EasySwitch365 LogoEasySwitch365
Back

Privacy Policy

Last updated: June 2026

1. Controller

Conto IT
Owner: Nico Jannis Contopidis
Diebenkornstr. 6, 25524 Itzehoe, Germany
Phone: +49 4821 8875040 · E-mail: [email protected]

2. Principle: local processing

EasySwitch365 is a locally installed application. Your work data – in particular customer/tenant details, browser sessions, cookies and sign-in tokens – is stored exclusively on your device in your user profile and protected by the operating system (Keychain on macOS, DPAPI on Windows). This data is not transmitted to us or third parties – except for the optional AI assistant, which you must explicitly activate (section 5).

3. Microsoft 365

Sign-in takes place directly between your device and the services of Microsoft Corporation. Microsoft’s privacy terms apply. EasySwitch365 stores no Microsoft credentials.

4. License activation

To activate and perform the daily validity check of your license, the application communicates with our licensing provider Keygen (Keygen LLC). Your license key and an anonymous, hashed device fingerprint are transmitted. The legal basis is the performance of a contract (Art. 6 (1) (b) GDPR). No personal work data is transmitted.

5. AI assistant

The application includes an optional AI assistant that turns your free-text input into a Microsoft 365 PowerShell command. It is disabled by default and must be explicitly activated once; without activation no processing takes place.

When the assistant is active, your input and the stored company/tenant domain are transmitted to and processed by our processor Anthropic (Anthropic PBC, USA) to generate the command. Data submitted via the API is, by default, not used by Anthropic to train its models. The generated command is never executed automatically – you review and run it yourself. Transfers to the USA are based on the European Commission’s Standard Contractual Clauses.

With your activation, we additionally store your inputs in anonymized form – e-mail addresses, domains and identifiers are removed before storage – for 90 days at Cloudflare (D1) to improve the assistant; they are then deleted automatically. No passwords, sessions or sign-in data are stored. The legal basis is your consent (Art. 6(1)(a) GDPR).

6. Purchase & billing

Purchases are processed via our payment provider Stripe. The data collected (e.g. name, e-mail address, billing and payment data) is processed to perform the contract (Art. 6 (1) (b) GDPR). The license key is delivered by e-mail via the service Resend (EU region).

7. Website hosting

This website is hosted by Cloudflare. When the site is accessed, technically necessary server log data (e.g. IP address) is processed to ensure delivery and security of the site (Art. 6 (1) (f) GDPR).

8. Cookies & local storage

For technically necessary purposes we store your language choice and your cookie decision in your browser’s local storage. This storage is required to operate the site and does not require consent. Non-essential services (see section 9) are only activated after your explicit consent via our cookie banner. You can change or withdraw your decision at any time via the “Cookie settings” link in the footer.

9. Reach measurement (cookieless)

To improve our service we collect anonymous access statistics using our own, cookieless method (hosted on Cloudflare). No cookies are set and no cross-device identifiers are created; we only store anonymised information such as page view, rough origin (country), device type and time on page. No personal reference is established. The legal basis is our legitimate interest in privacy-friendly reach measurement (Art. 6(1)(f) GDPR).

10. Google Ads & conversion tracking

With your consent we use Google Ads conversion tracking (Google tag / gtag.js) to measure the effectiveness of our ads. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; data may be transferred to Google LLC, USA. Cookies (e.g. _gcl_*) may be set and data such as IP address, click/interaction data and a conversion identifier may be transmitted to Google.

Processing is based solely on your consent (Art. 6(1)(a) GDPR). Until you consent, Google Consent Mode v2 applies the default “denied” – no advertising cookies are stored. The transfer to the USA relies on the EU-US Data Privacy Framework or the EU standard contractual clauses; nonetheless, a level of data protection equivalent to EU law cannot be guaranteed in the USA (including possible access by US authorities).

You can withdraw your consent at any time with future effect via “Cookie settings” (footer). More information: Google’s privacy policy.

11. Your rights