Back to Home

Privacy Statement

Aurum Avis Labs GmbH, July 2025

We, Aurum Avis Labs GmbH, Terrassenweg 9, 6315 Oberägeri, operate the website https://www.aurum-avis-labs.ch and are the provider of the services offered on the website. We are therefore considered the data controller responsible for the collection, use, and processing of your data.

Below, we explain whether and how we process your data:

Data Processing, Storage, Deletion

We only process personal data that we collect directly through our website, associated applications, external platforms, so-called “landing pages,” or within the context of business relationships with our customers and other business partners. Processing takes place only if there is explicit consent or a legal basis for doing so — for example, to fulfill a contract, comply with legal obligations, or based on our legitimate interests.

Within the scope of your consent, we only process your data within the boundaries of that consent, unless one of the following legal bases applies. Please note explicitly that you may revoke your consent at any time; however, any data processing lawfully carried out before the revocation remains unaffected.

The following legal bases may apply:

  • Consent of the data subject;
  • Fulfillment of a contract with the data subject or pre-contractual measures at the request of the data subject;
  • Fulfillment of legal obligations of our company;
  • Performance of a task carried out in the public interest;
  • Legitimate interests of our company, provided that the interests or fundamental rights of the data subject do not override them.

We delete personal data as soon as the purpose for which it was collected has been fulfilled and there is no further necessity for its continued storage. However, in some cases, we are legally obligated to retain data for longer periods. This applies in particular to legal requirements under Swiss or European law in areas such as contract and tax law or commercial accounting. For example, business records, contracts, and accounting documents must be retained for a period of 10 years. Personal data stored solely for legal reasons and no longer required for service provision will be blocked and used only for accounting and tax purposes.

Disclosure to Third Parties

In the course of fulfilling a contract, the use of third-party services may be required. In this context, it may become necessary to pass on data to external service providers to ensure proper contractual performance. The legal bases for such data transfers correspond to those of lawful processing and are detailed in the section above.

We ensure, through contractual agreements, that third parties tasked with data processing comply with applicable data protection regulations. In some cases, we may also be legally or judicially obligated to disclose data to government authorities or third parties.

Provision of Our Services and Creation of Log Files

Each time our website is accessed, our system automatically collects data and information from the accessing device. The following data may be collected:

  • Browser type and version
  • Operating system used
  • IP address
  • Internet service provider
  • Date and time of access

This data is stored in so-called log files on our server. It is not stored together with other personal data and therefore cannot be directly associated with a specific person.

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s device. To do this, the IP address must remain stored for the duration of the session.

Storage in log files is done to ensure the functionality of the website. Additionally, the data helps us to optimize the website and ensure the security of our IT systems. An evaluation of the data for marketing purposes does not take place in this context.

The collection and temporary storage of data in log files is based on our legitimate interest in ensuring the stability, security, and technical reliability of our website. Since this data is essential for the operation of the website, there is no option for objection on the part of the user.

Cookies, Tracking and Other Technologies

We use cookies and comparable technologies on our website. Cookies are small text files that are stored by your browser and allow for a unique identification of your browser upon a return visit to our website. They store and transmit display settings as well as login information in order to make our website user-friendly and secure. The use of cookies is based on the legitimate interests of our company in optimizing our website.

You have control over the use of cookies: by adjusting your browser settings, you can disable or restrict the transmission of cookies and delete already stored cookies at any time. However, please note that disabling cookies may limit the functionality of our services.

When visiting our website, you will be informed via a cookie banner, through which you can grant your consent to the use of cookies. This consent serves as the legal basis for the use of those cookies that are required for the full utilization of our services.

Tools, Applications and Other Technologies Used

GitHub

We use the GitHub platform for managing our source code and partially for the delivery of our services. GitHub is operated by GitHub, Inc., 88 Colin P. Kelly Jr. St., San Francisco, CA 94107, USA; in Europe, the responsible entity is GitHub B.V., Prins Bernhardplein 200, 1097 JB Amsterdam, Netherlands. GitHub is a version control and hosting platform.

When accessing our repositories or other content on GitHub, or when visiting a website hosted via GitHub Pages, GitHub collects certain technical data about your device. According to GitHub’s documentation, the IP address of visitors to a GitHub Pages site is logged and stored for security purposes. GitHub also collects usage data such as IP address, device and session information, time of access, and the pages visited in order to ensure the proper functioning of the service. If you log in with your GitHub account, GitHub also processes the account data you have provided there.

The data processing may also take place in the United States. For the transfer of personal data to third countries, GitHub relies on the European Commission’s Standard Contractual Clauses and participates in the EU-U.S. Data Privacy Framework to ensure an adequate level of data protection.

