Let's talk →
§ Legal notices · Last updated 28.04.2026

The serious part
in plain language.

Legal information, privacy notice, and cookie disclosure. Written to be actually read — in English, without redundant legalese, with precise references to Swiss (revDSG / FADP) and European (GDPR) legal bases.

If anything is unclear, write to us. We would rather rewrite a sentence than obscure a point.

Updated · 28 April 2026 · Version 3.0

Company details

NS Net Source Sagl — Swiss limited liability company (Società a garanzia limitata — Italian-Swiss limited liability company), registered in the Commercial Register of Canton Ticino on 12 March 1998.

Contact details

Company name
NS Net Source Sagl
Legal form
Sagl — Società a garanzia limitata
Registered office
Via alla Bolla 4, 6595 Riazzino TI
Commercial Register
CH-500.4.004.386-4
UID
CHE-104.802.022
VAT
CHE-104.802.022 MWST
Phone
+41 79 220 06 29
General email
info@nsource.ch
Privacy / personal data
privacy@nsource.ch

Representation & editorial responsibility

Responsible for the content published on nsource.ch: Leonardo Gruosso, managing director. For corrections, notices, or removal requests, contact info@nsource.ch.

Supervisory authority

Commercial Register Office of Canton Ticino — Via Bossi 2a, 6500 Bellinzona.

Place of jurisdiction

For any dispute arising from the use of this website or the services provided by NS Net Source Sagl, the exclusive place of jurisdiction is Bellinzona, Canton Ticino (CH). Swiss law applies exclusively.

Limitation of liability

The content of this website is maintained with the utmost care. However, NS Net Source Sagl assumes no liability for the accuracy, completeness, or currency of the published information, nor for any damages arising from its use.

External links are provided for reference only. NS Net Source Sagl does not control and is not responsible for the content of third-party websites.

Copyright. Texts, images, logo, code, and all other content published on nsource.ch are protected by Swiss copyright law (URG / LDA) and international copyright. Reproduction, even in part, is permitted only with prior written consent.

Controller

NS Net Source Sagl — Via alla Bolla 4, 6595 Riazzino TI — is the controller of personal data collected through this website and in the provision of its services. For any enquiry: privacy@nsource.ch.

Principles applied

Data processing is carried out in accordance with the Swiss Federal Act on Data Protection (revDSG / FADP), in force since 1 September 2023, and the EU Regulation 2016/679 (GDPR) where applicable.

  • Data minimization. We collect only what is necessary to provide the requested service.
  • Purpose limitation. Data is not used for purposes other than those declared.
  • Storage limitation. Data is retained only for as long as strictly necessary.
  • Security. Data is protected by modern encryption, both in transit and at rest.

Data collected

Contact data — name, email, phone, company — provided voluntarily through the form or by email. Legal basis: explicit consent. Retention: until a deletion request is received or for the duration of the business relationship.

Technical data — IP address (anonymized), browser type, referring site, pages visited. Legal basis: legitimate interest (security, aggregate statistics). Retention: 30 days.

Contractual data — for active clients: billing data, technical correspondence, system access credentials. Legal basis: performance of a contract. Retention: 10 years (Swiss statutory retention obligation).

Data location and sub-processors

Contact form data is hosted in Switzerland by Hoststar AG (Zurich). Emails are routed via Google LLC (United States) as sub-processor for the SMTP relay — the transfer is covered by the Swiss-US Data Privacy Framework, recognized by the Swiss Federal Council on 14 August 2024 (in force since 15 September 2024) as providing an adequate level of protection under art. 16 FADP.

For data processed in the delivery of managed services to clients, the primary infrastructure remains in Switzerland (ISO 27001 / ISAE 3402-certified Swiss data centers, proprietary servers). Contact data and website email are subject to the Google LLC hop described below.

