Background gradientBackground gradient

Privacy Policy

Contact us

Version 2.0 last checked in March 2024

We take the protection of your privacy very seriously and process your data in compliance with the applicable data protection regulations. We are committed to protecting the personal data of visitors to our website. For the purposes of this document, personal data means any information relating to an identifiable person, such as name, address, e-mail addresses, Internet protocol addresses and user behavior.

When collecting your personal data, our primary concern is to provide you with a secure, uncomplicated and efficient service that is tailored to your needs. In the following privacy policy, we inform you about the processing of your personal data by us. We also provide you with an overview of your rights in the area of data protection. Which data is processed in detail and how it is used essentially depends on the services used, requested or agreed.

1. Controller and Data Protection Officer

(1) The controller pursuant to Article 4(7) of the General Data Protection Regulation (GDPR) and the service provider pursuant to Section 13 of the German Telemedia Act (TMG) is:

DSwiss AG
Data Protection Department
Badenerstrasse 329
CH-8003 Zurich |
Switzerland

(2) You can contact the Data Protection Officer at:

DSwiss AG
Antonio Mecci
Data Protection Department
Badenerstrasse 329
CH-8003 Zurich
Switzerland


E-mail: privacy@dswiss.com

2. Source of Personal Data

We process personal data that we obtain from you in the scope of creation of your SecureSafe account, your visit to our website, within the context of your contact with us by email or via a contact form.

3. Categories of Personal Data That Are Processed

(1) If you visit or use our website purely for information purposes, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security:

  • Your Internet Protocol address,
  • Date, time and duration of your visit,
  • Content of the request (specific page),
  • Access status/http status code,
  • The amount of data transferred in each case,
  • Website from which the request originates,
  • Your browser, your operating system.

This data is used exclusively for internal statistical purposes.

(2) In addition to the above-mentioned data, transient and persistent cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk in connection with the browser you are using and through which the party that sets the cookie receives certain information. Cookies cannot execute programs or transmit viruses to your computer. They are used to make the website more user-friendly and effective overall.

(3) Most browsers are set to accept cookies. However, you can deactivate the storage of cookies in your browser at any time or set your browser to notify you as soon as cookies are sent. Please note, however, that you may then no longer be able to use all the functions of this website.

(4) This stored information is stored separately from any other data that you may have provided to us. In particular, the data from the cookies will not be merged with other data about you.

4. Further Functions and Offers of our Website

(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. This usually requires you to provide further personal data that we need to provide the respective service.

(2) If you contact us by e-mail or via a contact form, the data you provide (your e-mail address and, if applicable, your first and last name and your telephone number) will be stored by us in order to answer your inquiry.

(3) If you contact us via our offer or sales contact form, we collect your first and last name, the name and address of the company you work for, your e-mail address and your telephone number.

(4) If you contact us via our support contact form, we collect your e-mail address and your SecureSafe user name.

(5) If customers purchase our service for a project group, we collect the following data as part of the ordering process: the Team Safe name, the nickname, the user name and an e-mail address. If customers also request a free quote for our services for their company, we collect the following personal data: Your name, your first name, the name of the company for which the quote is to be obtained, the address as well as the e-mail address and telephone number.

(6) If you are already a customer with us, we process your e-mail address in order to send you information about innovations in our products and services as well as preferential offers. For this purpose, we forward the above-mentioned data to our technical service provider Emarsys eMarketing Systems AG, Märzstraße 1, A-1150 Vienna.

(7) We delete the personal data collected in this context after storage is no longer necessary, or we restrict processing if there are statutory retention obligations.

5 Google Analytics 4 with IP Anonymization

(1) This website uses Google Analytics 4 with IP anonymization, a web analytics service provided by Google Inc ("Google"). Google Analytics 4 uses "cookies". The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. By activating IP anonymization on this website, your Internet protocol address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

(2) The internet protocol address transmitted by your browser as part of Google Analytics 4 will not be merged with other Google data.

(3) You can prevent the collection of data generated by the cookie and related to your use of the website (including your Internet Protocol address) and the processing of this personal data by Google by using the cookie settings of your browser by downloading and installing the browser plug-in available at the following link: google.com.

