Skip to content
Using the right CMS for your business? Free online CMS check
AI and automation AI & Artificial Intelligence

AI Data Privacy for Swiss SMEs: Which Solution Is Truly Compliant

When you add an AI chatbot to your website or use ChatGPT for customer communication, one uncomfortable question arises quickly: where does the data actually go? This article explains why «GDPR-compliant» on a vendor dashboard isn't enough, which providers Swiss SMEs can actually use without risk — and why server location is often the wrong criterion.

Noël Bossart
Noël Bossart
Updated: Apr 29, 2026 · 14 min read
Abstract Swiss mountain peak with Swiss cross and EU stars, representing AI data sovereignty for Swiss SMEs
Contents
At a glance
  • CLOUD Act applies even with EU server location
  • Three risk tiers — legal entity is the load-bearing factor
  • Infomaniak: only Swiss-native option
  • Mistral: best EU-native compromise
  • revDSG requires documentation and legal basis

A typical incident — and its consequences

An executive assistant wants to summarise a confidential supplier contract quickly. She pastes 40 pages into ChatGPT Free, gets a clean overview in 30 seconds. What she does not see: the contract name, supplier, prices, and clauses now sit on US servers at OpenAI — and may end up in the training data of new models, because that is the default on ChatGPT Free. Sensitive business data inside a model that anyone can query tomorrow.

Or: an NGO worker is writing a report on vulnerable clients. She types: «Polish this paragraph: Mrs M. (52) from Berne, single mother of three, has been homeless for two months...» Her name, situation, and address now sit at a US company.

Both incidents are not exotic edge cases — they are everyday reality in Swiss SMEs, law firms, and NGOs. In most cases nobody is aware of the trail this leaves and the legal consequences it can have. This article shows how to recognise these risks — and how to use AI in your organisation without violating Swiss revDSG or EU GDPR.

What «data-privacy compliant» actually means for AI

Many AI providers advertise GDPR compliance or EU server locations. That sounds reassuring — but it falls short. A server in Frankfurt or Geneva does not help if the company behind it is a US company. US companies are subject to the American CLOUD Act — regardless of where their servers are located. This applies equally to OpenAI, Microsoft, Google, and Amazon.

The decisive question is therefore not «where is the server?» — but rather: «Which law governs the company processing my data?»

Once you understand that, you can quickly tell «safe» from «unsafe» AI use — and decide consciously which data is allowed to flow through which system.

AI chatbot for Swiss SMEs

AI chatbot for your website

How to build a chatbot in a privacy-compliant way — SaaS or custom.

Read chatbot article Read chatbot article

The CLOUD Act — the underestimated risk

The CLOUD Act (Clarifying Lawful Overseas Use of Data Act) is a US federal law from 2018. It empowers US law enforcement to demand data access from US companies — regardless of where the data is stored.

What this means in practice: a US company that stores data on EU servers must still provide access to a US authority. It is not required to inform you or the affected individuals about this.

This is not a hypothetical scenario. US authorities actively use this capability. For Swiss SMEs with data protection obligations toward customers, employees, or authorities, this is a real legal risk — even if it rarely becomes visible in everyday operations.

Caution

A Data Processing Agreement (DPA) with a US provider reduces your compliance risk on paper. But it does not protect against government US data access. The DPA governs what the provider may do with your data — not what it must do on US government instruction.

Does an EU subsidiary protect against the CLOUD Act?

A common counterargument: Microsoft operates Microsoft Ireland, Google has Google Ireland Limited, Amazon runs Amazon EU SARL. Aren't these European companies under European law?

No — not under the CLOUD Act. The law explicitly applies to US companies and all entities they control. «Control» means the parent can direct the subsidiary. That is definitionally true of subsidiaries.

A US authority obtains an order against Microsoft Corp — not Microsoft Ireland. Microsoft Corp then directs Microsoft Ireland to produce the data. The parent has both the legal obligation and the technical means to enforce compliance. Failing to do so risks contempt of court. Server location and the EU registration of the subsidiary change nothing about this logic.

Can the EU subsidiary refuse US data access?

Theoretically yes — and here lies a genuine, unresolved legal conflict. GDPR Art. 48 states that data transfers to third countries based on foreign government orders must go through MLAT channels or recognised agreements — not direct compulsion. An EU subsidiary therefore has a legal basis to refuse.

