Privacy policy
Swynoo AG, Untere Roostmatt 1, CH-6300 Zug (hereinafter “Swynoo”), is the author of this data protection declaration and the owner of the information (data) collected about you under this data protection declaration.
We know that careful handling of your personal information is important to you. We therefore appreciate your trust that Swynoo will handle this information conscientiously. Swynoo is responsible for the collection, processing, forward- ing, storage and protection of your personal information and ensures compli- ance with the Swiss Data Protection Act as far as data from Swiss customers are concerned, as well as compliance with the EU General Data Protection Regula- tion as far as data from Customers from the EU area are affected.
The consent you have given with this data protection declaration can be re- voked at any time with effect for the future (see section 10, last paragraph).
1. Contact data
Responsible for data processing is:
Swynoo AG
Untere Roostmatt 1
CH-6300 Zug
You can contact the Swynoo AG data protection officer at: support@swynoo.ch
2. Applicable Law
The data processing by Swynoo is subject to the following law:
Data from Swiss customers and Swiss visitors to our website
Only Swiss law applies to the processing of data from Swiss customers, in partic- ular the Federal Act on Data Protection (DSG, SR 235.1) and the associated ordi- nance on the Federal Act on Data Protection (SR 235.11). The EU’s General Data Protection Regulation (GDPR) does not apply. The applicability of the GDPR re- mains reserved (i) insofar as it is expressly provided for in this data protection declaration for sub-areas, and (ii) insofar as the GDPR is also mandatory for data from Swiss customers due to special circumstances.
Data from customers from the EU area and visitors from the EU area of our website
In addition to Swiss law, the processing of data from customers from the EU area is subject to Regulation (EU) 2016/679 on the protection of natural persons in the processing of personal data, on the free movement of data and on the repeal of Directive 95/46 / EC (Datenschutz Grundverordnung, GDPR) applicable. See also section 12 (Additional regulations for customers from the EU area).
3. Type and scope of the collection of personal data when visiting our website (without login)
When you visit our online presence, the web server technology we use automat- ically logs general technical visit information. This includes, among other things, the IP address (which, however, is anonymized by Google before it is saved so that it can no longer be assigned to you. Google uses the _anonymizeIp ()) method of the device used, information on the browser type and the Internet Service provider and the operating system used.
4. Data security
We use technical and organizational security measures in accordance with rec- ognized market standards to protect personal data stored by us against uninten- tional, illegal or unauthorized manipulation, deletion, modification, access, dis- closure or use and against partial or complete loss. The Swynoo servers are lo- cated in a multi-certified and secure data center operated by Swisscom (Switzer- land) AG. Swisscom regularly backs up customer data (backup). In order to pre- vent data loss even in extreme cases (e.g. destruction of the data center by an earthquake), the encrypted backups are stored in parallel in several data centers in Germany and abroad. Our security measures are continuously adapted and improved in line with technological developments. We assume no liability for the loss of data or their knowledge and use by third parties. For the rest, we cannot accept any liability for the security of data transmission on the Internet; in par- ticular, there is a risk of access by third parties when data is transmitted by e- mail. However, access is protected using HTTPS. If explicitly requested by the customer, the customer can opt for double authentication at any time.
5. Purpose of processing personal data / recipient of the data
We process the data collected in order to be able to continuously improve the products and services you want, to manage your use and your desired access to our applications, products and information, to maintain our business relation- ship with you, to improve performance to monitor and improve our offer in or- der to detect, prevent or clear up illegal activities and to send you offers, infor- mation or marketing material about products or services that we believe, based on the data, could be interesting for you. The data can also be passed on to part- ner companies and service providers, selected third-party companies, institutes and / or legally authorized state authorities in Germany and abroad for pro- cessing, storage and use within the scope of the above-mentioned purposes. If the processing or storage of personal information takes place in countries that do not guarantee adequate data protection in comparison to Swiss data protec- tion law, we require the processor under contractual obligation to fully comply with the relevant provisions of the DSG or – insofar as data from customers the EU area are affected – the GDPR.
