ONE-KEY™ Application
Privacy Notice for Europe

 

1.     PRIVACY NOTICE

Milwaukee Electric Tool Corporation ("we" or "us" or "our") is committed to protecting and respecting your privacy.

This Privacy Notice sets out how and why we collect, store, process and share your personal data when using the ONE-KEY™ App (including the mobile device platform application and the web-enabled application (“Website”), collectively the "Application"”). We will always be transparent with you about the use of your personal data. Please note that most of the data processed in the context of your use of the Application is non-personal data. However, as we may also process your personal data, this Privacy Notice (hereinafter also “Notice”) will provide you with information about your rights in relation to your personal data.

2.     CONTROLLER

The Controller within the meaning of Art. 4 No. 7 General Data Protection Regulation (“GDPR“ means the EU GDPR or UK GDPR as applicable; “EU GDPR” means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC; "UK GDPR" has the meaning given in section 3(10) (as supplemented by section 205(4)) of the Data Protection Act 2018 of the UK.) and/or Art. 5 lit. j Federal Act on Data Protection (“FADP“) is

Milwaukee Electric Tool Corporation
13135 West Lisbon Road, Brookfield,
Wisconsin 53005,
United States.

If you have any questions regarding this Privacy Notice or your rights under it, you may also contact our Data Information Manager:

Techtronic Industries EMEA Ltd.
22 Market Street, Maidenhead, England, SL6 8AD England

Techtronic Industries ELC GmbH

Max-Eyth-Str. 10, 71364 Winnenden, Germany

 

You can also reach out to us Privacy Web Form (onetrust.com)

 

 

3.     INFORMATION WE COLLECT ABOUT YOU

We process your personal data within the meaning of Art. 4 No. 1 GDPR and/or Art. 5 lit. a FADP which includes any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly.

Generally, we process the personal data that are entered in the Application. This includes the following personal data (categories):

·       Required Profile Personal Data:

o   First name

o   Last name

o   E-mail address

·       Optional Profile Personal Data (categories) that we process if provided:

o   Phone number

o   Personal description (including Job Title and Employee ID) and photographs

·       Optional Personal Places Data that we process if provided:

o   Home base name

o   Division

o   Project/Job name

o   Project/Job number

o   Project/Job phone number

o   Project/Job photo

o   Vehicle name

o   Vehicle number

o   Vehicle make

o   Vehicle model

o   Vehicle year

o   License plate

o   Vehicle photo

The provision of optional data is voluntary and such data will only be processed if provided.

In addition, we process the following data when using the Application:

• Information about how, when and how frequently, you use your ONE-KEY™ Tools
• Information about where your ONE-KEY™ Tools have been used (if you utilize that service in the ONE-KEY™ App)
• If you have used the ONE-KEY™ App on a mobile device, we may collect your mobile device ID if you use certain features (such as Tool Reporting)
• Technical information, including the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, device types, operating system
• Information about your visit to our Website, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed, searched for or purchased, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse the Website.

4.     SOURCES OF PERSONAL DATA

We process personal data that are provided directly by you, if you are a user of Application or the personal data of the multiple users you invite/are invited to link to your account ("Multi-User" / "Multi-User Data"). The Multi-User functionality may allow users of the Application to enter and store information about other users when those other users are associated with the initial user for the purposes of linking the accounts of multiple users, and facilitating coordination and organization among a group of associated users.

Please also note that we may also process personal data about you if you were allowed to use your ONE-KEY™ Tools by an account holder (e.g. your employer or contractor) who have you added to their account ("Added User Data"). For example, if you were instructed by your employer to use their ONE-KEY™ Tool, they could potentially identify personal information about you, such as your location, your performance or working patterns through your use of their ONE-KEY™ Tool. Your employer may add such data to the Application. Please note that we are not the controller in these cases. With regard to personal data that is added or linked to a certain user account that relates to you, as an employee or natural person using a ONE-KEY™ Tool, we are the processor of the user/account holder (e.g. your employer). In case that your personal data have been added to an account (e.g. your employer’s account) by an account holder and have any further questions about how your personal data may be used, please consult the user’s privacy notice or contact the account holder directly. For the purposes of data protection laws, the user shall be a data controller of the Added User Data and we shall be a data processor. If your personal data has been added to the account of one of our account holders, please note that it is the account holder's decision to use your personal data in this way and that the account holder is responsible for demonstrating that they have the right to use your personal data. The processing activities that we carry out as a processor can still be seen in this notice as they are identical to those performed for users.

