Privacy Policy

Last updated: April 2026

1. Introduction

This Privacy Policy explains what personal data we collect, how we use it, and your rights. The data controller for the Service is the owner of moat.ch, based in Zurich, Switzerland ("we", "us", "our"). Formal company registration is pending — contact support@moat.ch for the current legal operator details.

2. Data We Collect

Account Information

When you create an account, we collect your email address and name. If you sign in with Google, we receive your name, email, and profile picture from Google.

Usage Data

We collect anonymous usage data such as pages visited, features used, and performance metrics to improve the Service.

Payment Information

Payment processing is handled by a third-party payment provider acting as our Merchant of Record. We do not store your credit card details, billing address, or other financial information. We receive only transaction confirmations and subscription status from the payment provider.

Our payment provider acts as an independent data controller for the personal data it collects during the payment process (such as your name, email, billing address, and payment method details). Their use of your data is governed by their own privacy policy.

3. How We Use Your Data

  • To provide and maintain the Service
  • To manage your account and subscription
  • To send transactional emails (account confirmations, billing receipts)
  • To improve the Service based on usage patterns
  • To comply with legal obligations

4. Data Sharing

We do not sell your personal data. We share data only with:

  • Payment provider (Merchant of Record) — acts as an independent data controller for payment processing, billing, invoicing, sales tax, and refunds. We share your name and email to facilitate transactions and subscription management.
  • Authentication provider — to manage account login and identity verification
  • Infrastructure providers — to host and operate the Service
  • Legal authorities — when required by law

5. Data Storage and Security

Your data is stored on servers in the European Union (Germany). We use encryption in transit (TLS) and at rest. Access to production systems is restricted to authorized personnel.

6. Your Rights

Under the EU/EEA General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP), you have the following rights regarding your personal data:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to processing of your data
  • Withdraw consent at any time

To exercise these rights, contact us at support@moat.ch.

7. Cookies

The landing site uses no cookies. The application (app.moat.ch) uses essential session cookies required for authentication. We do not use tracking or advertising cookies.

8. Data Retention

We retain your account data for as long as your account is active. After account deletion, we remove your personal data within 30 days, except where retention is required by law.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email. The "last updated" date at the top reflects the most recent revision.

10. Contact

For privacy-related questions, contact us at support@moat.ch.