Privacy Policy
Last updated: April 2026
1. Data controller
Tabernae
Contact: Tabernae.ch
Hosting: Infomaniak Network SA, Avenue de la Commune-de-Morges 32, 1218 Le Grand-Saconnex (Switzerland)
2. Data collected
We collect only the data necessary to operate the platform:
- Artisan account: email address, password (Argon2id hash β never readable), role.
- Public profile: workshop name, description, canton, field of activity, public contact email, phone, website, logo, gallery photos, Trust badges.
- Visitor messages: name, email and content of messages sent to an artisan via the platform.
- Technical data: one session cookie (see section 6).
We collect no browsing data, no behavioural statistics, and use no third-party analytics tools (Google Analytics, Meta Pixel, etc.).
3. Purposes and legal bases
| Purpose | Legal basis |
|---|---|
| Managing your account and profile | Performance of contract |
| Connecting artisans and visitors | Performance of contract / legitimate interest |
| Sending transactional emails | Performance of contract |
| Security and abuse prevention | Legitimate interest |
4. Data recipients
Your data is never sold or shared for commercial purposes. It is accessible only to:
- The Tabernae team (platform administration).
- Infomaniak (hosting provider, ISO 27001 certified, servers in Switzerland).
5. Retention period
- Artisan account: retained until account deletion (right to erasure available in the dashboard).
- Visitor messages: retained while the recipient artisan account is active.
- Technical logs: 30 days maximum.
6. Cookies
The site uses a single cookie, strictly necessary:
| Name | Purpose | Duration |
|---|---|---|
PHPSESSID |
Login session (authentication, CSRF protection) | Session (deleted when browser is closed) |
This cookie is exempt from consent under the GDPR and Swiss nFADP, as it is strictly necessary for the service to function. No third-party or tracking cookies are used.
7. Your rights
Under the GDPR (EU 2016/679) and the Swiss nFADP (in force since 1 September 2023), you have the following rights:
- Access β obtain a copy of your data.
- Rectification β correct your information via the dashboard.
- Erasure (right to be forgotten) β delete your account and all your data from the dashboard.
- Portability β receive your data in a structured format (on request by email).
- Objection β object to processing based on legitimate interest.
To exercise these rights: Tabernae.ch
For unresolved disputes, you may contact the Federal Data Protection and Information Commissioner (FDPIC).
8. Security
Passwords are hashed with Argon2id. Communications are TLS-encrypted. Session cookies are configured as HttpOnly, Secure and SameSite=Lax. Tokens have a limited lifetime.
9. Changes
Any substantial changes to this policy will be notified by email to registered artisans.