5.     HOW WE COLLECT INFORMATION ABOUT YOU AS ACCOUNT HOLDER / USER

We may collect information about you in a variety of ways including when you:

• create an account with us
• access the Application
• sign up to our newsletter

·       register your ONE-KEY™ Tool with us or register your tools for extended warranty

• contact our customer services team

·       enter one of our competitions or promotions or fill in a survey

·       engage with us on social media (for example by mentioning/tagging us or by contacting us directly)

In addition, if you use the inventory management functions of the ONE-KEY™ App, the ONE-KEY™ App will automatically collect and process data from your ONE-KEY™ Tools that are registered to your account which may contain your personal data and will include:

·       tool identification data (e.g. serial ID)

·       tool usage data (Information about the use of the tool, e.g. date/time of use begin and end, and location of the fusion, employee ID entered by the user to identify who performed the fusion)

·       tool location data (location data where the tool is used (please see below as specified in 6.1). Please note, any personal data that we collect about you (or any third party) with regards to your location (e.g. if you or an employee is with your ONE-KEY™ Tool) is ancillary to our purpose for collecting this location data to help you identify the location of your ONE-KEY™ Tool. We track your ONE-KEY™ Tools, not you!

 

6.     HOW DO WE USE YOUR PERSONAL DATA AND WHAT ARE THE LEGAL BASES?

 

6.1.  USING OUR SERVICES

Where we process your personal data as controller as described above, we may process your personal data provide for the below purposes when using our services:

