketing channels.
3. Personal Data We Collect
Category A — Identity and Contact Data
Full name, email address, phone number, country of residence. Collected at the point of enquiry or booking.
Category B — Booking and Service Data
Selected archetype experience, experience dates, group composition, special requirements, and payment status. Card details are processed exclusively by Stripe; we do not store payment card data.
Category C — Health and Wellness Data
Fitness level, relevant medical conditions, physical limitations, and dietary requirements, provided voluntarily at booking. This information is used solely to ensure safe and appropriate delivery of your experience. It is collected with your explicit consent and handled with heightened security and restricted access.
Category D — Transformation and Experience Data
Personal reflections, intentions, goals, and emotional responses shared during the pre-journey preparation, the experience itself, and the 30-day integration programme.
This is the most sensitive category of data we process. It is used solely to personalise your journey and support your integration. It is never shared with third parties, never used for automated profiling or AI-generated analysis, and is deleted 12 months after your experience date unless you request earlier deletion.
Category E — Website and Platform Usage Data
IP address, browser type, device, pages visited, and session data — collected via Google Analytics 4 (anonymised) and Gamma platform technology. See Cookie Policy for details.
Category F — Marketing and Communication Data
Newsletter subscription status, communication preferences, and interaction history — collected only with your explicit opt-in consent.
4. Legal Bases for Processing
5. Data Processors and Sharing
We share personal data only with the following processors, each governed by a Data Processing Agreement (DPA):
We do not sell your personal data. We do not share personal data with any party not listed above. 6. International Data Transfers Several processors listed above are based in the United States. Data transfers to these processors are governed by Standard Contractual Clauses (SCCs) approved by the European Commission and adopted under Swiss nFADP, ensuring an equivalent level of data protection.
No personal data is transferred to any country without adequate safeguards in place.
7. Data Retention
8. Your Rights
Under nFADP and GDPR, you have the following rights in relation to your personal data:
- Right of access — request a copy of the data we hold about you
- Right to rectification — ask us to correct inaccurate data
- Right to erasure — request deletion of your data (subject to legal retention obligations)
- Right to restriction — ask us to limit how we use your data
- Right to portability — receive your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interest
- Right to withdraw consent — at any time, without affecting the lawfulness of prior processing
To exercise any of these rights, email: info@slowandwell.ch. We will respond within 30 days.
9. Supervisory Authority
If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with:
- Switzerland: Federal Data Protection and Information Commissioner (FDPIC) — fdpic.ch
- EU residents: the data protection authority of your country of residence
10. Security
We apply appropriate technical and organisational measures to protect your personal data, including:
- Encrypted connections (HTTPS/TLS) for all data transmissions
- Access controls restricting data to authorised individuals only
- Regular backups to secure, encrypted storage
- Prompt notification to the FDPIC and affected individuals in the event of a serious data breach (within 72 hours where required)
11. Automated Decision-Making
We do not use automated decision-making or profiling to make decisions that produce legal or otherwise significant effects on you. Your transformation and experience data (Category D) is never processed algorithmically.
12. Updates to This Policy
This Privacy Policy may be updated periodically. The version date is shown at the top of this page. Material changes will be communicated to active subscribers by email. We recommend reviewing this Policy when you revisit the site or make a new booking.
© 2025 Slow&Well. All rights reserved.
B2B Trade Notice: This platform is designed exclusively for travel industry professionals. We do not accept direct consumer bookings.
Webdesign by Ajeenaty