Privacy Policy

1. Controller

The controller responsible for processing is Igor Jovicic, Ch. des Truits 29, 1867 Ollon, Switzerland, email hello@regista.ch. Full provider details are in our Impressum.

2. Personal data we process

a) When you create an account or contact us

• Your email address (required to sign in)
• The companies and people you choose to save to your watchlist
• Any message you send us

b) When you are a Pro subscriber

• Account details (email) and your saved-search / watchlist settings
• Subscription and billing status. Payments are processed by Stripe; we do not receive or store your card details
• Email engagement metadata, whether an alert email was delivered, opened, or a link was clicked (via our email provider, Resend)

c) Technical data

Our hosting provider processes standard server logs (e.g. IP address, timestamp, requested URL) to deliver and secure the site. We do not use advertising or third-party analytics tracking cookies.

3. Company and officer register data

Our core service makes the public Swiss commercial register (Zefix / SOGC) searchable. This is official open government data. Alongside companies, the register publishes the names and roles of the natural persons connected to them: members of the board, managing officers, signatories and the owners of sole proprietorships. Regista compiles these published names into a searchable index of people and their mandates, covering tens of thousands of individuals, derived from SOGC publication text and matched by name.

We process this data on the basis of an overriding legitimate interest in providing a business-information service from a publicly accessible official source. Person profiles are not indexed by search engines. Because the information is derived from published register text and matched by name, it may be incomplete or out of date (for example, it can still list a person who has since resigned), so it is not a substitute for an official register extract.

If you are named in such an entry, you can object to the processing or request correction or removal of your details from our copy by emailing hello@regista.ch. We will assess the request and, where appropriate, correct or remove your details and suppress your profile from search and the relationship graph (the official register itself is unaffected).

4. Why we process data & legal bases

• To provide the service (send the samples and digests you request), performance of a contract / pre-contractual steps and your consent (Art. 6(1)(a),(b) GDPR; Art. 31 FADP).
• To operate, secure and improve the service and to compile register data, legitimate interests (Art. 6(1)(f) GDPR).
• To comply with legal obligations (e.g. accounting), Art. 6(1)(c) GDPR.

5. Processors & recipients

We share data only with service providers that process it on our behalf:

• Supabase: database storage (hosted in the EU, Frankfurt).
• Vercel: website hosting and delivery.
• Stripe: payment processing and subscription billing. Stripe handles your card details directly; we do not store them.
• Resend: sending alert and digest emails and measuring delivery, opens and clicks.
• Anthropic (via the Vercel AI Gateway): generating AI summaries, translations and natural-language search over public company-register text. Only public register text and your query are sent; your account details are never sent to the LLM.

We do not sell personal data. Where data is transferred outside Switzerland/the EEA, we rely on adequacy decisions or EU Standard Contractual Clauses.

6. Retention

We keep subscriber data for as long as your account is active and for a reasonable period afterwards, and sample-request (lead) data for up to 24 months unless you ask us to delete it sooner. Email engagement logs are retained for service analytics and then aggregated or deleted.

7. Your rights

You have the right to access, rectify, delete, restrict, and port your data, and to object to processing based on legitimate interests. Every digest email includes a one-click unsubscribe link, and you can withdraw consent at any time. To exercise any right, email hello@regista.ch.

You may also lodge a complaint with a supervisory authority, in Switzerland the Federal Data Protection and Information Commissioner (FDPIC), or in the EU your local data protection authority.

8. Security

Data is transmitted over TLS and stored with access restricted to the service. We apply appropriate technical and organisational measures to protect it against loss, misuse, and unauthorised access.

9. Changes

We may update this policy as the service evolves. Material changes will be reflected by the “last updated” date above and, where required, communicated to subscribers.