CYBERCRYPT Switzerland GmbH (“us”, “we”, “our” or “CYBERCRYPT”) operates the following websites:
together referred to as the “Services”
This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Services and the choices you have associated with that data.
CYBERCRYPT is the data controller of the personal data we collect and process on you and you will find our contact details below.
The data we collect, the purpose and the lawful basis
If you wish to contact us via the Services, we may ask you to provide information on your name, e-mail, telephone number, the organization you represent and your position, your request to us and other information you may choose to provide. The purpose is to reply to your request and to generally communicate with you and the organization you represent in relation to our product and services.
The legal basis for the processing is our legitimate interest in replying to requests from users of our Services and communicating with you and providing you with the best possible Service as well as to market our products to the organization you represent, c.f. GDPR art. 6(1)(f).
When you register for our services and products
We collect information about your name, which organization you represent, your email address and phone number, method of payment, information on which services and products you buy on behalf of the organization that you represent and other information you choose to provide us with.
The purpose with the processing is to deliver the services and products you have ordered and to perform the contract we have entered into with the organization you represent, and to communicate with you, respond to inquiries and to provide you and the organization you represent with the best possible Service, including to take into account special wishes and needs as well as to give us the preconditions to offer the organization you represent relevant products and marketing.
The legal basis for the processing is to perform the contract and to deliver the services and products that have been purchased, c.f. GDPR art. 6(1)(b) and to pursue our legitimate interest in communicating with you and to provide you with the best possible Service as well as to market our products to the organization you represent, c.f. GDPR art. 6(1)(f).
When you subscribe to our newsletters and request to receive other marketing material, including electronically, we collect information about your name, email address, which company you represent and your consent to receive direct marketing. The purpose of the processing is to send you newsletters and to pursue our legitimate interest in sending you marketing material. The legal basis for the processing is GDPR art. 6(1)(f).
We will only send you e-marketing if you have specifically requested us to receive such e-marketing.
The purpose is to pursue our legitimate interest in optimizing user experience, to improve the function of the Services and to show you relevant offers and advertising. The legal basis for the processing is the consent you provide at your first visit to the Services cf. the GDPR") art. 6(1)(a).
Information collected with strictly necessary cookies used to enable core functionality such as security, network management, navigation and accessibility is based on our legitimate interest in ensuring the accessibility and security of our Services c.f. GDPR art. 6(1)(f).
The data we collect and process on you – as specified above may also be processed if necessary, for the following purposes:
- To comply with a legal obligation to which we are subject
- To protect and defend the rights or property of CYBERCRYPT
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- For the establishment, exercise or defense of legal claims
The legal basis will be our obligation to comply with legal obligations to which we are subject, cf. GDPR art. 6(1) c) or our legitimate interest to pursue these purposes c.f. GDPR art. 6(1)(f) as we have found after completing a balancing of interest test that the described activity does not infringe your interests and fundamental rights and freedoms.
Transfer of Data
In other situations, we will only share your data with third parties if necessary, to comply with legal obligations to which we are subject or necessary to fulfill the purposes as stated above.
Your information may be processed by our external business partners that process Personal Data on our behalf. We use external business partners for inter alia technical operations and improvement of the Services, analysis, distribution of newsletters as well as targeted advertising. These companies are data processors and are under our instruction and process data that we are data controllers for. Data processors may not use Personal Data for other purposes than to fulfil the agreement with is and are under a duty of confidentiality with regard to such data. We have entered into written data processor agreements with all data processors that process Personal Data on our behalf.
Transfers out of EEA
CYBERCRYPT is established in Switzerland and, thus not directly subject to the GDPR. The EU Commission has decided that Switzerland ensures an adequate level of protection to allow for transfers of personal data from the EU.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- We may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protection to personal data shared between Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.
Information collected for the purposes of communication or providing our services and products will normally be deleted within 3 years from the end of our communication or the end of our contract.
Information collected about your feedback on our newsletters is deleted when you withdraw consent to receiving our newsletters.
Documentation on your consent to receive direct marketing will be stored for 2 years in order to document that we have not violated the law by sending you marketing material.
Information collected about your use of the Services is deleted no later than when you have not used the Services for 18 months.
The information may be kept for a longer period, i) if we have a legitimate interest in storing the information for a longer period, ii) if it is necessary to establish, exercise or defend a legal claim, or iii) if the storing is necessary to comply with legal obligations.
Under certain circumstances, you have rights under the data protection laws in relation to your personal data:
Right of access: You are entitled at any time to request information on inter alia the information we have registered about you, which purposes the registration serves, the categories of Personal Data and recipients of Personal Data there might be as well as information on where the data stems from. You also have the right to receive a copy of the Personal Data that we process about you.
Right to rectification: You have the right to have inaccurate Personal Data about you rectified by us.
Right to erasure: Under certain circumstances you have the right to have all or some of your Personal Data erased, for example if you withdraw your consent and we do not have another legal basis enabling us to carry on with the processing.
Right to restrict the processing to storage: Under certain circumstances you have the right to restrict the processing of your Personal Data to only consist of storage, for example if you are of the opinion that the information, we process about you is inaccurate.
Right to object: You have the right to object to our processing of your Personal Data when used for direct marketing purposes. You can unsubscribe from our newsletter and direct marketing via links provided in newsletters. You also have the right to object, on grounds relating to your particular situation, to the processing of your Personal Data that is based on our legitimate interests.
Right to withdraw consent: You have the right to withdraw a consent you have given to us for a specific processing activity at any time.
Right to complain: You have the right to submit a complaint to Datatilsynet, Carl Jacobsens Vej 35, 2500 Valby, on our processing of your Personal Data. The complaint can inter alia be sent via email to firstname.lastname@example.org .
Links to Other Sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
- By email: email@example.com
- By phone number: +45 53 73 74 00
- By mail: CYBERCRYPT Switzerland GmbH, Hegibachstrasse 47, 8032 Zurich, Switzerland, Reg. No. CHE-228.574.065