1. Controller

The controller within the meaning of Art. 5 lit. j revFADP and Art. 4(7) GDPR is:

Beni Gafner Bern, Switzerland Contact: see contact page

Technical operation of the website is carried out by Praxis Olga Meier GmbH (Beat W. Meier), Switzerland, on behalf of the controller.

2. Scope

This privacy policy informs you about the nature, scope and purpose of the processing of personal data when visiting beni-gafner.ch and all of its language versions (/de/, /fr/, /it/, /en/). It does not apply to linked external services.

3. Principles of data processing

Personal data is processed exclusively in good faith, for the stated purpose, in a proportionate manner and for as short a time as possible. Only data that is required for the operation of the website or the respective function (e.g. contact, optional statistics) is collected. There is no disclosure to third parties for advertising purposes.

4. Server log files

When a page is accessed, technically required information is processed by the web server in order to deliver the page and to defend against attacks:

  • IP address of the upstream CDN node (see note below)
  • date and time of the request
  • requested URL and HTTP status code
  • amount of data transferred
  • browser type, operating system and language (user agent)
  • referrer (if transmitted by the browser)

Note regarding the IP address: because the site is operated behind the Cloudflare content-delivery network, our web-server logs do not store the visitor’s real IP address but the internal IP of the Cloudflare edge node. Direct re-identification of a person from our logs is therefore not possible. The visitor’s real IP is processed only by Cloudflare within its global infrastructure — see § 9 (Hosting and processors) for details.

These log data are retained for a maximum of 14 days and used solely to ensure operations, for error analysis and to defend against misuse. They are not combined with other data sources.

Legal basis: Art. 31(1) and (2)(d) revFADP (legitimate interest in secure operation); additionally Art. 6(1)(f) GDPR.

4a. Recording of automated accesses (AI crawlers)

The website is also visited by automated crawlers of various AI answer systems (ChatGPT, Claude, Perplexity, Google AI/Gemini, Bing Copilot, Common Crawl, Meta AI, Apple Intelligence and others — 22 known crawler identities in total). These crawlers index publicly published content so that it can be cited in AI answers.

To measure reach in AI answer systems we record:

  • crawler name (e.g. “GPTBot”, “ClaudeBot”, “PerplexityBot”)
  • timestamp of the access
  • requested URL and HTTP status code
  • full User-Agent string
  • IP address of the Cloudflare edge node

Important — no personal data: these data concern only automated server systems of the providers (OpenAI, Anthropic, Google, Microsoft, Meta, Apple, ByteDance etc.) — they concern no natural persons. The recorded IP address is that of our CDN node, not that of the crawler provider.

Legal basis: Art. 31(2)(d) revFADP (overriding legitimate interest: reach measurement of the editorial offering); additionally Art. 6(1)(f) GDPR.

Retention: indefinite as anonymous aggregate statistics.

5. Cookies and comparable technologies

This website uses only cookies that are required for operation and — after explicit consent — cookies for anonymised reach measurement. No cross-session or cross-site tracking takes place.

Cookie / storagePurposeCategoryRetention
pref-langStores the most recently selected languagestrictly necessary1 year
pref-themeLight/dark mode (localStorage)strictly necessarypersistent
embed-consentConsent for external video/audio embedsconsent1 year
bg-consentStatus of consent for reach measurementconsent1 year
bg-sessionLogin session in the protected area (only after sign-in)strictly necessary7 days
csrf-tokenProtection against cross-site request forgerystrictly necessarysession
_pk_id*, _pk_ses*Statistics cookies of the self-hosted reach measurement — only set after consentstatistics (consent)13 months / 30 min

Cookies can be deleted or blocked at any time via the browser settings. Consent once granted can be withdrawn at any time via Reset consent.

To improve the offering, an optional self-hosted, privacy-friendly statistics software (open source) is used. Collection takes place only after explicit consent via the consent banner.

When statistics are enabled, only anonymised usage data is collected:

  • pages viewed and time spent
  • approximate region (country / canton) based on the truncated IP
  • device class and browser

Safeguards:

  • the IP address is truncated by the last two octets before storage — re-identification is therefore impossible
  • the data is processed exclusively on our server in the EU data centre in Frankfurt (Hetzner Online GmbH, Germany)
  • there is no sharing with third parties, no profiling, no automated individual decisions
  • individual records are deleted after no more than 180 days; only anonymous aggregates may be kept longer
  • the software is self-hosted; no contractual relationships with third-party analytics providers exist

Legal basis: consent pursuant to Art. 6(6) revFADP; additionally Art. 6(1)(a) GDPR.

