Privacy Policy

We collect the following categories of personal data:

• Account data: email address and hashed password, provided at registration.
• Payment data: billing information processed by Stripe, Inc. We receive only a transaction confirmation and a non-sensitive payment reference; we never see or store card numbers.
• Document content: files you upload for translation. These are processed to provide the Service and are deleted automatically after 7 days.
• Usage data: technical logs including IP address, browser type, pages visited, and timestamps. This data is used to operate and improve the Service.

We do not collect sensitive personal data (such as health, biometric, or political data) and ask you not to submit such data in documents you upload.

We process personal data for the following purposes:

• Service delivery: to perform translation jobs, manage your account, and send transactional emails (verification, password reset). Legal basis: performance of contract (Art. 6(1)(b) GDPR / nDSG).
• Billing: to process payments and issue invoices. Legal basis: performance of contract and legal obligation.
• Service improvement: to monitor stability, diagnose errors, and improve features. Legal basis: legitimate interest (Art. 6(1)(f) GDPR / nDSG).
• Legal compliance: to comply with Swiss and applicable international law. Legal basis: legal obligation.

We share data with the following processors solely to deliver the Service:

Anthropic, PBC (San Francisco, CA, USA) — document content is transmitted to the Claude API to perform machine translation. Anthropic processes this data as a data processor under a data processing agreement. Anthropic does not use submitted content to train its models under its current API terms. For details, see Anthropic's Privacy Policy.

Stripe, Inc. (San Francisco, CA, USA) — payment processing. Stripe acts as an independent controller for payment data. For details, see Stripe's Privacy Policy.

Both processors operate in the USA. Transfers are based on standard contractual clauses (SCCs) or equivalent safeguards recognised under Swiss data protection law. We do not sell or share personal data with any other third parties for advertising or marketing purposes.

We retain data only as long as necessary for the purpose for which it was collected:

• Uploaded source files and translated output files: deleted automatically 7 days after job completion.
• Account data: retained for the duration of the account and deleted within 30 days of account closure.
• Billing records: retained for 10 years in accordance with Swiss accounting law (Art. 958f OR).
• Technical logs: retained for up to 90 days and then anonymised or deleted.

Under the Swiss nDSG and, where applicable, the GDPR, you have in particular the following rights:

• Access to your personal data that we process.
• Rectification of inaccurate or incomplete personal data.
• Erasure or destruction of your personal data, provided no statutory retention obligations apply.
• Portability: receipt or transfer of certain personal data in a commonly used electronic format.
• Where the GDPR applies: restriction of processing.
• Where the GDPR applies: objection to certain processing activities, in particular where processing is based on legitimate interests.

To exercise any of these rights, contact us at lukas.bertini@itsmoench.ch. We will respond within 30 days.

You also have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) at www.edoeb.admin.ch.

The Service uses a session cookie strictly necessary for authentication. We do not use tracking cookies, advertising cookies, or third-party analytics scripts. No consent banner is required for technically necessary cookies under applicable Swiss and EU law.

We protect personal data with appropriate technical and organisational measures, including encrypted transmission (TLS), hashed password storage, and access controls limited to authorised personnel. No method of transmission over the internet is completely secure; we cannot guarantee absolute security but take commercially reasonable steps to protect your data.

We may update this Privacy Policy from time to time. Material changes will be communicated by email at least 14 days before they take effect. The date at the top of this page indicates the current version. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

For any questions or requests regarding this Privacy Policy:

ITS Mönch GmbH, Grindelwaldstrasse 94, 3818 Grindelwald, Switzerland
Email: lukas.bertini@itsmoench.ch