Planck Security

Privacy Policy

Last updated: 2025-12-26

This Privacy Policy explains how Global Innovator Fund (CHE-114.042.614) ("we", "us") processes personal data in connection with the Planck Security website and services (including the Planck Manage web app) available at plancksecurity.com (the "Services").

Planck Security is a brand name. The legal entity behind the brand is Global Innovator Fund, Seestrasse 16, 8702 Zollikon, Switzerland.

1. Controller and contact

Controller: Global Innovator Fund (CHE-114.042.614), Seestrasse 16, 8702 Zollikon, Switzerland

Contact: privacy@plancksecurity.com

2. Scope of data we process

Depending on how you use the Services, we may process:

  • Account and organization data (e.g., name, email address, role, organization identifiers)
  • Verification and operational data (e.g., verification requests, status, timestamps, metadata)
  • Security and log data (e.g., IP address, device/browser information, audit logs, error logs)
  • Billing data (e.g., subscription status, Stripe customer/subscription IDs; we do not store full payment card details)
  • Support and communications (e.g., messages you send us and related metadata)

3. Purposes and legal bases

We process personal data for the following purposes:

  • Providing and operating the Services (e.g., authentication, organization management, verification flows)
  • Security, abuse prevention, and auditing (e.g., detecting malicious activity, maintaining audit trails)
  • Customer support and service communication
  • Billing and contractual administration
  • Improving and maintaining the Services (e.g., troubleshooting, performance analysis)

Where applicable, we rely on Swiss data protection law and (for EU/EEA users) GDPR legal bases such as performance of a contract, legitimate interests, and legal obligations.

4. Sharing and processors

We share personal data only as necessary to operate the Services, including with:

  • Clerk (authentication and organization membership management)
  • Stripe (subscription billing and payment processing)
  • Cloud/hosting and infrastructure providers (to host and operate the Services)

These providers act as processors (or independent controllers where applicable) and are subject to appropriate contractual and technical safeguards.

5. International transfers

Your data may be processed in countries outside Switzerland, including the EU/EEA and the United States, depending on where our service providers operate. Where required, we use appropriate safeguards such as standard contractual clauses and other measures.

6. Retention

We retain personal data only as long as necessary for the purposes described above, including:

  • while your account or organization is active;
  • as required for security and auditability;
  • as required by applicable law (e.g., accounting or tax retention obligations).

7. Security

We implement appropriate technical and organizational measures to protect personal data, including access controls, logging, and encryption where appropriate. No method of transmission or storage is completely secure, but we strive to use industry-standard safeguards.

8. Cookies and similar technologies

We may use essential cookies and similar technologies to operate the Services (e.g., session and language preference). You can control cookies through your browser settings; however, some functionality may not work properly without essential cookies.

9. Your rights

Depending on your location, you may have rights such as:

  • access to your personal data;
  • correction of inaccurate data;
  • deletion, restriction, or objection (where applicable);
  • portability (for EU/EEA users where applicable).

To exercise your rights, contact us at privacy@plancksecurity.com. We may need to verify your identity.

10. Changes

We may update this Privacy Policy from time to time. We will post the updated version on this page and change the "Last updated" date.