Effective as of November 13, 2019
1.1. We understand the importance of protecting your privacy and personal data and commit a lot of effort to developing and maintaining high standards of internal security measures and technologies to provide you with secure processing and storage of the data we collect from you; and keep your data safe against unauthorized or unlawful processing and against accidental loss, destruction or damage.
2.1. Personal information refers to the “information or an opinion, whether true or not, and whether recorded in a material format or not, about an identified individual, or an individual who is reasonably identifiable”. Any information or opinion that may lead to the reasonable inference to the identity of an individual may be considered personal information.
3. PERSONAL DATA WE COLLECT AND OBJECTIVE
3.1. When you use the Site or the App, we may collect and further process the following categories of data:
3.1.1. Information requested during the interaction with the Site that identifies you, for example, your name, etc.
3.1.2. Information, which we may collect through automated means. Through your use of the Site and its tools or the App, we also monitor and collect tracking information related to usages such as access date & time, device identification, operating system, browser type and IP address. This information may be obtained directly by the Company or through third party services.
3.1.3. Contact information, i.e. email address, etc
3.1.4. Information necessary to provide the Service, i.e. pictures, 3D models.
3.2. We do not collect any information that may identify you without your permission.
3.3. We may use Google Analytics or similar services on our technology platform. If you want to know more about Google Analytics and its “do not track” policy, please visit the respective site (for instance, https://www.google.com/analytics/terms/us.html).
3.4. We do not intend to solicit or collect personal information from anyone under the age of 13 or under the legal age in your country if it is higher. If you are under 13 or are not of legal age in your country, do not enter any personal information on the Site. In case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.
3.6. We may collect and process the abovementioned data to fulfil our contractual and/or legal obligations before you.
3.7. The App does use third-party services that may collect information used to identify you.
3.8. We collect your personal information directly from you and indirectly as a result of your relationship with us. The Company may use the information collected from you to verify your identity and contact information, and contact you with the information provided, among other reasons. This information also helps us to improve our services for you, customize your experience and inform you about additional products, services or promotions that may be of interest to you. You directly provide us with the majority of the information we collect.
3.10. You provide us with this information by using the Site or the App, by sending us an email or by submitting information in response to a promotion or special offer. The information we may collect indirectly from you includes your Internet protocol ("IP") address, browser type, operating system, Internet service provider (ISP) and time stamps. Should you suspend your interactions with us, the Company will retain your information, but may only use it to comply with regulatory requirements and to periodically contact you to offer you the opportunity to participate in other offers.
3.11. In case of an error in the App we collect data and information (through third party products) on your phone called Log Data. This Log Data may include information such as your device IP address, device name, operating system version, the configuration of the app when utilizing our Service, the time and date of your use of the Service, and other statistics.
4. PROCESSING YOUR PERSONAL DATA
4.1. Your personal data may be received and processed:
4.1.1. by the Company within our inner systems of processing, which complies to technical and organizational measures in a manner that meets applicable requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “Regulation”) and security standards;
4.1.2. by outsource service providers and processors who access and use the data only to the extent required to perform the obligations subcontracted to them by the Company (hereinafter – ‘Subprocessors’);
4.1.3. by third-party services used by the App.
4.2. Those Subprocessors perform tasks on our behalf and are contractually obligated not to disclose or use collected information for any other purposes than storage, help in the facilitation of technical aspects of our services or perform functions related to the administration of services (collection and analysis) or other indicated under contractual closes.
4.4. If such Subprocessors are outside of Swiss Confederation or the European Union or European Economic Area, the processing of personal data is done or will be done in accordance with applicable laws.
4.5. Subprocessors remain fully liable for all obligations subcontracted to them, and for all their acts and omissions. The Company is not responsible in the event that information is disclosed as a result of a breach or security lapse at any such Subprocessors, or for such Subprocessors' non-compliance with the foregoing requirements.
5. INCIDENTS NOTIFICATION
5.1. If the Company becomes aware of any breach of our security leading to the accidental or unlawful destruction, loss, alteration or unauthorized disclosure of, or access to (excluding unsuccessful attempts or activities) your personal data on systems managed or otherwise controlled by us, we will notify you promptly and without undue delay compliant with the procedure prescribed under respective Regulation.
5.2. The notification will be made to your email address at the discretion of the Company or by other direct communication available to the Company and allowed by you (for example, by phone or email). It is your sole responsibility to provide us with the email address and ensure that this email address is valid and current.
5.3. Any notification from the Company may not be and will not be construed as an acknowledgment of any fault or liability with respect to data incident by us.
6. YOUR SECURITY COMMITMENTS
6.1. You agree that without prejudice to our security measures and data incidents that it is your responsibility to make appropriate use of the Site and the App to ensure a level of security appropriate to the risk in respect of your personal data and securing your authorization credentials, system and devices which you use to access our Service.
6.2. It’s your responsibility to keep your phone and access to the app secure. We therefore recommend that you do not jailbreak or root your phone, which is the process of removing software restrictions and limitations imposed by the official operating system of your device.
