Skip to main content

Privacy Policy

Last updated: September 2025

We take the protection of your personal data very seriously. This Privacy Policy explains what personal data we collect through our website www.onaihq.com, how we use it, and what rights you have under the General Data Protection Regulation (GDPR).

1. Data Controller

The website www.onaihq.com is operated by:

Telesoft AG

Weisserlenweg 7
8966 Oberwil-Lieli
Switzerland

Email: [email protected]

2. Data We Collect

When you use our website, we may collect the following personal data:

  • Contact Form: name, email address, company, and your message
  • Calendly (demo scheduling): when booking a demo, personal details (e.g., name, email, availability) are collected by Calendly
  • Technical data: such as IP address, browser type, and date/time of access (processed by our hosting provider Cloudflare for security and performance purposes)

We do not collect payment data via our website.

3. Purpose of Processing

We process your personal data for the following purposes:

  • Responding to your inquiries submitted via the contact form
  • Scheduling and organizing demo appointments via Calendly
  • Ensuring the secure and reliable operation of our website (via Cloudflare)

We do not use your data for automated decision-making or profiling.

4. Legal Basis for Processing

We process your data on the following legal bases under the GDPR:

  • Article 6(1)(b) GDPR: to respond to your requests and provide our services
  • Article 6(1)(f) GDPR: our legitimate interest in ensuring the security and proper functioning of our website

5. Data Retention

  • Contact form inquiries: stored for up to 2 years
  • Technical logs (Cloudflare): retained as per Cloudflare's security policies
  • Calendly bookings: retained according to Calendly's privacy policy

Data will be deleted once it is no longer required for the purposes stated above.

6. Data Sharing and Third Parties

We share data only with trusted service providers necessary for operating our website:

  • Calendly, LLC (USA): for demo bookings. Data may be transferred outside the EU, with protection through Standard Contractual Clauses (SCCs).
  • Cloudflare, Inc. (USA/EU): for hosting, content delivery, and security. Data may be transferred internationally under SCCs.

We do not sell or otherwise disclose your personal data to third parties for marketing purposes.

7. Data Security

Your data is transmitted using SSL encryption. We also rely on our hosting partner's security measures (Cloudflare) to protect your personal information from unauthorized access, disclosure, alteration, or destruction.

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Access – to receive a copy of your data
  • Rectification – to correct inaccurate data
  • Erasure – to request deletion of your data
  • Restriction – to limit processing under certain conditions
  • Portability – to receive your data in a structured, machine-readable format
  • Objection – to object to processing based on legitimate interests

To exercise your rights, please contact us at [email protected].

You also have the right to lodge a complaint with a supervisory authority if you believe your data is not being processed in compliance with GDPR.

9. International Data Transfers

Where data is transferred outside the EU/EEA (e.g., via Calendly or Cloudflare), we ensure adequate protection through the use of EU Standard Contractual Clauses (SCCs).

10. Policy Updates

We may update this Privacy Policy from time to time, for example due to changes in our services or legal requirements. The updated version will always be published on this page.