Updated on 30th of September 2025
Transparent handling of personal data is very important to us. This data protection statement provides information on what personal data we collect, for what purpose, and to whom we pass it on. We regularly review and update this privacy policy to ensure the highest level of transparency.
If you have any questions or concerns about our protection of your data, you can always reach us by email at datenschutz@circlin.ch.
The entity responsible for data processing through this website and our app (the "Controller") is:
Circlin AG
c/o Filip Mares
Steinmatt 4
6404 Greppen
Switzerland
Supervisory authority:
Federal Data Protection and Information Commissioner (FDPIC/EDÖB)
Feldeggweg 1, 3003 Bern, Switzerland
You have the right to lodge a complaint with the FDPIC if you believe your personal data is being processed unlawfully.
If you reside in a country of the European Union, you also have the right to file a complaint with your local data protection authority in the EU.
We collect personal data when you create and use a Circlin account in the app (account creation is required to use our app) and when you browse or interact with our website. We use this data so you can utilize our services and so we can meet legal, security, and operational requirements. At times we may also ask for your consent for specific uses of data (e.g. for analytics, advertising cookies, or marketing communications).
Legal bases: We process your data primarily to perform our contract with you (i.e. to provide the Circlin services under our Terms of Service). We also process data where we have legal obligations, where you have given consent, and where we have legitimate interests - for example, maintaining platform security and fraud prevention, improving and measuring our service, or running and protecting our business - provided your interests or fundamental rights do not override those interests.
We process your data in good faith and only for the purposes set out in this privacy policy. In doing so, we ensure processing is transparent and proportionate.
If in exceptional cases we cannot fully adhere to these principles, the data processing may still be lawful if a legal justification applies. Such justifications include in particular:
If you have given us consent to process your personal data for specific purposes, we will only process your data within the scope of that consent, unless we have another legal basis to do so.
You can revoke your consent at any time, with effect for the future. This means that any data processing we have already carried out up to the point of withdrawal remains lawful, but we will cease the specific processing going forward.
In order to operate our business and provide our services, we may engage third-party companies or affiliated entities to process your data on our behalf (as "processors") or to work with us as independent controllers. Key categories of such recipients include:
We ensure that any third parties (including affiliates) that process personal data on our behalf are bound by data protection obligations. They must handle your personal data confidentially and securely. We also may be obliged to disclose personal data to government authorities or courts if required by law or legal process.
Our website and app include links or integrations that lead to our pages on social media platforms (e.g., icons linking to Facebook, Instagram, TikTok, etc.). If you choose to click on these links, you will be redirected to the respective third-party site. In doing so, that third-party (e.g., the social media platform) may receive personal data about you, such as the fact that you visited our website and clicked the link. Interacting with those platforms is subject to the privacy terms of the respective providers.
In certain cases, we may transfer personal data to companies outside of Switzerland (and potentially outside of the EU/EEA) in the context of using third-party services or due to our company's operations. In all such cases, the recipients of the data are obligated to protect personal data to the same extent as we are. Transfers can occur worldwide (for example, when we use cloud services with global infrastructure).
If a recipient is located in a country that does not have an adequate level of data protection comparable to Switzerland's (or the EU's, where GDPR applies), we will ensure an adequate level of protection through contractual and other measures. This typically involves conducting a risk assessment and then using safeguards such as the European Commission's Standard Contractual Clauses (SCCs) or other approved mechanisms to contractually oblige the recipient to protect your data. If our risk assessment indicates remaining high risks, we implement additional technical measures (e.g., encryption or pseudonymization) to further protect the data. (You can view the EU Commission's Standard Contractual Clauses at the Commission's website.) EU Commission's Standard Contractual Clauses.
We retain personal data only as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws.
When the applicable retention period expires, or when we no longer have a legal or business purpose to retain your personal data, we either delete it or irreversibly anonymize it to prevent identification.
We apply appropriate technical and organizational security measures to protect your personal data from unauthorized access, loss, misuse, or alteration. These measures are continuously updated to follow industry best practices and address new potential threats.
