AI Policy of mailix AG
Version 2.0 | June 2026
1. Preamble & Scope
mailix AG uses artificial intelligence (AI) in a targeted manner to enhance the quality of its services and improve collaboration with clients. This policy is directed at clients and external partners of mailix AG and provides transparency about which AI systems are used, for what purpose, and how data is handled in that context.
The policy applies to all mailix AG employees who use AI tools in the context of client projects, as well as all associated processing activities.
2. AI Systems in Use & Purpose
mailix AG regularly uses the following AI systems in its client work:
Google Gemini & AI Features in Google Sheets
Claude (Anthropic)
ChatGPT (OpenAI)
Fathom
Gamma
Apollo
Monday.com
3. Data Processing – Personal Client Data
mailix AG handles personal data of its clients and their contact persons with the utmost care. The following principles apply to AI usage:
- Data minimisation: Only data strictly necessary for the specific purpose is provided to AI systems.
- Purpose limitation: Personal data is processed only for the defined purpose and not used in AI systems for any other reason.
- Third-party providers: Some AI systems are operated by third-party providers (including Anthropic, Google, OpenAI, Fathom AI, Gamma, Apollo, Monday.com). These providers have their own privacy policies, which mailix AG takes into account when selecting tools.
- Records of processing: The use of AI tools involving personal data is documented in mailix AG’s internal records of processing activities.
4. Data Processing – Confidential Business Information
In addition to personal data, confidential business information (e.g. strategy documents, financial figures, concepts) may also be introduced into AI systems during client work. mailix AG requires its employees to:
- Refrain from entering confidential client data into public AI systems without filtering or anonymisation.
- Anonymise or abstract sensitive content before using AI tools.
- Treat AI-generated outputs based on client material as internal and not share them without prior approval.
Clients are encouraged to proactively contact mailix AG if they have concerns about the confidentiality of specific content.
5. Principle: No AI Training with Client Data
mailix AG does not train any AI models using client data – neither personal information nor confidential business content.
When selecting AI tools, mailix AG explicitly ensures that providers contractually exclude the use of user data for model training. Where available, corresponding terms (e.g. “Zero Data Retention” options in enterprise tiers) are activated wherever possible.
Should a provider change its training data policy, mailix AG will immediately review the continued use of the tool in question.
6. Data Protection Compliance (FADP / GDPR)
mailix AG’s use of AI complies with:
- the Swiss Federal Act on Data Protection (FADP) and its implementing ordinance (DPO)
- the EU General Data Protection Regulation (GDPR), where data of individuals residing in the EU is processed
- the EU AI Act, whose requirements mailix AG observes to the extent applicable as a user (not developer) of AI systems
When processing personal data through AI tools, mailix AG relies on the legal bases of contractual performance, legitimate interest, or – where required – explicit consent.
7. Rights of Data Subjects
Individuals whose data is processed in the context of AI usage have the following rights:
- Right of access: To know what data is being processed about them
- Right to rectification: Correction of inaccurate data
- Right to erasure: Deletion of data, unless statutory retention obligations apply
- Right to object: Objection to certain processing activities, in particular automated decisions
- Right to data portability: Provision of data in a commonly used format
Requests can be directed to datenschutz@mailix.com. mailix AG will respond within 30 days.
8. Control Mechanisms & Human Oversight
AI-generated content and analyses are reviewed by qualified mailix AG employees before being shared with clients. mailix AG ensures:
- No automated decisions without human review: All client-facing outputs (proposals, reports, communications) undergo manual quality control.
- Labelling: AI-generated content is internally identified as such.
- Error management: Where AI-related errors are identified, affected clients are proactively informed and corrections are made.
- Regular review: The AI tool stack is reviewed at least annually for currency, security, and compliance.
9. Security Measures (TOM)
mailix AG implements the following technical and organisational measures to protect data processed in the AI context:
- Access to AI tools is restricted to authorised employees (role concept, SSO)
- Use of business or enterprise tiers with AI providers that offer enhanced data protection guarantees
- Internal training on the secure and compliant use of AI tools
- Incident response process for data breaches, including mandatory notification to the FDPIC within 72 hours in accordance with the FADP
10. Responsibility & Contact
Controller:
Mailix AG
Zählerweg 12
6300 Zug
Switzerland
Data Protection Contact:
datenschutz@mailix.com
For questions regarding AI usage or data protection, please contact us at any time.
11. Validity & Version History
| Version | Date | Change |
|---|---|---|
| 1.0 | June 2026 | Initial publication |
| 2.0 | June 2026 | English version; addition of ChatGPT and Monday.com; expanded Claude use case |
This policy is updated at least annually and whenever there are material changes to the AI tool stack or the applicable legal framework. The current version is available on the mailix AG website.
© mailix AG, 2026. All rights reserved.