Security and Privacy on GoldKurs.ch: Two-Factor Authentication, Data Protection and GDPR

Data security and privacy are critical for any platform handling financial portfolio data. GoldKurs.ch is hosted entirely in Switzerland and designed to meet Swiss and EU (GDPR) data protection standards.

Two-Factor Authentication (2FA)

Enable 2FA in Account Settings → Security → Enable Two-Factor Auth. Use any TOTP authenticator app (Google Authenticator, Authy, 1Password). Once enabled, every login requires your password plus a 6-digit code from your authenticator. Backup codes are provided at setup — store them securely offline.

SSL/TLS Encryption

All communication between your browser/app and GoldKurs.ch servers is encrypted with TLS 1.3. The SSL certificate is a DigiCert EV certificate. You can verify by clicking the padlock icon in your browser.

Data Hosting: Switzerland

All user data is stored on servers in Switzerland (data centre in Zurich). Swiss data protection law (revDSG) applies. No data is transferred to third countries without explicit user consent.

What Data Is Stored

GoldKurs.ch stores: your email address, encrypted password (bcrypt), subscription status, portfolio data you enter, AI conversation history (deletable in settings), and anonymised analytics (page views, feature usage — no personal identification). No payment card data is stored — all payment processing is handled by Stripe in their PCI-DSS-compliant environment.