About
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
In 2004, David Syz returned to the private sector, but spends much of his time making documentaries about various facets of the global economy.
Data Protection at Ecodocs
Here you will find everything about what we know about you, or what we need to know, such as when, where, and which data we register from you, what we do with this data, how we process it, to whom we have to pass it on, when we delete it again, and what you can do against it. We, Ecodocs Foundation, our affiliates, and our subsidiaries (hereinafter also "we" or "us") take data protection very seriously. We try to collect as few personal data as possible, only those that can actually be used for the provision of our services and products, and to refrain from everything unnecessary.
1. What it is about
We, the Ecodocs Foundation based in Zollikon, Switzerland, as well as the affiliated companies appearing under this web presence in accordance with the imprint (hereinafter also "we" or "us"), take data protection very seriously.
We respect the applicable legal provisions on data protection.
We collect and process personal data (hereinafter also "data") in accordance with this privacy policy.
We basically observe the principle of necessity, according to which we only collect and process as much data as is necessary for the purpose of fulfillment.
In the course of our business activities, we collect and process data, in particular personal data about our customers, affiliated persons, visitors to our websites, participants in events, job applicants, recipients of newsletters, and other third parties (hereinafter also "you").
In addition to this privacy policy, we may inform you separately about the processing of your data (e.g., in forms or contract terms).
If you provide us with data about other people, we assume that you are authorized to do so, that this data is accurate, and that you have ensured that these persons are informed about this disclosure, to the extent that there is a legal obligation to inform (e.g., by providing them with this privacy policy in advance).
For information about offers, terms, and the handling of personal data from other offers and services (such as third-party websites and social media), please contact these providers directly.
2. Who is responsible
For the processing described in this privacy policy, the following is data protection legally responsible:
Ecodocs Foundation, Dufourstrasse 21, 8702 Zollikon, Switzerland
+41 43 499 66 41, rc@buerocorrodi.ch
3. Which law is applicable
Our data processing is subject to Swiss data protection law.
For visitors residing in the European Union ("EU") and the European Economic Area ("EEA"), the following applies: Switzerland and the EU, including the EEA, recognize their data protection laws as equivalent. In certain cross-border cases, EU law, particularly the EU General Data Protection Regulation ("GDPR"), may additionally apply to specific data processing.
We do not assume that the GDPR is applicable to the data processing by us. However, should the GDPR exceptionally apply to certain data processing, the following provisions apply exclusively for the purposes of the GDPR and the data processing governed by it:
3.1. Details on the applicability and enforcement of the GDPR
In the event the GDPR is applicable, we base the processing of your personal data on the following requirements:
Requirement for the acquisition, conclusion, and fulfillment of contracts and their management and enforcement (Art. 6 Para. 1 lit. b GDPR),
Requirement to protect our or third-party legitimate interests, e.g., for communication with you or third parties, in order to operate our websites, improve our electronic offers or services and register for specific offers and services, for security purposes, for compliance with the law and internal regulations, for our risk management and corporate governance, and for other purposes such as training and education, administration, evidence and quality assurance, organization, implementation, and follow-up of events and to protect other legitimate interests (Art. 6 Para. 1 lit. f GDPR),
Legal requirement or legal permission based on our mandate or our position under EU law, EEA law, or the law of an EU member state (Art. 6 Para. 1 lit. c GDPR) or requirement to protect your vital interests or those of other natural persons (Art. 6 Para. 1 lit. d GDPR);
Your consent to the processing, e.g., through a corresponding declaration on our websites (Art. 6 Para. 1 lit. a and Art. 9 Para. 2 lit. a GDPR).
Furthermore, you have all the rights granted to you by the GDPR in this regard (in addition to the practically equivalent rights under Swiss data protection law): you can request the following actions from us regarding your personal data that we store and process:
Information about this, pursuant to Art. 15 GDPR;
Correction, as far as the data is incorrect, pursuant to Art. 16 GDPR;
Deletion, pursuant to Art. 17 GDPR; or restriction thereof if it cannot be deleted, pursuant to Art. 18 GDPR (then they will be marked for restriction of future processing); both subject to overriding legitimate interests on our part or based on legal provisions that require us to retain and use the data;
Right to object regarding the use of your data; subject to overriding reasons against this objection or if we need the data to protect our rights;
Release of the data that you provided to us based on your consent, pursuant to Art. 20 GDPR.
The aforementioned right to object to the processing of your data applies particularly in the context of data processing for the purposes of direct marketing.
If you do not agree with our handling of your rights or data protection, please let us know (see contact details above). If you are in the EEA, you also have the right to complain to the data protection supervisory authority in your country. A list of authorities in the EEA can be found here: https://www.edpb.europa.eu/about-edpb/about-edpb/members_de#member-de.
4. What data do we store
We primarily process personal data that we receive directly in the context of our contractual relationships with our customers and users. In addition, we may obtain, collect, or process data from business partners or other involved persons. To the extent permitted and necessary, we also obtain data from publicly available sources (such as public registers, media, internet) or receive such data from our customers and their employees, authorities, and third parties (such as business and contractual partners of our customers).
In addition to the data that we receive directly from you, the categories of personal data that we receive from third parties include, but are not limited to:
Inventory data (e.g., names, addresses, functions, organizational affiliation, etc.)
Contact data (e.g., email addresses, phone numbers, etc.)
Content data (e.g., text and image files, videos, etc.)
Usage data (e.g., access data)
Meta/communication data (e.g., IP addresses)
Information that you voluntarily disclose to us based on our contractual relationships
Information related to your professional functions and activities
Information about you in correspondence and meetings between us or with third parties (e.g., via communication by phone, email, or otherwise)
Information via configuration of your user settings, access permissions for data, or other interactions with us
Registration for or participation in an event
Filling out questionnaires, support tickets, or other forms for information requests
If you do not provide us with certain personal data, this may result in the provision of the related services or a contract not being possible. We will specify the personal data that must be provided.
5. Where do the data come from
5.1. Data from you
Many of the data we process are provided by you directly (e.g., when using our website, in connection with our services for you, or communication with us). Some of this data is also automatically transmitted to us by your device. You are only obligated to disclose your data in exceptional cases. However, if you wish to enter into contracts with us or claim our services, you must provide us with certain data. Additionally, the use of our website is not possible without a minimum of data collection and processing.
5.2. Data from third parties
We may also obtain data from publicly available sources (e.g., media or the internet, including social media platforms, public registers, online research, etc.) or receive it from authorities, your employer or client who has a business relationship with us or otherwise interacts with us, as well as from other third parties (e.g., address traders, associations, contractual partners, internet analytics services). This includes data that we process in connection with contractual circumstances and project execution, as well as data from correspondence and additional communication with third parties, along with all other data categories mentioned in item 4.
5.3. Data when communicating with you and for you
In addition to personal meetings, telephone discussions, written correspondence, and email, we also use various other means of communication with you. Additionally, for you or the communication necessary for your projects, we use software and tools (SaaS) from third parties. Below are the main services we use:
5.3.1. Microsoft Office365
Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Data Protection: https://www.microsoft.com/de-de/privacy/privacystatement
Legal Basis: Legitimate interest
5.3.2. Newsletter: Brevo
Provider: Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, DE
Data Protection: https://www.brevo.com/de/legal/privacypolicy/
Legal Basis: Legitimate interest including your right to unsubscribe at any time
6. How are the data processed and used
As part of our operations, we can process various categories of personal data for different purposes. In particular, we process the personal data mentioned in item 4 about you for the following purposes:
6.1. Communication
We process personal data so that we can communicate with you and with third parties via email, phone, mail, or otherwise. This may also occur in the form of newsletters and other regular contacts (e.g., electronically, by post, by telephone). You can refuse this communication at any time or decline or withdraw your consent to this communication. In the course of communication, we primarily process the content and header data of the communication as well as your contact information, but also video and audio recordings of (video) calls. In the event of audio or video recording of the communication, we will inform you separately at the beginning, and it is up to you to let us know if you do not wish for the recording, or to end the communication or exit the call. If we need or want to establish your identity, we may collect additional data.
6.2. Activities related to contracts
In view of entering into a contract with you or your client or employer, we may particularly process your name, contact details, consent declarations, information about third parties (e.g., contact persons, third parties, project participants, etc.), contract content, and all other data that you provide to us or that we lawfully collect from public sources or from third parties.
6.3. Contract administration and project execution
We process personal data to fulfill our contractual obligations towards our contractual partners (e.g., suppliers, service providers, project partners) and in particular to provide and enforce contractual services. This also includes data processing for project management as well as data processing for enforcement of contracts, bookkeeping, and public communication. For this purpose, we specifically process data that we have received or collected in the course of acquisition and conclusion of contracts, along with data that we create in the course of rendering our contractual services or that we collect from public sources or other third parties. This data includes, in particular, conversation records, notes, internal and external correspondence, contract documents, documents that we create and receive in connection with project creation and execution, background information about you, counter parties, or other individuals, video and audio recordings, as well as other project-related information, documents, performance records, invoices, and financial and payment information. In very rare cases, we may also collect and process particularly sensitive personal data during these activities.
6.4. Operation of our websites
To operate our website securely and stably, we collect technical data such as your IP address, details about the operating system and settings of your device, the region, time, and type of use. Additionally, we may use cookies and similar technologies. Further information can be found in the corresponding section further below.
6.5. Improvement of our electronic offerings
To continuously improve our website and electronic offerings (e.g., newsletters), we collect data about your behavior and preferences by analyzing how you navigate through our websites and how you interact with our social media profiles and other electronic offerings (e.g., newsletters).
6.6. Registration
To use certain offers and services (e.g., newsletters), you must register. For this purpose, we process the data provided during the registration process. Furthermore, we may also collect personal data about you during the use of the offer or service. If necessary, we will provide you with further information regarding the processing of this data.
