General Information

Definitions

This section explains the main terms we use throughout the privacy policy so you know what we mean when we describe data practices.

Purposes of Processing

We process personal data for specific business and operational purposes. Each purpose is supported by an appropriate legal basis and safeguards.

• To provide and maintain the VisionRAI service, including account setup and technical support
• To manage billing, invoicing and collection of fees for purchased services
• To communicate with users about service updates, security notices and administrative matters
• To analyse usage, improve features and develop new automation and AI capabilities
• To protect the platform’s security, detect and prevent fraud or misuse
• To personalise user experience where users opt in to such personalization
• To comply with legal obligations, respond to lawful requests and enforce agreements
• To perform internal research and business planning in a manner that preserves privacy and confidentiality

Legal Basis for Processing

We rely on one or more lawful bases to process personal data depending on the processing activity and applicable law.

• Performance of a contract: processing necessary to deliver services you request
• Consent: where you have given clear permission for a specific purpose (e.g., marketing)
• Legitimate interests: for operational needs such as fraud prevention and service improvement, balanced against individual rights
• Legal obligation: to comply with statutory duties such as tax and accounting requirements
• Vital interests or public interest where applicable and narrowly defined by law

Your Rights Under Applicable Data Protection Law

Depending on your jurisdiction, you may have several rights regarding your personal data. We describe the main rights and how to exercise them below.

• Right of access — request a copy of the personal data we hold about you
• Right to rectification — request correction of inaccurate or incomplete data
• Right to erasure — request deletion of personal data where there is no overriding legal reason to retain it
• Right to restriction of processing — request limitation of processing in certain circumstances
• Right to data portability — receive personal data in a structured, commonly used format where applicable
• Right to object — object to processing based on legitimate interests or marketing purposes

Cookies and Tracking

We use cookies and similar technologies to ensure the website functions correctly, to remember preferences and to collect analytics data. You can manage cookie preferences through the banner and your browser settings.

Types include session cookies, persistent cookies, first-party and third-party cookies and tracking pixels used for analytics and performance measurement.

Common categories: strictly necessary, preferences, statistics and marketing. Strictly necessary cookies are required for core functionality and cannot be disabled for the site to work.

You may control cookies using the cookie banner displayed on VisionRAI.pro and by adjusting browser settings to block or delete cookies. Opt-out choices for analytics and marketing can also be managed in your account settings where available.

View full Cookie Policy

Data Sharing

We share personal data only as necessary to provide services, with service providers, affiliates and when required by law. We limit sharing and require partners to provide adequate protections.

• Service providers and subcontractors that perform processing on our behalf (e.g., hosting, analytics)
• Affiliated companies and business partners to support shared services
• Payment processors for billing and fraud prevention
• Legal and regulatory authorities in response to lawful requests
• Prospective buyers or advisors in the event of a merger, acquisition or sale of assets
• Professional advisers, auditors and security specialists when necessary

International Data Transfers

Personal data may be transferred to and processed in countries outside Switzerland or the European Economic Area. Where transfers occur, we implement appropriate safeguards to protect personal data in accordance with applicable law.

Safeguards include reliance on adequacy decisions, standard contractual clauses, encryption, restricted access controls and agreements with service providers that mandate appropriate data protection measures.

Data Retention

We retain personal data only as long as necessary to fulfill the purposes described, to comply with legal obligations and to resolve disputes. Retention periods vary by data type and purpose.

Account and contract-related information is retained for the duration of the business relationship and thereafter as required by tax and commercial law to meet statutory retention obligations.

Support tickets and communications are retained for operational needs and dispute resolution; typical retention is up to 2 years unless a longer period is required for legal reasons.

System logs and diagnostic records are kept for a limited period to support security, troubleshooting and performance monitoring; retention periods are defined to balance operational needs and privacy.

When data is no longer required we delete or anonymize it in accordance with our deletion procedures. Backup copies may persist for a limited period for disaster recovery purposes.

Security Measures

We maintain organisational, technical and physical measures designed to protect personal data against unauthorized access, alteration, disclosure or destruction. Measures are periodically reviewed and updated as technology and risks evolve.

• Encryption in transit (TLS) and at rest for sensitive data; regular security testing and vulnerability management
• Role-based access controls, employee training, contractual restrictions for subprocessors and periodic audits
• Access controls and role-based permissions are enforced on production systems to limit data visibility to authorized staff only. All privileged actions are logged for audit and reviewed periodically to detect anomalies.
• Regular backups and encrypted storage protect against data loss, while a documented incident response plan ensures swift, coordinated action in the event of a security incident or data breach.

Your data rights

You have a set of rights regarding the personal data we process. These rights help you control what we collect, how we use it, and how long we retain it. Requesting any of these options is straightforward and handled in line with applicable Swiss data protection principles.

• Right to access: You can request a copy of personal data we hold about you and information about how it is processed.
• Right to correction: If information we hold is inaccurate or incomplete, you may request updates or corrections.
• Right to deletion: Where retention is no longer necessary or processing lacks legal basis, you may request removal of your personal data.
• Right to restrict processing: You may ask us to limit how we use certain personal data while a dispute or verification is in progress.
• Right to data portability: When processing is based on consent or contractual necessity and carried out by automated means, you may request your data in a structured, commonly used format.
• Right to object: You may object to specific processing activities based on our legitimate interests, in accordance with applicable law.
• Right to withdraw consent: Where we rely on consent for processing, you may withdraw that consent at any time without affecting processing prior to withdrawal.
• Right to lodge a complaint: If you believe your rights are not respected, you may contact our data protection contact or file a complaint with the competent supervisory authority in Switzerland.

How to submit a rights request

To submit a request concerning your personal data, contact our Privacy Officer with a clear description of the request and any required identification details. We will confirm receipt and may ask for additional information to verify your identity before processing the request.

[email protected]

We aim to respond to verifiable requests within 30 days. Complex requests may require additional time; in such cases we will inform you of an extended timeframe and the reasons for the delay.