How and why we use your personal data	What is our legal justification for processing your personal data
We process your personal data to properly handle your registration with the Application. We also process your personal data to properly manage your account and your registration as a user.	If you are an individual as account holder, we process your personal data based on our contractual obligations pursuant to Art. 6 (1) lit. b GDPR.
We process your personal data in connection with tool location and management services. The exact scope of the service depends on the respective ONE-KEY™ Tool you use. ONE-KEY™ Tools send out a Bluetooth signal that can be detected by nearby devices, such as cell phones. These devices associate their geo-location to your ONE-KEY™ Tool and send that data to the ONE-KEY™ App. The ONE-KEY™ App may then send you a “Notification” with your ONE-KEY™ Tool’s serial number, tool type, and geo-location. Some ONE-KEY™ Tools have an embedded GPS chip and allow to send certain data relating to the tool location and the use of the tool (e.g. GPS coordinates of the tool, identity of the user and certain profile data) to the Application. The processing of personal data serves the following purposes: generating reports about the use of the tool and enabling users to manage and track their tools and their locations.   Account holders may only access and view the Notifications associated with the ONE-KEY™ Tools registered to their ONE-KEY™ account. Only authorized users of your account can see where your ONE-KEY™ Tool is.  Your device’s (e.g. your cell phone) geo-location data and history are never stored in the ONE-KEY™ Tool itself.	We rely on our legitimate interests pursuant to Art. 6 (1) lit. f GDPR in offering helpful tool location services and enhancing operational efficiency. For UK, Swiss and EU customers the login and registration process is hosted by our affiliate company Techtronic Industries EMEA Ltd’ via their website https://www.milwaukeetool.eu/.
To provide you with the information, products and services that you request or purchase from us (i.e. to complete certain tasks, processes, and to communicate with you regarding those products and services that you purchase or request from us and respond to your questions and comments).	We rely on our contractual arrangements with you as the lawful basis in relation to an order for products and services or your use of the Application pursuant to Art. 6 (1) lit. b GDPR to the extent that the processing of your data is necessary for the performance of a contract. Alternatively, in cases where this does not apply, we rely on our legitimate interests pursuant to Art. 6 (1) lit. f GDPR in   properly responding to your request, sufficiently providing you with the relevant requested service  or in measuring customer satisfaction and troubleshoot customer issues. Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights.
When you use the Application, to provide you with the services that you have requested from us via the Application. This may include location data collected via our ONE-KEY™ Tool inventory management system when you choose to enable Bluetooth and utilize that function.
To measure how satisfied our customers are and provide customer service (including troubleshooting in connection with purchases or your requests for services or when you ask us questions on social media);
We may use your personal data to tell you about relevant products and offers ("marketing").	In general, we will only process your personal data to send you marketing messages if we have your corresponding consent pursuant Art. 6 (1) lit. a GDPR and/or Art. 3 para. 1 lit. o Swiss Unfair Competition Act ("UCA"). Depending on your consent we may share your email-address and/or phone number with our affiliate companies, especially those in your region that will contact you for relevant marketing communications. Only in cases of an ongoing customer relationship with you, where the information on goods are similar to those you have already in use and provided that you have not objected to such advertising, we may send you information on similar products and goods we think that may be interesting for you based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR and/or Art. 3 para. 1 lit. o UCA. Please note that you have the option to always opt out the receipt of the newsletter by clicking the unsubscribe link included in each newsletter email. If you opt-out you will no longer receive such information. You can also ask us to stop sending you marketing messages by contacting us at any time at the contact details set out at the top of this privacy notice.
We use Cookies, process Log data and files, use Google Analytics (including Firebase), Google Big Query and Google Tag Manager.	Please see below in Section 4.2 USE OF THE APP AND WEBSITE; COOKIES
To monitor the use of the Application and ensure that they are presented in the most effective and relevant manner for you and your device. We may use cookies to do this.	We have a legitimate interest pursuant to Art. 6 (1) lit. f GDPR to ensure that the Application works properly and that our products and services are high quality and efficient. Please see below in Section 4.2.2 Cookies.
We may record calls you make to us and will use this data for training and quality assurance purposes (where your call is recorded we will tell you in advance).	We will only record your voice upon your corresponding consent pursuant Art. 6 (1) lit. a GDPR. We use the recoding for a variety of reasons. In particular, we may use your recording based on our legitimate interests pursuant to Art. 6 (1) lit. f GDPR to review call recordings for quality control purposes.
To ensure that the personal and financial information that you provide to us is accurate	We will process your personal data to the extent it's necessary for us to comply with a legal obligation (such as if we receive a legitimate request from a law enforcement agency). If there is a legal obligation to process your personal data accordingly, we will rely on Art. 6 (1) lit. c GDPR. In other cases, we will rely on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR, in the detection of fraud or ensuring security of the Application.
To detect, investigate, report, and seek to prevent financial crime or other illegal activity
To manage risk for us and our customers.
To fulfil our legal and compliance-related obligations
We may transfer your personal data to third parties.	See below under Section 5 HOW DO WE SHARE YOUR PERSONAL DATA?

 

 

 

6.2.  USE OF THE APP AND WEBSITE; COOKIES

Additionally, we process your personal data when using the Application. If you are using the services within the EU, Switzerland and UK, the login mask (including registration) of the web-enabled application can be accessed via the website of our affiliate company Techtronic Industries EMEA Ltd. Please see https://www.milwaukeetool.eu/footer/privacy-policy/ for more information on their use of your personal data in relation to the use of their website and https://www.milwaukeetool.eu/footer/cookie-policy-en/ in relation to their use of cookies.

6.2.1.     LOG FILES

When visiting our Website, we process certain log data. Processing of log data is necessary to ensure a smooth connection to the website. We also store the log data in the form of log files to ensure the security and stability of the website.

