Skip to content Skip to footer

Privacy Policy

We at Holoai GmbH (hereinafter also “we”, “us”) respect your privacy and are committed to keeping any information we receive from or about you secure. This Privacy Policy describes our practices with respect to personal information that we collect from or about you when you use our website, applications and services (collectively, the “Services”).

Responsible for data processing

Holoai GmbH, located at Schumacherstrasse 1, 6037 Root, Switzerland, is responsible for the processing of your personal data as described in this Privacy Policy.

Personal information that we collect

We collect personal data about you (“Personal Data”) as follows:

Personal information you provide to us: We collect Personal Data when you create an account to use our Services or communicate with us as follows:

  • Account Information: When you create an account with us, we collect the information associated with your account, including your name, contact information, account login information, payment card information, and transaction history (collectively, “Account Information”).
  • User Content: When you use our Services, we collect personal information contained in the submissions, file uploads or feedback you provide to our Services (“Content”).
  • Communication information: When you communicate with us, we collect your name, contact information and the content of messages you send (“Communication Information”).
  • Social media information: We have pages on social media sites such as Instagram, Facebook, TikTok, X, YouTube, Pintrest and LinkedIn. When you interact with our social media pages, we collect personal data that you voluntarily provide to us, such as your contact details (collectively referred to as “Social Data”). In addition, the companies that host our social media pages may provide us with aggregated information and analyses about our social media activities.
  • Other information you provide to us: We collect other information that you provide to us, such as when you participate in our events or surveys or provide us with information to establish your identity (collectively, “Other Information Provided by You”).

Personal Information we automatically receive through your use of the Services: When you visit, use or interact with the Services, we receive the following information about your visit, use or interactions (“Technical Information”):

  • Log data: Information that your browser or device automatically sends when you use our Services. Log Data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with our Services.
  • Usage Data: We may automatically collect information about your use of the Services, such as the types of content you view or engage with, the features you use and the actions you take, your time zone, country, dates and times of access, user agent and version, type of computer or mobile device, and your computer connection.
    Device information: This includes the name of the device, operating system, device identifiers and the browser you are using. The information collected may depend on the type of device you are using and its settings.
  • Cookies: We use cookies to operate and manage our services and to improve your experience. A “cookie” is a piece of information sent to your browser by a website you visit. You can set your browser to accept all cookies, reject all cookies or notify you when a cookie is offered so that you can decide each time whether to accept it. However, in some cases, refusing a cookie may prevent you from using a website or certain areas or features of a website, or may impair the display or function of a website.
    Analytics: We may use a number of online analytics products that use cookies to analyse how users use our Services and to improve your experience when using the Services.

How we use personal information

We may use personal data for the following purposes:

  • To provide, administer, maintain and/or analyse the Services;
  • To improve our Services and conduct research;
  • To communicate with you, including sending you information about our Services and events;
  • To develop new programmes and services;
  • To prevent fraud, criminal activity or misuse of our Services and to protect the security of our IT systems, architecture and networks;
  • To carry out business transfers; and
  • To comply with legal obligations and legal process and to protect our rights, privacy, safety or property and/or the rights of our partners, you or other third parties.

Aggregated or de-identified information: We may aggregate or de-identify personal information so that it can no longer be used to identify you and use such information to analyse the effectiveness of our Services, to improve our Services and add new features, to conduct research and for other similar purposes. In addition, we may from time to time analyse the general behaviour and characteristics of users of our Services and share aggregated information such as general user statistics with third parties, publish such aggregated information or make such aggregated information generally available. We may collect aggregated information through the Services, through cookies and through other means described in this Privacy Policy. We will retain and use de-identified information in an anonymous or de-identified form and we will not attempt to re-identify the information unless required by law.

