Privacy Statement

We, Aurum Avis Labs GmbH, Terrassenweg 9, 6315 Oberägeri, operate the website https://www.aurum-avis-labs.ch and are the provider of the services offered on the website. We are therefore the controller responsible for the collection, use, and processing of your data. The following sets out whether and how we process your data:

Data Processing, Storage, and Deletion

We process only personal data that we collect directly via our website, the associated applications, via external platforms, via so-called “landing pages”, or in the course of the business relationship with our customers and other business partners. Processing takes place only where express consent has been given or a legal basis exists, for example for the performance of a contract, for the fulfillment of legal obligations, or on the basis of our legitimate interests. Within the scope of the consent you have granted, we process your data only within the limits of that consent, unless one of the following legal bases applies. We expressly draw your attention to the fact that you may withdraw your consent at any time, whereby a processing act that has already taken place — and was lawful — is not affected by the withdrawal. The following legal bases may apply:

  •       Consent of the data subject;
  •       Performance of a contract to which the data subject is a party, or implementation of pre-contractual measures taken at the request of the data subject;
  •       Fulfillment of a legal obligation to which our company is subject;
  •       Performance of a task carried out in the public interest;
  •       Legitimate interests of our company, provided that the interests or fundamental rights of the data subject do not override those interests.   We delete personal data once the purpose for which it was collected has been fulfilled and there is no further need to retain it. There are, however, cases in which we are legally obligated to retain data for a longer period. This concerns in particular provisions of Swiss or European legislators in areas such as contract law, tax law, and commercial accounting. For example, business records, contracts, and booking documents must be retained for a period of ten years. Personal data that is retained solely for legal reasons and is no longer needed for the provision of our services will be blocked and used solely for accounting and tax purposes.

Disclosure to Third Parties

In the course of fulfilling orders, it may be necessary to use the services of third parties. In such cases it may be necessary to disclose data to external service providers for the purpose of performing the contractually agreed services. The legal bases for such disclosure correspond to those of lawful processing and are described in more detail in the preceding section. We ensure through contractual arrangements that third parties engaged to process data comply with data protection regulations. In addition, we may in certain cases be required by official or judicial order to disclose data to government authorities or third parties.

Provision of Our Services and Generation of Log Files

Our system automatically collects and stores information in so-called log files as soon as you access our website. The information collected is as follows:

  •       Browser type and version
  •       Operating system
  •       IP address
  •       Internet service provider
  •       Date and time   The aforementioned data cannot be directly attributed to any individual and are not combined with other personal data, but remain in our system. The collection and storage of this data in log files is based on the legitimate interests of our company, in particular the need to ensure the functionality and security of our services as well as their optimization. Log files are automatically deleted at the end of each session. The collection and storage of your data in log files is essential for the operation of our website; it is therefore not possible to object to this process.

Cookies, Tracking, and Other Technologies

We use cookies and comparable technologies on our website. Cookies are small text files stored by your browser that enable unique identification of your browser upon a repeat visit to our website. They store and transmit display settings and login information in order to make our website user-friendly and secure. The use of cookies is based on the legitimate interests of our company in optimizing our website. You have control over the use of cookies: by adjusting your browser settings, you can deactivate or restrict the transmission of cookies and delete previously stored cookies at any time. Please note, however, that deactivating cookies may restrict the functionality of our services. When you visit our website, you will be informed via a cookie banner through which you can grant your consent to the use of cookies. This consent constitutes the legal basis for the use of those cookies that are required for the full use of our services.

Tools, Applications, and Other Technologies Used

GitHub We use the platform GitHub, operated by GitHub, Inc., 88 Colin P. Kelly Jr. St., San Francisco, CA 94107, USA, to manage our source code and in part for the provision of our services; for Europe, GitHub B.V., Prins Bernhardplein 200, 1097 JB Amsterdam, Netherlands, is responsible. GitHub is a version control and hosting platform. When you access our repositories or other content on GitHub, or when you visit a website hosted on GitHub Pages, GitHub collects certain technical data about your end device. According to GitHub documentation, the IP address of visitors is logged and stored for security purposes each time a GitHub Pages site is accessed. GitHub further collects usage data such as IP address, device and session information, time of access, and pages visited, in order to ensure the operational functionality of the service. If you sign in with your GitHub account, GitHub also processes the account data you have stored there. Processing may also take place in the United States. GitHub relies on standard contractual clauses issued by the European Commission for the transfer of personal data to third countries and participates in the EU–US Data Privacy Framework in order to ensure an adequate level of data protection. The legal basis for the use of GitHub is our legitimate interest in efficient software development and the secure provision of our services. Where you sign in with your GitHub account or use other interactive features, processing is carried out on the basis of your consent. Further information on data processing by GitHub can be found at: https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement.

