Privacy Policy

1. Responsible Entity

The entity responsible for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP) is:

KamiSource GmbH Sumpfstrasse 18 CH-6312 Steinhausen Switzerland

Email: datenschutz@kamisource.ai

Represented by: Mark Neuhauser (CEO)

Given the current size of the company and the scope of its processing activities, the provider has not appointed a data protection officer. Please address data protection enquiries to the contact details listed above.

2. Data We Process on the Website

2.1 Server Log Files

When the website is accessed, technically required data is automatically recorded and temporarily stored in server log files:

• IP address (in shortened / pseudonymised form)
• Date and time of access
• URL accessed
• Referrer (previous page)
• Browser type, operating system
• HTTP status code

Purpose: providing and ensuring the availability of the website; detection and defence against attacks.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in stable, secure operation of the website); Art. 31(1) FADP.

Retention: maximum 30 days. Logs are subsequently anonymised or deleted.

2.2 Invitation Request ("Request Access")

The website offers the option to request an invitation to the platform. The following data is collected:

• Email address
• Name (optional)
• Company / role (optional)

Purpose: processing the invitation request, establishing a business contact relationship and, where appropriate, sending an invitation to the platform.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in business development).

Retention: until the request has been processed; in the event of contract initiation, longer retention may apply within the scope of platform data processing (see Platform Privacy Policy).

3. Cookies and Similar Technologies

The website uses only technically required cookies that are necessary for operation. A detailed overview of all cookies in use can be found in the Cookie Notice.

4. Third-Party Services in Use

4.1 Vercel (Hosting)

The website is hosted by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA.

When the website is accessed, technically required connection data (IP address, user agent, referrer) is transmitted to Vercel. Delivery takes place exclusively through the Vercel edge region EU (Frankfurt); other edge regions are not used.

Transfer to third countries: Vercel Inc. is based in the USA. Where Vercel transfers personal data from the EU to the USA in the course of the hosting service (e.g. for support, maintenance or billing purposes), this is safeguarded by the EU-US Data Privacy Framework (Vercel is certified) and by EU Standard Contractual Clauses (SCCs).

4.2 Sentry (Error and Performance Monitoring)

We use Sentry to support technical stability of the website.

• Region: EU
• Data captured: technical error messages, stack traces, user agent, shortened IP, URL accessed.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in stable, error-free operation of the website).

Retention: by default 90 days; automatic deletion thereafter.

4.3 No Further Trackers

The marketing website uses no analytics, re-targeting or marketing trackers — in particular no Google Analytics, Meta Pixel, LinkedIn Insight or comparable tracking tools. Only the third-party services listed in sections 4.1 and 4.2 are used on the marketing website.

5. Transfer to Third Countries

Where personal data is transferred to recipients in countries outside the EU/EEA or Switzerland (in particular the USA), this takes place on the basis of one of the following safeguards:

• adequacy decision of the European Commission or recognised adequacy under Swiss FADP (e.g. EU-US Data Privacy Framework, where the recipient is certified)
• EU Standard Contractual Clauses pursuant to Art. 46(2) GDPR in conjunction with Art. 16 FADP, supplemented where necessary by additional technical and organisational measures

A current list of recipients can be found in section 4 above.

6. Your Rights

You have the right:

• to obtain information about the personal data we process about you (Art. 15 GDPR / Art. 25 FADP)
• to request rectification of inaccurate data (Art. 16 GDPR / Art. 32 FADP)
• to request erasure of your data, insofar as no statutory retention obligations apply (Art. 17 GDPR / Art. 32 FADP)
• to request restriction of processing (Art. 18 GDPR)
• to object to processing based on legitimate interests (Art. 21 GDPR / Art. 30 FADP)
• to request data portability (Art. 20 GDPR)
• to withdraw consent at any time with effect for the future (Art. 7(3) GDPR / Art. 6(6) FADP)
• to lodge a complaint with the competent supervisory authority (Art. 77 GDPR)

Competent supervisory authorities are:

• in Switzerland: Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern, edoeb.admin.ch
• in the European Union: the data protection supervisory authority at the data subject's place of residence or work

To exercise your rights, an informal email to datenschutz@kamisource.ai is sufficient.

7. Data Security

We implement technical and organisational measures to protect your data against loss, manipulation and unauthorised access. In particular, the transmission of website content is secured by TLS encryption (HTTPS).

8. Changes to This Privacy Policy

We adapt this privacy policy whenever legal requirements or technical circumstances make it necessary. The current version is available on this page. You should review the content regularly.

Last updated: 4 May 2026