(4) We would like to point out that on this website Google Analytics 4 has been extended by the code "ga('set', 'anonymizeIp',true);" in order to ensure anonymized collection of Internet protocol addresses (IP masking). This means that the internet protocol addresses are further processed in abbreviated form.

(5) We use Google Analytics 4 to analyze the use of our website and to improve it regularly. The statistics obtained enable us to improve our offer and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield.

(6) This website uses Google Tag Manager. We use Google Tag Manager to implement and manage tags on this website. This means that the Tag Manager does not record any cookies or personal data. However, it can trigger tags that can record data. Google Tag Manager does not have access to such personal data. The deactivation at domain or cookie level still applies to all tracking tags implemented with Google Tag Manager.

(7) Information about the third-party provider: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353(1) 436 1001. Terms of use: google.com; overview of data protection: google.com and the privacy policy: google.com.

6. Integration of Google reCAPTCHA

(1) Our website uses Google's reCAPTCHA service to protect your requests via an online form. The query is used to distinguish whether the input is made by a person or abusively by automated machine processing (e.g. by bots). The query includes the transmission of the internet protocol address and other data required by Google for the service to Google. For this purpose, your entries are transmitted to Google and used there.

(2) By using reCAPTCHA, you agree that the recognition you provide will be used for the digitization of old works. Due to the activation of IP anonymization by us on this website, your Internet protocol address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will your full Internet Protocol address be transmitted to a Google server and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the service. The Internet Protocol address transmitted by your browser as part of reCAPTCHA will not be merged with other Google data. This data is subject to the differing data protection provisions of Google Inc. Further information on Google's data protection guidelines can be found at: google.com.

7. Integration of YouTube videos

(1) We have integrated YouTube videos into our online offering, which are stored on YouTube.com and can be played directly from our website. These are all integrated in "extended data protection mode", i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph 2 be transmitted. We have no influence on this data transmission.

(2) When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website. The data mentioned in paragraph 3 will also be transmitted. This happens regardless of whether YouTube provides a user account that you are logged in to or whether you do not have a user account. If you are logged in to Google, your data will be linked directly to your account. If you do not wish to be associated with your profile on YouTube, you must log out before activating the button. YouTube will record your data in user profiles and use them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to present needs-based marketing and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. To exercise this right, you must contact YouTube.

(3) Further information on the purpose and scope of data collection and processing by YouTube can be found in their privacy policy. There you will also find further information about your rights and settings options to protect your privacy: google.com. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield.

8. Use of HubSpot for Data Processing

DSwiss uses HubSpot, an integrated customer relationship management, marketing and communication platform, to better serve our customers and efficiently manage interactions with our services. This section describes how we use HubSpot and what rights you have in relation to the personal data processed via HubSpot.

(1) How we use HubSpot:-

Communication: HubSpot allows us to send emails, newsletters and other communications to users who have opted in to receive these communications. It helps us customize our communications based on user preferences and interaction history.- Customer service and engagement: We use HubSpot to manage and respond to customer inquiries and feedback and to provide support services.- Marketing and analytics: HubSpot provides marketing campaign and analytics tools to help us understand how our services are being used and how we can improve them.

(2) Your data protection rights with HubSpot:

Your personal data is processed in HubSpot on the basis of your consent. You have the right to access, rectify or erase your personal data, as well as the right to restrict processing and the right to data portability, as described in our Privacy Policy.

(3) Unsubscribing from communications via HubSpot

If you wish to unsubscribe from receiving marketing communications processed via HubSpot, you can do so in the following ways:

- Directly from emails: Use the "unsubscribe" link in the footer of any marketing email you receive from us via HubSpot.

- Contacting us: If you encounter any issues or would like to request to be removed from our communication lists directly, please contact our Privacy Department at privacy@dswiss.com.

We are committed to protecting your privacy and ensuring that your personal data is handled in accordance with best practice and legal requirements.

9. Use of the SecureSafe application

(1) The use of our internet data safe services ("SecureSafe Services") is in accordance with the SecureSafe T&Cs and at the user's own risk. You can access the SecureSafe Services via the internet from our website or download our SecureSafe apps for desktop or mobile devices.

