Privacy Policy

    Purpose of the Policy and Responsible Party

  1. The protection of your personal data and privacy is important to us. In this privacy policy ("Policy"), we inform you of your rights and options when you use the services of 44ai AG, such as:
    • Using our interfaces (API)
    • Visiting our website
    • Contacting us
    • Using any other services provided by us (collectively referred to as "Services").
  2. This Policy outlines how we process, store, and evaluate your data when you use our Services.

  3. The references to "we," "us," or "our" refer to 44ai AG, headquartered at Industriestrasse 78, 4600 Olten. We are the "Data Controller" as defined under Article 4 of the Swiss Federal Act on Data Protection (DSG). Our Data Protection Officer is Christoph Meier. For questions, feel free to contact us at [email protected]. For better readability, gender-specific language forms are avoided in this document, but all gender references apply to everyone.
  4. Personal Data We Process

  5. We only process data that is provided to us.
  6. If you contact us or decide to use our interface (API) for structuring medical data, we process the following personal data:
    • First and last name
    • Telephone number
    • Email address
    • Date of birth
    • Gender
    • Date of birth
    • Recordings of medical consultations and medical documents (PDF or scans), including diagnoses, ongoing treatment information, and their processed results (structured content)
  7. The data processing complies with the Swiss Federal Data Protection Act (DSG) and, for customers in the European Union, the General Data Protection Regulation (GDPR). Processing this data is necessary to provide our services and ensure the highest quality.

  8. We process and store personal data only for the time necessary to achieve the purpose of the storage. Once the purpose has been fulfilled, personal data is routinely deleted in accordance with legal and contractual obligations.
  9. If you use our interface (API), we process the personal data you provide (especially recordings of medical consultations and documents, diagnoses, ongoing treatments, and their structured results) as a data processor in accordance with Article 4 DSG and GDPR, based on contractual and legal obligations. We process this data in a way that ensures no direct link to individuals is possible.
  10. We guarantee that all processing of your personal medical data through our API is carried out exclusively by our own services. Due to our internally developed solution, your data is never processed or analyzed by third parties outside our strict internal security and privacy policies. This full control helps us ensure data security and compliance with all applicable privacy laws.
  11. If you submit an inquiry via email, contact form, or phone, we process your personal data (name, email address, and phone number) to handle your request and fulfill your orders to your complete satisfaction. The data will be deleted after two years.
  12. When you visit www.44ai.ch, necessary cookies as well as cookies for statistics and marketing purposes are set. By visiting our website, you consent to this processing.
  13. If you apply for a job with us, we process personal data (name, phone number, email address, and other personal data provided in your application documents) to review your application, conduct the hiring process, and, if successful, prepare and conclude the necessary contract. If no contract is formed, your data will be deleted six months after contact.
  14. We process your name and email address to provide and update our services, and to inform you of updates. This data will be deleted once it is no longer necessary for the provision of the service.
  15. Transfer of Data to Third Parties

  16. Personal data (excluding medical data) is only shared with third parties if necessary for communication, contract fulfillment, or billing purposes.
  17. Your medical data is processed exclusively by our own services and stored on secure, certified servers located solely in Switzerland. At the customer's request, data can be stored on servers within the EU, as per contractual agreements. Medical data is never transmitted to the USA or other third countries, and data transmission is secured via SSL encryption.
  18. Data Security

  19. The security of your data is very important to us, and we use the most advanced administrative, technical, personnel, and physical measures to protect your data from loss, theft, unauthorized access, disclosure, or alteration.
  20. We protect your personal data through technical and organizational measures (password protection, secure servers with encryption in Switzerland (or Europe/Switzerland for European customers), backup security and monitoring, physical disk protection, encrypted data transmission, two-factor authentication, etc.) in accordance with Article 8 DSG.
  21. These measures particularly protect against unauthorized, illegal, or accidental access, processing, loss, use, or manipulation, ensuring that unauthorized third parties cannot access your data. Due to our high-security standards, data breaches are almost entirely preventable. In the unlikely event of a breach, our extensive technical and organizational measures (TOMs) ensure early detection and prompt notification to you or the relevant supervisory authority, depending on the type of data involved.
  22. We use appropriate technical security measures, such as secure hosting, to further protect your personal data. Our services are cloud-agnostic, allowing for customized solutions based on customer requests.
  23. Medical data is processed in such a way that no direct link to individuals can be established. Once processing is no longer required, the data is deleted in accordance with legal and contractual requirements.
  24. Your Rights

  25. You have the right to exercise your data protection rights at any time, including:
    • The right to request information about your stored personal data, its origin, recipients, and purpose of processing
    • The right to correct inaccurate personal data
    • The right to data portability
    • The right to object to processing
    • The right to restrict processing
    • The right to block or delete incorrect or unlawfully processed data.
  26. You can contact us anytime regarding these rights using the contact information provided in section 2 ([email protected]).

  27. If your right to lawful data processing is unexpectedly violated, please contact us immediately (see section 2 for our contact details). You also have the right to file a complaint with the Swiss Data Protection Authority (EDÖB) or with another data protection authority in the EU (for EU customers).
  28. Any Questions?

  29. If you have any questions about your personal data, feel free to contact us anytime at [email protected] or via the contact information provided in section 2.
  30. Changes to the Privacy Policy

  31. We may update this Privacy Policy at any time. Any changes will be communicated to our existing partners in advance. The version published on our website is the current and applicable version.