Disclosure of personal information

In certain circumstances, we may disclose your personal data to third parties without informing you unless required by law:

  • Suppliers and service providers: To help us fulfil our business needs and perform certain services and functions, we may share personal data with vendors and service providers, including but not limited to hosting service providers, artificial intelligence services, customer service providers, cloud services, email communication software, web analytics services and other information technology providers. In accordance with our instructions, these parties will only access, process or store personal data as part of the fulfilment of their tasks for us.
  • Business transfers: If we are involved in a strategic transaction, reorganisation, bankruptcy, insolvency or transfer of services to another provider (collectively, a “Transaction”), your Personal Data and other information may be disclosed as part of the review process with contractors and others involved in the Transaction and transferred, along with other assets, to a successor or affiliate as part of the Transaction.
  • Legal Requirements: We may disclose your personal information, including information about your interaction with our Services, to government authorities, industry peers or other third parties (i) if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation; (ii) to protect and defend our rights or property; (iii) if we determine, in our sole discretion, that there has been a violation of our terms, policies or the law; (iv) to detect or prevent fraud or other illegal activities; (v) to protect the safety and integrity of our products, employees or users, or the public; or (vi) to protect against legal liability.
    Affiliates: We may share personal information with our affiliates, which are companies that control, are controlled by, or are under common control with Holoai. Our affiliates may use the personal information we share in accordance with this Privacy Policy.
  • Other users and third parties with whom you share information: Certain features allow you to view or share information with other users or third parties. For example, you can share Joaia conversations with other users via shared links. Make sure you trust every user or third party you share information with.

Data storage

We will only retain your personal data for as long as we need it to provide you with our service or for other legitimate business purposes, such as resolving disputes, for security reasons or to comply with our legal obligations. How long we retain personal data depends on a number of factors, such as;

  • Our purpose for processing the data (e.g. whether we need to retain the data in order to provide our services);
  • The amount, nature and sensitivity of the data;
  • The potential risk of harm from unauthorised use or disclosure of the data;
  • Any legal requirements to which we are subject.

Your rights

Depending on their location, individuals may have certain legal rights in relation to their personal data. For example, you have the right to:

  • Access your personal data and information about how it is processed.
  • Delete your personal data from our records.
  • Correct or update your personal data.
  • Transfer your personal data to a third party (right to data portability).
  • Restrict the way we process your personal data.
  • Withdraw your consent where we are relying on consent as the legal basis for processing, at any time.
  • Object to the processing of your personal data.
  • Lodge a complaint with your local data protection authority.

You have the following rights to object:

  • You can object to the processing of your personal data for direct marketing purposes at any time.
  • You can object to the processing of your personal data if the processing is based on our legitimate interests.

You can exercise some of these rights through your Holoai account. If you cannot exercise your rights through your account, please send your request to privacy@holoai.ch.

Please note that these rights may be limited, for example, if fulfilling your request would result in the disclosure of personal data about another person, or if you ask us to delete information that we are required by law to keep or have compelling legitimate interests to keep.

We hope that we can respond to your questions or concerns. If you have unresolved complaints with us or our Data Protection Officer, you can contact your local supervisory authority in the EU. For unresolved complaints in relation to the UK you can contact the Information Commissioner’s Office and for Switzerland you can contact the Swiss Federal Data Protection and Information Commissioner.

Links to other websites

The Service may contain links to other websites that are not operated or controlled by Holoai, including social media services (“Third Party Sites”). The information you provide on Third Party Sites is governed by the specific privacy policies and terms of use of the Third Party Sites and not this Privacy Policy. The provision of these links does not imply that we endorse or have reviewed these sites. Please contact the third-party websites directly for information about their privacy practices and policies.

Security

We use commercially reasonable technical, administrative and organisational measures to protect personal data both online and offline from loss, misuse and unauthorised access, disclosure, alteration or destruction. However, no Internet or e-mail transmission is ever completely secure or error-free. In particular, emails sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us through the Service or by email. In addition, we are not responsible for circumvention of any privacy settings or security measures contained in the Service or on third party websites.

Legal basis for the processing

When we process your personal data for the purposes described above, we rely on the following legal bases:

Purpose of the processing:

For the provision and maintenance of our services

Type of personal data processed, depending on the processing activity:

  • Account information
  • User Content
  • Communication information
  • Other information you provide
  • Log data
  • Usage data
  • Device information
  • Cookies and similar technologies

Legal basis, depending on the litigation activity:

If this is necessary for the fulfilment of a contract with you, e.g. when processing a user’s request to provide a response.

