Privacy Policy
Last updated: 14.05.2026
Compliant with the Swiss Federal Act on Data Protection (nFADP) and the EU/EEA General Data Protection Regulation (GDPR).
1. Purpose
This Privacy Policy describes how IntimX collects, processes, stores and protects your personal data when you use the Service accessible at intimx.ch. It applies to all users (members, providers, establishments), whether or not they hold an account. Terms defined in the Terms of Use apply by reference.
2. Data Controller
The data controller within the meaning of Art. 5(j) nFADP and Art. 4(7) GDPR is: N.JULIEN Sion (VS), Switzerland Trade name: Artenic Data protection contact: privacy@intimx.ch The Publisher has not appointed a Data Protection Officer (DPO) within the meaning of Art. 10 nFADP, as this appointment is not mandatory. For any questions relating to your data, contact privacy@intimx.ch directly.
3. Legal Bases for Processing
Data processing by IntimX is based on the following legal grounds: — Performance of a contract (Art. 6(1)(b) GDPR / Art. 31(1) nFADP): registration, account management, messaging, subscriptions, billing. — Legitimate interests (Art. 6(1)(f) GDPR / Art. 31(1) nFADP): Service security, fraud prevention, aggregate statistics, Service improvement. — Legal obligation (Art. 6(1)(c) GDPR / Art. 31(1) nFADP): retention of transaction data (CO Art. 958f), cooperation with authorities. — Consent (Art. 6(1)(a) GDPR / Art. 31(1) nFADP): analytics cookies, push notifications, marketing communications.
4. Data Collected
Registration data: — All roles: email address, password (Argon2id hashed, never stored in plain text), display name, preferred language, timestamps for Terms and Privacy acceptance. — Member and Provider: date of birth (18+ verification). — Provider: category, service type, biography, physical attributes, rates, opening hours, public contact details. — Establishment: category, business metadata, public contact details, social links. Usage data: — Access logs: IP address, user agent, geolocation (city, country) — retained for 90 days. — Sessions: refresh token fingerprint (SHA-256), IP and user agent hash (SHA-256), geographic context, device information (browser, OS). — Trusted devices: device fingerprint (SHA-256), device info (browser, OS, mobile). — Messaging: message content (5,000 characters max), timestamps, conversation identifiers. — Gallery: images (JPEG, PNG, WebP, HEIC, max 8 MB), file metadata. — Profile statistics: aggregate counters (views, clicks) per day — no individual visitor data. — Presence: last active timestamp (updated via WebSocket). — Push notifications (opt-in): browser-provided endpoint URL (Firebase, Mozilla Push, Apple Push), public cryptographic keys (p256dh, auth) used to encrypt notifications, subscription timestamp. Unsubscription is possible at any time from browser or account settings. Sensitive data (encrypted vault): — Identity verification (KYC, voluntary): first name, last name, date of birth, phone, address — encrypted with AES-256-GCM. — KYC documents: encrypted files stored separately. Payment data: — Stripe identifiers (customer ID, payment intent ID). IntimX never collects or stores your credit card data.
5. Cookies and Similar Technologies
IntimX uses the following cookies: Essential cookies (no consent required, Art. 45c(2) TCA): — ix_access: access token JWT. Duration: 1 hour. HttpOnly, Secure, SameSite=Strict. — ix_refresh: refresh token JWT. Duration: 7 days (30 days with "Remember me"). HttpOnly, Secure, SameSite=Lax. — ix_csrf: CSRF token. Duration: session. Accessible to JavaScript for form validation. — ix_age: age verification (Art. 197 Swiss Criminal Code). Duration: 365 days. Value: majority confirmation. Analytics cookies (with consent only): — No third-party analytics cookies are currently deployed. If an analytics service is integrated in the future, your explicit consent will be requested. You may configure your browser to refuse cookies. Refusing essential cookies makes use of the Service impossible (authentication required).
6. Purposes of Processing
Your data is processed for the following purposes: — Service provision: account creation and management, profile display, messaging between users, booking management. — Subscriptions and payments: payment processing via Stripe, activation and management of Premium/VIP subscriptions. — Security: age verification, email verification, suspicious login detection, account lockout, trusted device management. — Moderation: report processing, combating unlawful content, cooperation with authorities. — Communication: transactional emails (verification, password, subscription, booking), in-app notifications. — Statistics: aggregate profile viewing counters (views, clicks). No individual profiling. — Legal compliance: transaction data retention, audit logs, proof of consent.
7. Recipients and Processors
Your data may be shared with the following recipients: — Stripe, Inc. (San Francisco, USA): credit card payment processing. Stripe acts as joint controller for payment data. Privacy policy: stripe.com/privacy. The transfer to the USA is governed by EU Standard Contractual Clauses. — Infomaniak Network SA (Geneva, Switzerland): infrastructure hosting (servers, PostgreSQL databases, S3 object storage, transactional email service). All data is hosted in Switzerland. — GeoIP (local database): geolocation resolution (city, country) from IP addresses. No data transmitted to third parties — the database is embedded in the application. — Telegram (optional): admin alert notifications for security events. No user data is transmitted. — Competent authorities: upon lawful request under Swiss law. IntimX never sells, rents or shares your personal data for advertising or commercial purposes.
