GDPR & Data Protection
Swiss nDSG & EU GDPR Compliance
Our Commitment to Data Protection
Stunden is fully compliant with the Swiss Federal Act on Data Protection (nDSG), effective since September 1, 2023, and the EU General Data Protection Regulation (GDPR). We are committed to transparency about how we handle your data and to upholding your rights.
Your Data Rights
Right to Access
You have the right to request a complete export of all personal data we hold about you. This includes your profile, time entries, expenses, leave requests, and activity logs.
Right to Deletion
You have the right to request the deletion of your personal data. Please note that some data may need to be retained to comply with Swiss legal obligations (e.g., payroll records for 10 years).
Data We Collect
Personal Data
- Full name and date of birth
- Email address
- Phone number
- Postal address
Usage Data
- Time tracking entries
- Expense reports and receipts
- Project assignments and activities
- Application preferences and settings
Data Retention
We retain your data only for as long as necessary to fulfill the purposes described in our Privacy Policy, or as required by law.
Retention Periods
- Account data: retained for the duration of the business relationship plus 1 year
- Time entries: retained for 5 years (Swiss employment law, Art. 46 ArGV 1)
- Financial records: retained for 10 years (Swiss Code of Obligations, Art. 958f OR)
- Activity logs: retained for 1 year for security purposes
Data Security
We employ industry-leading security measures to protect your data:
Encryption
AES-256 at rest, TLS 1.3 in transit
Access Control
Role-based permissions with multi-tenant isolation
Audit Logging
Complete activity trail for compliance
Contact Information
For any data protection inquiries or to exercise your rights, please contact our Data Protection Officer.
Data Protection Officer
Email: dpo@planme.ch
Phone: +41 44 123 45 67
Address
Stunden
Musterstrasse 123
8000 Zürich, Switzerland