Last Updated: 15 May 2026
Read alongside our Cookie Policy, which provides full details on cookies, consent management, and tracking technologies used on our website.
Introduction and Data Controller
ORYL Photonics SA (“we,” “us,” or “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your data in accordance with:
- The EU General Data Protection Regulation (GDPR – Regulation 2016/679)
- The Swiss Federal Act on Data Protection (nLPD / revDSG)
- The EU ePrivacy Directive (2002/58/EC, as amended)
Data Controller: ORYL Photonics SA, Route de la Corniche 5B, 1066 Epalinges, Switzerland
Email: info@orylphotonics.com
Phone: +41 21 552 50 40
What Personal Data We Collect
We collect only what is necessary for a specific, stated purpose.
Data You Provide Directly
- Full name
- Business email address
- Phone number (if provided)
- Company / institution name
- Message content and inquiry details (contact forms, quote requests, demo requests)
Data Collected Automatically
- IP address (anonymized before storage — see Cookies and Tracking Technologies section)
- Browser type and version
- Device type and operating system
- Pages visited, time on page, and navigation paths
- Referral source (how you arrived at our website)
- Cookie and session data (detailed in Cookies and Tracking Technologies section and our Cookie Policy)
How We Collect Your Data
Your data is collected through the following channels:
- Website forms – contact, cost estimation, demo request, and quote forms
- Cookies and tracking technologies – when you browse our website (see Cookies and Tracking Technologies section)
- Direct communication – when you email or call us
- CRM system – when your data is entered into Pipedrive following a form submission or sales interaction
Why We Use Your Data and Our Legal Basis
We process your personal data only where we have a valid lawful basis.
| Processing Activity | Purpose | Legal Basis (GDPR Art. 6) |
|---|---|---|
| Responding to inquiries & form submissions | Provide estimates, quotes, and requested services | Art. 6(1)(b) – Contractual necessity |
| CRM tracking (Pipedrive) | Lead management and follow-up on opportunities | Art. 6(1)(f) – Legitimate interest |
| Website analytics (Google Analytics) | Understand traffic and improve site performance | Art. 6(1)(a) – Consent (via cookie banner) |
| Marketing cookies / remarketing | Track visitors for advertising purposes | Art. 6(1)(a) – Consent (via cookie banner) |
| Security monitoring | Detect and prevent fraud or unauthorized access | Art. 6(1)(f) – Legitimate interest |
| Legal compliance | Meet obligations under applicable law | Art. 6(1)(c) – Legal obligation |
Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience and analyze usage. For full details — including specific cookie names, expiry periods, and instructions for managing your preferences — please refer to our Cookie Policy.
Categories of Cookies We Use
| Category | Purpose | Examples | Consent Required? |
|---|---|---|---|
| Strictly Necessary | Core website functionality, security, and consent management | ‘wordpress_test_cookie’, ‘cmplz_*’ (Complianz) | No – always active |
| Analytics & Statistics | Anonymous usage data to improve site performance | ‘_ga’, ‘_ga_P612Z41G95’ (Google Analytics) | Yes – opt-in |
| Functional & Preferences | Remember your choices (e.g., tab state, display preferences) | ‘active-tabs’, ‘wpEmojiSettingsSupports’ | Yes – opt-in |
| Marketing | Remarketing and visitor tracking across websites | Set by third-party ad providers | Yes – opt-in |
Consent Management
When you first visit our website, a cookie consent banner is displayed (powered by Complianz). You may:
- Accept all cookies
- Reject all non-essential cookies
- Customize your preferences by category
Your consent choices are stored for up to 1 year. You can change your preferences at any time via the “Manage Consent” link in the website footer.
Google Analytics – IP Anonymization
We use Google Analytics (GA4) with IP anonymization enabled. Your IP address is truncated before being stored and cannot be used to identify you individually. Analytics cookies are only placed after you grant consent via the cookie banner.
Browser-Level Cookie Control
You can control, block, or delete cookies through your browser settings. Disabling certain cookies may affect site functionality. For browser-specific instructions, see our Cookie Policy.
