Privacy Policy

Last updated: April 2026

1. Controller

Responsible for data processing on this service is:
Johannes Hubrich, Chemin des Osches 10, 1009 Pully, Switzerland.
Email: privacy@cineflow.ch

This policy applies to cineflow, including all subdomains (e.g. stream.cineflow.ch) and any connected APIs. It complies with the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR).

2. Data we process

Account data

  • Email address (used for login and essential service communication)
  • Hashed password (via bcrypt; we cannot see the original)
  • Display name
  • Organization name

Usage data

  • Stream duration per month (to enforce plan limits)
  • Storage consumption (bytes uploaded)
  • Number of rooms and review links created
  • Session logs (timestamps, IP address at login, retained up to 30 days)

Uploaded content

  • Video files and other media you upload for review
  • Timecoded comments you leave on those files
  • Live stream footage you send via SRT/RTMP (not persisted unless session recording is enabled)

Payment data

If you subscribe to a paid plan, payment is processed by Stripe. We receive a customer ID, subscription status, and masked card identifier. We never see or store your full card details. See section 5 for Stripe's role.

3. Legal basis (GDPR Art. 6)

  • Contract (Art. 6(1)(b)): account operation, file hosting, payment processing.
  • Legitimate interest (Art. 6(1)(f)): security logs, abuse prevention, service quality.
  • Consent (Art. 6(1)(a)): only if you explicitly opt in to anything beyond essential service operation (currently: nothing beyond essential).
  • Legal obligation (Art. 6(1)(c)): tax records retained for 10 years per Swiss law.

4. Where your data is stored

All operational data (accounts, comments, uploaded files, stream infrastructure) is hosted in Germany at Hetzner Online GmbH, data center Nuremberg. Your data never leaves the European Economic Area for core operations.

Backups are retained for 30 days on the same provider.

5. Subprocessors

ProcessorPurposeLocationLegal basis
Hetzner Online GmbHHosting, database, file storageGermany (EU)DPA signed, GDPR compliant
Stripe Payments Europe Ltd.Payment processingIreland (EU)DPA, SCCs for US transfer

All other service components (Supabase for auth/database, Ant Media for streaming) are self-hosted on our Hetzner infrastructure. They are software, not third-party processors. No usage analytics providers (Google Analytics, etc.) are used.

6. Retention

  • Account data: until you delete your account.
  • Uploaded files (Free tier): automatically deleted 2 days after upload.
  • Uploaded files (paid tiers): retained until you delete them or close the account.
  • Comments and review data: linked to the file, deleted with it.
  • Session logs: 30 days.
  • Backups: 30 days rolling.
  • Invoices and tax records: 10 years (Swiss obligation).

7. Your rights

Under GDPR and Swiss FADP, you have the right to:

  • Access your personal data
  • Rectify incorrect data
  • Erase your data (“right to be forgotten”)
  • Restrict processing
  • Data portability (export in machine-readable format)
  • Object to processing based on legitimate interest
  • Withdraw any consent at any time

To exercise any right, email privacy@cineflow.ch. We respond within 30 days.

You can lodge a complaint with your local supervisory authority: in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC); in the EU, your national Data Protection Authority.

8. Cookies and tracking

We use only essential session cookies required for authentication. No analytics cookies, no advertising cookies, no cross-site tracking. No consent banner needed.

9. AI training

We do not use your uploaded content, comments, or any other user data to train AI or machine learning models. We do not share your content with third parties for AI training purposes.

10. Security

All data is transmitted over TLS 1.2+ encryption. Passwords are hashed with bcrypt. Database access requires service-role keys; direct DB access is not exposed to the public internet. Production servers run with restricted SSH access and automatic security updates.

11. Changes to this policy

We may update this policy to reflect changes to our service or legal obligations. If we make substantive changes, we will notify registered users via email at least 30 days before the changes take effect.

12. Contact

For any privacy-related questions: privacy@cineflow.ch