For example, data transmitted between your device and our servers is protected by SSL/TLS encryption (you'll see a padlock or "https://" in your browser address bar for our website, indicating an encrypted connection). We also restrict access to personal data internally: only employees or contractors who need access to fulfill their job duties (e.g., customer support or developers troubleshooting issues) can view certain personal data, and they are bound by confidentiality obligations.
We ensure that any external partners who handle personal data on our behalf adhere to strict data protection standards through contractual agreements (see Section 3.4a). In some cases, if you request a service that involves an affiliate company of ours, we may forward your request or data to them to best assist you - but even in these cases, your data will be handled confidentially and in line with this policy.
You have the right to request a copy of the personal data we hold about you, free of charge. Upon request, we will provide you with information about what data we have, how we process it, and the purposes of processing. For security reasons, we may require proof of identity before releasing such data. Please direct information requests to datenschutz@circlin.ch with the subject "Data Access Request" and include a copy of an official ID for identification.
Additionally, if we process data by automated means based on your consent or a contract with you, you have the right to request that we provide you (or a third party you designate) with the personal data you provided to us, in a structured, commonly used, machine-readable format (data portability).
Note that in certain situations, we may be entitled to refuse or limit the information we provide (for example, if the request impacts the rights of others or if providing the data is not allowed under law). We will inform you if any such limitations apply.
You have the right to request that we delete personal data we hold about you, or correct any errors in that data, at any time. When we receive such a request, we will promptly rectify inaccurate data or delete your data, unless we are required to keep it for legal reasons or have an overriding legitimate interest to retain it. For instance, we cannot delete data that is subject to a legal retention obligation (like certain transaction records), and we might decline a deletion request if the data is necessary for the establishment, exercise, or defense of legal claims.
Please be aware that if you ask us to delete certain data, this may prevent us from continuing to provide you with services that rely on that data. (For example, deleting your contact information would mean we can no longer reach you for critical account notifications.) Likewise, if you ask us to correct data and that data is tied to your account or transactions, it should be accurate; providing false information could have implications under our Terms.
You have the right, in certain circumstances, to object to our processing of your personal data, or to request that we restrict processing. For example, if we process your data based on our legitimate interests, you can object to that processing if you feel it infringes on your rights. If you lodge an objection, we will review and unless we have compelling legitimate grounds to continue processing (or if the data is needed for legal claims), we will stop using the data for that purpose.
Similarly, you can request that we restrict processing your data (just storing it without further use) if you contest its accuracy or the lawfulness of our processing, or if you need us to preserve it for legal claims.
If you believe your data protection rights have been violated, you have the right to take legal action. This means you can lodge a complaint with the competent data protection supervisory authority (see Section 2 above for the Swiss FDPIC; EU residents may contact their local authority), or you can pursue a remedy through the courts. We would, however, appreciate the chance to address your concerns first. So if you have an issue, please consider reaching out to us at datenschutz@circlin.ch, and we will do our best to resolve it. https://www.edoeb.admin.ch.
(Please note: Exercising the rights above is generally free of charge. However, manifestly unfounded or excessive requests (for example, repetitive requests) may incur a reasonable fee or be refused, as permitted by law. Also, when you exercise these rights, we will take steps to verify your identity to protect your privacy.)
We may change or update this privacy policy at any time without prior notice. The current version published on our website/app is the version that applies. We encourage you to check back from time to time to review any updates. If this privacy policy is part of an agreement we have with you (for instance, incorporated into our Terms of Service) and we make material changes to it, we will inform you about those changes via a suitable method (for example, by email or with an in-app notification).
We use cookies and similar technologies (such as local storage or SDKs in our app) to operate and improve our website and app, to measure usage, and - if you give us permission - for advertising and marketing purposes. A "cookie" is a small text file that is stored on your device when you visit a website, which helps remember information about your visit. In our mobile app, analogous technologies are used to remember settings or track usage in a similar way.
You can manage your cookie preferences at any time via our Usercentrics consent management tool (accessible on the website's footer or app settings) and/or through your web browser settings. For example, you can refuse or delete cookies via your browser settings. However, please note that if you disable cookies or similar technologies, some features of our service might not function properly. Essential cookies (those necessary for the operation of the site/app) cannot be turned off via the consent tool because the service cannot run without them.
