www.janinehugo.com
Last updated: 12th February 2026
This Cookie Policy explains what cookies are, how this Website (www.janinehugo.com) uses them, what choices you have, and how to manage your preferences. It should be read alongside the Privacy Policy and Terms and Conditions, both accessible in the footer of this Website.
1. Introduction and Scope
Janine AI is an AI-powered career mentoring tool created and offered by Janine Hugo, an
individual based in Canton Vaud, Switzerland (“we”, “us”, or “our”). The Service is delivered
through the Coachvox platform operated by Coachvox Ltd.
This Privacy Policy explains how we collect, use, share, and protect your personal data when
you:
• create an account to use Janine AI,
• interact with the AI through chats or uploads, or
• visit any websites or landing pages we control.
We are fully committed to protecting your privacy in line with the Swiss Federal Act on Data
Protection (FADP). If you are located in the EU or EEA and the GDPR applies to your use of
the Service, we also align our practices accordingly.
Please note that Coachvox Ltd. operates the underlying platform and has its own privacy policy,which applies to certain platform-level activities. We recommend reviewing it alongside this
Policy: Coachvox Privacy policy.
We designed this Policy to be clear so you understand exactly what happens to your data and
your rights. If anything is unclear, contact us at janine.hugo@outlook.co.
2. Identity of the Controller
The Controller responsible for the processing of Personal Data in connection with Janine AI is:
Janine Hugo
Individual
Canton Vaud, Switzerland
Email: janine.hugo@outlook.com
Postal Address: 12 Chemin Du Crêt, Chavannes De Bogis, Switzerland, 1279
For privacy-related inquiries or to exercise your data protection rights, you may contact the
Controller using the details above.
For certain categories of processing, Coachvox Ltd. acts as processor or joint controller, as
described in Section 10 of this Policy.
3. Definitions
For the purposes of this Privacy Policy:
• “Personal Data” means any information relating to an identified or identifiable natural
person.
• “Processing” means any operation performed on Personal Data, including collection,
storage, use, disclosure, deletion, or analysis.
• “Controller” means the person or entity that determines the purposes and means of
processing Personal Data.
• “Processor” means a person or entity that processes Personal Data on behalf of a
Controller.
• “Joint Controllers” means two or more Controllers who jointly determine the purposes
and means of processing.
• “Account Data” refers to information provided during registration and account
management.
• “Conversation Data” refers to content entered by users during interactions with Janine
AI, including chat transcripts and uploaded documents.
• “Security Logs” refer to technical records such as IP addresses, timestamps, and
access logs maintained for platform integrity and security.
• “AI-Generated Content” refers to responses produced by Janine AI in reply to user
inputs.
4. Categories of Personal Data Collected
Depending on how you use the Service, we may process the following categories of Personal
Data:
4.1 Account Data
• Name
• Email address
• Encrypted password
• Subscription status
• Account settings
4.2 Conversation Data
• Chat inputs submitted to Janine AI
• AI responses
• Uploaded CVs, résumés, cover letters, and related documents
• Professional goals, career history, reflections, and related information voluntarily entered
by users
4.3 Payment and Billing Data
Payments are processed by Stripe. We do not store full credit card details. We may process subscription status, billing identifiers, and transaction confirmations necessary for the accountadministration.
4.4 Usage and Technical Data
• IP address
• Login timestamps
Session duration
• Device or browser information
• Feature usage data.
4.5 Cookies and Analytics Data
Analytics and tracking tools may include:
• Google Analytics
• Meta Pixel
• Microsoft Clarity
• Microsoft Advertising
These tools collect usage metrics and behavioural data in accordance with their respective
privacy policies.
4.6 Voluntarily Disclosed Sensitive Data
The Service does not intentionally request or require special category data (such as health data,
racial or ethnic origin, or political opinions). However, users may voluntarily disclose such
information in conversation inputs. Users are advised not to submit highly sensitive information
unless strictly necessary.
