Privacy Policy - SELISE

Privacy Policy

1. INTRODUCTION

Secure Link Services Ltd – CHE-104.375.184 (“Company”, “We”, “Us” or “Controller” ) respects your privacy and is committed to protecting your personal data. This privacy policy informs our customers, interested parties, website visitors and third parties with whom we do business or interact (“customers”, “users” or “you”) about the collection, processing, disclosure, transfer of their personal data in connection with the use of our services, apps, websites, offers, interaction with us or collaboration (“services”), regardless of where they visit from.

We are based in Switzerland and generally comply with the Swiss Data Protection Act (FADP). If personal data is processed by persons who can invoke their local data protection laws – in particular the General Data Protection Regulation (GDPR) – we will also comply with these rules if and when they apply to us. We will grant data subjects the rights to which they are entitled to under the applicable law.

In the event of any discrepancy between this privacy policy and the general terms and conditions or other agreements that exist between you and us, the latter shall take precedence, if applicable.

2. CONTROLLER

As controller Secure Link Services Ltd, (The Circle 37, 8058 Zurich-Airport, Switzerland, legal (at) selise.ch) is responsible for data processing in accordance with this Privacy Policy, unless otherwise stated in a service agreement.

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal right, please contact the DPO using the following contact details: Yves Gogniat, legal (at) selise.ch.

In the event you have data protection concerns or questions, in particular if you wish to exercise your rights, you can contact the above contact address.

We are part of a group with different subsidiaries, which is controlled by Secure Link Services Ltd (SELISE Group).Therefore, data processing may be carried out not only by us, but also by other companies of the group where appropriate.

3. WHAT DO WE UNDERSTAND BY PERSONAL DATA?

For the purposes of this Privacy Policy, personal data or personal information means any information relating to an identified or identifiable natural and legal person (hereinafter “data subject”). This includes, for example, your name, e-mail address, IP address or telephone number.

      • Personal data also includes information about your use of our website. In this context we collect personal data from you as follows:
        Information about your visits to our website, such as the extent of data transfer;
      • the location from which you access data on our website;
      • and other connection data and sources you access.

This is usually done through the use of log files and cookies. More information about log files and cookies can be found below.

If you provide us with personal data of other persons (e.g., family members, coworkers), please ensure that the respective persons are aware of this Privacy Policy and only provide us with their personal data if you are allowed to do so and such personal data is accurate and up to date.

4. WHEN DO WE COLLECT YOUR DATA?

In general, personal data can be collected, used, stored, erased or transferred (“processing”) whenever we contact you, you interact with us, communicate with us or obtain services from us.

In the course of your business relationship and interaction with us, we will collect personal data directly from you. We may also collect personal data from other sources (e.g., public registers, the Internet, other Group companies, from authorities, from third parties or credit rating agencies, etc.).

We will be in contact with you under various circumstances, in particular we may collect personal data in the following situations. The following list is only an exemplary overview:

      • The creation or editing of your member profile;
      • The ordering of services from us;
      • Communication with us;
      • You make use of our customer support;
      • You receive a newsletter or other advertisements concerning our services;
      • You contact us via our contact form; or
      • Communicate with us by telephone, fax, e-mail, voice messages, text messages, video messages, chat, or instant messaging.

5. WHICH PERSONAL DATA DO WE PROCESS?

As part of our business activities and the performance of services, we process various personal data for different purposes. Depending on the service, we collect such data either automatically or manually. 

In particular the following categories of personal data may be collected and processed by us:

      • Personal and contact information, including, but not limited to; first and last name, residential or business address, billing address(es), shipping address(es), telephone number, email address, date of birth, gender, occupation, etc;
      • data relating to the business relationship with you.
      • Also relating to offers, requests for quotations, agreements, financial solvency, claims, other personnel involved in the business relationship
      • Data in connection with products and services marketing, in particular regarding information such as opt-in and opt-out for newsletters, documents received, invitations to and participation at events and other activities, as well as preferences and interests in general;
      • Data in connection with the use of a website, apps, and our other offers, in particular IP address and other identifiers (e.g., MAC address and other identifiers of smartphones, computers or other devices, cookies, etc.), date and time of visits, websites and content visited, linked websites;
      • Data relating to communication, such as preferred means of communication, correspondence and communications with us and other entities of the Group, etc;