6a. Anonymous visibility measurement of sponsor placements

The home page and individual articles display sponsor placements (see imprint, “Advertising”). For contract fulfilment vis-à-vis the sponsors we record for counting purposes only how often a given sponsor ad was served (impression) and clicked (click).

What is stored:

  • Banner ID of the served sponsor
  • Date (day-level granularity)
  • Locale (de/fr/it/en) and placement (e.g. “spotlight_home”)
  • Daily counters: number of impressions + number of clicks

What is NOT stored in the sponsor statistics record: no IP address, no cookie, no visitor identifier, no User-Agent, no session attribution. The sponsor counter consists exclusively of the anonymous aggregate fields listed above. It is technically impossible to link a single sponsor impression to a person.

Note on the general server log: the HTTP request that increments the counter appears — like any other request — briefly in the web server log file (see § 4). However, only the Cloudflare edge node IP address is stored there and not the real visitor IP; this log is deleted after a maximum of 14 days and is not linked to the sponsor statistics.

Legal basis: legitimate overriding interest in contract fulfilment vis-à-vis sponsors (Art. 31(1) revFADP; Art. 6(1)(f) GDPR). No consent obligation under cookie law applies, because neither cookies nor device identifiers are set.

Retention period: unlimited aggregate values (daily counters per sponsor), no individual records.

7. Embedded external content (Click-to-Embed)

Video and audio content from YouTube/Google, Vimeo, Spotify, Apple Podcasts and SRF Play is not loaded automatically. You initially see only a preview image served from our own server. The content is only loaded from the respective provider after an explicit click — only then do these providers receive your IP address and can set their own cookies.

The platforms named may disclose data to countries outside Switzerland and the EU (in particular the USA). By clicking, you consent to this disclosure in accordance with Art. 17(1)(a) revFADP. Provider privacy notices:

8. Contact

If you contact us via the contact form or by e-mail, the information transmitted (name, contact details, content of the message) will be processed solely to respond to your enquiry. There is no disclosure to third parties. The data is deleted as soon as the business matter has been concluded, at the latest after 24 months, unless statutory retention obligations require otherwise.

Legal basis: Art. 31(1) revFADP (legitimate interest), where contract initiation is involved Art. 31(2)(a) revFADP.

9. Hosting and processors

9.1 Hosting (Hetzner)

The website is operated in the Frankfurt am Main, Germany data centre of Hetzner Online GmbH (Industriestr. 25, 91710 Gunzenhausen, Germany). A data processing agreement (DPA) pursuant to Art. 28 GDPR and Art. 9 revFADP is in place with the hosting provider. Hetzner is ISO 27001 certified; further information: https://www.hetzner.com/legal/privacy-policy.

The data transfer to the EU is based on the FDPIC’s determination that EU/EEA member states ensure an adequate level of data protection within the meaning of Art. 16(1) revFADP (FDPIC country list, Annex 1 DPO).

9.2 Content-delivery network and DDoS protection (Cloudflare)

To accelerate delivery and protect against attacks, the Cloudflare service (Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA — together with European subsidiary Cloudflare Germany GmbH, Rosental 7, 80331 Munich) is interposed as a reverse proxy in front of our server. For every request Cloudflare processes temporarily:

  • the visitor’s IP address (technically required for delivery)
  • HTTP request metadata (URL, headers, User-Agent)
  • threat signatures for DDoS and bot defence

Cloudflare is a pure transit and caching layer and does not store data permanently. Durable storage of the website’s content as well as any anonymous reach aggregates takes place exclusively on the server in Germany (see § 9.1).

A data processing agreement based on the EU standard contractual clauses (SCC; Art. 46(2)(c) GDPR; Art. 16(2)(d) revFADP) is in place with Cloudflare. Privacy policy: https://www.cloudflare.com/privacypolicy/.

9.3 Special categories of data

No particularly sensitive personal data of third parties is processed on this website.

10. Disclosure abroad

The durable storage of data of this website takes place exclusively on a server in Germany (European Union). This applies to the entire content of the website, any anonymous reach-measurement aggregates, incoming contact enquiries and technical log files. From a Swiss perspective this constitutes a disclosure to a recipient abroad within the meaning of Art. 16 revFADP, which is, however, permitted because the EU is recognised as a state with an adequate level of protection pursuant to Annex 1 DPO.

Beyond this, disclosure of data abroad may take place in the following technically unavoidable constellations:

  • via the upstream CDN transit layer Cloudflare (see sec. 9.2) — data is processed only transiently in edge routing, with no durable storage
  • where the visitor has actively consented to external embeds (sec. 7), to the respective platforms
  • to ancillary technically required services within the EU/EEA with an adequate level of protection

A transfer to third countries without an adequate level of protection only takes place if the requirements of Art. 16(2) or Art. 17 revFADP are met (e.g. standard contractual clauses, explicit consent).

