Skip to main content

Privacy Policy

Information about data protection according to Swiss law (revDSG) and EU GDPR

Responsible Authority

BoVita Herbst

Sole proprietorship (Einzelfirma)

Administration office

Lindenmoosstrasse 19

8910 Affoltern am Albis

Canton of Zurich, Switzerland

Registered office: Merenschwand, Canton of Aargau

UID (Commercial Register Number): CHE-380.769.623

Data Protection Contact: [email protected] | +41 79 899 44 33

General Information on Data Processing

We process personal data exclusively within the framework of the legal provisions of the Swiss Data Protection Act (revDSG, in force since 1 September 2023) and, where applicable, the EU General Data Protection Regulation (GDPR). Personal data is any information that relates to an identified or identifiable person.

We collect and process data only to the extent necessary for providing our website, answering inquiries, processing rental agreements, and fulfilling our legal obligations.

Collected Data and Purposes

a) When visiting the website

  • IP address (anonymized), date and time of access, browser type and version, operating system
  • Referring URL (website you came from)
  • Pages visited, time spent, click behavior

Purpose: Technical provision, security, website optimization, anonymous usage statistics

Legal basis: Legitimate interest (Art. 31 para. 1 revDSG)

b) For inquiries via contact or inquiry forms

  • Name, first name, email, phone number, message and optional information (e.g., desired location, move-in date, rental duration)

Purpose: Processing inquiries, contract preparation, communication

Legal basis: Pre-contractual measures / contract performance

c) Within rental relationships

  • Contract and master data (name, address, date of birth, ID copy, payment details)

Purpose: Conclusion and processing of rental agreements, legal obligations

Legal basis: Contract performance, legal obligations (OR, revDSG)

d) For downloading free resources (Lead Magnets)

  • Email address, downloaded resource, source page, language preference

Purpose: Providing requested free resources (checklists, guides, templates), occasional information about relevant topics and offers

Legal basis: Your explicit consent when submitting your email address (Art. 6 para. 6 revDSG). You can revoke this consent at any time by contacting us.

e) For property applications (rental applications)

  • First and last name, date of birth, nationality, contact details (email, phone, current address)
  • Employment status (employed, student, apprentice, self-employed), employer or educational institution, monthly income
  • Desired property, room and move-in date, planned tenancy duration, references where applicable
  • Optional: ID copy, debt collection register extract, salary statements (uploaded only after invitation)

Purpose: Tenant suitability check, contract preparation, decision on letting

Legal basis: Pre-contractual measures (Art. 31 para. 2 lit. a revDSG / Art. 6 para. 1 lit. b GDPR)

f) When using affiliate/referral links

  • Click data, referral source, anonymized conversion information

Purpose: Attribution of referrals, commission tracking by third-party provider

Legal basis: Legitimate interest, consent via cookie banner

Current partner: Digitec Galaxus AG (mobile, internet, TV subscriptions)

g) When using our free tools (BoVita Tools)

On /tools and the individual tool pages (e.g., /tools/mietdossier-express) we offer free wizards that help you prepare documents such as a Swiss-style rental application. The data you enter into these wizards is processed differently depending on the step:

  • Wizard form data (personal details, employment, income, family situation, references, attachment metadata): stored exclusively in your browser (localStorage) on your device. We do not transmit this data to our server and do not save it in our database.
  • Optional AI cover letter generation: if you explicitly click the AI cover letter button, the relevant fields from your wizard (e.g., name, profession, target property, motivation) are transmitted to OpenAI, L.L.C. (USA) via API to generate a draft text. The draft is returned to your browser and is not stored on our server. See section "Automated Communication and AI Processing" below for further details on OpenAI.
  • Lead form on the tools overview ("I'm interested in a tool"): first name, email, tool selection, optional question. This data is sent to our server and stored to send you the requested information.
  • Optional shareable dossier link (Mietdossier Express): if you explicitly create a shareable link to send your dossier to a property management as a web page instead of a file, the dossier content required for this is stored on our server (Neon, EU). The link contains a random code; the database holds only a cryptographic hash (SHA-256) of it, never the code itself. The link is not searchable, expires automatically after the validity chosen by the creator (7 to 60 days, 30 by default) and is then permanently deleted on the server. You can also delete it yourself earlier at any time.
  • Contact form on a shared dossier link (opt-in, Mietdossier Express): if the creator has enabled the contact form on their shareable link, a property management can enter a name, email address and a message there. These details are forwarded immediately by email to the applicant via our server using Resend, Inc. (USA, EU Standard Contractual Clauses); the management serves as the reply address. The content of the message is not stored by us; we only count the number of inquiries received per link. The creator can deactivate the form again at any time.
  • Optional document upload on the shareable link (Mietdossier Express): if you explicitly enable the document upload on your shareable link, you can voluntarily attach documents (e.g., debt-collection register extract, salary proof, ID, further supporting documents) to your application page. These files are stored encrypted in an object storage (Cloudflare R2, EU region) and are retrievable only via your valid link (no public directory; download only server-side via the link). You can delete individual files yourself at any time; when the link expires or is deleted, the files are also permanently removed on the server. The upload is entirely voluntary and no sensitive documents are required.

Purpose: Provision of the requested tool, generation of the requested draft text, response to your inquiry.

Legal basis: Your consent when triggering the action (Art. 6 para. 6 revDSG / Art. 6 para. 1 lit. a GDPR), pre-contractual measures where applicable. The wizard form data does not constitute a data processing operation by us as long as it stays in your browser.

You can delete the wizard data at any time by using the "Reset" function inside the tool or by clearing your browser storage.

h) When using the Swiss family allowances eligibility check

On /de/kinderzulagen-schweiz-selbststaendige-expats we provide an interactive wizard that helps self-employed individuals and expats in Switzerland assess whether they may be entitled to Swiss family allowances (Kinderzulagen). The check works as follows:

  • Wizard answers (residence in Switzerland, canton, marital status, employment status, number and place of residence of children): processed exclusively in your browser. The logic runs client-side; the answers are not transmitted to our server and are not stored in our database.
  • Optional advisory portal (/api/kinderzulagen/portal/[token]): only if we provide you with a personal access token after explicit contact, a token-protected portal is available where you can upload supporting documents (e.g., proof of employment, family book, salary statements) and receive individual feedback. This portal is opt-in and not part of the public eligibility check.
  • No legal or tax advice: the wizard provides a non-binding orientation. Binding statements are issued only by the responsible family allowance fund (Familienausgleichskasse) of your canton.

Purpose: Free orientation aid for self-employed people and expats; on opt-in, document-based individual feedback.

Legal basis: Your consent (Art. 6 para. 6 revDSG / Art. 6 para. 1 lit. a GDPR) for the optional advisory portal. The public eligibility check itself does not generate any processing by us because all answers remain on your device.

Tenant Portal (Mieterportal)

We operate a password-protected tenant portal at /mieterportal where active tenants can manage their tenancy. Access is granted only after a contract is signed; credentials are issued personally.

Data processed in the portal

  • Master and contract data: name, email, room, property address, move-in date, monthly rent, deposit
  • Tickets: subject, message text, status, attachments (e.g., photos of damage), timestamps and replies
  • Documents made available individually: rental contract, house rules, statements, etc.
  • Login data: hashed password (scrypt), forced password change on first login, last login timestamp, IP address of the login attempt
  • Session data: server-side session ID, expiry, optional 'stay logged in' choice

Purposes

Provision of the tenancy as a self-service area: submit and track tickets, retrieve personal documents, manage profile and password, find helpful links.

Legal basis

Performance of the tenancy contract (Art. 31 para. 2 lit. a revDSG / Art. 6 para. 1 lit. b GDPR), legal obligations and our legitimate interest in efficient tenancy management (Art. 31 para. 1 revDSG / Art. 6 para. 1 lit. f GDPR).

Session cookies (strictly necessary)

The portal uses a strictly necessary, server-side session cookie (HTTP-Only, Secure, SameSite=Lax) to keep you signed in. The cookie contains only an opaque session ID, no personal data. Lifetime: until logout, end of the browser session, or, if 'stay logged in' was chosen, up to 30 days. No consent banner is required for this cookie because it is essential for the service you have explicitly requested.

