sigillo
Privacy Policy
The German version is legally binding; this translation is provided for convenience.
This policy describes which data sigillo processes. Principle: we store as little as technically possible.
Controller
Daniel Schlager (DanielSchlager.AI), Siezenheimer Straße 35, A-5020 Salzburg. Contact: office@danielschlager.ai. Full details see imprint.
Document contents are not stored
Uploaded PDF files are passed solely to SwissTrustLayer for sealing and are not stored by us afterwards. Our database keeps only a cryptographic checksum (SHA-256 hash), the filename, the chosen mode and the processing status — never the document content itself.
What we process
- Account data: email address and login identifier from the sign-in (Authentik).
- API tokens: stored only as an HMAC hash, never in clear text.
- Operation metadata: filename, SHA-256 hash, mode, status, timestamps, credits used — no PDF content.
- Billing: credit balance and the payment events reported by Stripe (no card data held by us).
- Audit log: a record of security-relevant actions (e.g. token creation, sealing, refunds).
Processors and external services
External calls are made solely to the following services — there is no telemetry or sharing with other third parties:
- SwissTrustLayer (Switzerland) — signature/sealing service: our Swiss partner performs the actual sealing; the PDF is transmitted for processing and stays in Switzerland.
- Stripe: payment processing for credit purchases. Card data is handled by Stripe, not by us.
- Authentik (self-hosted): sign-in and session management.
- Infomaniak (Geneva, Switzerland): hosting of the application and database. Data stays in Switzerland.
Retention
Account and operation metadata are stored as long as the account exists. On request we delete your account and the associated data, unless statutory retention obligations (in particular for billing records) apply.
Your rights
You have the right to access, rectification, erasure, restriction of processing and data portability. Contact office@danielschlager.ai.
Cookies
We use only technically necessary cookies: a signed session cookie after login, a short-lived cookie during sign-in, and a cookie for the language choice. No tracking, no advertising.
Last updated: 13.06.2026