Enotrac – Privacy policy

This Privacy Policy explains how we process personal information that we collect from our existing and prospective customers, partners, suppliers and other mail contacts when they use Enotrac services, visit our events or premises or use our websites, apps, platforms and services that are subject to this Privacy Policy (our “Services“). This is not an exhaustive description; other privacy policies or general terms and conditions and similar documents may govern specific matters.

This privacy policy is subject to Swiss law. Because the European General Data Protection Regulation (“GDPR”) must also be observed for certain forms of data processing, this privacy policy is also aligned with the GDPR. However, whether and to what extent the GDPR or other data protection laws are applicable depends on the individual case.

In the context of this Privacy Policy, “Enotrac” stands for Enotrac AG and is also referred to as “we”, “us” or “our” in this notice. Where Enotrac UK Ltd is also referred to, this will be explicitly stated.

Table of contents

1           Responsible person and data protection officer

2           Information collected and its intended use

2.1        Answering customer enquiries

2.2        Event management

2.3        For contract fulfilment

2.4        New customer acquisition

2.5        Marketing communication

2.6        Payment information

2.7        Operation of the website

2.8        Cookies and other technologies

2.9        Social Media

2.10      Improvement of our offers

2.11      Security purposes

2.12      Legal and regulatory requirements and other business purposes

2.13      Job applications

2.14      Data security

2.15      Other purposes

3           Legal basis for the use of your personal information

4           How we share your information

4.1        Within Enotrac

4.2        Outside Enotrac, with our partners and third parties

5           How we protect your information

6           Assertion of your rights

7           Storage of your information

8           Changes to this privacy policy

1. Responsible person and data protection officer

Unless otherwise communicated in individual cases, the controller is responsible for data processing:

Enotrac AG

Seefeldstrasse 8

CH-3600 Thun

Tel: +41 33 346 66 11

info@enotrac.com

Please send any questions or comments about this privacy policy or enquiries about data protection to datenschutz@enotrac.com

2. Information collected and its intended use

When you use our services, visit our website or deal with us otherwise, we process various categories of your personal data. In principle, we may process this data for the following purposes in particular:

  • To provide, maintain, protect and optimise the products, services and information offered;
  • to communicate and process enquiries (e.g. via contact forms, e-mail, telephone, online job applications, media enquiries, contact via business cards);
  • to improve your user experience and the overall quality of our services;
  • to analyse and evaluate website activities;
  • for the purpose of advertising and marketing (including the organisation of events and functions), provided you have consented/not objected to the use of your data. If we send you advertising from us as an existing customer, you can object to this at any time and we will then place you on a blacklist against further advertising mailings;
  • to comply with legal or other regulatory requirements and internal regulations;
  • for the establishment, exercise and/or defence of actual or potential legal claims, investigations or similar proceedings;
  • for internal administrative purposes;
  • to monitor and improve system security;
  • for other legitimate purposes, if this processing is evident from the circumstances or was indicated at the time of collection.

We will explain in more detail below how we use the information we collect in these circumstances.

Enotrac does not process special categories of personal data (sensitive data) of external persons.

2.1 Answering customer enquiries

Your personal data is processed so that we can respond to enquiries and help identify users. For example, the content of the communication, your contact details and the marginal data of the communication are collected if you wish to be called back or fill out a contact form for this purpose. This data can then also be used in the future for identification or for enquiries.

2.2 Event management

We collect your data for your registration for an event of interest to you in order to send you the relevant materials for such events:

For example, depending on the type of event, we collect your name, your business telephone numbers (mobile and landline), contact details for sending information that is necessary for this purpose.

2.3 For contract fulfilment

In order to support your business and fulfil our contractual tasks and obligations with you, we may need to collect, store and process personal data. For example, to fulfil orders and provide services, communicate with you and third parties via various media, arrange appointments, obtain information from third parties, organise repairs, etc. For this purpose, we process in particular your name, contact details, declarations of consent, information about third parties (e.g. contact persons), contract content, creditworthiness data and all other data that you provide to us or that we collect from public sources or third parties (e.g. commercial register, credit agencies, etc.).