The log data or log files include the following data: date and time of access, IP address, name and URL of the retrieved, referrer URL, used browser and, if applicable, the operating system of your computer as well as the name of the access provider.

As a rule, log files are stored for 7 days and then automatically deleted.

Processing of such data is technically necessary in order to provide you with access to the Website. We may also store such log-files in order to track and enforce any infringements relating to the security of the Website.

We process these data based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR in providing website users with proper access to the website and to ensure sufficient security of the website.

6.2.2.     COOKIES

We may use cookies or similar technologies for different purposes. For instance, we use cookies to distinguish you from other users of the Application. This helps us to provide you with a good experience when you use the ONE-KEY™ App or browse the Website and allows us to improve our services.

Cookies are small text files that are placed on your terminal device when you visit the ONE-KEY™ App or browse the Website. Cookies allow us to store certain information on the terminal device as well as access the information already stored on the terminal device (e.g. your language preference or login information). Depending on the information stored or accessed, cookies may identify the user of the Website.

Some of the cookies we use are automatically deleted at the end of the browser session, i.e. when you close your browser (so-called session cookies). Other cookies remain on your terminal and enable us to recognise your browser the next time you visit us (so-called persistent cookies).

Please note that we will only use cookies if and to the extent that you give us your consent (Art. 6 (1) lit. a GDPR), except for cookies that are essential to the proper operation of the Application and the functions and services provided thereon; such essential cookies do not require your consent and are used based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. You can withdraw your consent at any time with effect for the future by accessing the cookie settings and changing your selection there.

You can also set your browser to refuse cookies in certain cases or generally. You can delete cookies that have already been set through your browser. Please note that if you delete or refuse certain cookies, the functionality of our website may be limited.

For detailed information on the cookies we use and the purposes for which we use them please consult the Cookie settings of our cookie management tool.

6.2.3.     GOOGLE TAG MANAGER

We use Google Tag Manager on the website. Google Tag Manager is a tag management system (TMS) that allows us to update measurement codes and related code fragments (tags) in the ONE-KEY™ App and/or on the Website. The service is provided by Google LLC.

The Google Tag Manager enables us to integrate these website tags on in the ONE-KEY™ App and/or on the Website as well as to determine the actions which should be recorded. If a tag is triggered by an action, the data collected by the tag is sent to the analysis or marketing services integrated via the Google Tag Manager. The Google Tag Manager itself does not create any user profiles and does not carry out any independent analyses.

In order to be able to monitor and provide diagnostics about system stability, performance, and installation quality, Google collects aggregated data to a certain extent relating to tag firing. According to Google’s information, the aggregated data do not contain any IP addresses or measurement IDs that are linked to a specific person. Additionally, Google Tag Manager collects data in the standard HTTP request logs. These are all deleted within 14 days of receipt.

We have also activated the conversion linker in Google Tag Manager. This is a special website tag that supports the measurement of click data so that conversions can be recorded effectively. Specifically, information on click behaviour in relation to (advertising) ads is recorded and stored.

The Google Tag Manager is used on the basis of Art. 6 (1) lit. f) GDPR. As the website operator, we have a legitimate interest in the fast and uncomplicated integration and management of various tools on our website. If a corresponding consent is requested, the processing is carried out exclusively on the basis of Art. 6 (1) lit. a) GDPR.

6.2.4.     GOOGLE ANALYTICS / FIREBASE

We use Google Analytics on Application to derive from these which functions and services are of particular interest to users and how we can improve the website. To track the use of our ONE-KEY™ App we use the Firebase Analytics and an integration of Firebase into Google Analytics (see below). These services are provided by Google LLC.

When visiting the Website, your user behaviour will be recorded by way of so-called "events". Such events can include page views, first visit to the website, start of the session, your "click path", interaction with the website, scrolls (such as whenever a user scrolls to the bottom of the page (90%)), clicks on external links, internal search queries, interaction with videos, file downloads, ads viewed/clicked and language settings.

