Privacy policy
1. content
-
Contents
-
Introduction
-
Responsible body
-
Personal data and proper handling
-
Our handling of technologies
-
Publication and forwarding of data
-
Protection of your personal data
-
Sending e-mail to you, links to other websites
-
Your rights in connection with personal data
-
Order data processing
-
Changes to this privacy policy
2. Introduction
This privacy policy of easydoo AG (hereinafter referred to as "easydoo") informs you, as a customer and user of our services, websites, offers and products (hereinafter referred to as "services" or "software") about the acquisition and processing of your data (personal data as well as non-personal data; hereinafter also referred to as "data"). Furthermore, we inform you about the duration of the processing of your data, the legal basis of the processing - if such is necessary - as well as about the rights you have vis-à-vis us with regard to the processing of your personal data. This privacy policy applies to all your data that we already have or that we will have in the future. Please read this Privacy Policy carefully. Terms such as "we", "us", "our", etc. in this document refer to easydoo AG. Terms such as "you", "your", "your", etc. refer to you as a user of easydoo.
3. Responsible body
Responsible for the data processing in accordance with this privacy policy is easydoo AG, in Egnach, Switzerland.
For concerns and inquiries in connection with data protection, please contact our internal data protection office, which can be reached at info@easydoo.com.
As an additional point of contact in the EU, our data protection representative is available to you and the supervisory authorities. Requests can be submitted by e-mail to info@datenschutzpartner.eu or by post to the following address:
VGS Datenschutzpartner UG
Am Kaiserkai 69
20457 Hamburg
Deutschland
4. Personal data and proper treatment
4.1. Origin of data
We collect certain data when using our software and in contact with easydoo, e.g. when visiting our websites, another of our digital services, when concluding a contract, when registering and logging into the user account, or when contacting our employees.
In principle, we collect this data from you directly. In certain cases, we may receive information from other individuals; e.g. if a third party makes a recommendation or invites you to use our services, if your employer or association provides us with your contact details for the use of our software, or if a company or a third party with whom you have a contractual relationship forwards your personal data to us.
4.2. What is personal data?
The term "personal data" used here includes all information that is or can be assigned to you as a user of easydoo. Regardless of whether they were entered by you, collected from you or obtained by us in any other way.
However, the term "personal data" within the meaning of this Privacy Policy does not include the personal data entered by you in the easydoo application and managed by you there (hereinafter also referred to as "customer data"). Such customer data is therefore not the subject of this document. If you provide us with personal data of other persons (e.g. email, name, etc.) Please make sure that these individuals are aware of this Privacy Policy and only share their personal data with us if you are entitled to do so under applicable data protection law.
4.3. Proper processing of personal data
easydoo is responsible for monitoring all your personal data. This applies to the data that we collect, process and use in connection with your use of easydoo or in any other way.
However, we are not responsible for monitoring customer data. We collect, process and use customer data exclusively in our capacity as data processors on behalf of the respective user and in accordance with the applicable Swiss data protection laws.
If you use our services, in particular our software, as an "administrator" or "super administrator" or invite third parties to participate in our services, we also assume that you are the sole controller of personal data in the areas you manage (also known as "workspaces" or "workspaces") in relation to easydoo within the meaning of data protection law. You are therefore responsible for the lawfulness of the collection, processing and use of customer data in accordance with the statutory provisions. By doing so, you ensure that you are entitled to commission easydoo and to transmit customer data to easydoo as a data processor in this context. The provisions on commissioned data processing can be found in section 10.
4.4. How we handle your data (purpose of processing)
We collect, process and use your personal data for the following purposes:
1. To administer, operate, maintain and improve easydoo;
2. To provide you with an individual, personalized experience in using easydoo;
3. To assess your eligibility for certain types of offers;
4. To support the improvement and personalization of easydoo and our services;
5. For analysis and research on customer behavior;
6. To respond to your inquiries related to easydoo;
7. To communicate with you about other matters; for example, sending reminders, technical news, updates and service bulletins;
8. In the event of problems, the error log will be transmitted to us by the user. This only happens with the explicit consent of the user. The type of data is described in Chapter 4.5 "Types of data collection".
9. To comply with legal obligations; counteract the unlawful use of easydoo; resolve disputes and enforce our contractual agreements;
10. For other purposes to which you have consented in individual cases;
11. In any other way to the extent permitted by applicable law.
Where required by law, we will ask for your consent before collecting, processing and using your personal data for the purposes set out above. If we wish to use your personal data for any other purpose, we will also let you know. We will only use this if it is required and permitted by applicable law or if you have given your consent.
For the above-mentioned purposes, only easydoo AG and its subcontractors (subcontractors/Drittdienstleister.pdf) have access to your personal data.
In order to use our services, you may be required to provide certain personal data that is necessary or required by law for the establishment and processing of the contractual relationship and the fulfilment of the associated contractual obligations. Without this data, we will not be able to conclude and execute the contract or grant you the license of our software. It is also necessary to log access to our digital services and the associated collection of connection data (such as the IP address). This is done automatically during use and cannot be turned off for individual users. Therefore, if you do not agree with the collection of such data, you should refrain from using our services.
4.5. Types of data collection and categories
Personal data that we collect, process and use in connection with easydoo and the mobile application does not only include information that we actively collect while you interact with us. They also concern information that you voluntarily provide to us on various occasions via easydoo. As a result, it is not possible to compile a complete list of all types of personal data. In general, they include the following information:
-
Data that is provided to us when registering for our services, e.g. surname, first name, contact details, date of birth, job title, photo, employees, language and language settings, payment information, access data such as user name and password – stored in encrypted form, information on advertising, opt-ins and opt-outs, etc.
-
Data relating to offers and concluded contracts, e.g. contract date, type, content, product, parties, duration, value, adjustments, payment details, contact details, contact persons, billing and correspondence addresses, customer feedback, cancellations, disputes, etc.
-
Data that is collected or provided when registered and non-registered users use our services. This includes, but is not limited to, the IP and MAC address or device ID of the device used, cookies, pages accessed by users and search terms entered, input dialog boxes, calendar entries and any information contained in calendars, contact details, ratings, time and duration of visits, clicks, reactions to offers from easydoo or third parties, speaker/exit URL, information on the time of use, browser and device type as well as operating system and Internet used Service provider, amount of data transferred. We may merge personal data from one of our services with data from another service.
-
Data exchanged in or in relation to contact with us, e.g. communication by letter, telephone, e-mail, text and picture messages (SMS/MMS), video messages or instant messaging, responses to communication and offers from easydoo, preferred communication channels, etc.
-
Certain services may collect and store location-based data if the geolocation function of the device used is activated.
-
Data provided to us by third parties with whom we have business relationships, e.g. directory entries, address databases, changes in database entries, creditworthiness data, details of internal company contacts, etc.
-
Data that you or third parties disclose when participating in competitions, surveys and the like.
-
Data from public sources, e.g. commercial register entries, other telephone directories, etc.
-
Data relating to a third-party identity authentication provider (including Google's OpenID and Sign in with Apple, see Subcontractors and Third-Party Service Providers)
5. Our use of technology
5.1. Use of app cookies
We use a variety of common technologies to collect, store, and evaluate information when you use our Services. These include, in particular, cookies that can be used to identify your browser or device. Cookies are small text files placed in your browser directory. When a website is accessed, a cookie placed on a device sends information to the browser. Cookies are very common and are used on a variety of websites. In addition to so-called session cookies, which are automatically deleted after a visit to our services, we also use temporary and permanent cookies, which remain stored on your computer or mobile device for a longer period of time. The purpose of these cookies is to improve the performance of the website and the user experience. However, cookies can also be used for advertising purposes. You can change your cookie settings or refuse to accept cookies altogether. In this way, you limit the amount of personal data we receive. Please keep in mind, however, that you may not be able to benefit from some of the functions and features of the website and easydoo, or you may even not be able to use the solution depending on your settings.
5.2. How can you remove cookies?
It is possible to disable all or some cookies in the browser. Here you will find instructions on how to manage your cookies on different platforms.
1. Google Chrome
2. Microsoft Edge
3. Firefox
4. Opera
5. Safari
6. Safari iOS
7. Android
8. Blackberry
Please note that disabling cookies may affect the functionality of our services.
5.3. Cookies and technologies used
In addition to cookies, we may also use other technologies (e.g., pixels, web beacons, tags, advertising IDs) to analyze the use of our services, personalize our services, and display offers and advertisements tailored to you. When sending newsletters and e-mails, for example, we may use technologies that allow us to analyze which content is of interest to our user and whether, when and how you respond to our offers (e.g. by downloading images in an e-mail, clicking on URLs in an e-mail or on a website, filling in form data, etc.). We assume that by using such functions, you consent to the use of such technologies.
Finally, we use various common web analysis and tracking tools to measure and evaluate the use of our services. Such tools, which are mostly provided by third parties, provide us with information and statistics about the use of our services, which help us to better understand the use of our services and adapt them according to user needs.
A list and all further information on the individual cookies, the technologies used and the web analysis and tracking tools used, as well as any options available to deactivate or block their use, can be found under the following link (Cookies.pdf).
5.4. Use of social media plugins and integration of third-party offers
We integrate plugins from social networks (e.g. Facebook, Google Plus, YouTube, Twitter) into our services. These plugins make it easier to share content on these platforms.
When visiting our services that contain such plugins, a connection to the server of the respective provider can be automatically established. In doing so, certain data (such as time of visit to the service, browser type, IP address) is collected and stored by the service. If you have a user account with one of these providers, they can assign this information to your profile. If you also interact with these plugins (e.g. by clicking on the "Like" button or by submitting a comment), this information will also be transmitted to this provider, stored there and, if necessary, published. When using identity authentication (e.g. Facebook Connect, OpenID or Apple), the provider may transmit personal data such as name, e-mail address and profile picture that it has stored about you.
A list and all further information on the individual social media plugins and third-party offers can be found under the following link (Socialmedia.pdf / Drittdienstleister.pdf).
Please note that the data processing of these third parties is subject to their terms of use and data protection.
6. Disclosure and disclosure of data
6.1. Disclosure of personal data
We may commission third parties to provide certain services, e.g. in the areas of IT, operation of applications, administration, printing, mailing, etc., and to process and store data (so-called "contract data processors"). Data processors may have access to personal data and process it on our behalf. In doing so, we oblige the processors to comply with data protection law and to process data only in the same way as we do it ourselves. Data processors who may receive personal data may be located in any country, in particular in Switzerland, EU and EEA countries, or in the USA, Canada. Third-party service providers may also process data in the United States, among other places. We would like to draw your attention to the fact that, in the opinion of various European data protection authorities and the European Court of Justice, there is currently no adequate protection for the transfer of data to the USA, which may involve various risks for the security and lawfulness of data processing. In doing so, we take into account the recommendations and information provided by the national data protection officer, the Federal Data Protection and Information Commissioner (FDPIC).
We do not sell, trade, or rent your personal information. Any communication of personal data will be carried out in strict compliance with the applicable legal provisions. The possible recipients of your personal data are listed below (but are not exhaustive):
1. easydoo AG
2. Third-party service providers and subcontractors (Drittdienstleister.pdf)
3. Courts, enforcement and supervisory authorities
We share personal information where we believe it is necessary to comply with the law or the security of our website or to protect third parties from fraud.
7. Protection of your personal data
7.1. What do we do to protect?
easydoo AG is aware of the importance of data security and data protection. That's why we have made the use of easydoo as safe as possible. We have put in place appropriate safety precautions. This includes technical and organisational measures against unauthorised access, improper use, modification, unlawful or accidental destruction as well as accidental loss, both online and offline.
If personal data that is not already public is transferred to a country without adequate data protection, we ensure adequate data protection by using sufficient contractual safeguards, in particular on the basis of the EU Standard Contractual Clauses, Binding Corporate Rules, or we rely on the exception of consent, contract processing, the establishment, exercise or enforcement of legal claims, overriding public interests or because it is necessary to protect the integrity of a data subject. Where required by applicable data protection law, you may obtain a copy of the contractual guarantees in relation to your personal data from our DESIGNATED DATA CONTROLLER or find out where such a copy can be obtained. We reserve the right to redact such copies for data protection reasons or for reasons of confidentiality.
We must also point out that, despite all our efforts to protect your personal data from possible risks and dangers on the Internet, there is no such thing as absolute security. Therefore, we ask you to support our IT security efforts and not to disclose any sensitive or unneeded data via easydoo. In addition, you can help us protect your personal information by logging out when you leave an area protected by user login.
7.2. Retention of your data
We retain personal data for as long as it is necessary for the purpose for which we collected it. Individual personal data is also subject to legally binding retention obligations of ten years or more, which we must comply with. We may also retain personal data for at least the duration of the applicable statute of limitations, which is usually five or ten years. Personal data that arises in connection with the use of our software (e.g. logs, logs, analyses, etc.) and that are not subject to such retention or limitation periods are usually deleted earlier as soon as we are no longer interested in processing them. Data can also be stored for a longer period of time in anonymized form. Subject to an explicit contractual agreement, we are under no obligation to you to retain data for a specific period of time.
8. Sending e-mails to you, links to other websites
8.1. Sending e-mails
We may send you emails for a variety of reasons, such as:
1. You have subscribed to receive communications in connection with easydoo as part of the subscription agreement.
2. We will contact you regarding a request made to us.
3. We would like to provide you with important information, such as updates, privacy notices, warnings, etc.
4. You have subscribed to our newsletter and/or signed up to receive other marketing information.
9. Your rights in relation to personal data
You have the right to receive information about the personal data that we store about you free of charge upon request. In addition, you have the right to have incorrect data corrected and the right to have your personal data deleted, provided that this does not conflict with a legal obligation to retain data or a permission that permits us to process the data. The exercise of such rights usually requires that the data subject can clearly prove his or her identity.
If the processing of personal data is based on consent, the consent can be revoked by you as the data subject at any time. In countries of the EU or the EEA, you have the right in certain cases to receive the data generated when using online services in a structured, commonly used and machine-readable format, which enables further use and transmission. Requests related to these rights should be addressed to info@easydoo.com. (see point 3 above).
We reserve the right to restrict your rights within the scope of the applicable law and, for example, not to provide complete information or not to delete data. We would also like to draw your attention to the fact that if you delete your personal data, all or part of our services will no longer be available or can be used.
Every data subject has the right to lodge a complaint with the competent data protection authority. In the case of a controller in Switzerland, this is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
10. Order data processing
10.1. Responsible body
Insofar as you provide us with personal data, which we process as a data processor, you remain the sole responsible party in relation to us within the meaning of data protection law. You are therefore responsible for the lawfulness of the collection, processing and use of this personal data in accordance with the statutory provisions.
10.2. Supplementary provisions on commissioned data processing
10.2.1 We process the personal data provided to us by you for processing (in particular names and contact details, data on the relationship between you and your contractual partners, other characteristics relating to these persons as well as the other personal data transmitted to us by you in the context of the contractual use of our services) during the term of the contract for the provision of the contractual services. On your behalf, we store and process this personal data on our systems.
10.2.2 easydoo processes the personal data, subject to mandatory statutory provisions, exclusively for the performance of the contract, only for the purposes and only in accordance with your documented instructions. Your instructions are primarily based on the contract between us and you as well as on the way in which you use the services of easydoo.
10.2.3 We ensure that all persons of easydoo and the third-party service providers who are authorised to process personal data undertake to maintain confidentiality unless they are subject to an appropriate statutory duty of confidentiality.
10.2.4 In order to protect personal data, easydoo implements appropriate technical and organisational measures that comply with the requirements of the Swiss Data Protection Act and Art. 32 of the European General Data Protection Regulation (GDPR).
10.2.5 easydoo will support you, as far as reasonably possible, by means of appropriate technical and organisational measures in fulfilling the obligation to provide information to the respective data subject as required by the applicable data protection law. We will also respond to your requests regarding the rights of the data subject.
10.2.6 easydoo will inform you immediately if we come to the conclusion that any of your instructions regarding the processing of personal data could violate the applicable data protection law.
10.2.7 easydoo supports you with regard to the obligations incumbent on you under the applicable data protection law, for example Art. 19 to Art. 24 DSG or corresponding provisions of the GDPR (Art. 32 to 36 GDPR). easydoo informs you immediately of a data breach within easydoo's area of responsibility. easydoo is entitled to invoice the customer for the costs and expenses arising from the provision of services.
10.2.8 easydoo will provide you with the information you reasonably need to ensure compliance with the provisions of this Section. 10.2 can be adequately documented by us. Where this is absolutely necessary under the applicable data protection law and the information provided by us alone is not sufficient, easydoo permits you to carry out inspections at your expense by yourself or by an inspector accepted by us, commissioned by you and bound to secrecy, to the extent legally necessary. You agree that such inspections do not interfere with the normal operation of easydoo and the subcontractors concerned. In addition, such inspections are only to be carried out after prior consultation with us and during easydoo's usual operating hours. Finally, such inspections must not compromise the protection of secrets and personal data of other customers of ours.
10.2.9 easydoo may outsource the processing of personal data to third parties ("sub-processors"), in particular for the purposes of operating, developing and maintaining easydoo's IT infrastructure used to provide services. You hereby consent to such outsourcing. An up-to-date list of the sub-processors we use can be viewed here (third-party service providers/Subunternehmer.pdf). easydoo is entitled to make changes to this list and will inform you about this in an appropriate manner (e.g. by posting a modified list on our website). You can object in writing within a period of 30 days to the appointment of a new sub-processor or the replacement of an existing sub-processor for important data protection reasons. If there is an important reason under data protection law, and if an amicable solution between the parties or a (commercial) adjustment of the main contract is not possible, you will be granted a right of termination with regard to the service affected by this.
10.2.10 easydoo shall be entitled to provide the customer with a claim on the basis of the provision of services pursuant to No. 10.2.5, 10.2.7 and 10.2.8 and to invoice expenses incurred and expenses incurred in the amount of CHF 280.00 per hour (plus VAT) without any other agreement with the customer. to be invoiced.
11. Changes to this Privacy Policy
As our business is subject to constant change, we will regularly revise our privacy policy. easydoo may amend the privacy policy at any time to reflect changes in the law, changes in the handling of data or adjustments to business activities. The updated Privacy Policy will be posted on easydoo.com.
© easydoo AG, Version 001.06 / August 2023
easydoo AG
Moosholzzelg 9
CH-9322 Egnach