Updated On:

5. November 2025

Privacy Policy

Privacy Policy

Privacy at a glance
General information
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data means any data with which you can be personally identified. Detailed information on data protection can be found in the full Privacy Policy below.

Data collection on this website – who is responsible?
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the section “Controller” below.

How do we collect your data?
– Some data is provided by you. This may be, for example, data you enter in a contact form.
– Other data is collected automatically or after your consent when you visit the website by our IT systems. This is primarily technical data (e.g., browser, operating system, time of access). This data is collected automatically as soon as you enter the website.

What do we use your data for?
– Part of the data is collected to ensure the website functions without errors.
– Other data may be used to analyse user behaviour.
– If contracts can be concluded or initiated via the website, the transmitted data is also processed for quotations, orders or other requests.

What rights do you have?
You have the right at any time, free of charge, to receive information about the origin, recipients and purpose of your stored personal data. You also have the right to request rectification or erasure of this data. If you have given consent to processing, you may withdraw it at any time with effect for the future. You also have the right, under certain circumstances, to request restriction of processing. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. For this and any other questions on data protection, you can contact us at any time.

Analytics tools and third-party tools
When visiting this website, your browsing behaviour may be statistically evaluated, mainly with analytics programs. Details are provided below in this Privacy Policy.

  1. Hosting
    We host our website with:

IONOS
Provider: IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. When you visit our website, IONOS collects various log files including your IP address. Details: https://www.ionos.de/terms-gtc/terms-privacy

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in reliable hosting). Where consent is requested, processing is based on Art. 6(1)(a) GDPR and § 25(1) TDDDG (German Telecommunications-Telemedia Data Protection Act) insofar as consent covers storing cookies or accessing device information (e.g., device fingerprinting). Consent can be withdrawn at any time.

  1. General notes and mandatory information

Data protection
We take the protection of your personal data very seriously. We treat your data confidentially and in accordance with the statutory data protection regulations and this Privacy Policy. Please note that data transmission on the internet (e.g., communication by email) can have security gaps. A complete protection of data from access by third parties is not possible.

Controller
Golden Lifestyle CH GmbH
c/o TREUFIN Reuter AG
Chaltenbodenstrasse 26
8834 Schindellegi, Switzerland
Phone: +41 77 815 56 77
Email: info@boostli.ch

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

Storage duration
Unless a more specific storage period is stated in this policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you assert a justified request for erasure or withdraw consent, we will erase your data unless we have other legally permissible reasons to retain it (e.g., tax or commercial retention periods). In the latter case, erasure takes place after these reasons cease to apply.

Legal bases for processing on this website
– Consent: Art. 6(1)(a) GDPR (and Art. 9(2)(a) GDPR for special categories of data). If you expressly consent to transfers to third countries, Art. 49(1)(a) GDPR applies. If you consent to cookies/device access, § 25(1) TDDDG applies additionally.
– Contract / pre-contractual measures: Art. 6(1)(b) GDPR.
– Legal obligation: Art. 6(1)(c) GDPR.
– Legitimate interest: Art. 6(1)(f) GDPR.
The specific legal basis for each processing activity is explained below.

Recipients of personal data
In the course of our business we work with various external parties. Personal data is transferred only if necessary for contract performance, if we are legally obliged, if we have a legitimate interest under Art. 6(1)(f) GDPR, or if another legal basis permits it. With processors, we only share data on the basis of a valid data processing agreement. In cases of joint controllership we conclude a joint-controllership agreement.

Withdrawal of your consent
Many processing operations are only possible with your express consent. You can withdraw consent at any time. The lawfulness of processing prior to withdrawal remains unaffected.

Right to object to processing in special cases and to direct marketing (Art. 21 GDPR)
IF PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION. THIS ALSO APPLIES TO PROFILING. WE WILL THEN NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (ART. 21(1) GDPR).
WHERE YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME; THIS ALSO APPLIES TO PROFILING IN CONNECTION WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR DATA WILL NO LONGER BE USED FOR DIRECT MARKETING (ART. 21(2) GDPR).

Right to lodge a complaint with a supervisory authority
In case of GDPR violations, data subjects have a right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. This right exists without prejudice to other administrative or judicial remedies.

Right to data portability
You have the right to receive data which we process on the basis of your consent or in performance of a contract in a commonly used, machine-readable format or to have it transmitted to another controller where technically feasible.

Access, rectification and erasure
Within the framework of the applicable legal provisions, you have at any time the right to free information about your stored personal data, its origin and recipients and the purpose of processing and, if applicable, a right to rectification or erasure. You can contact us at any time.