For more detailed information about how we use cookies and to adjust your preferences, you can refer to our Cookie settings via Usercentrics on our site/app.
The following sections describe in more detail how we handle personal data in specific contexts and when using specific services or features:
Whenever you visit our website or use our app, certain information gets automatically generated and stored in our system logs (and in logs of third-party services we use). This is necessary for technical reasons and for security. The information collected includes:
We do not use this data to identify you as an individual. The primary purpose of capturing log data is to ensure our website and app function properly and to maintain the security of our systems. For instance, logs help us detect and troubleshoot technical issues, analyze potential security incidents (like malicious access attempts), and gather aggregate usage information (like how many users visit the site at different times). Processing this data is in our legitimate interest as it is essential to run a reliable and secure service.
This basic connection data is collected automatically by virtue of you accessing the site or app; it is a necessary part of how any internet service works. We keep this log data only as long as needed for the purposes above, and then it is deleted. Typically, we remove or anonymize request logs after each session or after a short retention period. Because this processing is essential for service operation, there is no general opt-out. If you do not want this data to be collected, the only option is to refrain from using our digital services. (However, note that we do not retain this data long-term unless required for security analysis, and it is not used for marketing or profiling.)
Our website/app and its backend infrastructure are hosted on Amazon Web Services (AWS), a cloud computing platform provided by Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, USA.
We utilize various AWS services. When you interact with Circlin (either via the website or the app), your requests and data will be routed through AWS servers. This is necessary in order to respond to your requests quickly and reliably. The types of data transmitted to and processed by AWS on our behalf include:
AWS may process this data in various data centers. We primarily use AWS regions in the European Union (EU) for data hosting when possible. However, depending on the service and configuration, data might be transferred to or accessed from the United States or other countries. We have signed a Data Processing Addendum with AWS which incorporates the Standard Contractual Clauses to protect personal data that leaves Switzerland/Europe. Moreover, AWS is certified under the EU-US Data Privacy Framework (as of the date of this policy) which indicates a commitment to EU-level data protection principles.
For more information about AWS's privacy practices and how they handle data, you can review AWS's Privacy Notice.
In addition to AWS, we also host our backend infrastructure on Microsoft Azure, provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA.
We utilize various Microsoft Azure services to support our application's functionality and reliability. When Azure is involved in processing, it will handle data similar to that described for AWS: network identifiers (IP addresses), device and usage information, and any content necessary for the particular Azure service to function (which might include personal data if, for example, Azure is used for storing user information or sending communications).
Any data sent to Microsoft Azure could be processed in data centers within or outside Switzerland. We strive to choose Azure's Swiss or EU data center locations for our services, but some ancillary data processing might occur in the United States or other jurisdictions. We have a contract in place with Microsoft that includes standard data protection clauses to ensure compliance with Swiss and EU data protection requirements for any cross-border transfers. Microsoft, as a major cloud provider, also maintains its own stringent security and privacy controls and complies with frameworks like GDPR. Microsoft's Privacy Statement.
We use Google Analytics on our website (and to a limited extent in our app) to understand how users engage with our service. Google Analytics is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics collects information about your visit to our site, such as which pages you view, how long you stay, how you arrived at our site (e.g., via a search engine or a link), and your general location (e.g., city or country). It uses this information to provide us reports that help us improve the website's structure and content. Importantly, we have configured Google Analytics to anonymize your IP address before storage (this means Google truncates your IP address within the EU/EEA or Switzerland, so it's not stored in full).
Data points collected by Google Analytics include:
Google Analytics may store this data on Google servers in the United States or other countries. Google is certified under the relevant data transfer frameworks and we have a data processing agreement with Google including the EU Standard Contractual Clauses.
We also use Google Tag Manager to manage various scripts on our website. Google Tag Manager itself does not collect personal data; it's essentially a tool that helps deploy other tags (like Google Analytics, marketing pixels, etc.) efficiently. Through Tag Manager we ensure that certain scripts (like Analytics or advertising tags) only run if you've given consent via our Usercentrics tool.
