Privacy Policy

Last updated: 10.11.2021

1.    Introduction

With this Privacy Policy, we will inform you about which personal data will be processed by us as well as the purposes for which, how and where it is processed, in connection with WiseHi. With this Privacy Policy, we will additionally inform you about the rights of persons whose data we process.

To individual or additional offers and services, special, additional, supplemental or other privacy policies as well as other legal documents, e.g. terms and conditions of use, may apply.

Our offer is subject to the Swiss data protection laws as well as any other applicable foreign data protection laws, in particular those of the European Union (EU), i.e. the General Data Protection Regulation (GDPR). The European Commission has recognised that the Swiss data protection law guarantees suitable data protection.

1. Processing of personal data

1.1 Terminology

The term personal data refers to all information regarding an identified and identifiable person. An affected person is a person whose personal data is processed. The term processing includes anyhandling of personal data, irrespective of the applied means and processes, in particular the storage, notification, acquisition, collection, deletion, saving, modification, destruction and use of personal data.

The European Economic Area (EEA) includes the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) refers to the handling of personal data as processing of personal data.

1.2 Legal bases

We process personal data in connection with Swiss data protection laws, in particular the Federal Act on Data Protection (FADP) and Ordinance to the Federal Act on Data Protection.

Insofar as the General Data Protection Regulation (GDPR) is applicable, we shall process the following personal data in accordance with at least one of the following legal provisions:

  • Article 6, section 1 lit. b GDPR for the necessary processing of personal data for the fulfilment of a contract with the affected person as well as for the implementation of pre-contractual measures.
  • Article 6, section 1, lit. f GDPR, for the necessary processing of personal data in order to protect the legitimate interests of us or any third parties, insofar as the basic freedoms and basic rights as well as the interests of the affected persons do not predominate. Our legitimate interests are, in particular, our interest in providing our offer on a permanent, user-friendly, secure and admissible basis, as well as in advertising it if necessary, in the information security, the protection against misuse and unauthorised use, the implementation of our own legal claims and compliance with Swiss law.
  • Article 6, section 1, lit. c GDPR, for the necessary processing of personal data for the fulfilment of the legal obligations to which we are subject in accordance with any applicable law of the member states of the European Economic Area (EEA).
  • Article 6, section 1, lit. e GDPR, for the necessary processing of personal data for the fulfilment of a task which is of public interest.
  • Article 6, section 1, lit. a GDPR, for the processing of personal data with the agreement of the affected person.
  • Article 6, section 1, lit. d GDPR, for the necessary processing of personal data to protect the vital interests of the affected person or another natural person.

1.3 Type, scope and purpose

We shall process personal data which is necessary to provide our offer in a permanent, user-friendly, secure and admissible manner. Such personal data may be classified as stock data, contact data, browser and equipment data, content data, meta and/or marginal data and user data, location data, sales data, contract data and payment data.

We shall process personal data for the duration necessary or legally required for the fulfilment of the corresponding purpose and/or the corresponding purposes. Any personal data which no longer needs to be processed shall be anonymised or deleted. Any persons whose data we process are generally entitled to a right of deletion.

We shall generally only process personal data with the agreement of the affected person, unless such processing is admissible for other legal reasons, e.g. for the fulfilment of a contract with the respective person or for the corresponding pre-contractual measures, in order to preserve our predominant legitimate interests, since the processing is obvious from the circumstances given or upon prior information.

In this framework, in particular, we shall process information which an affected person has transmitted to us on a voluntary basis, for instance by means of mail, email, the contact form, social media or by phone or through the registration for a user account. For instance, we may store such information in an address book, in a customer relationship management system (CRM system) or by comparable means. If you transmit any third-party personal data to us, you are obliged to observe strict data protection provisions towards such third parties and to ensure the correctness of such personal data.

Additionally, we shall process personal data which we receive by third parties, obtain from publicly accessible sources or collect during the provision of our services, insofar and to the extent that such processing is legally admissible.

1.4 Processing of personal data by third parties, including abroad

We may have personal data processed by commissioned third parties or together with third parties as well as by means of third parties or transmitted to third parties. Such third parties are, in particular, providers whose services we use. We guarantee a suitable level of data protection even with such third parties.