5. Sources of Personal Data
We collect Personal Data:
1. Directly from you, when you create an account, subscribe, upload documents, or
interact with Janine AI.
2. Automatically, through platform logs, analytics tools, and cookies.
3. From service providers, such as Stripe (payment confirmations) or Coachvox (platform
infrastructure data).
We do not purchase personal data from data brokers.
6. Third-Party Data Processors and Controllers
I work with a number of trusted third-party service providers to operate this Website and deliver services. Some of these providers process personal data on my behalf as data processors; others act as independent or joint controllers in their own right. Each is identified below:
6.1 Analytics and Tracking
- Google LLC (Google Analytics): Processes website usage data including IP address, pages visited, and session data. Data may be transferred to the United States. Google acts as a data processor. Safeguard: EU Standard Contractual Clauses (SCCs). For Google’s Privacy Policy, visit policies.google.com/privacy.
- Microsoft Corporation (Microsoft Clarity): Processes session recording and heatmap data. Data may be transferred to the United States. Microsoft acts as a data processor. Safeguard: SCCs. For Microsoft’s Privacy Statement, visit privacy.microsoft.com.
- Meta Platforms Ireland Ltd. (Meta Pixel): Processes data about Website visitors for advertising and retargeting purposes. Meta may act as a joint controller for certain processing activities. Safeguard: SCCs. For Meta’s Privacy Policy, visit facebook.com/privacy/policy.
6.2 Email and Automation
- [EMAIL PLATFORM]: Manages email subscriber lists, free resource delivery, and newsletter communications. Processes your name and email address on my behalf as a data processor. Transfer safeguards will be disclosed upon confirmation of the platform.
- Zapier Inc.: Provides workflow automation connecting email sign-up forms to subscriber management tools. Processes limited personal data (name, email) in transit. Acts as a data processor. Data may be transferred to the United States. Safeguard: SCCs. For Zapier’s Privacy Policy, visit zapier.com/privacy.
6.3 Coachvox Ltd. — Janine AI
Coachvox Ltd. operates the platform on which Janine AI is built and hosted. The following data controller and processor roles apply in respect of Janine AI:
- Coachvox Ltd. acts as data controller for creator account data (my account and subscription with Coachvox);
- Coachvox Ltd. acts as data processor for end-user account data (your name, email, and account details if you create a Janine AI account);
- Coachvox Ltd. and I act as joint controllers in respect of chat content — the conversations you have with Janine AI;
- Coachvox Ltd. acts as independent controller for its own security logs and platform analytics.
User data within the Janine AI platform is hosted on Amazon Web Services (AWS) infrastructure, with data stored in the United States and the European Economic Area. International transfers are covered by Standard Contractual Clauses. For full details, please review Coachvox’s Privacy Policy at coachvox.ai/privacy/.
As joint controller for chat content, my role is limited to reviewing completed conversation transcripts for quality improvement and service enhancement purposes. I do not monitor conversations in real time.
6.4 Amazon
Amazon acts as an entirely independent controller in respect of any book purchase made through its platform. I have no access to your Amazon account data, payment information, or purchase history. Amazon’s own Privacy Notice governs all data collected in connection with your use of the Amazon platform.
7. Legal Bases for Processing
7.1 Under the Swiss Federal Act on Data Protection (FADP)
We process Personal Data in accordance with the Swiss Federal Act on Data Protection
(FADP). In practice, this means we process data where necessary for contract performance,
where our legitimate interests do not override the personality rights of data subj
Personal Data may be processed where
• It is necessary for the performance of a contract (e.g., delivering the Janine AI service);
• It serves a legitimate interest that does not override the fundamental rights of the data
subject (e.g., improving service quality, preventing fraud);
• The data subject has provided consent (e.g., for optional analytics or marketing
communications, where applicable).
