Privacy Policy
Information about the processing of personal data at Timefolio.
We process personal data only to the extent required to operate the website, provide Timefolio, and respond to inquiries.
Controller
The controller for this website and the Timefolio service is Philipp Senn, Timefolio, reachable at info@timefolio.ch.
What data we process
- Contact details you submit through forms or by email
- Account and usage data required for login, language selection, and secure operation of Timefolio
- Technical connection data where needed for hosting, security, and stability
Purposes of processing
- Providing and securing the website and application
- Handling contact and demo requests
- Login, session handling, and storing the selected language
- Optional privacy-friendly analytics to improve performance and usability
Cookies and similar technologies
Timefolio uses necessary cookies for login, security, language, and your privacy preference.
Optional analytics are loaded only if you explicitly consent.
- Necessary: session cookies for login through NextAuth
- Necessary: tf-locale for your selected language
- Necessary: tf-consent to store your cookie preference
- Optional: Vercel Analytics and Speed Insights for privacy-friendly website optimisation
Sub-processors and hosting location
We do not sell personal data. For hosting, database, email delivery and AI-supported features we rely on technical service providers, governed by data processing agreements or their standard terms.
Currently used providers:
- Vercel Inc., USA — hosting of the web application, CDN and edge/serverless functions; depending on the selected deployment region processing happens in the EU and/or the USA.
- PostgreSQL database hosting (e.g. Neon / Vercel Postgres) — persistent storage of application data in one of the offered EU/US regions.
- Hostpoint AG, Rapperswil-Jona (Switzerland) — sending of system and contact emails via SMTP, data stored in Switzerland.
- Anthropic PBC, USA — processing of short prompt and response texts for the AI command bar and AI descriptions when those features are actively used.
- PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg — handling of paid subscriptions when PayPal is selected as payment method.
- Optional, only after consent: Vercel Analytics and Vercel Speed Insights for anonymous reach and performance statistics.
Retention
We store personal data only as long as needed for the relevant purpose, legal obligations, or legitimate interests.
Concrete retention periods:
- Audit logs (security-relevant actions): rolling 5 days, then automatic deletion.
- Demo accounts: max. 7 days from creation, after which the account is locked and the associated data is deleted.
- Account, organisation and service data: as long as the account or organisation is active; after termination or soft-delete a backup snapshot is created, retained for administrative purposes only and deleted on request.
- Contact and demo requests: until the request has been fully handled plus a reasonable proof retention; deleted afterwards.
- Invoicing and billing data: in accordance with statutory retention periods (typically 10 years under Swiss law).
Your rights
You may request access to processed personal data and, depending on applicable law, request rectification, deletion, or restriction of processing.
Please send requests to info@timefolio.ch.