Such third parties are generally located in Switzerland or in the European Economic Area (EEA). However, such third parties may also be located in other states and territories or elsewhere in the universe insofar as their data protection laws according to the assessment of Federal Data Protection and Information Commissioner (FDPIC) and, insofar as the General Data Protection Regulation (GDPR) is applicable, according to the assessment of the European Commission guarantees suitable data protection or if suitable data protection can be guaranteed for other reasons, e.g. based on standard contractual clauses or a corresponding certification. In exceptional cases, such third party may be located in a country without appropriate data protection levels provided that the applicable data protection requirements, e.g. the express agreement of the affected person, are fulfilled.

2. Rights of affected persons

Affected persons whose personal data is processed by us shall have the rights in accordance with the Swiss data protection laws. These include the right to information as well as the right to correction, deletion or blockage of the processed personal data.

Affected persons whose personal data is processed by us may – insofar and to the extent that the General Data Protection Regulation (GDPR) is applicable

    – demand free of charge a confirmation as to whether we process their personal data and, if yes, information on the processing of their personal data, have the processing of their personal data restricted, enforce their right of transferability of data and have their personal data corrected, deleted (“right to be forgotten”), blocked or completed.

Affected persons whose personal data is processed by us may, insofar and to the extent that the GDPR is applicable, revoke a granted authorisation at any point in time with future effect and shall always be entitled to raise an objection to the processing of their personal data.

Affected persons whose personal data is processed by us are entitled to file an objection at their competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

3. Data security

We implement suitable and appropriate technical and organisational measures to guarantee data protection and, in particular, data security. However, the processing of personal data online can always have safety gaps despite such measures. Therefore, we are unable to guarantee absolute data security.

Access to our online offer is made by means of transport encryption (SSL / TLS, in particular with the hypertext transport protocol secure, abbreviated to HTTPS). Most browsers mark transport encryption by means of a padlock in the address bar.

Access to our online offer is - like any type of internet usage in general - subject to unfounded and suspicion-independent mass monitoring or other form of monitoring by the security authorities in Switzerland, in the European Union (EU), in the United States of America (USA) and in other countries. We cannot directly impact the corresponding processing of personal data by secret services, police offices and other security authorities.

4. Use of the website

4.1 Cookies

We may use cookies for our website. The term cookies, including our own cookies (first-party cookies) as well as cookies by third parties whose services we use (third-party cookies), refers to data which is stored in your browser. Such stored data does not have to be restricted to conventional cookies in text form. Cookies may not implement small programmes or transmit malware, such as trojans or viruses.

Cookies may be temporarily stored in your browser as “session cookies” or as permanent cookies for a specific period when you visit our website. “Session cookies” will be deleted automatically once you close your browser. Permanent cookies have a specific storage period. In particular, they enable the recognition of your browser when you visit our website again and thus e.g. measure the reach of our website. However, permanent cookies may also be used e.g. for online marketing.

You are always able to wholly or partially deactivate and delete cookies in your browser settings. Without cookies, however, our website may no longer be comprehensively available. We kindly ask you to actively provide your express agreement to the use of cookies, insofar as and to the extent required.

4.2 Server log files

For each individual access to our website, we may record the following information provided that it is transmitted by your browser to our server infrastructure and can be detected by our web server: date and time, including time zone; internet protocol (IP) address; access status (HTTP status code); operating system, including user interface and version; browser, including language and version; opened individual sub-pages of our website, including the transferred data volume; the last website opened in the same browser window (referer and/or referrer).

We save this information, which may also represent personal data, in server log files. This information is necessary for us to be able to provide our online offer on a permanent, user-friendly and reliable basis and to ensure data safety and thus, in particular, the protection of personal data, including via third parties or with the help of third parties.

4.3 Tracking pixels

We may use tracking pixels on our website. Tracking pixels are also designated as web beacons. Tracking pixels, including of third parties whose services we use, are small, usually invisible images, which are called up automatically when visiting our website. With tracking pixels, the same information as in server log files can be collected.

5. Notifications and messages

We send notifications and messages, e.g. newsletters, via email and via other communication channels, such as instant messaging.

5.1 Success measurement and reach measurement

Notifications and messages may include weblinks or tracking pixels which record whether an individual message has been opened and which weblinks have been clicked. Such weblinks and tracking pixels may record the use of notifications and messages, including personal data. We need these statistical records for success and range measurements, to provide notifications and messages based on the needs and reading habits of the recipients in an effective and user-friendly as well as permanent, secure and reliable manner.

5.2 Agreement and objection

In principle, you are required to expressly agree to the use of your email address and other contact data unless such use is admissible for other legal reasons. To the agreement to the receipt of emails, if possible, we apply the “double opt-in” procedure, i.e. you will receive an email with a weblink which you will have to click for confirmation in order to exclude any misuse by unauthorised third parties. We may log such agreements, including the internet protocol address (IP) as well as the date and time, for reasons of evidence and security.