• Article 6(1)(b) GDPR – Performance of a contract;
• Article 6(1)(f) GDPR – Legitimate interests (service optimisation, security);
• Article 6(1)(a) GDPR – Consent, where required;
For users located in the EU/EEA, processing is based on:
7.2 Under the GDPR (Where Applicable)
For users located in the EU/EEA, processing is based on:
• Article 6(1)(b) GDPR – Performance of a contract;
• Article 6(1)(f) GDPR – Legitimate interests (service optimisation, security);
• Article 6(1)(a) GDPR – Consent, where required
• Article 6(1)(c) GDPR – Compliance with legal obligations, where applicable
Where consent is relied upon, users may withdraw consent at any time without affecting the
lawfulness of processing carried out prior to withdrawal.
8. AI Transparency and Automated Processing
Janine AI is an AI-based digital career mentoring system that generates responses to user
inputs using machine learning models and structured training parameters configured by the
Creator via the Coachvox platform.
8.1 Nature of AI Processing
When a user submits input (e.g., career history, professional goals, interview preparation
queries), the system:
• Analyses textual inputs,
• Applies model logic and configured safeguards,
• Generates AI-produced guidance responses.
The system operates autonomously at the moment of interaction.
8.2 Influence on Decisions
Janine AI may meaningfully influence professional or career-related decisions (e.g., job
transitions, negotiation strategies, résumé drafting). However:
• It does not make legally binding decisions.
• It does not determine eligibility for employment.
• It does not produce automated decisions that have legal or similarly significant effects
within the meaning of applicable data protection law.
Users remain solely responsible for decisions taken based on AI outputs
8.3 Human Oversight
The Creator does not monitor conversations in real time and does not pre-approve responses
before delivery. However:
• Completed chat transcripts may be reviewed after the interaction,
• Review may occur for quality improvement, safety, or issue resolution,
• Users may request clarification or raise concerns regarding AI outputs
Users remain solely responsible for decisions taken based on AI outputs
8.4 Safeguards
Safeguards include:
• Platform-level security controls,
• Content moderation mechanisms,
• No fine-tuning of AI models on personal data,
• Limited access controls for transcript review.
9. Data Protection Impact Assessment (DPIA)
Under the Swiss Federal Act on Data Protection (rev. 2023), high-risk processing activities
require a documented Data Protection Impact Assessment (DPIA).
Given that Janine AI involves:
• Use of new AI technologies,
• Profiling based on user-submitted career data,
• Potential influence on professional decisions,
A DPIA will be conducted prior to or in connection with full public deployment of the Service.
The DPIA will:
• Describe the nature and scope of processing,
• Assess potential risks to personality and fundamental rights,
• Document technical and organisational safeguards,
• Determine whether residual risk remains high.
If the DPIA identifies residual high risk to the personality or fundamental rights that cannot be
sufficiently mitigated, we will consult the Federal Data Protection and Information Commissioner
(FDPIC) as required by law. A summary of the DPIA findings and the main safeguards will be
made available upon legitimate request
The DPIA also considers risks arising from transfers of Personal Data outside Switzerland,
including safeguards implemented with Coachvox infrastructure providers
The DPIA also considers risks arising from transfers of Personal Data outside Switzerland,
including safeguards implemented with Coachvox infrastructure providers
DPIA documentation is maintained internally and is not published in full but may be summarised
upon lawful request
10. Allocation of Roles: Controller, Processor and Joint Controller
Because Janine AI operates on the Coachvox platform, different categories of data involve
different legal roles
For account data access, rectification or deletion requests, please contact the Creator (see
Section 2). For requests relating to Conversation Data, you may contact either the Creator or
Coachvox; whichever party receives your request will coordinate with the other as necessary to
provide a timely response.
10.1 Account Data
For user account registration data (name, email, password, subscription status):
• The Creator acts as Controller.
• Coachvox acts as Processor, processing such data strictly on the Creator’s instructions
10.2 Conversation Data
For AI chat content and related metadata:
• The Creator and Coachvox act as Joint Controllers, as both determine the purposes
and means of processing conversation data (e.g., service delivery, platform safety,
quality improvement).
