Privacy Policy



Last updated: June 2026

ROCHEFORT 1848 respects your privacy and is committed to protecting your personal data in accordance with the Swiss Federal Act on Data Protection (FADP), the GDPR where applicable, and other relevant privacy laws.

This Privacy Policy explains what personal data we collect, how we use it, how we store it, with whom we may share it, and the rights you may have in relation to that data.

1. Controller Information

FADP, Arts. 5, 19, 21; GDPR Arts. 4, 13, 14

For the purposes of this Privacy Policy, the controller is:

ROCHEFORT 1848
Rochefort 1848 Group
Avenue des Eaux-Vives 9, 1207 Genève, Switzerland
Email: hey@rochefort1848.com

We are responsible for determining the purposes and means of the processing of personal data in connection with the Services, unless a different controller is explicitly stated.

2. Data We Collect

FADP, Arts. 5, 6; GDPR Art. 4

We may collect the following information:

  • name;
  • address;
  • billing and shipping details;
  • email address;
  • phone number;
  • payment details;
  • IP address;
  • browser and device data;
  • order history;
  • shopping behavior;
  • wishlist and cart activity;
  • customer support communications;
  • communication preferences; and
  • any other information you choose to provide to us.

Where permitted by law, we may also collect technical data, usage data, and transaction-related information generated through your interaction with the website.

3. Purposes of Processing

FADP, Arts. 6, 30; GDPR Arts. 5, 6

We use personal data to:

  • process orders;
  • fulfill deliveries;
  • provide customer support;
  • manage returns and exchanges;
  • prevent fraud and misuse;
  • verify payments;
  • improve services;
  • personalize shopping experiences;
  • conduct analytics;
  • measure marketing performance;
  • run advertising campaigns;
  • send newsletters and brand communications;
  • maintain security; and
  • comply with legal obligations.

Where necessary, we may combine data from different interactions in order to provide coherent customer support and fulfill contractual obligations.

4. Legal Basis

FADP, Arts. 6, 30; GDPR Art. 6

Where applicable, we process personal data on the basis of:

  • the performance of a contract;
  • compliance with legal obligations;
  • legitimate interests;
  • your consent; and
  • other legal bases available under applicable law.

Our legitimate interests may include website security, fraud prevention, customer service, business operations, product improvement, and marketing, provided that such interests do not override your rights and freedoms where applicable.

5. Cookies and Tracking

FADP, Arts. 6, 19; Swiss Telecommunications Act Art. 45c; GDPR ePrivacy principles

We use cookies and similar technologies, including Meta Pixel, TikTok Pixel, Google Analytics, and related tools.

These technologies help us analyze traffic, improve marketing, personalize experiences, measure campaign performance, optimize the website, and maintain a functional shopping experience.

Cookies may be necessary for core functions such as cart storage, session management, language preferences, and checkout performance.

You may disable cookies through your browser settings, and where required by law we will request consent before setting non-essential cookies or similar tracking technologies.

6. Marketing Communications

FADP, Arts. 6, 30; GDPR Arts. 6, 21

Users may receive newsletters, promotional messages, product announcements, and brand communications.

You may unsubscribe at any time by using the unsubscribe link in our communications or by contacting us directly. If you opt out of marketing, we will respect that request to the extent required by law.

7. Shopify and Service Providers

FADP, Arts. 9, 14, 16; GDPR Arts. 28, 32, 44 ff.

Our store is powered by Shopify, which may process certain customer data to host the website, process payments, manage infrastructure, improve security, and support ecommerce functionality.

We may also use service providers for payment processing, shipping, analytics, customer support, marketing, and technical maintenance.

These providers may act as data processors or independent controllers depending on the nature of the service and applicable law.

8. International Transfers

FADP, Arts. 16 ff.; GDPR Arts. 44 ff.

Because we operate internationally, your information may be transferred outside your country, including to jurisdictions that may not provide the same level of data protection.

Where required by law, we rely on appropriate legal safeguards for such transfers, which may include adequacy decisions, standard contractual clauses, or other legally recognized transfer mechanisms.

9. Data Retention

FADP, Art. 6; GDPR Art. 5(1)(e)

We retain personal data only for as long as reasonably necessary for legal compliance, dispute resolution, operational needs, fraud prevention, security, tax and accounting obligations, and legitimate business purposes.

Once the applicable retention period expires, we will delete, anonymize, or otherwise securely dispose of personal data, unless further retention is required or permitted by law.

10. Data Sharing

FADP, Arts. 6, 16 ff.; GDPR Arts. 28, 44 ff.

We may share personal data with:

  • payment providers;
  • shipping and logistics partners;
  • IT and hosting providers;
  • analytics providers;
  • marketing and advertising partners;
  • customer support tools;
  • professional advisers; and
  • public authorities where required by law.

We only share data to the extent necessary for the relevant purpose and, where required, subject to contractual or legal safeguards.

11. Your Rights

FADP, Arts. 25, 28, 32; GDPR Arts. 15–22

Depending on your jurisdiction, you may have the right to:

  • access your data;
  • correct inaccurate data;
  • request deletion;
  • withdraw consent;
  • restrict processing;
  • object to marketing;
  • request data portability; and
  • lodge a complaint with a supervisory authority where applicable.

Requests may be sent to hey@rochefort1848.com. We may ask for identity verification before responding to a request where permitted by law.

12. Children's Privacy

FADP, Arts. 5, 19; GDPR Art. 8

Our Services are not intended for children under the legal age of majority.

If we become aware of unauthorized underage activity, we reserve the right to cancel orders and delete or anonymize associated information where appropriate and legally permitted.

13. Security

FADP, Art. 8; GDPR Art. 32

We implement reasonable technical and organizational measures to protect personal data.

However, no system of transmission or storage can be guaranteed to be completely secure. Users should also take appropriate steps to protect their own devices, passwords, and accounts.

14. Changes to This Policy

FADP, Arts. 6, 19; GDPR Arts. 13, 14

We may update this Privacy Policy from time to time to reflect changes in law, technology, operations, or business practices.

The updated version will be published on our website with a revised “Last updated” date. Continued use of the Services after publication of a revised Privacy Policy signifies your acceptance, to the extent permitted by law.

15. Contact

Swiss law / company identification

ROCHEFORT 1848

Avenue des Eaux-Vives 9, 1207 Genève, Switzerland
Email: hey@rochefort1848.com