Google Ads We use Google Ads by Google on our website for marketing purposes. In Europe, the following company in Ireland is responsible for Google Ads: Google Ireland Limited, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland. We use Google Ads to promote our offering on other websites as well. Google Ads uses so-called cookies, which are stored on your computer and enable analysis of your use of our website. As a rule, the information generated by the cookie (such as browser type, operating system, IP address, referrer URL) is transmitted to a Google-owned server — possibly also in the United States — and stored there. The legal basis for data processing and data transfer to the United States is so-called standard contractual clauses. Through these clauses, Google undertakes to comply with applicable European law and the level of data protection. This also applies where data is processed in a third country, such as the United States. We draw your attention to the fact that our use of Google Ads requires your consent, which thus constitutes the legal basis. You may grant your consent via the cookie banner. In addition, there is a legitimate interest on the part of our company in the use of Google Ads. Further information regarding Google Ads can be found in the associated privacy policy at https://policies.google.com.

Google Analytics We use Google Analytics on our website, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called cookies, which are stored on your computer and enable analysis of your use of our website. As a rule, the information generated by the cookie (such as browser type, operating system, IP address, referrer URL) is transmitted to a Google-owned server in the United States and stored there. On our behalf, Google uses the stored information to evaluate your use of our website, to compile reports on website activity, and to provide further services to us related to website and internet use. By changing the settings in your browser, you have the option of deactivating or restricting the transmission of cookies. You can also delete stored cookies at any time via your browser settings; this can also be done automatically. We draw your attention to the fact that deactivating cookies may mean that not all services of our website can be used. We draw your attention to the fact that our use of Google Analytics requires your consent, which thus constitutes the legal basis. You may grant your consent via the cookie banner. In addition, there is a legitimate interest on the part of our company in the use of Google Analytics. Furthermore, you can prevent the collection of the information generated by the cookie and relating to your use of our website, as well as the processing of such data by Google. For this purpose, the following browser add-on for deactivating Google Analytics has been developed and can be downloaded and installed directly from Google via the following link: http://tools.google.com/dlpage/gaoptout. Further information regarding Google Analytics can be found in the Google Analytics Terms of Service (https://marketingplatform.google.com/about/analytics/terms/), the Google Analytics Help (https://support.google.com/analytics/answer/6004245), and the associated privacy policy (https://policies.google.com).

Google Single Sign-On For the purposes of signing in on our website, we use among other things the authentication service provided by Google (Single Sign-On). In Europe, Google Ireland Limited, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland, is responsible for this. Data processing may also take place in the United States. The legal basis for data processing and data transfer to the United States is so-called standard contractual clauses. Through these clauses, Google undertakes to comply with applicable European law and the level of data protection. This also applies where data is processed in a third country, such as the United States. If you have a Google account, you can withdraw your consent to the use of Single Sign-On login via the following link: https://adssettings.google.com/authenticated. Further information regarding the use of Google services can be found in the associated privacy policy (https://policies.google.com).

HubSpot We use HubSpot on our website, a service provided by HubSpot, Inc., 1 Sir John Rogerson’s Quay, Dublin 2, Ireland. HubSpot may also process your data in the United States.   The legal basis for data processing and data transfer to the United States is so-called standard contractual clauses. Through these clauses, HubSpot undertakes to comply with applicable European law and the level of data protection. This also applies where data is processed in a third country, such as the United States. The legal basis for the use of HubSpot is your consent as the data subject. In addition, we have a legitimate interest in the use of HubSpot; the use of HubSpot serves to optimize our website and our offering. Further information on HubSpot can be found at: https://legal.hubspot.com/privacy-policy.

Contact Form Our website features contact forms that enable you to get in touch with us. In this context, among other things the following data provided by you is transmitted to us and stored: first and last name, telephone number, e-mail address, subject, and message. The information transmitted to us by you serves solely for the purpose of processing your inquiry/message. By submitting the inquiry/message, you consent to the data processing described above (legal basis: consent). You may withdraw your consent at any time, whereby processing operations that have already taken place are not affected by the withdrawal.

Langfuse For our services, we use Langfuse, an open-source LLM engineering platform provided by the company of the same name, Langfuse GmbH, Gethsemanestrasse 4, 10437 Berlin. Further information on Langfuse can be found at: https://langfuse.com/privacy.