The legal basis for using GitHub is our legitimate interest in efficient software development and the secure provision of our services. In cases where you log in using your GitHub account or use other interactive features, the processing is based on your consent.

Further information about GitHub’s data processing is available at: https://docs.github.com/de/site-policy/privacy-policies/github-general-privacy-statement

Google Ads

We use Google Ads on our website for marketing purposes. In Europe, Google Ads is operated by: Google Ireland Limited, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland.

The use of Google Ads allows us to promote our offerings on other websites as well.

Google Ads uses so-called cookies, which are stored on your computer and enable an analysis of your use of our website. As a rule, the information generated by the cookie (such as browser type, operating system, IP address, referrer URL) is transmitted to and stored on a Google-owned server — possibly also in the USA.

The basis for data processing and transfer to the USA are the so-called Standard Contractual Clauses. These clauses obligate Google to comply with applicable European laws and data protection standards, even when processing data in a third country such as the USA.

Please note that our use of Google Ads requires your consent, which therefore constitutes the legal basis for the processing. You may provide your consent via the cookie banner. In addition, our company also has a legitimate interest in using Google Ads.

You can find further information regarding Google Ads in Google’s privacy policy: https://policies.google.com

Google Analytics

We use Google Analytics on our website, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called cookies, which are stored on your computer and enable an analysis of your use of our website. As a rule, the information generated by the cookie (such as browser type, operating system, IP address, referrer URL) is transmitted to and stored on a Google-owned server in the USA.

On our behalf, Google uses the stored information to evaluate your use of our website, to compile reports on website activity, and to provide us with other services related to website and internet usage.

By changing your browser settings, you have the ability to disable or restrict the transmission of cookies. You can also delete cookies that have already been stored via your browser settings at any time; this can also be done automatically. Please note that disabling cookies may result in some services on our website no longer being fully usable.

Please be advised that our use of Google Analytics requires your consent, which therefore constitutes the legal basis for the processing. You can provide your consent via the cookie banner. In addition, our company has a legitimate interest in the use of Google Analytics.

Furthermore, you can prevent the collection of data generated by the cookie and related to your use of our website by Google, as well as the processing of this data by Google. For this purpose, the following browser add-on has been developed to deactivate Google Analytics. It can be downloaded and installed directly from Google via the following link: http://tools.google.com/dlpage/gaoptout?hl=en

Further information about Google Analytics can be found in the Google Analytics Terms of Service (https://marketingplatform.google.com/about/analytics/terms/us/), the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=en), and Google’s Privacy Policy (https://policies.google.com)

Google Single Sign-On

We use Google’s authentication service (Single Sign-On) for login on our website. In Europe, this service is provided by Google Ireland Limited, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland. Data processing may also take place in the USA.

The basis for data processing and data transfer to the USA is the use of so-called Standard Contractual Clauses. These clauses obligate Google to comply with applicable European law and the corresponding level of data protection, even when data is processed in a third country such as the USA.

If you have a Google account, you can revoke your consent to the use of Single Sign-On login at any time at the following link: https://adssettings.google.com/authenticated.

Further information regarding the use of Google services can be found in their privacy policy: https://policies.google.com

HubSpot

We use HubSpot on our website, a service provided by HubSpot, 1 Sir John Rogerson’s Quay, Dublin 2, Ireland. HubSpot may also process your data in the USA, among other locations.

The basis for data processing and transfer to the USA is the use of so-called Standard Contractual Clauses. These clauses obligate HubSpot to comply with applicable European law and the required level of data protection, even when the data is processed in a third country such as the USA.

The legal basis for using HubSpot is your consent as the data subject. In addition, we have a legitimate interest in using HubSpot, as its use supports the optimization of our website and service offerings.

Further information about HubSpot can be found at: https://legal.hubspot.com/de/privacy-policy

Contact Form

Our website contains contact forms that allow you to get in touch with us. The following data you provide may be transmitted to us and stored: first and last name, telephone number, email address, subject, and message.

The information you provide is used solely for the purpose of responding to your inquiry/message. By submitting the inquiry/message, you consent to the described processing of your data (legal basis: consent). You may revoke your consent at any time; however, processing already carried out before the revocation remains unaffected.

Langfuse

We use Langfuse for our services, an open-source LLM engineering platform operated by Langfuse GmbH, Gethsemanestraße 4, 10437 Berlin, Germany.

Further information about Langfuse can be found at: https://langfuse.com/privacy

Links (Third Parties)

If we provide links to websites of other organizations, the respective privacy policies of those sites apply.

Make.com

We use the platform Make.com for our services, a service provided by Celonis Inc., One World Trade Center, 87th Floor, 10007 New York, USA. Make.com is an automation platform.