We have some of the aforementioned processes and services carried out by ser- vice providers commissioned to comply with data protection regulations and based in the EU or Switzerland. These are companies in the categories of IT ser- vices, payment transactions, print service providers, billing, debt collection and consulting, as well as sales and marketing as well as service providers that we use in the context of order processing relationships.
Contact
Data collected:
We collect and process the data you provide, such as your contact details, your name and your request, when you contact us via a contact form or by email. All data that you transmit to us is encrypted and transmitted between your browser and our server.
Purposes of data processing:
The data processing is carried out by our customer service exclusively on the ba- sis and to process your request.
Storage period:
The criterion for the duration of the storage of personal data is the respective statutory retention period. After the deadline has expired, the relevant data is routinely deleted, provided that it is no longer required to fulfill or initiate a contract.
Customer surveys
Data collected
For the purposes of online surveys, Swynoo processes user information solely for the purposes of survey evaluation, provided that no personal data, such as
e.g. Names or email addresses that are queried anonymously, i.e. especially without the IP address of the user. If personal data is also requested in the con- text of the survey on the topic of the survey (e.g. name, address, company, etc.), we will separately point out in the context of the survey that this is addi- tional, voluntary information that we collect and use.
Location data
Swynoo requires access to the location of your device for the app. This is done even when the app is running in the background. When a request is made, we collect your current location via the provider TomTom in order to quickly provide the disposition with information about your immediate surroundings. Data about your location will only be used for disposition processing. The transmission of your location data takes place via an encrypted connection. Your location data will be anonymized after the end of your trip and statistically analyzed to improve our service.
Purposes of data processing:
We use customer surveys to design and optimize our products and services in line with requirements.
Legal basis:
We use customer surveys when you fill out a corresponding questionnaire. By submitting your answers, you give your consent.
Storage period:
The criterion for the duration of the storage of personal data is the respectivestatutory retention period. After the period has expired, the relevant data is rou- tinely deleted, provided that it is no longer required to fulfill or initiate a con- tract.
Mailerlite Data
collected:
We use solutions and technologies from MailerLite Ltd. (UAB “MailerLi-te”, J.
Basanavičiaus 15, LT-03108 Vilnius, Lithuania)
Purposes of data processing:
MailerLite create email marketing campaigns with features like automation, landing pages and customer surveys. We process your data in order to create campaigns and to collect information about website visitors that may have reached us through our campaigns on LinkedIn or our website.
Legal basis:
We store this data temporarily on the basis of legitimate interests (Art. 6 Para. 1 f GDPR). Our legitimate interest lies in achieving the purposes described above
Storage duration and control options:
MailerLite stores the data for up to 13 months. If you do not want to participate in conversion tracking, the Mailerlite cookie can be deactivated via your browser at https://www.mailerlite.com/legal/privacy-policy.
6. Cookies
Cookies help to make your visit to our website easier, more pleasant and more meaningful. Cookies are information files that your web browser automatically saves on your computer’s hard drive when you visit our website and use our ser- vices.
You can manage your security settings in the browser yourself and thereby block or deactivate the cookies we use, whereby certain bexio services may then no longer (in full) be used.
Tracking and analysis tools / social media
The use of our digital offers is measured and evaluated using various technical systems, mainly from third-party providers such as Google Analytics. These measurements can be made anonymously or personally. It is possible that we or the third-party providers of such technical systems may pass on the data col- lected to third parties in Germany and abroad for processing. The most fre- quently used and best-known analysis tool is Google Analytics, a service from Google Inc. With this, the collected data can generally be transmitted to a Google server in the USA.
