Privacy Policy
Last updated: January 23, 2026
Personal Data Processing Policy
Art. 13 Reg. (EU) 2016/679 – Art. 19 Federal Act on Data Protection of 25/09/2020
In compliance with Art. 13 of Regulation (EU) 2016/679 ("GDPR") and Art. 19 of the Swiss Federal Act on Data Protection of 25/09/2020 ("FADP"), the following information is provided to users of the websites accessible at www.metodo-ongaro.com and store.metodo-ongaro.com ("Sites") and the Metodo Ongaro® mobile application ("App"), located in the European Union and the Swiss Confederation. This information refers exclusively to processing carried out through these Sites and App, and not through other websites that may be visited via links on the Sites or App, for which each visitor should review the privacy policies provided by the respective data controllers.
DATA CONTROLLER AND CONTACT DETAILS
Ongaro Horizon SAGL
registered office in Vernate, CH-6992, Via Cantonale 108, VAT CHE-478.999.539
email: [email protected]
1. CATEGORIES OF DATA PROCESSED, PURPOSES AND LEGAL BASIS FOR PROCESSING
Contact Requests
Browsing and Device Data
User Account Registration (Reserved Area)
Product Sales and Course Subscriptions
"Soul Camp" Program Questionnaire
Course Enrolment Applications
Direct Marketing (Similar Products/Services)
Dispute Management
Newsletter Marketing (including Profiled Marketing)
Accounting Management of Payments
2. Sensitive Data Processing through the Reserved Area
Through the Reserved Area, sensitive data (i.e. data concerning health, religious beliefs, trade union membership, sexual preferences, and others listed in Art. 9 GDPR and Art. 5.1.(c) FADP) voluntarily disclosed by the user for the purpose of carrying out interactive coaching activities during streaming events are processed. Such processing is subject to the explicit consent expressed by the data subject in order to access the subscription content of the Reserved Area.
3. MANDATORY NATURE OF DATA PROVISION
Providing data for marketing purposes is optional, so withholding or revoking consent will not affect the ability to browse the Sites and/or use the App or place orders and/or enrolments and/or submit applications. Providing other data is necessary for browsing and/or sending messages and/or completing orders and/or enrolments and/or submitting applications through the Sites and/or App. Failure to provide such data may make it impossible to browse the Sites and/or use the App and/or to process such messages and/or orders and/or enrolments and/or applications.
4. DATA PROCESSING METHODS
Personal data is processed using both paper-based and digital tools in compliance with applicable data protection regulations, and in particular with the appropriate technical and organisational measures referred to in Art. 32.1 GDPR and Art. 8 FADP, and with all precautionary measures that ensure its integrity, confidentiality, and availability.
5. POSSIBLE RECIPIENTS OF PERSONAL DATA
Data may be disclosed to (i) third parties operating, including on behalf of the Controller, for the fulfilment of services related to the purposes described in this policy, including in particular site management and maintenance, promotional activities, sharing of information about the Controller's products and/or services, etc.; (ii) other companies affiliated with the Controller; (iii) the Controller's consultants; (iv) public authorities and bodies where disclosure is mandatory.
Personal data is also processed outside the European Economic Area (EEA) and outside the Swiss Confederation. The Controller undertakes to select reputable providers and to verify their commitment to complying with the provisions of the GDPR and FADP regarding transfers of personal data outside the EEA and the Swiss Confederation.
6. RETENTION PERIOD
Data is retained for a maximum of 10 (ten) years from the date of the last interaction with the user, taking into account the limitation period for any claims arising from the relationship between the Controller and the user, as provided by law. Browsing data will be retained for the technical time necessary to carry out the functions for which it was collected. Sensitive data will be retained for one year from the end of the contractual relationship between the Controller and the user, subject to the right to withdraw consent at any time.
7. PROFILING
First name, last name, email address, phone number, and other personal data of the user may be used to create a user profile and send targeted marketing that may be of greater interest to the user. Such profiling does not produce legal effects on the user.
8. DATA SUBJECT RIGHTS
European Users: at any time, each European User may exercise against the Controller the rights provided by Arts. 15 to 22 GDPR, namely the right to request, by writing an email to [email protected]:
- access to personal data;
- rectification of personal data;
- erasure of personal data (the so-called 'right to be forgotten');
- restriction of personal data processing;
- data portability;
- the right to object to processing;
- the right to lodge a complaint with a supervisory authority.
Swiss Users: at any time, each Swiss User may exercise against the Controller the rights provided by Arts. 25, 28 and 32 FADP, namely the right to request, by writing an email to [email protected]:
- access to personal data;
- delivery or transmission of personal data to another controller;
- rectification, deletion or destruction of personal data;
- the right to file a complaint with the Federal Data Protection and Information Commissioner (FDPIC).
9. CHANGES TO THIS POLICY
This privacy policy may be updated over time, including in connection with the possible entry into force of new sector regulations, the update or provision of new services, or technological innovations. Changes to the policy take effect upon their publication on the Sites, provided that the Controller may not use previously collected data for purposes beyond those described here without informing the user.