Third-Party Links Where we provide links to the websites of other organizations, the privacy policies of those websites shall apply. Make.com For our services, we use the platform Make.com, a service of Celonis Inc., One World Trade Center, 87th Floor, 10007 New York, USA. Make.com is an automation platform. The legal basis for data processing and data transfer to the United States is so-called standard contractual clauses. These clauses oblige Make.com to comply with applicable European law as well as the European standard of data protection. Further information on Make.com can be found at: https://www.make.com/en/privacy-notice. Meta Pixel We use the Meta Pixel on our website, provided by Meta Platforms Inc. and, for Europe, Meta Platforms Ireland Limited, as we place advertising on Meta’s platforms. When you visit our website or book our services, the Meta Pixel uses cookies to record your behavior on our website. This enables the Meta platforms to match your data — such as your IP address — with the data in your Meta account. This data may also be stored in the United States. The legal basis for data processing and data transfer to the United States is so-called standard contractual clauses. Meta thereby undertakes to comply with applicable European law and the European standard of data protection, which is recognized as adequate under Swiss data protection law. If you are logged in to Facebook or another Meta service while visiting our website, Meta may associate your visit with your user profile. You have the option to opt out at: https://www.facebook.com/adpreferences/ad_settings. For further information on data protection at Meta, please visit: https://www.facebook.com/privacy.

Microsoft Azure For our services, we use Microsoft Azure, a service of Microsoft Corp., 1 Microsoft Way, 98052-6399 Redmond, WA. We use Microsoft Azure, among other things, for web hosting services. Microsoft Azure may also process data in the United States. The legal basis for data processing and data transfer to the United States is so-called standard contractual clauses. Through these clauses, Microsoft Azure undertakes to comply with applicable European law and the European standard of data protection. Further information on the standard contractual clauses and on the data processed by Microsoft Azure can be found at: https://learn.microsoft.com/en-us/compliance/regulatory/offering-eu-model-clauses and https://www.microsoft.com/en-us/privacy/privacystatement.

LinkedIn Insight We use the LinkedIn Insight Tag tracking tool on our website, provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. This serves to analyze the effectiveness of our LinkedIn advertising and to enable targeted advertising. When you visit our website, the Insight Tag sets a cookie that stores certain data — such as your IP address (in truncated or hashed form), the time of the visit, device and browser properties, and page views. This data enables LinkedIn to link the visit to our website with your LinkedIn user account if you are logged in. We ourselves do not receive any personal data from LinkedIn, but only aggregated reports on audiences and advertising performance. The data is also transferred by LinkedIn to the United States. LinkedIn relies on standard contractual clauses for this purpose, which are intended to ensure an adequate level of data protection within the meaning of Swiss data protection law. Further information on data processing by LinkedIn can be found in LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.

Sentry We use the Sentry utility on our website, provided by Functional Software Inc., 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA. Sentry is used for the technical monitoring of system stability and the real-time identification of code errors, in order to improve the functionality and security of our website or web applications. In the event of an error, technical information such as IP address, device type, browser information, timestamps, and interactions with the application are collected and transmitted to Sentry’s servers. This data is necessary for the analysis and resolution of technical issues. Data processing is carried out in order to safeguard legitimate interests, in particular to ensure operational security and error resolution. The data is not used for marketing purposes. Sentry may transfer personal data to the United States. The transfer is carried out on the basis of standard contractual clauses, which are intended to ensure an adequate level of data protection within the meaning of Swiss data protection law. Further information on data processing by Sentry can be found at: https://sentry.io/privacy/. Stripe We use Stripe on our website, provided by Stripe Payments Europe, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland. Stripe is one of the payment tools we use. If you choose Stripe, the payment data you provide will be transmitted to Stripe. The transfer may also take place to the United States. The legal basis for the use of Stripe is your consent as the data subject. The legal basis for data processing and data transfer to the United States is so-called standard contractual clauses. Through these clauses, Stripe undertakes to comply with applicable European law and the level of data protection. This also applies where data is processed in a third country, such as the United States. Further information on Stripe: https://stripe.com/privacy.

Vercel For our services, we use the cloud deployment software Vercel, a service of Vercel Inc., 440 N Barranca Avenue #4133, Covina, CA 91723, USA. Vercel will also process your data, among other places, in the United States. The legal basis for data processing and data transfer to the United States is so-called standard contractual clauses. These clauses oblige Vercel to comply with applicable European law as well as the European standard of data protection. Further information on Vercel can be found at: https://vercel.com/legal/privacy-policy.

Webflow We use the service of Webflow on our website, provided by Webflow Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103. Webflow is a website builder platform that we use to create our website. Webflow may also process your data in the United States. The legal basis for data processing and data transfer to the United States is so-called standard contractual clauses. Through these clauses, Webflow undertakes to comply with applicable European law and the European standard of data protection. This applies even where data is processed in a third country. Furthermore, Webflow participates in the EU–US Data Privacy Framework. Further information regarding Webflow can be found in Webflow’s Privacy Policy: https://webflow.com/legal/eu-privacy-policy.