Opt-out: You are not tracked by Google Analytics unless you consent to analytics cookies. When you first visit, our consent banner will give you the choice. If you consent and later change your mind, you can withdraw consent via the banner settings (Usercentrics). Additionally, Google offers an opt-out browser add-on which you can install to disable Google Analytics on all websites. Google's Privacy Policy.
Our site and app implement a consent management platform by Usercentrics GmbH (Rosental 4, 80331 Munich, Germany) to help us comply with privacy regulations (like GDPR) by obtaining and recording user consent.
When you visit our service, Usercentrics will display a privacy consent banner/pop-up. Through this interface, you can choose which optional cookies or trackers you accept or reject (e.g., analytics, marketing). Once you make your choice, Usercentrics stores a small cookie in your browser (or a similar token in the app) to remember your preferences. This prevents the banner from popping up on every page load and ensures that your choices are respected.
Data Usercentrics processes on our behalf includes:
Change your privacy settings here.
For further details, see Usercentrics' privacy policy.
We use ZeroBounce to help maintain the quality of our email communications. ZeroBounce, provided by Hertza, LLC (d/b/a ZeroBounce), 10 E Yanonali St, Santa Barbara, CA 93101, USA, is an email address validation service.
When you provide your email to us (for example, during sign-up or when subscribing to our newsletter), our system may send that email address to ZeroBounce to verify that it is a valid and active email address (and not, for instance, a typo or an address that will bounce). ZeroBounce checks the address against various criteria (such as format, domain records, known abuse or complaint lists, etc.) and returns a result indicating if the email appears valid, invalid, or risky.
The only piece of data we send to ZeroBounce is the email address itself. ZeroBounce's system performs the validation and may involve servers in the USA. We have ensured through our agreement with ZeroBounce that your email is protected and not misused; ZeroBounce will not use your email for any purpose other than delivering their verification service to us. After checking, we receive the validation result and use it to decide whether to send emails to that address.
Using ZeroBounce helps us reduce sending emails to non-existent addresses, which improves deliverability for all users and reduces unnecessary processing of your data (if an address is invalid, we avoid sending personal information like order receipts or newsletters to the wrong place).
For more on ZeroBounce's privacy practices, please see ZeroBounce's privacy policy.
To guard against spam and malicious activity, we utilize services from The Spamhaus Project (with operations in the UK and Switzerland). Spamhaus provides real-time threat intelligence, particularly relating to IP addresses known for sending spam, malware, or engaging in attacks.
Whenever an IP address interacts with our servers (e.g., logging in, creating an account, sending messages), we may consult Spamhaus's databases to see if that IP has a history of abusive behavior. This is done almost instantaneously in the background.
The data shared is minimal: essentially the IP address in question is sent in a query to Spamhaus, and Spamhaus responds with a simple rating or status (for example, "listed" if the IP appears on a blocklist for spamming, or "clean" if not). We do not send any user-identifying information like names or emails to Spamhaus—only the IP address is checked.
If an IP address is flagged by Spamhaus, we might take protective actions, such as blocking actions from that address or requiring additional verification (to ensure it's really a legitimate user). This helps protect both our platform and our users from fraud, spam, and other bad acts.
Spamhaus will process the IP address for the sole purpose of this lookup and they have their own strict data policies as a non-profit security organization. No permanent personal data storage occurs on Spamhaus's side from our lookup beyond the standard maintenance of their threat intelligence lists.
For more information, refer to Spamhaus's privacy policy.
Our website/app uses fonts provided by Google Fonts, a service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), to ensure our text is displayed in a consistent and visually pleasing way across different devices and browsers.
When you load a page in our website or a screen in our app that uses a Google Font, your browser may connect to Google's servers to download the font files (if your device doesn't have them cached already). In doing so, the following information might be transmitted to Google:
Google states that it uses the font requests for performance monitoring and ensuring their fonts service works well, and that it does not use this information to profile end users or serve ads. The data may be stored and processed by Google, potentially in the USA.
We include Google Fonts to improve the user experience (fast and reliable font rendering). The use of Google Fonts is based on our legitimate interest in presenting our content with a uniform look and feel.
