Legal

Privacy Policy

Privacy Policy

Last updated: 18.09.2025

This Privacy Policy explains how Papers AG (“we”, “us”, “our”), the operator of Obsidio, collects, uses, and protects personal data when you visit our website (www.obsidio.ch) or use our platform (app.obsidio.ch). We comply with the Swiss Federal Data Protection Act (revDSG) and the EU General Data Protection Regulation (GDPR).

1. Data Controller

Papers AG
Dammstrasse 16
6300 Zug
Switzerland

Contact person for data protection:
Alessandro De Carli

E-Mail: support@obsidio.com

2. Personal Data We Collect

a) Website (www.obsidio.ch)

  • Contact form data: name, company, email, role, message.

  • Technical data: IP address, browser type, device information.

  • Usage data: pages visited, session time (via Google Analytics).

  • Cookies: see section 5.

b) Platform (app.obsidio.ch)

  • Account data: name, email, company details, login credentials.

  • Service data: simulation logs, usage statistics, technical metadata (e.g., requests per second, worker status).

  • Security data: IP addresses, authentication tokens.

3. Purpose of Processing

We process personal data for the following purposes:

  • To respond to inquiries and demo requests.

  • To provide and operate the Obsidio service (accounts, simulations, reporting).

  • To ensure platform security, monitoring, and fraud prevention.

  • To comply with legal obligations (including FINMA-related requirements).

  • To analyze website usage and improve user experience (Google Analytics).

4. Legal Basis for Processing

  • Consent: when you submit a contact form or accept cookies.

  • Contract: when you create an account to use Obsidio.

  • Legitimate Interest: for platform security, service optimization, and analytics.

  • Legal Obligation: where regulatory compliance requires.

5. Cookies & Analytics

We use cookies and Google Analytics to analyze traffic and improve our website.

  • You can manage cookies through your browser settings or via our cookie banner.

  • Google Analytics may transfer data to servers outside Switzerland/EU. Google is certified under the EU-US Data Privacy Framework.

6. Data Transfers

Personal data may be processed on servers outside Switzerland and the EU. In such cases, we ensure compliance with Swiss and EU adequacy decisions or use standard contractual clauses (SCCs) to safeguard your data.

7. Data Sharing

We do not sell or share personal data with third parties. Data may only be shared with service providers acting on our behalf (e.g., hosting via Framer, analytics providers like Google).

8. Retention

We store personal data only as long as necessary:

  • Contact form data: up to 12 months.

  • Account data: for the duration of your account, then deleted upon closure.

  • Simulation data/logs: retained as long as required for compliance and audit, then securely deleted.

  • Cookies/Analytics: as defined by Google (max. 26 months).

9. Security

We apply appropriate technical and organizational measures to protect data against unauthorized access, loss, or misuse. This includes Trusted Execution Environments (TEEs), encryption, and strict access controls.

10. Your Rights

You have the right to:

  • Access your personal data.

  • Correct inaccurate data.

  • Request deletion of your data.

  • Restrict or object to processing.

  • Request data portability.

  • Lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or your local EU authority.

To exercise your rights, contact us at support@obsidio.io.

11. Updates

We may update this Privacy Policy from time to time. The latest version is always available on our website.

Benefits

Benefits

Product

Product

About

About

Contact

Contact