Privacy Policy
This document also includes HdyoN’s Cookie Policy and is published in English for the current website and digital commerce environment.
| Controller | Annelies Brown AG, Via Vallemaggia 81, 6600 Locarno, Switzerland |
| Contact | info@hdyon.com |
| Coverage | Swiss FADP, EU GDPR, UK GDPR, e-commerce, marketing, cookies, professional, partnership, and investor enquiries |
| Last updated | April 14, 2026 |
This Privacy Policy explains how Annelies Brown AG, acting under the HdyoN brand, collects, uses, shares, stores, and otherwise processes personal data when individuals visit the website, create an account, place an order, subscribe to recurring purchases, contact HdyoN, sign up for marketing communications, or submit professional, partnership, or investor enquiries.
This document also includes HdyoN’s Cookie Policy and is published in English for the current website and digital commerce environment.
1. Who controls your personal data
The data controller for the processing described in this Privacy Policy is:
Annelies Brown AG
Via Vallemaggia 81
6600 Locarno
Switzerland
Email: info@hdyon.com
Where a specific third-party service provider processes payment, delivery, analytics, marketing, hosting, or communications data on our behalf, that provider acts as our processor or service provider unless otherwise stated. In some cases, third parties such as payment providers, social media platforms, or logistics partners may also act as independent controllers for their own processing.
2. Scope of this Privacy Policy
This Privacy Policy applies to personal data processed in connection with the following:
• our website and online shop;
• customer accounts, checkouts, orders, and subscriptions;
• communications with customers, prospects, partners, professionals, and investors;
• newsletter sign-ups and other marketing interactions;
• customer support, product service, repairs, and warranty matters;
• analytics, advertising, audience measurement, and limited commercial profiling;
• cookies and similar technologies;
• business, partnership, professional, and investor relationship management.
3. Which laws we consider in this Policy
HdyoN is based in Switzerland. Depending on the context, location, and relationship involved, our processing may be subject to the Swiss Federal Act on Data Protection (FADP), the EU General Data Protection Regulation (EU GDPR), and the UK GDPR together with related UK privacy and electronic communications rules.
This Privacy Policy is drafted to provide a high standard of transparency across those frameworks. Rights and specific legal standards may vary depending on where an individual is located and how they interact with HdyoN.
4. The personal data we collect
4.1 Identity and contact data
Examples include first name, last name, title, billing address, delivery address, email address, telephone number, company name, role, country, and language preferences.
4.2 Account and customer relationship data
Examples include account credentials, order history, wishlist data, saved preferences, subscription selections, account settings, support history, and records of prior interactions with us.
4.3 Order, checkout, payment, and transaction data
Examples include products viewed or purchased, cart details, subscription frequency, order values, discounts, shipping method, transaction identifiers, payment status, invoice details, and fraud-screening results. HdyoN does not store full payment card details where payment is processed by specialized payment providers.
4.4 Communications data
Examples include email correspondence, contact form submissions, customer support messages, call notes, partnership discussions, investor enquiry materials, and records of preferences or objections communicated to us.
4.5 Professional, partner, and investor data
Examples include company affiliation, business contact details, areas of interest, meeting notes, collaboration status, due diligence correspondence, investor relationship history, and information voluntarily provided in professional or investor communications.
4.6 Marketing and engagement data
Examples include newsletter subscription status, consent records, campaign interactions, event or launch interest, opens, clicks, ad interactions, audience segments, and response history.
4.7 Technical, device, and usage data
Examples include IP address, browser type, device identifiers, operating system, referral URLs, approximate location based on IP, pages viewed, session timing, on-site behavior, cookie identifiers, and similar online identifiers.
4.8 Preference, analytics, and profiling data
Examples include inferred preferences, product interest, likely engagement patterns, channel performance data, and limited commercial audience segmentation used to improve the website, marketing, product communication, and commercial relevance.
4.9 Compliance and legal data
Examples include records needed for fraud prevention, age or identity verification where relevant, legal claims, complaint handling, regulatory compliance, and enforcement of our terms.
5. How we collect personal data
HdyoN collects personal data directly from individuals, automatically through cookies and similar technologies, and from selected service providers and business partners involved in ecommerce, payments, delivery, email communications, analytics, security, and advertising.
• directly from you, for example when you submit a form, create an account, place an order, sign up for marketing, or contact us;
• automatically through cookies and similar technologies when you use the website;
• from service providers and business partners involved in ecommerce, payments, delivery, email, analytics, security, and advertising;
• from social media and advertising partners where you interact with our content or advertisements;
• from publicly available sources or from the organization you represent, for example in a professional, partnership, or investor context.
