Privacy Policy

1. Overview

AIM — AI Marketing ("AIM", "we", "us") is operated by TennoTenRyu Inh. Cesarano, registered in Zug, Switzerland. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website and services.

We are committed to protecting your privacy in accordance with the Swiss Federal Act on Data Protection (nDSG, in force September 2023) and, where applicable, the European Union General Data Protection Regulation (EU GDPR 2016/679).

2. Data We Collect

2.1 Data you provide directly

• Email address — when you request a free audit or subscribe to a plan
• Domain name — the domain you submit for AI visibility analysis
• First name — optional, for personalised communications
• Payment data — processed exclusively by Stripe (we receive only payment confirmation, not card details)

2.2 Data collected automatically

• IP address and approximate geographic location
• Browser type and version
• Pages visited and time spent on site
• Referral source

2.3 Data we do NOT collect

• We do not use third-party tracking cookies or behavioural advertising pixels
• We do not collect sensitive personal data (health, religion, ethnicity, etc.)
• We do not purchase or import third-party contact lists

3. Legal Basis for Processing

• Contract performance (Art. 6(1)(b) GDPR): processing necessary to provide the AIM service you requested
• Legitimate interests (Art. 6(1)(f) GDPR): fraud prevention, service improvement, security monitoring
• Consent (Art. 6(1)(a) GDPR): marketing emails — collected via double opt-in (DOI); you may withdraw at any time
• Legal obligation (Art. 6(1)(c) GDPR): invoicing, tax records, compliance with Swiss commercial law

4. Double Opt-In Email Marketing

All marketing email subscriptions at AIM use a double opt-in (DOI) process in accordance with Swiss nDSG and EU GDPR requirements:

1. You submit your email address and domain via our website form
2. We send a confirmation email with a unique, time-limited link (valid 24 hours)
3. Your subscription is only activated after you click the confirmation link
4. You may unsubscribe at any time via the link in every email or by contacting us directly

We send: domain audit results, AIM service updates, AI marketing insights, and promotional offers relevant to your domain. You may opt out of promotional emails while retaining service-related communications.

5. Data Sharing and Third Parties

We share your data only with the following third-party processors, under data processing agreements:

• Stripe Inc. (Dublin, Ireland / San Francisco, USA) — payment processing. Stripe is certified PCI DSS Level 1. Stripe Privacy Policy
• Resend Inc. (San Francisco, USA) — transactional and marketing email delivery
• Groq Inc. — AI language model inference for domain analysis (no personal data is sent to Groq beyond the domain name)
• Render Inc. — cloud hosting infrastructure (Frankfurt, EU data centre)

We do not sell your data to any third party. We do not share your data with advertising networks.

6. International Data Transfers

Some of our processors are based outside Switzerland and the EU/EEA. For transfers to the USA, we rely on Standard Contractual Clauses (SCCs) or the EU-US Data Privacy Framework where applicable. Switzerland's adequacy decision covers EEA transfers under Swiss law.

7. Data Retention

• Lead and contact data: retained for 36 months from last interaction, or until you request deletion
• Payment records: retained for 10 years as required by Swiss accounting law (OR Art. 958f)
• Email consent records: retained for 3 years after unsubscription (for compliance evidence)
• Server logs: deleted after 30 days

8. Your Rights

Under Swiss nDSG and EU GDPR, you have the following rights:

• Access: request a copy of the personal data we hold about you
• Rectification: correct inaccurate or incomplete data
• Erasure: request deletion of your data ("right to be forgotten")
• Portability: receive your data in a machine-readable format
• Objection: object to processing based on legitimate interests
• Withdrawal of consent: withdraw consent for marketing emails at any time
• Complaint: lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) at edoeb.admin.ch

To exercise any of these rights, contact us at gilbert@cesaranogilbert.com. We respond within 30 days.

9. Security

We implement appropriate technical and organisational measures to protect your data, including:

• TLS 1.3 encryption for all data in transit
• Encrypted storage at rest for sensitive fields
• Access controls limiting data access to authorised personnel only
• Regular security reviews of our infrastructure and code

10. Cookies

AIM uses no third-party tracking cookies. We use session-functional cookies only where strictly necessary for checkout and DOI confirmation flows. No cookie consent banner is required for our minimal, functional cookie use.

11. Children's Data

AIM services are intended for businesses and professionals. We do not knowingly collect data from persons under 16. If you become aware that a minor has submitted data to us, contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable law. Material changes will be communicated via email to subscribed users at least 14 days before taking effect. Continued use of AIM after changes constitutes acceptance.

13. Contact