Users may exercise their rights by contacting either party. Requests received by one party may
be coordinated with the other where necessary.
For account data, requests should be directed to the Creator. For conversation data, users may contact either party
10.3 Platform Security Logs
For platform-level security, fraud monitoring, and abuse detection logs:
• Coachvox acts as an Independent Controller.
10.4 Payment Data
Stripe acts as an independent controller for payment processing data under its own privacy
policy.
11. Processors and Service Providers
We may share Personal Data with trusted service providers acting under contractual
confidentiality and data protection obligations.
These include:
• Stripe (payment processing)
• Coachvox (AI infrastructure and hosting)
• Amazon Web Services (cloud infrastructure)
• Google (analytics infrastructure)
• Meta (advertising analytics)
• Microsoft Clarity and Microsoft Advertising (usage analytics)
• Zapier (workflow automation)
Service providers process data only for specified purposes and subject to contractual
safeguards consistent with applicable data protection laws.
Coachvox does not provide a publicly available sub-processor list. However, its privacy policy
identifies categories of infrastructure providers used.
Coachvox’s infrastructure is predominantly located in the US and EEA. While regional storage
selection is not configurable at the account level, appropriate safeguards such as Standard
Contractual Clauses are relied upon. Users acknowledge that Coachvox does not provide an
exhaustive sub-processor list.
For information on international transfers of data processed by Coachvox infrastructure
providers, see Section 12.
12. International Data Transfers
Personal Data may be transferred to and stored in countries outside Switzerland, including:
• Member States of the European Economic Area (EEA),
• The United States of America.
Data is hosted primarily via cloud infrastructure providers including AWS and Google.
12.1 Safeguards
Where transfers occur outside Switzerland or the EEA:
• Appropriate safeguards are implemented,
• These may include Standard Contractual Clauses or equivalent mechanisms under
applicable data protection law.
Coachvox is not certified under the EU–US Data Privacy Framework and does not rely on such
certification.
12.2 Transfer Risk Transparency
While contractual safeguards are implemented, international transfers may involve jurisdictions
with different data protection standards. We assess such risks proportionately and rely on
encryption, access controls, and contractual protections to mitigate exposure. Users
acknowledge that cross-border processing is necessary for the provision of the Service. A copy
of the contractual safeguards (e.g., Standard Contractual Clauses or equivalent measures)
applied to international transfers is available on request from the contact in Section 2.
Transfers to the United States occur to a jurisdiction that may not provide an equivalent level of
data protection under Swiss law.
13. Data Retention
Personal Data is retained only as long as necessary for the purposes described in this Policy.
13.1 Active Accounts
Account data is retained for the duration of the subscription relationship.
13.2 Closed Accounts
Upon account termination:
• Account data may be retained for up to 24 months for reactivation or dispute resolution,
• Thereafter securely deleted or anonymised unless required by law.
13.3 Conversation Data
Chat transcripts and uploaded documents:
• Retained while the account remains active,
• May be deleted upon verified request,
• May be retained for up to 12 months post-termination unless earlier deletion is
requested,
• Subject to minimal retention where required for legal defence.
13.4 Payment Records
Billing and accounting records may be retained for up to 10 years where required by Swiss tax
and accounting law.
13.5 Security Logs
Security logs may be retained for up to 12 months for fraud prevention and platform integrity.
Retention periods may be extended where legally required or reasonably necessary to
establish, exercise, or defend legal claims.
14. Security Measures
We implement appropriate technical and organisational measures to protect Personal Data,
including:
• Encryption in transit (TLS) and at rest,
• Access controls based on least privilege,
• Password hashing and secure authentication,
• Platform-level monitoring and intrusion detection,
• Regular review of access permissions,
• Contractual data protection obligations with service providers.
While no system can guarantee absolute security, reasonable measures are implemented
proportionate to the sensitivity and volume of data processed.
Users are responsible for maintaining the confidentiality of their login credentials.
