Back to Home

Privacy Policy

This privacy policy explains how we process personal data in accordance with the Swiss Federal Act on Data Protection (FADP, revDSG, in force since 2023) and – where applicable – the EU General Data Protection Regulation (GDPR).

Data Controller

Yves Gugger, Holzmoosrütisteig 1b, 8820 Wädenswil, Switzerland, info@thinkery.ch

Categories of Personal Data

  • Account data: name, email address, password hash, account status
  • Usage data: access logs, timestamps, feature interactions
  • Content data: messages, notes, uploaded files (as provided by you)
  • Technical data: IP address, browser and device data (for security and operation)

Sources of Data

  • Directly from you (registration, use of features, support requests)
  • Automatically through your use of the service (technical and usage data)

Purposes of Data Processing

  • Provision of website and app functions (chat, projects, notes, todos)
  • Authentication and session management
  • Communication (support, system notifications)
  • Security, stability and development of the service
  • Usage analysis (anonymized/pseudonymized, only if activated)

Legal Basis

We process personal data based on Art. 31 ff. FADP (e.g. consent, contract performance, overriding private or public interests) and – where applicable – Art. 6(1) lit. a, b, f GDPR.

Storage Duration

We store personal data only as long as necessary for the respective purpose or as required by statutory retention obligations (e.g. commercial and tax law).

Recipients and Third Parties

If external services (e.g. analytics) are used, this is done in compliance with data protection (e.g. IP anonymization where technically feasible, EU/EEA processing, data processing agreements). Details available upon request.

Security and Encryption

We implement appropriate technical and organizational measures to protect personal data. Chat message content is protected with modern encryption (AES‑256‑GCM) at rest with per‑message IVs and key versioning. Keys are provided via secure environment variables. Where configured by administrators, plaintext storage can be disabled. See also “Encryption Security” in our documentation.

Cookies and Tracking

We use essential cookies (e.g. session cookies) to operate the service. Non-essential cookies (e.g. analytics) are only used if activated and with consent where required. For details, see our Cookies page.

Rights of Data Subjects

  • Access (information on data processed about you)
  • Rectification and erasure
  • Restriction and objection (where legally provided)
  • Data portability (where applicable)

International Transfers

Where data is transferred abroad, we ensure an adequate level of data protection (e.g. processing within Switzerland/EU/EEA or with suitable safeguards).

Automated Decision-Making

We do not carry out automated individual decision-making with legal or similar significant effects within the meaning of the FADP/GDPR.

Children's Data

Our service is not directed to children. We do not knowingly process personal data of children without appropriate consent where required by law.

Contact and Complaints

For privacy requests (access, deletion, questions), please contact info@thinkery.ch. You also have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC).

Last updated: 2025