Privacy policy (revDSG & GDPR)

Controller
LLM Optimizeation Ready
Hünenbergerstrasse 8, 6330 Cham, Switzerland
Email: privacy@llmoready.com
Website: llmoready.com

Scope
This privacy policy explains the type, scope, and purposes of processing personal data when using our website, our SaaS platform ("LLMO Ready"), and related services. It complies with the Swiss Federal Act on Data Protection (revDSG) and – where applicable – the EU General Data Protection Regulation (GDPR).

Definitions
"Personal data" means any information relating to an identified or identifiable natural person. "Processing" covers any handling of data (e.g. collection, storage, use, disclosure, deletion). "Processors" are service providers that process data on our behalf.

1. Data we collect

We may process the following categories of data:

• Account data: email address, name, company name, password (hashed), profile settings.
• Contract & payment data: subscription plan, payment method, invoices, transaction history (partially held by payment processors).
• Platform usage data: product uploads, generated knowledge packs, API requests, analytics on use frequency (anonymized statistics).
• Technical data: IP address, browser type, device information, access logs, cookies/similar technologies.
• Communication data: support inquiries, email correspondence, feedback forms.

2. Purposes of processing

Personal data is used exclusively for the following purposes:

1. Provision of the website & SaaS platform, performance of pre-contractual measures, contract fulfilment.
2. Account creation, authentication, access management (user and role management).
3. Billing & payment processing, including compliance with statutory retention duties.
4. Support & communication, handling of inquiries, incident handling.
5. Security & stability, fraud prevention, abuse prevention, logging of system events.
6. Product improvement, analysis of anonymised usage data (no personal profiling).
7. Legal obligations (e.g. retention of accounting documents, compliance with data protection or tax laws).

3. Legal basis (revDSG / GDPR)

• Contractual performance (Art. 6(1)(b) GDPR): account management, use of platform, billing.
• Legitimate interests (Art. 6(1)(f) GDPR): statistics, security, fraud prevention, support efficiency, product optimization.
• Legal obligations (Art. 6(1)(c) GDPR): storage of invoices, compliance with tax law.
• Consent (Art. 6(1)(a) GDPR): where explicitly requested (e.g. analytics, newsletter if applicable).

4. Third-party processors & data sharing

We only disclose data to third parties insofar as necessary for service delivery or required by law. Processors are contractually bound to comply with data protection legislation and process data solely in accordance with our instructions. Categories of processors include:

• Hosting providers (servers, CDN, database services).
• Cloud services (storage, backup, media processing).
• Payment processors (credit card / SEPA / third-party providers; data directly transmitted to them).
• Customer support tools (email, ticket system).
• Analytics / monitoring (anonymized usage statistics, performance monitoring).

A detailed list of subprocessors is available at llmoready.com/subprocessors. We do not sell data to third parties for marketing or advertising purposes.

5. Data transfers to third countries

If processing takes place in countries without an adequate level of data protection, we implement appropriate safeguards (usually EU standard contractual clauses and supplementary measures). Copies are available on request via privacy@llmoready.com.

6. Storage duration

We process personal data only as long as necessary for the purposes outlined above or as required by law. Contract and billing data are retained in line with statutory periods (usually 10 years in Switzerland and up to 10 years under EU law). Afterwards, data are anonymised or deleted.

7. Mandatory information

Specific data are required to register or provide our services. Without these details, account creation or service delivery is not possible.

8. Cookies & similar technologies

We use necessary cookies (e.g. session/CSRF) and – with consent – optional cookies/local storage for analytics or convenience. A consent banner allows you to manage and withdraw choices. Details: llmoready.com/cookies.

9. No automated individual decision-making

We do not conduct automated decision-making with legal effect. No profiling for marketing purposes.

10. Data security

We implement appropriate technical and organisational measures (encryption in transit/at rest, access restrictions, role management, backup/recovery, logging, hardening, least privilege).

11. Minors

Our offering targets business customers (B2B). We do not intentionally process data of minors.

12. Your rights

Depending on applicable law (revDSG/GDPR), you have rights to access, rectification, deletion, restriction, data portability, and objection to processing based on legitimate interests. You may withdraw consent at any time with future effect. Contact: privacy@llmoready.com. Complaints: Switzerland: Federal Data Protection and Information Commissioner (FDPIC); EU/EEA: competent supervisory authority at your place of residence, work, or alleged infringement.

13. Changes

We may amend this policy if we have a legitimate interest and amendments are reasonable. The current version always applies.

Effective: 01.10.2025 · Version 1.0