Offline cache (PWA / service worker)

The portal can be installed as a Progressive Web App. A service worker caches portal pages and recently viewed lists locally on your device for offline access. This data does not leave your device and is removed when you log out, clear browser data, or uninstall the app.

Admin access and impersonation

Authorised employees of the responsible authority may, for support purposes, sign in to your portal account in your name (impersonation). Each impersonation session is logged with the responsible employee, the affected tenant account, and the timestamp. Access is limited to the necessary minimum and is governed by internal access controls.

Auto-lock

After prolonged inactivity, the portal automatically locks and requires re-authentication. After multiple failed login attempts, the account is temporarily locked to protect against brute-force attacks.

Legal Basis for Processing

We base the processing of personal data on the following grounds according to revDSG (and GDPR where applicable):

  • Consent of the data subject (Art. 6 para. 6 revDSG / Art. 6 para. 1 lit. a GDPR)
  • Performance of a contract or pre-contractual measures (Art. 6 para. 1 lit. b GDPR)
  • Legal obligations (Art. 6 para. 1 lit. c GDPR)
  • Legitimate interest, e.g., to ensure the security of our website, optimize our offer, or measure advertising effectiveness (Art. 31 para. 1 revDSG / Art. 6 para. 1 lit. f GDPR)

Google Analytics & Google Ads

Google Analytics 4

This website uses Google Analytics 4 (Measurement ID: G-2KYWLQB7SJ), a web analytics service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies and similar technologies to analyze the use of our website. The information generated (including your shortened IP address) is transferred to a Google server and processed there. IP anonymization is active.

Data collected: Pages visited, session duration, bounce rate, approximate location (city level), device and browser information, traffic source/medium.

Opt-out: You can prevent data collection by Google Analytics by using the browser add-on to disable Google Analytics or by rejecting analytics cookies via our cookie banner.

Google Ads Conversion Tracking

We use Google Ads Conversion Tracking (Conversion ID: AW-17966674235) to measure the effectiveness of our advertising campaigns. When you reach our website through a Google ad, a conversion cookie is set on your device. This cookie expires after 30 days and does not serve personal identification. It allows us to track whether certain actions were performed on our website (e.g., submitting a form, viewing a property). We only receive anonymous, aggregated statistics.

Tracked conversion events: Page views, contact form submissions, property inquiry submissions, phone call clicks.

Opt-out: You can disable conversion tracking cookies in your browser settings, via our cookie banner, or in your Google Ads settings deactivate.

Data Transfer to USA

Google may transfer data to the USA. Google LLC is certified under the EU-US Data Privacy Framework, ensuring an adequate level of data protection. For more information, see Google's privacy policy: policies.google.com/privacy

Meta Pixel & Conversions API (Facebook/Instagram)

Meta Pixel

This website uses the Meta Pixel (Pixel/Dataset ID: 1719931755655970), a service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The pixel records page views and certain actions (e.g. submitting a form, viewing a property, requesting a viewing) and attributes them to our advertising campaigns on Facebook and Instagram. The pixel is only loaded and only sends data after you have explicitly accepted marketing cookies via our cookie banner.

Data collected: page views, conversion events (e.g. lead, property view, viewing request, application), IP address, browser and device information.

Conversions API (server-side)

In addition to the browser-based pixel, we use the Meta Conversions API. The same conversion events are transmitted to Meta server-side so that measurement remains reliable even with ad blockers or cookie restrictions. Each event carries a shared event ID, so the pixel and server transmissions are merged by Meta and not counted twice. If you have provided an email address, it is irreversibly hashed with SHA-256 (pseudonymised) before transmission; Meta uses the hash solely for matching, never in plain text. The Conversions API is likewise only active once marketing consent has been given.

Opt-out

You can prevent Meta tracking at any time by rejecting marketing cookies via our cookie banner or by withdrawing your consent. You can also adjust your ad settings in your Facebook/Instagram account.