Three reasons why this provides no safe harbour in practice:

The US court compels the parent — not the subsidiary. The order is directed at Microsoft Corp. The parent bears the obligation to comply and the risk of refusal.

There is no EU-US CLOUD Act agreement. The law includes a «qualifying foreign government» clause: if a country has signed a bilateral CLOUD Act agreement with the US, providers can challenge orders that conflict with that country's law. The UK signed such an agreement in 2022. The EU has not. Without this agreement, there is no formalised path to block US orders.

The conflict falls back on the company. Complying with the CLOUD Act violates GDPR Art. 48. Refusing risks contempt of court for the parent. Microsoft and AWS attempt to create «EU Sovereign Cloud» architectures that technically prevent US staff from accessing EU data. No court has recognised this as a legal barrier.

Good to know

Data residency ≠ data sovereignty. «Data residency» refers to where data is physically stored. «Data sovereignty» refers to who ultimately holds legal control. EU subsidiaries guarantee the former. Only the absence of a US parent company in the control chain eliminates the CLOUD Act.

Three risk tiers at a glance

Not every AI solution carries the same risk. Three tiers are enough to structure the decision — depending on what data you process and what compliance requirements apply.

The only criterion that matters is the legal entity of the contracting provider: US companies fall under the CLOUD Act, EU companies do not. Server location is secondary — an «EU data residency» option offered by a US provider (AWS Bedrock EU, Azure OpenAI EU, OpenAI Enterprise EU) does not change the jurisdiction.

Tier 1: US providers Tier 2: EU gateway Tier 3: EU/CH self-hosted
Legal entity US company EU or UK company EU/CH company
Server location USA or EU residency EU EU/Switzerland
CLOUD Act risk (provider) High None (NL) / Low (UK) None
CLOUD Act risk (model provider) High None with EU model / High with US model None
Known examples OpenAI, Anthropic, Google, AWS Bedrock EU, Azure OpenAI EU EUrouter (NL), Requesty (UK) Mistral, Infomaniak, Scaleway, Apertus
DPA available Yes Yes Yes
For sensitive data Not recommended Only with deliberate model selection Recommended

An «EU data residency» option from a US provider (AWS Bedrock EU, Azure OpenAI EU) does not change CLOUD Act exposure — the contracting entity remains US-incorporated. For Tier 2, the gateway itself is outside US jurisdiction, but the downstream model call may still trigger US law — see Tier 2 section. As of April 2026.

Tier 1: US SaaS direct — when is this acceptable?

Direct US providers like OpenAI, Anthropic, or Google are not prohibited per se. What matters is which data you process.

Acceptable for: non-personal data (publicly available information, generic texts), internal use without personal data, or one-time tests without data persistence.

Not acceptable for: customer data (names, email, purchase history), employee data (applications, salary information), health or financial data, and confidential documents with business secrets.

Many SMEs use ChatGPT daily — often for tasks where Tier 1 is actually problematic. The risk is real, even if it rarely becomes immediately apparent.

EU data residency ≠ data sovereignty

Several US providers advertise EU data residency: OpenAI Enterprise with EU hosting, AWS Bedrock with EU inference profiles (eu-central-1, eu-west-1) for Claude or Titan, Microsoft Azure OpenAI Service with an EU deployment in Frankfurt or Sweden. The data then stays on EU servers — but the contracting entity remains a US company. The CLOUD Act still applies. EU data storage reduces the risk marginally; it does not eliminate it. Note this when reviewing your DPA: a US provider with an EU region is legally Tier 1, not its own tier.

Tier 2: EU gateways as middle ground

Tier 2 are gateways: European companies that do not run any models themselves, but forward your request to various model providers. The gateway is an intermediary layer. The privacy outcome therefore depends on whom the gateway passes your data to.

Two well-known examples: EUrouter (registered in Amsterdam) and Requesty (registered in London). Neither is itself subject to the US CLOUD Act. Requesty has a small residual exposure because the United Kingdom signed a 2022 agreement with the US on data access. Both will pass your request, depending on your choice, either to a European model provider (e.g. Mistral from France) or to a US platform with European servers (AWS, Microsoft).

