Food Triggers
Log In
This document is a draft pending legal review. It may change before the service launches.

Privacy Policy

Last updated: 09. April 2026

1. Introduction

This Privacy Policy explains how [Company Name] ("we", "us", "our") collects, uses, stores, and protects your personal data when you use the Food Triggers service ("the Service").

We are committed to protecting your privacy and processing your data in accordance with the Swiss Federal Act on Data Protection (nFADPR/revDSG) and, where applicable, the EU General Data Protection Regulation (GDPR).

2. Data Controller

[Company Name]
[Address]
Zürich, Switzerland
Email: [Email Address]
Data Protection Officer: [DPO Name], [DPO Email]

3. Data We Collect

3.1 Account Data

When you register, we collect: first name, last name, email address, preferred language, and your IP address at the time of registration.

3.2 Health Data (Special Category Data)

When you use the Service, you may provide:

  • Food sensitivity assessment responses (symptom patterns)
  • Elimination diet selections and duration tracking
  • Food diary entries (meals, ingredients, symptoms)
  • Symptom severity scores
  • Personal ingredient exclusions

This data is classified as health-related personal data under Swiss law and special category data under the GDPR. We process it based on your explicit consent, which you provide when you use these features.

3.3 Usage Data

We automatically collect: pages visited, features used, device type, browser information, and session duration. This data is used to improve the Service and is not linked to your Health Data.

3.4 Payment Data

Payment processing is handled by Stripe. We do not store your credit card numbers or TWINT credentials. Stripe processes your payment data in accordance with PCI DSS standards. See Stripe's Privacy Policy.

3.5 Practitioner Data

If you register as a healthcare practitioner, we additionally collect: practice name, professional title, professional registration number (optional), practice address (optional), phone number (optional), and country of practice. This data is used to verify your professional status and to display your contact details to clients who choose to link with you.

4. How We Use Your Data

We process your data for the following purposes:

  • Service provision: To provide the food sensitivity assessment, diet recommendations, recipe filtering, diary analysis, and related features
  • Account management: To create and maintain your account, send verification emails, and manage subscriptions
  • Practitioner services: To enable healthcare practitioners to view linked clients' assessment, diet, and diary data with the client's explicit consent
  • Communication: To send transactional emails (verification, password reset, subscription notifications) and, with your consent, product updates
  • Security: To protect against fraud, abuse, and unauthorised access (rate limiting, security logging, bot protection)
  • Improvement: To analyse usage patterns and improve the Service (aggregated, anonymised data only)

5. Legal Basis for Processing

Under Swiss law (nFADPR) and the GDPR, we process your data on the following bases:

  • Consent: For Health Data processing, practitioner data sharing, and marketing communications
  • Contract performance: For account management and service delivery
  • Legitimate interest: For security measures and service improvement
  • Legal obligation: For tax and accounting records related to payments

6. Data Storage and Security

6.1. Your data is stored and processed exclusively in Switzerland on Infomaniak hosting infrastructure. Infomaniak operates its own data centres in Switzerland under strict Swiss data protection laws (nFADPR) and GDPR compliance. As a Swiss-owned and operated company, Infomaniak is not subject to foreign jurisdiction — your data cannot be accessed without a Swiss judicial order.

6.2. Data at rest and in transit is encrypted. Infomaniak performs automatic backups and conducts annual penetration tests on its infrastructure.

6.3. Infomaniak does not analyse, share, or sell user data. No mass surveillance is conducted, and no data is transferred outside of their Swiss infrastructure.

6.4. Passwords are hashed using Argon2ID and cannot be recovered, even by us.

6.5. Access to production data is restricted to authorised personnel only.

6.6. We conduct regular security reviews and maintain detailed security logs of all authentication and access events.

6.7. User sessions are protected with secure cookie flags (HTTP-only, Secure, SameSite), session idle timeouts, and optional multi-factor authentication (TOTP).