Our website uses Google Analytics, a web analysis service provided by Google Inc. based in 1600 Amphitheater Parkway, Mountain View, CA 94043, U.S.A. (“Google”). Google Analytics uses so-called cookies, text files that are stored on your computer and that enable your use of the website to be analyzed. The in- formation generated by the cookie about your use of the website (including your IP address, which is anonymized by Google before it is saved so that it can no longer be assigned to you) is sent to a Google server in the Transferred to the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports on website activity for us and to provide other services relating to website activity and internet usage. Google may also transfer this information to third parties if this is required by law or if third par- ties process this data on behalf of Google. Under no circumstances will Google associate your IP address with other Google data.
Further information can be found in Google’s privacy policy at https://support.google.com/analytics/answer/6004245?hl=de.
If you do not want your website activity to be available for Google Analytics, you can install the browser add-on to deactivate Google Analytics:
https://support.google.com/analytics/answer/181881?hl=en.
This prevents the JavaScript running on websites (ga.js, analytics.js and dc.js) from sharing activity data with Google Analytics.
We store this data temporarily on the basis of legitimate interests (Art. 6 Para. 1 f GDPR). Our legitimate interest lies in achieving the purposes described above.
The analysis of data by other tools of the website owner is not prevented when you use the add-on. Data can still be sent to the website or to other web analy- sis services.
Finally, we collect certain information via our website in so-called server log files, which your Internet browser automatically transmits to us. These include the user agent (browser type and version, operating system used), http header information (referrer URL, IP address of the accessing computer) and the time of the server request. These server log files are only merged with other data sources for error analysis.
Integration of third-party offers / social media
Our digital offers are networked with functions and systems of third parties in a variety of ways, for example by integrating plug-ins from third-party social net- works such as Facebook, Twitter, etc. If you have a user account with these third parties, they may also be able to use your Measure and evaluate the use of our digital offers. Additional personal data such as IP address, browser set- tings and other parameters can be transmitted to these third parties and stored there. We have no control over the use of such personal data collected by third parties and assume no responsibility or liability. Incidentally, Swynoo has no detailed knowledge of which data is transmitted to third-party providers, where it is transmitted and whether it is anonymized.
7. Automatic decisions
Swynoo does not use any profiling or automatic decision-making techniques. Should Swynoo use this procedure in individual cases, you will be informed separately, provided this is required by law.
8. Communication by email
You can unsubscribe from receiving electronic mailings at any time or adjust the type and scope of this marketing service. The electronic mailings each contain a corresponding link.
9.Duration of storage
Swynoo processes and stores your personal data for as long as you use the ser-
vice. It should be noted that the contractual relationship is a long-term obligation that is set up for years.
If the data are no longer required for the fulfillment of contractual or legal obli- gations, they are regularly deleted, unless their – temporary – further processing is necessary for the following purposes:
- Fulfillment of commercial, tax and other retention obligations in Switzer- land: The ten-year period for keeping and storing the business books (OR 958f) should be mentioned in particular; longer deadlines may result from special
- Fulfillment of commercial, tax and other storage obligations in Germany: The commercial code (HGB) and the tax code (AO) should be mentioned in The periods for storage and documentation specified there are two to ten years; longer deadlines may result from special laws.
- Fulfillment of commercial, tax and other storage obligations in other coun- tries, insofar as and insofar as Swynoo is active
- Preservation of evidence within the framework of the respective statutory statute of limitations, whereby such limitation periods can be up to 30 years and
10. Information, correction, deletion, blocking, consent
You have the following rights with regard to your personal data. Swynoo expli- c itly grants these rights contained in the GDPR to Swiss customers, unless they already have analogous rights based on the GDPR:
- the right to information under Article 15 GDPR,
- the right to rectification according to Article 16 GDPR,
- the right to deletion according to Article 17 GDPR,
- the right to restriction of processing according to Article 18 GDPR,
- the right to data portability according to Article 20 GDPR, as well as
- the right to object under Article 21 GDPR.
Information desk:
You can request at any time that we provide you with information about which of your personal data we process and how and provide a copy of the personal data stored about you, Art. 15 GDPR.
