Privacy through architecture

The AI that never actually meets your clients in person

Audio data remains on your device. Names are pseudonymized locally. Only your fingerprint can unlock the data. Here, data protection isn't just a promise—it's built into the architecture.

Layer 1: Pseudonymization

Pseudonymization identifies what needs to be protected.

Before a single word reaches the AI in the data center, a locally running AI model in the browser analyzes the text and automatically identifies details such as names, locations, diagnoses, or medications.

You see the recognized elements and can review them—only then does the pseudonymized text go to the AI.

What is automatically detected:
👤 People's names 📍 Places & addresses 🩺 Diagnoses 💊 Medications 🆔 Social security numbers 📞 Phone numbers 🏦 IBAN 📅 Dates of birth
Layer 2: Cryptography

Encryption — before it leaves the device

All stored content (chats, documents, transcripts, dossiers) is encrypted on the client side before it is transmitted. Each object is assigned its own key. The encryption key is stored on the client side.

The key is stored exclusively on your device. The server receives and stores only encrypted data with no readable content—which we cannot access technically.

What your browser sees:
Your text:
Dr. Müller has burnout.
🔐
Server in the data center receives:
"X7$kP#mQ2&vL9nR4©ΔΨ§∂≠øæ..."
For everyone except you: unreadable noise.
Layer 3: Authentication & Repersonalization

Face ID is your key—to everything

Access is granted using biometric authentication instead of traditional passwords or written-down recovery codes. Your fingerprint or face unlocks the device-specific key—and with it, access to all your data.

Your biometric authentication unlocks the device-bound key—non-transferable, non-interceptable. Only you can open the path back from "[PERSON_1]" to "Max Müller."

  • Phishing-resistant: Your biometric key only works on genuine websites
  • Biometric repersonalization: Face ID, Touch ID
  • No password — no recovery code — no single point of failure
  • Multi-device access via encrypted QR code pairing
  • Individual devices can be revoked without data loss

Setup in 3 steps

1

Set up your smartphone: Scan the QR code — Your device will be registered as trusted

2

"Your smartphone is now your security key" — Passkey registered

"Your exchange is now encrypted and pseudonymized" — ready

Compliance at a glance

ISO 27001
GDPR
CH-DSG (Art. 30, 32)
HIPAA-compliant
Right to erasure (Art. 17)
Data portability
Frequently asked questions

Privacy Policy

CanaidX AG access my client data?

No. All content is encrypted on the client side—the key remains on your device and never leaves it in plain text. We cannot read the stored content.

Is client dataTraining forTraining ?

No. Our AI infrastructure runs exclusively via Infomaniak in Switzerland. Your data is not used for model training. Your data belongs to you.

What happens if I lose my smartphone?

You can set up a new device using the pairing flow. The master key is transferred securely—all your data remains fully accessible. The lost device can be revoked individually.

Does the audio recording leave my device?

No. The transcription process takes place entirely on your device. No audio files or recordings are sent to a server. Only the pseudonymized text is sent to the AI.

Where are the servers located?

All servers are located in Switzerland. AI infrastructure via Infomaniak — no transfer to third countries. Fully subject to Swiss law.