Skip to main content
TREATMENTS
ABOUT
PRICES
CONTACT
DEEN
Meda Esthetic LogoMEDA ESTHETIC
  • TREATMENTS
  • ABOUT
  • PRICES
  • CONTACT
  • DEEN
Legal Documents

Privacy Policy

This English text is a machine translation provided for informational purposes only. The legally binding version is the German original.

View German version

Last updated: March 11, 2026

This privacy policy describes how Meda Esthetic Lukic, based in Zurich, Switzerland, collects, processes, and protects personal data in accordance with the Swiss Federal Act on Data Protection (nFADP).

Our services are directed exclusively to persons residing in Switzerland. We do not market our services to persons outside Switzerland and do not process their personal data.

Note on English language content: This website provides English language content to accommodate Switzerland's multilingual and international community. The provision of English content does not constitute an offer of services to persons residing outside of Switzerland.

Responsible party

Branislav Lukić
Meda Esthetic Lukic
Goldbrunnenstrasse 149
8055 Zürich

info@meda-esthetic.ch
+41 79 840 88 13
https://www.meda-esthetic.ch

UID: CHE-245.867.775
VAT No.: CHE-245.867.775 MWST
CH-ID: CH-020-1102525-2

This entity is responsible for all processing of personal data described in this statement.

Scope

This privacy policy applies exclusively to persons residing in Switzerland, including:

  • Visitors to our website
  • Customers and potential customers
  • Persons who contact us (email, contact form, phone, WhatsApp)
  • All persons whose personal data we process in the context of providing aesthetic services in Switzerland

Our services are directed at persons residing in Switzerland. If you visit our website from outside Switzerland, basic technical data (such as IP address) may be processed, but we do not actively collect or store personal data of persons residing abroad.

Categories of personal data we process

We may collect and process the following types of data:

  • Identity and contact data: Name, postal address and email address, phone number
  • Appointment and service data: Booking details, customer preferences, service history (non-medical)
  • Communication data: Emails, messages sent via contact forms, WhatsApp or SMS messages
  • Technical data: IP address, browser/device information, access time (anonymized)

We do not process sensitive personal data such as health data.

Purpose of data processing

Your data is used exclusively for the following purposes:

  • To book, manage, and confirm appointments
  • To respond to inquiries and communicate with customers
  • To send reminders or service-related messages
  • To operate, secure, and improve our website
  • To comply with applicable retention and legal obligations in Switzerland

Data sharing and service providers

We work with selected service providers who support us in managing and securing our digital infrastructure. All service providers are contractually bound to data protection standards under Swiss law.

a) Website hosting

Our website is hosted by:

Vercel Inc.
440 N Barranca Ave #4133
Covina, CA 91723
USA
www.vercel.com

Vercel processes personal data (e.g., form submissions, analytics) on our behalf. Hosting and data processing via our website take place entirely in the EU region (Frankfurt, Germany). Vercel may also collect technical data (e.g. IP address, access logs) for security and operational purposes. See Vercel's Privacy Policy for details.

b) DNS and security services

We use:

Cloudflare, Inc.
101 Townsend Street
San Francisco, CA 94107
USA
www.cloudflare.com

Cloudflare provides secure DNS routing, traffic filtering, and website performance optimization. Anonymized technical data may be transmitted through Cloudflare's global infrastructure. Cloudflare adheres to Swiss data protection standards.

c) Analytics

We use the following analytics services:

Plausible Insights OÜ
Västriku tn 2, 50403 Tartu
Estonia
https://plausible.io

Plausible Analytics is a privacy-first analytics tool. It does not use cookies, does not collect personal data, and does not track individual visitors. All analytics data is aggregated and anonymous. Data is processed within the European Union.

Vercel Inc.
440 N Barranca Ave #4133
Covina, CA 91723
USA
https://vercel.com/analytics

We also use Vercel Analytics and Vercel Speed Insights. These services help us understand website usage and monitor performance (Web Vitals). They are loaded only after you opt in to analytics in our cookie settings.

These services do not use cookies and do not collect personally identifiable information. Data collected includes page views, referrers, browser type, operating system, device type, country, and performance metrics (e.g. page load time). All data is aggregated and cannot be traced to individual visitors. Data is processed on servers in the EU (Frankfurt, Germany).

We do not sell or rent your personal data.

d) Google Maps

Our website uses Google Maps to display maps.

Google Ireland Limited
Gordon House, Barrow Street
Dublin 4, Ireland
https://policies.google.com/privacy

To use Google Maps, your IP address needs to be stored. This information is typically transmitted to a Google server in the USA and stored there.

The use of Google Maps only occurs when you click "Load map" and thereby give your consent to data transmission.

Legal basis: Your consent under the Swiss Federal Act on Data Protection (nFADP). While Google Ireland Limited is an EU entity, our use of Google Maps and the processing of your data in this context is governed by Swiss law (nFADP), not the EU General Data Protection Regulation (GDPR).

e) WhatsApp (Meta)

We offer WhatsApp as a convenient way to contact us and book appointments.