Data Transfer to USA

Meta may transfer data to the USA. Meta Platforms, Inc. is certified under the EU-US Data Privacy Framework, ensuring an adequate level of data protection. For more information, see Meta's privacy policy: facebook.com/privacy/policy

Disclosure of Data to Third Parties

Personal data will not be passed on to third parties, except:

  • If this is necessary for contract fulfillment (e.g., banks for payments, insurance companies, administrative or social services)
  • If there is a legal obligation
  • If there is explicit consent
  • To service providers who process data on our behalf (data processors) under strict contractual conditions

Current data processors:

  • Cloudflare, Inc., Content Delivery Network, reverse proxy, DDoS and bot protection (USA, with global points of presence including Switzerland and the EU)
  • Google Ireland Ltd., Web analytics, advertising (Ireland/USA)
  • Fly.io, Inc., Hosting of the website and tenant portal; application servers located in Frankfurt, EU (USA-incorporated, data stored in the EU)
  • Neon, Inc., Managed PostgreSQL database; data hosted in Frankfurt, EU (USA-incorporated, data stored in the EU)
  • Cloudflare R2 (Cloudflare, Inc.), Encrypted object storage for tenant documents, attachments and assets, EU jurisdiction (data stored in the EU)
  • Resend, Inc., Transactional email delivery (notifications, confirmations) (USA)
  • Microsoft (Microsoft 365), Email inbox for [email protected] (incoming mail), EU Data Boundary
  • OpenAI, L.L.C., AI-assisted text generation for inbound chats and tickets (USA). Inputs are not used for model training (default API behaviour).
  • Meta Platforms Ireland Ltd. (WhatsApp), Messaging infrastructure for inbound and outbound WhatsApp communication (Ireland/USA)
  • Meta Platforms Ireland Ltd. (Pixel & Conversions API), Reach measurement and conversion tracking for Facebook/Instagram advertising; email addresses are SHA-256 hashed before transmission (Ireland/USA)
  • Flatfox AG, Listing platform for property inquiries (Switzerland)
  • Buffer, Inc., Social media post scheduling, generally no tenant or applicant data (USA)
  • Helvetia Schweizerische Versicherungsgesellschaft AG, Tenant deposit insurance, only if chosen by the tenant (Switzerland)
  • Digitec Galaxus AG, Affiliate/referral tracking (Switzerland)

Data Processing within the Management Software (Business Clients)

BoVita provides management companies and property owners with a digital management software as well as management services for residential and room properties. Depending on the chosen model, BoVita's role under data protection law differs:

  • Platform use by partner companies: if a partner company uses the platform independently and enters its own tenant, applicant or property data, BoVita processes this data exclusively on behalf of and according to the instructions of the partner company. BoVita acts as a data processor, the partner company remains the controller. The basis is a separate data processing agreement (DPA) pursuant to Art. 9 revDSG and Art. 28 GDPR.
  • Management mandate by BoVita: if BoVita itself takes over the management within a mandate, BoVita is the controller for the data processed in that context. The remaining provisions of this privacy policy apply.

The technical and organisational measures described in this privacy policy, the engaged data processors (sub-processors) and the safeguards for international data transfers apply equally in both cases. Data subjects of a partner company should address requests for information, correction and deletion primarily to the relevant partner company as controller; BoVita forwards such requests without delay and supports their handling.

International Data Transfers

Several of the services we use (Cloudflare, Google, Fly.io, Neon, Resend, OpenAI, Meta/WhatsApp, Buffer, Vimeo) are based in the USA or process data there. The USA is not considered by the Swiss Federal Data Protection and Information Commissioner (FDPIC) or by the EU to provide a level of data protection equivalent to revDSG/GDPR. Data transfers to the USA are safeguarded by the following measures:

  • Swiss-US Data Privacy Framework and EU-US Data Privacy Framework for certified companies (including Cloudflare, Google LLC, Meta Platforms, Inc., OpenAI Global, LLC and Buffer)
  • EU Standard Contractual Clauses (2021/914) including the Swiss addendum recommended by the FDPIC, where the Data Privacy Framework does not apply
  • Supplementary technical and organisational measures: transport encryption (TLS 1.2/1.3), encryption of data at rest, IP truncation where offered, strict access controls and contractual exclusion of input use for AI model training
  • Information to data subjects in accordance with Art. 19 revDSG and Art. 13 / 14 GDPR

Despite these safeguards, US authorities may, under US surveillance laws (in particular FISA 702 and Executive Order 12333), demand access to data held by US providers. The Swiss-US Data Privacy Framework offers data subjects from Switzerland and the EU a binding complaints procedure (Data Protection Review Court). By using our website you acknowledge this transfer in line with Art. 17 revDSG and Art. 49 GDPR.

