Privacy Policy

Last updated: 26 June 2026

This Privacy Policy explains how MarketEQ – by Dennis Steppuhn (“we”, “us”, the “operator”) collects, uses and protects personal data when you visit and use the AI Solutions Hub at ai.marketeq.net (the “Platform”).

We process personal data in accordance with the Swiss Federal Act on Data Protection (FADP/revDSG) and, where applicable, the EU General Data Protection Regulation (GDPR). We only process data that is necessary to operate the Platform, and we do not sell your personal data.

1. Controller and contact

The controller responsible for data processing on this Platform is:

  • MarketEQ – by Dennis Steppuhn
  • Email: info@marketeq.net
  • Website: ai.marketeq.net

We operate as a small business. Further details about the controller (including the full postal address) are available on request by emailing us at the address above. For any data protection question or request, please contact us by email; we have not appointed a separate data protection officer.

2. Scope and principles

This policy applies to the website, the user account area and all related online services of the AI Solutions Hub. It does not cover third-party websites that we link to; those have their own privacy policies.

We follow the principles of lawfulness, good faith, transparency, purpose limitation, data minimisation and proportionality. We retain personal data only for as long as necessary for the purposes described here or as required by law.

3. What data we process

a) Data you provide

  • Account data: email address, display name and, optionally, your company, when you register or sign in.
  • Onboarding profile details (processed only with your consent): company name, coarse company location (region), your role, company size range, professional interests, your assessment of your organisation's AI maturity, current challenges, your reasons for registering and how you heard about the Platform. The answers are deliberately coarse (data minimisation); you can view, export and delete them at any time on this page.
  • Content you create: ratings, comments, watchlists/collections, and any AI solutions you submit for review.
  • Communications: the content of messages you send us by email or through the chatbot, including any personal data you choose to include.
  • Payment data: when you purchase a paid plan, your billing details are processed by our payment provider (see section 7). We do not store full card numbers on our servers.

b) Data collected automatically

  • Log and usage data: when you access the Platform, our hosting provider automatically processes technical data such as IP address, browser type and version, device and operating system, referring URL, and date and time of access, for security and to deliver the service.
  • Cookies and similar technologies: a small number of strictly necessary cookies and local-storage entries (see section 5).
  • Free-view counter: an anonymous session identifier used to enforce the limited number of free solution views before sign-up is required.

4. Purposes and legal bases

We process personal data for the following purposes. Where the GDPR applies, the relevant legal basis is indicated in brackets.

  • Providing and operating the Platform, authentication and account management (performance of a contract, Art. 6(1)(b) GDPR).
  • Enforcing the freemium model and securing the service against misuse, ensuring stability and IT security (legitimate interests, Art. 6(1)(f) GDPR).
  • Storing and displaying the content you create (ratings, comments, watchlists, submissions) (contract / legitimate interests).
  • Processing payments and managing subscriptions (performance of a contract, Art. 6(1)(b) GDPR; legal retention obligations, Art. 6(1)(c) GDPR).
  • Responding to enquiries you send us by email or chatbot (legitimate interests / steps prior to a contract).
  • Sending email notifications about changes to solutions you saved, when enabled — you can opt out anytime in your profile or via the unsubscribe link in each email (consent / legitimate interests, Art. 6(1)(a)/(f) GDPR).
  • Processing your onboarding profile details exclusively to improve the Platform, personalise what you see, create aggregated (non-identifying) benchmarks and market analyses, and enable community features (consent, Art. 6(1)(a) GDPR). You can withdraw this consent at any time by deleting the details on this page; a machine-readable export is available there as well (Art. 15/20 GDPR).
  • Complying with legal obligations, e.g. accounting and tax rules (Art. 6(1)(c) GDPR).

Where we rely on your consent (e.g. for non-essential features), you may withdraw it at any time with effect for the future. Under the FADP, processing is lawful where these purposes apply and the processing is proportionate.

5. Cookies and similar technologies

We use only strictly necessary cookies and local-storage entries required to operate the Platform. We do not use advertising or cross-site tracking cookies. To measure overall traffic we use Vercel Web Analytics, which collects aggregated usage statistics without cookies and without tracking you across other websites. We additionally keep our own aggregated, pseudonymized page-view statistics (page, referrer host, country, device, browser, operating system) in our database; this is cookieless and we never store your raw IP address — unique visitors are counted using a hash that rotates daily. The table below lists the cookies and storage we set ourselves.