2.4 New customer acquisition

We do not purchase customer data from third parties. Only customer data that is provided in a project or by other customers in relation to a service is taken into account.

We process and store all personal data that you send us in the context of e-mail enquiries (e.g. name, address, e-mail address, telephone number, etc.) in order to carry out the contact requested by you and to maintain customer relations. We only use this personal data in the case of enquiries and only within our company. This data is not passed on to third parties unless this is necessary to fulfil the contract. Further personal data is only collected if you provide information voluntarily as part of an enquiry. This data will be stored by us until your written request for deletion.

2.5 Marketing communication

We may use your personal data for marketing purposes and to inform you about other products and services that may be of interest to you and your company (e.g. in the form of newsletters and other regular contacts (electronically, by post, by telephone), via other channels for which we have contact information from you, but also as part of individual marketing campaigns (e.g. occasions and events, etc.). You can refuse such contacts at any time or refuse or revoke your consent to be contacted for advertising purposes.

2.6 Payment information

We process or store all information that is necessary for proper and legally compliant payment transactions and our accounting system. Payment information may also be stored and processed by the banks and payment institutions involved and by our fiduciary company for accounting purposes. As a rule, all payment information does not contain any personal data unless requested by the customer, e.g. as reference information. This information is stored for at least as long as required by law.

2.7 Operation of the website

In order to operate our website securely and stably, we collect technical data such as IP address, information about the operating system and settings of your end device, the region, the time and type of use. We also use cookies and similar technologies.

2.8  Cookies and other technologies

Cookies and similar technologies (e.g. web beacons) are small pieces of data that are used to store technical and/or personal information, identify users of a service and enable certain functions.

The “session cookies” used on the Enotrac website are only stored in the main memory of the browser, which means that they are lost again when the browser is closed. Visitor data that must be stored persistently during a session is, for example, form data so that it can be displayed again in the event of incorrect input. This data is also deleted at the latest when the form is sent.

Visitors are informed about the use of cookies on the website with a global notice that can be hidden.

You can prevent the storage of cookies by setting your browser software accordingly or deactivate the corresponding cookies by changing your privacy settings in our cookie banner; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

We currently sometimes use Google Analytics or similar services on our website. This is a service provided by third parties, which may be located in any country in the world (in the case of Google Analytics, it is Google Ireland (based in Ireland), Google Ireland relies on Google LLC (based in the USA) as a processor (both “Google”), with which we can measure and analyse the use of the website (not personalised). Permanent cookies set by the service provider are also used for this purpose. In Google Analytics 4, the anonymisation of IP addresses is activated by default. This means that the IP addresses of visitors to Google in Europe are truncated before being forwarded to the USA and cannot be traced back. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google may use this data for its own purposes to draw conclusions about the identity of visitors, create personal profiles and link this data to the Google accounts of these persons. You can object to the collection of data by Google Analytics with effect for the future by installing a deactivation add-on for your browser. If you have registered with the service provider yourself, the service provider also knows you. The processing of your personal data by the service provider is then the responsibility of the service provider in accordance with its data protection provisions. The service provider only informs us how our website is used (no information about you personally).

At present, we may in particular use offers from the following service providers, whereby their contact details and further information on the individual data processing operations can be found in the respective privacy policy:

  • Services provided by Microsoft: Operator of the IT operating infrastructure; Service provider: Microsoft Corporation (USA) and Microsoft Ireland Operations Limited (Ireland); Data protection information: “Data protection at Microsoft”, “Data protection (Trust Centre)”, “Privacy Policy”; Data processing agreement: “Microsoft Products and Services Data Protection Addendum (DPA)”; Basis for third country transfers: Data Privacy Framework (DPF), standard contractual clauses “Microsoft Products and Services Data Protection Addendum (DPA)”.
  • Google services: Web analytics and reach measurement; Service provider: Google LLC (USA) and Google Ireland Limited (Ireland); Data protection information: “Privacy and security principles”, “Privacy policy”, “Privacy policy for Google products”, “Types of cookies and other technologies used by Google”, “Personalised advertising” (activation / deactivation / settings)”; Data processing agreement: “Data processing terms for Google advertising products”; Basis for third country transfers: Data Privacy Framework (DPF), standard contractual clauses “Data processing terms for Google advertising products”.
  • Services of tapni.com: We use the Tapni platform to manage our electronic business cards. If you submit your business card to us electronically or in paper form, we store this data in the Tapni database. You can also assert your rights as a data subject under the Data Protection Act against us at any time for this data. Information on Tapni’s GDPR-compliant data protection can be found at www.tapni.com.

