Data Protection Notice

Data Processing by Priverion

Version: 21.02.2022

Priverion GmbH strives to guarantee you the highest degree of confidentiality and security. As a pure B2B software provider we are subject to the Swiss Data Protection Act (DSG) which allows processing without legal basis as long as there is no violation of personal rights under Swiss law. Our goods and services are not intended for private individuals and are only offered to legal entities. Unless otherwise stated, the provision of your personal data is not required by law or contract. You are not obliged to provide the data. The exact extent to which your data is processed may vary depending on the services used, i.e. not all processing or rights listed in this notice may apply.

Sale only to legal entities. No sale to consumers as defined in 93/13/EEC.

Responsible Entity

The entity responsible for processing on this website is

Priverion GmbH

Postal address:
Europaallee 41
8004 Zurich
Switzerland

Contact:
Telephone: +41 44 586 97 90
E-mail: hello@priverion.com

Represented by:
Dr. Dominic N. Staiger
Philip A. Staiger
Oliver Stutz

Registered at
Commercial Register Office of the Canton of Zurich
Company number: CHE-211.830.805

General

Categories of data subjects

Depending on the service requested, individual persons can be partially or completely covered by the scope of the processing activity of this data protection notice. The groups of persons concerned include

  • Visitors to our websites
  • Applicants
  • Corporate customers and their employees
  • Potential corporate customers and their employees

hereinafter referred to collectively as “users”.

Purpose of the processing

The purposes of processing of personal data include:

  • Provision of the online offer, its functions and contents and our services
  • Responding to contact requests and communication with users
  • Security measures
  • Ad measurement, marketing and sales

Basis for the processing

The basis for the processing of personal data in Switzerland is Art. 4 ff, Article 12 and Article 13 of the DSG. The processing of personal data is always carried out within the scope of our interests in the execution of our business processes and the targeted information of potential customers. This also includes the regular use of cookies which enable the user to display content of interest to them. Furthermore, we process the information provided by the user on the basis of our interests for the purpose of spam detection.

Consent is obtained for the sending of newsletters, among other things. When contacting us (e.g. via contact form, e-mail, telephone or via social media), the user’s details are processed, for example, to process the contact request and to handle it. In rare cases we process personal data to fulfil our legal obligations.

Duration of data storage

The personal data of the person concerned shall be deleted or blocked as soon as the purpose of storage ceases to apply or storage is no longer necessary. Personal data is also stored for the time during which claims can be made against our company.

Furthermore, a storage can take place if regulations, laws or other rules require longer storage. Corresponding obligations to provide evidence and to retain data result from the Swiss Code of Obligations, among other things. The storage periods thereafter are generally ten years. The storage of personal usage data and cookies including IP addresses is limited to the period of time necessary for the fulfilment of the purpose.

Transfers to third countries

In most cases, your personal data will only be processed within Switzerland and the EU. If, however, in the case of individual cases, data is processed outside the EU, it will be transferred in accordance with the legal requirements of Art. 6 DSG. In other words, processing takes place, for example, on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to that of the EU or Switzerland or compliance with officially recognised special contractual obligations (so-called “standard contractual clauses”).

Countries in which we may transfer data include

  • Switzerland (Webserver, Fileserver, Accounting, Calendar Widget)
  • Poland (Newsletter)
  • Globally (Swiss based Content Delivery Network)

This does not include the production clusters, as these are selected by the customer individually.

Data Processing on our Website

Cookies

Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on the computer system of a user. If a user calls up a website, a cookie can be stored on the user’s device. The cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. We use cookies for the purpose of making our website more user-friendly, effective and safer. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized even after a change of page.

We also use cookies on our website for the purpose of analysing the surfing behaviour of our site visitors. This enables us to improve our offer for the visitor. Furthermore, we use cookies for the purpose of subsequently addressing visitors to the site on other websites with targeted, interest-related advertising.

The processing is based on our legitimate interest in the above-mentioned purposes. The data collected from you in this way will be pseudonymised by technical precautions. It is therefore not possible to assign the data directly to your person. The data will not be stored together with other personal data of yours.

The Cookie Directive (European Directive 2009/136/EC) is not applicable. Art. 45c lit. b of the Telecommunications Act shall apply.

You have the right to object to the processing of personal data concerning you. Cookies are stored on your computer. Therefore you have full control over the use of cookies. By selecting the appropriate technical settings in your Internet browser, you can prevent the storage of cookies and the transmission of the data they contain. Already stored cookies can be deleted at any time. However, we would like to point out that you may not be able to use all functions of this website to their full extent.

The following links will give you information on how to manage (and deactivate) cookies in the most important browsers:

Server log files

Every time you access our website, usage data is transmitted by your Internet browser and stored in log files (server log files). These stored data include, for example, the name of the page accessed, the date and time of access, the amount of data transferred and the requesting provider as well as IP addresses. This data is processed for our legitimate interests and is used exclusively to ensure the trouble-free operation of our website and to improve our services.