6.7. Security purposes and access controls
We process personal data to ensure and continuously improve the appropriate security of our IT and other infrastructure. This includes, for example, monitoring and controlling electronic access to our IT systems as well as access to our premises, analyses, and tests of our IT infrastructure, system and error checks, and the creation of backups.
6.8. Risk management and corporate governance
We process personal data as part of risk management and corporate governance. This includes, among other things, our operational organization (e.g., resource planning, employee data) and business development.
6.9. Job application
If you apply for a position with us, we process the corresponding data for the purpose of reviewing and evaluating the application, carrying out the application process, and in the case of successful applications, for preparing and concluding the corresponding contract. For this purpose, we process your contact details along with the information from the corresponding communication, as well as the data contained in your application documents, possibly including criminal record extracts, and the data that we can additionally obtain about you, e.g., from job-related social networks, the internet, the media, and references (if you consent to obtaining references). The data processing in connection with the employment relationship is regulated separately.
6.10. Other purposes
Other purposes include, for example, training and education purposes as well as administrative purposes (e.g., bookkeeping). Additionally, we may process personal data for the organization, execution, and follow-up of events, such as particularly participant lists and content of presentations and discussions, as well as video and audio recordings taken during these events. Furthermore, the protection of other legitimate interests is also included in additional purposes that cannot be exhaustively named.
7. What data is collected and processed when you visit our website
7.1. General settings and internal guidelines
7.1.1. Type and depth of data, links to service providers
The terms of use and privacy policies of the services we use may change continuously, and thus the type and depth of data collected by the service provider may also change. Therefore, we do not provide a detailed list of the data that may be collected by each service. However, we link to the respective privacy policy for each referenced service. We check the links to the respective services or their privacy policies periodically and make efforts to keep the links current. However, it may happen that individual links are no longer current. If you encounter such an outdated link, we ask you to notify us immediately.
7.1.2. Selection of service providers, server locations, Data Privacy Framework
We basically use service providers where data is stored in data centers in Switzerland or the EU, if selectable. Where data is stored in the USA, on CDN servers (and thereby globally), or in other countries, we select providers from countries with an adequate level of data protection such as Switzerland (for US providers, for example, those that fall under the data protection framework between Switzerland and the USA ["Swiss-U.S. Data Privacy Framework", "SDPF", https://www.dataprivacyframework.gov/]). Among the US service providers we utilize, we almost exclusively use those that fall under the SDPF. Their compliance with the Privacy Framework or Swiss data protection can be checked via a search mask at https://www.dataprivacyframework.gov/list.
7.1.3. Processors, DPA, SCC, level of protection
If necessary, we have entered into a data processing agreement, often based on EU standard contractual clauses (Standard Contractual Clauses, "SCC"), or a Data Privacy Addendum ("DPA") with external data processors (or the latter is often already collected through the general terms or conditions of the third-party provider as a legally valid contractual component) to ensure adequate security. The provider typically guarantees that they process the personal data outside of Switzerland and the EU according to the requirements and protection levels of Swiss and European data protection laws.
In our company, only selected employees have access to such data based on the principle of necessity. All employees who access personal data must adhere to internal rules and processes as well as possibly regulations regarding the processing of personal data to protect it and ensure its confidentiality.
7.1.4. Security, encryption (external)
We have taken appropriate technical and organizational security measures to protect your personal data that we collect when you visit the website from unauthorized, accidental, or unlawful use.
To protect the security of data transmission, we use common encryption (e.g., SSL) over HTTPS.
7.1.5. Administration
For the administration of the website on our behalf, Docmine Productions AG, Zurich, is responsible (https://www.docmine.com).
7.2. Cookies
When using our websites (including newsletters), data is generated that is stored in logs (especially technical data). Additionally, we may employ cookies and similar techniques (e.g., pixel tags or fingerprints) to recognize website visitors, evaluate their behavior, and identify preferences. A cookie is a small file transmitted between your system and the server that enables the recognition of a specific device or browser.
You can usually set your browser to automatically reject, accept, or delete cookies. You can also disable or delete cookies on a case-by-case basis or reject the setting of cookies for our website in general. How to manage cookies in your browser can be found in the help menu of your browser.
Neither the technical data we collect nor the cookies usually contain personal data. However, personal data that we or third-party providers store about you (e.g., if you have a user account with us or these providers or are still logged in to the third-party service during your visit to our website) may be linked with the technical data or with the information stored in cookies, thereby possibly linking them to your person.
7.3. Social Networks
We also utilize social media plug-ins (small software components) that establish a connection between your visit to our websites and a third-party provider. The social media plug-in informs the third party that you have visited our websites and may transmit cookies to the third party that they previously placed on your web browser. For further information on how these third-party providers use the personal data collected via their social media plug-ins, please refer to their respective privacy policies.
In addition, we use our own tools and services from third parties on our websites, particularly to enhance the functionality or content of our websites (e.g., integration of videos or maps), create statistics, and display advertising.
7.4. Personal data on our social network pages
We maintain online presences on social networks and other platforms operated by third parties and process data about you in this context. In doing so, we receive data from you (e.g., when you communicate with us or comment on our content) and from the platforms (e.g., statistics). The platform providers may analyze your usage and process this data in conjunction with other data they have about you. They also process this data for their own purposes (e.g., for marketing and market research purposes and to manage their platforms) and act accordingly as independent controllers. For further information on processing by platform operators, please refer to the privacy policies of the respective platforms.
7.5. Services of third parties used when using our website
7.5.1. Hosting & CMS
Provider: Framer B.V., Rozengracht, 1016 LZ Amsterdam, Netherlands ("Framer")
Data Protection: https://www.framer.com/legal/privacy-statement/
Legal Basis: Legitimate interest
Provider: Webflow Inc. (Delaware corporation), 398 11th Street, Floor 2, San Francisco, CA 94103, USA
Data Protection: https://webflow.com/legal/eu-privacy-policy
Legal Basis: Legitimate interest
7.5.2. Static Hosting Content (Buckets)
Provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data Protection: https://cloud.google.com/security/privacy
Legal Basis: Legitimate interest
7.5.3. Cookies: Cookie Script
Provider: Objectis Ltd., Laisves st. 60, LT-05120 Vilnius, Lithuania
Data Protection: https://cookie-script.com/legal/privacy-policy
Legal Basis: Legitimate interest or your consent, which you provide in advance and can adjust afterward.
7.5.4. Video Streaming
Provider: YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA
Data Protection: https://policies.google.com/privacy?hl=ch-DE
Legal Basis: Legitimate interest
We are entitled, but not obligated, to review content before or after publication on our online presences, to delete content without notice, and to report it if necessary to the provider of the respective platform.
7.5.5. Fonts
Provider: Google Fonts, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data Protection: https://developers.google.com/fonts/faq/privacy?hl=de
Legal Basis: Legitimate interest
8. To whom are the data disclosed
In the course of our business activities, we may disclose your personal data, for the stated purposes and as appropriate, to third parties (such as affiliated companies, authorities, suppliers, assistants, particularly self-employed freelancers or experts involved in the project both domestically and abroad, and other business partners, as well as other individuals) and to service providers that process data on our behalf (e.g., IT providers). We may also be required to disclose your personal data to meet legal or regulatory requirements. Recipients may be based in Switzerland, the EU, or any other country worldwide.
If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection (especially based on SCC or DPA) or rely on legal exceptions for consent, contract performance, establishing, exercising, or enforcing project-related claims, or overriding public interests.
9. How and how long do we store the data
The personal data we collect will only be stored as long as necessary for the execution of the contractual relationship (from acquisition to termination of a contract or project duration after rollout) or for the other purposes pursued with processing, or if there is a legal retention and documentation obligation or an overriding private or public interest, or a storage that is technically necessary (e.g., in the case of backups or document management systems). Once the personal data we have collected for the aforementioned purposes are no longer needed, they will be deleted or anonymized in accordance with our usual procedures and in compliance with our retention policies, as well as applicable law.
10. Where is the data stored
10.1. General information on data storage location
Depending on the extent of your interactions with our offerings, your personal data may be stored or accessed in multiple countries. Whenever we transfer personal data to other countries, we ensure that the data is transmitted in accordance with this privacy policy and in compliance with applicable data protection laws.
10.2. For visitors to our website
Your data is stored at the locations of our external data processors mentioned above according to the services used and relevant configuration based on necessity.
10.3. For business partners, third parties
Your data is partially stored at the locations of our external data processors mentioned above as well as, in particular, internally with us.
11. What personal rights do you have
According to Swiss law, you have the following rights:
Right to information
Request information on whether we have stored personal data about you and copies of this personal data as well as information on how it is processed;Right to amendment
Right to correct inaccurate personal data about you;Right to deletion
Right to request the deletion of personal data about you that are no longer necessary for the purposes underlying the processing and that are processed based on a revoked consent or in violation of applicable legal provisions;Limitation of processing
Right to request us to restrict the processing of your personal data if the processing is inappropriate, and to object to the processing of personal data;Right to transfer
Right to request the transferability of personal data you have provided to us;
If you wish, you can contact us at any time at the contact address we communicated. It may take up to 30 days for us to respond to your request.
If you consented to the processing of your personal data for a specific purpose, you can withdraw your consent at any time, and we will cease further processing of your data for that purpose.
11.1. Complaints and supervisory authority
If you believe that we have not complied with your complaints or concerns, you have the right to file a complaint with a relevant data protection authority.
12. Supplementary provisions
12.1. Reservation of changes
This privacy policy is not part of a contract with you. We can modify this privacy policy at any time. The version published on this website is the current version.
12.2. Legal validity, applicable language
If we provide data protection provisions in languages other than German, these are usually machine-translated; these non-German versions of the privacy policy are provided for informational purposes and better understanding only. Only the privacy policy in German is legally valid.
Data Protection at Ecodocs
Here you will find everything about what we know about you, or what we need to know, such as when, where, and which data we register from you, what we do with this data, how we process it, to whom we have to pass it on, when we delete it again, and what you can do against it. We, Ecodocs Foundation, our affiliates, and our subsidiaries (hereinafter also "we" or "us") take data protection very seriously. We try to collect as few personal data as possible, only those that can actually be used for the provision of our services and products, and to refrain from everything unnecessary.
1. What it is about
We, the Ecodocs Foundation based in Zollikon, Switzerland, as well as the affiliated companies appearing under this web presence in accordance with the imprint (hereinafter also "we" or "us"), take data protection very seriously.
We respect the applicable legal provisions on data protection.
We collect and process personal data (hereinafter also "data") in accordance with this privacy policy.
We basically observe the principle of necessity, according to which we only collect and process as much data as is necessary for the purpose of fulfillment.
In the course of our business activities, we collect and process data, in particular personal data about our customers, affiliated persons, visitors to our websites, participants in events, job applicants, recipients of newsletters, and other third parties (hereinafter also "you").
In addition to this privacy policy, we may inform you separately about the processing of your data (e.g., in forms or contract terms).
If you provide us with data about other people, we assume that you are authorized to do so, that this data is accurate, and that you have ensured that these persons are informed about this disclosure, to the extent that there is a legal obligation to inform (e.g., by providing them with this privacy policy in advance).
For information about offers, terms, and the handling of personal data from other offers and services (such as third-party websites and social media), please contact these providers directly.
2. Who is responsible
For the processing described in this privacy policy, the following is data protection legally responsible:
Ecodocs Foundation, Dufourstrasse 21, 8702 Zollikon, Switzerland
+41 43 499 66 41, rc@buerocorrodi.ch
3. Which law is applicable
Our data processing is subject to Swiss data protection law.
For visitors residing in the European Union ("EU") and the European Economic Area ("EEA"), the following applies: Switzerland and the EU, including the EEA, recognize their data protection laws as equivalent. In certain cross-border cases, EU law, particularly the EU General Data Protection Regulation ("GDPR"), may additionally apply to specific data processing.
We do not assume that the GDPR is applicable to the data processing by us. However, should the GDPR exceptionally apply to certain data processing, the following provisions apply exclusively for the purposes of the GDPR and the data processing governed by it:
3.1. Details on the applicability and enforcement of the GDPR
In the event the GDPR is applicable, we base the processing of your personal data on the following requirements:
Requirement for the acquisition, conclusion, and fulfillment of contracts and their management and enforcement (Art. 6 Para. 1 lit. b GDPR),
Requirement to protect our or third-party legitimate interests, e.g., for communication with you or third parties, in order to operate our websites, improve our electronic offers or services and register for specific offers and services, for security purposes, for compliance with the law and internal regulations, for our risk management and corporate governance, and for other purposes such as training and education, administration, evidence and quality assurance, organization, implementation, and follow-up of events and to protect other legitimate interests (Art. 6 Para. 1 lit. f GDPR),
Legal requirement or legal permission based on our mandate or our position under EU law, EEA law, or the law of an EU member state (Art. 6 Para. 1 lit. c GDPR) or requirement to protect your vital interests or those of other natural persons (Art. 6 Para. 1 lit. d GDPR);
Your consent to the processing, e.g., through a corresponding declaration on our websites (Art. 6 Para. 1 lit. a and Art. 9 Para. 2 lit. a GDPR).
Furthermore, you have all the rights granted to you by the GDPR in this regard (in addition to the practically equivalent rights under Swiss data protection law): you can request the following actions from us regarding your personal data that we store and process:
Information about this, pursuant to Art. 15 GDPR;
Correction, as far as the data is incorrect, pursuant to Art. 16 GDPR;
Deletion, pursuant to Art. 17 GDPR; or restriction thereof if it cannot be deleted, pursuant to Art. 18 GDPR (then they will be marked for restriction of future processing); both subject to overriding legitimate interests on our part or based on legal provisions that require us to retain and use the data;
Right to object regarding the use of your data; subject to overriding reasons against this objection or if we need the data to protect our rights;
Release of the data that you provided to us based on your consent, pursuant to Art. 20 GDPR.
The aforementioned right to object to the processing of your data applies particularly in the context of data processing for the purposes of direct marketing.
If you do not agree with our handling of your rights or data protection, please let us know (see contact details above). If you are in the EEA, you also have the right to complain to the data protection supervisory authority in your country. A list of authorities in the EEA can be found here: https://www.edpb.europa.eu/about-edpb/about-edpb/members_de#member-de.
4. What data do we store
We primarily process personal data that we receive directly in the context of our contractual relationships with our customers and users. In addition, we may obtain, collect, or process data from business partners or other involved persons. To the extent permitted and necessary, we also obtain data from publicly available sources (such as public registers, media, internet) or receive such data from our customers and their employees, authorities, and third parties (such as business and contractual partners of our customers).
In addition to the data that we receive directly from you, the categories of personal data that we receive from third parties include, but are not limited to:
Inventory data (e.g., names, addresses, functions, organizational affiliation, etc.)
Contact data (e.g., email addresses, phone numbers, etc.)
Content data (e.g., text and image files, videos, etc.)
Usage data (e.g., access data)
Meta/communication data (e.g., IP addresses)
Information that you voluntarily disclose to us based on our contractual relationships
Information related to your professional functions and activities
Information about you in correspondence and meetings between us or with third parties (e.g., via communication by phone, email, or otherwise)
Information via configuration of your user settings, access permissions for data, or other interactions with us
Registration for or participation in an event
Filling out questionnaires, support tickets, or other forms for information requests
If you do not provide us with certain personal data, this may result in the provision of the related services or a contract not being possible. We will specify the personal data that must be provided.
5. Where do the data come from
5.1. Data from you
Many of the data we process are provided by you directly (e.g., when using our website, in connection with our services for you, or communication with us). Some of this data is also automatically transmitted to us by your device. You are only obligated to disclose your data in exceptional cases. However, if you wish to enter into contracts with us or claim our services, you must provide us with certain data. Additionally, the use of our website is not possible without a minimum of data collection and processing.
5.2. Data from third parties
We may also obtain data from publicly available sources (e.g., media or the internet, including social media platforms, public registers, online research, etc.) or receive it from authorities, your employer or client who has a business relationship with us or otherwise interacts with us, as well as from other third parties (e.g., address traders, associations, contractual partners, internet analytics services). This includes data that we process in connection with contractual circumstances and project execution, as well as data from correspondence and additional communication with third parties, along with all other data categories mentioned in item 4.
5.3. Data when communicating with you and for you
In addition to personal meetings, telephone discussions, written correspondence, and email, we also use various other means of communication with you. Additionally, for you or the communication necessary for your projects, we use software and tools (SaaS) from third parties. Below are the main services we use:
5.3.1. Microsoft Office365
Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Data Protection: https://www.microsoft.com/de-de/privacy/privacystatement
Legal Basis: Legitimate interest
5.3.2. Newsletter: Brevo
Provider: Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, DE
Data Protection: https://www.brevo.com/de/legal/privacypolicy/
Legal Basis: Legitimate interest including your right to unsubscribe at any time
6. How are the data processed and used
As part of our operations, we can process various categories of personal data for different purposes. In particular, we process the personal data mentioned in item 4 about you for the following purposes:
6.1. Communication
We process personal data so that we can communicate with you and with third parties via email, phone, mail, or otherwise. This may also occur in the form of newsletters and other regular contacts (e.g., electronically, by post, by telephone). You can refuse this communication at any time or decline or withdraw your consent to this communication. In the course of communication, we primarily process the content and header data of the communication as well as your contact information, but also video and audio recordings of (video) calls. In the event of audio or video recording of the communication, we will inform you separately at the beginning, and it is up to you to let us know if you do not wish for the recording, or to end the communication or exit the call. If we need or want to establish your identity, we may collect additional data.
6.2. Activities related to contracts
In view of entering into a contract with you or your client or employer, we may particularly process your name, contact details, consent declarations, information about third parties (e.g., contact persons, third parties, project participants, etc.), contract content, and all other data that you provide to us or that we lawfully collect from public sources or from third parties.
6.3. Contract administration and project execution
We process personal data to fulfill our contractual obligations towards our contractual partners (e.g., suppliers, service providers, project partners) and in particular to provide and enforce contractual services. This also includes data processing for project management as well as data processing for enforcement of contracts, bookkeeping, and public communication. For this purpose, we specifically process data that we have received or collected in the course of acquisition and conclusion of contracts, along with data that we create in the course of rendering our contractual services or that we collect from public sources or other third parties. This data includes, in particular, conversation records, notes, internal and external correspondence, contract documents, documents that we create and receive in connection with project creation and execution, background information about you, counter parties, or other individuals, video and audio recordings, as well as other project-related information, documents, performance records, invoices, and financial and payment information. In very rare cases, we may also collect and process particularly sensitive personal data during these activities.
6.4. Operation of our websites
To operate our website securely and stably, we collect technical data such as your IP address, details about the operating system and settings of your device, the region, time, and type of use. Additionally, we may use cookies and similar technologies. Further information can be found in the corresponding section further below.
6.5. Improvement of our electronic offerings
To continuously improve our website and electronic offerings (e.g., newsletters), we collect data about your behavior and preferences by analyzing how you navigate through our websites and how you interact with our social media profiles and other electronic offerings (e.g., newsletters).
6.6. Registration
To use certain offers and services (e.g., newsletters), you must register. For this purpose, we process the data provided during the registration process. Furthermore, we may also collect personal data about you during the use of the offer or service. If necessary, we will provide you with further information regarding the processing of this data.
6.7. Security purposes and access controls
We process personal data to ensure and continuously improve the appropriate security of our IT and other infrastructure. This includes, for example, monitoring and controlling electronic access to our IT systems as well as access to our premises, analyses, and tests of our IT infrastructure, system and error checks, and the creation of backups.
6.8. Risk management and corporate governance
We process personal data as part of risk management and corporate governance. This includes, among other things, our operational organization (e.g., resource planning, employee data) and business development.
6.9. Job application
If you apply for a position with us, we process the corresponding data for the purpose of reviewing and evaluating the application, carrying out the application process, and in the case of successful applications, for preparing and concluding the corresponding contract. For this purpose, we process your contact details along with the information from the corresponding communication, as well as the data contained in your application documents, possibly including criminal record extracts, and the data that we can additionally obtain about you, e.g., from job-related social networks, the internet, the media, and references (if you consent to obtaining references). The data processing in connection with the employment relationship is regulated separately.
6.10. Other purposes
Other purposes include, for example, training and education purposes as well as administrative purposes (e.g., bookkeeping). Additionally, we may process personal data for the organization, execution, and follow-up of events, such as particularly participant lists and content of presentations and discussions, as well as video and audio recordings taken during these events. Furthermore, the protection of other legitimate interests is also included in additional purposes that cannot be exhaustively named.
7. What data is collected and processed when you visit our website
7.1. General settings and internal guidelines
7.1.1. Type and depth of data, links to service providers
The terms of use and privacy policies of the services we use may change continuously, and thus the type and depth of data collected by the service provider may also change. Therefore, we do not provide a detailed list of the data that may be collected by each service. However, we link to the respective privacy policy for each referenced service. We check the links to the respective services or their privacy policies periodically and make efforts to keep the links current. However, it may happen that individual links are no longer current. If you encounter such an outdated link, we ask you to notify us immediately.
7.1.2. Selection of service providers, server locations, Data Privacy Framework
We basically use service providers where data is stored in data centers in Switzerland or the EU, if selectable. Where data is stored in the USA, on CDN servers (and thereby globally), or in other countries, we select providers from countries with an adequate level of data protection such as Switzerland (for US providers, for example, those that fall under the data protection framework between Switzerland and the USA ["Swiss-U.S. Data Privacy Framework", "SDPF", https://www.dataprivacyframework.gov/]). Among the US service providers we utilize, we almost exclusively use those that fall under the SDPF. Their compliance with the Privacy Framework or Swiss data protection can be checked via a search mask at https://www.dataprivacyframework.gov/list.
7.1.3. Processors, DPA, SCC, level of protection
If necessary, we have entered into a data processing agreement, often based on EU standard contractual clauses (Standard Contractual Clauses, "SCC"), or a Data Privacy Addendum ("DPA") with external data processors (or the latter is often already collected through the general terms or conditions of the third-party provider as a legally valid contractual component) to ensure adequate security. The provider typically guarantees that they process the personal data outside of Switzerland and the EU according to the requirements and protection levels of Swiss and European data protection laws.
In our company, only selected employees have access to such data based on the principle of necessity. All employees who access personal data must adhere to internal rules and processes as well as possibly regulations regarding the processing of personal data to protect it and ensure its confidentiality.
7.1.4. Security, encryption (external)
We have taken appropriate technical and organizational security measures to protect your personal data that we collect when you visit the website from unauthorized, accidental, or unlawful use.
To protect the security of data transmission, we use common encryption (e.g., SSL) over HTTPS.
7.1.5. Administration
For the administration of the website on our behalf, Docmine Productions AG, Zurich, is responsible (https://www.docmine.com).
7.2. Cookies
When using our websites (including newsletters), data is generated that is stored in logs (especially technical data). Additionally, we may employ cookies and similar techniques (e.g., pixel tags or fingerprints) to recognize website visitors, evaluate their behavior, and identify preferences. A cookie is a small file transmitted between your system and the server that enables the recognition of a specific device or browser.
You can usually set your browser to automatically reject, accept, or delete cookies. You can also disable or delete cookies on a case-by-case basis or reject the setting of cookies for our website in general. How to manage cookies in your browser can be found in the help menu of your browser.
Neither the technical data we collect nor the cookies usually contain personal data. However, personal data that we or third-party providers store about you (e.g., if you have a user account with us or these providers or are still logged in to the third-party service during your visit to our website) may be linked with the technical data or with the information stored in cookies, thereby possibly linking them to your person.
7.3. Social Networks
We also utilize social media plug-ins (small software components) that establish a connection between your visit to our websites and a third-party provider. The social media plug-in informs the third party that you have visited our websites and may transmit cookies to the third party that they previously placed on your web browser. For further information on how these third-party providers use the personal data collected via their social media plug-ins, please refer to their respective privacy policies.
In addition, we use our own tools and services from third parties on our websites, particularly to enhance the functionality or content of our websites (e.g., integration of videos or maps), create statistics, and display advertising.
7.4. Personal data on our social network pages
We maintain online presences on social networks and other platforms operated by third parties and process data about you in this context. In doing so, we receive data from you (e.g., when you communicate with us or comment on our content) and from the platforms (e.g., statistics). The platform providers may analyze your usage and process this data in conjunction with other data they have about you. They also process this data for their own purposes (e.g., for marketing and market research purposes and to manage their platforms) and act accordingly as independent controllers. For further information on processing by platform operators, please refer to the privacy policies of the respective platforms.
7.5. Services of third parties used when using our website
7.5.1. Hosting & CMS
Provider: Framer B.V., Rozengracht, 1016 LZ Amsterdam, Netherlands ("Framer")
Data Protection: https://www.framer.com/legal/privacy-statement/
Legal Basis: Legitimate interest
Provider: Webflow Inc. (Delaware corporation), 398 11th Street, Floor 2, San Francisco, CA 94103, USA
Data Protection: https://webflow.com/legal/eu-privacy-policy
Legal Basis: Legitimate interest
7.5.2. Static Hosting Content (Buckets)
Provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data Protection: https://cloud.google.com/security/privacy
Legal Basis: Legitimate interest
7.5.3. Cookies: Cookie Script
Provider: Objectis Ltd., Laisves st. 60, LT-05120 Vilnius, Lithuania
Data Protection: https://cookie-script.com/legal/privacy-policy
Legal Basis: Legitimate interest or your consent, which you provide in advance and can adjust afterward.
7.5.4. Video Streaming
Provider: YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA
Data Protection: https://policies.google.com/privacy?hl=ch-DE
Legal Basis: Legitimate interest
We are entitled, but not obligated, to review content before or after publication on our online presences, to delete content without notice, and to report it if necessary to the provider of the respective platform.
7.5.5. Fonts
Provider: Google Fonts, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data Protection: https://developers.google.com/fonts/faq/privacy?hl=de
Legal Basis: Legitimate interest
8. To whom are the data disclosed
In the course of our business activities, we may disclose your personal data, for the stated purposes and as appropriate, to third parties (such as affiliated companies, authorities, suppliers, assistants, particularly self-employed freelancers or experts involved in the project both domestically and abroad, and other business partners, as well as other individuals) and to service providers that process data on our behalf (e.g., IT providers). We may also be required to disclose your personal data to meet legal or regulatory requirements. Recipients may be based in Switzerland, the EU, or any other country worldwide.
If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection (especially based on SCC or DPA) or rely on legal exceptions for consent, contract performance, establishing, exercising, or enforcing project-related claims, or overriding public interests.
9. How and how long do we store the data
The personal data we collect will only be stored as long as necessary for the execution of the contractual relationship (from acquisition to termination of a contract or project duration after rollout) or for the other purposes pursued with processing, or if there is a legal retention and documentation obligation or an overriding private or public interest, or a storage that is technically necessary (e.g., in the case of backups or document management systems). Once the personal data we have collected for the aforementioned purposes are no longer needed, they will be deleted or anonymized in accordance with our usual procedures and in compliance with our retention policies, as well as applicable law.
10. Where is the data stored
10.1. General information on data storage location
Depending on the extent of your interactions with our offerings, your personal data may be stored or accessed in multiple countries. Whenever we transfer personal data to other countries, we ensure that the data is transmitted in accordance with this privacy policy and in compliance with applicable data protection laws.
10.2. For visitors to our website
Your data is stored at the locations of our external data processors mentioned above according to the services used and relevant configuration based on necessity.
10.3. For business partners, third parties
Your data is partially stored at the locations of our external data processors mentioned above as well as, in particular, internally with us.
11. What personal rights do you have
According to Swiss law, you have the following rights:
Right to information
Request information on whether we have stored personal data about you and copies of this personal data as well as information on how it is processed;Right to amendment
Right to correct inaccurate personal data about you;Right to deletion
Right to request the deletion of personal data about you that are no longer necessary for the purposes underlying the processing and that are processed based on a revoked consent or in violation of applicable legal provisions;Limitation of processing
Right to request us to restrict the processing of your personal data if the processing is inappropriate, and to object to the processing of personal data;Right to transfer
Right to request the transferability of personal data you have provided to us;
If you wish, you can contact us at any time at the contact address we communicated. It may take up to 30 days for us to respond to your request.
If you consented to the processing of your personal data for a specific purpose, you can withdraw your consent at any time, and we will cease further processing of your data for that purpose.
11.1. Complaints and supervisory authority
If you believe that we have not complied with your complaints or concerns, you have the right to file a complaint with a relevant data protection authority.
12. Supplementary provisions
12.1. Reservation of changes
This privacy policy is not part of a contract with you. We can modify this privacy policy at any time. The version published on this website is the current version.
12.2. Legal validity, applicable language
If we provide data protection provisions in languages other than German, these are usually machine-translated; these non-German versions of the privacy policy are provided for informational purposes and better understanding only. Only the privacy policy in German is legally valid.
Data Protection at Ecodocs
Here you will find everything about what we know about you, or what we need to know, such as when, where, and which data we register from you, what we do with this data, how we process it, to whom we have to pass it on, when we delete it again, and what you can do against it. We, Ecodocs Foundation, our affiliates, and our subsidiaries (hereinafter also "we" or "us") take data protection very seriously. We try to collect as few personal data as possible, only those that can actually be used for the provision of our services and products, and to refrain from everything unnecessary.
1. What it is about
We, the Ecodocs Foundation based in Zollikon, Switzerland, as well as the affiliated companies appearing under this web presence in accordance with the imprint (hereinafter also "we" or "us"), take data protection very seriously.
We respect the applicable legal provisions on data protection.
We collect and process personal data (hereinafter also "data") in accordance with this privacy policy.
We basically observe the principle of necessity, according to which we only collect and process as much data as is necessary for the purpose of fulfillment.
In the course of our business activities, we collect and process data, in particular personal data about our customers, affiliated persons, visitors to our websites, participants in events, job applicants, recipients of newsletters, and other third parties (hereinafter also "you").
In addition to this privacy policy, we may inform you separately about the processing of your data (e.g., in forms or contract terms).
If you provide us with data about other people, we assume that you are authorized to do so, that this data is accurate, and that you have ensured that these persons are informed about this disclosure, to the extent that there is a legal obligation to inform (e.g., by providing them with this privacy policy in advance).
For information about offers, terms, and the handling of personal data from other offers and services (such as third-party websites and social media), please contact these providers directly.
2. Who is responsible
For the processing described in this privacy policy, the following is data protection legally responsible:
Ecodocs Foundation, Dufourstrasse 21, 8702 Zollikon, Switzerland
+41 43 499 66 41, rc@buerocorrodi.ch
3. Which law is applicable
Our data processing is subject to Swiss data protection law.
For visitors residing in the European Union ("EU") and the European Economic Area ("EEA"), the following applies: Switzerland and the EU, including the EEA, recognize their data protection laws as equivalent. In certain cross-border cases, EU law, particularly the EU General Data Protection Regulation ("GDPR"), may additionally apply to specific data processing.
We do not assume that the GDPR is applicable to the data processing by us. However, should the GDPR exceptionally apply to certain data processing, the following provisions apply exclusively for the purposes of the GDPR and the data processing governed by it:
3.1. Details on the applicability and enforcement of the GDPR
In the event the GDPR is applicable, we base the processing of your personal data on the following requirements:
Requirement for the acquisition, conclusion, and fulfillment of contracts and their management and enforcement (Art. 6 Para. 1 lit. b GDPR),
Requirement to protect our or third-party legitimate interests, e.g., for communication with you or third parties, in order to operate our websites, improve our electronic offers or services and register for specific offers and services, for security purposes, for compliance with the law and internal regulations, for our risk management and corporate governance, and for other purposes such as training and education, administration, evidence and quality assurance, organization, implementation, and follow-up of events and to protect other legitimate interests (Art. 6 Para. 1 lit. f GDPR),
Legal requirement or legal permission based on our mandate or our position under EU law, EEA law, or the law of an EU member state (Art. 6 Para. 1 lit. c GDPR) or requirement to protect your vital interests or those of other natural persons (Art. 6 Para. 1 lit. d GDPR);
Your consent to the processing, e.g., through a corresponding declaration on our websites (Art. 6 Para. 1 lit. a and Art. 9 Para. 2 lit. a GDPR).
Furthermore, you have all the rights granted to you by the GDPR in this regard (in addition to the practically equivalent rights under Swiss data protection law): you can request the following actions from us regarding your personal data that we store and process:
Information about this, pursuant to Art. 15 GDPR;
Correction, as far as the data is incorrect, pursuant to Art. 16 GDPR;
Deletion, pursuant to Art. 17 GDPR; or restriction thereof if it cannot be deleted, pursuant to Art. 18 GDPR (then they will be marked for restriction of future processing); both subject to overriding legitimate interests on our part or based on legal provisions that require us to retain and use the data;
Right to object regarding the use of your data; subject to overriding reasons against this objection or if we need the data to protect our rights;
Release of the data that you provided to us based on your consent, pursuant to Art. 20 GDPR.
The aforementioned right to object to the processing of your data applies particularly in the context of data processing for the purposes of direct marketing.
If you do not agree with our handling of your rights or data protection, please let us know (see contact details above). If you are in the EEA, you also have the right to complain to the data protection supervisory authority in your country. A list of authorities in the EEA can be found here: https://www.edpb.europa.eu/about-edpb/about-edpb/members_de#member-de.
4. What data do we store
We primarily process personal data that we receive directly in the context of our contractual relationships with our customers and users. In addition, we may obtain, collect, or process data from business partners or other involved persons. To the extent permitted and necessary, we also obtain data from publicly available sources (such as public registers, media, internet) or receive such data from our customers and their employees, authorities, and third parties (such as business and contractual partners of our customers).
In addition to the data that we receive directly from you, the categories of personal data that we receive from third parties include, but are not limited to:
Inventory data (e.g., names, addresses, functions, organizational affiliation, etc.)
Contact data (e.g., email addresses, phone numbers, etc.)
Content data (e.g., text and image files, videos, etc.)
Usage data (e.g., access data)
Meta/communication data (e.g., IP addresses)
Information that you voluntarily disclose to us based on our contractual relationships
Information related to your professional functions and activities
Information about you in correspondence and meetings between us or with third parties (e.g., via communication by phone, email, or otherwise)
Information via configuration of your user settings, access permissions for data, or other interactions with us
Registration for or participation in an event
Filling out questionnaires, support tickets, or other forms for information requests
If you do not provide us with certain personal data, this may result in the provision of the related services or a contract not being possible. We will specify the personal data that must be provided.
5. Where do the data come from
5.1. Data from you
Many of the data we process are provided by you directly (e.g., when using our website, in connection with our services for you, or communication with us). Some of this data is also automatically transmitted to us by your device. You are only obligated to disclose your data in exceptional cases. However, if you wish to enter into contracts with us or claim our services, you must provide us with certain data. Additionally, the use of our website is not possible without a minimum of data collection and processing.
5.2. Data from third parties
We may also obtain data from publicly available sources (e.g., media or the internet, including social media platforms, public registers, online research, etc.) or receive it from authorities, your employer or client who has a business relationship with us or otherwise interacts with us, as well as from other third parties (e.g., address traders, associations, contractual partners, internet analytics services). This includes data that we process in connection with contractual circumstances and project execution, as well as data from correspondence and additional communication with third parties, along with all other data categories mentioned in item 4.
5.3. Data when communicating with you and for you
In addition to personal meetings, telephone discussions, written correspondence, and email, we also use various other means of communication with you. Additionally, for you or the communication necessary for your projects, we use software and tools (SaaS) from third parties. Below are the main services we use:
5.3.1. Microsoft Office365
Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Data Protection: https://www.microsoft.com/de-de/privacy/privacystatement
Legal Basis: Legitimate interest
5.3.2. Newsletter: Brevo
Provider: Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, DE
Data Protection: https://www.brevo.com/de/legal/privacypolicy/
Legal Basis: Legitimate interest including your right to unsubscribe at any time
6. How are the data processed and used
As part of our operations, we can process various categories of personal data for different purposes. In particular, we process the personal data mentioned in item 4 about you for the following purposes:
6.1. Communication
We process personal data so that we can communicate with you and with third parties via email, phone, mail, or otherwise. This may also occur in the form of newsletters and other regular contacts (e.g., electronically, by post, by telephone). You can refuse this communication at any time or decline or withdraw your consent to this communication. In the course of communication, we primarily process the content and header data of the communication as well as your contact information, but also video and audio recordings of (video) calls. In the event of audio or video recording of the communication, we will inform you separately at the beginning, and it is up to you to let us know if you do not wish for the recording, or to end the communication or exit the call. If we need or want to establish your identity, we may collect additional data.
6.2. Activities related to contracts
In view of entering into a contract with you or your client or employer, we may particularly process your name, contact details, consent declarations, information about third parties (e.g., contact persons, third parties, project participants, etc.), contract content, and all other data that you provide to us or that we lawfully collect from public sources or from third parties.
6.3. Contract administration and project execution
We process personal data to fulfill our contractual obligations towards our contractual partners (e.g., suppliers, service providers, project partners) and in particular to provide and enforce contractual services. This also includes data processing for project management as well as data processing for enforcement of contracts, bookkeeping, and public communication. For this purpose, we specifically process data that we have received or collected in the course of acquisition and conclusion of contracts, along with data that we create in the course of rendering our contractual services or that we collect from public sources or other third parties. This data includes, in particular, conversation records, notes, internal and external correspondence, contract documents, documents that we create and receive in connection with project creation and execution, background information about you, counter parties, or other individuals, video and audio recordings, as well as other project-related information, documents, performance records, invoices, and financial and payment information. In very rare cases, we may also collect and process particularly sensitive personal data during these activities.
6.4. Operation of our websites
To operate our website securely and stably, we collect technical data such as your IP address, details about the operating system and settings of your device, the region, time, and type of use. Additionally, we may use cookies and similar technologies. Further information can be found in the corresponding section further below.
6.5. Improvement of our electronic offerings
To continuously improve our website and electronic offerings (e.g., newsletters), we collect data about your behavior and preferences by analyzing how you navigate through our websites and how you interact with our social media profiles and other electronic offerings (e.g., newsletters).
6.6. Registration
To use certain offers and services (e.g., newsletters), you must register. For this purpose, we process the data provided during the registration process. Furthermore, we may also collect personal data about you during the use of the offer or service. If necessary, we will provide you with further information regarding the processing of this data.
6.7. Security purposes and access controls
We process personal data to ensure and continuously improve the appropriate security of our IT and other infrastructure. This includes, for example, monitoring and controlling electronic access to our IT systems as well as access to our premises, analyses, and tests of our IT infrastructure, system and error checks, and the creation of backups.
6.8. Risk management and corporate governance
We process personal data as part of risk management and corporate governance. This includes, among other things, our operational organization (e.g., resource planning, employee data) and business development.
6.9. Job application
If you apply for a position with us, we process the corresponding data for the purpose of reviewing and evaluating the application, carrying out the application process, and in the case of successful applications, for preparing and concluding the corresponding contract. For this purpose, we process your contact details along with the information from the corresponding communication, as well as the data contained in your application documents, possibly including criminal record extracts, and the data that we can additionally obtain about you, e.g., from job-related social networks, the internet, the media, and references (if you consent to obtaining references). The data processing in connection with the employment relationship is regulated separately.
6.10. Other purposes
Other purposes include, for example, training and education purposes as well as administrative purposes (e.g., bookkeeping). Additionally, we may process personal data for the organization, execution, and follow-up of events, such as particularly participant lists and content of presentations and discussions, as well as video and audio recordings taken during these events. Furthermore, the protection of other legitimate interests is also included in additional purposes that cannot be exhaustively named.
7. What data is collected and processed when you visit our website
7.1. General settings and internal guidelines
7.1.1. Type and depth of data, links to service providers
The terms of use and privacy policies of the services we use may change continuously, and thus the type and depth of data collected by the service provider may also change. Therefore, we do not provide a detailed list of the data that may be collected by each service. However, we link to the respective privacy policy for each referenced service. We check the links to the respective services or their privacy policies periodically and make efforts to keep the links current. However, it may happen that individual links are no longer current. If you encounter such an outdated link, we ask you to notify us immediately.
7.1.2. Selection of service providers, server locations, Data Privacy Framework
We basically use service providers where data is stored in data centers in Switzerland or the EU, if selectable. Where data is stored in the USA, on CDN servers (and thereby globally), or in other countries, we select providers from countries with an adequate level of data protection such as Switzerland (for US providers, for example, those that fall under the data protection framework between Switzerland and the USA ["Swiss-U.S. Data Privacy Framework", "SDPF", https://www.dataprivacyframework.gov/]). Among the US service providers we utilize, we almost exclusively use those that fall under the SDPF. Their compliance with the Privacy Framework or Swiss data protection can be checked via a search mask at https://www.dataprivacyframework.gov/list.
7.1.3. Processors, DPA, SCC, level of protection
If necessary, we have entered into a data processing agreement, often based on EU standard contractual clauses (Standard Contractual Clauses, "SCC"), or a Data Privacy Addendum ("DPA") with external data processors (or the latter is often already collected through the general terms or conditions of the third-party provider as a legally valid contractual component) to ensure adequate security. The provider typically guarantees that they process the personal data outside of Switzerland and the EU according to the requirements and protection levels of Swiss and European data protection laws.
In our company, only selected employees have access to such data based on the principle of necessity. All employees who access personal data must adhere to internal rules and processes as well as possibly regulations regarding the processing of personal data to protect it and ensure its confidentiality.
7.1.4. Security, encryption (external)
We have taken appropriate technical and organizational security measures to protect your personal data that we collect when you visit the website from unauthorized, accidental, or unlawful use.
To protect the security of data transmission, we use common encryption (e.g., SSL) over HTTPS.
7.1.5. Administration
For the administration of the website on our behalf, Docmine Productions AG, Zurich, is responsible (https://www.docmine.com).
7.2. Cookies
When using our websites (including newsletters), data is generated that is stored in logs (especially technical data). Additionally, we may employ cookies and similar techniques (e.g., pixel tags or fingerprints) to recognize website visitors, evaluate their behavior, and identify preferences. A cookie is a small file transmitted between your system and the server that enables the recognition of a specific device or browser.
You can usually set your browser to automatically reject, accept, or delete cookies. You can also disable or delete cookies on a case-by-case basis or reject the setting of cookies for our website in general. How to manage cookies in your browser can be found in the help menu of your browser.
Neither the technical data we collect nor the cookies usually contain personal data. However, personal data that we or third-party providers store about you (e.g., if you have a user account with us or these providers or are still logged in to the third-party service during your visit to our website) may be linked with the technical data or with the information stored in cookies, thereby possibly linking them to your person.
7.3. Social Networks
We also utilize social media plug-ins (small software components) that establish a connection between your visit to our websites and a third-party provider. The social media plug-in informs the third party that you have visited our websites and may transmit cookies to the third party that they previously placed on your web browser. For further information on how these third-party providers use the personal data collected via their social media plug-ins, please refer to their respective privacy policies.
In addition, we use our own tools and services from third parties on our websites, particularly to enhance the functionality or content of our websites (e.g., integration of videos or maps), create statistics, and display advertising.
7.4. Personal data on our social network pages
We maintain online presences on social networks and other platforms operated by third parties and process data about you in this context. In doing so, we receive data from you (e.g., when you communicate with us or comment on our content) and from the platforms (e.g., statistics). The platform providers may analyze your usage and process this data in conjunction with other data they have about you. They also process this data for their own purposes (e.g., for marketing and market research purposes and to manage their platforms) and act accordingly as independent controllers. For further information on processing by platform operators, please refer to the privacy policies of the respective platforms.
7.5. Services of third parties used when using our website
7.5.1. Hosting & CMS
Provider: Framer B.V., Rozengracht, 1016 LZ Amsterdam, Netherlands ("Framer")
Data Protection: https://www.framer.com/legal/privacy-statement/
Legal Basis: Legitimate interest
Provider: Webflow Inc. (Delaware corporation), 398 11th Street, Floor 2, San Francisco, CA 94103, USA
Data Protection: https://webflow.com/legal/eu-privacy-policy
Legal Basis: Legitimate interest
7.5.2. Static Hosting Content (Buckets)
Provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data Protection: https://cloud.google.com/security/privacy
Legal Basis: Legitimate interest
7.5.3. Cookies: Cookie Script
Provider: Objectis Ltd., Laisves st. 60, LT-05120 Vilnius, Lithuania
Data Protection: https://cookie-script.com/legal/privacy-policy
Legal Basis: Legitimate interest or your consent, which you provide in advance and can adjust afterward.
7.5.4. Video Streaming
Provider: YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA
Data Protection: https://policies.google.com/privacy?hl=ch-DE
Legal Basis: Legitimate interest
We are entitled, but not obligated, to review content before or after publication on our online presences, to delete content without notice, and to report it if necessary to the provider of the respective platform.
7.5.5. Fonts
Provider: Google Fonts, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data Protection: https://developers.google.com/fonts/faq/privacy?hl=de
Legal Basis: Legitimate interest
8. To whom are the data disclosed
In the course of our business activities, we may disclose your personal data, for the stated purposes and as appropriate, to third parties (such as affiliated companies, authorities, suppliers, assistants, particularly self-employed freelancers or experts involved in the project both domestically and abroad, and other business partners, as well as other individuals) and to service providers that process data on our behalf (e.g., IT providers). We may also be required to disclose your personal data to meet legal or regulatory requirements. Recipients may be based in Switzerland, the EU, or any other country worldwide.
If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection (especially based on SCC or DPA) or rely on legal exceptions for consent, contract performance, establishing, exercising, or enforcing project-related claims, or overriding public interests.
9. How and how long do we store the data
The personal data we collect will only be stored as long as necessary for the execution of the contractual relationship (from acquisition to termination of a contract or project duration after rollout) or for the other purposes pursued with processing, or if there is a legal retention and documentation obligation or an overriding private or public interest, or a storage that is technically necessary (e.g., in the case of backups or document management systems). Once the personal data we have collected for the aforementioned purposes are no longer needed, they will be deleted or anonymized in accordance with our usual procedures and in compliance with our retention policies, as well as applicable law.
10. Where is the data stored
10.1. General information on data storage location
Depending on the extent of your interactions with our offerings, your personal data may be stored or accessed in multiple countries. Whenever we transfer personal data to other countries, we ensure that the data is transmitted in accordance with this privacy policy and in compliance with applicable data protection laws.
10.2. For visitors to our website
Your data is stored at the locations of our external data processors mentioned above according to the services used and relevant configuration based on necessity.
10.3. For business partners, third parties
Your data is partially stored at the locations of our external data processors mentioned above as well as, in particular, internally with us.
11. What personal rights do you have
According to Swiss law, you have the following rights:
Right to information
Request information on whether we have stored personal data about you and copies of this personal data as well as information on how it is processed;Right to amendment
Right to correct inaccurate personal data about you;Right to deletion
Right to request the deletion of personal data about you that are no longer necessary for the purposes underlying the processing and that are processed based on a revoked consent or in violation of applicable legal provisions;Limitation of processing
Right to request us to restrict the processing of your personal data if the processing is inappropriate, and to object to the processing of personal data;Right to transfer
Right to request the transferability of personal data you have provided to us;
If you wish, you can contact us at any time at the contact address we communicated. It may take up to 30 days for us to respond to your request.
If you consented to the processing of your personal data for a specific purpose, you can withdraw your consent at any time, and we will cease further processing of your data for that purpose.
11.1. Complaints and supervisory authority
If you believe that we have not complied with your complaints or concerns, you have the right to file a complaint with a relevant data protection authority.
12. Supplementary provisions
12.1. Reservation of changes
This privacy policy is not part of a contract with you. We can modify this privacy policy at any time. The version published on this website is the current version.
12.2. Legal validity, applicable language
If we provide data protection provisions in languages other than German, these are usually machine-translated; these non-German versions of the privacy policy are provided for informational purposes and better understanding only. Only the privacy policy in German is legally valid.
Data Protection at Ecodocs
Here you will find everything about what we know about you, or what we need to know, such as when, where, and which data we register from you, what we do with this data, how we process it, to whom we have to pass it on, when we delete it again, and what you can do against it. We, Ecodocs Foundation, our affiliates, and our subsidiaries (hereinafter also "we" or "us") take data protection very seriously. We try to collect as few personal data as possible, only those that can actually be used for the provision of our services and products, and to refrain from everything unnecessary.
1. What it is about
We, the Ecodocs Foundation based in Zollikon, Switzerland, as well as the affiliated companies appearing under this web presence in accordance with the imprint (hereinafter also "we" or "us"), take data protection very seriously.
We respect the applicable legal provisions on data protection.
We collect and process personal data (hereinafter also "data") in accordance with this privacy policy.
We basically observe the principle of necessity, according to which we only collect and process as much data as is necessary for the purpose of fulfillment.
In the course of our business activities, we collect and process data, in particular personal data about our customers, affiliated persons, visitors to our websites, participants in events, job applicants, recipients of newsletters, and other third parties (hereinafter also "you").
In addition to this privacy policy, we may inform you separately about the processing of your data (e.g., in forms or contract terms).
If you provide us with data about other people, we assume that you are authorized to do so, that this data is accurate, and that you have ensured that these persons are informed about this disclosure, to the extent that there is a legal obligation to inform (e.g., by providing them with this privacy policy in advance).
For information about offers, terms, and the handling of personal data from other offers and services (such as third-party websites and social media), please contact these providers directly.
2. Who is responsible
For the processing described in this privacy policy, the following is data protection legally responsible:
Ecodocs Foundation, Dufourstrasse 21, 8702 Zollikon, Switzerland
+41 43 499 66 41, rc@buerocorrodi.ch
3. Which law is applicable
Our data processing is subject to Swiss data protection law.
For visitors residing in the European Union ("EU") and the European Economic Area ("EEA"), the following applies: Switzerland and the EU, including the EEA, recognize their data protection laws as equivalent. In certain cross-border cases, EU law, particularly the EU General Data Protection Regulation ("GDPR"), may additionally apply to specific data processing.
We do not assume that the GDPR is applicable to the data processing by us. However, should the GDPR exceptionally apply to certain data processing, the following provisions apply exclusively for the purposes of the GDPR and the data processing governed by it:
3.1. Details on the applicability and enforcement of the GDPR
In the event the GDPR is applicable, we base the processing of your personal data on the following requirements:
Requirement for the acquisition, conclusion, and fulfillment of contracts and their management and enforcement (Art. 6 Para. 1 lit. b GDPR),
Requirement to protect our or third-party legitimate interests, e.g., for communication with you or third parties, in order to operate our websites, improve our electronic offers or services and register for specific offers and services, for security purposes, for compliance with the law and internal regulations, for our risk management and corporate governance, and for other purposes such as training and education, administration, evidence and quality assurance, organization, implementation, and follow-up of events and to protect other legitimate interests (Art. 6 Para. 1 lit. f GDPR),
Legal requirement or legal permission based on our mandate or our position under EU law, EEA law, or the law of an EU member state (Art. 6 Para. 1 lit. c GDPR) or requirement to protect your vital interests or those of other natural persons (Art. 6 Para. 1 lit. d GDPR);
Your consent to the processing, e.g., through a corresponding declaration on our websites (Art. 6 Para. 1 lit. a and Art. 9 Para. 2 lit. a GDPR).
Furthermore, you have all the rights granted to you by the GDPR in this regard (in addition to the practically equivalent rights under Swiss data protection law): you can request the following actions from us regarding your personal data that we store and process:
Information about this, pursuant to Art. 15 GDPR;
Correction, as far as the data is incorrect, pursuant to Art. 16 GDPR;
Deletion, pursuant to Art. 17 GDPR; or restriction thereof if it cannot be deleted, pursuant to Art. 18 GDPR (then they will be marked for restriction of future processing); both subject to overriding legitimate interests on our part or based on legal provisions that require us to retain and use the data;
Right to object regarding the use of your data; subject to overriding reasons against this objection or if we need the data to protect our rights;
Release of the data that you provided to us based on your consent, pursuant to Art. 20 GDPR.
The aforementioned right to object to the processing of your data applies particularly in the context of data processing for the purposes of direct marketing.
If you do not agree with our handling of your rights or data protection, please let us know (see contact details above). If you are in the EEA, you also have the right to complain to the data protection supervisory authority in your country. A list of authorities in the EEA can be found here: https://www.edpb.europa.eu/about-edpb/about-edpb/members_de#member-de.
4. What data do we store
We primarily process personal data that we receive directly in the context of our contractual relationships with our customers and users. In addition, we may obtain, collect, or process data from business partners or other involved persons. To the extent permitted and necessary, we also obtain data from publicly available sources (such as public registers, media, internet) or receive such data from our customers and their employees, authorities, and third parties (such as business and contractual partners of our customers).
In addition to the data that we receive directly from you, the categories of personal data that we receive from third parties include, but are not limited to:
Inventory data (e.g., names, addresses, functions, organizational affiliation, etc.)
Contact data (e.g., email addresses, phone numbers, etc.)
Content data (e.g., text and image files, videos, etc.)
Usage data (e.g., access data)
Meta/communication data (e.g., IP addresses)
Information that you voluntarily disclose to us based on our contractual relationships
Information related to your professional functions and activities
Information about you in correspondence and meetings between us or with third parties (e.g., via communication by phone, email, or otherwise)
Information via configuration of your user settings, access permissions for data, or other interactions with us
Registration for or participation in an event
Filling out questionnaires, support tickets, or other forms for information requests
If you do not provide us with certain personal data, this may result in the provision of the related services or a contract not being possible. We will specify the personal data that must be provided.
5. Where do the data come from
5.1. Data from you
Many of the data we process are provided by you directly (e.g., when using our website, in connection with our services for you, or communication with us). Some of this data is also automatically transmitted to us by your device. You are only obligated to disclose your data in exceptional cases. However, if you wish to enter into contracts with us or claim our services, you must provide us with certain data. Additionally, the use of our website is not possible without a minimum of data collection and processing.
5.2. Data from third parties
We may also obtain data from publicly available sources (e.g., media or the internet, including social media platforms, public registers, online research, etc.) or receive it from authorities, your employer or client who has a business relationship with us or otherwise interacts with us, as well as from other third parties (e.g., address traders, associations, contractual partners, internet analytics services). This includes data that we process in connection with contractual circumstances and project execution, as well as data from correspondence and additional communication with third parties, along with all other data categories mentioned in item 4.
5.3. Data when communicating with you and for you
In addition to personal meetings, telephone discussions, written correspondence, and email, we also use various other means of communication with you. Additionally, for you or the communication necessary for your projects, we use software and tools (SaaS) from third parties. Below are the main services we use:
5.3.1. Microsoft Office365
Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Data Protection: https://www.microsoft.com/de-de/privacy/privacystatement
Legal Basis: Legitimate interest
5.3.2. Newsletter: Brevo
Provider: Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, DE
Data Protection: https://www.brevo.com/de/legal/privacypolicy/
Legal Basis: Legitimate interest including your right to unsubscribe at any time
6. How are the data processed and used
As part of our operations, we can process various categories of personal data for different purposes. In particular, we process the personal data mentioned in item 4 about you for the following purposes:
6.1. Communication
We process personal data so that we can communicate with you and with third parties via email, phone, mail, or otherwise. This may also occur in the form of newsletters and other regular contacts (e.g., electronically, by post, by telephone). You can refuse this communication at any time or decline or withdraw your consent to this communication. In the course of communication, we primarily process the content and header data of the communication as well as your contact information, but also video and audio recordings of (video) calls. In the event of audio or video recording of the communication, we will inform you separately at the beginning, and it is up to you to let us know if you do not wish for the recording, or to end the communication or exit the call. If we need or want to establish your identity, we may collect additional data.
6.2. Activities related to contracts
In view of entering into a contract with you or your client or employer, we may particularly process your name, contact details, consent declarations, information about third parties (e.g., contact persons, third parties, project participants, etc.), contract content, and all other data that you provide to us or that we lawfully collect from public sources or from third parties.
6.3. Contract administration and project execution
We process personal data to fulfill our contractual obligations towards our contractual partners (e.g., suppliers, service providers, project partners) and in particular to provide and enforce contractual services. This also includes data processing for project management as well as data processing for enforcement of contracts, bookkeeping, and public communication. For this purpose, we specifically process data that we have received or collected in the course of acquisition and conclusion of contracts, along with data that we create in the course of rendering our contractual services or that we collect from public sources or other third parties. This data includes, in particular, conversation records, notes, internal and external correspondence, contract documents, documents that we create and receive in connection with project creation and execution, background information about you, counter parties, or other individuals, video and audio recordings, as well as other project-related information, documents, performance records, invoices, and financial and payment information. In very rare cases, we may also collect and process particularly sensitive personal data during these activities.
6.4. Operation of our websites
To operate our website securely and stably, we collect technical data such as your IP address, details about the operating system and settings of your device, the region, time, and type of use. Additionally, we may use cookies and similar technologies. Further information can be found in the corresponding section further below.
6.5. Improvement of our electronic offerings
To continuously improve our website and electronic offerings (e.g., newsletters), we collect data about your behavior and preferences by analyzing how you navigate through our websites and how you interact with our social media profiles and other electronic offerings (e.g., newsletters).
6.6. Registration
To use certain offers and services (e.g., newsletters), you must register. For this purpose, we process the data provided during the registration process. Furthermore, we may also collect personal data about you during the use of the offer or service. If necessary, we will provide you with further information regarding the processing of this data.
6.7. Security purposes and access controls
We process personal data to ensure and continuously improve the appropriate security of our IT and other infrastructure. This includes, for example, monitoring and controlling electronic access to our IT systems as well as access to our premises, analyses, and tests of our IT infrastructure, system and error checks, and the creation of backups.
6.8. Risk management and corporate governance
We process personal data as part of risk management and corporate governance. This includes, among other things, our operational organization (e.g., resource planning, employee data) and business development.
6.9. Job application
If you apply for a position with us, we process the corresponding data for the purpose of reviewing and evaluating the application, carrying out the application process, and in the case of successful applications, for preparing and concluding the corresponding contract. For this purpose, we process your contact details along with the information from the corresponding communication, as well as the data contained in your application documents, possibly including criminal record extracts, and the data that we can additionally obtain about you, e.g., from job-related social networks, the internet, the media, and references (if you consent to obtaining references). The data processing in connection with the employment relationship is regulated separately.
6.10. Other purposes
Other purposes include, for example, training and education purposes as well as administrative purposes (e.g., bookkeeping). Additionally, we may process personal data for the organization, execution, and follow-up of events, such as particularly participant lists and content of presentations and discussions, as well as video and audio recordings taken during these events. Furthermore, the protection of other legitimate interests is also included in additional purposes that cannot be exhaustively named.
7. What data is collected and processed when you visit our website
7.1. General settings and internal guidelines
7.1.1. Type and depth of data, links to service providers
The terms of use and privacy policies of the services we use may change continuously, and thus the type and depth of data collected by the service provider may also change. Therefore, we do not provide a detailed list of the data that may be collected by each service. However, we link to the respective privacy policy for each referenced service. We check the links to the respective services or their privacy policies periodically and make efforts to keep the links current. However, it may happen that individual links are no longer current. If you encounter such an outdated link, we ask you to notify us immediately.
7.1.2. Selection of service providers, server locations, Data Privacy Framework
We basically use service providers where data is stored in data centers in Switzerland or the EU, if selectable. Where data is stored in the USA, on CDN servers (and thereby globally), or in other countries, we select providers from countries with an adequate level of data protection such as Switzerland (for US providers, for example, those that fall under the data protection framework between Switzerland and the USA ["Swiss-U.S. Data Privacy Framework", "SDPF", https://www.dataprivacyframework.gov/]). Among the US service providers we utilize, we almost exclusively use those that fall under the SDPF. Their compliance with the Privacy Framework or Swiss data protection can be checked via a search mask at https://www.dataprivacyframework.gov/list.
7.1.3. Processors, DPA, SCC, level of protection
If necessary, we have entered into a data processing agreement, often based on EU standard contractual clauses (Standard Contractual Clauses, "SCC"), or a Data Privacy Addendum ("DPA") with external data processors (or the latter is often already collected through the general terms or conditions of the third-party provider as a legally valid contractual component) to ensure adequate security. The provider typically guarantees that they process the personal data outside of Switzerland and the EU according to the requirements and protection levels of Swiss and European data protection laws.
In our company, only selected employees have access to such data based on the principle of necessity. All employees who access personal data must adhere to internal rules and processes as well as possibly regulations regarding the processing of personal data to protect it and ensure its confidentiality.
7.1.4. Security, encryption (external)
We have taken appropriate technical and organizational security measures to protect your personal data that we collect when you visit the website from unauthorized, accidental, or unlawful use.
To protect the security of data transmission, we use common encryption (e.g., SSL) over HTTPS.
7.1.5. Administration
For the administration of the website on our behalf, Docmine Productions AG, Zurich, is responsible (https://www.docmine.com).
7.2. Cookies
When using our websites (including newsletters), data is generated that is stored in logs (especially technical data). Additionally, we may employ cookies and similar techniques (e.g., pixel tags or fingerprints) to recognize website visitors, evaluate their behavior, and identify preferences. A cookie is a small file transmitted between your system and the server that enables the recognition of a specific device or browser.
You can usually set your browser to automatically reject, accept, or delete cookies. You can also disable or delete cookies on a case-by-case basis or reject the setting of cookies for our website in general. How to manage cookies in your browser can be found in the help menu of your browser.
Neither the technical data we collect nor the cookies usually contain personal data. However, personal data that we or third-party providers store about you (e.g., if you have a user account with us or these providers or are still logged in to the third-party service during your visit to our website) may be linked with the technical data or with the information stored in cookies, thereby possibly linking them to your person.
7.3. Social Networks
We also utilize social media plug-ins (small software components) that establish a connection between your visit to our websites and a third-party provider. The social media plug-in informs the third party that you have visited our websites and may transmit cookies to the third party that they previously placed on your web browser. For further information on how these third-party providers use the personal data collected via their social media plug-ins, please refer to their respective privacy policies.
In addition, we use our own tools and services from third parties on our websites, particularly to enhance the functionality or content of our websites (e.g., integration of videos or maps), create statistics, and display advertising.
7.4. Personal data on our social network pages
We maintain online presences on social networks and other platforms operated by third parties and process data about you in this context. In doing so, we receive data from you (e.g., when you communicate with us or comment on our content) and from the platforms (e.g., statistics). The platform providers may analyze your usage and process this data in conjunction with other data they have about you. They also process this data for their own purposes (e.g., for marketing and market research purposes and to manage their platforms) and act accordingly as independent controllers. For further information on processing by platform operators, please refer to the privacy policies of the respective platforms.
7.5. Services of third parties used when using our website
7.5.1. Hosting & CMS
Provider: Framer B.V., Rozengracht, 1016 LZ Amsterdam, Netherlands ("Framer")
Data Protection: https://www.framer.com/legal/privacy-statement/
Legal Basis: Legitimate interest
Provider: Webflow Inc. (Delaware corporation), 398 11th Street, Floor 2, San Francisco, CA 94103, USA
Data Protection: https://webflow.com/legal/eu-privacy-policy
Legal Basis: Legitimate interest
7.5.2. Static Hosting Content (Buckets)
Provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data Protection: https://cloud.google.com/security/privacy
Legal Basis: Legitimate interest
7.5.3. Cookies: Cookie Script
Provider: Objectis Ltd., Laisves st. 60, LT-05120 Vilnius, Lithuania
Data Protection: https://cookie-script.com/legal/privacy-policy
Legal Basis: Legitimate interest or your consent, which you provide in advance and can adjust afterward.
7.5.4. Video Streaming
Provider: YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA
Data Protection: https://policies.google.com/privacy?hl=ch-DE
Legal Basis: Legitimate interest
We are entitled, but not obligated, to review content before or after publication on our online presences, to delete content without notice, and to report it if necessary to the provider of the respective platform.
7.5.5. Fonts
Provider: Google Fonts, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data Protection: https://developers.google.com/fonts/faq/privacy?hl=de
Legal Basis: Legitimate interest
8. To whom are the data disclosed
In the course of our business activities, we may disclose your personal data, for the stated purposes and as appropriate, to third parties (such as affiliated companies, authorities, suppliers, assistants, particularly self-employed freelancers or experts involved in the project both domestically and abroad, and other business partners, as well as other individuals) and to service providers that process data on our behalf (e.g., IT providers). We may also be required to disclose your personal data to meet legal or regulatory requirements. Recipients may be based in Switzerland, the EU, or any other country worldwide.
If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection (especially based on SCC or DPA) or rely on legal exceptions for consent, contract performance, establishing, exercising, or enforcing project-related claims, or overriding public interests.
9. How and how long do we store the data
The personal data we collect will only be stored as long as necessary for the execution of the contractual relationship (from acquisition to termination of a contract or project duration after rollout) or for the other purposes pursued with processing, or if there is a legal retention and documentation obligation or an overriding private or public interest, or a storage that is technically necessary (e.g., in the case of backups or document management systems). Once the personal data we have collected for the aforementioned purposes are no longer needed, they will be deleted or anonymized in accordance with our usual procedures and in compliance with our retention policies, as well as applicable law.
10. Where is the data stored
10.1. General information on data storage location
Depending on the extent of your interactions with our offerings, your personal data may be stored or accessed in multiple countries. Whenever we transfer personal data to other countries, we ensure that the data is transmitted in accordance with this privacy policy and in compliance with applicable data protection laws.
10.2. For visitors to our website
Your data is stored at the locations of our external data processors mentioned above according to the services used and relevant configuration based on necessity.
10.3. For business partners, third parties
Your data is partially stored at the locations of our external data processors mentioned above as well as, in particular, internally with us.
11. What personal rights do you have
According to Swiss law, you have the following rights:
Right to information
Request information on whether we have stored personal data about you and copies of this personal data as well as information on how it is processed;Right to amendment
Right to correct inaccurate personal data about you;Right to deletion
Right to request the deletion of personal data about you that are no longer necessary for the purposes underlying the processing and that are processed based on a revoked consent or in violation of applicable legal provisions;Limitation of processing
Right to request us to restrict the processing of your personal data if the processing is inappropriate, and to object to the processing of personal data;Right to transfer
Right to request the transferability of personal data you have provided to us;
If you wish, you can contact us at any time at the contact address we communicated. It may take up to 30 days for us to respond to your request.
If you consented to the processing of your personal data for a specific purpose, you can withdraw your consent at any time, and we will cease further processing of your data for that purpose.
11.1. Complaints and supervisory authority
If you believe that we have not complied with your complaints or concerns, you have the right to file a complaint with a relevant data protection authority.
12. Supplementary provisions
12.1. Reservation of changes
This privacy policy is not part of a contract with you. We can modify this privacy policy at any time. The version published on this website is the current version.
12.2. Legal validity, applicable language
If we provide data protection provisions in languages other than German, these are usually machine-translated; these non-German versions of the privacy policy are provided for informational purposes and better understanding only. Only the privacy policy in German is legally valid.