8. International Transfers
All data processed by IntimX is hosted on Infomaniak infrastructure in Switzerland. No systematic transfer of data outside Switzerland takes place. Exception: payment data is transmitted to Stripe, Inc. in the United States. This transfer is governed by Standard Contractual Clauses (SCCs) adopted by the European Commission and recognised by the FDPIC as providing an adequate level of protection (Art. 16(2)(d) nFADP).
9. Retention Periods
Active account: your data is retained for the duration of your registration. Account deletion: a 30-day grace period applies (cancellable). Upon expiry, the account is closed and data is processed as follows: — Encrypted identity data (vault): purged 3 years after closure (nFADP Art. 31(1)(c)). — KYC documents: deleted 3 years after closure (files and encrypted columns). — Transaction data (subscriptions): retained 10 years (CO Art. 958f). — Access logs (IP, user agent, geo): purged after 90 days. — Sessions: deleted upon expiry (7 or 30 days) or revocation. — KYC audit log: retained indefinitely (compliance proof, nFADP Art. 32). — Consent log: retained indefinitely (proof of consent, nFADP Art. 6(7) / GDPR Art. 7(1)). — Administrative actions: retained indefinitely (legal evidence).
10. Security Measures
IntimX implements the following technical and organisational measures: — Three-database architecture: application data (public), sensitive data (encrypted vault) and system data are physically separated. — Encryption at rest: personally identifiable data (first name, last name, date of birth, phone, address) is encrypted with AES-256-GCM in the vault. — Password hashing: Argon2id (64 MB memory, 3 iterations, OWASP 2023+ compliant). Compromised passwords (HIBP database) are rejected. History of the last 5 passwords to prevent reuse. — Token hashing: refresh tokens are stored as SHA-256 hashes (never in plain text). — Transport: mandatory HTTPS (TLS 1.3), Secure cookies. — CSRF: CSRF token on all mutative actions. — Account lockout: progressive mechanism (15 min, 1 h, 24 h, administrator lock). — Enhanced authentication: optional Passkey/WebAuthn support. — Device trust: SHA-256 hashed device fingerprint, email OTP verification for unrecognised devices. — Access control: PostgreSQL Row-Level Security (RLS) on all tables containing user data. — Audit logging: immutable (append-only) logs for KYC actions, consent and administrative actions.
11. Your Rights
Under the nFADP (Art. 25-29) and the GDPR (Art. 15-22), you have the following rights: — Right of access: obtain a copy of your personal data. — Right to rectification: correct inaccurate or incomplete data. — Right to erasure: request deletion of your data (subject to legal retention obligations). — Right to data portability: receive your data in a structured, machine-readable format (see Art. 12). — Right to object: object to processing based on legitimate interests. — Right to withdraw consent: withdraw your consent at any time (without affecting the lawfulness of prior processing). To exercise your rights, send an email to privacy@intimx.ch stating your identity and the right you wish to exercise. We respond within 30 days (nFADP) or 30 days, extendable to 90 days in complex cases (GDPR). You have the right to lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern, Switzerland (edoeb.admin.ch).
12. Data Portability
IntimX provides a data export function from your account settings. The export includes: — Account data: identifier, email, role, language, registration and closure dates. — Profile: display name, biography, preferences, privacy settings. — Messages: conversation history (limited to recent entries). — Bookings, reviews, favourites, support tickets. — Subscriptions: subscription history. — Consents: acceptance and withdrawal history. — Active sessions: geographic context and device. The export requires password re-verification (within the last 5 minutes) and is limited to one request per 24 hours. Data is provided in structured JSON format.
13. Protection of Minors
IntimX is intended exclusively for persons aged 18 or over. In accordance with Art. 197 Swiss Criminal Code, an age gate is presented on every first access. IntimX does not knowingly collect personal data from minors. If we learn that a minor has created an account, it will be immediately suspended and the data deleted. Any report of content involving a minor is treated with absolute priority via legal@intimx.ch.
14. Policy Amendments
The Publisher reserves the right to amend this policy at any time. Registered users will be informed of any material amendment by email or on-platform notification, at least 30 days before it takes effect. The date of the last update is indicated at the top of this document. Previous versions are available upon request at support@intimx.ch.
15. Contact
For any questions regarding the protection of your personal data: Data controller: N.JULIEN Contact: privacy@intimx.ch For general enquiries or support: support@intimx.ch For urgent reports (authorities, minors): legal@intimx.ch Supervisory authority: Federal Data Protection and Information Commissioner (FDPIC) Feldeggweg 1, 3003 Bern, Switzerland edoeb.admin.ch