Last updated: 28 June 2026
This Privacy Policy explains how we collect, use, and protect your personal data when you use the LookupSwiss validation API and website. It is written to comply with the Swiss Federal Act on Data Protection (FADP / nDSG) and the EU General Data Protection Regulation (GDPR).
The data controller is [Ivan Laginestra], located in [Aargau], Switzerland. For any data-related request, contact: laginestraivan3@gmail.com.
We collect only what we need to operate the service:
We process this data to (a) create and manage your account, (b) deliver the validation API, (c) bill you and handle subscription management via Stripe, (d) send transactional and contact emails via Resend, (e) detect abuse and protect the platform from fraud.
Under Art. 6 GDPR (and equivalent FADP provisions):
We rely on the following sub-processors to operate the service. All have signed Data Processing Agreements and, where applicable, EU Standard Contractual Clauses (SCCs):
Phone numbers and email addresses submitted to the validation API are processed in memory and NOT stored long-term. API usage logs (counts, timestamps, IPs) are retained for a maximum of 90 days, then automatically deleted. Account data is kept for the lifetime of your account and deleted on request (subject to Swiss accounting retention rules for invoices).
Data is hosted in the EU wherever possible. Transfers to the USA (Stripe, Resend, Twilio) are protected by Standard Contractual Clauses (SCCs).
You have the right to (a) access your personal data, (b) request correction of inaccurate data, (c) request deletion (the right to be forgotten), (d) request data portability in a machine-readable format, (e) object to processing or restrict it, (f) lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or your local EU supervisory authority.
We use only essential cookies (authentication session) and one consent cookie. No advertising cookies, no third-party trackers.
For any access, deletion, or portability request, write to: laginestraivan3@gmail.com. We respond within 30 days as required by Art. 12(3) GDPR.
We will post any material changes here and notify account holders by email at least 14 days before they take effect.