Two outcomes depending on the route:

(a) Gateway → European model provider. Your data stays in Europe end-to-end. No US company in the chain. Privacy effect roughly equivalent to Tier 3 — just with two European companies in the data flow instead of one.

(b) Gateway → US cloud platform with EU servers. The model runs in Frankfurt or Stockholm — but Amazon or Microsoft remains the contracting processor under US law. CLOUD Act applies again. No advantage over going direct to a US provider.

Tier 2 only pays off if you deliberately choose a European model provider underneath the gateway. Anyone using Claude or GPT-5 through an EU gateway accepts US law anyway and is no better off legally than going direct to the US provider.

ISO 27001 as a baseline

For gateway and cloud providers, look for ISO 27001 (information security management) and SOC 2 Type II. They do not replace a legal assessment — but they prove that access controls, incident handling, and internal processes have been externally audited. For sensitive data, at least one of these certifications is the entry ticket. Always request the current audit report (not just the marketing claim).

Tier 3: European providers running on their own servers

Tier 3 are providers registered in the EU or Switzerland and running their AI models on their own servers in Europe. From contract to processing, a single company sees your data — no intermediaries, no US sub-contractors, no downstream US model providers.

Which language models the provider uses — proprietary ones (like Mistral) or open ones (LLaMA, Mixtral, Qwen) — is secondary for data privacy. Models are software. What matters is who actually processes your data.

The CLOUD Act does not apply here. EU and Swiss data protection law applies in full. This makes Tier 3 the safest option for personal and sensitive data.

Mistral AI — France

  • French company, EU law, no CLOUD Act
  • Powerful proprietary models (Mistral Large)
  • Processes your data on its own servers in France
  • DPA available, easy to plug into standard tools
  • Best choice for top model quality with no middleman

Infomaniak AI Tools — Switzerland

  • Swiss company (Geneva), own data centres in Switzerland
  • Certified under revDSG and GDPR, pricing in CHF
  • Runs open models (LLaMA, Mixtral, Gemma) on its own servers
  • Free entry tier available, easy integration
  • Excellent choice for standard tasks with maximum Swiss control

Scaleway Generative APIs — France

  • French public company, EU law
  • Runs Mistral and open models on its own EU data centres
  • GDPR-compliant, beginner-friendly pricing
  • A single company in the data flow — Scaleway is contracting party and processor
  • Pragmatic alternative to a direct Mistral contract

Apertus — Switzerland (in development)

  • Swiss national project by ETH Zurich and EPFL
  • Planned: Swiss infrastructure, 70B model, open weights
  • Maximum data sovereignty — still limited availability
  • Broad availability from 2026/2027
  • Relevant for organisations with the highest sovereignty requirements

Checklist: What to clarify before deploying AI

Before you deploy an AI service in production, fundamental questions should be clarified. This applies regardless of the provider — revDSG and GDPR require demonstrable decisions, not good intentions. A brief consultation helps find the right starting point.

Before you start

  • Are you processing personal data? (names, email, behavioural data)
  • Is a DPA with the provider in place and signed?
  • Do you have a legal basis for data processing (Art. 6 GDPR / Art. 9 revDSG)?
  • Is the provider subject to the CLOUD Act — i.e. US law?
  • Is the provider ISO 27001 or SOC 2 Type II certified (current audit report)?
  • Is data used for model training? (opt-out verified?)
  • Is the data processing documented in your processing register?
  • Are data subjects informed that AI is processing their data?
  • Have you checked whether open-source or Swiss alternatives are relevant?

What revDSG concretely requires from you

Switzerland's revised Data Protection Act (revDSG), in force since September 2023, places concrete requirements on AI use. Three of them are particularly relevant for Swiss SMEs.

Information obligation. If you process personal data with AI, data subjects must be informed — actively and comprehensibly, not just in the fine print of your privacy policy.

Legal basis. Every processing operation requires a basis: consent, contract, or legitimate interest. With AI systems this is often poorly documented — especially when data flows to third-party providers.

Third-country transfer. If data is transferred to countries without equivalent protection (USA), additional safeguards are required. Standard Contractual Clauses (SCCs) are one option — but may not be sufficient for US providers due to the CLOUD Act. The Federal Data Protection Commissioner (FDPIC) has made clear: revDSG is enforced with the same instruments as GDPR in the EU — including fines.

