Recensio
← Home

Privacy Policy

Last updated: 12 June 2026

This Privacy Policy explains how Recensio, operated by [Full name], [address], Switzerland, as a private individual ("we", "us"), collects and processes personal data when you use our website and service. We act as data controller for the data described below, in accordance with the Swiss Federal Act on Data Protection (FADP) and, where it applies to users in the European Union, the EU General Data Protection Regulation (GDPR).

1. Data we collect

Account data: your name, email address, password (stored in hashed form by our infrastructure provider) and account settings.

Google Business Profile data: when you connect your profile, we access your business information, locations and reviews, and the permission to post replies on your behalf, using the access granted to us via Google. We store the related authorisation tokens securely.

Reviews and replies: the content of reviews we read and of the replies drafted or published.

Customer feedback: ratings and optional messages submitted by your customers through your QR/collection page. We process this on your behalf.

Billing data: subscription status and customer identifiers from Stripe. Card details are handled directly by Stripe; we do not store full card numbers.

Usage and technical data: log data, IP address, device and browser information, and cookies.

Communications: information you send us, for example via the contact form (name, email, message).

2. How and why we use data

To provide and operate the Service (create your account, connect Google, collect reviews, generate replies, reports and insights); to process payments and manage subscriptions; to send service and notification emails; to secure the Service and prevent abuse; to measure and understand how our website is used (analytics); to comply with legal obligations; and to improve the Service.

3. Legal bases and lawfulness

We process personal data lawfully, in good faith and proportionately, in line with Swiss data protection law. Where the GDPR applies, we rely on: performance of our contract with you (to provide the Service); our legitimate interests (security, prevention of abuse, improving the Service); your consent where required; and compliance with legal obligations (for example accounting and tax).

4. AI processing

To generate review replies, performance reports and competitor insights, relevant text (such as review content) is processed by our AI provider, Anthropic (Claude). This is done to provide the feature you requested. We do not use this content to train models.

5. Service providers and sub-processors

We share data with providers who process it on our behalf under appropriate agreements: Supabase (database, authentication, hosting), Stripe (payments), Google (Business Profile API and Google Analytics for website usage statistics), Anthropic (AI generation), Resend or MailerSend (transactional email), and Cloudflare (anti-spam on the contact form). Each processes data only as needed to provide its function.

6. International transfers

Some providers may process data outside Switzerland or the European Economic Area. Where this happens, we rely on appropriate safeguards, such as the European Commission's Standard Contractual Clauses together with the Swiss addendum recognised by the FDPIC, or transfers to countries recognised as providing adequate protection.

7. Retention

We keep account and service data for as long as your account is active and for a reasonable period afterwards. Billing and invoicing records are kept for the period required by applicable Swiss tax law. Backups are deleted on a rolling basis. You can request deletion as described below.

8. Your rights

Under Swiss data protection law and, where applicable, the GDPR, you have the right to access your data and to obtain information about its processing, and to rectify, erase, restrict or object to the processing, as well as the right to data portability. Where processing is based on consent, you can withdraw it at any time.

To exercise these rights, contact hello@recensio.io. You also have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) and, if you are in the EU, with your local supervisory authority.

9. Cookies

We use essential cookies for authentication and session management (via Supabase) and a cookie that remembers your language preference. On the contact page, Cloudflare Turnstile may set a cookie to tell humans from bots.

We also use Google Analytics to understand how visitors use our website — for example which pages are viewed and general usage patterns — in aggregated form. Where required by law, these analytics cookies are set only with your consent, which you can withdraw at any time. We do not use cookies for advertising.

10. Security

We apply reasonable technical and organisational measures to protect your data, including encryption in transit, access controls and database-level row security. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

11. Children

The Service is intended for businesses and is not directed at children. We do not knowingly collect personal data from anyone under 16.

12. Changes and contact

We may update this Policy from time to time and will post the updated version with a new date. For privacy questions or requests, contact us at hello@recensio.io.

Recensio
Privacy PolicyTerms of ServiceContact
© 2026 Recensio