For more on how Google handles data in its font service, see Google's Privacy Policy.
Google Fonts usage is covered under Google's privacy commitments, and more information can be found on Google's FAQs for Fonts and privacy.
When you use Apple's login, Apple will authenticate you via your Apple ID. You may choose to hide your email (in which case Apple generates a relay email address) or share it. Apple then provides us with either your real email or the relay email, along with your name (unless you decide to edit your name or not share it) and a unique identifier that links your Apple ID to our app. We use this information to create or access your account. Apple does not share your Apple ID password or any of your personal data from your device. Apple's involvement is limited to the login transaction and any usage of your information by Apple is governed by Apple's Privacy Policy. Notably, if you opt to hide your email, emails we send (like notifications) will be forwarded to your real email via Apple's private relay service. Apple's Privacy Policy.
If you choose to log in via Facebook, you will be redirected to Facebook (Meta) to authenticate. Facebook may ask you which information you want to share with us; by default this might include your public profile (name, profile photo, locale, etc.) and email address. Facebook then sends us a token and the requested info (e.g., name and email) which we use to log you in or sign you up. We do not get access to your Facebook password or any data not explicitly shared by you through the permissions step. Facebook might record the fact that you used Facebook to log into our app, and any subsequent usage of that information by Facebook is under their Data Policy. If at any point you remove Circlin's app permissions from your Facebook account settings, we will no longer be able to access your Facebook-linked information. Facebook/Meta Data Policy.
If you use Google to authenticate, Google will confirm your identity (you may see a Google login screen if not already logged in). Google will then ask if you want to share certain details (usually your Google account name, email, and profile picture) with us. Upon your agreement, Google provides us with your basic profile info and a secure token. We use that to log you in or sign you up. We do not see your Google password or any other Google account data beyond what you allowed. Google may log that you used Google to sign into our service. Google's handling of your data in this context falls under the Google Privacy Policy. Google's Privacy Policy.
In all the above cases, after the initial login, we treat the information we receive (like your name and email) as we would if you had provided them directly. They become part of your Circlin account profile. We strongly advise you to review the privacy settings and policies of Apple, Facebook, or Google (whichever you use) to understand how they use your data. You can also revoke our app's access via your Apple/FB/Google account settings, though note this may prevent using that login method again without re-authorizing.
We use the Intercom platform to facilitate customer support, in-app messages, and other user communications. Intercom, Inc. (55 2nd Street, 4th Floor, San Francisco, CA 94105, USA) provides us with a suite of tools including a live chat widget on our website/app and a messaging system for sending announcements or guidance to users.
When you interact with Intercom on our platform (for example, by clicking the chat icon to talk to our support team, or by reading a message we send through Intercom), Intercom collects certain data:
Intercom acts as a processor of this data on our behalf. We have a Data Processing Agreement with Intercom which obliges them to protect your data. Intercom may transfer data to the United States or other countries for processing, but as of our latest agreement, Intercom complies with GDPR requirements and has measures like Standard Contractual Clauses in place for data transfers. Intercom has also certified under the EU-US Data Privacy Framework.
We use the information collected via Intercom solely to support you and to improve our services. We retain conversation histories for up to 12 months so that we have context of past issues. You can request a copy or deletion of your Intercom conversations by contacting us. For more details, see Intercom Privacy Policy.
Operating the Circlin marketplace requires us to handle various types of data that you generate or provide. Below we outline key categories of personal data we process in the app and how we use them:
When you register, we create an account profile for you. This includes your login credentials (such as your email and hashed password, or authentication tokens if you use social login), your name and contact details (like phone number or email address), your date of birth (to verify eligibility), and any profile picture or biography you add. This information identifies you on the platform, allows other users to know who they are dealing with (we may show your first name and first initial of last name, for example), and enables us to contact you regarding your transactions or account.
This encompasses all the information you post when you list an item for sale. It includes the thumbnail images and videos of the item, the title and description you write, the category you choose, the price you set, and metadata like the time and date of posting and any tags or attributes (e.g., condition, brand). This data is obviously made public on our marketplace - other users can see your listings and associated information. We process this data to present your listings to potential buyers and allow searches and filtering. We also may analyze listing data in aggregate to improve our categories or search algorithms.
