Privacy Policy

General
AI Business School (hereinafter referred to as “AIBS”), collects and processes personal data carefully and only to the extent permitted by law. In the following AIBS explains which policies AIBS complies with and for what purpose AIBS collects and processes personal data via this website and other websites and applications operated by us or affiliated companies.When you register and use AIBS services, AIBS collects certain personal data so that AIBS can provide its services targeted to you. Within the scope of communication and data collection, the following data is stored by AIBS or by third party companies that provide the corresponding services:

• Registration data (e.g. name, surname)
• User-entered data (e.g. ideas, comments, form entries, API Key and endpoint for Azure OpenAI),
• Analytics and traffic logs
• User-triggered actions logs (e.g. login time, logout time, visited pages)

If you are registered to one or more of AIBS Business Services initiated, sponsored or paid by your employer or school or another third party, AIBS may share information about your interests, progress and results with them. AIBS may combine such information with information that AIBS receives from other sources, online and offline, and use such combined information in accordance with this Privacy Policy.The purpose of this data capture is:

• to identify and authenticate users,
• to plan and execute communication and mobilization measures,
• to provide the business services and functions,
• to facilitate ideation, innovation, usage of the preffered API Key usage
• to give the user the opportunity to comment on content
• to gather feedback to enable us to continually improve and extend our platform, services and your user experience
• to be able to provide and improve our services in a contractual and targeted manner,
• to provide your company with insights, reporting and analytics to continuous track progress and outcomes,
• to use data in anonymized form for research purposes, for example, to develop new products and services,
• to minimize the risk of fraud,
• to comply with applicable legislation and case law and to be able to respond to requests from administrative or other state authorities,
• to protect AIBS, your company and third parties.

In the context of the European General Data Protection Regulation (GDPR) regulations apply which may also be applicable to companies and service providers domiciled in Switzerland. As far as these provisions are applicable, AIBS complies with these provisions. The most important of these rights are listed below. Further details can be found in the legal basis, which can be accessed via the following link.

The central aspects of these legal guidelines are listed below:

Right to information
Where personal data are collected, the data subjects are to be provided with a range of information regarding the collection of data, in particular what data are collected and for what purpose.

Right of access by the data subject
According to the GDPR, the person affected by the data processing is entitled to demand a confirmation that personal data are processed by him or that this is not the case. Where data is processed, the GDPR establishes various rights (e.g. the right to obtain a copy of the data).

Right to rectification
The data subject shall have the right to request the controller of the data to rectify any inaccurate personal data concerning him/her without delay. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration.

Right to erasure (“right to be forgotten”)
The data subject has the right to request that personal data relating to him/her be deleted immediately and the personal data must be deleted immediately if one of the reasons listed in the GDPR applies, for example that the data are no longer necessary for the purpose for which they were collected.

Right to restriction of processing
In certain cases, the data subject has the right to require the GDPR to restrict the processing of data. If such a restriction is requested, the data may only be retained, but may no longer be processed.

Right of notification
According to the GDPR, all recipients to whom personal data have been disclosed must be informed of any correction or deletion of personal data or any restriction on processing, unless this proves impossible or involves disproportionate effort.

Right to data transferability
The data subject has the right to receive the data that he has provided in a structured, common and machine-readable format and has the right to transfer this data to another data controller, for example to change the service provider. However, this right can only be exercised if the data processing is based on the consent of the data subject or on a contract.

Right to object
The data subject shall also have the right to object at any time, for reasons arising from his or her particular situation, to certain processing of personal data relating to him or her, including profiling based on these provisions. Subsequently, the data may no longer be processed, unless the data processor can prove compelling reasons for the processing which are worthy of protection and which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him/her for the purposes of such advertising, including profiling in so far as it is related to such direct marketing.

Right to waive an automated decision in individual cases
In addition, the data subject has the right not to be subject to a decision based exclusively on automated processing, including profiling, which has legal effect against him or her or significantly affects him or her in a similar manner.

Right to be informed of data protection violations
Should the provisions on the protection of personal data be violated, the person affected by the violation will be informed, provided that this entails a high risk for personal rights and freedoms.

Special protection for children
Furthermore, the GDPR also provides special protection for children. For example, in the case of services offered directly to a child, consent to the processing of the child’s data must be given or authorised by the holder of parental responsibility, whereby the age limit in question may be defined differently in the various countries within the scope of application of the GDPR.

Technical measures for data security
AIBS protects personal data through appropriate technical and organisational security measures and stores them on secure servers. The website is protected against manipulation by the usual state-of-the-art measures and against access, modification or distribution by unauthorised persons. This includes taking data protection aspects into account as early as the planning phase of our services (“privacy by design”), and our new products or services are offered with data protection-friendly default settings (“privacy by default”).

Transfer of data to third parties
AIBS is entitled to pass on your personal data to service providers for the purposes of the contract, including abroad. These are, for example, cloud service providers, other companies in the group, other providers of services relevant to the provision of corporate services, including, for example, IT service providers, management consultants and lawyers, and public authorities. These third parties are also obliged to comply with the legal provisions on data protection. A complete list of the data processors involved can be requested from us.

AI Business School
Kantonsstrasse 56
8807 Freienbach
Switzerland

Last updated: 06.09.2024