Privacy Policy

Last updated: May 25, 2026

Applies to: https://www.momentumq.com

1. Who We Are

This website is operated by:

MomentumQ GmbH (Swiss limited liability company)
Leutschenbachstrasse 95
8050 Zürich, Switzerland
Email: info@momentumq.com

MomentumQ GmbH (“MomentumQ”, “we”, “us”, “our”) is responsible for the collection and processing of personal data described in this Privacy Policy.

We handle information transparently and in accordance with the Swiss Federal Act on Data Protection (revDSG) and, where applicable, the EU General Data Protection Regulation (GDPR).

2. Data We Collect

We may collect and process:

• Contact data: name, email address (e.g., sign-ups or support requests)
• Account data: name, email address, and an encrypted (hashed) password when you create an account
• Technical data: IP address, browser type, operating system, device information
• Usage data: pages visited, referral source, session duration, interactions
• Subscription data: preferences, newsletter opt-ins, beta registrations

3. Purpose and Legal Basis

We use your data to:

• Provide access to MomentumQ products and early-access features
• Send updates, product news, and educational content
• Monitor and improve website performance and user experience
• Maintain security and prevent misuse

Legal bases:

• Consent (Art. 6 (1)(a) GDPR / Art. 31 revDSG)
• Legitimate interests (Art. 6 (1)(f) GDPR / Art. 31 revDSG), e.g., security and site functionality

You may withdraw consent at any time by emailing info@momentumq.com.

Providing personal data is generally voluntary. However, some data is necessary to use specific features — for example, an email address is required to create an account, subscribe to the newsletter, or start a free trial. Without the required data we cannot provide that particular service.

4. Website Hosting and Data Processing

a) Payments – Stripe

We use Stripe Payments Europe, Limited (“Stripe”) to process online payments securely. When you purchase or subscribe, payment data (e.g., card details, billing address, transaction information) are transmitted directly to Stripe. MomentumQ does not store or access full credit-card details.

Stripe processes data under the GDPR and revDSG, and may transfer data to the U.S. under the EU–U.S. Data Privacy Framework or standard contractual clauses.

Stripe Privacy Policy: https://stripe.com/privacy

b) Email & Marketing – Brevo

We use Brevo (operated by Sendinblue SAS, 17 rue Salneuve, 75017 Paris, France; formerly Sendinblue) for newsletters and early-access emails. Brevo processes:

• Email address and IP at signup
• Timestamp of consent and confirmation
• Delivery and engagement metrics (opens, clicks, unsubscribes)

Data is stored on secure EU servers.

Brevo Privacy Policy: https://www.brevo.com/legal/privacypolicy/

c) Google reCAPTCHA

Used to protect forms from spam and abuse. Google Ireland Ltd. collects technical data (IP, browser, mouse movements) to verify human users. Data may be processed in the U.S. under the EU–U.S. Data Privacy Framework.

Google Privacy Policy: https://policies.google.com/privacy

d) Website Hosting, Analytics & Performance – Vercel

This website is hosted by Vercel Inc. As our hosting provider, Vercel processes technical data necessary to deliver the site, including IP address, browser type, and request metadata stored in server logs.

We also use Vercel Web Analytics to measure aggregate site usage (such as page views and referral sources). Vercel Web Analytics is privacy-friendly and does not use cookies or collect personally identifiable information.

We additionally use Vercel Speed Insights to measure real-world page-performance metrics (such as loading and interaction timings) in aggregate. Like Vercel Web Analytics, it is privacy-friendly and does not use cookies or collect personally identifiable information.

Vercel may process data in the U.S. under the EU–U.S. Data Privacy Framework or standard contractual clauses.

Vercel Privacy Policy: https://vercel.com/legal/privacy-policy

e) Transactional Email – Resend

We use Resend (operated by Plus Five Five, Inc.) to send transactional emails such as account verification, password resets, welcome messages, and order confirmations. Resend processes the recipient’s name and email address for the purpose of delivering these messages.

Resend may process data in the U.S. under standard contractual clauses.

Resend Privacy Policy: https://resend.com/legal/privacy-policy

f) Error Monitoring – Sentry

We use Sentry (Functional Software, Inc. d/b/a Sentry) to detect and diagnose technical errors. When an error occurs, Sentry may process technical data including IP address, browser and device information, and details of the request that caused the error.

