Cadive
Start a project

hello@cadive.com

Uruguay · Founded in Switzerland

[ LEGAL ] DATA PROTECTION

Privacy Policy

How we collect, use, and protect personal data — written to align with the EU General Data Protection Regulation (GDPR), the Swiss Federal Act on Data Protection (revFADP / nFADP), and Uruguay's Law No. 18.331.

LAST UPDATED — 20 JUNE 2026 · VERSION 1.0 (TEMPLATE)

Template — not yet legal advice. This document is a working template. It must be reviewed, completed, and approved by qualified data-protection counsel for each applicable jurisdiction before publication. Bracketed [placeholders] mark information that must be confirmed.

1. Who we are

The data controller responsible for the processing described here is Cadive(“Cadive”, “we”, “us”), [registered address pending]. You can reach us at hello@cadive.com for any privacy matter.

Cadive operates from Uruguay and was founded in Switzerland. Where we offer services to, or monitor the behaviour of, individuals in the European Union or the United Kingdom, an EU/UK representative under Article 27 GDPR may be required: [EU representative — name and address pending].

2. The data we collect

  • Contact-form and enquiry data — name, email address, company, and the content of the message you choose to send us.
  • Email correspondence — anything you send when you write to us directly.
  • Consented analytics data — aggregated usage data (pages viewed, approximate region, device type) collected only after you opt in. See our Cookie Policy.
  • Cookies and local storage — a strictly necessary consent record (cadive_consent_v1) plus, on consent, analytics identifiers.
  • Server logs — standard technical data such as IP address and user-agent, processed by our hosting provider to deliver and secure the site.

We do not knowingly collect special-category (sensitive) personal data.

3. Why we process it, and our legal bases

  • To respond to enquiries and deliver pre-contract steps — legal basis: performance of a contract or steps taken at your request (GDPR Art. 6(1)(b)).
  • To run and secure the website — legal basis: our legitimate interest in operating a safe, functional site (GDPR Art. 6(1)(f)).
  • To measure and improve the site with analytics — legal basis: your consent (GDPR Art. 6(1)(a)), withdrawable at any time.
  • To comply with legal obligations — legal basis: compliance with a legal obligation (GDPR Art. 6(1)(c)).

Under the Swiss revFADP and Uruguay's Law No. 18.331, processing rests on the equivalent grounds of consent, contractual necessity, and overriding legitimate interest.

4. Processors and recipients

We share personal data only with vendors that process it on our behalf, under contract, and only as needed:

  • Hosting and content delivery — [provider pending].
  • Analytics — [provider pending], consent-gated.
  • Email and communications — [provider pending].

We do not sell personal data.

5. International transfers

Both Uruguay and Switzerland hold European Commission adequacy decisions, so transfers of personal data from the EEA to those countries do not require additional safeguards on the basis of adequacy.

Where a processor stores or accesses data outside an adequate jurisdiction, we rely on appropriate safeguards such as the EU Standard Contractual Clauses, the Swiss addendum, and the UK International Data Transfer Agreement, supplemented by transfer risk assessments where required. [Confirm each processor's storage location and transfer mechanism.]

6. How long we keep it

  • Enquiry and correspondence data — [retention period pending], then deleted or anonymised.
  • Consent records — kept as evidence of consent for [period pending].
  • Analytics data — retained in aggregate for [period pending].

7. Your rights

Subject to applicable law, you may exercise the rights granted by the GDPR, the Swiss revFADP, and Uruguay's Law No. 18.331, including:

  • access to your personal data (including the Uruguayan right to habeas data);
  • rectification of inaccurate or incomplete data;
  • erasure (“right to be forgotten”);
  • restriction of, and objection to, processing;
  • data portability;
  • withdrawal of consent at any time, without affecting prior lawful processing.

To exercise any right, contact us at hello@cadive.com. We respond within the time limits set by the applicable law.

8. Complaints

If you believe we have mishandled your data, you may lodge a complaint with the competent supervisory authority:

  • EU/EEA — your national Data Protection Authority (DPA).
  • Switzerland — the Federal Data Protection and Information Commissioner (FDPIC).
  • Uruguay — the Regulatory and Control Unit for Personal Data (URCDP).

9. Security

We apply appropriate technical and organisational measures — encryption in transit, access controls, and the principle of data minimisation — to protect personal data. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

10. Children

Our site is not directed at children, and we do not knowingly collect data from them. If you believe a child has provided us personal data, contact us and we will delete it.

11. Changes to this policy

We may update this policy as our practices or the law evolve. The version and date at the top reflect the current edition; material changes will be signalled on this page.

12. Contact

Questions about this policy or your data: Cadive, hello@cadive.com.

QUESTIONS?

Talk to us about your data.

Contact us hello@cadive.com