Collection and processing when using the contact form

When using the contact form, we only collect your personal data (name, e-mail address, message text) to the extent that you have provided it. The data processing serves the purpose of establishing contact and initiating a contractual relationship. The processing is done in the interest of efficient communication. We use your e-mail address to process your enquiry or for the subsequent handling of contractual services.

GetResponse for the purpose of sending newsletters

If you subscribe to our newsletter via our website, we assume that you consent to the saving of the e-mail address provided, as well as the exact time and the IP address of your device as proof that you are the owner of the e-mail -Address and agree to receive the newsletter. Further data are not collected via the order form. If the newsletter is ordered in another way, we will save your name and a note on how the order came about as proof of consent. We use this data exclusively for sending the requested information. The dispatch takes place via a service provider commissioned by us, who receives this data for this purpose:

GetResponse S.A., Arkonska 6, A3, 80-387 Gdansk, Poland.
Data protection declaration: www.rapidmail.de/datensicherheit

Neither we nor our service provider will pass this data on to third parties. Our newsletter can contain a code with which we can count how often the newsletter was opened and which links were clicked. We use this information to optimize the content of the newsletter. This information is summarized and not stored with your personal data. You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time using the “Unsubscribe” link in the newsletter. The newsletter can then be ordered again at any time.

Calenso for the purpose of setting up meetings

You have the possibility to make appointments on our website. We use the online calendar “Calenso” to request and select an appointment. “Calenso” is an offer from Braincept AG, Neuenkirchstrasse 19, CH-6203 Sempach Station. A Data Processing Agreement with the provider is in place.

When you click on the button “Make Appointment”, you will be automatically connected to our Calenso appointment account. After choosing your appointment, confirming and entering your contact details and requests you will receive an email from Calenso confirming your appointment. You can find more information about Calenso and Calenso Privacy here: https://calenso.com/datenschutz

Your details from the Calenso form, including the data you enter there, will be stored by us for the purpose of processing your enquiry and in the event of follow-up questions. This data remains with us until you request us to delete it, revoke your consent to store it or the purpose for which it was stored ceases to apply (e.g. appointment made). Mandatory legal provisions – in particular retention periods – remain unaffected.

KeyCDN for the purpose of securing our webpage

We use a CDN from proinity LLC (KeyCDN), Reichenauweg 1, 8272 Ermatingen, Switzerland on this website to make our website faster. KeyCDN provides a content delivery network. These services are located between the user and our hosting provider. We will try to explain in more detail below what all this means.

A content delivery network (CDN), as provided by KeyCDN, is nothing more than a network of servers connected via the Internet. KeyCDN has distributed such servers all over the world to bring websites to your screen faster. Simply put, KeyCDN makes copies of our website and places them on their own servers. When you visit our website now, a load balancing system ensures that most of our website is delivered by the server that can display our website to you the fastest. A CDN significantly shortens the data transfer route to your browser. Thus, the content of our website is delivered to you by KeyCDN not only from our hosting server, but from servers from all over the world. The use of KeyCDN is particularly helpful for users from abroad, since here the page can be delivered from a server nearby.

Fathom Analytics for the purpose to optimize our website content and marketing activities

We use the analysis service Fathom on our website. No personal information about you will be stored except your IP address. Your IP will be transmitted when you visit, but will only be saved temporarily to prevent DDoS attacks. In addition, no cookies or other information is stored on your device. Fathom processes the data on German servers. We have signed a data processing agreement with the provider of Fathom (Conva Ventures Inc.). For more information, see the Fathom Privacy Policy: https://usefathom.com/privacy

Other data processing

Collection, processing and use of personal data for orders

When you place an order, we collect and use your personal data only to the extent necessary to fulfill and process your order and to process your inquiries. The provision of the data marked as mandatory in the fields is necessary for the conclusion of the contract. Failure to provide this information means that no contract can be concluded.

Your data will not be passed on to third parties without your express consent. The only exceptions to this are our service partners who we need to process the contractual relationship or service providers we use for processing orders. In addition to the recipients named in the respective clauses of this privacy policy, these are, for example, recipients of the following categories:

  • Payment service provider
  • Merchandise management service provider
  • Service provider for order processing
  • Webhoster, IT service provider
  • Marketing service provider

In all cases we strictly observe the legal requirements. Appropriate contract processing agreements have been concluded with the contract processors in order to guarantee data protection.

Zoom for the purpose of Video Communications

We use the “Zoom” tool to hold telephone conferences, online meetings, video conferences and / or webinars (hereinafter: “Online Meetings”). “Zoom” is a service provided by Zoom Video Communications, Inc., which is based in the United States. We are responsible for data processing that is directly related to the implementation of “online meetings”.