In principle, you can unsubscribe from notifications and messages, e.g. newsletters, at any point in time. This shall not include notifications and messages which are urgently required for offering our services. By unsubscribing, in particular, you can object to the statistic collection of use data for success and reach measurement.

5.3 Service providers for notifications and messages

We send notifications and messages via third-party services or by means of service providers. Here, cookies may also be used. We guarantee a suitable level of data protection even with such services.

6. Social media

Users of social media platforms are able to log-in to and/or register to our online offer with their respective user account (“social login”). The corresponding terms and conditions of the respective social media platforms, e.g. the general terms and conditions, the terms and conditions of use or the privacy policies, shall apply.

7. Third-party services

We use third-party services to be able to provide our offer in a continuous, user-friendly, secure and reliable manner. Such services are used to embed contents in our website. Such services, e.g. hosting and storage services, video services and payment services, require your internet protocol (IP) address since they are otherwise unable to transmit the corresponding contents. Such services may be located outside of Switzerland and the European Economic Area (EEA), provided that a suitable level of data protection is guaranteed.

For their own safety-relevant, statistic and technical purposes, third parties whose services we use may also process data in connection with our offer as well as from other sources, in an aggregated, anonymised or pseudonymised manner, among others with cookies, log files and tracking pixels.

7.1 Digital infrastructure

We use third-party services to be able to use the necessary digital infrastructure for our offer. This includes, for instance, hosting and storage services offered by specialised providers.

7.2 Contact options

We use third-party services to better communicate with you and other persons, such as users. We guarantee a suitable level of data protection even with such third parties.

7.3 Payments

We use payment service providers to securely and reliably handle payments by our users. To the handling of such payments, the terms and conditions of the corresponding payment service provider, e.g. the general terms and conditions or privacy policies, shall apply.

In particular, we use Stripe for handling payments. Stripe is a service provided by the U.S. company Stripe Inc.; Stripe Payments Europe Ltd. is responsible for users in the European Economic Area (EEA), the United Kingdom and Switzerland. Additional information regarding the type, scope and purpose of data processing in connection with Stripe can be found in the ”Stripe Privacy Center”, in the “Global Privacy Policy”, and in the “Cookie Policy”.

7.4 Success and reach measurement

7.4.1 Google Analytics

We use Google Analytics to analyse how our website is used; here, for example, we are also able to measure the reach of our website and the success of third-party links to our website. This is a service provided by the US company Google LLC. The Irish Google Ireland Limited is responsible for users in the European Economic Area (EEA) and in Switzerland.

Google tries to also record individual users of our website if they use different browsers or devices(cross-device tracking). Here, cookies are used. For Google Analytics, your internet protocol (IP) address is also necessary but is not combined with other Google data.

In any case, we will have your internet protocol (IP) address anonymised before the analysis by Google. As a result, your complete IP address will generally not be transferred to Google in the US.

Additional information with respect to the type, scope and purpose of data processing can be found in the general data privacy and security principles and in the data privacy statement by Google, in the guidelines on the data protection in Google products (including Google Analytics), in the information on how Google uses data from websites on which Google services are used and in the information on cookies at Google. Additionally, there is an option of using the ”browser add-on for deactivating Google Analytics” as well as of objecting to personalised advertising.

7.4.2 Hotjar

We use Hotjar to analyse how our website is used. Hotjar enables us to record the behaviour of our website visitors, for example with respect to movements and mouse clicks as well as with another input option. Here, cookies and other technologies are used to record the user behaviour and information, such as the monitor size, the anonymised internet protocol (IP) address and the approximate location (country). Hotjar is a service provided by Hotjar Ltd. in Malta and stores the recorded data in a pseudonymised user profile, according to them.

Hotjar and we do not make any reference to individual users of our website. The recorded data is neither used to identify individual users nor combined with other data regarding individual other users. Additional information on the type, scope and purpose of data processing can be found on the site ”Privacy by Design”, on the page ”Cookie Information” and in the data privacy statement by Hotjar. Additionally, there is an option of raising an objection against the recording by Hotjar.

8. Final provisions

We can adapt and supplement this Privacy Policy at any point in time. We will inform you about such adaptations and supplements in a suitable manner, in particular by publishing the corresponding current data privacy statement on our website.

9. Contact

Please send your feedback, comments, requests for technical support:

By email: support@wisehi.ai.