Privacy
We collect as little personal data as we reasonably can, store it in Switzerland or the EU, and don't sell it. This page tells you exactly what runs through us and why.
Who we are
The data controller is AccentX GmbH, CH-2502 Biel/Bienne, Switzerland. Full company identity on the imprint. Reach us at hello@accentx.ch.
What we collect, why, and on what basis
- Mailing list
- Your email address, when you submit the launch-list form. Stored in our internal data store (a JSON file in our website's repository, on a private branch) until we send you the launch email. We use it to send you one email when we're ready. Legal basis: consent (GDPR Art. 6(1)(a)).
- Contact form
- Name, email, topic, and message, when you submit the contact form. Sent to us by email. We use it to reply. Legal basis: consent (GDPR Art. 6(1)(a)).
- Spam protection
- When you submit either form, Cloudflare Turnstile briefly checks that you're a human. The check uses signals from your browser (no cookies, no fingerprinting persisted across sites). The resulting one-time token expires within minutes and is discarded after we verify it. Legal basis: legitimate interest (GDPR Art. 6(1)(f)).
- Server logs
- IP address, request URL, user-agent, and response code, for every page request. We use it to operate and secure the service. Legal basis: legitimate interest (GDPR Art. 6(1)(f)).
- Theme preference
- A single value (
darkorlight) stored in your browser's local storage when you click the theme toggle. We never see it — it stays on your device. Legal basis: legitimate interest (GDPR Art. 6(1)(f)).
Who has access
We use a small set of processors, each bound by data-processing agreements:
- Fly.io — hosting. The site runs in Fly's Frankfurt region (
fra). Server logs live on Fly machines. - NetZone AG (netzone.ch) — Swiss mail provider. Outbound notifications from the contact form are delivered through NetZone's SMTP service in Switzerland.
- Cloudflare — provides the spam-protection challenge (Turnstile) shown briefly when you submit a form. Cloudflare receives only what's needed to score the challenge; we receive a yes/no result back. No cookies are set on this site by Cloudflare.
- Rybbit — privacy-friendly analytics, self-hosted on a separate Fly app under our control. No cookies, no IPs stored, no cross-site tracking. Not yet live.
International transfers
Your data stays in Switzerland and the EU. The site itself runs in the EU (Frankfurt), and outbound mail through NetZone AG is processed in Switzerland. Switzerland has an EU adequacy decision, so transfers between the two are unrestricted under GDPR. Fly.io is incorporated in the United States, but our machines and storage are in the EU; any incidental transfer to the US is covered by Fly's data-processing agreement and EU Standard Contractual Clauses.
How long we keep it
- Mailing list
- In our internal data store (private git branch) until you unsubscribe or ask us to delete you.
- Contact form
- In our inbox until you ask us to delete it.
- Spam-protection token
- Discarded within minutes — only used to verify the form submission.
- Server logs
- Per Fly.io's defaults — typically a few days to a few weeks.
- Theme preference
- Until you clear your browser storage.
Your rights
Under Swiss FADP and EU GDPR, you have the right to:
- Ask what personal data we hold about you (access).
- Correct inaccurate data (rectification).
- Have your data deleted (erasure).
- Restrict or object to our processing.
- Receive a copy of your data in a portable format.
- Withdraw consent at any time, with effect for the future.
To exercise any of these, write to hello@accentx.ch. You also have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or the supervisory authority in your EU country of residence.
Cookies and similar technologies
We do not use cookies. The contact and mailing-list forms include a CSRF token, which is a hidden form field, not a cookie. The theme toggle uses your browser's local storage as described above; that data never leaves your device.
Changes to this notice
This notice was last updated on 2026-04-26. We'll update it whenever the data flows above change. Material changes (new processor, expanded data collection) will be announced on the mailing list before they take effect.