11. Data security

Appropriate technical and organisational measures are taken pursuant to Art. 8 revFADP:

  • transport encryption (TLS 1.3) for all requests (HTTPS)
  • regular security updates of the server and the software in use
  • restrictive access rights and two-factor authentication for administrators
  • backups of configuration and content with encryption
  • separation of public and administrative access (VPN for admin access)

12. Retention periods (overview)

Data categoryRetention
Server log files (truncated)max. 14 days
bg-consent / embed-consent cookies1 year
Statistics individual records (after consent)max. 180 days
Anonymous statistics aggregatesunlimited
Contact enquiriesuntil completion, max. 24 months
Login sessionsmax. 7 days

13. Your rights as a data subject

Pursuant to the revFADP and, additionally, the GDPR, you have, in particular, the following rights:

  • information about the data processed (Art. 25 revFADP)
  • rectification of incorrect data (Art. 32(1) revFADP)
  • erasure or blocking (Art. 32(2) revFADP)
  • restriction of processing
  • objection to processing based on legitimate interest
  • withdrawal of a consent granted, with effect for the future
  • data portability in a commonly used electronic format (Art. 28 revFADP)
  • complaint to the competent supervisory authority

To assert these rights, please use the contact details in section 1. For security reasons, proof of identity may be required.

14. Supervisory authority

Switzerland: Federal Data Protection and Information Commissioner (FDPIC) Feldeggweg 1, 3003 Bern https://www.edoeb.admin.ch

Data subjects in the EU/EEA may additionally contact the data protection authority responsible in their country.

15. Automated individual decisions and profiling

No high-risk profiling and no automated individual decisions within the meaning of Art. 21 revFADP or Art. 22 GDPR take place.

16. Changes to this policy

This privacy policy may be adapted in order to take account of changed legal or technical conditions. The current version published on this page is decisive.

17. Disclaimer

17.1 Liability for content

The content of this website is created with the greatest possible care. The controller, however, gives no warranty as to the topicality, accuracy, completeness, quality, availability or fitness of the information provided for any particular purpose. All content is general information only and does not replace individual professional, legal, medical or other advice.

Use of the website is at your own risk. Liability claims against the controller arising from the use or non-use of the information offered or from the use of incorrect or incomplete information are excluded in principle.

The controller expressly reserves the right to change, supplement or delete parts of the pages or the entire offering, or to discontinue publication temporarily or permanently, without prior notice.

References and links to third-party websites lie outside the controller’s area of responsibility. Any liability for the content of such websites is fully declined. Access to and use of such websites is at the user’s own risk. At the time of linking, the third-party content was checked for whether it might trigger possible civil or criminal liability. Permanent monitoring of the linked sites is not reasonable without specific indications of a legal violation.

17.3 Liability for data transmission

Data transmission over the internet (e.g. communication by e-mail or contact form) may have security gaps despite transport encryption (TLS). Complete protection against access by third parties is not possible. The controller accepts no liability for damages caused by unauthorised third-party access to transmitted data.

All content published on this website (in particular texts, images, graphics, audio, video and animation files and their arrangement) is protected by copyright. Reproduction, processing, distribution or exploitation — including in part — without the express written consent of the controller or the respective rights holder is not permitted. Excerpts from third-party articles are used under the Swiss copyright quotation limit (Art. 25 CopA) with attribution.

Downloads and copies of this site are permitted only for private, non-commercial use.

17.5 Trademarks and personality rights

All trademarks, names and marks mentioned within the website and possibly protected by third parties are subject without restriction to the provisions of the applicable trademark law and the ownership rights of the respective registered owners. Mere mention does not imply that trademarks are not protected by third-party rights.

18. Severability clause

Should individual provisions or wording of this privacy policy and disclaimer not, no longer or not fully comply with the applicable law, the remaining parts shall remain unaffected in their content and validity. The unenforceable or missing provision shall be replaced by the legally permissible provision that comes closest economically to what was originally intended.

19. Applicable law and place of jurisdiction

The use of this website and all legal relations between the controller and users shall be governed exclusively by Swiss law, to the exclusion of conflict-of-law rules and to the exclusion of the United Nations Convention on Contracts for the International Sale of Goods (CISG).

The exclusive place of jurisdiction for all disputes arising from or in connection with the use of this website is Zug, Switzerland, unless mandatory statutory provisions provide for another place of jurisdiction. The controller is also entitled to bring an action against the user at the user’s general place of jurisdiction.

Last updated: May 2026