Kicklaws Privacy Policy

Last updated: July 10, 2026

This Privacy Policy explains how Kicklaws, operated by emazing-retailing SA, collects, uses, and protects your personal data when you visit or use www.kicklaws.com (the "Service"). It is provided in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and the Swiss Federal Act on Data Protection (FADP/nLPD).

1. Data Controller

1.1. The data controller responsible for the processing of your personal data is:
emazing-retailing SA
Route des Jeunes 4
1227 Genève, Switzerland
Represented by: Pierre Berthier, CEO
1.2. For all data protection inquiries, or to exercise any of your rights described below, you can contact us at the address above or by email via our contact address.

2. Personal Data We Collect

We only collect the personal data that is necessary for the purposes described in this Policy (data minimisation, Art. 5(1)(c) GDPR):
  • Account data: name, email address, password (stored encrypted).
  • Participation data: your votes on proposals, comments, and proposals you submit.
  • Technical data: IP address, browser type, device details, and log files related to the time and date of your visits.
  • Cookie data: see our Cookie Policy.

We do not knowingly collect personal data from persons under 18 years of age.

3. Purposes and Legal Bases of Processing (Art. 6 GDPR)

We process your personal data on the following legal bases:
  • Performance of a contract (Art. 6(1)(b) GDPR): to create and manage your account, verify your identity for voting integrity, record your votes, and display voting results.
  • Legitimate interests (Art. 6(1)(f) GDPR): to ensure the security, integrity, and technical functioning of the Service, and to prevent fraud and abuse (e.g., duplicate voting).
  • Consent (Art. 6(1)(a) GDPR): to send you email updates about the progress, status, and outcome of laws you have voted on, and notifications about new or related proposals; and to place non-essential cookies. You may withdraw your consent at any time (see Section 4).
  • Legal obligations (Art. 6(1)(c) GDPR): to comply with applicable laws, including responding to lawful requests from authorities.

4. Consent and Right to Withdraw

Where processing is based on your consent (e.g., email updates, non-essential cookies), you may withdraw your consent at any time, free of charge and without giving reasons, with effect for the future:
  • by using the unsubscribe link included in every update email;
  • by adjusting your cookie preferences via the "Cookie Settings" link; or
  • by contacting us at the address in Section 1.

Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal (Art. 7(3) GDPR).

5. Recipients of Personal Data

5.1. We do not sell your personal data. We share it only with service providers (processors) who help us operate the Service — such as hosting, email delivery, and analytics providers — under data processing agreements compliant with Art. 28 GDPR.
5.2. We may disclose personal data where required by law or to protect our legal rights.

6. International Data Transfers

Your data is primarily processed in Switzerland and the European Economic Area (EEA). Switzerland benefits from an EU adequacy decision. Where data is transferred to a country outside the EEA/Switzerland that does not provide an adequate level of protection, we ensure appropriate safeguards, in particular the EU Standard Contractual Clauses (Art. 46(2)(c) GDPR). You may request a copy of these safeguards by contacting us.

7. Data Retention (Art. 5(1)(e) GDPR)

  • Account data: retained as long as your account is active, then deleted or anonymized within 30 days of account deletion, unless a longer period is required by law.
  • Voting data: anonymized voting results may be retained indefinitely; the link between a vote and your identity is deleted when your account is deleted.
  • Technical logs: retained for a maximum of 12 months for security purposes.

8. Data Security (Art. 32 GDPR)

We implement appropriate technical and organisational measures to protect your personal data, including encryption of passwords, TLS encryption in transit, access controls, and regular security reviews.

9. Your Rights (Arts. 15–22 GDPR)

You have the following rights regarding your personal data:
  • Right of access (Art. 15): obtain confirmation of whether we process your data and receive a copy of it.
  • Right to rectification (Art. 16): have inaccurate or incomplete data corrected.
  • Right to erasure / "right to be forgotten" (Art. 17): have your data deleted, subject to legal retention obligations.
  • Right to restriction of processing (Art. 18).
  • Right to data portability (Art. 20): receive your data in a structured, commonly used, machine-readable format.
  • Right to object (Art. 21): object at any time to processing based on legitimate interests, and to direct marketing.
  • Right not to be subject to automated decision-making, including profiling (Art. 22). We do not carry out such decision-making.

To exercise these rights, contact us as described in Section 1. We will respond within one month (Art. 12(3) GDPR), free of charge. We may ask you to verify your identity before fulfilling a request.

10. Right to Lodge a Complaint (Art. 77 GDPR)

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement. In Switzerland, the competent authority is the Federal Data Protection and Information Commissioner (FDPIC).

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be announced on the Service and, where the changes affect processing based on your consent, we will seek your renewed consent. The "Last updated" date at the top indicates the latest revision.