Our platform allows buyers and sellers to communicate via an in-app messaging system. We store the content of these messages (including text and any attachments like photos) and the timestamps of messages. These communications are primarily private between the parties involved; however, our system may automatically scan them for trust & safety purposes (for example, to detect spam or scams). In case of a dispute or report (e.g., a user reports abusive behavior or fraud), authorized personnel may review the relevant messages to investigate. We treat these communications with care for your privacy and do not share them with third parties except as needed for safety (e.g., with law enforcement if required and appropriate).
When you agree on a sale/purchase with another user, an order is generated. We process data such as the item bought, the agreed price, the date/time of the transaction, selected delivery method, and payment status. If shipping is chosen, we collect the shipping address of the buyer and the return address of the seller, and any tracking numbers associated with the shipment (see Section 4.12 on how we handle shipping via Swiss Post). If the item will be exchanged in person, we generate a unique pick-up PIN code for that transaction and share it with buyer to verify the hand-over. We use email or in-app notifications to send each party the necessary info (for example, shipping label to the seller, or pickup code to the buyer). We limit the sharing of personal contact data between buyer and seller: typically only what is necessary (the buyer sees the seller's first name and the pickup location or agreed meetup info; the seller sees the buyer's first name and any needed contact info if provided). Phone numbers or emails are only shared between users if necessary and expressly provided for the transaction (for instance, if a user writes their phone number in a message or if required for delivery arrangements).
If a buyer protection claim is opened (for example, item not received or significantly not as described), we collect and generate data to resolve it. This may include the claim form details (reason for dispute, descriptions of the issue), any evidence provided (photos of damages, screenshots of conversations, shipping records), and we document the communications during the dispute (between you and support, or between buyer and seller if routed through us). Our internal team will also add notes on the case and a final decision record (e.g., refund issued, claim denied with reasoning). We process this data to fulfill our contractual commitment of Buyer Protection, ensuring fair outcomes, and to improve our trust and safety processes. Outcomes may also be used to inform future decisions (e.g., users who commit fraud may be banned).
Processing the above marketplace data is primarily to perform our contract with you — without this data, we cannot operate the Circlin platform or provide the services you expect (like facilitating sales or protecting buyers). For example, listing data is obviously necessary to display items for sale, and order data is necessary to complete transactions and provide buyer protection. Some processing is also based on our legitimate interests: for instance, monitoring communications for fraud is in our legitimate interest to keep the platform safe; preserving dispute records is in our interest (and users' interest) for legal protection and improving service. We ensure that any such legitimate interest processing is not overridden by your rights (for example, we don't access message content unless needed for safety, and we secure all personal data to prevent misuse).
We retain marketplace-related data as long as you have an active account and for a period after you close your account (to comply with legal obligations or resolve disputes). By default, if you delete your account or it's inactive for a long time, we may anonymize certain data (for example, past listings might remain for historical transaction integrity but without your identity attached). As mentioned in Section 3.5, transaction records (which can include personal data like names and addresses on receipts/invoices) are kept for up to 10 years as required by law. Communications are typically not kept that long unless needed for a specific reason; they may be deleted or made inaccessible after a certain period (for example, we might automatically delete or archive messages that are over 2 years old if no dispute is ongoing). Once data is no longer needed, we either delete it or irreversibly anonymize it so it's no longer associated with you.
For transactions that involve shipping, we partner with Swiss Post (Die Schweizerische Post AG, Wankdorfallee 4, 3030 Bern, Switzerland) to handle the physical delivery of items.
When a buyer and seller agree on shipping for an order, our system will collect the necessary shipping information: the sender's name and address (typically the seller) and the recipient's name and delivery address (the buyer). We may also collect a contact phone number and/or email for the recipient if provided (sometimes used by the courier for delivery updates or issues). We transmit this information to Swiss Post in order to generate the shipping label and initiate the shipping process. This data is usually transmitted via a secure interface to Swiss Post's systems at the time the label is created.