2.9 Social Media

We are present on social media platforms and other online platforms in order to communicate with interested parties and to provide information about our activities and operations. If you visit one of these online platforms, personal data may be transmitted to the provider of the social network. We would like to point out that user data may also be transmitted to a server in a third country and may therefore be processed outside Switzerland or the European Economic Area.

Furthermore, user data is generally processed within the social media platforms for market research and advertising purposes. For these purposes, cookies are usually stored on the users’ computers, in which the usage behaviour and interests of the users are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

For a detailed description of the respective forms of processing and the opt-out options, please refer to the data protection provisions and information provided by the operators of the respective platforms. There you can also find out in which countries they process your data, which rights of access, erasure and other rights of data subjects you have and how you can exercise these or obtain further information.

2.10 Improvement of our offers

In order to continuously improve our website and other offers, we collect data about your behaviour and preferences, for example by analysing how you navigate through our website and how you interact with our social media profiles.

2.11 Security purposes

We may also process your personal data for security purposes. We continuously review and improve the appropriate security of our IT and other infrastructure (e.g. buildings). We therefore process data e.g. for monitoring, controls, analyses and tests of our networks and IT infrastructures, for system and error checks, for documentation purposes and as part of backup copies.

2.12 Legal and regulatory requirements and other business purposes

Sometimes we need to process your personal data in order to comply with applicable laws and regulations, for example if we need to report suspected fraud.

Your information may also be processed for other business purposes, including in the course of negotiations, contract formation and fulfilment, managing accounts and records, supporting corporate social responsibility or for legal, regulatory and internal investigations.

2.13 Job applications

If you apply for a job with us, we process the relevant data for the purpose of reviewing the application, carrying out the application process and, in the case of successful applications, for the preparation and conclusion of a corresponding contract. In addition to your personal details, education, work experience and skills, we process the usual correspondence data such as e-mail address and telephone number. In addition, all documents submitted by you in connection with the application, such as CV and certificates, will be processed. This data will only be stored, analysed, processed or forwarded internally as part of your application. Data processing in connection with the employment relationship is the subject of a separate privacy policy.

2.14 Data security

Your data is secured by suitable technical, physical and organisational measures so that it is protected against loss and unlawful processing, in particular unauthorised access. These security measures include IT and network security solutions, encryption of data carriers and transmissions, access controls and restrictions, issuing of instructions, confidentiality agreements and controls. We regularly review our security measures and adapt them to the state of the art. We also oblige our processors to take appropriate security measures. However, security risks cannot generally be completely ruled out; residual risks are unavoidable.

2.15 Other purposes

We may process your data for other purposes, e.g. as part of our internal processes and administration. These additional purposes include, for example, training and education purposes, administrative purposes (such as the management of master data, accounting and data archiving and the testing, management and ongoing improvement of IT infrastructure), the protection of our rights (e.g. to enforce claims in court, in or out of court and before authorities in Switzerland and abroad or to defend ourselves against claims, for example by preserving evidence, conducting legal investigations and participating in court or official proceedings) and the evaluation and improvement of internal processes. The protection of other legitimate interests is also one of the other purposes, which cannot be listed exhaustively.

3. Legal basis for the use of your personal information

Enotrac only processes your personal information if there is a legal basis for doing so.

The legal basis will depend on the purposes for which the personal data is collected and used as set out above. In almost all cases, the legal basis will be one of the following:

  • Enotrac’s legitimate business interests: When it is necessary for Enotrac to process or acquire projects, distribute or maintain products and services.
  • Contract fulfilment: If you have ordered or requested products or services from us and we need to use your contact details to process your order and deliver products or services.
  • Compliance with legal requirements: Where Enotrac is subject to legal obligations and needs to use your contact details to comply with those legal obligations.
  • Consent: For example, when you sign up for our newsletter and other marketing communications. You can withdraw your consent at any time.