Retention and Deletion of Personal Data

We store personal data only for as long as necessary for the respective purpose or as required by legal retention obligations (Art. 958f OR, Swiss Code of Obligations; for EU citizens also Art. 17 GDPR). After that, the data will be deleted or anonymized.

Specific retention periods for your data:

Contact form inquiries (general inquiries)

Retention period: 6 months after completion of the inquiry

Rental applications (property applications)

If approved: Duration of the tenancy + 10 years (legal retention obligation)

If rejected: 6 months after rejection

Waitlist registrations

Retention period: Until placement or 12 months of inactivity

Lead magnet email addresses

Retention period: Until revocation of consent or 24 months of inactivity

Partner inquiries (companies, social services, universities)

Without partnership: 6 months after conclusion of discussions

With partnership: Duration of the collaboration + 10 years

Business correspondence and invoices

Retention period: 10 years (Art. 958f Swiss Code of Obligations)

Tenant portal, tickets and replies

While tenancy is active: Stored for the duration of the tenancy

After move-out: 24 months for warranty and complaint periods, then deletion or anonymisation

Tenant portal, login and session logs

Retention period: 12 months (security and abuse prevention)

WhatsApp / chat conversations (inbound)

If no contractual relationship arises: 12 months after the last message, then deletion

If a tenancy starts: Duration of the tenancy + 24 months

Tenant documents (rental contract, statements)

Retention period: Duration of the tenancy + 10 years (Art. 958f Swiss Code of Obligations)

Google Analytics data

Retention period: 14 months (Google's default setting for GA4)

Your right to deletion

You can request deletion of your personal data at any time by contacting [email protected]. We will process your request within 30 days, unless legal retention obligations prevent deletion.

Rights of Data Subjects

Under the revDSG (and GDPR for EU/EEA residents), you have the following rights:

  • Right to information: Information about which data we process about you
  • Right to correction: Correction of incorrect or incomplete data
  • Right to deletion: Deletion of data, provided no legal retention obligations exist
  • Right to restrict processing: Restriction of data processing under certain conditions
  • Right to object: Objection to processing based on legitimate interest
  • Right to data portability: Transfer of your data in a structured, commonly used format
  • Right to withdraw consent: Revocation of previously given consent at any time

To exercise your rights, contact us at [email protected]. We will respond within 30 days.

Right to lodge a complaint: You have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or, if you are an EU/EEA resident, with a supervisory authority in your country of residence.

Data Security

We implement appropriate technical and organizational measures to protect personal data from loss, misuse, unauthorized access, or unlawful processing. These include:

  • SSL/TLS encryption (HTTPS) for all data transmissions
  • Passwords stored as salted hashes (scrypt), never in plain text
  • Forced password change on first portal login; minimum length and complexity enforced
  • Server-side sessions with HTTP-Only / Secure / SameSite cookies; automatic logout after inactivity
  • Brute-force protection: rate limiting and temporary account lock-out after multiple failed login attempts
  • Granular role-based access controls in the admin area; logged impersonation for support cases
  • Strict scope filtering: tenants can only see their own documents and tickets
  • Encrypted database connections and encrypted object storage for documents and attachments
  • Regular security updates, dependency monitoring and system monitoring

Cookies

Our website uses cookies. Cookies are small text files that are stored on your device when you visit our website. They help us to make our website more user-friendly and to analyze the use of our offer.

Necessary Cookies

Essential for the operation of the website. They enable basic functions such as page navigation, language selection, and cookie consent storage. Without these cookies, the website cannot function properly. No consent required.

