Skip to Content

🔐 Artificial Intelligence: Why the safest way is often the cheapest

Un ghid pentru factorii de decizie: Cum pot IMM-urile din Elveția și UE să crească productivitatea, fără a pierde controlul asupra datelor. Timp de citire: aproximativ 8-10 minute
18 February 2026 by
🔐 Artificial Intelligence: Why the safest way is often the cheapest
Rolf Schaub
| No comments yet

Introduction: The Dilemma of Digitalisation

Artificial Intelligence (AI) is now much more than a technological trend. It is a tool for increasing efficiency, comparable to the introduction of email or Excel decades ago. Whether it is about the automated response to customer inquiries, the analysis of contracts, or the summarisation of meetings – the productivity gains are measurable.

But as the managing director or IT manager of an SME in Switzerland or the EU, you are faced with a dilemma:

  1. The pressure: You need to modernise to remain competitive.
  2. The fear: They know that sensitive company data (financial statements, customer data, strategy papers) have no place on public servers that do not comply with our strict European data protection standards.

This guide shows you how to resolve this dilemma. We illuminate the strategic, legal, and above all, commercial aspects of implementing AI for the European mid-sized companies.

Chapter 1: The Architecture Decision – Rent or Ownership?

Before we talk about technology, it is worth making a visual comparison. When it comes to the introduction of AI, you essentially have two paths:

Path A: The "Hotel Room" (Public Cloud / US-SaaS)

They use the large, well-known international platforms.

  • Advantage: Immediately available, room service included.
  • Disadvantage: You are renting. The "hotel manager" has the spare key, can increase the price at any time or change the house rules. And: What you discuss in the room is not necessarily private.

Path B: The "Own Home" (Sovereign AI)

They use their own instance on secure servers in Switzerland or Europe.

  • Advantage: It is your house. You decide who comes in. The data never leaves your legal jurisdiction.
  • Disadvantage: In the past, one had to build the house oneself (high IT costs). However, today there are "prefabricated houses" (Managed Services) that are ready for immediate occupancy.

The strategic recommendation: A hotel room is sufficient for harmless marketing texts. For everything that concerns the core of your business (knowledge, processes, customer data), your own home is the only safe choice.

Chapter 2: The Security Check – What Happens to My Data?

Many decision-makers underestimate the risk of "convenient" solutions. Here are the three critical points you need to check:

  1. The Training Dilemma: Many public AI models use user inputs to become smarter. If your employee uploads a confidential contract for analysis, this knowledge could theoretically be incorporated into the model – and in the worst case, reappear with the competition. Solution: Use systems that contractually guarantee: "No Training on Data".
  2. The "Cloud Act" vs. GDPR/revDSG: US providers are subject to US laws. The "Cloud Act" allows American authorities access to data, even if the server is physically located in Frankfurt or Zurich. This often conflicts with the EU GDPR and the Swiss Data Protection Act (revDSG). Solution: Opt for providers with headquarters and infrastructure in a secure legal jurisdiction.
  3. The location of Switzerland as a "data vault" for the EU: For EU companies, Switzerland is a particularly attractive location. Thanks to the adequacy decision of the EU Commission, data can flow freely between the EU and Switzerland (in compliance with GDPR). At the same time, Switzerland is politically outside the EEA/US area, which provides an additional shield against foreign access.

Chapter 3: The Commercial Invoice – Avoiding Cost Traps

This is the point at which many budgets fail. There are two predominant pricing models in the market.

Model 1: "Pay-per-Seat" (The Standard of the US Giants)

You pay a licence fee per employee per month.

  • Example: € 30.00 per user.
  • Invoice: With 20 employees, that amounts to € 7,200 per year.
  • The risk: Costs increase linearly. Every new employee, every intern costs full price immediately, even if they hardly use the AI. Economies of scale? Not a chance.

Model 2: "Infrastructure Packages" (The Sovereign Model)

You rent the performance of the machine, not access for the person.