The basis for data processing and the transfer of data to the USA is the use of so-called Standard Contractual Clauses. These clauses oblige Make.com to comply with applicable European law and with the European data protection standard.

Further information about Make.com can be found at: https://www.make.com/en/privacy-notice

Meta Pixel

We use the Meta Pixel on our website, operated by Meta Platforms Inc. or, for Europe, by Meta Platforms Ireland Limited, as we advertise on Meta’s platforms.

When you visit our website or book our services, the Meta Pixel stores your behavior on our website using cookies. This enables Meta platforms to match your data — such as your IP address — with the data from your Meta account.

This data may also be stored in the USA. The basis for data processing and the transfer of data to the USA is the use of so-called Standard Contractual Clauses. By using these clauses, Meta commits to complying with applicable European law and with the European data protection standards, which are recognized as adequate under Swiss data protection law.

If you are logged into Facebook or another Meta service during your visit to our website, Meta may associate the visit with your user profile. You have the option to opt out: https://www.facebook.com/adpreferences/ad_settings

For more information about privacy at Meta, please visit: https://www.facebook.com/privacy

Microsoft Azure

We use Microsoft Azure for our services, a service provided by Microsoft Corp., Microsoft Way 1, 98052-6399 Redmond, WA, USA. Among other things, we use Microsoft Azure for web hosting services. Microsoft Azure may also process data in the USA.

The basis for data processing and data transfers to the USA is the use of so-called Standard Contractual Clauses. Through these clauses, Microsoft Azure commits to complying with applicable European laws and data protection standards.

Further information about the Standard Contractual Clauses and the data processed by Microsoft Azure can be found at:

https://learn.microsoft.com/en-us/compliance/regulatory/offering-eu-model-clauses and https://www.microsoft.com/de-de/privacy/privacystatement 

LinkedIn Insight

We use the LinkedIn Insight Tag tracking tool on our website, operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. This tool is used to analyze the effectiveness of our LinkedIn ads and to enable targeted advertising.

When you visit our website, the Insight Tag sets a cookie that stores certain data — such as your IP address (in shortened or hashed form), the time of your visit, device and browser characteristics, and the pages you view. This data allows LinkedIn to link your visit to our website with your LinkedIn user account, provided you are logged in.

We do not receive any personal data from LinkedIn ourselves, but only aggregated reports about audience demographics and ad performance. The data is also transferred to the USA. LinkedIn relies on Standard Contractual Clauses to ensure an adequate level of data protection under Swiss data protection law.

Further information about how LinkedIn processes data can be found in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy

Sentry

We use the Sentry service on our website, provided by Functional Software Inc., 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA. Sentry is used for technical monitoring of system stability and for identifying code errors in real time in order to improve the functionality and security of our website or web applications.

In the event of an error, technical information such as IP address, device type, browser details, timestamp, and interactions with the application are collected and transmitted to Sentry’s servers. This data is necessary to analyze and resolve technical issues.

Data processing is carried out to protect legitimate interests, particularly to ensure operational reliability and error correction. The data is not used for marketing purposes.

Sentry may transfer personal data to the USA. Such transfers are based on Standard Contractual Clauses, which are intended to ensure an adequate level of data protection in accordance with Swiss data protection law.

Further information on data processing by Sentry can be found at:https://sentry.io/privacy/

Stripe

We use Stripe on our website, a service provided by Stripe Payments Europe, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland. Stripe is one of the payment tools we utilize. If you choose to pay via Stripe, the payment data you provide will be transmitted to Stripe. This data may also be transferred to the USA.

The legal basis for the use of Stripe is your consent as the data subject. The basis for data processing and transfer to the USA is the use of Standard Contractual Clauses. These clauses require Stripe to comply with applicable European laws and data protection standards. This also applies if the data is processed in a third country such as the USA.

Further information about Stripe can be found at:https://stripe.com/at/privacy

Vercel

Für unsere Dienste nutzen wir die Cloudbereitstellungssoftware Vercel, einen Service der Vercel Inc., 440 N Barranca Avenue #4133, Covina, CA 91723, USA. Vercel wird Ihre Daten unter anderem auch in den USA verarbeiten.

 

Die Grundlage der Datenverarbeitung und des Datentransfers in die USA bilden sogenannte Standardvertragsklauseln. Diese verpflichten Vercel zur Einhaltung des geltenden europäischen Rechts sowie des europäischen Datenschutzniveaus.

 

Weitere Informationen zu Vercel finden Sie unter: https://vercel.com/legal/privacy-policy.

 

Webflow

Wir verwenden für unsere Webseite den Dienst von Webflow des gleichnamigen Webflow Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103. Webflow ist eine Anbieterin von Webseiten-Baukasten, welche wir zur Erstellung unserer Webseite verwenden.