Cloudflare (CDN / DDoS protection / proxy)

Our website is served via the Cloudflare proxy. Cloudflare may set the following security-related cookies: cf_clearance (bot challenge result, session-scoped) and __cf_bm (bot management, up to 30 min). These cookies are strictly necessary for security and site availability; they do not track you for advertising purposes and do not require consent. Cloudflare is certified under the EU-US Data Privacy Framework.

Analytics Cookies (Google Analytics)

Help us understand how visitors interact with our website by collecting anonymous information about page views and navigation patterns. Set only with your consent. Provider: Google Ireland Ltd. Cookie names: _ga, _ga_*. Duration: up to 14 months.

Marketing Cookies (Google Ads)

Used to measure the effectiveness of advertising campaigns and track conversions. Set only with your consent. Provider: Google Ireland Ltd. Cookie name: _gcl_aw. Duration: 90 days.

Tenant Portal Session Cookies (necessary)

Strictly necessary cookie that keeps you signed in to /mieterportal. HTTP-Only, Secure, SameSite=Lax. Contains only an opaque session ID. Lifetime: until logout, end of browser session, or up to 30 days if 'stay logged in' was selected. No consent required.

You can manage your cookie preferences at any time on our Cookie Settings page or in your browser settings.

Automated Communication and AI Processing

We use AI-assisted tools to handle inbound inquiries efficiently. We are transparent about where AI is involved and you always have the right to request human handling.

WhatsApp inbound bot

Inbound WhatsApp messages from prospective tenants and tenants are received via the official WhatsApp infrastructure (Meta Platforms Ireland Ltd.). For frequently asked questions, an AI sales assistant generates draft replies that are sent automatically; for sensitive topics, complaints, or unclear cases, the conversation is escalated to a human.

Processed data: phone number, sender name (if shared), message content, attachments, timestamps, language, source detection, conversion status.

OpenAI for AI text generation

Message content from inbound chats is sent to OpenAI, L.L.C. (USA) via API to generate replies. We use the API in a configuration where inputs are not used for model training (default behaviour of the OpenAI API). The same applies to AI image generation for our social media content (model: gpt-image-1), only briefs and prompts are transmitted, no tenant data.

Flatfox chat automation

On the Flatfox listing platform, AI generates a first contextual reply to incoming chat inquiries. Lost-interest detection, automated application declines, and proactive follow-ups are based on conversation history. Cost killswitches allow us to deactivate the automation at any time.

AI cover letter generator (Mietdossier Express)

Inside the free tool /tools/mietdossier-express you can optionally generate a draft cover letter for your rental application. Only when you actively click the corresponding button, the wizard fields you have filled in (e.g., first name, last name, profession, target property, personal motivation) are transmitted via API to OpenAI, L.L.C. (USA) and used to generate a text draft. The draft is returned to your browser and shown to you for further editing. The transmitted data is not used by OpenAI for model training (default behaviour of the OpenAI API in the configuration we use) and is not stored on our server. If you do not use the AI feature, no data is transmitted to OpenAI.

AI content engine for social media

We use a 6-step AI pipeline (text + image generation, multi-round QA, brand consistency check, scheduled publishing via Buffer) for our own marketing content. No personal data of tenants or applicants is processed.

Your right to human handling

In line with Art. 21 revDSG, you can object to purely automated individual decisions and request that a person review the matter. Reply to any AI message with a clear request such as 'I would like to speak to a person', your conversation will be escalated immediately.

Third-Party Services

Google Fonts

This website uses Google Fonts for uniform font display. Fonts are loaded from Google servers, which may result in your IP address being transmitted to Google.

Google Maps

We embed Google Maps to show property locations. Using Google Maps may result in data being transmitted to Google. Only loaded with your consent.

Vimeo

We embed videos from Vimeo (Vimeo, Inc., USA). When playing a video, a connection to Vimeo servers is established and data (including your IP address) may be transmitted.