ToolPurposeSub-processor + jurisdictionData categoryRetentionLegal basis
Gmail SMTP (email relay) Sending + receiving contact form submissions Google LLC, Mountain View CA, USA — Swiss-US Data Privacy Framework (in force since 15 September 2024) Email submitter, IP, message content 24 months from last contact Pre-contractual measures (art. 31 par. 2 lit. a FADP)
Cloudflare Web Analytics Aggregate access measurement (no cookie) Cloudflare Inc., San Francisco CA, USA — Swiss-US DPF Anonymous page view, country, browser (no PII, no cookie) 6 months (Cloudflare default) Legitimate interest (art. 31 par. 1 FADP)
Hoststar AG (hosting) Static server for nsource.ch Hosttech GmbH (Hoststar group), Zurich CH HTML/CSS/JS files, server access logs Logs 14 days (Hoststar default) Performance of contract
cookieconsent (UI banner) Consent category management Self-hosted (no third party) — localStorage only Consent categories (no PII) 6 months Compliance with legal obligation (art. 19 FADP)

Retention

Messages submitted through the contact form are retained for a maximum of 24 months from the last meaningful contact. Early deletion requests may be sent to privacy@nsource.ch and are processed within 30 days as provided under art. 25 par. 7 FADP.

Cloudflare Web Analytics data (aggregate page views, country, browser) is retained for 6 months in Cloudflare's systems; it is neither replicated nor archived by NetSource.

What we do not do (intentionally)

  • We do not sell data to third parties. Ever.
  • No profiling analytics (Google Analytics, Meta Pixel, LinkedIn Insight). We use Cloudflare Web Analytics — cookieless and aggregated — see §02.4 for the legal basis and data collected.
  • We do not profile users for automated decisions.
  • We do not send marketing emails to anyone who has not explicitly requested them.

Rights under Swiss data protection law (revDSG / FADP)

As a data subject, you have the following rights against NS Net Source Sagl under the Swiss Federal Act on Data Protection (Datenschutzgesetz, revDSG / FADP), in force since 1 September 2023:

  • Right of access (art. 25 LPD/FADP) — You may request confirmation of whether we process personal data about you, and if so, which data, for what purpose, for how long, and to whom it may be disclosed.
  • Right to data portability (art. 28 LPD/FADP) — You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller, where processing is based on your consent or a contract.
  • Right to object (art. 30 LPD/FADP) — You may object to the processing of your personal data where you can demonstrate compelling grounds relating to your particular situation.
  • Right to rectification and erasure (art. 32 LPD/FADP) — You may request the correction of inaccurate or incomplete data and — subject to statutory retention obligations — its erasure.

Rights under the EU General Data Protection Regulation (GDPR / EU 2016/679)

For individuals residing in an EU member state, the GDPR (Regulation (EU) 2016/679) additionally applies. The following rights exist in addition to the Swiss rights listed above:

  • Right of access (Art. 15 GDPR) — You have the right to obtain confirmation of whether we process personal data concerning you and, if so, access to that data including its purpose, categories, recipients, and intended retention period.
  • Right to rectification (Art. 16 GDPR) — You have the right to request the correction of inaccurate or the completion of incomplete personal data.
  • Right to erasure (Art. 17 GDPR) — You have the right to obtain the erasure of personal data concerning you, to the extent no statutory retention obligations apply.
  • Right to restriction of processing (Art. 18 GDPR) — You have the right to request a restriction on processing where you contest the accuracy of the data, the processing is unlawful, or you have objected to processing. (No direct equivalent under the revDSG — applies to EU data subjects.)
  • Right to data portability (Art. 20 GDPR) — You have the right to receive personal data concerning you in a structured, commonly used and machine-readable format.
  • Right to object (Art. 21 GDPR) — You have the right to object at any time, on grounds relating to your particular situation, to processing of personal data concerning you.
  • Right not to be subject to automated decisions (Art. 22 GDPR) — You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you. (No direct equivalent under the revDSG — applies to EU data subjects.)

How to exercise your rights

To exercise these rights, contact us at privacy@nsource.ch, specifying the right you wish to exercise. We will respond within 30 days as required by art. 25 par. 7 FADP, free of charge, unless requests are manifestly unfounded or excessively repeated.

Alternatively, by post:
NS Net Source Sagl — Privacy — Via alla Bolla 4, 6595 Riazzino TI.

Complaint to the supervisory authority

If you consider that the processing of your data violates applicable law, you may lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC / IFPDT) — Feldeggweg 1, 3003 Berne — edoeb.admin.ch.

EU residents may additionally contact the data protection authority of their country of residence.

Updates to this document

This notice may be updated at any time to reflect regulatory developments or changes to our services. The date of the last revision is shown above. For active clients, material changes will be notified by email.

Questions? Call us — +41 79 220 06 29. We respond personally.