7. Data Sharing

We do not sell your personal data. We share data only with the following service providers, each of whom is contractually bound to process data only as instructed and to maintain appropriate security measures:

  • Infomaniak (Switzerland): Hosting and data storage. All application data, databases, and files are stored exclusively in Infomaniak's Swiss data centres.
  • Scaleway Transactional Email Management (France, EU): Email delivery only. Scaleway processes the delivery of transactional emails (verification, password reset, notifications). No personal data is stored on Scaleway infrastructure beyond what is necessary for email delivery.
  • Stripe (EU/US): Payment processing. Stripe handles all payment transactions in accordance with PCI DSS standards. We do not store payment card details.
  • Cloudflare (US): Bot protection only. Cloudflare Turnstile verifies that form submissions come from real users, not bots. No personal data is shared with Cloudflare beyond the verification token and IP address.
  • DeepL (Germany, EU): Translation services. Only recipe and diet content text is sent for translation. No personal identifiers, Health Data, or account information is sent to DeepL.

7.1 Practitioner Data Sharing

If you are a client and choose to link your account with a healthcare practitioner using their connection code, that practitioner will be able to view your assessment results, active diets, ingredient exclusions, and food diary entries. This sharing is entirely under your control:

  • You choose whether to link with a practitioner
  • You can remove a practitioner at any time, immediately revoking their access
  • You can see when a practitioner last viewed your data
  • Sharing requires an active Pro subscription

Practitioners cannot modify, delete, or export your data. Their access is read-only and is logged for audit purposes.

8. International Data Transfers

Your primary data is stored and processed exclusively in Switzerland by Infomaniak. Switzerland is recognised by the European Commission as providing an adequate level of data protection.

Limited data is processed by service providers in the EU (Scaleway for email delivery in France, DeepL for translation in Germany) and the US (Cloudflare for bot protection, Stripe for payment processing). Where data is processed outside Switzerland, it is either covered by EU adequacy decisions or by appropriate safeguards including Standard Contractual Clauses (SCCs).

No Health Data is transferred outside of Switzerland. Email delivery and payment processing involve only the minimum data necessary for those specific functions.

9. Data Retention

  • Account data: Retained while your account is active. Permanently deleted when you delete your account.
  • Health Data: Retained while your account is active. Permanently deleted when you delete your account.
  • Security logs: Retained for 90 days for security and fraud prevention. User identity is anonymised when an account is deleted; the log entries are retained for audit purposes.
  • Payment records: Retained for 10 years as required by Swiss accounting law (Obligationenrecht Art. 958f).
  • Anonymised analytics: Retained indefinitely (not linked to individuals).

10. Your Rights

Under Swiss law and the GDPR, you have the right to:

  • Access: Request a copy of all personal data we hold about you
  • Rectification: Correct inaccurate personal data via your profile settings
  • Deletion: Permanently delete your account and all associated data through the self-service deletion feature in your account preferences. Deletion is immediate and irreversible.
  • Data portability: Receive your data in a structured, machine-readable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interest
  • Withdraw consent: Withdraw consent at any time (without affecting prior processing). You can withdraw practitioner data sharing by unlinking your practitioner at any time.

To exercise these rights, contact us at [Email Address] or use the self-service options in your account settings. We will respond within 30 days.

11. Cookies

We use only essential cookies necessary for the Service to function:

  • Session cookie: Maintains your login session (HTTP-only, Secure, SameSite=Lax). Expires on session close or after the configured idle timeout.
  • Language preference: Remembers your selected language
  • Cloudflare Turnstile: A temporary cookie used during bot verification on login and registration forms

We do not use advertising cookies, tracking pixels, or third-party analytics cookies. No cookie consent banner is required as we use only strictly necessary cookies.

12. Multi-Factor Authentication

We offer optional multi-factor authentication (MFA) using time-based one-time passwords (TOTP) to protect your account. MFA secrets are stored securely and recovery codes are hashed. We strongly recommend enabling MFA, particularly for practitioner accounts that have access to client Health Data.

13. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal data from children under 18. If we become aware that we have collected data from a child under 18 without parental consent, we will delete it promptly. The food sensitivity assessment includes a safety screening question regarding age; recommendations for restrictive diets are not made for users under 18.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email at least 30 days before they take effect. The "Last updated" date at the top of this page indicates the most recent revision.

15. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

  • The Swiss Federal Data Protection and Information Commissioner (FDPIC): edoeb.admin.ch
  • For EU residents: your local data protection supervisory authority

16. Contact

For privacy-related enquiries:

[Company Name]
Data Protection Officer: [DPO Name]
[Address]
Zürich, Switzerland
Email: [DPO Email]

© 2026 Food Triggers — Zürich, Switzerland

About Terms of Service Privacy Policy