Content Delivery Network & DDoS Protection (Cloudflare)

Our website is served via the global network of Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA. Cloudflare acts as a reverse proxy between your browser and our origin server, accelerates the delivery of static assets and protects the site against DDoS attacks and malicious bots. When you call up bovita.ch, your IP address, the user agent, the requested URL and technical request metadata are processed by Cloudflare for the purpose of connection routing, caching and attack defence. Cloudflare is certified under the EU-US Data Privacy Framework, the UK Extension and the Swiss-US Data Privacy Framework, and uses EU Standard Contractual Clauses for transfers outside these frameworks. Privacy policy: cloudflare.com/privacypolicy

Hosting (Fly.io)

Our origin server is operated by Fly.io, Inc. (USA), with application servers located in Frankfurt, Germany (EU). Server log files (IP address, browser type, access time, requested URL) are processed for technical purposes (operation, security, error analysis) and deleted or anonymised after 30 days at the latest. Transfers to the USA are safeguarded by EU Standard Contractual Clauses; the data is stored in the EU. Privacy policy: fly.io/legal/privacy-policy

Database (Neon)

Application and tenant data are stored in a managed PostgreSQL database operated by Neon, Inc. (USA), hosted in Frankfurt, Germany (EU). Transfers are safeguarded by EU Standard Contractual Clauses; the data is stored in the EU. Privacy policy: neon.com/privacy-policy

Email delivery (Resend)

Transactional emails (automated notifications, confirmations, inquiry responses) are sent via Resend, Inc. (USA). The recipient address and email content are processed for this purpose. Transfers to the USA are safeguarded by EU Standard Contractual Clauses. Privacy policy: resend.com/legal/privacy-policy

Email inbox (Microsoft 365)

Incoming email to [email protected] is handled by Microsoft 365 (Microsoft Ireland Operations Ltd. / Microsoft Corporation). Microsoft is certified under the EU-US Data Privacy Framework and processes mailbox data within the EU Data Boundary. Privacy policy: privacy.microsoft.com

Object Storage (Cloudflare R2)

Tenant documents, ticket attachments, blog assets and generated images are stored in encrypted object storage on Cloudflare R2 (Cloudflare, Inc.) with EU jurisdiction (data stored in the EU). Access is restricted to the responsible authority and authorised personnel. Cloudflare is certified under the EU-US Data Privacy Framework.

WhatsApp (Meta Platforms Ireland Ltd.)

We use WhatsApp for direct communication with prospective tenants and tenants. Messages are transmitted end-to-end encrypted via WhatsApp's infrastructure. Metadata may be processed by Meta. Privacy policy: whatsapp.com/legal/privacy-policy-eea

OpenAI

We use OpenAI, L.L.C. (USA) for AI text and image generation in inbound chats and content production. Inputs are not used for model training (default API behaviour). Privacy policy: openai.com/policies/privacy-policy

Buffer

Buffer, Inc. (USA) is used to schedule and publish our own social media posts. Generally no personal data of tenants or applicants is processed. Privacy policy: buffer.com/privacy

Flatfox

Flatfox AG (Switzerland) is the listing platform for some of our properties. Inbound inquiries via Flatfox are processed there and via our chat automation. Privacy policy: flatfox.ch/de/privacy

Cross-border data transfers (USA)

Several of the processors named above (Cloudflare, Fly.io, Neon, Resend, Google, OpenAI, Buffer, Meta/WhatsApp, Vimeo) are headquartered in the USA, which the Swiss Federal Data Protection and Information Commissioner (FDPIC) and the EU do not classify as a country with an equivalent level of data protection. Transfers are based on the Swiss-US Data Privacy Framework, the EU-US Data Privacy Framework (where the provider is certified) and otherwise on EU Standard Contractual Clauses in conjunction with supplementary technical and organisational measures (encryption in transit and at rest, IP truncation where offered, no use of inputs for AI training). Despite these safeguards, US authorities may, in principle, request access to data under US surveillance laws (in particular FISA 702 and Executive Order 12333). By using our website, you acknowledge this transfer in line with Art. 17 revFADP and Art. 49 GDPR.

Changes to this Privacy Policy

We reserve the right to change this privacy policy at any time. The current version published on the website is authoritative. We recommend checking this page periodically for updates.

Last updated: 28.06.2026

    Privacy Policy, Furnished Rooms Switzerland | BoVita