The Right Balance Between Innovation and Security

The use of artificial intelligence offers enormous potential – but what about data privacy? The answer is not the same for every company. What is perfectly adequate for an industrial enterprise may not meet the strict compliance requirements of a health insurance company or a bank.

The good news: You don't have to choose between innovation and security. We show you the different deployment models for LLMs so you can find the optimal solution for your specific requirements and regulatory frameworks.

The Right Balance Between Innovation and Security

1. Direct use with the provider (public cloud)

The best-known models are accessed directly through the vendors' platforms.

  • Providers: ChatGPT (OpenAI), Gemini (Google), Claude (Anthropic).
  • Data location: These providers are headquartered in the United States. When you use these services, data may be processed on servers worldwide.
  • Key difference: consumer vs. enterprise
    • Consumer / free tiers: Inputs are often used to improve the models.
    • Enterprise licenses: Contractually, customer data is not used to train the base models.

Relevant privacy information:

2. Use via Microsoft Azure (Azure AI Foundry)

For many organizations, using Microsoft Azure is the preferred option because it fits into the existing security stack. These models are delivered through services such as Azure OpenAI and Azure AI Studio.

  • Compliance standard: Azure OpenAI is covered by the Azure compliance programs. With the right configuration, you can meet privacy and compliance expectations similar to Microsoft 365 / SharePoint. The exact terms are described here: Azure AI privacy statement
  • No training on your data: Microsoft does not use customer data to continue training the models (e.g. from OpenAI). Microsoft also offers a “Customer Copyright Commitment” for contractual coverage of certain copyright risks when the services are used as intended.
  • Regional availability & hosting:
    • Switzerland (Azure: Switzerland North / Switzerland West): If Azure OpenAI is run in the Switzerland region without relying on global-only features, processing can stay entirely in Switzerland. That matters for many Swiss companies under requirements such as FINMA or the FADP. Which models are available in which region is documented here: Model overview
    • Global hosting: Newer or more capable models are often rolled out in other regions (e.g. US or EU) first and may reach Swiss datacenters only after a few weeks' delay. If you use them, data may briefly leave Switzerland for processing but remains in the protected Azure environment.

You can read the full privacy details here: Microsoft Azure OpenAI data, privacy & security

3. On-premises models (open source & self-hosting)

For maximum sovereignty, models can be run on your own hardware.

  • Leading models (as of April 2026): Top open-source options include Llama (Meta), Qwen (Alibaba), and models from Mistral.
  • Hardware requirements: Running local LLMs needs suitable hardware for the model size and workload.
    • For models such as Qwen 3.x or similar open models, a strong consumer GPU may be enough for single-user use when the model is quantized. Larger models or higher throughput need more powerful GPUs or multi-GPU setups.
    • In production, companies often use GPU servers (e.g. NVIDIA A100 / H100 or similar accelerators). Systems such as the Apple Mac Studio (M3 Ultra) can be suitable for certain models and smaller to mid-sized inference loads. Cost-effectiveness depends on the model, context length, and expected throughput.
  • Capability: Performance is typically below the newest cloud models and varies with model size and settings. You need to verify that the model is strong enough for your use case.
  • Advantage: Full control. Data never leaves the corporate network.
  • Risk: Patching, operations, and network security are entirely your responsibility.

4. Security risks beyond transport

Data security also means defending against new attack patterns:

  • Prompt injection: Inputs that manipulate the model to bypass filters.
  • Data leakage: Accidental exposure of company secrets by employees in public models.
  • EU AI Act compliance: Even though Switzerland is not in the EU, the AI Act can apply to Swiss companies that offer services in the EU or whose AI output is used there.
  • Transparency duties: Companies must make sure users know when they are interacting with AI.
  • GPAI rules: Models such as GPT-5 or Claude 4 fall under “general purpose AI” rules. Enterprise cloud providers cover part of the documentation burden, not full liability; with purely on-premises setups, compliance assessment is on you.

5. Overview

Criteria Public cloud (consumer) Cloud enterprise (Azure / AWS) On-premises models (self-hosted)
Privacy (FADP / GDPR context) Partly, with a data processing agreement Very high Maximum (sovereignty)
Training on user data Often yes; opt-out may be available No (contractually fixed) No
Setup effort None Medium (integration) High (hardware / DevOps)
Control over data Low High Full
Copyright risk coverage Partial Partial; contractual protections from the vendor Your risk (your liability)
Typical use Limited suitability for sensitive business data Default for businesses High-assurance environments

Move into the AI future with confidence

We help you choose and safely implement the LLM setup that fits your organization.

Get in touch