Privacy Policy

Last update: 01/12/2022

This Privacy Policy explains how Magic Heidi (“Magic Heidi”, “We”, “Us”) collects and uses information about you when you access or use our mobile application, website, and other online products and services (collectively, the “Services”).

As a Swiss company, we know how important privacy is and how much protecting and keeping our customer data private matters. We appreciate that you trust us with your information and we intend to always keep that trust.

Privacy is a core principle in the development of Magic Heidi. We intend to collect and process your personal data only for purposes that benefit you, the end-user, and to be transparent in our data management practices. We do not sell, rent, release, disclose, or otherwise communicate in any way your personal information to another company for monetary or other valuable consideration.

1. Where this Privacy Policy applies

This Privacy Policy applies to the mobile application Magic Heidi (the “App”) and the website https://magicheidi.ch/ (the “Website”).

When first accessing the App, you will be prompted to read and accept our Terms of Service and Privacy Policy. The usage of the App and the processing of your data is regulated under those two documents, and you can’t use the App without expressly consenting to those two documents.

2. Data collected

It goes without saying that, as an invoice management application, it is in the primary purpose of Magic Heidi to collect and store some business data. Our responsibility is to ensure the confidentiality and security of your data. The data that you provide us or that is collected is described below. Note that the data is yours and we do not monitor the content that you submit to the App.

Invoice data, such as products and services you are billing your clients.

Client data, as your client's address and company name.

Personal data such as your IBAN and personal address.

All of this data is collected only to make it possible to generate legally compliant invoices.

3. Usage of your data

The main reason we use your data is to deliver and improve our Services. The ways in which we use your personal data are detailed below:

  • To create and manage your account, based on your action of opening an account on the App
  • To provide you with the products, services, or information you request, based on our contractual relationship
  • To meet or fulfill the reason you provided the information to us
  • To provide technical support, customer support, troubleshooting, and other assistance for the App, in order to deliver the service
  • To improve the App, including testing, research, internal analytics, and product development
  • To personalize the App based on your preferences
  • To do fraud protection, security, and debugging for security reasons
  • To notify you about updates or changes to App features and content, or other important information
  • To send you emails and other communication according to your preferences, based on your consent
    In addition to the points above, the personal information you provide us in the context of a specific program or survey can be used for the purpose of the program or survey for which they have been collected.

4. Data disclosure

We do not sell, rent, release, disclose, or otherwise communicate in any way your personal information to any other entity or company for monetary or other valuable consideration. However, we rely on third parties to help us operate and improve our Services. These third parties assist us with various tasks, including data hosting and maintenance, communication, and payment processing. The third parties we rely on and their function in our Services are described in the next section.

5. Sharing of personal data with other parties

In order to provide you with our Services, we are partnering with third parties, in particular:

  • Firebase is used for authentication, data hosting, and data synchronization across devices.
  • Google Cloud is used for storing files (images, audio files, etc…) and sending emails.
  • RevenueCat (RevenueCat, Inc.) is used for managing purchases and subscriptions.
    Twilio SendGrid (Twilio, Inc.) is used for sending emails.
  • Mixpanel is used for analytics.

We require such third parties, who may be based outside the country from which you have accessed the Services, to comply with all relevant data protection laws and security requirements in relation to your personal data, usually by way of contract.

6. Data retention and erasure

Your personal data will only be stored and processed for as long as required by the purpose they have been collected for, i.e. to allow you to use our Services.

The App includes an option to delete your account, which will permanently and irrevocably delete all the personal data we have collected about you. Information regarding the usage of the app will be kept but anonymized.

7. Access to your data

You can ask us to see a copy of the data we have collected about you. Depending on the jurisdiction, this may be called right of access, right of portability, or variations of those terms. You may also ask for the deletion of your data or object to a specific processing. To request this, please contact us using the contact information at the bottom of this page. You may request this information multiple times but if overused, we reserve the right to decline it or ask for compensation.

8. Security

Most features of the App are provided by popular services with high-security standards. We work hard to protect you from unauthorized disclosure, alteration, or destruction of your personal information. Our App uses encryption, and access to your data is only granted on a need-to-know basis to individuals with confidentiality obligations. We regularly monitor our systems for possible vulnerabilities and attacks and regularly review our information collection, storage and processing practices to update our security measures. We may suspend your use of all or part of the services without notice if we suspect or detect any breach of security or any other violation of our terms and policies. If you believe that your account or information is no longer secure, please notify us immediately. Please keep in mind that you are responsible to decide what content you wish to share/upload on the App.

9. California Resident Rights (CCPA)

If you are a California resident, you have rights defined by the California Consumer Privacy Act (CCPA). In practice, our Privacy Policy already includes such rights for all our customers. Please read the sections above to understand your rights of erasure and access.

We do not sell your personal information so no opt-out choice is necessary. What this means is that we do not sell, rent, release, disclose, disseminate, make available, transfer, or otherwise communicate in any way your personal information to another company for monetary or other valuable consideration.

10. European Union Data Subject Rights (GDPR)

If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway or Iceland, you have rights defined by the General Data Protection Regulation (GDPR). In practice, our Privacy Policy already includes such rights for all our customers. Please read the sections above to understand your rights of erasure and access.

11. Changes to this Privacy Policy

We’re constantly trying to improve our services, so we may need to change this Privacy Policy from time to time, but we will alert you to any such changes by placing a notice on the Oniri website, by sending you an email or by some other means. Please note that if you’ve opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your usage of the App, and you are still responsible for reading and understanding them. If you use the App after any changes to the Privacy Policy have been posted, that means you agree to all of the changes. The usage of information we collect is subject to the Privacy Policy in effect at the time such information is collected.

12. Contact

If you have any question, suggestion, or request regarding our Privacy Policy or your rights towards your data, do not hesitate to contact us at hello@magicheidi.ch.

Magic Heidi is a Swiss brand owned by Nathan Ganser.

This document is part of our general Terms of Service.