SWISSLUXEENGINE
Last updated: April 2026 · Effective: January 2026
SwissLuxe Engine operates under the principle of minimum data. We collect only information necessary to provide the service: session identifier, type of document processed (without content), and usage metadata for billing. We never collect the content of processed documents beyond the active session.
Source files are hard-deleted within 60 minutes of job completion. Processing receipts (hash, timestamp, word count) retained for audit. Generated dossiers persist encrypted (AES-256-GCM) under partner isolated schema and are deletable on-demand via /api/dossier/[id] DELETE endpoint.
All data in transit is protected with TLS 1.3. Data at rest uses AES-256-GCM. Encryption keys are managed under strict Swiss security protocols. We never store third-party keys (Twilio, client API keys) in plain text.
EU infrastructure: Supabase Frankfurt EU-Central-1 primary data layer, Vercel Edge Functions at European PoPs (Frankfurt, Amsterdam, Dublin). Zero routing through US-East or Asia-Pacific for European clients.
Under the General Data Protection Regulation, you have the right to: access your personal data, rectification, erasure ("right to be forgotten"), portability, and objection to processing. To exercise these rights: info@swissluxe-engine.com.
We use only technically necessary cookies for service operation (session, authentication). We do not use tracking, advertising or third-party analytics cookies. See our Cookie Policy for details.