Data protection

Elisa takes the protection of your data seriously and informs transparently. The following privacy policy is current as of January 2026

1. Responsible Party

The entity responsible for data processing on this website and in connection with the email assistant Elisa is:

MADLAB GmbH
Seftigenstrasse 310
3084 Wabern
Switzerland

privacy@meet-elisa.ai

  1. Scope

This privacy policy applies to:

  • the website meet-elisa.ai

  • the web application and SaaS services of Elisa

  • the AI-powered email assistant Elisa

  • associated APIs and integrationsData Security

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your information.

3. Processed Personal Data

3.1 Visiting the Website

When you access our website, the following data is processed automatically:

  • IP address

  • Date and time of access

  • Browser type and version

  • Operating system

  • Referrer URL

  • accessed pages

This data is used for the technical provision, stability, and security of the website.


3.2 Contacting Us

When contacting us (e.g., via email or form), we process:

  • Name

  • Email address

  • Content of the message

  • Metadata of the communication


3.3 Use of the Elisa Platform (Accounts)

When using our services, the following data is processed:

  • Name

  • Email address

  • Login information

  • Language settings

  • Configuration data

  • technical usage data


3.4 Processing of Email Data by Elisa

To provide the core functionality of the email assistant, Elisa processes email data after explicit connection by the user.

Type of data:

  • Email headers (sender, recipient, subject)

  • Email content

  • Metadata (e.g., timestamps)

  • Analysis and classification results generated by Elisa

Important Clarification:

  • Email content is not stored permanently

  • only relevant information for the function and configuration of Elisa is stored for a maximum of 30 days

  • Access data (passwords, OAuth tokens) is stored encrypted and protected against unauthorized access

4. Purpose of Data Processing

Processing is carried out for the following purposes:

  • Provision and operation of the website

  • Provision of contractual services (SaaS)

  • Analysis, categorization, and prioritization of emails

  • Creation of response drafts

  • Improvement of configuration and user experience

  • Support, error analysis, and security

  • Marketing and anonymized analysis (website)

5. Legal Basis

The processing of personal data is based on the following legal grounds:

  • Art. 6 para. 1 lit. b GDPR – Performance of the contract

  • Art. 6 para. 1 lit. a GDPR – Consent

  • Art. 6 para. 1 lit. f GDPR – Legitimate interest

  • Art. 6 para. 1 lit. c GDPR – Legal obligation

6. Use of Artificial Intelligence (AI)

Elisa uses services from OpenAI to process email content by default.

  • Content is processed solely for the provision of the desired function

  • there is no training of AI models with customer data

  • Users can connect their own AI accounts

  • data processing is carried out in a data-saving manner according to the principle of purpose limitation

7. Data Sharing with Third Parties

Data is only shared as far as necessary for the provision of services:

  • Hosting: MADLAB GmbH servers (Switzerland, Germany, Finland)

  • AI Service Providers: OpenAI or customer-owned providers

  • Email Providers: IMAP / OAuth (e.g., Gmail, Microsoft)

  • Payment Providers: Stripe

  • Analytics: Google Analytics (only public website)

8. Cookies & Tracking

8.1 Cookies

We use:

  • technically necessary cookies

  • cookies for anonymized analysis and marketing on the public website

8.2 Google Analytics

The website uses Google Analytics for anonymized analysis of user behavior.

Important:

  • in the admin area and in areas with sensitive data, no tracking occurs

  • IP addresses are anonymized

9. Newsletter & Communication

  • Newsletters only with double opt-in

  • system-relevant information is sent only to active users

  • Unsubscribing is possible at any time

10. Storage Duration

  • Email-related configuration data: max. 30 days

  • Account data: as long as the account is active

  • Log data: time-limited for security and error analysis

  • legal retention obligations remain reserved

11. Data Security

We implement technical and organizational security measures, including:

  • TLS encryption

  • encryption of sensitive data

  • access restrictions

  • role-based permissions

12. Rights of Data Subjects

Data subjects have the right to:

  • information

  • rectification

  • deletion

  • restriction of processing

  • data portability

  • withdrawal of given consents

  • complain to a supervisory authority

13. International Data Transfers

Processing primarily takes place in Switzerland and the EU.
To the extent that data is processed in third countries, this is done under appropriate safeguards (e.g., standard contractual clauses).

14. Changes

We reserve the right to adjust this privacy policy.
The current version applies on meet-elisa.ai.