Privacy Policy
How we process personal data for Juxto.
Controller: AIVELON Niklas Eulitz, Scheibenackerstr. 16, 9000 St.Gallen, Switzerland.
Data protection contact: aivelon.ch@gmail.com.
Juxto is a B2B service. Individuals access the platform only on behalf of a customer organization.
For account administration, billing, and security logs we act as the controller. For customer workspace content we act as a processor under the DPA.
Account data (name, email), workspace membership and roles, authentication events, billing metadata, and support or feedback submissions.
Workspace content you upload or create: subject records, case records, images, and derived metadata such as capture time, device details, dimensions, and optional GPS if present in EXIF.
Automatically collected: IP address, device and browser details, timestamps, and security logs.
We process data to provide and secure the platform, authenticate users, deliver support, and process billing.
Legal bases (Art. 6(1) GDPR): performance of contract, legitimate interests (security and abuse prevention), legal obligations (tax and audit), and consent where required for cookies.
Share links allow public access to selected content without login. Anyone with the link token can access the content until the link expires or is revoked.
Access events may be logged for security and abuse prevention. Customers are responsible for lawful sharing and for setting appropriate scope and expiry.
Primary hosting and data storage run on self-hosted infrastructure at netcup in Nuremberg, Germany.
Subprocessors used for specific functions include netcup (hosting infrastructure), Stripe (payments), Resend (transactional email), and Google Places (billing address autocomplete).
Transfers outside the EEA or Switzerland rely on SCCs or adequacy decisions. See the Subprocessor List for details.
We use essential cookies for authentication and security, plus a consent cookie for your preferences.
We do not use analytics or marketing cookies by default.
You can manage cookie preferences in the Cookie Notice or in your browser settings.
Workspace content is retained until deleted by the customer or account closure. Backups follow rolling schedules.
Billing records are retained for statutory periods.
We maintain technical and organizational measures; see Security & TOMs.
For workspace content, data subject requests should be directed to the customer as controller; we provide assistance as required.
Where we act as controller, you have rights to access, rectification, erasure, restriction, portability, objection, and withdrawal of consent. Contact aivelon.ch@gmail.com.
Complaints: EU users may contact their local supervisory authority; Switzerland: FDPIC.