In addition, the following personal data will also be collected by Google Analytics: Your approximate location (region), technical information about your browser and the end devices you use (e.g. language setting, screen resolution, device model), your internet service provider, the referrer URL as well as identifiers for mobile devices (e.g., Android Advertising ID and Advertising Identifier for iOS).

The use of Google Analytics utilizes of cookies and similar technologies that helps us to collect information necessary to analyse your use of the Website. Such collected data will usually be transferred to Google’s server in the USA operated by Google LLC. However, Google Analytics has activated IP address anonymization by default. This means that your IP address will be generally not be stored in the full length and truncated by Google within member states of the EU or in other signatory states to the Agreement on the European Economic Area (EEA) or Switzerland before its storage. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. According to Google, the IP address will only be used solely for geo-location data derivation before being immediately discarded. It is not logged, accessible, or used for any additional use cases. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Google processes the aforementioned information for the purpose of evaluating your use of the website and compiling reports on website activity for us. The reports provided to us by Google Analytics are used to analyse the performance of the website. On this basis, we can continuously improve individual functions and services and adapt them to the needs of our users. The data collected and linked to the cookies set by Google Analytics are automatically deleted after the specified retention period has expired. Data whose retention period has been reached is automatically deleted once a month.

We may also export the data from Google Analytics to Google Big Query to query the data for advanced reporting functions. The use of Google Analytics is based on your consent pursuant to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time by deactivating the use of the service in the "Cookie settings". You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser add-on provided by Google to deactivate Google Analytics:

https://tools.google.com/dlpage/gaoptout?hl=de

Further information on Google's privacy policy can be found here:

https://policies.google.com/privacy

6.2.5.     GOOGLE FIREBASE

Complementing Google Analytics, we use Google Firebase, a cloud based platform for app developers from Google, to understand your use of the ONE-KEY™ App and to determine which functions of the the ONE-KEY™ App are of particular interest to you. It helps us to improve our the ONE-KEY™ App.

The following data are collected by Google Firebase: IP address, number of users and sessions, session duration, operating system, device model, region, first-time launch, app executions, app updates, in-app purchases, app features, networks used, time, login status, location, previous action the user took in the app before the current action, order of pages viewed, and advertising ID.

We also use the Firebase Crashlytics function to improve the stability and reliability of our app by analyzing anonymized and aggregated crash reports. Firebase Crashlytics provides us with anonymized crash reports. For this purpose, Firebase Crashlytics collects information in the event of a crash or malfunction (crash) of our app and transmits it to Google servers in the USA (state of the app at the time of the crash, installation UUID, crash trace, manufacturer and operating system of the mobile device, last log messages, time and duration of the malfunction, type of malfunction, app functions used at the time of the malfunction).

We have not activated the audiences functions. Google may therefore only use the data collected to provide us with the aforementioned usage reports.

Further information about Google Firebase and Google's privacy policy can be found under the following external links:

https://firebase.google.com/docs/analytics/

https://firebase.google.com/terms/data-processing-terms

https://firebase.google.com/terms/crashlytics-app-distribution-data-processing-terms 

https://support.google.com/analytics/answer/6004245

https://support.google.com/firebase/answer/6318039

The use of Google Analytics is based on your consent pursuant to Art. 6 (1) lit. a GDPR.

6.2.6.     AUTH0

We use the authentication service Auth0 to authenticate users in the Application. Auth0, acting as our processor, is provided by Auth0, Inc. and allows us to manage and store your sign-in credentials in relation to your ONE-KEY™ App account. In order to be able to identify you, Auth0 processes your personal data such as your email address, IP address, device information, and your unique Auth0 ID.

The Auth0 ID will serve as your unique identifier and allows to authenticate you as user. Your personal data is processed solely for authentication purposes, ensuring account security, and preventing unauthorized access. The legal basis for processing is our legitimate interest in the secure and efficient provision of our services, especially to ensure that user authentication processes are secure and protected against unauthorized access, Art. 6 (1) lit (f) GDPR.

