Privacy Policy

This Privacy Policy explains how Avidia.ai c/o Netgen Switzerland AG ("we", "us", "our") collects, uses, and protects personal data when you use our platform avidia content ("the platform", "the service"). We respect your privacy and are committed to protecting your personal data in accordance with the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR).

Data Controller: Avidia.ai c/o Netgen Switzerland AG Seestrasse 356 8038 Zurich Switzerland Contact: Email: content@avidia.ai Our Data Protection Officer is reachable via the email address above.

We collect various types of personal data: Account Data: Name, email address, password (encrypted), organization, role Profile Information: First name, last name, avatar, language settings Usage Data: Logs, IP address, browser type, device information, access times Content Data: Flows, projects, media, translations you create Technical Data: Cookies, session IDs, security tokens We also collect data from third parties when you use integrations (e.g., Ibexa DXP, WordPress, Moodle).

We use your data for the following purposes: Service Provision: Providing and operating the platform, managing your account Personalization: Customizing user interface, language settings, feature preferences Communication: Sending notifications, support requests, important updates Quality Improvement: Analyzing usage, troubleshooting, performance optimization Security: Fraud detection, abuse prevention, ensuring platform security Legal Compliance: Complying with legal obligations, dispute resolution AI Processing: Using GPT-4 and Claude for content generation per your instructions We use your content solely to provide the services and do not process it for other purposes without your explicit consent.

We process your personal data based on: Contract Performance: Necessary for providing platform services Your Consent: For optional features such as marketing emails Legitimate Interest: For security measures, quality improvements, and fraud detection Legal Obligation: To comply with legal requirements You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

We retain your personal data only as long as necessary for the purposes for which it was collected: Active Accounts: As long as your account is active Deleted Accounts: 30 days after termination (backup purposes), then complete deletion Legal Retention: 10 years for invoices and tax-relevant documents per Swiss law Audit Logs: 2 years for security and compliance purposes After expiration of the retention period, data is automatically deleted or anonymized.

We share your personal data only in the following cases: Service Providers: Hosting (Supabase), email sending (Resend), AI services (OpenAI, Anthropic), payment processing Legal Obligations: When required by law or court order Organization: To your organization and its administrators if you belong to an organization With Your Consent: In other cases only with your explicit consent All service providers are contractually obligated to treat your data in accordance with this Privacy Policy and implement appropriate security measures. We do not sell your personal data to third parties.

We implement technical and organizational measures to protect your data: Encryption: Data is encrypted during transmission (TLS/SSL) and at rest Authentication: Secure password hashing (bcrypt), multi-factor authentication available Access Control: Role-Based Access Control (RBAC), minimal permissions Regular Backups: Daily backups with encrypted storage Security Monitoring: Logging access, anomaly detection Infrastructure: Hosting on secure servers in EU/Switzerland (Supabase) Despite our efforts, no data transmission over the internet is absolutely secure. Please use strong passwords and do not share your login credentials with third parties.

Under Swiss and EU law, you have the following rights: Right of Access: You can request information about your stored personal data Rectification: You can request correction of incorrect or incomplete data Erasure: You can request deletion of your data if no legal retention obligation exists Restriction: You can request restriction of processing of your data Data Portability: You can receive your data in a structured format Objection: You can object to processing of your data based on legitimate interest Withdrawal: You can withdraw given consents at any time To exercise your rights, contact us at content@avidia.ai. We will process your request within 30 days.

We use cookies and similar technologies: Required Cookies: For platform functionality (authentication, session management) Functional Cookies: For your preferences (language, theme) Analytics Cookies: To analyze usage and improve the platform You can reject cookies in your browser settings, but this may affect platform functionality. We do not use advertising cookies or third-party tracking cookies for marketing purposes.

Your data is primarily stored and processed in Switzerland and the EU. Some service providers may process data outside these regions: OpenAI (USA): For GPT-4 services, Standard Contractual Clauses (SCCs) Anthropic (USA): For Claude services, SCCs Supabase (EU/USA): For hosting, EU processing preferred All international transfers are made in accordance with applicable data protection laws with appropriate safeguards such as Standard Contractual Clauses.

Our platform is not intended for persons under 16 years of age. We do not knowingly collect personal data from children under 16 without parental consent. If you discover that a child has provided us with personal data without parental consent, please contact us immediately at content@avidia.ai so we can delete such data.

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of material changes via email or through a notice on the platform. The updated version will be dated "Last updated". We recommend reviewing this Privacy Policy regularly.

For questions about this Privacy Policy or to exercise your rights, please contact us: Avidia.ai c/o Netgen Switzerland AG Seestrasse 356 8038 Zurich Switzerland Email: content@avidia.ai You also have the right to file a complaint with the competent data protection authority: Switzerland: Federal Data Protection and Information Commissioner (FDPIC) EU: Your local data protection authority