Right to restriction of processing
You have the right to request restriction of processing in the following cases:
– You contest the accuracy of your personal data (for the time necessary to verify it).
– Processing is unlawful and you oppose erasure and request restriction instead.
– We no longer need the data, but you need it for the establishment, exercise or defence of legal claims.
– You have objected pursuant to Art. 21(1) GDPR and the balancing of interests is pending.
If processing is restricted, your data will – with the exception of storage – only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another person or for reasons of important public interest.

SSL/TLS encryption
For security reasons and to protect the transmission of confidential content (e.g., enquiries or orders), this site uses SSL/TLS encryption. You can recognize an encrypted connection by the browser address beginning with “https://” and the lock icon. With SSL/TLS enabled, transmitted data cannot be read by third parties.

Objection to marketing emails
We hereby object to the use of contact data published within the scope of the legal notice obligation for sending unsolicited advertising and information materials. The site operators expressly reserve the right to take legal action in the event of unsolicited advertising, e.g., spam emails.

  1. Data collection on this website

Cookies
Our websites use “cookies”. Cookies are small data packages that do not damage your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are deleted automatically after your visit; persistent cookies remain stored until you delete them or your browser deletes them automatically.
Cookies can be set by us (first-party) or by third parties (third-party cookies; e.g., payment services).
Some cookies are technically necessary (e.g., cart, video display). Others are used for analytics or advertising.
Necessary cookies are stored based on Art. 6(1)(f) GDPR (legitimate interest in technically error-free and optimized services) unless another legal basis is specified. Where consent to cookies or similar recognition technologies is requested, processing is based solely on this consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG) and can be withdrawn at any time.
You can set your browser to inform you about cookie placement, allow cookies only in individual cases, exclude cookies for certain cases or in general, and enable automatic deletion when closing the browser. Disabling cookies may limit website functionality.
Which cookies and services we use is described in this Privacy Policy.

Server log files
The provider automatically collects and stores information in server log files that your browser automatically transmits to us:
– Browser type and version
– Operating system used
– Referrer URL
– Hostname of the accessing device
– Time of the server request
– IP address
This data is not merged with other data sources. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in technically error-free presentation and optimization of the website).

Contact form
If you send us enquiries via the contact form, we store the data you enter (including contact details) for processing your request and for follow-up questions. We do not share this data without your consent.
Legal basis: Art. 6(1)(b) GDPR where the request relates to a contract or pre-contractual measures; otherwise Art. 6(1)(f) GDPR (legitimate interest in efficient handling of enquiries) or Art. 6(1)(a) GDPR if consent is requested (withdrawable at any time).
We retain the data you enter until you ask us to delete it, withdraw consent, or the purpose no longer applies (e.g., your request has been completed). Mandatory legal retention periods remain unaffected.

Requests by email, phone or fax
If you contact us by email, phone or fax, your request including the personal data (e.g., name, request) will be stored and processed to handle your concern. We do not share this data without your consent.
Legal basis: Art. 6(1)(b) GDPR where related to a contract/pre-contract; otherwise Art. 6(1)(f) GDPR or, if requested, Art. 6(1)(a) GDPR (withdrawable).
We retain such data until you request erasure, withdraw consent or the purpose no longer applies; statutory retention duties remain unaffected.

  1. Social media

Instagram
Functions of the Instagram service are embedded on this website. Provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.
When the social media element is active, a direct connection is established between your device and Instagram’s servers. Instagram is thus informed that you visited this website.
If you are logged into Instagram, clicking the Instagram button can link content from this website to your Instagram profile, allowing Instagram to associate the visit with your account. We as the site provider have no knowledge of the content of the transmitted data or its use by Instagram.
Legal basis: your consent under Art. 6(1)(a) GDPR and § 25(1) TDDDG (withdrawable at any time).

Joint controllership with Meta
Where personal data is collected on our website with the tool described and forwarded to Facebook/Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are joint controllers (Art. 26 GDPR) for collection and transfer. The subsequent processing by Facebook/Instagram is not part of joint controllership. Our joint obligations are set out here: https://www.facebook.com/legal/controller_addendum
According to this agreement, we are responsible for providing data protection information and legally secure implementation of the tool on our site; Facebook is responsible for data security of Facebook/Instagram products. You may assert data subject rights directly with Facebook/Instagram. If asserted with us, we will forward them.

Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details:
https://www.facebook.com/legal/EU_data_transfer_addendum
https://privacycenter.instagram.com/policy/
https://de-de.facebook.com/help/566994660333381
Further information: https://privacycenter.instagram.com/policy/

Meta is certified under the EU-US Data Privacy Framework (DPF): https://www.dataprivacyframework.gov/participant/4452

  1. Analytics and advertising

IONOS WebAnalytics
Provider: 1&1 IONOS SE, Elgendorfer Straße 57, 56410 Montabaur, Germany. Analysed may be, e.g., page views, visit duration, bounce rates, sources, locations, technical data (browser/OS versions). IONOS stores in particular:
– Referrer (previous page)
– Requested page or file
– Browser type and version
– Operating system used
– Device type used
– Time of access
– IP address in anonymised form (used only to determine access location)
IONOS states collection is fully anonymised and cannot be traced to individuals. IONOS WebAnalytics does not store cookies.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in statistics to optimise web offering and advertising). Where consent is requested, Art. 6(1)(a) GDPR and § 25(1) TDDDG apply (withdrawable).
Details: https://www.ionos.de/terms-gtc/datenschutzerklaerung/

  1. Newsletter

Newsletter data
If you subscribe to our newsletter, we need your email address and information allowing us to verify you are the owner of the email address and agree to receive the newsletter. Additional data is collected only on a voluntary basis. We use this data solely to send the requested information and do not disclose it to third parties.
Legal basis: your consent under Art. 6(1)(a) GDPR (withdrawable at any time via the “unsubscribe” link; lawfulness up to withdrawal remains unaffected).
We store your data for the newsletter until you unsubscribe, after which it is deleted from the distribution list. We may, at our discretion and in our legitimate interest (Art. 6(1)(f) GDPR), delete or block email addresses.

Blacklist
After unsubscribing, your email may be stored in a blacklist to prevent future mailings. The blacklist data is used only for this purpose and not merged with other data. This serves your interest and our interest in complying with legal requirements for newsletters (Art. 6(1)(f) GDPR). Storage is not time-limited. You may object if your interests override ours.

Newsletters to existing customers
If you order goods or services from us and provide your email address, we may use it to send newsletters about our own similar products/services after informing you in advance. You can cancel at any time via the link in each newsletter. Legal basis: Art. 6(1)(f) GDPR in conjunction with § 7(3) UWG (Germany). The blacklist rules above apply accordingly.

  1. Plugins and tools

YouTube
This website embeds videos from YouTube. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit a page with a YouTube embed, a connection to YouTube’s servers is established and YouTube is informed which of our pages you visited. YouTube may store cookies or use similar technologies (e.g., device fingerprinting) to collect information for video statistics, usability, fraud prevention and for processing within Google’s advertising network. If you are logged into your YouTube account, your browsing behaviour can be assigned to your personal profile. You can prevent this by logging out.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in an appealing online offering). Where consent is requested, Art. 6(1)(a) GDPR and § 25(1) TDDDG apply (withdrawable).
Privacy policy: https://policies.google.com/privacy

Google is certified under the EU-US DPF: https://www.dataprivacyframework.gov/participant/5780

Google Fonts
For uniform display of fonts, this site uses Google Fonts. When you call a page, your browser loads the required fonts into its cache; this requires a connection to Google’s servers and informs Google that your IP address accessed our site.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in uniform presentation). Where consent is requested, Art. 6(1)(a) GDPR and § 25(1) TDDDG apply (withdrawable). If your browser does not support Google Fonts, a standard font is used.
Info: https://developers.google.com/fonts/faq
Privacy: https://policies.google.com/privacy
DPF certification: https://www.dataprivacyframework.gov/participant/5780

Google Maps
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Maps require storing your IP address, usually transferred to Google servers in the USA. If Google Maps is enabled, Google may use Google Fonts as described above.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in an attractive online offering and easy findability of locations). Where consent is requested, Art. 6(1)(a) GDPR and § 25(1) TDDDG apply (withdrawable).
Transfers to the USA are based on EU SCCs. Details:
https://privacy.google.com/businesses/gdprcontrollerterms/
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/
Privacy: https://policies.google.com/privacy
DPF certification: https://www.dataprivacyframework.gov/participant/5780

  1. Our own services

Google Drive
We integrate Google Drive to provide an upload area where you can upload content. Uploaded content is stored on Google Drive’s servers. When you enter our website, a connection to Google Drive is also established.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a reliable upload area). Where consent is requested, Art. 6(1)(a) GDPR applies (withdrawable).
DPF certification: https://www.dataprivacyframework.gov/participant/5780

Source: eRecht24