Privacy Policy
Last updated: April 2026
AVD Technologies, operating the NextAuto platform (nextauto.ch), is committed to protecting your personal data in accordance with the Swiss Federal Act on Data Protection (FADP) and, where applicable, the General Data Protection Regulation (GDPR).
1. Data controller
AVD Technologies — NextAuto (nextauto.ch) — Switzerland — privacy@nextauto.ch
2. Data collected
We collect the following data: account information (name, email address, account type), profile data (phone number, location, garage name if applicable), published content (vehicle listings, photos, descriptions), messages exchanged between users, payment data (processed by Stripe, not stored directly by NextAuto), browsing data (IP address, pages visited, browser type).
3. Legal basis for processing
We process your data on the following legal bases: performance of a contract (account creation, listing publication, payments), legitimate interest (platform security, fraud prevention, service improvement), legal obligation (accounting retention), consent (non-essential cookies).
4. Retention periods
Account data: duration of registration + 1 year after account deletion. Listings: publication period + 6 months. Messages: 2 years. Payment data: 10 years (Swiss accounting obligations). Navigation logs: 12 months.
5. Your rights (FADP art. 25 et seq.)
Under the FADP, you have the following rights: right of access to your personal data, right to rectification of inaccurate data, right to erasure ('right to be forgotten'), right to data portability in a machine-readable format, right to object to processing based on legitimate interest. To exercise these rights, contact privacy@nextauto.ch. We respond within 30 days.
6. Sub-processors
Supabase Inc. (database and authentication, USA — standard contractual clauses), Vercel Inc. (hosting, USA — standard contractual clauses), Stripe Inc. (payments, USA — PCI-DSS certified), Resend (transactional emails, USA).
7. Cookies
NextAuto uses only technical cookies necessary for the platform to function (authentication session). No third-party advertising cookies are used. Session cookies expire when the browser is closed or after 7 days.
8. Security
Data is encrypted in transit (TLS 1.3) and at rest. Internal access is restricted on a least-privilege basis. Any data breach will be reported to the Swiss Federal Data Protection and Information Commissioner (FDPIC) as required by the FADP.
9. DPO contact
For any privacy-related questions or to exercise your rights, contact our Data Protection Officer: privacy@nextauto.ch