Correction:
You can request the correction of incorrect personal data and the completion of incomplete personal data, Art. 16 GDPR.
Deletion:
To delete your personal data: Please note that the deletion does not include data that we need to execute and process contracts and to assert, exercise and de- fend legal claims, as well as data for statutory, supervisory or contractual reten- tion requirements exist, Art. 17 GDPR.
Restriction of processing:
Under certain circumstances you can request the restriction of processing, e.g. if you are of the opinion that your data is incorrect, if the processing is unlawful or if you have objected to the data processing. This means that your data may only be processed to a very limited extent without your consent, e.g. to assert, exercise and defend legal claims or to protect the rights of other natural and le- gal persons, Art. 18 GDPR.
Objection to data processing:
You have the option of objecting to data processing for direct advertising purposes at any time. In addition, if there are special reasons, you can object at any time to data processing that is based on a legitimate interest, Art. 21 GDPR.
Data portability:
You have the right to receive the data that you have provided to us and that we process on the basis of your consent or to fulfill the contract in a common, machine-readable format and, within the framework of what is technically feasible, to request a direct transfer of this data to third parties, Art 20 GDPR.
Any restrictions of the GDPR and the applicable national data protection laws or other national laws apply to the rights mentioned above.
If you are asked to give your consent in connection with the Swynoo services, you give your consent by clicking the appropriate checkbox so that Swynoo may collect, process, use and pass on your personal data accordingly.
You can of course revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation. The revocation can be sent in writing to the Swynoo address mentioned above. However, an email to the address support@swynoo.ch is sufficient. Some of the services and functions will no longer be available to you afterwards.
With whom we share your personal data
In order to achieve the purposes described in this Privacy Policy, it may be necessary, that we share your personal data with other companies.These are as follows Categories of recipients:
-other group companies;
-external service providers;
-other customers;
-suppliers and business partners;
-(where applicable) authorities and courts.
Location of processing
We store and process your personal data primarily in Switzerland and the EU. We can also transfer your personal data to recipients in countries outside of Switzerland or the EU (worldwide, especially the USA). Data transfers to countries without adequate data protection, we do not transfer data to countries without adequate data protection exceptions (e.g. necessity for contract fulfillment).
11. Links to other websites
The Swynoo website contains hyperlinks to websites operated by third parties that are not operated or controlled by Swynoo. Swynoo is not responsible for their content or data protection practices.
12. Additional regulations for customers from the EU area
The following provisions are only applicable to customers from the EU, they do not apply to Swiss customers.
Legal basis for processing
The processing of your data for the purposes mentioned in section 5 takes place in accordance with Article 6 (1) (b) GDPR to fulfill the contract. The above-men- tioned services are the subject of the contract.
Your data will also be processed as described above to safeguard Swynoo legit- imate interests (Article 6 (1) (f) GDPR). These are the improvement of products and services (including the delivery of direct mail), monitoring and improving the performance of the offer, as well as detecting, preventing or investigating illegal activities.
In addition, the data are processed in accordance with Article 6 (1) (c) GDPR in order to fulfill legal obligations (e.g. retention and documentation obligations). This includes, in particular, your personal master data.
If you should be of the opinion that one or more of the purposes mentioned under point 5 is or are not covered by the legal bases mentioned above, you can request that we no longer process your personal data for specific individual pur- poses (opt-out). You can send such an opt-out in writing to the Swynoo address mentioned above. However, an email to the address support@swynoo.ch is sufficient.
Revocation of Consent
You can revoke any consent you have given to the processing of your personal data at any time with effect for the future. Please note that the revocation has no impact on the legality of the previous data processing and that it does not extend to data processing for which there is a legal reason for permission and which may therefore be processed without your consent.
Right of appeal
If you are of the opinion that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a competent supervisory authority in accordance with Article 77 GDPR. Swynoo is of course happy to an- swer your questions and requests in advance of a complaint. Please contact us by email at support@swynoo.ch
Version July 2024