Privacy Policy

Last updated: April 18, 2026.

Introduction

Minsh Sàrl ("Minsh", "we", "us") operates the minsh.com website (the "Website") and the platform on which our business customers ("Customers") build, configure, brand and publish mobile and web applications ("Minsh Apps") for their own end users ("End-Users") (collectively, the "Service"). This Privacy Policy describes how Minsh collects, uses, shares and protects personal data, what your rights are, and how to contact us.

Your privacy is critically important to us. Our fundamental principles are:

  • We don't ask for personal data unless we truly need it.
  • We don't sell or rent personal data to anyone.
  • We only share personal data when necessary to operate the Service, comply with the law, or protect our rights.
  • We aim to make it as simple as possible for you to control what's visible to others, what's kept private, and what's deleted.

Our Role: Controller and Processor

Minsh's role under data protection law depends on whose personal data is being processed:

  • Where Minsh is a Controller: for personal data Minsh collects directly through the Website (e.g., visitors, prospects, paying Customers and their representatives), Minsh determines the purposes and means of processing and acts as the data controller.
  • Where Minsh is a Processor: for personal data of End-Users of a Minsh App, the relevant Customer is the data controller and Minsh acts as a data processor on the Customer's behalf. Such processing is governed by Minsh's Data Processing Agreement (DPA), which forms part of the Customer's agreement with Minsh.

If you are an End-User of a Minsh App and have questions about how your personal data is used, please first contact the Customer who operates that Minsh App. Minsh will only act on instructions from that Customer.

Data Protection Laws

Minsh complies with applicable data protection laws, including:

  • the EU General Data Protection Regulation (Regulation (EU) 2016/679) (the "EU GDPR");
  • the United Kingdom General Data Protection Regulation (the "UK GDPR") and the UK Data Protection Act 2018;
  • the Swiss Federal Act on Data Protection of 25 September 2020 (the "Swiss FADP"); and
  • the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles, where applicable.

Personal Data We Collect

Depending on your interaction with Minsh, we may collect the following categories of personal data:

  • Account and contact information: first and last name, email address, username, phone number, business address, billing address, professional role.
  • Order and payment information: the details of services you have ordered. Payment card information is collected and processed directly by our third-party payment providers (Stripe, PayPal); Minsh does not store payment card details.
  • Content: material you upload, post, transmit or display through the Service.
  • Device and connection data: IP address, general location derived from IP address (e.g., country or region), device identifier, operating system, browser type, language preferences, log data and timestamps.
  • Aggregated analytics: we generate aggregated weekly or monthly activity reports for our Customers (e.g., number of active users, number of messages posted). These reports do not identify individual End-Users.
  • Communications: the content of messages you send to us (e.g., support emails, feedback).

Where you provide us with personal data of others (for example, contacts you wish to onboard or invite into a Minsh App), we use that information solely for the purpose for which it was provided. If you believe one of your contacts has given us personal data about you and you want it removed, please contact us at team@minsh.net.

Why We Process Personal Data and on What Legal Basis

Minsh processes personal data for the following purposes and on the following legal bases:

  • To provide the Service and perform our contract with you (e.g., creating your account, building and hosting your Minsh App, processing payments, providing support) — legal basis: performance of a contract (EU/UK GDPR Art. 6(1)(b); Swiss FADP equivalent).
  • To communicate with you about Service-related matters (e.g., billing notices, security alerts, sub-processor change notifications) — legal basis: performance of a contract or legitimate interests (Art. 6(1)(b) or (f)).
  • To send you product updates, newsletters and marketing — legal basis: your consent or our legitimate interest, depending on jurisdiction. You can opt out at any time using the unsubscribe link or by contacting us.
  • To comply with legal obligations (e.g., tax records, responding to lawful requests) — legal basis: legal obligation (Art. 6(1)(c)).
  • To protect our and others' rights, property and safety (e.g., fraud prevention, enforcement of our terms) — legal basis: legitimate interests (Art. 6(1)(f)).
  • For analytics and improvement of the Service — legal basis: legitimate interests (Art. 6(1)(f)), or your consent where required.

How We Share Personal Data

Minsh does not sell or rent personal data. We share personal data only with:

  • Sub-processors who help us operate the Service, including established cloud infrastructure providers. The current list of our sub-processors is maintained in Schedule 1 to our Data Processing Agreement, which is provided to Customers and updated when new sub-processors are engaged. Sub-processors are bound by written agreements containing data protection obligations not less protective than those in our DPA.
  • Third-party payment providers, currently Stripe and PayPal, which process payment transactions under their own terms and privacy policies.
  • Service providers assisting us with limited business operations (e.g., email delivery, customer support tooling), bound by appropriate confidentiality and data protection commitments.
  • Legal and regulatory authorities, where required by law or where we believe in good faith that disclosure is necessary to protect our or others' rights, property or safety. Where permitted by law, we will notify the affected person of such requests.
  • Acquirers, in the context of a merger, acquisition or sale of assets, subject to appropriate confidentiality protections.

International Data Transfers

Minsh is based in Switzerland. Personal data may be hosted on infrastructure located in the European Union or the United States, depending on operational requirements. Where personal data originating from the European Economic Area, the United Kingdom or Switzerland is transferred to a country that does not benefit from an adequacy decision under applicable data protection law, Minsh relies on appropriate safeguards, including:

  • the European Commission's Standard Contractual Clauses adopted in Implementing Decision (EU) 2021/914 (the "EU SCCs");
  • the UK International Data Transfer Addendum to the EU SCCs, issued by the UK Information Commissioner's Office;
  • the EU SCCs as adjusted in accordance with the guidance of the Swiss Federal Data Protection and Information Commissioner; and
  • where applicable, certifications under the EU-US Data Privacy Framework, the UK Extension thereto, or the Swiss-US Data Privacy Framework.

