46°12′N · 6°09′E · Zürich · Zug · Genève Data in Switzerland · FADP · Hosting ISO 27001 (Infomaniak) · Swissdec ELM 5.3
Architecture

Where your data lives — and who has access.

Architecture and confidentiality of treuhander.ai in detail.

Data flow in three layers.

Most providers tell you "your data is in Switzerland". That holds for storage. For processing, it gets more nuanced. Here, transparently.

Layer 1 — You
Your data: receipts, bookings, payroll, master data
Anything you upload or type into the portal.
Layer 2 — Storage
Supabase Pro Plan · Switzerland region · Encrypted
Database and storage in Zurich. Client isolation at database level via Row-Level-Security.
Layer 3 — Processing
Mistral AI · Paris · GDPR + FADP
Receipt classification in the EU. No training use of your data — contractually excluded.

What lives where.

Data category Where
Receipts (PDF, photo, scan)Switzerland
Bookings, account assignmentsSwitzerland
Payroll dataSwitzerland
Bank statementsSwitzerland
AI receipt classificationFrance (EU)
Voice commands to assistantsUSA — optional, can be disabled
Payment processing (Stripe)Ireland (EU)

No US cloud provider sees your receipts. That is not lip service — it is contractually binding against every one of our subprocessors.

Confidentiality — not lip service, but contract.

We treat all client data as a business secret within the meaning of Art. 162 CO. This is not a marketing promise but a clause in our T&C (§3.5) and our Privacy Policy (§6.5). This obligation applies to us, our employees and every subprocessor. It outlasts the contractual relationship.

In case of breach, you have concrete contractual claims — not just the abstract hope for a "professional secret".

Client isolation at database level.

Each client has their own data zone. Secured at database level via Row-Level-Security: even if you and another client work on the server at the same time, technically no one can access the other's data. This is not a setting, it is an architectural barrier.

Your data belongs to you — including on cancellation.

30-day export window in CSV, JSON and PDF. All receipts, bookings, master data in open formats. No data-hostage politics, no premium export fee.

After 30 days, data is deleted unless statutory retention obligations apply (Art. 958f CO, 10 years for accounting documents).

Memory + learning curve

What the AI learns about you stays in your client-box.

First booking from a new supplier: ~7 seconds, ~86% confidence, you confirm the suggested posting. Eighth booking from the same supplier: ~2 seconds, 99% confidence, no click needed. After 8 weeks the agents know your recurring suppliers, your typical accounts, VAT codes — even your correction patterns.

Your data does not land in a shared AI pool. Vendor memory lives per client, isolated, in your own box.

Learning curve (typical)

Auto-approve rate over 8 weeks.

Week 1 · 40 % Week 12 · 95 %

Typical numbers for a small SME client. Real progression depends on receipt diversity and corrections.

Your next step: See pricing →

More The team Frequently asked questions

Full Privacy Policy  ·  → T&C

📞 Book a call