1. Introduction
Zomask ("we," "us," or "our") is a private research initiative based in Zurich, Switzerland, dedicated to exploring the quantum foundations of consciousness, including topics such as wave function collapse, quantum entanglement, quantum biology, and related experimental pathways. We operate the website at https://zomaskresearch.com (the "Website").
We are committed to protecting your privacy and handling any personal data we collect in a transparent, lawful, and secure manner. This Privacy Policy explains how we collect, use, store, share, and protect information when you visit our Website or interact with our services (e.g., contact forms, newsletter subscriptions, or podcast-related features).
This Policy complies with the Swiss Federal Act on Data Protection (DPA) and, where applicable, the EU General Data Protection Regulation (GDPR) for visitors from the European Economic Area (EEA). By using the Website, you consent to the practices described herein.
If you have questions or concerns, please contact us using the details in Section 11.
2. Data We Collect
We collect only the minimum data necessary for the Website's functionality and our research outreach. Data falls into two categories:
a. Personal Data (information that identifies you or could reasonably be linked to you):
- Contact information submitted via forms (e.g., name, email address, message content when using "Contact Us").
- Newsletter subscription details (e.g., email address if we implement a signup).
- Any other information you voluntarily provide (e.g., feedback or collaboration inquiries).
b. Non-Personal Data (anonymous or aggregated information):
- Usage data: IP address (anonymized), browser type, device information, referring pages, and visit timestamps.
- Analytics data: Pages viewed, time spent on site, and interaction patterns (via tools like Google Analytics, if enabled).
We do not collect sensitive personal data (e.g., health, racial/ethnic origin, political opinions, or biometric data) unless voluntarily provided in communications, in which case it is treated with heightened care.
3. How We Collect Data
- Directly from You: Through forms (e.g., contact or newsletter), emails, or interactions.
- Automatically: Via cookies, server logs, or third-party analytics tools (see Section 8 on Cookies).
- **From Third Parties**: Limited to service providers (e.g., hosting via GoDaddy, analytics via Google) who process data on our behalf.
4. Purposes and Legal Basis for Processing
We process data for legitimate purposes only:
| Purpose | Legal Basis (under Swiss DPA/GDPR) | Examples |
|----------------------------------|------------------------------------------------|----------|
| Responding to inquiries | Consent or legitimate interest (communication) | Contact form submissions |
| Sending newsletters/updates | Explicit consent (opt-in) | Research/news announcements |
| Improving Website functionality | Legitimate interest | Analytics for usability |
| Legal compliance/security | Legal obligation or legitimate interest | Fraud prevention, records |
We do not use data for automated decision-making or profiling.
5. Data Sharing and Third Parties
We do not sell or rent your personal data. Sharing occurs only in limited cases:
- Service Providers: With trusted partners (e.g., GoDaddy for hosting, Mailchimp/Substack for newsletters, Google for analytics) bound by data processing agreements ensuring equivalent protection.
- Legal Requirements: If required by Swiss law, court order, or authorities (e.g., for compliance or safety).
- Business Transfers: In case of merger/acquisition (rare for a private initiative), with notice to you.
Third-party tools may transfer data outside Switzerland/EEA (e.g., to the US); we ensure adequacy via standard contractual clauses or equivalent safeguards.
6. Data Storage and Retention
- Storage Location: Data is primarily stored in Switzerland or EEA-compliant servers (via GoDaddy/EU providers).
- Retention Periods:
- Contact inquiries: Up to 2 years (or until resolved).
- Newsletter subscriptions: Until unsubscribed.
- Analytics data: Anonymized and retained for up to 26 months (standard Google settings).
- Longer if required by law (e.g., tax records).
- Data is securely deleted or anonymized when no longer needed.
7. Data Security
We implement reasonable technical and organizational measures to protect data, including:
- Encryption (HTTPS for transmissions).
- Access controls and firewalls.
- Regular reviews of hosting provider security (GoDaddy compliance).
No system is 100% secure; in case of a breach, we will notify affected users and authorities as required by law (within 72 hours under GDPR-equivalent rules).
8. Cookies and Tracking Technologies
Our Website uses minimal cookies:
- Essential Cookies: For basic functionality (e.g., form security via reCAPTCHA).
- Analytics Cookies: If enabled (e.g., Google Analytics), for anonymous usage insights.
- No Advertising/Tracking Cookies: We do not use third-party ads or behavioral tracking.
You can manage cookies via browser settings. For details, see our separate Cookie Notice (or accept/reject banner if implemented).
9. Your Rights
Under Swiss DPA and GDPR (where applicable), you have rights regarding your data:
- Access: Request a copy of your data.
- Rectification: Correct inaccurate data.
- Erasure ("Right to be Forgotten"): Delete data (subject to legal exceptions).
- Restriction/Objection: Limit processing or object to legitimate interest uses.
- Portability: Receive data in machine-readable format.
- Withdraw Consent: At any time (e.g., unsubscribe from newsletters).
- Complaint: Lodge with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or relevant EEA authority.
To exercise rights, contact us (Section 11). We respond within 30 days (extendable if complex).
10. Children's Privacy
The Website is not intended for individuals under 16. We do not knowingly collect data from children; if discovered, it will be deleted promptly.
11. Changes to This Policy
We may update this Policy for legal, operational, or service changes. Material changes will be notified via Website notice or email (if provided). Continued use constitutes acceptance. Check periodically for the latest version (effective date at top).
12. Contact Us
For privacy questions, rights requests, or concerns:
Email: contact@zomaskresearch.ch
We aim to resolve issues amicably.