Privacy Policy

Last updated: 6/29/2026

Pursuant to Regulation (EU) 2016/679 ("GDPR") and the Swiss Federal Act on Data Protection ("FADP"), Rep.AI Sagl (hereinafter, "Company", "we", or "Data Controller") provides the following information regarding the processing of personal data of users (hereinafter, "User" or "Data Subject") who consult and interact with the website https://www.repai.ch/ (hereinafter, the "Website").

1. Data Controller

The Data Controller of personal data is:

2. Types of Data Collected

The Data Controller collects and processes the following types of personal data:

• Navigation data: the computer systems and software procedures used to operate the Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols (e.g., IP addresses, computer domain names, URI/URL of requested resources, time of request, etc.).
• Data provided voluntarily by the User: the optional, explicit, and voluntary sending of messages to the Company's contact addresses, as well as the completion and forwarding of the forms on the Website (e.g., contact form, demo request), entail the acquisition of the sender's contact data (name, surname, e-mail address, role/company, telephone number), necessary to respond, as well as all personal data included in the communications.

3. Purposes and Legal Basis of Processing

The User's personal data will be processed for the following purposes:

4. Processing Methods and Security

The processing of personal data takes place using manual, IT, and telematic tools with logic strictly related to the purposes themselves and, in any case, in such a way as to guarantee the security and confidentiality of the data themselves, in compliance with the security standards required by applicable regulations.

5. Data Retention

Personal data will be kept for the time strictly necessary to achieve the purposes for which they were collected. Specifically:

• Navigation data are deleted or made anonymous immediately after processing (except for any need to ascertain crimes by the Judicial Authority).
• Data voluntarily provided by the User for contact or demo requests will be kept for the time necessary to provide feedback and manage the relationship, and in any case no later than the limitation periods provided by law for the protection of the Data Controller's rights.

6. Data Communication and Transfer

Data may be made accessible to employees and collaborators of the Data Controller, in their capacity as persons authorized to process data. They may also be communicated to third parties who carry out outsourcing activities on behalf of the Data Controller (e.g., IT service providers, hosting providers), specifically appointed as Data Processors.

Personal data are stored on servers located within Switzerland and/or the European Union. Should it become necessary to transfer data to non-EU/EEA countries, the Data Controller ensures from now on that such transfer will take place in compliance with applicable legal provisions.

7. Rights of the Data Subject

The Data Subject has the right to ask the Data Controller, at any time:

• Access to their personal data, rectification or deletion of the same;
• The limitation of the processing concerning them or to object to their processing;
• Data portability (receive data in a structured, commonly used, and machine-readable format);
• The withdrawal of consent (where given), without affecting the lawfulness of processing based on consent before withdrawal.

To exercise their rights, the Data Subject can contact the Data Controller by sending a written communication to the contact details indicated in point 1. The Data Subject also has the right to lodge a complaint with the competent Supervisory Authority if they believe that the processing of their data is contrary to current legislation.