How we handle your data

Docpass is a product of Leptis Studio, based in Zürich, Switzerland. We are the data controller for personal information processed through docpass.io. Contact: hello@docpass.io.

We process the following categories of data:

• Account data. Your work email address (for authentication), your name and firm name (used as the From-name on outgoing supplier emails).
• Project data. Canton, gemeinde, project type, building use, heat source, project name, timestamps.
• Supplier contacts. Names, work emails, and optional phone/role for suppliers you add to your project. You certify that you are entitled to share these contacts with us for this purpose.
• Documents. PDFs uploaded by your suppliers via the per-supplier upload link, plus the technical fields our extraction pipeline pulls from them (U-values, fire class, etc.).
• Activity log. Timestamps of events within your project (supplier added, request sent, document uploaded, document validated).
• Cookies. One strictly-necessary cookie (docpass-locale) stores your language preference. Authentication uses session cookies set by our auth provider. We don't use tracking cookies — analytics is cookieless.

• To deliver the product — generate your checklist, contact suppliers, validate uploads, build your dossier.
• To send transactional emails (magic links, supplier upload requests, notifications when a supplier uploads).
• To run document extraction + validation against canton rules — the core service.
• To measure aggregated funnel performance (anonymous, no PII) so we can improve the product.

Legal basis (GDPR Art. 6): performance of contract for service delivery, legitimate interest for anonymous analytics, consent for any optional feature we add in future.

We rely on the following sub-processors. Each handles only what the product needs to function.

• Supabase (hosting region: EU-Frankfurt) — account, database, document storage.
• Resend (USA, EU-aware sending) — transactional email delivery (magic links, supplier requests, notifications).
• Anthropic(USA / EU regions per their policy) — LLM-based PDF extraction. PDFs are sent to the Claude API for parsing; Anthropic doesn't train on this data per their commercial terms.
• Vercel (global edge, EU regions where possible) — hosting + cookieless analytics.

We use the EU Standard Contractual Clauses (SCCs) with all sub-processors that may handle data outside Switzerland or the EEA.

Account data and project data: as long as your account exists. Documents: until you delete them from your workspace or your account is closed.

Email logs (Resend): typically 30 days, then purged. Analytics events: aggregated, no individual records retained beyond 12 months.

Under Swiss nDSG and EU GDPR you have the right to:

• Access the data we hold about you
• Correct inaccurate data
• Delete your data (right to be forgotten)
• Export your data in a portable format
• Object to processing or restrict it
• Lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland, or your local supervisory authority in the EU

To exercise any of these, email hello@docpass.io. We respond within 30 days.

All connections to docpass.io use HTTPS. Data at rest in our database and storage buckets is encrypted. Authentication is via magic links — we never store your password (we don't use passwords). The service-role key that bypasses row-level security is kept in environment variables and never shipped to the browser.

We may update this notice as the product evolves. Material changes will be announced to all account holders at least 30 days before they take effect. The "last updated" date above tells you the version in effect.