Upon your consent pursuant to Art. 6 (1) lit. a GDPR, we will export the Auth0 ID to Google Analytics for the above-mentioned analytical purposes.

 

7.     HOW DO WE SHARE YOUR PERSONAL DATA?

In order for us to provide our products and services to you, we share your personal data with our trusted third party service providers or our group companies, as detailed below. Whenever we share your personal data, we put safeguards in place which require these other organizations to keep your data safe and to ensure that they do not use your personal data for their own marketing purposes unless you have given us your consent to do so. We will never sell your personal data to a third party.

·       To fulfil orders for products and services:

We work with a number of trusted service providers who carry out services on our behalf and act as a processor under Art. 4 No. 8 GDPR and/or Art. 5 lit. k FADP. These service providers have previously been obligated by us to comply with data protection (Art. 28 GDPR, Art. 9 FADP). When you purchase products and services from us, the services provided by these service providers includes website and database hosting and delivery. We may transfer your data with these service providers since we may not have the capabilities to provide these services ourselves.

·       Other professional services:

We may need to disclose your personal data to our insurers where we believe that it is required under our contractual relationship with our insurance provider to do so based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR.

We work with carefully selected third parties, such as our customer database hosting provider, marketing agencies and advertising partners who assist us in providing you with a positive customer experience. To the extent that they act as processors these service providers have previously been obligated by us to comply with data protection (Art. 28 GDPR, Art. 9 FADP). Where they act as controllers, we have ensured that there is a proper legal basis for each data transfer.

In addition, if you use our services in Europe, your data will be processed by AWS which hosts our services in Europe on our behalf.

As described, we will also transmit your personal data to Google LLC and Auth0, Inc.

·       To prevent and detect crime or otherwise comply with laws:

There may be scenarios where we are subject to a legal obligation pursuant to Art. 6 (1) lit. c GDPR to share or disclose your personal data, such as with law enforcement agencies or public authorities in order to prevent or detect crime or fulfil a legal requirement.

·       International group data processing and group structure:

Our group shares various operations and business processes. We may share your personal data with any member of our group to fulfil our contracted obligations to you (Art. 6 (1) lit. b GDPR), or because it is in our legitimate interests to do so (Art. 6 (1) lit. f GDPR) or based on another applicable legal basis.

To provide you with a satisfying user support, we ensure that you will have a local contact person in your region. To do so may transfer your account-related data to the respective local entity, which will assist you locally. Depending on the action carried out the local entity will either act as our processor or as controller.

Further, the login mask (including registration) will be accessible over the website of our affiliate company in your region. We will process your IP address based on Art. 6 (1) lit. f GDPR to redirect you to the website in your region. For instance, if you are using the services within the EU, Switzerland and UK you may login over the website of our affiliate company, TTI EMEA Ltd. TTI EMEA Ltd. will act as our processor.

In addition, if you use our services in Europe, your data will be processed by Techtronic Industries ELC GmbH, our group company who hosts our services in Europe on our behalf.

Similarly, whilst we are based in the USA, we may share your data with a group company of ours local to you in your territory in order to make sure that we only send you marketing about our products and services that are available in your local territory based on your prior consent under Art. 6 (1) lit. a GDPR.

We may also share your personal data if the make-up of our group changes in the future, for example: We may choose to sell, transfer, or merge parts of our business, or our assets, or we may seek to acquire other businesses or merge with them. During any such process, we may share your data with other parties to the extent necessary based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. We will only do this if they agree to keep your data safe and private.

8.     SECURITY

We take the security of your personal data very seriously. We have implemented various strategies, controls, policies and measures to keep your data secure and keep these measures under close review. We use a series of administrative, logical, physical and managerial measures to safeguard your personal information against loss, theft, and unauthorized access, use, and modification.

