GDPR & FADP Compliance

Effective date: 8 August 2025

Scope

This page explains how SwissPer aligns with the Swiss Federal Act on Data Protection (FADP), the EU General Data Protection Regulation (GDPR), and the UK GDPR.

Controller & representatives

• Controller: SwissPer, [Registered Address], Switzerland
• DPO (if appointed): [Name / Contact]
• EU/UK Representative (if required): [Name / Contact]

Data processing activities

• Categories: account data, usage data, content (audio, transcripts, summaries), billing data.
• Purposes: provide/operate service, support, security, analytics, legal compliance, product improvement.
• Legal bases: contract, legitimate interests, consent (where applicable), legal obligations.

International transfers

Where we transfer personal data outside Switzerland/EEA/UK, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) and, if necessary, supplementary measures. We assess recipients’ legal environments as part of our transfer risk analysis.

Subprocessors

SwissPer uses vetted subprocessors to deliver the Service. Your data may be sent to these external providers for processing. We maintain DPAs and require appropriate security measures. A non-exhaustive list of typical categories:

• Cloud infrastructure & storage
• Speech-to-text / LLM providers
• Analytics & error monitoring
• Email & customer support tooling
• Payment processing & invoicing
• Logging & security services

For a current list of named subprocessors (including locations) or to receive change notifications, contact privacy@swissper.app.

Data subject rights

• Access, rectification, erasure
• Restriction and objection to processing
• Portability
• Consent withdrawal

Submit requests to privacy@swissper.app. We will verify identity and respond within required timelines.

Retention & deletion

We retain personal data only as long as necessary for the purposes described and delete or anonymize data thereafter. You may request deletion at any time (subject to legal retention).

Security measures

We implement technical and organizational measures appropriate to risk, as summarized on our Data Security page.

CCPA/CPRA

For California residents, we do not “sell” or “share” personal information as defined by CPRA. We honor verifiable consumer requests for access, deletion, and correction.

Contact & complaints

Email privacy@swissper.app. You may also contact the Swiss FDPIC or your local supervisory authority in the EEA/UK.