6. Why we process personal data and our legal bases
Where EU GDPR or UK GDPR applies, HdyoN relies on one or more of the following legal bases: performance of a contract, compliance with legal obligations, legitimate interests, consent, and establishment, exercise, or defense of legal claims.
6.1 To operate the website and online shop
Including to display requested pages, maintain security, enable navigation, manage log files, remember language or cart choices, and ensure website functionality.
Legal bases: legitimate interests; consent where required for non-essential cookies.
6.2 To create and manage accounts
Including to register users, authenticate logins, maintain account settings, and provide account-based services.
Legal bases: contract; legitimate interests.
6.3 To process orders, subscriptions, and deliveries
Including to accept and manage orders, process recurring purchases, handle payment flows, issue confirmations, ship products, and communicate about fulfilment.
Legal bases: contract; legal obligations; legitimate interests.
6.4 To provide customer service, warranty support, repairs, and after-sales service
Including to respond to support requests, assess warranty claims, coordinate repairs or cleaning, and maintain service records.
Legal bases: contract; legitimate interests; legal obligations where applicable.
6.5 To communicate with you
Including to respond to enquiries and manage customer, professional, partnership, and investor relationships.
Legal bases: legitimate interests; contract where relevant; consent where legally required.
6.6 To send marketing communications
Including newsletters, launch news, product updates, promotional communications, and selected brand or event messages where permitted.
Legal bases: consent where required; otherwise legitimate interests where lawful.
6.7 To measure and improve website, campaigns, and business performance
Including analytics, conversion measurement, audience insights, debugging, UX optimization, campaign attribution, and business reporting.
Legal bases: consent where required for analytics or marketing technologies; otherwise legitimate interests.
6.8 To personalize content and conduct limited commercial profiling
Including to tailor product communications, audience segmentation, website relevance, and campaign efficiency. HdyoN does not use profiling to make solely automated decisions that produce legal or similarly significant effects on individuals.
Legal bases: consent where required; otherwise legitimate interests.
6.9 To prevent fraud, misuse, unlawful activity, and security incidents
Including transaction verification, abuse detection, system monitoring, and enforcement of terms and policies.
Legal bases: legitimate interests; legal obligations; legal claims.
6.10 To comply with law and protect HdyoN’s rights
Including accounting, tax, consumer law, product compliance, dispute management, legal proceedings, and regulatory cooperation.
Legal bases: legal obligations; legitimate interests; legal claims.
7. Cookies and similar technologies
The website uses cookies, pixels, tags, scripts, local storage objects, and similar technologies. For simplicity, all such technologies are referred to in this section as cookies.
7.1 What cookies do
• make the website work properly;
• remember choices and session information;
• keep shopping and checkout functions running;
• understand how visitors use the site;
• measure campaign performance;
• improve website functionality and content relevance;
• support advertising, remarketing, audience building, and conversion measurement.
7.2 Cookie categories
HdyoN uses the following categories of cookies or similar technologies:
Strictly necessary cookies. These are required for core website, security, shopping basket, checkout, consent management, fraud prevention, and basic functionality. They do not require consent where applicable law allows this.
Analytics and performance cookies. These help HdyoN understand website usage, traffic sources, engagement patterns, and performance so the site and communications can be improved.
Marketing and advertising cookies. These may be used to measure campaigns, understand advertising effectiveness, create audiences, deliver more relevant advertising, and support remarketing across digital platforms.
7.3 Consent and controls
Where required by applicable law, HdyoN asks for consent before placing analytics or marketing cookies on a device. The cookie banner is designed to allow users to accept all, reject non-essential cookies, or manage preferences by category.
Users can also adjust browser settings or use the controls available in the cookie banner or cookie preferences tool. Preference choices should remain accessible through the website’s cookie settings link. Blocking some cookies may affect website functionality.
7.4 Examples of third-party tools and services
• WordPress and WooCommerce ecommerce functionality;
• Shopify-related checkout or commerce services where applicable to the transaction flow;
• PostFinance and other payment-related service providers;
• Google services for analytics, tag management, advertising measurement, and related services;
• Meta services for ad measurement, audience tools, and campaign optimization;
• LinkedIn services for campaign performance and professional audience engagement;
• Hostinger or connected email and hosting services for website operation and email communications.
The exact cookies and durations may vary over time as the website evolves. The consent management layer should reflect the current categories in active use.
8. Marketing, advertising, and profiling
HdyoN may use personal data to send newsletters or promotional emails, measure campaign effectiveness, better understand audience interest in products and launches, create or use audience groups on third-party advertising platforms, and personalize the sequence or relevance of certain website or email communications.