9.     TRANSFER OF YOUR DATA OUTSIDE OF EUROPE

We are based in the USA and collect and process your personal data there to the extent necessary. However, if you have registered an account in ONE-KEY™ in Europe and EMEA or Switzerland, your personal data will be stored in data centres within the EEA that are operated by our service provider Amazon Web Services, Inc. (“AWS”). Your personal data will then be held and processed on servers in Europe. Only to the extent necessary we might take access to the data. In such scenarios, the data will be transferred to the USA to the extent necessary.

We may also transfer your personal data to Google LLC, Auth0, Inc and Amazon Web Services, Inc., in the USA.

Whenever we onward transfer your personal information out of the EU, the EEA, the UK or Switzerland the transfer will be based on a data transfer mechanism under Art 44 et seq. GDPR and/or Art. 16 et seq. FADP. A transfer to a third country will only take place in compliance with the applicable data protection regulations, in particular the guarantee of an adequate level of data protection.

If you would like further information please contact us on the contact details set out in Section 2.

10.  HOW LONG WILL WE KEEP YOUR PERSONAL DATA

We will only retain your personal data for as long as is necessary for the purposes described in this privacy notice. We will also retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We have a retention policy in place which we keep under review taking into account our reasons for processing your personal data and the legal basis for doing so.

You can delete your account at any time by contacting our Data Information Manager at either address listed in Section 2 above. In such a case we will delete your personal data, except cases where we are legally obliged to keep them.

11.  OBLIGATION TO PROVIDE PERSONAL DATA

When using the Application, we may ask you to provide us with the personal data necessary for providing certain functionalities. Please note that without these personal data, we may not be able to offer you the functionalities of the Website and/or Service. However, there is no legal or contractual obligation to provide us with your personal data when using the Application.

12.  YOUR RIGHTS

You have the following rights vis-à-vis us with regard to your personal data:

 

-      Right of access (Art. 15 GDPR, Art. 25 FADP),

-      Right to rectification (Art. 16 GDPR, Art. 32 para. 1 FADP)

-      Right to erasure (Art. 17 GDPR, Art. 32 para. 2 lit. c FADP),

-      Right to restriction of processing (Art. 18 GDPR, Art. 32 para. 2 lit. a FADP),

-      Right to data portability (Art. 20 GDPR, Art. 28 FADP).

 

Where we process your personal data on the basis of your consent, you have the right to withdraw your consent pursuant to Art. 7 (3) GDPR and/or Art. 30 para. 2 lit. b FADP. Please note that your withdrawal has only affects for the future.

As far as your personal data is processed for the purpose of our legitimate interest pursuant to Art. 6 (1) lit. f GDPR, you have the right to object to the processing according to Art. 21 GDPR and/or Art. 32 para. 2 lit. b FADP. You can find further information on your right to object in accordance with Art. 21 GDPR below.

You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR, Art. 49 FADP) about the processing of your personal data by us.

 

Information about your right to object in accordance with Art. 21 General Data Protection Regulation (GDPR) You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you on the basis of Art. 6 para. 1 lit. f GDPR (processing of personal Data based on a balancing of interests); this includes profiling based on those provisions (Art. 4 No. 4 GDPR). Should you decide to object the processing, we will stop to process personal data concerning you, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the purpose of establishment, exercise or defense of legal claims. You also have the right to object at any time to processing of personal data concerning you for the purpose of advertising; this also applies to profiling insofar as it is associated with advertising (if any). Should you decide to object to the processing for advertising purposes, we will stop to process personal data concerning you for these purposes. The objection is not subject to any form. Ideally, it should be lodged via email at the bodies mentioned in Section “2 CONTROLLER”.

 

In order to exercise the aforementioned rights, you can contact the bodies mentioned in Section “2 CONTROLLER”.

13.  CHANGES TO OUR PRIVACY NOTICE

We may update our privacy notice from time to time. Any changes we may make to our privacy notice in the future will be posted on this site. We may also email you if we have your email address. Please check back frequently to see any updates or changes to our privacy notice.

This privacy notice was last updated on 07/03/2025.