Menu
Our Frame Logo Our Frame Logo
Languages

Privacy Policy

Who we are

In this Privacy Policy, the terms “we”, “us” or “our” means OurFrame SA, with its registered office at Chemin du Champ-des-Filles 36a, 1228 Plan-les-Ouates, Switzerland, registered under number CHE-204.884.836. We act as the controller of the personal data we collect and process through your use of the WaterBear website and platform, which includes our website, www.waterbear.com (“Website”) and WaterBear iOS and Android Apps, which are accessible through various internet-connected devices and platforms including any WaterBear branded or co-branded ecosystem or environment, such as apps, websites, platforms, content blocks, e-learning, news feeds, and/or any other services provided by OurFrame and/or third parties (“Platform”), and which allows you to publish content and videos, read and watch content, videos and articles, and follow collective missions (collectively “Services”).

This Privacy Policy is intended to provide you with information in relation to the processing of your personal data through your use of our Platform, in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) and the Swiss Federal Act on Data Protection of 25 September 2020 (“nFADP”). Your privacy is important to us. This policy sets out how we collect, disclose, transfer and use (“process”) your personal data, and which rights you have.

For any questions, concerns or requests regarding this Privacy Policy or the processing of your personal data, you can contact us at: privacy@ourframe.ch.

EU Representative (Article 27 GDPR)

OurFrame SA is established in Switzerland. As we offer services to individuals in the European Economic Area, we have designated the following representative in the EU in accordance with Article 27 GDPR:

La Gro Geelkerken Advocaten, Koningin Julianaplein 10, 2595 AA The Hague, The Netherlands. Email: [to be confirmed].

What personal data do we collect, and why?

Personal data refers to any information relating to an identified or identifiable natural person. The following personal data may be collected:

  • Profile data: your name, email address, phone number, and address.

  • Usage data: IP address, device ID and type, referral source, language settings, browser type, operating system, geographical location, length of visit, page views, and information about the timing, frequency and pattern of your use of our Platform. This data is collected automatically.

  • User-generated content: information you submit or publish on the Platform (text, audio, videos, films, links, articles, profile information, comments, posts, ratings or other materials).

  • Newsletter subscription: your email address, if you sign up for our newsletter.

  • Contact data: if you contact us, a combination of your name, telephone number, email and/or address.

Please also consult our Cookie Policy for information on data collected via cookies and similar technologies.

Your personal data is used for the following purposes:

  • To personalise our Services by offering you content likely to interest you and customising displayed content.

  • To provide and operate our Services, share your content, enhance our Services, and provide technical assistance and support.

  • To send you updates, notifications, newsletters, and additional information related to the Services and related offers.

  • To create aggregated statistical data for the operation and improvement of our Services.

  • To monitor, prevent and handle fraud, illegal behaviour, or misuse of our Services.

  • To comply with applicable laws and regulations, and to respond to or defend against legal proceedings.

  • To serve you personalised advertising, including through the use of your location information and content preferences.

Legal basis for processing

Under the GDPR, we rely on the following legal bases:

  • Consent (Article 6(1)(a) GDPR): we ask for your consent for specific processing purposes. You may withdraw your consent at any time.

  • Performance of a contract (Article 6(1)(b) GDPR): processing necessary for the performance of the contract governing your use of the Platform (Terms of Use), including the provision of Services and account management.

  • Legitimate interests (Article 6(1)(f) GDPR): processing for our legitimate interests, including fraud prevention, security, enforcing legal claims, and improving our Services, while applying appropriate safeguards.

Under the Swiss nFADP, processing of personal data does not require a specific legal basis, provided it complies with the principles of lawfulness, good faith, proportionality, purpose limitation, accuracy, and data security (Articles 6 and 8 nFADP). Where consent is required (e.g. for sensitive data or high-risk profiling), we will obtain it explicitly.

