Privacy Policy

Mapfolio Privacy Policy - How we collect, use, and protect your data

Last Updated: November 7, 2025

Introduction

Mapfolio ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

Information We Collect

Information You Provide

  • Account Information: Email address, name, password (encrypted)
  • Profile Information: Optional profile details you choose to provide
  • Payment Information: Processed securely through our payment provider (we don't store credit card details)
  • Communications: Messages you send to our support team

Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent on platform
  • Device Information: Browser type, operating system, IP address
  • Cookies: See our Cookie Policy for details
  • Search Queries: Companies you search for and view

Company Data

We collect and display publicly available company data from official Swiss commercial registries. This data is public information and not personal data.

How We Use Your Information

We use your information to:

  • Provide Services: Deliver and maintain our platform
  • Improve Experience: Personalize and enhance your user experience
  • Communication: Send service updates, security alerts, and support messages
  • Analytics: Understand usage patterns and improve our service
  • Security: Detect and prevent fraud, abuse, and security incidents
  • Legal Compliance: Comply with legal obligations and enforce our terms

Legal Basis for Processing (GDPR)

We process your data based on:

  • Consent: You've given explicit consent for specific purposes
  • Contract: Processing is necessary to fulfill our service agreement
  • Legal Obligation: We must process data to comply with laws
  • Legitimate Interest: Processing benefits you and doesn't override your rights

Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

Service Providers

  • Hosting: Vercel (infrastructure)
  • Database: Supabase (data storage)
  • Analytics: Privacy-focused analytics tools
  • Payment Processing: Stripe (payment handling)

All providers are contractually obligated to protect your data.

Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights and safety.

Business Transfers

If Mapfolio is acquired or merged, your information may be transferred to the new entity.

Data Retention

  • Account Data: Retained while your account is active
  • Usage Data: Retained for 2 years for analytics
  • Deleted Accounts: Data deleted within 30 days of account deletion
  • Legal Requirements: Some data retained longer if required by law

Your Rights

Under GDPR and Swiss data protection law, you have the right to:

Access

Request a copy of your personal data

Rectification

Correct inaccurate or incomplete data

Erasure

Request deletion of your data ("right to be forgotten")

Restriction

Limit how we process your data

Portability

Receive your data in a portable format

Objection

Object to processing based on legitimate interests

Withdraw Consent

Withdraw consent at any time (doesn't affect prior processing)

To exercise these rights, contact us at privacy@mapfolio.com.

Data Security

We implement industry-standard security measures:

  • Encryption: Data encrypted in transit (TLS) and at rest
  • Access Controls: Strict access limitations to personal data
  • Authentication: Secure password hashing and optional 2FA
  • Monitoring: Continuous security monitoring and logging
  • Backups: Regular encrypted backups
  • Audits: Regular security assessments

International Data Transfers

Your data is primarily stored in Switzerland and the EU. If transferred outside these regions, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Privacy Shield certification (where applicable)
  • Other approved transfer mechanisms

Children's Privacy

Mapfolio is not intended for users under 16. We don't knowingly collect data from children. If we discover we've collected such data, we'll delete it promptly.

Cookies and Tracking

We use cookies and similar technologies. See our Cookie Policy for details.

You can control cookies through your browser settings.

Third-Party Links

Our service may contain links to third-party websites. We're not responsible for their privacy practices. Review their privacy policies before providing information.

Changes to This Policy

We may update this policy periodically. We'll notify you of significant changes via:

  • Email notification
  • Prominent notice on our website
  • In-app notification

Continued use after changes constitutes acceptance.

Contact Us

Questions about this Privacy Policy?

Email: privacy@mapfolio.com
Mail: Mapfolio Privacy Team, Zürich, Switzerland

Data Protection Officer

For GDPR-related inquiries:

Email: dpo@mapfolio.com

Supervisory Authority

You have the right to lodge a complaint with your local data protection authority:

Switzerland: Federal Data Protection and Information Commissioner (FDPIC)
EU: Your local Data Protection Authority

Specific Provisions

Swiss Users

We comply with the Swiss Federal Act on Data Protection (FADP).

EU Users

We comply with the General Data Protection Regulation (GDPR).

California Users

See our California Privacy Notice below.

California Privacy Notice

Under the California Consumer Privacy Act (CCPA), California residents have additional rights:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale of personal information
  • Right to deletion
  • Right to non-discrimination

We do not sell personal information.

To exercise CCPA rights, contact privacy@mapfolio.com.

This policy is effective as of November 7, 2025. Previous versions are available upon request.