The core principle: your data stays in your systems. AI agents access it read-only via MCP connectors, and nothing is written back without human approval. This page fully discloses how we work and which services we use — so your risk review finds answers, not slogans.
1. How we work with your data in projects
- Read access instead of copies: agents query your systems (e.g. bexio, ABACUS, databases) via MCP connectors — your data is not migrated into third-party systems.
- Human review gates: corrections, merges and customer-facing outputs are proposed, never auto-applied. No approval, no change.
- Sensitive data: where required, we work with samples, redaction (removing personal identifiers) or aggregated data.
- Documentation: every project gets a processing record: which data, which systems, which processing steps.
2. AI processing: Anthropic Claude
- We work with Anthropic's Claude models via the commercial API.
- Anthropic does not train its models on commercial API data by default.
- Where data residency is required, we use EU-hosted deployment options (e.g. AWS Bedrock in Frankfurt).
- A data processing agreement (DPA) covering project processing is available as part of the contract on request.
3. This website
No client project data is processed on eflury.com itself. The website is static and hosted at Hostinger.
4. Services we use (disclosed)
- Anthropic — AI processing in client projects (API; no training on your data)
- Hostinger — hosting of this website
- Google Analytics — web statistics for this website
- EmailJS — contact form delivery
This list is complete. If a service is added, this page is updated first.
5. Legal framework
- The revised Swiss Data Protection Act (revDSG/revFADP) governs our work; where EU data is involved, the GDPR applies additionally.
- Details on this website's data processing: Privacy Policy · provider identification: Imprint.
6. What we deliberately do not claim
Trust is built on verifiable statements — so we also state what does not (yet) apply: we currently hold no ISO 27001 certification and display no badge we do not own. What is written on this page is true — and can be contractually guaranteed on request. If our status changes, it changes here first.
7. Questions from your risk review?
If your IT, data protection officer or management has specific questions: me@eflury.com — you get answers from the person who builds the systems, not from a legal department.