moonsun

Privacy Statement

Privacy Policy Effective Date: 21.04.2025 Last Updated: 21.04.2025
This Privacy Policy explains how Aurum Avis Labs GmbH, a company registered in Zug, Switzerland (“we”, “our”, “us”), collects, uses, shares, and protects personal data when you use Holist-IQ (“the Application”), our web-based causal loop diagramming tool. We are committed to protecting your privacy in accordance with the Swiss Federal Act on Data Protection (FADP / DSG) and, where applicable, the EU General Data Protection Regulation (GDPR).

1. Data Controller: The data controller responsible for the processing of your personal data is: Aurum Avis Labs GmbH, 6300 Zug, Switzerland Email: info@aurum-avis-labs.ch

2. What Data We Collect
2.1 Information You Provide: When you register for Holist-IQ or interact with the platform, we may collect:Name (only if you create an account)Email address (only if you create an account)Login credentials (hashed and stored securely)Payment details (handled via Stripe – we do not store payment data)

2.2 Automatically Collected Data: When using Holist-IQ (with or without an account), we automatically collect:IP address, Device and browser information, Usage patterns (e.g., time spent, diagrams created, buttons clicked) Referrer URL and timestamps

3. Why We Collect Your Data: We use your data to: Provide and maintain Holist-IQ, Allow you to save, edit, and share diagrams, Manage subscriptions and process payments, Analyze usage to improve features and performance, Ensure secure and stable service operation, Debug and improve AI behavior and Comply with legal obligations

4. Legal Basis for Processing: We process your data under the following legal bases:
Contractual necessity (Art. 6(1)(b) GDPR): to deliver the Holist-IQ service
Legitimate interest (Art. 6(1)(f) GDPR): to improve functionality, security, and analytics
Consent (Art. 6(1)(a) GDPR): for optional services (e.g. newsletter)
Legal obligation (Art. 6(1)(c) GDPR): where required by applicable law

5. Third-Party Services: We work with third-party processors who may receive access to certain data as necessary to perform their services.
Stripe is used for payment processing. The data shared includes billing information and email addresses. Stripe operates within the EU and globally.
Google Analytics is used for usage analytics. The data shared includes anonymous usage and device data. Google Analytics operates in the USA, with Standard Contractual Clauses (SCCs) applied.
LogRocket is used for session recording and debugging. The data shared includes anonymized session logs and metadata. LogRocket operates in the USA, with SCCs applied.
Azure OpenAI is used for AI prompt and response generation. The data shared includes text prompts and user inputs as sent to the AI. Azure OpenAI operates in the EU and globally.
Langfuse is used for AI logging and tracing. The data shared includes prompt data, metadata, and token usage. Langfuse is EU-based.
We ensure that all providers follow data protection practices in accordance with Swiss and EU laws, including the application of Standard Contractual Clauses (SCCs) where necessary.

6. Public vs. Private Diagrams: By default, diagrams created on Holist-IQ are public and may be visible to other users. Paid users may set diagrams as private, ensuring they are only accessible to them. Public diagrams may be used by Aurum Avis Labs GmbH for internal research, marketing, or demo purposes.

7. Data Retention & Deletion: We retain personal data for as long as your account is active, or as needed to fulfill legal or operational purposes. You may request deletion of your account and data at any time by contacting us (see Section 13). This includes deletion of associated diagrams and AI logs.

8. Cookies & Tracking: Holist-IQ uses cookies and similar technologies to:
Authenticate and keep users logged in
Analyze usage (via Google Analytics)
Record in-app sessions for debugging (via LogRocket)
Monitor and trace AI activity (via Langfuse)
You may opt out of non-essential cookies via your browser or a cookie preference banner (if enabled).

9. Your Rights: You have the right to:
Access the personal data we hold about you
Request correction of inaccurate data
Request deletion (“right to be forgotten”)
Object to processing based on legitimate interests
Request restriction of processing or data portability
Lodge a complaint with the FDPIC (Switzerland) or your local data protection authority
To exercise these rights, contact: info@aurum-avis-labs.ch

10. Data Security: We implement industry-standard technical and organizational security measures:
TLS encryption for all data transmission
Secure access control for account and admin actions
Isolated environments for AI operations

11. International Transfers:
Where personal data is transferred outside Switzerland or the EEA, we ensure adequate protection using:
SCCs (Standard Contractual Clauses) approved by the European Commission
Hosting in GDPR-aligned regions (e.g., Azure Europe for OpenAI)

12. Changes to This Policy: We may update this Privacy Policy as needed. You will be notified of significant changes via email or in-app messages. Your continued use of the service constitutes acceptance of the changes.

13. Contact: For questions or data requests, please contact: Aurum Avis Labs GmbH, Terrassenweg 9, 6315 Oberägeri, Switzerland Email: info@aurum-avis-labs.ch

hero design imagehero design image
design imagedesign image
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Stay in touch and get updates
on what we do.
About us
features
© Aurum Avis Labs GmbH
Privacy StatementTerms and Condition