Privacy Policy

1. Responsibility

The controller responsible for data processing on this website is:

9senses AG Florastrasse 49 8008 Zurich / Switzerland Email: contact{at}9senses.ai
Represented by: Johannes Kunz, board member
Company register: Registered with the trade register of Canton Zurich
Registry number / UID: CHE-107.406.941

 

2. Scope (B2B)

Our services are intended for businesses only (B2B). Where we process personal data of individuals located in the EU, we additionally comply with the EU GDPR. For Switzerland, the revised Swiss Federal Act on Data Protection (revFADP) applies.

 

3. Hosting (STRATO Germany)

This website is hosted by STRATO AG (Germany). When you visit the website, server log files may be processed, in particular: IP address, date/time, requested pages, referrer URL, browser/OS. This is necessary to ensure security, stability and to prevent abuse. Legal basis: revFADP (overriding interest) and GDPR Art. 6(1)(f) (legitimate interests).

 

4. Contact (contact form, email)

If you contact us, we process the information you provide (e.g., name, company, email, message) to respond to your request and, where applicable, to take pre-contractual steps. Legal basis: GDPR Art. 6(1)(b) (contract/pre-contract) and/or Art. 6(1)(f) (B2B communication); revFADP (overriding interest).

 

5. WooCommerce, customer account, orders

For order processing (WooCommerce), we process order, invoicing and contact details and, where applicable, data related to your customer account. Processing is necessary for contract performance, invoicing, accounting and legal retention obligations. Legal basis: GDPR Art. 6(1)(b) (contract) and Art. 6(1)(c) (legal obligations); revFADP.

 

6. Payments (PayPal, Stripe, Vivid)

We use payment service providers to process payments. The data required for payment processing (e.g., amount, transaction data, payment status) is transmitted to the relevant provider. The providers process data under their own privacy policies.

• PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg
• Stripe Payments Europe Ltd., Ireland
• Vivid (Vivid Money), Germany

Legal basis: GDPR Art. 6(1)(b); revFADP.

 

7. Matomo Analytics (self-hosted, cookieless)

We use Matomo in a self-hosted configuration. Matomo is configured so that no marketing profiles are created, no data is shared with third parties, and no tracking cookies are set (cookieless). Data is processed solely to measure reach and improve our B2B offering where technically necessary. Legal basis: GDPR Art. 6(1)(f) (legitimate interests); revFADP.

 

8. Cookies / No-cookie approach

We do not use cookies for advertising or tracking purposes. However, strictly necessary cookies may be used by WooCommerce (e.g., cart, checkout, payment). A cookie consent banner is only used if consent-required technologies are implemented on the website.

 

9. LinkedIn

Our website contains links to LinkedIn. When you click such links, data may be transmitted to LinkedIn. LinkedIn processes such data under its own responsibility; we have no control over that processing.

 

10. Client data storage & project work (Language Models)

In the course of our consulting and audit services, we may store and process client data (e.g., project documents, communications, results). We do not use cloud LLM providers; analyses are performed exclusively using locally operated Small Language Models (SLMs). Client data is not used for training purposes and is not shared with third parties unless required for contract performance or by law. Legal basis: GDPR Art. 6(1)(b); revFADP.

 

11. Recipients / processors

We use service providers to deliver our services (e.g., hosting, payment processing). Where required, we enter into data processing agreements (GDPR Art. 28) and ensure compliance under the Swiss revFADP.

 

12. Retention

We store personal data only as long as necessary for the respective purposes and in line with applicable statutory retention obligations (e.g., accounting/tax law).

 

13. Your rights

Subject to applicability, you may have rights including access, rectification, erasure, restriction, data portability, objection, and withdrawal of consent. Switzerland: You may lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC). EU: You may lodge a complaint with a supervisory authority.

 

14. Security

We use appropriate technical and organizational measures (e.g., TLS encryption, access controls) to protect data.

 

15. Changes

We may update this Privacy Policy from time to time. The current version published on this website applies.