You may withdraw your consent at any time by emailing privacy@ourframe.ch. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

How we protect your personal data

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, use, destruction, alteration or disclosure, in accordance with Article 32 GDPR and Article 8 nFADP. These measures include encryption at rest and in transit, role-based access control, multi-factor authentication, and regular security reviews.

Who has access to your personal data

We may share your personal data with service providers who assist us in processing and storing data and delivering our Services, or where required by law. We will not sell, trade or rent your personal information to any third parties.

We use links to social media channels. If you interact with these, the relevant social media provider may collect data about you under its own privacy policy.

International transfers

OurFrame SA is based in Switzerland, which benefits from an adequacy decision by the European Commission (Article 45 GDPR). Your data is therefore protected to a standard equivalent to that within the European Union.

We use the following third-party service providers, which may involve transfers outside the EEA and Switzerland:

  • Zendesk (United States): customer support. Transfer basis: Standard Contractual Clauses (SCCs).

  • Firebase / Google Cloud Identity Platform (United States): authentication and infrastructure. Transfer basis: SCCs.

  • Google Cloud Platform (data hosted in EU, eu-west region): infrastructure hosting. No transfer outside the EEA.

  • Emarsys (SAP company, Germany): email marketing. Data processed within the EEA. Emarsys ensures appropriate safeguards for any onward transfer.

For transfers to the United States, we rely on Standard Contractual Clauses adopted by the European Commission (Article 46(2)(c) GDPR) and, where applicable, supplementary measures. Under Swiss law, we rely on the equivalent mechanisms recognised by the Federal Data Protection and Information Commissioner (Article 16 nFADP).

How long we keep your personal data

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including legal requirements. Generally, your data is kept for the duration of your registration on the Platform. Upon withdrawal of consent or successful objection, we will delete your data from our systems, except where retention is required by law.

Your rights

Depending on your place of residence, you have the following rights:

Under the GDPR (EEA residents):

  • Right of access (Article 15 GDPR)

  • Right to rectification (Article 16 GDPR)

  • Right to erasure (Article 17 GDPR)

  • Right to restriction of processing (Article 18 GDPR)

  • Right to data portability (Article 20 GDPR)

  • Right to object to processing based on legitimate interests or for direct marketing purposes (Article 21 GDPR). You may unsubscribe from our communications at any time via privacy@ourframe.ch or the unsubscribe link in each message.

  • Right not to be subject to automated decision-making (Article 22 GDPR). OurFrame does not use automated individual decision-making, including profiling.

  • Right to lodge a complaint with a supervisory authority. The competent authority is the Autoriteit Persoonsgegevens, Bezuidenhoutseweg 30, 2594 AV The Hague, The Netherlands (https://autoriteitpersoonsgegevens.nl).

Under the Swiss nFADP (Swiss residents):

Right of access (Article 25 nFADP)

  • Right to data portability (Article 28 nFADP)

  • Right to object to automated individual decision-making (Article 21 nFADP)

  • Right to lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern, Switzerland (https://www.edoeb.admin.ch).

To exercise any of these rights, please contact us at privacy@ourframe.ch. We will respond within 30 days.

Children’s privacy

The Platform is intended for users meeting the applicable minimum age in their region. If we learn that we have collected personal data from a user who does not meet the applicable minimum age without the required consent, we will delete it. Parents or guardians may contact privacy@ourframe.ch to request deletion.

Cookies and tracking

We use cookies and similar tracking technologies to maintain, provide and improve our Services. For further information, please consult our Cookie Policy.

Amendments to this Privacy Policy

We may amend this Privacy Policy from time to time. The most recent version will always be available on our Website.

How to contact us

OurFrame SA (controller)

Chemin du Champ-des-Filles 36a, 1228 Plan-les-Ouates, Switzerland

Email: privacy@ourframe.ch

EU Representative (Article 27 GDPR)

La Gro Geelkerken Advocaten, Koningin Julianaplein 10, 2595 AA The Hague, The Netherlands

This Privacy Policy was last revised on 12 March 2026.

info@ourframe.ch
Newsletter