4. How we share your information

4.1 Within Enotrac

We restrict access to personal data to Enotrac AG and Enotrac UK Ltd personnel who need to know this information to fulfil their day-to-day work.

4.2 Outside Enotrac, with our partners and third parties

We may also disclose your personal data to third parties within the scope of our business activities and purposes, insofar as this is permitted and appears appropriate to us, either because they process it for us (commissioned data processing) or because they wish to use it for their own purposes. This applies in particular to the following parties:

  • Enotrac’s affiliated companies for their own use in connection with the sale or optimisation of Enotrac’s products and services;
  • Suppliers or other subcontractors with whom we have a business relationship and who provide products and services to us so that we can provide services to you (e.g. partners who provide storage and delivery, maintenance and service, software development, website hosting, networking tools and website management);
  • External service providers who generate marketing campaigns and sales leads and conduct market studies on our behalf;
  • Payment processing companies, companies that provide credit reports and anti-fraud service providers (to combat fraud) in order to process payments and carry out fraud screenings;
  • With our consultants for commercial, financial or legal advice;
  • In exceptional cases, we may pass on personal data to offices, courts and other authorities in Germany and abroad if we are legally obliged or authorised to do so or if this appears necessary to protect our interests;
  • We may also disclose your personal data to other persons if the involvement of third parties results from the purposes set out in section 3.

We use suppliers and service providers located around the world. As a result, your personal data may be processed in countries outside your country of residence (even if you live in Europe), potentially in countries where you may have fewer rights in relation to your personal data than under your local legislation. If we transfer personal data outside Switzerland or the European Economic Area to a country that does not have an adequate level of data protection, we will ensure that your data is protected with appropriate security measures (e.g. by agreeing EU standard contractual clauses, other safeguards or on the basis of justification).

5. How we protect your information

Your personal data will be stored on secure servers and will not be used for purposes other than those set out in this Privacy Policy. The servers that Enotrac uses to store this data are only accessible to authorised employees and Enotrac ensures that appropriate security measures are in place.

Unfortunately, data transmissions over the Internet or data storage systems are not always 100 per cent secure. If you have reason to believe that your interaction with us is no longer secure, please notify us immediately using the contact details provided.

6. Assertion of your rights

You have the following rights within the framework of the data protection law applicable to you and to the extent provided for therein:

  • The right to request information from us as to whether and which of your data we process;
  • the right to have us correct data if it is incorrect;
  • the right to request the deletion of data;
  • the right to demand that we hand over certain personal data in a commonly used electronic format or transfer it to another controller;
  • the right to withdraw consent where our processing is based on your consent;
  • the right to object to the processing of your data, in particular for the purposes of direct marketing, profiling for direct marketing and other legitimate interests in processing;
  • the right to receive, upon request, further information necessary for the exercise of these rights;
  • the right to express your point of view on automated individual decisions and to request that the decision be reviewed by a natural person.

You also have the right to enforce your claims in court or to lodge a complaint with the competent data protection authority.

Please send any questions, correction or cancellation requests by e-mail to Enotrac:

E-mail address: datenschutz@enotrac.com

Please note that conditions, exceptions or restrictions apply to these rights (e.g. if we are obliged to store or process certain data, have an overriding interest in doing so (insofar as we are authorised to rely on this) or need it to assert claims). We will inform you accordingly if necessary.

7. Storage of your information

Enotrac will only retain your personal data for as long as necessary to fulfil the purposes outlined in section 2 of this Privacy Policy and in accordance with the applicable statutory retention and limitation periods. We may also keep a record of correspondence with you (e.g. if you have a complaint about a product or our services) for as long as necessary to protect us from a legal claim. If we no longer need your personal data, we will delete it.

Enotrac will not delete any personal data if it relates to an active business relationship or a product or service you have expressly requested.

8. Changes to this privacy policy

We expressly reserve the right to amend or change this privacy policy at any time. The version published on our website shall apply.

Last modified: 3th May 2024