aidX
Workspace
Updates & FAQ
PrivacyTermsSecurityImprint

Privacy Policy

Last updated: March 2026

Controller

aidX AG, Bachtelstrasse 57, 8330 Pfäffikon ZH, Switzerland. Email: privacy@aidx.ch

What We Collect

  • Account data: email address, professional role (at registration)
  • Usage data: session logs, feature usage (anonymized)
  • Content data: chat inputs, uploaded documents, audio recordings — all clinical content is encrypted client-side before transmission. Our servers cannot access the plaintext content of your sessions.
  • Technical data: IP address, browser type, device identifiers

How We Use Your Data

  • To provide and improve the Service
  • To manage subscriptions and billing (via Paddle)
  • To send transactional emails (account, billing notifications)
  • To ensure security and prevent abuse

Zero-Knowledge Encryption Policy

All clinical content (chats, documents, transcriptions) is encrypted client-side with keys derived from your device. Our servers cannot access the plaintext content of your sessions.

Billing — Paddle

Payments are processed by Paddle.com Market Ltd as our Merchant of Record. When you subscribe, Paddle collects and processes your payment information under their own Privacy Policy (paddle.com/privacy). We receive only subscription status from Paddle — no full payment details.

AI Inference

AI inference is performed on infrastructure operated by us or under our direct control. No clinical content is transferred to third-party AI model providers.

Infrastructure & Hosting

Infrastructure is hosted by Infomaniak Network SA, Switzerland. All data remains on servers located in Switzerland.

Data Retention

  • Account data: retained for the duration of the subscription plus 12 months after cancellation
  • Content data: retained per your subscription tier's history limit. Users may delete content manually at any time.
  • Billing records: retained as required by Swiss law (10 years)

Your Rights (GDPR / nDSG)

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Data portability
  • Object to processing
  • Lodge a complaint with a supervisory authority

To exercise your rights: privacy@aidx.ch

Cookies

We use only technically necessary cookies for session management. No tracking or advertising cookies.

Security

We implement ISO 27001-aligned security practices including client-side encryption, encryption in transit and at rest, access controls, and regular security reviews.

Changes

We will notify you of material changes via email or in-app notice.

Contact

aidX AG · Bachtelstrasse 57 · 8330 Pfäffikon ZH privacy@aidx.ch