ARCHBiT← Back to homepage
Legal

Privacy Policy

Datenschutzerklärung gemäss nDSG (Schweiz) und DSGVO (EU) · Last updated: 1 April 2026

This Privacy Policy explains how ARCHBiT GmbH collects, uses, and protects personal data in connection with the ARCHBiT platform. It applies to all users of our platform and visitors to our website.

01

Controller / Verantwortliche Stelle

ARCHBiT GmbH, 6343 Rotkreuz, Switzerland is the controller for personal data collected through the ARCHBiT platform and this website.

Contact: privacy@archbit.ch · legal@archbit.ch

02

Data We Collect

Account data: name, email address, phone number, job title, company name — collected at registration to provide the Service.

Usage data: IP addresses, browser type, pages visited, feature interactions — collected via server logs for security and product improvement.

Service data: ticket content, customer records, time entries, and other data entered by users — processed solely on behalf of the Customer in our capacity as a data processor (B2B processor role).

Payment data: billing address and invoice references. Payment card data is handled exclusively by Stripe and is never stored on ARCHBiT infrastructure.

03

Legal Basis

Processing is based on:

  • Contract performance (Art. 6(1)(b) GDPR / nDSG § 31)
  • Legitimate interests in security and fraud prevention (Art. 6(1)(f))
  • Legal obligations, including Swiss commercial record-keeping (Art. 6(1)(c))
  • Consent, where explicitly given
04

Data Storage and Transfers

ARCHBiT is delivered as self-hosted software deployed on the Customer's own infrastructure. ARCHBiT GmbH does not operate shared cloud infrastructure and does not have access to Customer data stored in self-hosted deployments.

Registration and billing data held directly by ARCHBiT GmbH is stored on servers located in Switzerland and/or the EU. No personal data is transferred to third countries without appropriate legal safeguards.

05

Retention

Account data is retained for the duration of the subscription plus 30 days. Audit logs are retained for 2 years. Invoice records are retained for 10 years as required by Swiss commercial law (OR Art. 958f). Data is securely deleted after the applicable retention period.

06

Sub-processors

ProviderPurposeLocation
StripePayment processing (if billing enabled)Ireland (EU)
Customer SMTP providerTransactional email (configured by Customer)Customer-defined
07

Your Rights (nDSG / GDPR)

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (right to be forgotten)
  • Restrict processing
  • Portability of your data
  • Object to processing
  • Withdraw consent at any time

To exercise these rights, contact privacy@archbit.ch. We respond within 30 days. You may also lodge a complaint with the EDÖB (Swiss Federal Data Protection Commissioner) or your local supervisory authority.

08

Security

ARCHBiT implements: TLS 1.3 for all data in transit · bcrypt password hashing · TOTP two-factor authentication · role-based access controls · full audit logging · automated backups · regular dependency security updates.

09

Cookies

The platform uses only essential cookies for session management (JWT tokens in httpOnly, SameSite cookies). No tracking or advertising cookies are used. No third-party analytics scripts are loaded.

10

Changes

Material changes to this policy will be communicated by email at least 30 days before they take effect.

ARCHBiT GmbH

6343 Rotkreuz, Switzerland
Privacy: privacy@archbit.ch
Legal: legal@archbit.ch

Terms of ServiceData Processing Agreement