15. Confidentiality of AI Conversations
All Conversation Data submitted to Janine AI is treated as confidential.
15.1 Access to Conversations
Conversation Data may be accessed:
• By the Creator, after completion of the interaction, for quality improvement and service
refinement;
• By Coachvox personnel where necessary to maintain platform functionality, investigate
abuse, or provide technical support;
• Where legally required by competent authorities.
The Creator does not monitor conversations in real time and does not intervene during live AI
interactions.
15.2 Purpose Limitation
Conversation Data is accessed only for:
• Delivering and improving the Service;
• Addressing user concerns or complaints;
• Ensuring safety and platform integrity.
Conversation Data is not sold or commercially licensed.
15.3 Legal Exceptions
Confidentiality may be limited where:
• Disclosure is required by law;
• There is a serious and immediate risk of harm;
• Necessary to establish, exercise, or defend legal claims.
16. Special Category Data and Sensitive Information
The Service is not designed to intentionally collect or process special category data under Swiss
or EU law, including:
• Health information,
• Racial or ethnic origin,
• Political opinions,
• Religious beliefs,
• Biometric data,
• Trade union membership.
Users are advised not to submit highly sensitive personal information unless strictly necessary
for the context of career mentoring.
If sensitive information is voluntarily disclosed in conversation inputs:
• It will be processed only as part of delivering the requested service;
• No automated profiling based specifically on special category data is conducted;
• No separate enrichment or classification of such data occurs.
Sensitive data as defined under Swiss law includes data relating to health, religious or political
views, and other aspects of a person’s intimate sphere.
17. Children and Age Restrictions
Janine AI is intended for use by adults.
Individuals under the age of 18 are not permitted to use the Service.
We do not knowingly collect Personal Data from minors. If we become aware that a minor has
provided Personal Data:
• The account will be suspended or deleted,
• Data will be removed unless legally required to retain it.
Parents or guardians who believe a minor has submitted Personal Data may contact us for
prompt review
18. Cookies and Tracking Technologies
The Service uses cookies and similar tracking technologies for operational, analytical, and
marketing purposes.
18.1 Types of Cookies Used
• Essential cookies – Required for authentication and core functionality.
• Analytics cookies – Google Analytics, Microsoft Clarity.
• Advertising cookies – Meta Pixel, Microsoft Advertising.
18.2 Purpose
Cookies are used to:
• Measure usage and engagement,
• Improve performance,
• Detect abuse,
• Optimise service delivery.
18.3 Consent and Control
Where required under applicable law:
• Users are presented with a cookie consent mechanism;
• Non-essential cookies are deployed only upon consent;
• Users may withdraw consent via browser settings or available preference tools.
Third-party analytics providers process data in accordance with their own privacy policies.
19. Marketing Communications
At launch, Janine AI does not operate a standalone marketing mailing list.
Communications sent to users are limited to:
• Account notifications,
• Service updates,
• Subscription and billing messages,
• Important policy updates.
If marketing communications are introduced in the future:
• They will be based on consent or legitimate interest as appropriate;
• Users will have a clear opt-out mechanism;
• This Policy will be updated accordingly.
20. Rights of Users Under Swiss Law
Under the Swiss Federal Act on Data Protection, users have the following rights:
20.1 Right of Access
To obtain confirmation whether Personal Data is being processed and receive a copy.
20.2 Right to Rectification
To correct inaccurate or incomplete Personal Data.
20.3 Right to Erasure
To request deletion of Personal Data where no overriding legal obligation requires retention.
20.4 Right to Restrict Processing
To limit processing under certain circumstances.
20.5 Right to Data Portability
To receive Personal Data in a structured, commonly used format where technically feasible.
20.6 Right to Object
To object to processing based on legitimate interests.
20.7 Right Regarding
Automated Processing
Where applicable, to request human review if automated processing significantly affects them.
Requests may be submitted to the contact email listed in Section 2.