  • Example: A business package for € 350.–/month (designed for up to 35 users).
  • Invoice: With 20 employees, that amounts to € 4,200 per year.
  • The advantage: If you hire 5 new people, it will cost you 0 euros extra. The cost curve is a staircase, not a straight line.

Conclusion of the calculation: For a growing SME, the package model is almost always cheaper. Additionally, you have planning certainty: the monthly costs remain fixed, regardless of how many logins you assign tomorrow.

Chapter 4: Practical Examples – What Does It Bring Specifically?

Moving away from theory, towards everyday work. What does a secure AI solution look like in practice?

Scenario A: The "Corporate Brain" (Knowledge Management)

  • Problem: An employee is looking for information on the expenses policy or technical specifications. The search on the server drive takes forever.
  • Solution: An internal chatbot. The employee asks: "How do I claim a train journey?" The AI reads the internal PDF manual and immediately provides the correct answer.
  • Security: The AI only reads the document but does not save it.

Scenario B: The HR Assistant (GDPR-compliant)

  • Problem: The HR department is overwhelmed with applications.
  • Solution: The AI summarises CVs and compares qualifications.
  • Security: As the system operates on sovereign infrastructure, sensitive personal data never leaves the protected area. A must for GDPR compliance.

Scenario C: Law & Compliance

  • Problem: A new supplier contract must be checked for risks.
  • Solution: A specialised bot checks the contract against your internal compliance guidelines and highlights critical clauses.

Chapter 5: Checklist for Your Decision

Before you sign a contract, ask the provider these 5 questions:

  1. Where are the servers physically located? (The answer must be: Switzerland or EU).
  2. Which law is the provider subject to? (Caution with US subsidiaries).
  3. Will my data be used for training the AI? (The answer must be: No, contractually guaranteed).
  4. Is the data transfer GDPR-compliant? (Especially important for EU customers hosting data in Switzerland).
  5. How does the pricing model scale? (Do I pay per person or per service?).

Our approach with Mintsafe: Swiss Made Security. European Compliance.

We developed Mintsafe because we believe that European SMEs should not have to compromise between security and modern technology.

  • The location advantage: We host your instance in Switzerland – the safest data vault in Europe. Thanks to bilateral agreements, this is completely unbureaucratic and legally secure for EU customers.
  • Technology: We use proven open-source technologies for maximum transparency.
  • Cost-effectiveness: We rely on fair package prices instead of expensive individual licences. This way, the solution grows with your success, without breaking your budget.

Digital sovereignty is the insurance policy for your data in the age of AI.

Appendix: A Small Glossary for Decision-Makers

So that you maintain the upper hand in discussions with your IT department or suppliers.

Adequacy Decision The official determination by the EU Commission that a third country (such as Switzerland) provides a level of data protection that is equivalent to that of the EU. This allows for the free flow of data without additional barriers.

Cloud Act US law that allows US authorities access to data held by American companies – worldwide. A "no-go" for strictly confidential data of European companies.

GDPR (EU) / revDPA (CH) The strict data protection laws of the European Union and Switzerland. They are the gold standard worldwide. An AI solution must offer "Privacy by Design" to be compliant here.

Inference The moment when the AI "works". When you ask a question and the AI responds, that is inference. The opposite is "training".

LLM (Large Language Model) The "brain" of AI. A programme that understands language. Well-known examples include GPT-4 (USA) or Mistral (Europe).

Open Source Software with open source code. Any expert can check whether it is secure. The opposite of "Black Box". Provides independence from individual manufacturers.

RAG (Retrieval Augmented Generation) The technical process that allows AI to use your own data (PDFs, Excel) without the AI needing to memorise this data. It is like a "cheat sheet" for the AI.

Would you like to clarify your AI strategy? Let us analyse your needs and calculate the suitable model for your business.

🌐 www.mintnex.ch

Sign in to leave a comment
The 5 Most Common Mistakes in Digitalisation (and How to Avoid Them)