NamePurposeType / duration
aihub_sessionAnonymous session identifier used to count free solution views (freemium limit). Contains no plain-text personal data.HTTP cookie, httpOnly · up to 12 months
sb-… (Supabase auth)Keeps you signed in and maintains your session (authentication tokens).HTTP cookie · session / until sign-out
cookie-consentRemembers that you acknowledged the cookie notice.Browser local storage (not an HTTP cookie) · until cleared
BotpressThe chatbot may set its own cookies / storage when you actively use it (see section 6).Third-party · see Botpress

You can block or delete cookies in your browser settings. Disabling strictly necessary cookies may impair core functions such as sign-in and the free-view counter.

6. Chatbot (Botpress)

We embed an AI chat assistant provided by Botpress to answer questions about the Platform. The chat widget loads from Botpress’ servers (botpress.cloud / bpcontent.cloud) and is only active when you open it.

When you interact with the chatbot, the content of your messages and basic technical data are transmitted to and processed by Botpress on our behalf in order to generate responses. Please do not enter sensitive personal data into the chat. The legal basis is our legitimate interest in offering efficient support (Art. 6(1)(f) GDPR) and, where you start a conversation, your initiation of the exchange.

Botpress may process data outside Switzerland/the EU (see section 8) and applies its own privacy policy: https://botpress.com/privacy

7. Third-party providers and processors

To operate the Platform we use carefully selected service providers who process personal data only on our instructions (processors). The main providers are:

  • Supabase – database, authentication and storage. Our instance is hosted in the EU region (AWS, Zurich). Privacy: https://supabase.com/privacy
  • Vercel Inc. – application hosting, content delivery, server logs and cookieless, aggregated visitor statistics via Vercel Web Analytics (USA / global). Privacy: https://vercel.com/legal/privacy-policy
  • Stripe – payment processing for paid plans. We transmit your email, a user identifier and the selected plan; card data is entered directly with Stripe. Privacy: https://stripe.com/privacy
  • Botpress – chatbot assistant (see section 6). Privacy: https://botpress.com/privacy
  • Resend – sending notification emails about changes to solutions you saved (USA). Privacy: https://resend.com/legal/privacy-policy

We conclude data processing agreements with our processors where required by law. A current list of providers is available on request.

8. Automated research (catalogue crawler)

The catalogue of AI solutions is maintained partly through automated research of publicly available sources (e.g. company websites, press releases, trade media). For this we use server-side services — OpenAI (text classification and extraction), Brave Search (web search) and Trigger.dev (task scheduling).

These services process only publicly available content about AI solutions in the insurance industry; they do not receive the personal data of Platform users (such as your account, comments or chat messages).

9. International data transfers

Our core database (Supabase) is hosted in the EU region. Some providers (e.g. Vercel, Stripe, Botpress, OpenAI) may process data in the United States or other countries outside Switzerland and the EU.

Where data is transferred to a country without an adequate level of data protection, we ensure appropriate safeguards, in particular the European Commission’s Standard Contractual Clauses (with the Swiss addendum recognised by the FDPIC) or comparable guarantees. You can request a copy of these safeguards from us.

10. Data retention

  • Account and content data: for as long as your account exists. After you delete your account, we delete or anonymise the data unless we are legally required to keep it.
  • Log data: kept only for a limited period for security and troubleshooting, then deleted or anonymised.
  • Payment and accounting records: retained for the statutory period (up to 10 years under Swiss accounting law).
  • Chatbot conversations: retained according to Botpress’ settings and applicable retention rules.

11. Data security

We use appropriate technical and organisational measures to protect personal data against loss, misuse and unauthorised access, including transport encryption (HTTPS/TLS), access controls and row-level security in our database. No transmission over the internet can be guaranteed to be completely secure.

12. Your rights

Subject to the applicable law, you have the right to:

  • obtain information about whether and which personal data we process about you (right of access);
  • have inaccurate data corrected (rectification);
  • have your data deleted (erasure);
  • request restriction of processing;
  • receive certain data in a portable format (data portability);
  • object to processing based on our legitimate interests;
  • withdraw consent at any time with effect for the future.

To exercise these rights, contact us at info@marketeq.net. You also have the right to lodge a complaint with a supervisory authority — in Switzerland the Federal Data Protection and Information Commissioner (FDPIC, https://www.edoeb.admin.ch), and in the EU the competent data protection authority in your country.

13. Minors

The Platform is intended for professional users and is not directed at children. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us so we can delete it.

14. Changes to this policy

We may update this Privacy Policy to reflect changes to the Platform or to legal requirements. The current version is always available on this page; the date at the top indicates when it was last updated.

15. Contact

For questions, corrections or data protection requests, contact MarketEQ – by Dennis Steppuhn by email at info@marketeq.net. Further details about the controller are available on request.