WhatsApp Ireland Limited
4 Grand Canal Square
Dublin 2, Ireland
https://www.whatsapp.com/legal/privacy-policy

When you contact us via WhatsApp, your phone number, name, message content, and metadata (e.g., timestamps) are processed by WhatsApp (Meta Platforms). WhatsApp uses end-to-end encryption for messages. However, Meta may process metadata in accordance with its own privacy policy.

The use of WhatsApp is voluntary. You may always contact us via email or phone instead.

f) Instagram (Meta)

Our website contains a link to our Instagram profile (@meda_estheticzh).

Meta Platforms Ireland Limited
4 Grand Canal Square
Dublin 2, Ireland
https://privacycenter.instagram.com/policy

We do not embed Instagram content on our website. However, if you visit our Instagram profile by following the link, Meta's privacy policy applies to your interaction with that platform. No data is transferred to Meta by visiting our website alone.

g) Email hosting

Our email is hosted by:

Infomaniak Network SA
Rue Eugène-Marziano 25
1227 Genève
Switzerland
https://www.infomaniak.com/en/legal/privacy-policy

Infomaniak stores all email data exclusively in Switzerland.

h) Booking and customer management

We use:

Phorest (nDevor Systems Ltd)
9 Anglesea Row
Dublin 7, D07 W5NE
Ireland
https://www.phorest.com/privacy/

Phorest is our studio management system used for appointment booking, customer profiles, service history, and appointment reminders. When you book an appointment, your name, contact details, and booking information are stored in Phorest. Phorest processes data in accordance with EU data protection standards.

Geographic scope and data transfers

Some data may be processed outside Switzerland by providers such as Vercel, Cloudflare, Meta, SumUp, or Phorest. In such cases, legally approved Standard Contractual Clauses (SCCs) or equivalent protective measures apply.

This website and our services are governed exclusively by Swiss law (nFADP) and are not subject to the privacy laws of other jurisdictions.

Cookies and website analytics

Our website uses a small number of cookies to ensure functionality:

  • Essential cookies – necessary for navigation and storing your cookie preferences
  • Functional cookies – such as Google Maps, only loaded with your consent

We use Plausible Analytics, Vercel Analytics, and Vercel Speed Insights for website statistics. These services are loaded only after you opt in to analytics in our cookie settings. None of them uses cookies or collects personal data (see section c above).

No advertising or behavioral profiling cookies are used. You can manage your cookie preferences at any time using the cookie settings in the footer of every page, or disable cookies directly in your browser.

For more details, please see our Cookie Policy.

Payment processing

Payments at our studio are processed via card terminals, TWINT, or cash. We do not store credit card numbers or payment details ourselves.

Card and cash payments are processed by:

SumUp Limited
Block 8, Harcourt Centre
Charlotte Way, Dublin 2
Ireland
https://www.sumup.com/privacy

SumUp processes payment data in accordance with applicable security standards (PCI DSS). We only retain proof of payment as required for accounting purposes.

TWINT transactions are processed by:

TWINT AG
Stauffacherstrasse 41
3014 Bern
Switzerland
https://www.twint.ch/en/privacy

Automated decision-making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you. All decisions regarding your treatments and services are made by our team personally.

AI-assisted tools

We may use AI-assisted tools for administrative purposes such as scheduling, content creation, or communication drafts. No automated decisions are made about your treatments or personal data based on AI. All client-facing decisions are made by our team.

Data security

We implement technical and organizational measures to protect personal data, including:

  • SSL-encrypted communication
  • Secure access control for service providers
  • Regular infrastructure backups

In the unlikely event of a data breach that poses a risk to your rights, we will notify the Federal Data Protection and Information Commissioner (FDPIC) and inform affected individuals as required by the nFADP.

Data storage

We store personal data only as long as necessary, according to Swiss legal provisions:

  • Customer data, bookings, treatments: 5 years after last appointment
  • Financial and accounting records: 10 years
  • Messages from contact forms and general communication: 12 months
  • Web analytics data: anonymized, up to 26 months

Your rights under Swiss law

Under the nFADP, you have the right to:

  • Access to your personal data
  • Correction of incorrect or outdated data
  • Deletion of your data (to the extent legally permitted)
  • Data portability (receiving your data in a commonly used format)
  • Objection to processing in certain cases
  • Information about how your data is used

To exercise these rights, please contact us at info@meda-esthetic.ch. We may require proof of identity to verify your request.

If you believe that our processing of your personal data violates data protection law, you have the right to lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC):

EDÖB
Feldeggweg 1
3003 Bern
https://www.edoeb.admin.ch

Changes to this privacy policy

We reserve the right to update this privacy policy at any time. The current version is always available on our website. We recommend reviewing this page periodically.

Applicable law and jurisdiction

This privacy policy is subject exclusively to the laws of Switzerland. Jurisdiction is Zurich, Switzerland. The language of proceedings is German.

MEDA ESTHETIC

Controlled aesthetics. Clear standards. By appointment only.

ImprintTerms & ConditionsPrivacy PolicyCookie Policy

©2026 MEDA ESTHETIC LUKIC, ZURICH. ALL RIGHTS RESERVED.

VAT No.: CHE-245.867.775 MWST