Third Parties We Share Data With
We share personal data only with trusted third parties who are contractually required to comply with GDPR and process data under a Data Processing Agreement (DPA). We do not sell your personal data.
| Third Party | Purpose / Service |
|---|---|
| Pipedrive | CRM: managing inquiries, lead tracking, and follow-up communications |
| Google Analytics (Google LLC) | Website analytics and traffic reporting (IP anonymized; subject to Google DPA) |
| Complianz | Cookie consent management platform |
| Yoast SEO | SEO plugin (sets session-level functional cookies; no personal data transferred) |
| Web hosting / maintenance provider | Server hosting and website operation |
Where providers are located outside the EEA or Switzerland, we ensure appropriate safeguards are in place (see International Data Transfers section).
International Data Transfers
Some service providers (including Google) are located outside the European Economic Area (EEA) and Switzerland. Where personal data is transferred internationally, we ensure adequate protection through:
- EU Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions by the European Commission or the Swiss FDPIC
- Google’s compliance with the EU–US Data Privacy Framework
Data Retention
We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by law.
| Data Category | Retention Period |
|---|---|
| Form submissions (contact, quote, demo requests) | Up to 12 months from last interaction |
| CRM records (Pipedrive) | Up to 2 years from last interaction, or until deletion requested |
| Analytics data (Google Analytics) | 26 months (GA4 default, with IP anonymization) |
| Strictly necessary cookies | Session or up to 1 year (Complianz consent records) |
| Analytics & functional cookies | Up to 2 years (see Cookie Policy for per-cookie details) |
| Email correspondence | Up to 3 years, unless a legal obligation requires longer retention |
You may request deletion of your data at any time by contacting us (see Your Rights Under GDPR and nLPD Section). We will respond within 30 days.
How We Protect Your Data
We implement appropriate technical and organizational measures to protect your personal data:
- SSL/TLS encryption (HTTPS) for all data transmitted to and from our website
- Secure, access-controlled hosting environment
- Restricted access to personal data on a need-to-know basis
- Regular vulnerability monitoring and software updates
- Data Processing Agreements with all third-party processors
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the competent supervisory authority within 72 hours in accordance with GDPR Art. 33.
Your Rights Under GDPR and nLPD
| Right | Description |
|---|---|
| Right of Access (Art. 15) | Request a copy of the personal data we hold about you |
| Right to Rectification (Art. 16) | Ask us to correct inaccurate or incomplete data |
| Right to Erasure (Art. 17) | Request deletion of your data where there is no overriding legitimate reason to retain it |
| Right to Restriction (Art. 18) | Ask us to suspend processing in certain circumstances |
| Right to Data Portability (Art. 20) | Receive your data in a structured, machine-readable format |
| Right to Object (Art. 21) | Object to processing based on legitimate interest or for direct marketing |
| Right to Withdraw Consent (Art. 7(3)) | Withdraw consent at any time, without affecting prior lawful processing |
To exercise any of these rights, contact us at info@orylphotonics.com. We will respond within 30 days.
If you are not satisfied with our response, you have the right to lodge a complaint with:
- Swiss FDPIC: www.edoeb.admin.ch
- Your local EU supervisory authority (if you are an EEA resident)
Cookie Policy
Our use of cookies is governed separately by our Cookie Policy. It provides:
- A full list of cookies set on our website, including names, providers, purposes, and expiry periods
- Information on the Complianz consent management platform we use
- Detailed instructions for managing, withdrawing, or changing your cookie preferences
- Links to third-party cookie providers and their own policies
Both this Privacy Policy and the Cookie Policy apply to all visitors to www.orylphotonics.com and should be read together.
Contact Us
ORYL Photonics SA
Route de la Corniche 5B
1066 Epalinges, Switzerland
Email: info@orylphotonics.com
Phone: +41 21 552 50 40
Website: www.orylphotonics.com
Updates to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our data practices, applicable law, or the services we offer. When we make material changes, we will update the “Last Updated” date at the top of this page.
Continued use of our website after changes are posted constitutes your acknowledgment of the updated policy.