(2) You can download our apps for mobile devices from various online platforms of other providers ("App Stores"). The data protection notices of the respective providers apply to data processing in connection with your visit to the App Store and the download of the app for mobile devices. These can be viewed at apple.com for the Apple App Store and at google.com for the Google Play Store.

(3) In order to use our SecureSafe services, you must register and provide the following data:

- your email address,
- a user name of your choice,
- a password of your choice.

(4) The following data is processed when you use the SecureSafe

application:- The data specified in section 3 (Categories of personal data processed), subsection 1,
- performed,
- Actions performed within the app (visible e.g. in the "Activity Trail" of a TeamSafe) and their duration, - The (SecureSafe) app version you are using.

(5) Your registration establishes a user relationship in accordance with the provisions of the SecureSafe T&Cs. We store the personal data you provide that is required to fulfill the contract. We also store the data you provide voluntarily for the period in which you use the SecureSafe services, unless you delete it. You can manage and edit all information in your reserved customer area. SecureSafe does not have access to your login data at any time.

(6) When you use our SecureSafe services, you generate usage data by uploading files, saving passwords or sending emails with personal content via the mail-in function. If the uploading of content is not exclusively related to personal or family matters, this may constitute a form of processing that is subject to the application of the GDPR. For this purpose, you are the "controller" for the respective processing activity within the meaning of Article 4 (7) GDPR. We merely provide our users with the technical framework for the storage of data. We have no control over the type of personal data uploaded by users when using the SecureSafe services. We do not have access to the uploaded data, we do not check it and we do not evaluate it. We therefore assume that you alone are the controller within the meaning of Article 4 (7) GDPR in the above-mentioned case. If you delete your account or request its deletion, the usage data generated by you will also be deleted.

(7) If you use our SecureSafe services for activities other than personal or family activities, you must conclude an order processing contract with us for the use of our services.

(8) If the usage fee is not paid by the customer himself, but by a third party, e.g. the customer's employer (hereinafter "third-party payer"), DSwiss reserves the right to send the third-party payer billing reports, which may contain the customer's e-mail address. The customer expressly agrees to this.

(9) Via our website or apps, you can choose between free use of our services and other fee-based services. We accept payment by credit card or via PayPal accounts.

(10) If you choose to use a voucher, we will record the voucher code and the context in which it was used.

(11) If you choose to pay by credit card, you will be redirected to the Datatrans interface for payment. The following personal data is required for payment by credit card: your credit card information, consisting of card number, expiry date and CVV code. Further information can be found in Datatrans' privacy policy at datatrans.ch.

(12) If you choose the online payment service provider PayPal for payment, you will be redirected to the PayPal interface for payment. The personal data transmitted to PayPal is usually first name, surname, address, telephone number, IP address, e-mail address or other data required for processing, as well as data related to the purchase. Depending on the payment method selected with PayPal, PayPal transmits the personal data transmitted to PayPal to rating agencies. The individual agencies and the data generally collected, processed, stored and passed on by PayPal can be found in PayPal's privacy policy at paypal.com.

(13) The financial data used is encrypted with TLS.

10. Categories of Recipients of the Personal Data

(1) We have some of the processes and services carried out by carefully selected service providers who are obliged to comply with data protection regulations. These external service providers are bound by our instructions and are subject to regular monitoring. They will not disclose your data to third parties.

(2) With regard to the disclosure of data to other recipients, we only disclose information about you if this is required by law, if you have given your consent or if we are authorized to disclose it. If these requirements are met, recipients of personal data may be, for example:

- Public bodies and institutions (e.g. tax authorities, law enforcement authorities) if there is a legal or official obligation.

11. The Purposes of the Processing for which the Personal Data are intended and the Legal Basis for the Processing

We process your personal data in accordance with the applicable legal provisions on data protection. Processing is lawful if the following condition is met:

- Consent (Article 6(1)(a) GDPR): The processing of personal data is lawful if you have consented to the processing for specific purposes (e.g. processing of your request, use of the data for marketing purposes). You can withdraw your consent at any time with effect for the future. This also applies to the revocation of declarations of consent given to us prior to the application of the GDPR, i.e. before 25 May 2018.

