Privacy Policy

Who runs presens

Presens is currently a personal project operated by Steven Gibert, a private individual based in Switzerland. There is no legal entity behind it yet. If that changes, this page will be updated.

You can reach me at contact@presens.me for any privacy question.

What data presens collects

When you create an account and use the product, presens stores:

• Your email address — used to log you in, send verification, and contact you about your account.
• Your name — used to address you in the app (e.g. "Good morning, Benjamin"). You can change it any time in Settings.
• Your writing samples — the 3 to 5 paragraphs you paste during onboarding so presens can learn your voice.
• Your tone profile — the analysis presens derives from your samples.
• Your content ideas, drafts, and generated images — everything presens generates for you stays in your account.
• Your LinkedIn access token — only if you explicitly connect a LinkedIn account for publishing. The token is encrypted at rest.
• Aggregate, cookieless page-view analytics — what page was visited, what device class, and which referrer. No personal identifiers are collected on the marketing site. See "Analytics" below.

That's the full list. Presens does not ask for your phone number, your address, or any payment information (the product is free during beta).

Where your data is stored

All data is stored on a private virtual server hosted by Infomaniak in Switzerland. Specifically:

• Database (PostgreSQL): on the same Infomaniak VPS, encrypted at the filesystem level.
• File storage (rare; mostly images): Infomaniak kDrive in Switzerland.
• Email delivery: Infomaniak SMTP.

No data is stored on US cloud providers. No replication outside Switzerland. The data sovereignty story has a one-sentence answer: your stuff stays here.

Third parties that touch your data

This is the full list, in order of how often data flows to them:

• Infomaniak (Switzerland) — hosting, AI inference (for the voice analysis and post drafting), email delivery. Infomaniak's privacy policy is at infomaniak.com/en/legal. They process your data under EU-equivalent data protection (Switzerland is recognised as providing adequate protection under GDPR).
• LinkedIn — only when you explicitly press "Publish" on a post. At that moment, the text and image of that specific post are sent to LinkedIn's API. Nothing else is shared with LinkedIn — not your other drafts, not your samples, not your voice profile.

No other third parties have access to your data. Presens does not sell, rent, or share your data with advertisers, brokers, or analytics platforms.

How long your data is kept

• Account data, samples, drafts: as long as your account exists.
• Analytics page-view records: 12 months, then aggregated and the raw records are deleted.
• Email verification tokens, password reset tokens: 24 hours.
• LinkedIn access tokens: until you disconnect LinkedIn or delete your account.

When you delete your account (see "Your rights" below), all of the above is removed within 7 days. Backups are rotated within 30 days, after which the data is unrecoverable.

Will presens train AI on your content?

No. Your samples, drafts, voice profile, and generated content are used only to serve drafts back to you. They are not used to train, fine-tune, or improve any AI model, by presens or by Infomaniak. The AI inference happens against Infomaniak's hosted models on a per-request basis, and the request data is not retained by Infomaniak for training purposes.

Cookies

The marketing site (presens.me/) sets no cookies. Analytics are cookieless (see below).

The app (after you sign in) sets one session cookie so you stay logged in. It's a strictly-necessary first-party cookie — no consent banner is required under GDPR or the Swiss nFADP.

Analytics

Presens uses Umami, a cookieless, open-source web analytics tool, self-hosted on the same Swiss infrastructure as the rest of the product. Umami tracks page views, the referring site, the device class (desktop / mobile), and the country at the city-level — but does not set cookies, fingerprint browsers, or store any personal identifiers.

You can read more about Umami's privacy properties at umami.is. The Umami documentation calls this approach "anonymous analytics" — that is accurate.

Session replay (beta)

During the beta, presens uses Umami's session-replay feature to understand how people actually use the product — where they get stuck, what they ignore, where the UX is unclear. This is the same self-hosted Umami service, on the same Swiss infrastructure as the rest of the data.

• Sample rate: 15% of sessions are recorded; the other 85% are not.
• Recording length: capped at 5 minutes per session.
• What is masked: passwords, email fields, and other form inputs flagged as sensitive are replaced with placeholder dots in the recording.
• What is captured: clicks, scrolls, and the rendered content of your screen at the time. On the marketing pages this is our public copy. Inside the app, this means the draft text on screen, the topic titles you have saved, and which integrations (for example, whether you have connected LinkedIn) appear in your interface. We capture this so we can see what you were looking at when you got stuck.
• No cookies. Session-replay uses a short-lived identifier in browser memory that resets when you close the tab. Nothing is written to your disk.
• Storage: recordings are kept on the Swiss Umami server, deleted after 30 days, never exported.
• Who looks: only Steven, and only to fix usability problems. Recordings are not shared with anyone outside presens.

If you would prefer not to be recorded, write to contact@presens.me with the email on your account and I will exclude it.

Your rights under GDPR and nFADP

You have the right to:

• Access your data — see what we hold about you. Send a request to contact@presens.me.
• Export your data — get a JSON dump of your samples, drafts, and voice profile. Send a request to contact@presens.me. Self-service export is on the roadmap.
• Correct your data — change your name and email in Settings, or write to us for anything else.
• Delete your data — one click in Settings → Delete account. Final, immediate, no grace period.
• Object to specific processing — write to us. Practically, the only "processing" presens does that you could meaningfully object to is the AI inference, in which case the product doesn't work for you — but you can object and we will close your account.
• Complain to a supervisory authority — in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC). In the EU, your local data-protection authority.

Requests are answered within 30 days, usually within 48 hours.

Security

The basics:

• HTTPS everywhere. The homepage, the app, and all data transit is TLS-encrypted.
• Passwords are hashed with industry-standard algorithms (currently bcrypt with cost factor 12). Plaintext passwords are never logged.
• LinkedIn access tokens are encrypted at rest with AES-256.
• The VPS is hardened against the OWASP top 10 — input validation, parameterised queries, CSP headers, rate limiting on auth endpoints.
• Backups are encrypted and stored on Swiss infrastructure.

This is a personal project, not a regulated financial institution. If your threat model requires SOC 2 or ISO 27001, presens is not the right tool for you yet.

Children

Presens is not for anyone under 16. If you are under 16, please do not create an account. If we learn that we have collected data from a child under 16, the account will be deleted and the data removed.

Changes to this policy

If we change this policy in a way that materially affects you (new data collected, new third parties, longer retention), we'll email you at least 14 days before the change takes effect. Cosmetic changes (typos, clarifications) will just be updated here with a new "Last updated" date.

Contact

For any privacy question, write to contact@presens.me. I read every email.

See also: Terms of Service.