Noël Bossart
Expert tip Von Noël Bossart

Start with the processing register. Document which AI tools you use, what data flows, and on what legal basis. This is not a bureaucratic exercise — it is the foundation on which you can demonstrate, when it matters, that you made a careful decision. One hour of effort saves many hours of explanation to the FDPIC.

Infographic: 3 risk tiers for AI data privacy in Switzerland
Free Download

Infographic: 3 Risk Tiers for AI Data Privacy

CLOUD Act, revDSG, the 3-tier model (US, EU gateway, EU/CH self-hosted) and concrete providers — clearly laid out on a single page. Print or share.
Download-Formular

Conclusion: Compliance is not a certificate statement

«GDPR-compliant» and «EU server» on a vendor dashboard mean little without examining the CLOUD Act. The decisive question is: which law governs the company processing your data — not: where is the server.

For Swiss SMEs without a dedicated legal department: Tier 3 is the safe choice for sensitive data. Mistral (France) offers its own frontier models without CLOUD Act risk. Infomaniak (Switzerland) offers maximum local control for standard tasks — single-party data chain included.

Tier 2 (EU gateways: EUrouter, Requesty) makes sense when you want EU/CH jurisdiction at the provider level but need frontier models like Claude or GPT-5 — paired with EU-deployed endpoints.

Tier 1 (US providers, with or without EU data residency) is pragmatically defensible for everyday tasks without personal data — draft texts, internal summaries, research.

The good news: EU- and Swiss-compliant alternatives exist, are production-ready, and are no more expensive than their US counterparts. The decision is not a budget question — it is a knowledge question. Whoever knows the options can choose confidently. And anyone who needs support with AI integration can find it without compromising on data privacy.

Noël Bossart, founder of Noevu
Implement your AI solution with data privacy built in

Which provider fits your setup and what exactly you need to document — that can be clarified in a short conversation. No jargon, tailored to your situation.

Free consultation

Frequently Asked Questions

What is the CLOUD Act and why does it matter for Swiss SMEs?
The CLOUD Act (Clarifying Lawful Overseas Use of Data Act, 2018) allows US law enforcement to demand data access from US companies — even if the data is stored on EU or Swiss servers. For Swiss SMEs this means: every US-based AI provider — OpenAI, Microsoft, Google, Amazon — is subject to this law regardless of where their servers are located. A Frankfurt data centre alone does not protect against US government access.
Is a Data Processing Agreement (DPA) sufficient for revDSG compliance?
A DPA is necessary but not sufficient. It governs what the provider may do with your data — but does not protect against government access under the CLOUD Act. For sensitive data, you additionally need a provider without a US parent company. Only then is the CLOUD Act risk fully eliminated.
Does an EU subsidiary of Microsoft or Google protect against the CLOUD Act?
No. The CLOUD Act explicitly applies to US companies and all entities they control. A subsidiary is definitionally controlled. A US authority compels the US parent — which in turn directs its subsidiary. Server location and the EU registration of the subsidiary do not change this obligation.
Can an EU subsidiary refuse data access requested by US authorities?
Theoretically it can invoke GDPR Art. 48 as grounds. In practice this provides little protection: the US court compels the parent, not the subsidiary. An EU-US CLOUD Act bilateral agreement that would formally protect such a refusal does not exist — the EU has not signed one (the UK did in 2022). The company is left in conflict between two legal systems with no validated way out.
Which AI providers are data-privacy safe for Swiss SMEs?
EU- and Swiss-native providers without a US parent company: Mistral AI (France, proprietary frontier models), Infomaniak AI Tools (Switzerland, hosts open-source models), Scaleway Generative APIs (France, hosts Mistral). For non-sensitive data, EU gateways (EUrouter, Requesty) are a pragmatic middle ground — with documented limitations and a signed DPA.
Are Requesty and EUrouter US companies?
No. Requesty is registered as a UK private limited company (Companies House 15165717, London). EUrouter is a Dutch company headquartered in Amsterdam, runs its infrastructure exclusively in the EU (Scaleway, France) — and per founder David Lo Dico is not associated with Requesty. Neither falls under direct US CLOUD Act jurisdiction. Residual exposure for Requesty: the United Kingdom signed a bilateral CLOUD Act agreement with the US in 2022.
Do Requesty or EUrouter host their own models?
No. Both are pure intermediaries — they run no model infrastructure of their own. They will forward your request, depending on your choice, either to a European model provider (e.g. Mistral from France) or to a US cloud platform with EU servers (AWS, Microsoft). Which option you pick determines the privacy outcome: with a European model everything stays in Europe; with a US platform US law is back in the chain — even when the server is in Frankfurt.
Can Swiss SMEs legally use ChatGPT?
For generic tasks without personal data — draft texts, summaries of public information — ChatGPT with a signed DPA is defensible. For customer data, employee data, or confidential documents the legal risk is significant. OpenAI offers EU data residency, but remains a US company with CLOUD Act exposure.
What makes Infomaniak AI Tools special for Swiss companies?
Infomaniak is incorporated in Geneva, operates data centres in Switzerland, and is certified under both revDSG and GDPR. The API is OpenAI-compatible and includes a free tier (120,000 tokens/day). Limitation: no frontier models like Claude or GPT-4 — only open-source models like LLaMA 3 or Mixtral. Sufficient for many standard tasks.
How significant is the actual risk of using US AI services?
The risk depends on the data. For public, non-personal tasks it is low. For customer data, health information, or business secrets it is significant — not because something will happen tomorrow, but because in the event of an audit by the FDPIC you would be unable to demonstrate a sufficient legal basis.
Noël Bossart