Right of Access

As a data subject, you may request from us confirmation as to whether personal data relating to you is being processed by us. If this is the case, you have the right to access the following information:

  •       The purposes for which the personal data is processed;
  •       The categories of personal data being processed;
  •       The recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organizations;
  •       The planned duration of storage of the personal data relating to you, or, if this is not possible, the criteria used to determine that duration;
  •       The existence of a right to rectification or erasure of personal data relating to you, or to restriction of processing by us, or a right to object to such processing;
  •       The existence of a right to lodge a complaint with a supervisory authority;
  •       All available information on the origin of the personal data where it was not collected from you;
  •       The existence of automated decision-making, including profiling, and meaningful information about the logic involved as well as the significance and the envisaged consequences of such processing for the data subject.   You furthermore have the right to request information as to whether personal data relating to you is being transferred to a third country or an international organization; in such cases, you have the right to be informed of the appropriate safeguards in connection with the transfer.

Right to Rectification and Erasure

You have the right to request from us the immediate rectification and/or completion of inaccurate and/or incomplete personal data relating to you. You also have the right to request from us the immediate erasure of personal data relating to you, provided that one of the following grounds applies:

  •       The personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
  •       You withdraw your consent on which the processing was based and there is no other legal basis for the processing;
  •       You object to the processing on grounds relating to your particular situation and there are no overriding legitimate grounds for the processing, or you object to the processing for direct marketing purposes;
  •       The personal data relating to you has been processed unlawfully;
  •       The erasure of personal data relating to you is necessary for compliance with a legal obligation;
  •       The personal data relating to you has been collected in relation to the offer of information society services pursuant to Article 8(1) of the GDPR.

Right to Restriction of Processing

As a data subject, you have the right to request restriction of processing where one of the following conditions is met:

  •       The accuracy of the personal data is contested. Restriction may be requested for the period necessary to allow us to verify the accuracy of the personal data;
  •       The processing is unlawful and you request restriction — instead of erasure;
  •       We no longer need the personal data for processing purposes, but you require it for the establishment, exercise, or defense of legal claims;
  •       You have objected to processing.   Where processing of personal data relating to you has been restricted, such data may, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest. If you have obtained restriction of processing pursuant to the aforementioned conditions, you will be informed by us before the restriction is lifted.

Obligation to Inform and Notify Third Parties

Where we have made your personal data public and are required by law to erase it, we shall take reasonable steps — including technical measures — taking into account the available technology and the cost of implementation, to inform other controllers and processors that are processing that data that you have requested the erasure of all links to, or copies or replications of, that personal data. We inform all recipients to whom your personal data has been disclosed of any rectification or erasure of that data as well as any restriction on its processing, except in cases where this is impossible or involves disproportionate effort. In such cases, we endeavor to clearly communicate the reasons for non-notification and to ensure that your rights are nonetheless protected.

Exceptions to the Right to Erasure

The right to erasure does not exist where processing is necessary for the exercise of the right to freedom of expression and information and/or for the establishment, exercise, and/or defense of legal claims.

Right to Data Portability

As a data subject, you have the right to receive personal data relating to you, which you have provided to us, in a structured, commonly used, and machine-readable format. You also have the right to transmit that data to another controller without hindrance from us to whom the personal data has been provided, provided that the processing is based on consent or on a contract and the processing is carried out by automated means. You furthermore have the right to obtain that personal data relating to you be transmitted directly from us to another controller, where technically feasible. The rights and freedoms of other persons must not be adversely affected thereby.

Right to Object

As a data subject, you have the right to object at any time, on grounds relating to your particular situation, to processing of personal data relating to you which is carried out on the basis of Article 6(1)(e) or (f) of the GDPR. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms. An additional exception exists for processing for the establishment, exercise, or defense of legal claims. Where we process personal data relating to you for the purposes of direct marketing, you have the right to object at any time to processing of personal data relating to you for the purposes of such marketing. If you object to processing for direct marketing purposes, we will no longer use personal data relating to you for those purposes. You have the right to withdraw your consent at any time. The lawfulness of processing carried out — lawfully — prior to the withdrawal shall not be affected thereby.

Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in your place of habitual residence (EU/CH), place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR or the Swiss Federal Act on Data Protection (FADP). The authority responsible for Switzerland is: Federal Data Protection and Information Commissioner, Feldeggweg 1, 3003 Bern. The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and outcome of the complaint, including the possibility of a judicial remedy.     Aurum Avis Labs GmbH, July 2025

Cookie Preferences

Customize your cookie preferences. Essential cookies cannot be disabled as they are required for the website to function properly.

Essential Cookies

Required for basic website functionality, security, user authentication, and error tracking.

Always active

Analytics Cookies

Help us understand how visitors interact with our website to improve user experience. Includes Google Analytics and Microsoft Clarity session recordings.

Marketing Cookies

Used to track visitors across websites to display relevant and engaging advertisements.