Skip to main content

How does amaise meet data protection requirements (GDPR, nDSG, US)?

Written by amaise Support

How does amaise meet data protection requirements (GDPR, nDSG, US)?

amaise operates three independent regional environments — Swiss, EU, and US. Each environment is a dedicated deployment: customer data, processing, backups, and AI inference for that environment stay within the corresponding regional perimeter. Customers select the environment that matches their regulatory and data-residency requirements. Since the core privacy principles — purpose limitation, data minimization, transparency, security, and data subject rights — align broadly across jurisdictions, all customers benefit from the same high baseline of controls, with regulator-specific obligations honored by the corresponding environment.

EU environment — GDPR:

  • Data processing agreement (DPA) compliant with Art. 28 GDPR

  • Notification obligation within 72 hours (Art. 33/34)

  • Data residency in the EU (AWS Frankfurt)

  • Details: see GDPR compliance

Swiss environment — nDSG (effective since September 1, 2023):

  • Data residency in Switzerland (AWS Zurich, Azure OpenAI Switzerland North)

  • Tenant-specific encryption (dedicated KMS key per tenant)

  • Documented data deletion (8-step process at contract termination; supports nDSG Art. 6)

  • Compliance with Art. 321 StGB (professional secrecy: medical confidentiality, attorney-client privilege)

  • Notification to the FDPIC according to nDSG Art. 24

  • Processing record according to nDSG Art. 12

US environment — US data protection:

  • Data residency in the USA (AWS Ohio)

  • Compliance with applicable state privacy laws (e.g., CCPA/CPRA)

  • Security controls aligned with HIPAA requirements for healthcare customers

  • Industry-specific compliance available on request

International organizations:

  • amaise supports the requirements of international organizations and can address specific compliance needs on a customer basis.

For specific compliance inquiries, please contact us at [email protected].

Did this answer your question?