Privacy Policy

1. Introduction

Schweizerform ("we", "us", "our") operates the Schweizerform platform — a Swiss-made, end-to-end encrypted form building service. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform.

We are committed to protecting your privacy through our zero-knowledge architecture. This means that the majority of data you process through Schweizerform is encrypted in your browser before it reaches our servers, and we are technically unable to access it.

2. Zero-Knowledge Architecture

Schweizerform uses a zero-knowledge, end-to-end encryption model. This is not merely a feature — it is the foundation of our platform. Here is what this means for your data:

• •Form Responses: All form submission data is encrypted in the respondent's browser using AES-256-GCM encryption before being transmitted to our servers. We store only encrypted blobs that we cannot decrypt.
• •File Attachments: Uploaded files are encrypted client-side before upload. Original file names are replaced with randomised identifiers on our servers.
• •Access Code: Your Access Code, which derives your master encryption key, is processed exclusively in your browser. We never receive, store, or have access to your Access Code or any derived encryption keys.
• •Encryption Keys: RSA private keys and form-level AES keys are encrypted with your master key before storage. We store only encrypted key material.

3. Information We Collect

3.1 Account Information

When you create an account, we collect your email address. This is used for account authentication, password recovery, and service-related communications. We do not collect your name, address, or other personally identifying information during registration.

3.2 Form Metadata

We store form metadata necessary for the operation of the service, including form titles, creation dates, status information, scheduling settings, and submission counts. Form response content is always encrypted and inaccessible to us.

3.3 Subscription & Billing

Payment processing is handled entirely by Stripe, Inc. We do not receive or store your credit card number. We receive from Stripe only a customer identifier, subscription status, plan details, and billing cycle information necessary to manage your subscription.

3.4 Analytics Data

We collect anonymous analytics data to improve our service, including page views, anonymous session identifiers (generated via browser fingerprinting without cookies), device type, and country. We do not use third-party analytics services. All analytics data is stored in our own Swiss infrastructure and does not contain personally identifiable information (PII).

3.5 Technical Data

When you use the platform, we may collect technical data necessary for service delivery, including session tokens (stored as HTTP-only cookies), CSRF tokens, language preferences, and error logs. Error logs are sanitised to exclude any sensitive or personally identifying information.

4. How We Use Your Information

We use the information we collect exclusively for the following purposes:

• •To operate and maintain the Schweizerform platform
• •To authenticate your identity and manage your account
• •To process subscription payments via Stripe
• •To send service-related communications (e.g., password recovery, subscription confirmations)
• •To improve our service based on anonymous analytics
• •To diagnose and resolve technical issues using sanitised error logs

We do not sell, rent, or share your personal information with third parties for marketing purposes. We do not use your data for advertising or profiling.

5. Cookies & Local Storage

Schweizerform uses the following client-side storage mechanisms:

• •Session Cookie: An HTTP-only, secure session cookie is used for authentication. It expires after 30 minutes of inactivity.
• •CSRF Token Cookie: A cookie containing a CSRF token is used to prevent cross-site request forgery attacks.
• •Local Storage: If you choose to save your Access Code locally, an encrypted version is stored in your browser's localStorage. The encryption key is a non-extractable CryptoKey stored in IndexedDB. Your plaintext Access Code is never stored.
• •Language Preference: Your selected language is stored locally for consistent user experience.

We do not use advertising cookies, tracking cookies, or third-party analytics cookies.

6. Data Sharing

We share your information only with the following third parties, strictly as necessary for service operation:

• •Stripe, Inc.: For payment processing. Stripe processes your payment details directly — we never receive your full card information.
• •Infrastructure Providers: Our hosting and storage providers, located exclusively in Switzerland, store encrypted data on our behalf. They do not have access to encryption keys and cannot decrypt any user data.

We will not disclose your information to any other third parties unless required by Swiss law. Even in such cases, our zero-knowledge architecture means we can only provide encrypted data that we cannot decrypt.

7. Data Retention

We retain your account data and associated encrypted form data for as long as your account remains active. If you delete your account, all personal data, form data, encrypted submissions, and associated files are permanently deleted from our systems. We do not maintain backups of user data beyond what is necessary for service continuity.

Anonymous analytics data may be retained indefinitely as it contains no personally identifiable information.

8. Your Rights

Under Swiss data protection law (nFADP) and applicable regulations, you have the following rights:

• •Right of Access: Request a copy of the personal data we hold about you.
• •Right to Rectification: Request correction of inaccurate personal data.
• •Right to Deletion: Request deletion of your account and all associated data.
• •Right to Data Portability: Request your data in a portable format. Note: encrypted form data can only be decrypted with your Access Code.
• •Right to Object: Object to the processing of your data for specific purposes.

To exercise any of these rights, please contact us at support@schweizerform.ch.

9. Swiss Data Protection Compliance

Schweizerform is governed by the Swiss Federal Act on Data Protection (nFADP), which came into effect on September 1, 2023. All data is stored exclusively in Swiss data centres. Our zero-knowledge architecture exceeds the data protection requirements set by Swiss federal law, as the majority of user data is encrypted in a way that prevents even the service operator from accessing it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of the platform after changes constitutes acceptance of the updated policy.

11. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us at: