Proceq S.A., together with all its affiliates, (hereinafter we, us, our) are committed to protect and respect your data. In this Data Policy you may be a visitor to the website www.proceq.com including any of its subsites (the Website) or a user of one or more of our services, platforms, mobile applications and software made available by us to you in connection with any of our instruments or on a stand-alone basis (collectively our Services).
As a technology company specializing in the development of tools for data processing, we take the protection of your personal data seriously. For this reason, we would like to provide you with detailed information about the types of personal data we collect and process in connection with your use of the Website or any of our Services, to whom this personal data is transferred, and the rights you have in connection with the processing of this personal data. As an internationally oriented company based in Switzerland, we adhere to the data protection standards of the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR).
Please read the following carefully to understand our views and practices regarding your personal and non- personal data and how we will treat it. You are not required to provide the personal information that we have requested, but, if you chose not to do so, in many cases we will not be able to provide you with our Services or respond to any queries you may have.
By using our Services and/or registering for an account with us, you are accepting the terms of this Data Policy and consenting to our processing of your information as described herein. For the avoidance of doubt, "processing” may mean using cookies on a computer/handheld device or using or touching information in any way, including, but not limited to, collecting, storing, deleting, using, combining and disclosing information.
A. GENERAL INFORMATION
1. APPLICABILITY AND SCOPE
1.2 This Data Policy together with any other terms provided by us applies to your use of all our Services
unless a separate policy or legal document applies to a particular Service, in which case that policy or
legal document applies.
1.3 This Data Policy describes and sets out the basis for the collection, use, disclosure, storage retention and protection of the personal data you provide to us while using any of the Services, and applies to all personal data we collect through your use of the Website or our Services. It does not apply to data we obtain from third parties or through other channels, even if you access them via a link in or connected through our Services. We do not endorse, nor do we have influence on the content or policies of third-party services and therefore cannot assume any responsibility for them.
1.4 Before you disclose to us any personal data of another person (including employees and contractors) you must obtain that person's consent to both the disclosure and the processing of that personal data in accordance with this Data Policy.
2.1 We act as the operator of the Website and provider of the Services and determine the purposes and
means of the processing of your personal data. This means that we qualify as controller within the
meaning of the GDPR.
2.2 As controller, we are committed to ensure that your privacy and personal data is protected and that
- by post to the following address: Ringstrasse 2, 8603 Schwerzenbach,Switzerland;
- by telephone, on the contact number +41 43 355 38 00;
- by email, using the email address firstname.lastname@example.org;
- using our Website contact form.
3. PURPOSES OF USE
We only process your personal data if this is necessary to provide a functional Website and to provide our Services. The processing of your personal data is only carried out on the following legal bases and purposes:
(a) Processingonthebasisofyourconsenttotheprocessingofyourpersonaldata(art.6(1)(a) GDPR);
(b) Perform our contractual obligations towards you, manage, administer, analyze, enable and improve usage of our Services and enhance their stability;
(c) Help us create, develop, operate, deliver, and improve our products, Services, content and advertising, and for loss prevention and anti-fraud purposes;
(d) For internal purposes such as auditing, data analysis, and research to improve our products, services, and customer communications;
(e) Processing for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract (art. 6 (1) (b) GDPR); or
(f) Processing for the purpose of legitimate interests pursued by us or third parties (art. 6 (1) (f) GDPR).
4. STORAGE, RETENTION AND DELETION OF PERSONAL DATA
4.1 All personal data that is collected and processed as described herein is stored by us on our own secure
servers in Switzerland.
4.2 We will retain the data provided by you for as long as you use our Services and the performance of our
contractual obligations as well as compliance obligations or other purposes pursued with the processing and for a reasonable time thereafter so long as it is necessary and relevant for our business operations and beyond this duration in accordance with legal retention and documentation obligations.
4.3 Notwithstanding other provisions of this Data Policy, we may retain documents (including electronic documents) containing personal data:
(a) to the extent that we are required to do so by law or to fulfil our contractual obligations towards you;
(b) ifwebelievethatthedocumentsmayberelevanttoanyongoingorprospectivelegalproceedings relevant to us; and
4.4 After it is no longer necessary for us to retain your personal data, we dispose of it in a secure manner according to our data retention and deletion policies. The personal data will also be deleted if a statutory storage period expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.
5. TRANSFER OF PERSONAL DATA
5.1 In the context of our business activities and in line with the purposes of the data processing set out
herein, we may transfer your personal data to third parties, insofar as such a transfer is permitted and we deem it appropriate, in order for them to process data for us or, as the case may be, their own purposes. In particular, the following categories of recipients may be concerned:
(b) Service providers und subcontractors such as law firms, banks, insurance companies and cloud infrastructure providers;
(d) Courts, authorities and arbitral tribunals.
5.2 Certain data recipients may be within Switzerland, but they may be located in any country worldwide. In particular, data may be transferred to countries, in which our clients, their affiliates, or business partners are located as well as countries in which service providers are located or where our clients and affiliate companies are involved in business. If we transfer data to a country without adequate legal data protection, we ensure an appropriate level of protection as legally required by way of using appropriate contracts or binding corporate rules or we rely on the statutory exceptions of consent, performance of contracts, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the persons concerned.
6. DISCLOSURE OF PERSONAL DATA
6.1 We may use and disclose your data as we deem necessary: (i) under applicable law, or payment
6.2 We do not disclose information about identifiable individuals to our advertisers, but we may provide them with anonymous aggregate information about our users and customers. We may also use such aggregate information to help advertisers reach the kind of audience they want to target. We may make use of the data we have collected from you to enable us to comply with our advertisers' wishes by displaying their advertisement to that target audience.
6.3 We may disclose some or all of the data we collect from you when you download or use our Services to some third parties, including but not limited to mobile applications, websites and third-party integrations on or using our Services, partners or collaborators. Information collected by these third- party apps, websites or integrated services is subject to their own terms and policies.
6.4 We may disclose your data to any member of our group, affiliates which means our subsidiaries, our ultimate holding company and/or its subsidiaries.
6.5 We may disclose your data to third parties:
(a) in the event that we sell or buy any business or assets, in which case we maydisclose your data to the prospective seller or buyer of such business or assets;
(b) ifourcompanyorsubstantiallyallofitsassetsareacquiredbyathirdparty,inwhichcasepersonal data held by it about its customers will be one of the transferred assets;
(c) if we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request;
(d) with our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth hereunder;
(e) whenwebelieveingoodfaiththatdisclosureisnecessarytoprotectourrights,propertyorsafety of our customers or protect your safety or the safety of others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction, or respond to a government request, inter alia;
B. INDIVIDUAL PROCESSING ACTIVITIES RELATED TO THE USE OF THE WEBSITE
1. PROVISIONS OF THE WEBSITE AND CREATION OF LOGFILES
1.1 Every time you visit our Website, our system automatically collects data and information from the
computer system of the calling computer that may qualify as personal data under the GDPR. The following data may be collected:
- Type of device that is used for access, including a unique device identifier;
- Browser type and version;
- Operating system;
- Internet Service Provider;
- IP address;
- Date and time of access;
- Websites from which your system reaches our website;
- Websites accessed by your system via our website;
The data may be also temporarily stored in the log files of our system but is not stored together with other personal data concerning you.
1.2 The temporary storage of your IP address by the system is necessary to enable the website to be delivered to your computer. For this the IP address must remain stored for the duration of the session. The remaining data that as mentioned above serves us to optimize the Website and to ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context. Since we have a legitimate interest in providing a functional website to you, Art. 6 (1) f) GDPR serves as the legal basis for processing your personal data.
1.3 Your personal data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, the data will be deleted when the respective session has ended. If personal data is stored in log files, it will be deleted after seven days.
1.4 The collection of personal data for the provision of the Website and the storage of personal data in log files is necessary for the operation of the Website. Consequently, there is no possibility of objection.
3. SUBSCRIPTION TO NEWSLETTER
3.1 On our Website you have the possibility to subscribe to a free newsletter. Our newsletter primarily
contains information about our products and promotions, such as competitions or discount campaigns,
as well as evaluation requests.
3.2 When registering for the newsletter, the following personal data from the input mask will be transmitted to us:
- Email address;
- First name and last name;
- Company name;
- Main interests (industry/vertical).
3.3 The collection of your e-mail address is required to deliver the newsletter. The remaining personal data is collected in order to personalize the newsletter and prevent misuse of the services or the email address that is used. The personal data will be used exclusively for sending the newsletter and will be stored for as long as the newsletter subscription is active.
3.4 For the processing of your personal data, your consent will be obtained during the registration process in accordance with Art. 6 (1) (a) GDPR and reference will be made to this data protection declaration. The consent is based on a double opt-in procedure. This means that after registration you will receive an email asking you to confirm your registration. This confirmation is necessary to ensure that nobody registers with a third-party e-mail address. The registrations for the newsletter are logged to prove the registration process according to legal requirements. This includes the storage of the time of registration and confirmation as well as the IP address used by your system.
3.5 The subscription to our newsletter can be cancelled at any time by using the link in our newsletter. When you cancel your subscription, your consent to the processing of your personal data as described in this clause is automatically revoked.
4. COMMUNICATION BY EMAIL OR CONTACT FORM
4.1 The contact form on our Website can be used for electronic contact. If you use the contact form, the following personal data will be transmitted to us: E-mail address; First name and last name; Company name; Phone number; and IP address.
4.2 The collection of your e-mail address allows us to contact you to process your contact request. The remaining personal data is collected to prevent misuse of the contact form. As an alternative to using the contact form, it is also possible to contact us via the e-mail address email@example.com. In this case, in addition to your e-mail address, all personal data transmitted with the e-mail will be processed and stored. The data transmitted to us is used exclusively for processing your contact. The data will not be passed on to third parties or automatically registered for our newsletter.
4.3 If you contact us via the contact form or by email, we may keep a record of that correspondence. The personal data transmitted to us from the input mask and by email is deleted as soon as the data is no longer required for the purpose of collection. This is the case after ten (10) years at the latest, unless we are legally and contractually bound by longer storage obligations.
5. GOOGLE ANALYTICS
5.1 Our Website uses Google Analytics, a web analytics service provided by Google, Inc. (Google). All data collected by Google is transferred to servers located in the USA. Google is certified in accordance with both the EU-U.S. and Swiss-U.S. Privacy Shield and thus complies with the applicable data protection requirements. We have further concluded a data processing agreement with Google and are therefore fully compliant with the requirements of the GDPR when using Google Analytics.
- The IP address of the system you are using;
- The website from which you have reached our website (referrer);
- The individual pages you call up;
- The time spent on the website and individual pages;
- The frequency of the call of a site and individual pages;
- The country, region or city from where access is made.
5.3 The information above will be transferred to and stored by Google on servers in the United States. Before the transfer this information will be anonymized by removing the last octet of your IP address. Google will process this information on our behalf for the purpose of evaluating your use of the Website, compiling reports on Websites activity and providing other services relating to Websites activity and internet usage. Google will not link your IP address with any other data held by Google.
5.5 Google Analytics is also used to measure your engagement with our Website and mobile apps. This may include number of users, location and activities, types of mobile devices and iOS versions. With Google Analytics we don’t track personal data and all online behavior is anonymized.
6.1 Our Website uses the Hotjar web analytics service provided by Hotjar Ltd., a company incorporated in Malta (Hotjar Ltd). We have concluded a data processing agreement with Hotjar Ltd and are therefore fully compliant with the requirements of the GDPR when using Hotjar.
- The IP address of the system you are using;
- The website from which you have reached our website (referrer);
- The individual pages you call up;
- The time spent on the website and individual pages;
- The frequency of the call of a site and individual pages;
- The country, region or city from where access is made.
6.3 We use Hotjar to understand the Website usability and user experience through anonymized sample tracking of Website visits. Hotjar Ltd. stores the collected personal data in a pseudonymized user profile. The information will not be used by Hotjar Ltd. or by us to identify individual users, nor will it be combined with other data about individual users.
7.1 Our mobile applications use Firebase, a mobile app analytics service provided by Google. All data
collected by Google is transferred to servers located in the USA. Google is certified in accordance with both the EU-U.S. and Swiss-U.S. Privacy Shield and thus complies with the applicable data protection requirements. We have further concluded a data processing agreement with Google and are therefore fully compliant with the requirements of the GDPR when using Firebase.
7.2 Firebase provides us insight on how you use our applications as well as a crash reporting, analytics and monitoring service. Data we collect may include information about mobile devices (model, OS version, location, state), unique device identifiers, user activities in the app such as data synchronization, sharing and exports, which screens in the apps are used, QR code scanning, etc. Similar to other Google data collection services we may use, we get only anonymized data points that we use to improve the way our products give service to our customers. The processing of your personal information allows us to provide a more stable application, to offer a better user experience and to strengthen and improve our technical support. Since we have a legitimate interest in understanding how you use the application and provide you a stable application to provide a better user experience, Art. 6 (1) f) GDPR serves as the legal basis for processing your personal data.
8. GOOGLE TAG MANAGER
8.1 Our Website uses the Google Tag Manager, a service that allows website tags to be managed through
an interface. The Google Tag Manager only implements tags. This means that no cookies are used, and no personal data is collected. The Google Tag Manager triggers other tags, which in turn collect data if necessary. However, the Google Tag Manager does not access this data.
8.2 If a deactivation has been made at domain or cookie level, it remains valid for all tracking tags if they are implemented with the Google Tag Manager.
9. FACEBOOK CUSTOM AUDIENCES
9.1 Our Website uses the remarketing function “Custom Audiences” of Facebook Inc. (Facebook). All data
collected by Facebook is transferred to servers located in the USA. Facebook is certified in accordance with both the EU-U.S. and Swiss-U.S. Privacy Shield and thus complies with the applicable data protection requirements. We have further concluded a data processing agreement with Facebook and are therefore fully compliant with the requirements of the GDPR when using Custom Audiences.
9.2 To use the Custom Audiences function, we have integrated the so-called Facebook pixel into our website. The Facebook pixel is a piece of code that communicates with Facebook and enables us to optimize our advertising campaigns. With the help of the Facebook pixel, Facebook is able to show you interest-based advertisements (Facebook ads) when visiting the social network Facebook or other websites that also use this tool. The Facebook pixel further enables us to ensure that our Facebook ads correspond to the potential interest of the users. By showing us whether users have been redirected to our website after clicking on a Facebook ad (conversion), the Facebook pixel further allows us to track the effectiveness of our Facebook ads for statistical purposes.
9.3 The Facebook pixel is integrated directly by Facebook when you call up our Websites and can store a cookie on your device, provided that you have agreed to the Cookiebot setting. If you subsequently log in to Facebook or visit Facebook when logged in, the visit to our online offer will be noted in your Facebook profile. The data collected about you is anonymous to us, so we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and can be used by Facebook as well as for our own market research and advertising purposes. If we should transmit data to Facebook for comparison purposes, this data is encrypted locally in the browser and only then sent to Facebook via a secure connection. This is done solely for the purpose of comparison with the data encrypted by Facebook.
9.4 The “Custom Audiences” function can be deactivated for this Website and other websites at www.facebook.com/settings/ do this, you must be logged in to Facebook. The “Custom Audiences” function can also be deactivated for this Website by withdrawing your consent to the setting of marketing cookies under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
10. LEAD FORENSICS
10.1 We use IP Tracking technology to identify businesses visiting our Websites and the pages they visit. Lead Forensics cannot identify the individual visiting the websites, only the company, and provide us with information readily available in the public domain, including the visiting company’s contact information.
10.2 Lead Forensics provides a mixture of business data and personal data. When our website gets a visit, the Lead Forensics software tracks the active business IP address and matches it to further business details that lead forensics holds on their database, providing publicly available details such as business name and address, telephone number and email addresses of key decision makers. However, identifiable individual email addresses and employee names fall under personal data. As the software identifies the business visitor (as opposed to the individual visitor) through tracking a company IP, we are able use the data Lead Forensics provides for B2B marketing purposes processed under the grounds of legitimate interest. More information can be found on http://www.leadforensics.com.
C. Individual Processing Activities Related to the Use of our Services
1. CREATION OF USER ACCOUNT
1.1 To get access to and make use of our Services, you are required to register and create a user account
(User Account). To create a User Account, you will be asked to provide us with the following personal data (Account Information) relating to you: First name and last name; Email address; Company name; Phone number; Username; Personal password.
1.2 The collection and processing of account data is carried out with the purpose of identifying you as the unique holder of the account and to ensure that your personal data can only be viewed by you. To further enhance your security and the integrity of your personal data, we expressly reserve the right to collect additional reregistration information.
1.3 Since the collection of the personal data described here is necessary to fulfil our contractual obligations, the processing is based on Art. 6 (1) (b) GDPR.
2. USE OF ACCOUNT INFORMATION FOR MARKETING PURPOSES
We may use the Account Information that is collected as described above to send you non-marketing commercial communications as well as marketing communications relating to our business or the businesses of carefully selected third parties which we think may be of interest to you. If you do not wish to receive any marketing information, you can unsubscribe from this service at any time.
3. COLLECTION OF DEVICE AND LOCATION INFORMATION
3.1 Each time you use one of our Services we may automatically collect the following data about you and your device:
- technical information, including the type of device you use, aunique device identifier, network information, your operating system, the type of browser you use, time zone setting, etc.;
- information stored in certain of our Services or on your device, including without limitation, measurement and signal related information, functions you use, type of measurement signals and displayed results, pictures, videos, notes, voice-notes, chats, processed data, generated reports, uploaded information, and time and geographic location of when you accessed to our Services;
- information obtained using inertial measurement technologies, visual computing tools, wireless networking signals (e.g. Wi-Fi), beacons, or other technologies and tools required for the use of some of our Services;
- details of your use of any of our Services, but not limited to, traffic data, location data, and any crash data and logs, weblogs and other communication data, whether this is required for our own purposes or otherwise and the resources that you access or usage trends.
3.2 When you use one of our Services, we may use a positioning technology system to determine your current location when accessing to or using any of our Services. Some of our location-enabled Services require your personal data for the feature to work. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by uninstalling our respective Service.
4. NON-PERSONAL DATA OWNERSHIP AND LIABILITY
4.1 When you use our Services, we may collect data in a form that does not, on its own, permit direct
association with any specific individual. We may collect, use, transfer, and disclose non-personal data for any purpose. You retain the property rights in and to the data processed by us, uploaded, transmitted, stored or located in or provided to us by you while using or arising out of your use of our Services. You hereby grant us an irrevocable, perpetual and unconditional right to use, reproduce, distribute, or prepare derivative works based on any such non-personal data, on an anonymized way. You hereby agree that we shall keep at all times any and all right, title and interest in and to any such derivative works.
4.2 You shall be at all times fully responsible for all the data and content collected through, uploaded into, stored in or transmitted by means of our Services either by yourself or any third-party using or with access to our Services, lawfully or unlawfully, based on your agreement with us.
1.1 We are concerned about safeguarding the confidentiality of your information. We provide physical,
electronic, and procedural safeguards to protect information we process and maintain. For example, we limit access to this information to authorized employees and contractors who need to know that information in order to operate, develop or improve our Services. Please be aware that, although we endeavor to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
1.2 We will take reasonable technical and organisational precautions to prevent and prevent the risk of loss, misuse or unauthorized access, disclosure and alteration of your personal data. The storage of your data on our servers is password- and firewall-protected and all electronic financial transactions entered through our Services will be protected by encryption technology.
1.3 You acknowledge that the transmission of information over the Internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
1.4 You are fully responsible for keeping and securing your access to our Services, including without limitation, keep the password you use for accessing any of our Services safe and confidential; we will not ask you for your password (except when you log in to certain of our Services).
1.5 Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Services, you are responsible for keeping this password confidential.
1.6 Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, according to the Security section.
1.7 If you believe your account has been abused, please contact us immediately following the instructions in the Contact section below.
1.8 We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Data Policy.
2. INTERNET AND SOCIAL NETWORKING
2.1 Personal information that you publish, share or submit for publication in our Website, social media channels may be available, via the Internet, around the world. We cannot prevent the use or misuse of such information by others and hereby disclaim any responsibility thereon.
2.2 Certain Services include social networking, chat room or forum features. You shall ensure when using these features that you do not submit any personal data that you do not want to be seen, collected or used by other users.
3. THIRD PARTIES DATA PRACTICES
3.1. Our Services may, from time to time, contain content, links to and from websites of our partner networks, advertisers and affiliates or unrelated third parties (including, but not limited to, websites on which our Services are advertised). We cannot guarantee the data or security of your information once you provide it to a third party and we do not accept any responsibility or liability for these policies or for any data that may be collected through these third-parties websites or services. We encourage you to evaluate the data and security policies of such third party before choosing to share your information.
3.2. In order to pay for certain of our Services we may use third-party partners or platforms according to their own terms and conditions. We disclaim any responsibility or liability for such third-parties’ terms and conditions and the way they treat and process your data. Any payment transactions carried out by us or our chosen third-party provider of payment processing services will be encrypted.
3.3. This Data Policy addresses only the use and disclosure of information we collect, process from you or that has been provided by you while using our Services. If you disclose your information to others, or if you are directed to a third-party website, their particular policies and practices shall apply.
4. DO NOT TRACK SIGNALS
Unless otherwise stated herein, we do not track our Website users over time or across third party websites to provide targeted advertising and therefore do not respond to Do Not Track (DNT) signals.
Our Services are not designed or intended for use by children under the age of eighteen (18). We do not knowingly collect any personal data on our Services from anyone under the age of eighteen (18) without the prior, verifiable consent of a parent or guardian. Such parent or guardian may have the right, upon request, to view the information provided by the child and require that it be deleted. Moreover, all minors should seek their parent’s or guardian’s permission prior to using or disclosing any personal data or online resource.
6. CALIFORNIA PRIVACY DISCLOSURES
6.1 California consumers have a right to knowledge, access, and deletion of their personal data under the California Consumer Privacy Act. California consumers also have a right to opt out of the sale of their personal data by a business and a right not to be discriminated against for exercising one of their California privacy rights. We do not sell the personal data of California consumers and do not discriminate in response to privacy rights requests.
6.2 This Data Policy includes what personal data is collected, the source of the personal data, and the purposes of use, as well as whether we disclose that personal data and if so, the categories of third parties to whom it is disclosed.
7. CHANGES TO THE DATA POLICY
This Data Policy may be updated from time to time for any reason at our sole discretion. We will notify you of any changes to our Data Policy by posting the new Data Policy in our Website and informing you when you next start using or log onto one of the Services. You are advised to consult our Data Policy regularly for any changes, as continued use is deemed approval of all changes. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of certain of the Services.