- Due to contractual obligations (Article 6(1)(b) GDPRWe process personal data in order to fulfill our contractual obligations or to carry out pre-contractual measures that take place upon request. The purposes of the processing activities arise primarily from your request.

- Due to legal requirements (Article 6(1)(c)GDPR), DSwiss AG is subject to various legal obligations. These include:- Commercial

- and tax law retention obligations under the law of obligations and the Federal Act on Direct Federal Tax,

- Compliance with tax law control and reporting obligations.

- As part of the balancing of interests (Article 6(1)(f) GDPR): Where necessary, we process your data beyond the actual fulfillment of the contract to protect our legitimate interests or those of third parties. Examples:

- Assertion of legal claims and defense in legal disputes,

- Ensuring IT security and IT operations, analysis and improvement of the use of our website.

- Transmission of information about updates to our products and services and about special offers for our customer base.

12. Intention to transfer the Personal Data to a Third Country or to an International Organization

In principle, data is only processed in Switzerland. The EU Commission has determined an adequate level of protection in Switzerland in accordance with Art. 25 (6) of the EU Data Protection Directive. An active transfer to other third countries only takes place if this has been expressly indicated within the scope of the aforementioned services.

13. Criteria for determining the Duration for which the Personal Data are stored

(1) Data is stored in accordance with the statutory provisions on data processing and in compliance with the statutory retention periods. We process and use your data exclusively for the purposes for which we are authorized and for as long as the data is required for these purposes.

(2) If the data is no longer required for the purpose or to fulfill legal obligations, it is generally deleted, unless its further processing - possibly limited in time and scope - is necessary for the following purposes:

- The fulfillment of commercial and tax retention obligations: The Swiss Code of Obligations (CO) and the Federal Direct Federal Tax Act (DBG) should be mentioned here. According to these, the retention and documentation periods are generally 10 years.

- Retention of evidence within the framework of the statute of limitations.

14. Your Data Protection Rights

(1) Every data subject has the right of access under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR. In addition, you have the right to lodge a complaint with a competent data protection supervisory authority (Article 77 GDPR in conjunction with Section 19 BDSG). To correct the data, you can log into your user account and make the desired changes via the "Settings" field (top right).

(2) You can revoke the consent you have given us to process personal data at any time with effect for the future. This also applies to the revocation of declarations of consent given to us before the application of the General Data Protection Regulation, i.e. before May 25, 2018.

(3) You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(e) GDPR (data processing in the public interest) and Article 6(1)(f) GDPR (data processing on the basis of a balancing of interests); this also applies to profiling based on this provision within the meaning of Article 4(4) GDPR.

In individual cases, we also process your personal data for direct marketing purposes. You have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, we will no longer process your personal data for such purposes.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

The objection can be lodged informally and should be sent to:

DSwiss AG
The Data Protection Officer
Antonio Mecci
Data Protection Department
Badenerstrasse 329
CH-8003 Zurich
Switzerland

E-mail: privacy@dswiss.com

15. Obligation to provide and Possible Consequences of not providing Personal Data

Within the context of use of our offers, you must provide the personal data that are necessary to fulfill the purpose or that we are required to collect by law. Without these data, we will usually be unable to render the desired service.

16. Data Security

Your personal data will be stored and processed on our computers in Switzerland. We protect your personal data by way of compliance with physical, electronic and process-technical safety measures in accordance with article 32, GDPR, in conjunction with the applicable Swiss Federal law. We protect our computers, among other things, using firewalls and data encryption. Moreover, we conduct personal checks before granting access to our buildings and files, and access to personal data is granted only to employees requiring said data to fulfill their tasks.

17. Application of automated decision-making, including profiling

We generally do not use any fully automated decision-making in accordance with Article 22 GDPR for establishing and execution of the business relationship. We will inform you separately if we use this procedure in exceptional cases, as far as this is required by law.

18. Changes to the Privacy Policy

This privacy policy may be updated occasionally, since we continually develop and optimize our services. For this, the respective latest version will be published on our website.

© 2024 DSwiss. All rights reserved.