6. FOR WHAT PURPOSES DO WE USE THE PERSONAL DATA?

We or other group companies process your data primarily to provide our services and contractual obligations to you. In addition to our customers, personal data of users, suppliers and subcontractors may also be processed. If you work in any capacity for customers or business partners (e.g., as an employee), your personal data might also be processed in connection with the below listed purposes. We are committed to minimize data processing to the minimum necessary amount. Yet, your data may be processed for various purposes. 

In addition to processing for the purpose of providing our services and fulfilling contracts, we process your personal data in particular, but not limited, for the following purposes:

Depending on the applicable law, the processing of personal data may require us to state a legal basis. Therefore, we have added a reference to a legal basis for each purpose.

In connection with the use and performance of our services, we process your personal data for the following purposes:

      • business planning;
      • the execution and processing of offers;
      • The exchange of information;
      • In connection with the conclusion of a contract;
      • A credit assessment;
      • For the performance, delivery, and processing of services;
      • The organization and implementation of customer support;
      • For internal coordination or for the coordination with sub-contractors.

 

The data processing is based on the performance or pre-contractual measures of the contract and on a legitimate interest of ours (to keep our records updated and to avoid or recover debts due to us).

In connection with communication, we process personal data for the following purposes:

      • To communicate with you when you contact us (e.g., via a contact form or chat);
      • To communicate important information, such as changes to our terms and conditions, adjustments to services or prices that directly affect customers;
      • To administer and carry out customer communications by post or via electronic means of communication.
      • To communicate with third parties and process their requests (e.g. applications, media enquiries).
      • To maintain and develop customer and other business relationships;
      • Within the scope of acquiring new customers;
      • For the communication of events, promotions, advertising, and marketing (including the sending of newsletters or other electronic messages; this is described in more detail below under Newsletter)].

 

The data processing is based on the performance or pre-contractual measures of the contract and on a legitimate interest of ours. By contacting us directly you implicitly consent to the processing of such data for the purpose of communicating with you.

We may process personal data for the purpose of operating, analyzing and further developing our services, in particular our digital offerings:

      •  The development, operation, administration, and maintenance of our digital offers require or might lead to the identification and the processing of personal data.
      • For the analysis of our digital offers (websites, online platforms, and apps);
      • For evaluations concerning the services we procure and general customer behaviour;
      • For statistical evaluation on the basis of anonymised user data.
      • For market and opinion research, media monitoring.

 

The data processing is necessary for our legitimate interests (to study how customers use our products/services, to develop them, grow our business, to keep our digital offers updated, to innovate, and to and to inform our marketing strategy).

We also process personal data to protect you and your personal data, to generally ensure adequate data security, to comply with regulatory and legal requirements and to effectively combat fraud:

      • To ensure secure operations;
      • To monitor the general terms and conditions, the general rules of conduct, and the legal requirements;
      • To monitor and control access to our digital services;
      • For general risk management;
      • Asserting legal claims and defending in connection with legal disputes and official proceedings;
      • To prevent and resolve criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud).

 

The data processing is necessary to comply with a legal obligation or our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud or misuse of our websites or apps.

For other purposes, where there is legal obligation to process data, if such processing was recognizable from the circumstances or appropriate at the time of collection.

7. WHEN DO WE SEND OUT A NEWSLETTER?

There are two reasons why you may receive direct marketing communication and advertising (e.g., newsletters) from us via means of telecommunications (e.g., e-mail or SMS). 

Either you have registered yourself (e.g., for a newsletter) or we have received your contact information when you purchased services from us. If you, as a customer, do not wish to receive such information, you always have the option to opt-out. You can either write to us to the above contact information or click directly on the unsubscribe link in the marketing message.

If you subscribe to our newsletter through our signup field you will receive an email containing a hyperlink immediately after signing up. By clicking on this link, you confirm your newsletter registration (double opt-in method). If this registration confirmation is not received within one week, we will delete the e-mail address from our temporary list and a registration will not have taken place.

By confirming the newsletter registration, you give your consent to the storage of your e-mail address including the date of registration, IP address and the list name of the desired newsletter. We use your e-mail address and the simultaneously collected personal data such as first name and surname only for the administration and the sending of the chosen newsletter.

Each newsletter contains a note on how you can unsubscribe from the newsletter.

8. HOW DO WE USE INFORMATION ABOUT YOUR COMPUTER AND COOKIES FOR TARGETING AND ANALYSIS?

Every time you access our website we collect information about your device such as the IP address of your device, the request from your browser and the time of this request. In addition, the status and the amount of data transferred as part of this request are recorded. We also collect product and version information of the browser and the operating system used. The IP address of your device is only stored for the time you use the website and is then immediately deleted or anonymized through shortening. 

Our websites and apps also use cookies or comparable tracking technologies (“Cookies”).

Cookies are a widely used technology and is a small file that is sent to your computer or automatically saved on your computer or mobile device by the web browser you use when you visit our website . If you revisit this website or open our app again, we will recognise you, however, we will not know who you are. A Cookie typically contains the name of the domain from which the cookie data was sent, information about the age of the Cookie, and an alphanumeric identifier. The Cookies we use store information about your use of our website. This is not done by identifying you personally, but by assigning an identification number to the Cookie (“Cookie ID”). The Cookie ID is not merged with your name, IP address, or similar data that would enable the cookie to be assigned to a person.
we use session cookies which are automatically deleted when you close the website [or app]. Such cookies enable the server to establish a stable connection and enable stable use. Additionally, we can also use permanent cookies that are only deleted after a period of time as defined by us. Permanent cookies allow certain settings (e.g., language preferences or login settings) to be saved for several sessions. We use the collected data to improve our websites, [Apps] and our services. Furthermore, permanent cookies allow us to tailor offers and advertising to you (which may also happen on websites of third parties however, they will then not find out from us who you are, if we know this at all, because they will only see that the same user is on their website who was on a particular page with us).

We may also insert codes in newsletters and other marketing emails that allow us to determine whether the recipient has opened a particular email or downloaded images contained in the email.

By using our websites or by agreeing to receive newsletters and other marketing emails, you agree to the use of such analytic technologies. If the applicable law requires active consent, consent is first obtained, e.g., via a cookie banner. If you do not wish to do so, you can block the use of cookies in your device at any time or delete the cookies , but this may affect your use of our services. Some of our websites offer the additional option to choose your preferences directly on the website.

9. SOCIAL MEDIA

We may also use so-called plug-ins from social networks such as Facebook, Twitter, YouTube, LinkedIn, Pinterest or Instagram on our websites. The usual company symbols of the respective providers are used for identification.

All embedded social plugins use the two-click process. This means that the recording of your patterns via a plugin will only start if you activate a plug-in. If you are logged into a social media account while using our website this plug-in will register the visit on our website on the first click and can match it to your account. As soon as such a plug-in is activated, the respective social network can recognise and record your visit as well as movement within the website. The social network may use the information collected for its own purposes and the processing of the data is carried out in accordance with the social network’s privacy policy. We do not receive any personal data or other information from any of the networks.

10. WHAT HAPPENS WHEN I VISIT THIRD-PARTY WEBSITES

This website and apps may include links to hyperlinks to and from third-party websites plug-ins. Clicking on those links or enabling those connections may allow third parties to collect or share data regarding you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our website, we encourage you to read the privacy policy of every website you visit.

11. WHEN DO WE DISCLOSE PERSONAL DATA TO THIRD PARTIES?

In certain situations, we may transfer personal data to third parties or third parties who support our processing activities (as set out in section X above). If applicable and insofar a transfer is permitted, third parties may process the personal data received for their own legitimate purposes in accordance with their privacy policy. 

We transfer personal data as per the following categories:

      • Service providers and processors who provide services and data processing for us in accordance with our instructions. For example, this may be the operator of an external data center or other IT providers. A processor may also be a company within the group of companies;
      • Other group companies which process personal data jointly or for their own purposes;
      • Distributors, suppliers, subcontractors and other business partners;
      • local, national and foreign courts, bodies, agencies and authorities;
      • other parties in potential or actual legal proceedings;
      • buyers or parties interested in acquiring businesses, companies or other parts of SELISE Group.
      • trade organisations, associations, organisations

We only transfer personal data if necessary for the provision of a specific service or a specific purpose. Third parties process personal data in accordance with our instructions and only for the purpose specified by us. In addition, such processors must implement appropriate organizational and technical measures to ensure data security. An exception to this may be third party service providers (e.g. payment processing) to whom we redirect you directly in the course of providing services.

We or third parties generally process your personal data in the EU and in Switzerland. In certain situations or for certain services, personal data might also be processed in a third country.

In particular, you must expect your data to be transmitted to any country in which the Company is represented by affiliates, branches or other offices as well as to other countries where our processors are located.

If the personal data is processed in a third country where the level of data protection is deemed inadequate, we will ensure an adequate level through a contractractual agreements (particularly on the basis of the European Commission’s standard contractual clauses), corporate binding rules, or other measures permitted by law so that an adequate level of data protection is ensured. We may also transfer personal data based on the exception of explicit consent, of processing of a contract, for the establishment, exercise or enforcement of legal claims, of overriding public interests, or because the transfer is necessary to protect the physical integrity of the data subject.

We may also disclose information when necessary or requested by authorities in defense of our rights or property, including the safety of our products and services. You can obtain a copy of the above-mentioned contractual guarantees from the above-mentioned contact person at any time, unless available under the link above. However, we reserve the right to anonymize copies for reasons of data protection or confidentiality or to supply only extracts.

12. HOW LONG WILL YOUR DATA BE STORED?

We store the personal data for as long as it is necessary to achieve the respective purpose. It is possible that personal data is stored for the time during which claims can be made against our company and insofar as we are otherwise legally obliged to do so (e.g. bookkeeping obligations) or justified business interests require it (e.g. for the execution of the contract but also for evidence and documentation purposes in the event of a subsequent legal dispute). As soon as we no longer need the concerned personal data, we will delete/destroy it. The personal data will be deleted/destroyed at the latest when the statutory retention period has expired. 

If we collect your IP address, it will only be stored for the time of your use of the website and then immediately deleted or made anonymous by shortening it.

13. IS THE DATA STORED SECURELY?

We use an external data center for the operation of our services and the storage of our data. We have carefully selected and instructed this center and regularly monitor compliance with the defined security measures. We have instructed the processor to ensure the protection of data by implementing appropriate security measures and storage in secure servers. 

We have appropriate technical and organisational measures against loss, destruction and misuses implemented. In addition, your personal data is protected against access, alteration or misuses by unauthorized persons (e.g. via access controls and access restrictions as well as internal instructions). The data transfer of sensitive data is encrypted and can take place via various channels, including the Internet.. Although we take all appropriate and reasonable security precautions, you must be aware that access and transfer of data via the Internet always involves a certain security risk and that we can therefore not guarantee absolute security.

14. WHAT RIGHTS DO I HAVE AS A DATA SUBJECT?

Regarding the processing of your personal data, you are entitled to your rights in accordance with the applicable law. You have a right of information and, if necessary, you might demand the correction and | or deletion and|or blocking and | or transfer of your data. You may, in certain cases, request to restrict processing and have a right of objection and a right to data transfer. If you wish to exercise one of your rights and | or receive more detailed information on your rights, please contact the above-mentioned contact address.

Information requests will usually be answered within 30 days of receipt. 

Every data subject also has the right to enforce your rights in court or to lodge a complaint with the competent data protection supervisory authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

15. HOW CAN THIS PRIVACY POLICY BE CHANGED?

We reserve the right to change this privacy policy at any time. The current version published on our website shall apply. Please visit the Website regularly to review the applicable privacy policy. In the event you have an existing business relationship with a current email address, you will be notified about a revised version before the effective date.

 

Last Updated: April, 2021