General Terms and Conditions

1. Scope

These General Terms and Conditions (GTC) govern the use of the Swiss Knowledge Hub platform ("SKH", "the platform") operated by Swiss Knowledge Hub GmbH ("the provider") by customers ("customers", "users"). By signing a contract or using the platform, customers accept these GTC.

2. Subject of the contract

The provider makes available to customers a cloud-based, AI-assisted knowledge management platform on which documents can be uploaded, indexed, and queried via natural-language chat.

3. Scope of services

The specific scope of services depends on the chosen subscription plan (Starter, Business, Enterprise, Custom) and is set out in the service description published on the website at the time.

The provider targets an availability of 99% on a monthly average. A dedicated SLA of 99.9% with service-credit terms can be agreed in the Custom plan. Planned maintenance windows are scheduled outside business hours where possible.

4. Usage rights

Customers receive a non-exclusive, non-transferable right to use the platform, limited to the duration of the contract. All rights to the platform, in particular source code, design, trademarks, and documentation, remain with the provider.

5. Term and termination

Subscriptions have a minimum term of six (6) months. After the minimum term, the subscription can be cancelled monthly to the end of the billing period. Cancellation must be made in writing or via the customer portal.

6. Pricing and payment

The prices published at the time of contract conclusion apply. Prices are quoted excluding statutory VAT. Payment is made monthly in advance by credit card (Stripe) or — from the Business plan onwards — by invoice with a 30-day payment term.

If payment is more than 30 days overdue, the provider is entitled to suspend access to the platform after a prior reminder. Prices may be adjusted with 30 days' notice; affected customers receive a special right of termination within this period.

7. Customer obligations

• Customers are responsible for the lawfulness of the content they upload.
• Customers undertake to keep their access credentials confidential and to report any misuse without delay.
• Automated bulk requests, reverse engineering, and any attempts to disrupt the platform are prohibited.

8. Data protection

The provider processes personal data in accordance with the Swiss Federal Act on Data Protection (FADP) and, where applicable, the EU General Data Protection Regulation (GDPR). Details are set out in the privacy policy. On request, the provider concludes a Data Processing Agreement (DPA) with customers.

9. Bring Your Own Key (BYOK) and customer infrastructure

By default, the platform runs on the provider's Swiss infrastructure (Azure Switzerland North, Azure OpenAI). Within this scope, the provider acts as a data processor under the DPA.

The customer organization may optionally enable the "Bring Your Own Key" (BYOK) feature and connect its own API keys or third-party infrastructure (e.g. OpenAI, Anthropic, Google, Mistral, DeepSeek, AI Foundry, custom endpoints). In that case, the affected requests and content are sent directly to the infrastructure of the provider chosen by the customer.

Activating BYOK is the sole decision of an authorized signatory of the customer organization (owner, executive management, or an authorized administrator). By activating BYOK, the customer organization undertakes — independently and at its own cost — to enter into all legally required agreements with the chosen third-party provider, in particular:

• a Data Processing Agreement (DPA) or equivalent processing agreement;
• for cross-border data transfers, the EU Standard Contractual Clauses (SCCs, Module 2), a Transfer Impact Assessment, and any supplementary technical or organizational safeguards required;
• any further agreements required under the Swiss FADP, the GDPR, or sector-specific law (e.g. professional secrecy, banking secrecy, health-data protection).

The provider is not a party to these agreements and assumes no responsibility and no liability for the BYOK provider, its availability, data handling, security, training use, pricing model, or data location. Use of BYOK is at the sole risk of the customer organization. If the customer organization fails to conclude the required agreements, or fails to do so in good time, the resulting legal and compliance breach is its sole responsibility. The customer organization shall indemnify the provider against any third-party claims arising from a missing or defective legal basis for the BYOK transfer.

The provider records the activation and use of BYOK configurations in an auditable manner (timestamp, acting person, chosen provider) and may restrict or disable BYOK functionality for individual providers at any time for security, compliance, or operational reasons.

10. Liability

The provider is liable for damages only in cases of intent and gross negligence. Liability is — to the extent permitted by law — capped at the amount of fees paid in the twelve months preceding the event of damage. Liability for consequential damages, lost profits, or loss of data is excluded to the extent permitted by law. Differing arrangements may be agreed individually under the Custom plan.

11. Force majeure

The provider is not liable for outages or delays caused by events of force majeure, including but not limited to natural disasters, war, official orders, pandemics, large-scale cloud outages, or third-party cyber attacks.

12. Changes to the GTC

The provider may amend these GTC with 30 days' notice. Customers receive a special right of termination if they do not agree with the changes. No response within the period is deemed acceptance.

13. Final provisions

Should individual provisions of these GTC be invalid, the validity of the remaining provisions remains unaffected.

Swiss law applies exclusively, excluding the UN Convention on Contracts for the International Sale of Goods. The exclusive place of jurisdiction is Bern.