Purpose of the processing:

To improve and develop our services and new features and to conduct research

Type of personal data processed, depending on the processing activity:

  • Account information
  • User Content
  • Communication information
  • Other information provided by you
  • Data we receive from other sources
  • Log data
  • Usage data
  • Device information
  • Cookies and similar technologies

Legal basis, depending on the litigation activity:

Where it is necessary for our legitimate interests and those of third parties and society in general, including to develop, improve or promote our services, e.g. when we improve our prompts for the models we use.

Purpose of the processing:

To communicate with you, e.g. to send you information or marketing material about our services and events

Type of personal data processed, depending on the processing activity:

  • Account information
  • Communication information
  • Social media information
  • Other information provided by you
  • Log data
  • Usage data
  • Device information
  • Cookies and similar technologiesWhere it is necessary for the performance of a contract with you, for example, processing your contact details to send you a technical communication about the Services.

    Your consent when we ask you to process your personal data for a specific purpose that we communicate to you, e.g. processing your contact details to send you certain forms of marketing communications.

Legal basis, depending on the litigation activity:

Where it is necessary for the performance of a contract with you, for example, processing your contact details to send you a technical communication about the Services.
Your consent when we ask you to process your personal data for a specific purpose that we communicate to you, e.g. processing your contact details to send you certain forms of marketing communications.

Purpose of the processing:

To prevent fraud, criminal activity or misuse of our services and to protect the security of our systems and services

Type of personal data processed, depending on the processing activity:

  • Account information
  • User Content
  • Information about communication
  • Social media information
  • Other information provided by you
  • Data we receive from other sources
  • Log data
  • Usage data
  • Device information
  • Cookies and similar technologies

Legal basis, depending on the litigation activity:

Where necessary to comply with a legal obligation. Where we are not subject to a specific legal obligation, where it is necessary for our legitimate interests and the interests of third parties, including to protect our services from misuse, fraud or security risks, such as processing data from security partners to protect against fraud, abuse and security threats in our services.

Purpose of the processing:

To comply with legal obligations and to protect the rights, privacy, safety or property of our users, us, our affiliates or third parties

Type of personal data processed, depending on the processing activity:

  • Account information
  • User Content
  • Information about communication
  • Social media information
  • Other information provided by you
  • Data we receive from other sources
  • Log data
  • Usage data
  • Device information
  • Cookies and similar technologies

Legal basis, depending on the litigation activity:

Where it is necessary to comply with a legal obligation, such as retaining transaction data to fulfil record-keeping obligations. When we are not subject to a specific legal obligation, when it is necessary for our legitimate interests and the interests of third parties and society in general, including to protect the rights, safety and property of us or our affiliates, users or third parties, such as analysing log data to detect fraud and abuse in our services.

Data transfers

As we use OpenAI’s services, your personal data will be transferred to recipients outside the EEA, Switzerland and the UK for the purposes described in this Privacy Policy. If you are located in the EEA, Switzerland or the UK and your personal data is transferred to a third country, that third country may not offer the same level of data protection as your home country. However, we will transfer personal data in accordance with applicable data protection laws. For transfers of your personal data to countries outside the EEA, Switzerland or the UK, we rely on the European Commission’s adequacy decisions for certain countries and, for other jurisdictions, the European Commission’s approved Standard Contractual Clauses and any applicable country addenda. For more information, please contact us at privacy@holoai.ch

By using our Services, you acknowledge and agree that your personal data will be processed and stored at OpenAI’s facilities and servers in the United States and may be shared with OpenAI’s service providers and affiliates in other countries.

Changes to the privacy policy

Wir können diese Datenschutzrichtlinie von Zeit zu Zeit aktualisieren. Wenn wir dies tun, werden wir eine aktualisierte Version auf dieser Seite veröffentlichen, es sei denn, eine andere Art von Mitteilung ist nach geltendem Recht erforderlich.

How you can contact us

Please contact privacy@holoai.ch if you have any questions or concerns that are not already addressed in this Privacy Policy.