Privacy Policy
This Privacy Policy explains how AILabWerk collects, uses, discloses and protects personal data when providing AI implementation, consultancy and related services. It describes the categories of data processed, the purposes and legal bases for processing, retention practices, data sharing and the rights available to data subjects. The policy reflects current organisational and technical measures and will be updated as services evolve or legal requirements change.
Key definitions
The terms used in this policy are defined to provide clarity on the scope of data processing and the parties involved in delivering our services.
Data collection and categories
We collect data necessary to deliver contracted services, to operate our website and to comply with legal obligations. We limit collection to data categories relevant to specified purposes and apply retention policies proportionate to those purposes.
Data you provide directly
When you engage with AILabWerk or use our contact channels we may collect the following categories of information supplied by you or your organisation.
- Contact and identity details (name, role, business email, telephone and organisation).
- Project and technical requirements, business process descriptions and system architecture details necessary for implementation.
- Documents provided for evaluation or onboarding, such as data samples, contracts and policies.
- Billing and invoicing details required to process payments and administrative records.
- Communications and correspondence content platform by email, calls or collaboration platforms related to service delivery.
- Consents, permissions and preferences that you actively provide for marketing or optional features.
Data collected automatically
When you visit AILabWerk.pro or use our online tools we may collect technical and usage information automatically to maintain services, analyse performance and improve user experience.
- Device and browser information (type, version, operating system).
- IP addresses and geolocation data at a coarse level for security and analytics.
- Usage logs and interaction data (pages visited, timestamps, error reports).
- Cookies and similar identifiers used for session management and preferences.
- Performance metrics and telemetry from hosted prototypes or integrations (where authorised by client).
- Security event data required to detect, contribute and mitigate incidents.
Data received from third parties
In some projects we may receive data from third-party providers, partners or public sources when necessary to deliver the agreed services.
- Data processors and cloud providers engaged to host and process project data.
- Client-approved external data sources, APIs or third-party datasets used for enrichment or model training.
- Publicly available information aggregated from open registers or authoritative sources.
Purposes of processing
We process personal data for clear, documented purposes linked to service delivery, legal compliance and legitimate business operations.
- To deliver consultancy, design, development and integration of AI solutions under contractual terms.
- To manage client relationships, contracts, billing and operational communications.
- To secure and maintain IT infrastructure, detect fraud and contribute security incidents.
- To measure and improve service performance through analytics and controlled testing.
- To comply with legal obligations, regulatory requests and audit requirements.
- To provide support, training and knowledge transfer to client teams during and after deployment.
- To assess and manage commercial relationships, including due diligence and risk assessments.
- To communicate service updates, where communications are consistent with preferences and applicable law.
Legal bases for processing
Processing is conducted on one or more lawful bases as required by applicable data protection laws. The relevant basis depends on the specific processing activity and context.
- Performance of a contract: processing necessary to provide agreed services to clients.
- Legal obligation: processing required to meet statutory or regulatory duties.
- Legitimate interests: processing for operational needs, security and service improvement where these interests are balanced against data subject rights.
- Consent: where required for marketing communications, optional features or other specific processing activities.
Data protection and GDPR compliance
AILabWerk operates in consideration of EU and Swiss data protection principles. Data subjects have a set of rights applicable under GDPR and related Swiss laws.
- Right of access: obtain confirmation of whether personal data is processed and access a copy.
- Right to rectification: request correction of inaccurate or incomplete personal data.
- Right to erasure: request deletion where legal grounds allow, taking into account contractual and legal constraints.
- Right to restriction of processing: request limitation while disputes are resolved or on legal grounds.
- Right to data portability: obtain personal data in a structured, commonly used and machine-readable format where applicable.
- Right to object: object to processing based on legitimate interests or for direct marketing, subject to applicable law.
Cookies and similar technologies
We use cookies and similar technologies to enable website functionality, remember preferences and gather analytics. Purpose and scope are limited and documented.
Types include session cookies (temporary), persistent cookies (retain preferences), first-party cookies (AILabWerk domain) and third-party cookies (analytics and integrations).
Categories: strictly necessary (site operation), performance and analytics (usage insights), functional (preferences), and marketing (where explicit consent is given).
You can manage cookies via browser settings and, where provided, via the cookie banner on AILabWerk.pro. Blocking certain cookies may affect site functionality.
Read our Cookie Policy
Data sharing and recipients
We share personal data only with necessary parties to deliver services, always under contractual restrictions and appropriate safeguards.