6.3. We are not obliged to protect your personal data that you choose to store or transfer outside the Company and our Subprocessors’ systems.
7. YOUR RIGHTS IN RESPECT TO YOUR PERSONAL DATA
7.1. Under the Regulation, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us via email designated in Section 10. In certain circumstances, you have the following rights in relation to your personal data:
7.1.1. Right of access
You have the right to obtain from us information as to whether your personal data is being processed, and, where that is the case, access to such personal data. You may access and amend your personal data, request the details about purposes of processing of your personal data and prevent undesirable marketing by opting-out. If you wish to opt out of marketing, use ‘unsubscribe’ option available at our emails.
7.1.2. Right to withdraw consent
When we rely on your consent for the processing of your personal data, you have the right to withdraw your consent at any time. However, the withdrawal of your consent will not affect the lawfulness of the Company’s processing based on consent before your withdrawal.
7.1.3. Right to rectification
We will use reasonable endeavors to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by sending us a request to rectify your personal data where you believe the personal data we have is inaccurate or incomplete.
7.1.4. Right to restriction of processing
You have the right to ask us to stop processing your personal data at any time.
7.1.5. Right to erasure
Asking us to delete all of your personal data will result in the Company deleting your personal data without undue delay (unless there is a legitimate and legal reason why we are unable to delete certain of your personal data, in which case we will inform you of this). Asking us to stop processing your personal data or deleting your personal data may mean that you will no longer be able to use our Site.
7.1.6. Right to data portability
You have the right to request that the Company provides you with a copy of all of your personal data and to transmit your personal data to another data controller in a structured, commonly used and machine-readable format, where it is technically feasible for us to do so and the processing is based on consent or contractual performance.
7.1.7. Right to complain
Although we encourage our customers to engage with us in the event they have any concerns or complaints, you have the right to lodge a complaint to a supervisory authority.
7.1.8. Right to object automated processing
You have the right not to be subject to a decision based solely on automated processing of your personal data, including profiling, which produces legal or similarly significant effects on you. There may be exceptions or limitations to this right as defined under relevant data protection laws. We will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above, however, if you make excessive, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests. When you request us to rectify or erase your personal data or restrict any processing of such data, we may notify third parties to whom such personal data has been disclosed of such request. However, such a third party may have the right to retain and continue to process such personal data in its own right, for example, to enable it to comply with its own legal obligations.
7.1.9. Right to make a request
You may also send a request to receive the information which is being processed, amended, deleted or locked and information about any parties to which we transmit your personal data.
7.2. In some cases, we may charge a fee (based on our reasonable costs) if the requests are excessive considering the nature of the request itself or nature and functionality of our services.
8. COOKIE AND SIMILAR TECHNOLOGIES
9. SHARING PERSONAL INFORMATION WITH THE COMPANY AFFILIATES AND NON-AFFILIATED THIRD PERSONS
9.1. The Company does not sell, license, lease or otherwise disclose your personal information to any affiliate or third party for any reason, except as described below. The Company may share information with affiliates if the information is required to provide the product or service you have requested or to provide you the opportunity to participate in the products or services our affiliates offer.
9.2. To help us improve our services to you, we may engage another business to help us carry out certain internal functions, such as processing, fulfilment, client service, client satisfaction surveys or other data collection activities relevant to our business. We may also provide a non-affiliated third party with your information from our database, including your name and/or email address, to help us analyze and identify your needs, notify you of product and service offerings or conduct general marketing and market research for us.
9.3. We may employ third-party companies and individuals for the following purposes:
9.3.1. To facilitate our Service;
9.3.2. To provide the Service on our behalf;
9.3.3. To perform Service-related services; or
9.3.4. To assist us in analyzing how our Service is used.
9.4. The Company also forges partnerships and alliances with non-affiliated third parties that offer high-quality products and services that might be of value to you. In order to ensure that these products and services meet your needs and are delivered in a manner that is useful and relevant, the Company may share some personal information with these non-affiliated third parties.
9.5. We always require that all non-affiliated third parties to which we provide your non-public personal information agree to keep your information confidential and use such information solely for the limited purpose for which we have engaged them, or as otherwise required by law. In addition, where offers are made to you by non-affiliated third parties, we always require that they disclose that the offer is being extended because of your relationship with us. We also seek to ensure that these non-affiliated third parties maintain appropriate data security procedures to guard against unauthorized use of, or access to, your personal information.
10. THE SECURITY OF YOUR PERSONAL INFORMATION
10.1. We employ security software, systems and procedures to offer you a safe and secure working environment and to protect your personal, financial information. On our Site we may use technology to encrypt information transmitted by or to you.
10.2. We endeavor to protect the privacy of your personal information we hold in our records. At the same time, we kindly ask you to remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user data at any time.
12. CONTACT DETAILS
12.2. Independent EU Data Protection Authority: The European Data Protection Supervisor
Mailing address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
Phone: +32 2 283 19 00