Swiss Post will use the data to transport the package from the seller to the buyer and to provide tracking notifications. Swiss Post operates as an independent data controller for the delivery process - they have legal obligations (for instance, to verify addresses, screen packages for safety, etc.) and their own retention requirements. Typically, Swiss Post will retain the shipment data (which includes personal data like names and addresses) for a legally required period (often a number of years) mainly for postal law compliance, customer inquiries, and accounting. Swiss Post Privacy Notice.
We do not use the shipping address you provide for any purpose other than fulfilling that specific order (and any necessary after-service, like handling a return or insurance claim if something goes wrong in transit). We might store the fact that a certain user had items shipped to a particular postal code or city for analytics (like to see where our users are generally located by region), but we do not expose full addresses to other users except between the transacting parties as needed.
By choosing shipping, you agree that we share your relevant details with Swiss Post. If you want to know more about how Swiss Post handles personal data (for example, if you're concerned about their retention or any data sharing they do), please consult Swiss Post's privacy notices or contact Swiss Post directly. As a Swiss company, Swiss Post is subject to Swiss data protection law.
Payments on our platform (for example, when a buyer pays for an item or when a seller receives payout of funds) are facilitated by external payment service providers (PSPs). We integrate with these PSPs to ensure secure handling of financial information.
Visa Privacy Center • Mastercard Privacy Notice • TWINT Privacy Policy • Stripe Privacy Policy
When you make a payment through Circlin, for example using a credit card or a direct payment app, you will be interacting with one of these providers. We transmit the payment details necessary for the transaction: this can include the amount to be charged, your user ID or order ID to tie the payment to your Circlin account, and the relevant payment credentials. If it's a credit card, you either enter that card via our secure payment form (which actually sends data straight to the PSP, not through our servers), or if you've saved a card token, we request the PSP to charge that token. For TWINT or similar, you might be redirected or asked to confirm via your mobile app.
This typically includes your name, billing address, and payment information (like credit card number and expiry, or bank account, or mobile number for TWINT), as well as transaction amounts and details. These providers might also collect information for fraud prevention, such as device information or verification codes (like SMS codes for 3-D Secure authentication on cards). We do not see or store your sensitive payment details (like full card numbers). The PSP either confirms a successful payment or reports a failure to us, along with a transaction ID.
We use these payment providers under the legal basis of contractual necessity - we have to process payments to fulfill the sales contract between buyer and seller (Art. 6(1)(b) GDPR where applicable, and equivalent under Swiss law). We also have a legitimate interest in offering safe and convenient payment methods (Art. 6(1)(f) GDPR) to our users.
Some PSPs might perform credit checks. The ones listed (Visa, Mastercard, TWINT, Stripe) generally do not run credit score checks for standard transactions, but they do have anti-fraud measures. For instance, Stripe or card networks might use automated systems to flag suspicious transactions (based on things like location vs. billing address mismatches, etc.). These systems may reference blacklists or fraud databases. This is done by the PSP as part of their service to us and to you (to prevent unauthorized use of your account). In addition, Stripe is required by law to perform Know Your Customer (KYC) checks on sellers before processing payouts. This may include verifying personal details and, where automatic verification is not possible, requesting identity documents via Stripe Identity (e.g. a government-issued ID and selfie). We only collect such documents when Stripe requires them, and they are submitted securely through Stripe's system. If a seller does not complete the verification, Stripe may delay or deny payouts until the process is completed.
The payment info you provide is processed by the PSP and not stored on our servers (except possibly a token or masked card info if we show you the last four digits for your reference). PSPs will store your data on their secure servers. They might be obligated to share transaction info with banks or card networks, and possibly with authorities in cases of suspicious activity or as required by law (e.g., anti-money laundering regulations).
Each payment provider has its own retention policy, but typically financial records must be kept for a number of years to comply with financial regulations and audits. We too will keep records of the transactions (amount, date, payer, payee) for accounting purposes for up to 10 years, but those records do not include your full payment details - mostly references and amounts.