Sentry may process data in the U.S. under standard contractual clauses.

Sentry Privacy Policy: https://sentry.io/privacy/

g) Maps – Mapbox

Pages that display a map use Mapbox (Mapbox, Inc.) to render map content. When a map loads, Mapbox receives technical data including your IP address and information about how you interact with the map.

Mapbox may process data in the U.S. under standard contractual clauses.

Mapbox Privacy Policy: https://www.mapbox.com/legal/privacy

h) Authentication – Discord

You can choose to sign in using your Discord account. If you do, Discord (Discord Netherlands BV / Discord Inc.) shares basic profile information with us — such as your Discord username, email address, and user ID — to create and authenticate your account. We only receive this data if you actively choose Discord sign-in.

Discord Privacy Policy: https://discord.com/privacy

i) Database Hosting – Neon

Our application database is hosted with Neon (Neon, LLC, an affiliate of Databricks, Inc.). Acting as our processor, Neon stores the personal data associated with your account and related records — such as your name, email address, hashed password, and subscription data — on our behalf.

Neon may process data in the U.S. under standard contractual clauses.

Neon Data Processing Addendum: https://neon.com/dpa

j) Rate-Limiting & Caching – Upstash

We use Upstash (Upstash, Inc.) for serverless Redis, which we use for rate-limiting and short-lived caching to protect the site from abuse. For this purpose Upstash processes technical data such as IP addresses, retained only briefly.

Upstash may process data in the U.S. under standard contractual clauses.

Upstash Privacy Policy: https://upstash.com/trust/privacy.pdf

5. Your Rights

Under revDSG and GDPR you may:

• Access your data and request a copy of it
• Request correction of inaccurate or incomplete data
• Request deletion (erasure) of your data
• Request restriction of processing
• Object to processing based on legitimate interests
• Request data portability — receive the data you provided in a structured, commonly used, machine-readable format
• Withdraw consent at any time, without affecting the lawfulness of processing carried out beforehand
• Request information on how your data is processed and shared
• Lodge a complaint with a data-protection authority — in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC); in the EU/EEA, your local supervisory authority

Contact info@momentumq.com to exercise your rights. We respond to access and other data-subject requests free of charge and generally within 30 days, as required by the revDSG.

6. International Data Transfers

Some of the service providers listed in Section 4 process personal data outside Switzerland and the EU/EEA — in particular in the United States (this may apply to Stripe, Resend, Sentry, Mapbox, Vercel, Neon, Upstash, Google, and Discord).

Where data is transferred to a country without a recognized adequacy decision, we rely on appropriate safeguards — primarily the EU–U.S. Data Privacy Framework (and its Swiss extension) and EU Standard Contractual Clauses — to ensure a level of data protection consistent with the revDSG and GDPR. A copy of the relevant safeguards can be requested at info@momentumq.com.

7. Data Security

We implement appropriate technical and organizational measures including:

• SSL/TLS encryption
• Access restrictions and authentication
• Regular security updates and monitoring

8. Data Retention

We retain personal data only as long as necessary for the purposes set out in this Policy, after which it is deleted or anonymized. In practice:

• Account data— for as long as your account is active, and deleted within a reasonable period after the account is closed.
• Newsletter and marketing data— until you unsubscribe or withdraw consent.
• Payment and transaction records— for the period required by applicable accounting and tax law (generally up to 10 years under Swiss law).
• Server logs and technical data— for a short period for security and troubleshooting, after which they are deleted or aggregated.

Deletion requests can be sent to info@momentumq.com.

9. Cookies and Tracking

• We do not use advertising, profiling, or cross-site tracking cookies.
• We use privacy-friendly, cookieless analytics and performance measurement (Vercel Web Analytics and Speed Insights) to measure aggregate site usage – see Section 4(d).
• A cookie-consent banner is displayed where legally required.
• Cookies can be controlled or deleted via browser settings.

10. Children’s Privacy

Not intended for individuals under 18. We do not knowingly collect data from minors; any submitted data will be deleted promptly.

11. Contact

MomentumQ GmbH (Swiss limited liability company)
Leutschenbachstrasse 95
8050 Zürich, Switzerland
Email: info@momentumq.com

We have not appointed a Data Protection Officer, as we are not legally required to do so. Data-protection enquiries can be sent to the email address above.

12. Updates

This Policy may be updated periodically. The latest version is always available on this page.