← Back to home
Legal

Privacy Policy

Last updated: January 25, 2026

1. Introduction

This Privacy Policy describes how Parsing Sàrl, operating as ogram (hereinafter “ogram”, “we”, “our”, or “us”), processes personal data in connection with our Intelligence-as-a-Service platform.

ogram is committed to data sovereignty, confidentiality, and Swiss regulatory standards. This policy applies to our website, services, and all interactions with clients and users.

2. Data Controller

The data controller responsible for your personal data is:

Parsing Sàrl (ogram)

Switzerland

Email: info@ogram.ch

3. Data We Process

3.1. Account Data

Information provided during account registration and necessary for service delivery and billing, including: names, email addresses, billing information, and organizational details.

3.2. Client Content

All information, files, and data that clients and their authorized users process, store, or generate within the service.

Principle of Local Residence: Our architecture ensures that Client Content remains on infrastructure controlled by the client. ogram does not access, transfer, or copy Client Content to external servers for basic operations.

3.3. AI Query Data

When clients use AI-powered features, specific queries submitted to AI functionality may be processed by third-party AI service providers as detailed in Section 5.

3.4. Website Usage Data

Technical information collected when you visit our website, including IP addresses, browser type, device information, and pages visited.

4. Legal Basis for Processing

We process personal data based on:

  • Contractual necessity: To provide the services requested by clients
  • Legitimate interests: To operate, maintain, and improve our services
  • Legal obligations: To comply with applicable Swiss and international law
  • Consent: Where explicitly provided for specific processing activities

5. Third-Party Service Providers

ogram engages carefully selected third-party processors to deliver specific functionalities:

5.1. AI Processing

When clients submit queries to AI features, these queries are processed by:

OpenAI, LLC

Location: United States

Data transferred: Specific user queries only

Purpose: Generate AI-powered responses

Safeguards: Standard Contractual Clauses (SCCs)

Retention: Maximum 30 days for security and abuse monitoring

Training: Data is not used for model training

ogram retains the flexibility to select alternative or additional AI providers to maintain service quality and performance. Clients will be notified of material changes.

5.2. Payment Processing

Payment transactions are processed through secure third-party payment providers. ogram does not store complete credit card information.

5.3. Infrastructure Providers

We use cloud infrastructure providers for hosting Account Data and service operations. Client Content remains on client-controlled infrastructure.

6. International Data Transfers

When AI queries are processed by providers located outside Switzerland or the European Economic Area, we ensure adequate protection through:

  • Standard Contractual Clauses approved by Swiss authorities
  • Contractual commitments to data minimization
  • Technical and organizational security measures
  • Limited retention periods

Clients acknowledge and accept these transfers when using AI-powered features.

7. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or alteration, including:

  • Encryption in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments
  • Confidentiality obligations for personnel
  • Incident response procedures

8. Data Retention

We retain personal data for the following periods:

  • Account Data: Duration of the contractual relationship plus applicable legal retention periods
  • Client Content: Controlled by the client; retained for 30 days after contract termination to allow data export
  • AI Queries: Retained by third-party processors for maximum 30 days
  • Billing records: As required by Swiss law (typically 10 years)

9. Your Rights

Under applicable data protection law, you have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Request deletion of your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC)

To exercise these rights, contact us at info@ogram.ch

10. Client Responsibilities

Clients remain responsible for their Client Content and must ensure:

  • Compliance with applicable data protection laws
  • Appropriate legal basis for processing personal data within Client Content
  • Not submitting unnecessary personal data in AI queries
  • Informing their authorized users about data processing practices

11. Cookies and Tracking

Our website uses minimal essential cookies for functionality and security. We do not use advertising or third-party tracking cookies.

Analytics are conducted in a privacy-respecting manner without identifying individual users.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated to clients at least 60 days before taking effect.

The current version is always available at ogram.ch/privacy

13. Contact

For questions about this Privacy Policy or data processing practices:

ogram

Email: info@ogram.ch

Terms of ServiceContact