Users also have the right to lodge a complaint with the competent supervisory authority in
Switzerland, the:
Federal Data Protection and Information Commissioner
21. Additional Rights for EU/EEA Users (GDPR Overlay)
Where the GDPR applies, users located in the EU/EEA benefit from additional rights including:
• Right to withdraw consent at any time;
• Right to object specifically to direct marketing;
• Right to lodge a complaint with their local supervisory authority;
• Right to request restriction of processing;
• Right to request erasure under Article 17 GDPR.
Requests will generally be responded to within one month, unless complexity requires an
extension as permitted by law.
Where Janine AI processes data jointly with Coachvox, requests relating to conversation data
may be handled in coordination between both parties.
22. Data Breach Notification
We maintain procedures designed to detect, investigate, and respond to personal data
breaches.
A “data breach” includes any breach of security leading to the accidental or unlawful destruction,
loss, alteration, unauthorised disclosure of, or access to Personal Data.
If we become aware of a personal data breach that is likely to result in a high risk to the
personality or fundamental rights of individuals, we will notify the Federal Data Protection and
Information Commissioner (FDPIC) and affected individuals as soon as possible in accordance
with Article 24 FADP and the FDPIC guidelines.
22.1 Notification to Swiss Authorities
Where a data breach is likely to result in a high risk to the personality or fundamental rights
of individuals, we will notify the competent Swiss supervisory authority — the Federal Data
Protection and Information Commissioner — as soon as possible, in accordance with the
Swiss Federal Act on Data Protection.
22.2 Notification to Affected Individuals
Where required by law, affected individuals will be informed if the breach is likely to result in a
high risk to their rights or if notification is necessary for their protection.
Notification may not be required where:
• Appropriate technical and organisational safeguards (such as encryption) render the
data unintelligible to unauthorised persons;
• Subsequent measures eliminate the high risk;
• Notification would involve disproportionate effort and alternative public communication is
used.
22.3 Coordination with Coachvox
Where a breach involves systems operated by Coachvox:• Coachvox and the Creator will coordinate investigation and response;
• Responsibilities will be allocated in accordance with contractual arrangements;
• Joint controller obligations will be fulfilled proportionately.
23. Business Changes and Structural Transitions
Janine AI is currently operated by an individual based in Switzerland.
In the event of:
• Incorporation into a GmbH or AG,
• Business restructuring,
• Asset transfer,
• Merger or acquisition
Personal Data may be transferred to a successor entity, provided that:
• The successor continues to process Personal Data in accordance with this Privacy Policy (or
an updated equivalent);
• Appropriate safeguards remain in place;
• Users are notified of material changes where required by law.
Personal Data will not be sold independently of the business.
24. Updates to This Privacy Policy
This Privacy Policy may be updated from time to time to reflect:
• Legal developments,
• Regulatory guidance,
• Platform changes,
• Expansion of services or integrations,
• Risk assessment outcomes.
When material changes are made:
• The “Last updated” date will be revised;
• Users may be notified via email or in-platform notification where appropriate.
Continued use of the Service after updates become effective constitutes acknowledgment of the
revised terms, subject to applicable legal requirements.
25. Contact and Complaints
If you have any questions, concerns, or requests relating to this Privacy Policy or the processing
of your Personal Data, you may contact:
Janine Hugo
Individual
Canton Vaud, Switzerland
Email: janine.hugo@outlook.com
Postal Address: 12 Chemin Du Crêt, Chavannes De Bogis, Switzerland, 1279
Requests to exercise data protection rights should be submitted in writing using the contact
details above.
Where Conversation Data is processed jointly with Coachvox Ltd., users may alternatively
contact:
Coachvox Ltd.
Email: hello@coachvox.com
If you believe that your Personal Data has been processed in violation of applicable Swiss data
protection law, you have the right to lodge a complaint with the competent supervisory authority:
Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1
3003 Bern
Switzerland
Website: https://www.edoeb.admin.ch
Users located in the European Union or European Economic Area may also lodge a complaint
with the data protection authority in their country of residence, where applicable.