 

Webflow kann Daten von Ihnen auch in den USA verarbeiten. Die Grundlage der Datenverarbeitung und die Datenweitergabe in die USA bilden sog. Standardvertragsklauseln. Webflow verpflichtet sich durch diese Klauseln, das geltende europäische Recht resp. Datenschutzniveau einzuhalten. Dies gilt selbst dann, wenn Daten in einem Drittstaat verarbeitet werden. Im Übrigen nimmt Webflow am EU-US Data Privacy Framework teil.

 

Weitere Informationen betreffend Webflow können Sie der Privacy Policy von Webflow entnehmen: https://webflow.com/legal/eu-privacy-policy.

Right of Access

As a data subject, you may request confirmation from us as to whether personal data concerning you is being processed. If this is the case, you have the right to obtain access to the following information:

  • The purposes for which the personal data is being processed
  • The categories of personal data that are being processed
  • The recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular if they are recipients in third countries or international organizations
  • The intended duration of storage of the personal data concerning you, or, if this is not possible, the criteria used to determine that duration
  • The existence of a right to rectification or erasure of the personal data concerning you, or to restriction of processing by us, or a right to object to such processing
  • The existence of a right to lodge a complaint with a supervisory authority
  • All available information about the origin of the data if it was not collected directly from you
  • The existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the intended consequences of such processing for the data subject

You also have the right to be informed whether personal data concerning you has been transferred to a third country or an international organization; in such cases, you have the right to be informed about the appropriate safeguards in place relating to the transfer.

Right to Rectification and Erasure

You have the right to demand from us, without undue delay, the correction and/or completion of inaccurate and/or incomplete personal data concerning you.

You also have the right to request that we erase personal data concerning you without undue delay if one of the following grounds applies:

  • The personal data is no longer necessary for the purposes for which it was collected or otherwise processed
  • You withdraw your consent, and there is no other legal basis for the processing
  • You object to the processing on grounds relating to your particular situation, and there are no overriding legitimate reasons for the processing, or you object to processing for direct marketing purposes
  • The personal data concerning you has been unlawfully processed
  • The erasure of the personal data concerning you is required to fulfill a legal obligation
  • The personal data concerning you was collected in relation to the offer of information society services pursuant to Article 8(1) GDPR

Right to Restriction of Processing

As a data subject, you have the right to request restriction of processing if one of the following conditions applies:

  • The accuracy of the personal data is contested by you. In this case, restriction may be requested for the period necessary for us to verify the accuracy of the personal data
  • The processing is unlawful, and you request restriction of use instead of erasure
  • We no longer need the personal data for processing purposes, but you need it for the establishment, exercise, or defense of legal claims
  • You have objected to processing

If processing of the personal data concerning you is restricted, then—apart from storage—the data may only be processed with your consent, or for the establishment, exercise, or defense of legal claims, or to protect the rights of another natural or legal person, or for reasons of important public interest.

If you have obtained a restriction of processing based on the above conditions, you will be informed by us before the restriction is lifted.

Information and Obligation to Notify Third Parties

If we have made your personal data public and are legally required to delete it, we will, taking into account the available technology and the cost of implementation, take reasonable measures—including of a technical nature—to inform other controllers and processors who process the data that you have requested the deletion of all links to this personal data, as well as any copies or replications thereof.

We will inform all recipients to whom your personal data has been disclosed about any rectification or deletion of this data, as well as any restriction on its processing, unless this proves impossible or involves a disproportionate effort. In such cases, we will make reasonable efforts to explain why notification is not possible and to ensure that your rights remain protected.

Exceptions to the Right of Erasure

The right to erasure does not apply where the processing is necessary for the exercise of the right to freedom of expression and information and/or for the establishment, exercise, or defense of legal claims.

Right to Data Portability

As the data subject, you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us, where the processing is based on consent or a contract and the processing is carried out by automated means.

Furthermore, you have the right to have the personal data concerning you transmitted directly from us to another controller, where technically feasible. The rights and freedoms of others must not be adversely affected by this.

Right to Object

As the data subject, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data that is carried out based on Article 6(1)(e) or (f) of the GDPR. We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to such processing. If you object to processing for direct marketing purposes, we will no longer use your personal data for that purpose.

You also have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority—particularly in your place of residence (EU/CH), your workplace, or the place of the alleged infringement—if you believe that the processing of your personal data violates the GDPR or the Swiss Federal Act on Data Protection (FADP).

The supervisory authority responsible in Switzerland is:

Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern, Switzerland.

The supervisory authority with which the complaint is lodged will inform the complainant about the status and outcome of the complaint, including the possibility of a judicial remedy.

Aurum Avis Labs GmbH, July 2025

 

We value your privacy
We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.
Privacy Policy