About the author

Noël Bossart — Gründer & Entwickler

Noël baut seit über 25 Jahren Websites — von der Strategie bis zur Umsetzung. Als Gründer von Noevu verbindet er effiziente Prozesse mit ästhetischem Design, um Schweizer KMUs digitale Lösungen zu bieten, die wirklich funktionieren.

Termin buchen E-Mail LinkedIn
Blog posts

More articles

Small glass robot with coral accent transferring a glowing document file between a frosted mail tablet on the left and a stack of translucent folders on the right — metaphor for Gemini connecting Gmail and Google DriveArticle
AI and automation8 minGoogle Gemini: a practical helper for Swiss SMEsMany Swiss SMEs use Google Workspace every day — without knowing that an AI assistant is already built in. Whether Google Gemini is the right tool for your company depends on a few clear factors.Noël Bossart · Apr 26, 2026
Frosted glass contact card with ethernet cable plugging in, sitting on a Squarespace square tile grid — representing direct API integrationArticle
AI and automation7 minSquarespace Contacts API: Direct CRM Integration — What's Possible NowMost Squarespace websites collect contact data every day — but passing it to a CRM has so far required paid intermediaries like Zapier. With the new Contacts API, direct integration is finally poss…Noël Bossart · Apr 15, 2026
Abstract 3D illustration of an iterative design process with wireframes and finished interfaces in warm coral and teal tonesArticle
Consulting & conception9 minRapid Prototyping: From Idea to Finished Design, FasterMany web projects fail not because of poor execution, but because of misalignment between the initial idea and the design. Rapid prototyping closes that gap — helping Swiss SMEs arrive at solid vis…Noël Bossart · Apr 9, 2026
Abstract representation of an AI chatbot conversation with connected chat bubbles and integration symbolsArticle
AI and automation9 minAI Chatbot for SMEs: What SaaS offers — and where Custom startsSaaS chatbots promise quick results — until the first sales conversation reveals that tone and instruction-following make all the difference. This article helps you decide: when an off-the-shelf to…Noël Bossart · Apr 8, 2026
Abstract representation of connected workflow nodes in warm coral and teal tones — n8n automationArticle
AI and automation7 minn8n: Smart Workflow Automation — When It's Worth ItMany SMEs still automate by copy-pasting between tools or pay for Zapier subscriptions that quickly become expensive as volume grows. n8n promises a flexible, self-hosted alternative. This article …Noël Bossart · Apr 6, 2026
Gemini constellation: four glowing data visualization nodes (bar, pie, line, scatter) connected by luminous lines on dark blue backgroundGuide
AI and automation8 minCreating Infographics with AI — The SME GuideMost AI image generators fail at one simple problem: text in graphics becomes illegible or incorrectly rendered. This guide shows why Google Gemini solves this differently — and how SMEs can use th…Noël Bossart · Mar 17, 2026
Discover all posts