Privacy Policy
Last updated: March 5, 2026
Your privacy matters to us. This policy explains how Jobfoto collects, uses, and protects your data.
1. What We Collect & How We Protect It
Your Photos
When you upload photos to create headshots, we collect your selfies and use them to train an AI model specific to you. This model helps generate professional headshots that look like you. We process this data to fulfill our contract with you (Art. 6(1)(b) GDPR). We never sell your photos or use them for marketing without your consent.
Account Info
We collect your email address to manage your account and send transactional emails about your orders (e.g. order confirmations, generation updates). We process this data to fulfill our contract with you (Art. 6(1)(b) GDPR). You sign in via Google or a magic link - we do not store passwords.
Payment Details
Payment information is handled by Stripe to fulfill our contract with you (Art. 6(1)(b) GDPR). We don't store your credit card details.
Usage Data
We collect basic analytics like page views and device info to improve our service, based on our legitimate interest (Art. 6(1)(f) GDPR). To measure the effectiveness of our ads, we send a hashed (anonymized) version of your email and purchase amount to Google Ads server-side after a purchase, based on your consent (Art. 6(1)(a) GDPR). No tracking cookies or scripts are placed on your device for this purpose. You can of all tracking.
Security
All data is encrypted in transit, we use passwordless authentication (Google or magic link), and we apply regular security updates to keep your data safe. These measures are based on our legitimate interest in protecting your data (Art. 6(1)(f) GDPR).
2. Service Providers
We work with trusted service providers to deliver our services. Your data is shared only as needed for these specific purposes.
| Provider | Purpose | Location |
|---|---|---|
| Hetzner | Cloud compute and image storage | EU |
| Infomaniak | Cloud compute and backup storage | CH |
| Cloudflare | Web application firewall, image storage | EU |
| fal.ai | AI model training and image generation | US |
| Stripe | Payment processing | US |
| Brevo | Email processing | EU |
| PostHog | Product analytics | EU |
| Pirsch Analytics | Privacy-focused web analytics | EU |
| Sentry | Bug tracking | EU |
| Google Ads | Ad conversion measurement (server-side only, no cookies) | US |
For providers located outside Switzerland and the EEA (marked US above), we rely on the EU-US Data Privacy Framework or Standard Contractual Clauses (SCCs) to ensure an adequate level of data protection.
3. Your Data & Rights
You are in control of your data at all times. Here is what you can do:
- Delete your photos, AI model, and generated images anytime
- Close your account (all data deleted within 30 days)
- of product analytics and ad conversion tracking
- Request a copy of all your personal data at any time
How Long We Keep Data
All uploaded photos, AI models, and generated headshots are automatically deleted after 30 days or immediately upon request. They may remain for up to 14 days in an encrypted offline backup system after deletion.
Payment records are kept for 10 years for tax compliance.
4. Legal Compliance
We comply with FADP (Switzerland) and GDPR (Europe) privacy laws. Under these regulations, you have the following rights:
- Access: Request a copy of the personal data we hold about you
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your data when it is no longer needed
- Restriction: Request that we limit how we process your data
- Portability: Receive your data in a standard format to transfer elsewhere
- Objection: Object to processing based on legitimate interests
- Withdraw consent: Revoke any previously given consent at any time
- Complaint: File a complaint with a data protection authority (in Switzerland: FDPIC)
To exercise any of these rights, contact us at [email protected]
Jobfoto is for users 18 and older only.
5. Data Breach Notification
In the event of a data breach that affects your personal data, we will notify you within 72 hours of becoming aware of the incident. We will inform you about what data was affected, the potential consequences, and the measures we are taking to address it.
6. Changes to This Policy
We'll notify you by email if we make significant changes. Continued use means you accept the updates.
7. Contact Information
Jobfoto is operated by Siegenthaler Informatik, owned by Loris Siegenthaler.
Business address:
Siegenthaler Informatik
Ackersteinstrasse 11
8049 Zürich
Switzerland
Business owner: Loris Siegenthaler
Business type: Sole proprietorship
Company UID: CHE-234.330.548
VAT: Not subject to VAT
Contact: [email protected]