Note: If you access the “Zoom” website, the “Zoom” provider is responsible for the data processing. Calling up the website is only required to use “Zoom” in order to download the software for using “Zoom”. You can also use “Zoom” if you enter the respective meeting ID and any other access data for the meeting directly in the “Zoom” app. If you do not want to or cannot use the “Zoom” app, the basic functions can also be used via a browser version, which you can also find on the “Zoom” website.

When using “Zoom” different types of data are processed. The scope of the data also depends on the details of the data you provide before or when participating in an “online meeting”.

The following personal data are processed:

User information: first name, last name, telephone (optional), email address, password (if “single sign-on” is not used), profile picture (optional), Department (optional), Meeting metadata: topic, description (optional), participant IP addresses, device / hardware information

For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.

When dialing in with the phone: information on the incoming and outgoing phone number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be saved.

Text, audio and video data: You may have the option of using the chat, question or survey functions in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting” and, if necessary, to record them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and any video camera on the terminal device are processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using the “Zoom” applications.

In order to take part in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name. We use “Zoom” to conduct “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for your consent. The fact of the recording is also displayed in the “Zoom” app. If necessary for the purpose of logging the results of an online meeting, we will log the chat content. However, this will usually not be the case. In the case of webinars, we can also process the questions asked by webinar participants for the purpose of recording and following up webinars.

If you are registered as a user with “Zoom”, reports on “Online Meetings” (meeting metadata, data on telephone dial-in, questions and answers in webinars, survey function in webinars) can be saved in “Zoom” for up to one month.

Personal data that are processed in connection with participation in “online meetings” are generally not passed on to third parties unless they are intended to be passed on. Please note that content from “online meetings”, as well as from personal meeting meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.

Other recipients: The provider of “Zoom” necessarily receives knowledge of the above data, insofar as this is provided for in our order processing contract with “Zoom”. “Zoom” is a service that is provided by a provider from the USA. Processing of personal data therefore also takes place in a third country. We have concluded an order processing contract with the provider of “Zoom”. An adequate level of data protection is guaranteed by the conclusion of the so-called EU standard contractual clauses.

Microsoft Teams for the purpose of Video Communications

We would like to inform you below about the processing of personal data in connection with the use of “Microsoft Teams”.

We use the “Microsoft Teams” tool to hold conference calls, online meetings, video conferences and / or webinars (hereinafter: “Online Meetings”). “Microsoft Teams” is a service from Microsoft Corporation.

Note: If you access the “Microsoft Teams” website, the provider of “Microsoft Teams” is responsible for data processing. Accessing the website is only required to use “Microsoft Teams” to download the software for using “Microsoft Teams”.

If you do not want to or cannot use the “Microsoft Teams” app, you can also use “Microsoft Teams” via your browser. The service is then also provided via the “Microsoft Teams” website. When using “Microsoft Teams”, different types of data are processed. The scope of the data also depends on the details of the data you provide before or when participating in an “online meeting”.

The following personal data are processed:

User information: z. B. Display name (“Display name”), possibly e-mail address, profile picture (optional), preferred language, Meeting metadata: e.g. B. Date, time, meeting ID, phone numbers, location, Text, audio and video data: You may have the option of using the chat function in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting”. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and any video camera on the terminal device are processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using the “Microsoft Teams” applications.

We use “Microsoft Teams” to conduct “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for your consent. The chat content is logged when using Microsoft Teams. We store the chat content for a period of one month. If it is necessary for the purpose of logging the results of an online meeting, we will log the chat content. However, this will usually not be the case.

Personal data that are processed in connection with participation in “online meetings” are generally not passed on to third parties unless they are intended to be passed on. Please note that content from “online meetings” as well as from personal meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.

Other recipients: The provider of “Microsoft Teams” necessarily receives knowledge of the above data, insofar as this is provided for in our order processing contract with “Microsoft Teams”. Data processing outside of Switzerland does not take place, as we have limited our storage location to data centers in Switzerland. However, we cannot rule out that the routing of data takes place via internet servers that are located outside of Switzerland. This can be the case in particular if participants in an “online meeting” are in a third country. However, the data is encrypted during transport over the Internet and is thus protected against unauthorized access by third parties.

Your rights under the DSG

Right of access to information

You may request confirmation from the controller as to whether personal data concerning you are being processed. If such processing has taken place, you can request information from the data controller about information on the data stored about you. This includes:

  • all data available in the data collection, including available information about the origin of the data;
  • the purpose and, where applicable, the legal basis of the processing as well as the categories of personal data processed, the parties involved in the collection and the data recipients.

Right to withdraw consent

You have the right to revoke your data protection consent at any time. Revocation of your consent does not affect the legality of the processing that has taken place on the basis of your consent until revocation.