Where required by law, HdyoN will obtain prior consent for email marketing and for non-essential advertising technologies. Marketing emails can be unsubscribed from at any time using the unsubscribe link in the relevant message or by contacting HdyoN.
HdyoN may use limited commercial profiling for customer, prospect, partner, professional, and investor relationship management. This means contacts may be organized by likely area of interest, stage of relationship, prior interactions, or commercial relevance. HdyoN does not use profiling to make solely automated decisions with legal or similarly significant effects.
9. Who we share personal data with
HdyoN may share personal data with the following categories of recipients where necessary and appropriate:
• website, hosting, CMS, ecommerce, and technical infrastructure providers;
• payment service providers and payment-related processors;
• shipping, logistics, customs, and fulfilment providers;
• customer support, CRM, email, and communications providers;
• analytics, tag management, advertising, and social media platform providers;
• IT, cybersecurity, fraud prevention, and professional advisers;
• accountants, auditors, insurers, banks, and legal advisers;
• business, commercial, manufacturing, or logistics partners where needed to fulfil services or manage relationships;
• authorities, regulators, courts, or law enforcement where required;
• potential acquirers, investors, lenders, or transaction advisers in the context of corporate transactions, provided appropriate confidentiality measures are in place.
Some of these recipients act as processors on HdyoN’s instructions, while others may act as independent controllers for their own purposes.
10. International transfers
Because some service providers, technology partners, and platform providers operate internationally, personal data may be processed outside Switzerland, the UK, or the European Economic Area.
Where required by applicable law, HdyoN takes steps to protect transferred personal data, including by relying on adequacy decisions or recognized adequate jurisdictions, standard contractual clauses or equivalent approved safeguards, the UK International Data Transfer Agreement or UK addendum where relevant, and other lawful transfer mechanisms permitted by applicable law.
Individuals may contact HdyoN for more information about the safeguards used for specific international transfers.
11. How long we keep personal data
HdyoN keeps personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer period is required or permitted by law.
As a general indication:
• customer account data: for as long as the account remains active and for a reasonable period afterwards;
• order, invoice, payment, and core transaction records: typically up to 10 years where needed for legal, tax, accounting, or evidentiary purposes;
• customer support and service records: typically up to 3 to 10 years depending on the issue and legal relevance;
• marketing data and newsletter records: until consent is withdrawn, the individual unsubscribes, or the data is no longer needed;
• prospect, partner, professional, and investor contact records: for as long as the relationship is active and for a reasonable follow-up period thereafter;
• analytics and cookie identifiers: for the duration stated in the relevant consent or cookie management layer, or until deletion or withdrawal as applicable;
• fraud prevention and security logs: for as long as reasonably necessary for security, integrity, and legal defense purposes.
HdyoN may retain data longer where necessary to establish, exercise, or defend legal claims, comply with legal obligations, or document compliance decisions.
12. Your rights
Depending on the law that applies to the situation, individuals may have the right to request access, correction, deletion, restriction of processing, objection to processing based on legitimate interests, withdrawal of consent, data portability where applicable, objection to direct marketing and related profiling, and the right to lodge a complaint with a competent supervisory authority.
Where Swiss law applies, rights are governed by the FADP. Where EU GDPR or UK GDPR applies, rights are governed by those frameworks. Some rights are subject to conditions, exceptions, and limitations.
To exercise rights, requests should be sent to info@hdyon.com. HdyoN may ask for reasonable proof of identity before responding.
13. Data relating to minors
HdyoN products and services are intended for adults only. HdyoN does not knowingly market to or intentionally collect personal data from individuals who are under 18, or under the higher legal age applicable in the relevant jurisdiction for purchase or use of the relevant products. If you believe that a minor has provided personal data to HdyoN, please contact us so the matter can be reviewed and appropriate steps taken.
14. Security
HdyoN implements reasonable technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. However, no website, transmission, or storage system is completely secure, and absolute security cannot be guaranteed.
15. Third-party websites and services
The website may contain links to third-party websites, plugins, platforms, or services. This Privacy Policy does not apply to third-party services that operate under their own privacy notices and terms. Users are encouraged to review those notices directly.
16. Changes to this Privacy Policy
HdyoN may update this Privacy Policy from time to time to reflect legal, technical, commercial, or operational changes. The version published on the website at the time of use will apply. Where required by law, HdyoN will provide additional notice or seek renewed consent.
17. Contact
Annelies Brown AG
Via Vallemaggia 81
6600 Locarno
Switzerland
Email: info@hdyon.com
If you are not satisfied with HdyoN’s response, you may also contact the competent data protection authority, including the Swiss Federal Data Protection and Information Commissioner, an EU supervisory authority, or the UK Information Commissioner’s Office, as applicable.