It's important to note that when you make a payment, you are also entering into a relationship with the payment provider. Their Terms and Privacy Policy govern that transaction in addition to our policy. We encourage you to read the privacy information of the provider you use (we provided references above). These documents will also explain your rights with those providers (e.g., how to access data they hold on you, or dispute a transaction). If you need help contacting a payment provider or understanding their role, you can always reach out to us.
We may utilize third-party advertising platforms to promote Circlin to new users and re-engage with existing users. The main platforms we work with are Google Ads, Microsoft Advertising (Bing Ads), Meta Ads (Facebook/Instagram), and TikTok Ads.
This involves placing ads on other websites, search results, social media, or within apps. To measure the effectiveness of these ads and to target the ads appropriately, we integrate certain tracking tools provided by these platforms: for example, the Google Ads conversion tag, the Meta Pixel (Facebook Pixel), Microsoft UET (Universal Event Tracking) tag, and TikTok Pixel/SDK.
All such tracking is done only if you have given consent through our Usercentrics banner (for web cookies) or through app tracking permissions (if applicable on iOS, for instance). You can withdraw consent at any time (see Section 3.9 on Cookies).
The data collected by these third parties may be combined with information they already have about you (for example, if you're logged into Google or Facebook, they might link the visit to your account on their platform). They use this to place you into marketing segments for ad targeting. We do not receive personal data from them in this process – rather, we get aggregated reports (e.g., "X number of people clicked the ad and then signed up").
We want to be transparent that by allowing these tracking technologies, your browsing/use of our service may be linked to your profiles on those ad networks. If you prefer not to be tracked in this way, you can opt out via our consent tools or using platform-specific opt-outs (such as using your device settings to limit ad tracking, or adjusting Google Ads Settings, Facebook Ad Preferences, etc.). There are also industry opt-out sites like the Network Advertising Initiative or YourAdChoices (DAA) which can help opt out of many such networks generally, though those might not cover mobile app SDK tracking.
Google's Privacy Policy • Microsoft Privacy Statement • Meta Data Policy • TikTok Privacy Policy (EEA) • Network Advertising Initiative opt-out • DAA YourAdChoices opt-out
If you subscribe to our newsletter or other marketing communications, we will use your email address to send you news about Circlin, such as updates on new features, promotions, or curated content you might like. We may also send similar information via push notifications if you have enabled those on the app.
When you sign up for the newsletter, we record your consent and the date/time. We use a secure email service (which could be an external provider or our own infrastructure via AWS SES) to send these emails. In each marketing email, we include an unsubscribe link. You can click that at any time to stop receiving further marketing emails from us. You can also manage your email preferences in your account settings within the app or website.
We might analyze engagement with our emails on a general level - for example, seeing how many users opened an email or clicked on a particular link (this is often done via an invisible image pixel in the email or unique tracked links). This helps us understand what content is interesting to subscribers. This is optional and primarily for our internal use; we do not profile individual users' email reading habits beyond the basic segmentation (e.g., to resend an email to those who didn't open it once, or to avoid sending certain types of emails to those who never interact).
If you unsubscribe from marketing emails, we will suppress your address in our mailing list (meaning we mark it so that you no longer get marketing emails). It might take a short time (a few days at most) to fully remove you from all campaign lists, but we strive to process opt-outs immediately. Note that transactional emails (like purchase receipts, password resets, important account notifications) are not affected by an unsubscribe from marketing, because those are not promotional - however, we limit those to only what's necessary.
We do not sell or share our mailing list with third-party marketers. If we ever collaborate with a partner for a joint promotion, you would hear from us, and the partner wouldn't get your contact info unless you separately sign up with them.
We may amend this Privacy Policy from time to time. If we make changes, we will post the updated policy on our website and update the "Updated on" date at the top. The current version of the Privacy Policy as published on our website/app is the one that applies to our processing of your data.
If we make material changes to the policy (for example, if we start processing your data for new purposes that were not originally outlined), and if this Privacy Policy is incorporated into an agreement we have with you, we will take additional steps to inform you of those changes. This could include sending you an email to the address associated with your account or providing an in-app notification. By continuing to use our services after the effective date of an updated policy, you acknowledge the terms of the new policy.