For Australian Customers, transfers from Australia to other jurisdictions are governed by Australian Privacy Principle 8 (cross-border disclosure) and the contractual commitments in our DPA.

How Long We Keep Personal Data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to provide the Service, comply with our legal, accounting and reporting obligations, resolve disputes and enforce our agreements. In particular:

  • Account and Service data: for the duration of your use of the Service, plus a reasonable period thereafter for the purposes set out above.
  • Database backups: retained for up to twelve (12) months for operational and recovery purposes, after which they are automatically overwritten.
  • Marketing data: until you unsubscribe or otherwise object.

For personal data Minsh processes as a Processor on behalf of a Customer, retention is governed by the Customer's instructions and our DPA.

Your Rights

Subject to applicable data protection law, you have the following rights regarding your personal data:

  • Right of access — to obtain confirmation as to whether we hold personal data about you and a copy of that data.
  • Right to rectification — to have inaccurate or incomplete data corrected.
  • Right to erasure ("right to be forgotten") — to have your personal data deleted in certain circumstances.
  • Right to restriction of processing — to limit how we use your data in certain circumstances.
  • Right to data portability — to receive your data in a structured, commonly used format and transmit it to another controller.
  • Right to object — to object to processing based on legitimate interests, including direct marketing.
  • Right not to be subject to automated decision-making producing legal or similarly significant effects (Minsh does not currently engage in such automated decision-making).
  • Right to withdraw consent, where processing is based on consent, at any time and without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at team@minsh.net. We will respond within the timeframes required by applicable law (generally one month under EU/UK GDPR and the Swiss FADP; thirty days under the Australian Privacy Principles). We may need to verify your identity before responding.

If you are an End-User of a Minsh App, please direct your request to the Customer operating that Minsh App, who is the data controller. Minsh will assist that Customer as required under our DPA.

Right to Lodge a Complaint

If you are not satisfied with how we have handled your personal data, you have the right to lodge a complaint with a competent data protection authority, including:

  • the data protection authority in the EU/EEA Member State of your habitual residence, place of work or alleged infringement;
  • the UK Information Commissioner's Office (ICO) — ico.org.uk;
  • the Swiss Federal Data Protection and Information Commissioner (FDPIC) — edoeb.admin.ch; or
  • the Office of the Australian Information Commissioner (OAIC) — oaic.gov.au.

We would, however, appreciate the chance to address your concerns directly before you approach a regulator — please contact us first at team@minsh.net.

Mobile Applications and End-User Data

When End-Users download, install or use a Minsh App built for one of our Customers, certain personal data is processed on behalf of the Customer who operates that Minsh App. The Customer is the data controller for such data, and the Customer's own privacy notice should describe how that data is collected and used. Minsh acts as a Processor and processes such data only on the Customer's instructions and in accordance with our DPA.

In the course of operating a Minsh App, we may automatically collect device type, operating system version and device identifier, and we may send push notifications on behalf of the Customer. End-Users can manage notifications in the Minsh App settings or at the device level.

Where a Minsh App provides location-based features, location data is collected with the End-User's consent (typically through the device's location permission prompt) and used only to operate that specific feature. Location services can be disabled at any time at the device level.

Cookies and Tracking Technologies

Minsh and its partners use cookies and similar technologies on our Website to operate the site, remember your preferences, analyse usage and improve our services. You can control or disable cookies through your browser settings. Disabling certain cookies may limit functionality on our Website. Where required by applicable law (for example, the EU ePrivacy Directive), we will request your consent before placing non-essential cookies on your device.

Analytics

We collect aggregated and pseudonymous analytics information when you use Minsh's Website to help us understand usage patterns and improve the Service. Analytics data is processed on the basis of our legitimate interests, or your consent where required.

Testimonials

We may post customer testimonials, comments or reviews on our Website. Where these contain personal data, we obtain the customer's consent before posting.

Links to Third-Party Sites

Our Website and Minsh Apps may contain links to other websites or services that are not owned or controlled by Minsh. We are not responsible for the privacy practices of such third parties. We encourage you to read the privacy notice of every site that collects personal data from you.

Security

The security of your personal data is important to us. Minsh implements administrative, technical and organizational measures designed to protect personal data against unauthorized access, loss, alteration or disclosure. These measures include access controls, encryption of data in transit (HTTPS/TLS) and use of secure infrastructure provided by established cloud service providers. No system can be guaranteed to be completely secure. If you have any questions about the security of your personal data, please contact us at team@minsh.net.

Children's Personal Information

Minsh does not knowingly collect any personal information from children under the age of 16. If you are under the age of 16, please do not submit any personal information through our Website or Minsh Apps. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce this Policy by instructing their children never to provide personal information through the Website or Minsh Apps without their permission. If you have reason to believe that a child under the age of 16 has provided personal information to us, please contact us at team@minsh.net, and we will use commercially reasonable efforts to delete that information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for legal, operational or regulatory reasons. If we make material changes we will notify you by email (sent to the address most recently provided to us) or by means of a notice on this Website prior to the change taking effect. The "Last updated" date at the top of this Policy reflects the date of the most recent revision. We encourage you to review this page periodically.

Contact Us

If you have questions or concerns about this Privacy Policy or about Minsh's privacy practices, please contact us by email at team@minsh.net, or by post at:

Minsh Sàrl
Rte de Moudon 15
1509 Vucherens VD
Switzerland

English Version Controls

Non-English translations of this Privacy Policy are provided for convenience only. In the event of any ambiguity or conflict between translations, the English version is authoritative and controls.

Product

Home
Pricing

Resources

Support
Blog

About

Team
Contact
© Minsh 2008-