- Service providers and subprocessors who perform hosting, analytics, billing or support services on our behalf.
- Affiliates and partners involved in joint delivery when agreed with the client.
- Legal authorities, regulators or courts when required by law or for legal defence.
- External consultants and auditors under confidentiality and data protection obligations.
- Potential acquirers or advisors in the context of a corporate transaction, subject to confidentiality and due diligence safeguards.
- Client-authorised third parties integrated into a project as specified in project agreements.
International data transfers
Data may be transferred to countries outside the European Economic Area or Switzerland where necessary for service delivery. Transfers are assessed and controlled in accordance with applicable data protection requirements.
Where transfers occur we apply safeguards such as Standard Contractual Clauses, data processing agreements and, where available, transfers to jurisdictions with an adequacy decision.
Data retention and deletion
Retention periods are defined according to the purpose of processing, contractual needs and legal obligations. We retain the minimum data required and securely delete or anonymise data when retention is no longer justified.
Account and contractual records are retained for the duration of the contract and for a limited period thereafter to meet administrative and legal requirements.
Communications and project correspondence are retained for operational and dispute-resolution purposes consistent with contractual obligations.
System logs and telemetry necessary for security and performance analysis are retained for a defined period and then securely deleted or archived.
Subject to contractual and legal constraints, data deletion requests are assessed and executed in a controlled manner. Certain information may be retained for compliance or legitimate interest reasons.
Security of personal data
AILabWerk applies organisational and technical measures to protect personal data against unauthorised access, disclosure, alteration or loss. Security is reviewed regularly and adapted to evolving risks.
- Encryption of data at rest and in transit where appropriate.
- Role-based access control, authentication and logging of privileged actions.
- Regular vulnerability assessments, patch management and incident response procedures.
Your data protection rights
To exercise your rights or make inquiries about personal data processing, please contact us using the details below. We will process requests in accordance with applicable legal timelines and verification requirements.
- Contact AILabWerk at the address or email provided to request access, rectification, restriction, deletion or portability of your personal data.
- If you consider our handling of your data does not comply with applicable law, you have the right to lodge a complaint with a competent supervisory authority.
- Right to data portability — receive a machine-readable copy of personal data you provided, where technically feasible, to transfer to another provider.
- Right to restriction of processing — request temporary limitation of processing where accuracy or lawfulness of processing is contested.
- Right to object — object to processing based on legitimate interests or direct marketing; we will review and, where applicable, stop the processing in question.
- Right to withdraw consent — you may withdraw consent for processing activities that rely on consent, without affecting prior processing lawfully performed.
- Right to lodge a complaint — if you consider processing to infringe applicable data protection law, you may submit a complaint to the competent supervisory authority in Switzerland.
- Right to be informed — receive clear information about what personal data we hold, the purposes of processing, and retention periods upon request.
How to exercise your privacy rights
Requests to access, correct, restrict or erase personal data may be submitted via the contact form on AILabWerk.pro/contact, by post to our office at Route du Lac 114, 1787 Mont-Vully, Switzerland, or by calling +41763513038. To protect privacy, we may require identity verification and additional details to process the request efficiently. Specify the right you are exercising and the data concerned for a timely review.
We aim to respond to verified requests promptly and typically within 30 calendar days of receipt. Complex or large-volume requests may require additional time; if so, we will inform you of any extension and the reasons for it.
Marketing communications
We use contact details provided by clients and prospects to send service information, product updates, and event invitations where lawful basis exists or consent has been given. Marketing communications are limited to relevant business communications about our AI implementation services, training, and events performed by AILabWerk.
Every marketing message includes an unsubscribe link. You may also stop marketing communications by updating your preferences in your account or contacting us via the form on AILabWerk.pro/contact or by calling +41763513038.
Children's privacy
AILabWerk provides services to businesses and is not directed at children. We do not intentionally collect personal data from individuals under 16. If we become aware that data from a child under 16 has been collected without appropriate parental consent, we will take steps to delete that information promptly.
Third-party links and content
Our website and services may include links to third-party sites, tools, or services. AILabWerk is not responsible for the content, privacy practices, or procedures of those external sites. Review third-party privacy policies before sharing personal information.
Policy changes
We review and may update this privacy policy periodically to reflect operational, legal, or regulatory changes. Material changes will be posted on AILabWerk.pro with an updated effective date. Continued use of our services after changes signifies acceptance of the revised policy.