Aumico Logo

Privacy policy

Status: 01.09.2023

Introduction

Data protection is a matter of trust and your trust is important to us. We respect your privacy and personal sphere. The responsible and legally compliant handling of personal data is of great concern to us, aumico AG, Hardturmstrasse 161, 8005 Zurich, Switzerland ("aumico", "we", "us" and the like). We process personal data at all times in compliance with applicable law, in particular Swiss data protection law and, where applicable, the General Data Protection Regulation of the European Union (EU GDPR).

This Privacy Policy ("Policy") describes the way in which we process your personal data (i) when we provide you with services or you use our services (see Part A, General Privacy Policy) and (ii) when you visit our website or use services as a customer via our website and our online platform (together "Online Services") (see Part B, Online Privacy Policy).

This declaration shall form an integral part of the contract between you and us if it is listed in the relevant contract as an integral part of the contract. If this is the case and if contradictions arise between the contents of this declaration and the provisions of the relevant contract or the General Terms and Conditions (GTC), the provisions of the latter documents shall take precedence over the contents of this declaration.

In addition to this statement, other terms of use, general terms and conditions (GTC) and privacy statements may apply.

A. General privacy policy

1. responsibility

Responsible for the data processing described in this privacy policy is aumico.

2. categories of personal data

Personal data are all data and information relating to an identified or identifiable natural person.

In connection with the provision of our services and your use of the services, we process different categories of personal data from you such as:

  • Contact and identification data as well as (work) organization data such as first name, last name, business and/or private address, business and/or private e-mail address, business and/or private telephone number, country, company, area, department, function, responsibility, signing authority and customer number.
  • Personal information such as language.
  • User account information such as username and password.
  • Contractual and financial data such as type of contract, content of contract, type of services, applicable terms and conditions, start of contract, term of contract, remuneration claims, invoice and payment data as well as financial data contained in the annual invoices generated via our online platform.
  • Interaction and usage data such as correspondence, customer preferences, type and extent of use of services, customer service information such as complaints and information from the assertion of rights, and feedback.
  • Information regarding use of online services such as frequency of visits, date, time and duration of visits, pages visited, search terms, clicks on content, originating website, information in contact and feedback forms, social media profiles, ratings and comments submitted, IP address, information about the end devices used (end device type, device ID, manufacturer, operating system, language, device settings, MAC address, etc.), cookie information and browser settings.

As a rule, there is no legal or contractual obligation to disclose personal data. However, we will have to collect and process personal data that is required for the establishment and processing of a contractual relationship. Otherwise, we will not be able to conclude or continue the contract in question. Inevitably, we will also process certain data when you use our online services. The logging of certain data (but usually not personal data) cannot be prevented for technical reasons.

Under certain circumstances, you may want or need to transfer personal data of third parties to us or grant access to them. We would like to point out that in this case you are obliged to inform the persons concerned (e.g. employees) about this declaration and its contents, to obtain the consent of the persons concerned if necessary and to ensure the accuracy of the personal data concerned.

 3. purposes of processing

We process your personal data for the following purposes:

  • Processing of orders and contracts: This includes, in particular, the provision and performance of our services, the maintenance of customer databases (including management of customer accounts), the administration and maintenance of the customer relationship, invoicing, the verification of your data, customer communication and the operation of our technical infrastructure.
  • Credit assessment: This includes, in particular, determining the creditworthiness of our customers so that our employees can check offer restrictions or special payment terms in individual cases.
  • Collection: This includes, in particular, the assertion of claims and the judicial enforcement of outstanding debts.
  • Service quality: This includes, in particular, measures to ensure the quality of our services and safety, as well as technical troubleshooting and fault elimination.
  • Customer support: This includes, in particular, answering questions and concerns, assisting with technical matters, delivering information (e.g., about new services or events) and providing general customer services (e.g., via e-mail, telephone, SMS or by means of other forms of electronic communication).
  • Marketing: This includes the delivery of general and tailored advertising based on your customer segment or customer profile and offers on our services and the services of selected business partners.
  • Further development of our products and services: This includes in particular the evaluation, improvement, further and new development of services, products, functions and customer interfaces, quality control and improvement of customer support, analysis and evaluation of the use of our online services to improve user-friendliness as well as statistical evaluation of customer behavior on the basis of anonymized customer data.
  • Combating misuse: This includes in particular the detection, prevention and elimination of misuse of our services or infrastructure.
  • Compliance with legal requirements: This includes, in particular, compliance with applicable laws and regulations or responding to requests from the competent courts and authorities and asserting, exercising or defending legal claims.

4. legal bases of processing

The processing of personal data requires a legal basis. aumico relies on the legal bases of contract performance, legal obligation and/or the exercise of a legitimate interest when processing your personal data. In detail, this is as follows:

Processing purpose

Data categories

Legal basis

Processing of orders and contracts

  • Contact and identification data as well as (work) organization data
  • Personal data
  • User account information
  • Contract and financial data
  • Interaction and usage data
  • Information regarding the use of online services

Contract fulfillment

Credit check

  • Contact and identification data as well as (work) organization data
  • Contract and financial data

Legitimate interest in reducing losses due to unpaid invoices

Collection

  • Contact and identification data as well as (work) organization data
  • Personal data
  • Contract and financial data

Legitimate interest in the enforcement of remuneration owed and compliance with legal provisions

Service quality

  • Contact and identification data as well as (work) organization data
  • User account information
  • Contract and financial data
  • Interaction and usage data
  • Information regarding the use of online services

Legitimate interest in customer satisfaction, competitiveness and compliance with Swiss legislation

Customer support

  • Contact and identification data as well as (work) organization data
  • User account information
  • Personal data
  • Contract and financial data
  • Interaction and usage data
  • Information regarding the use of online services

Legitimate interest in customer satisfaction, competitiveness, and regulatory compliance

Marketing

  • Contact and identification data as well as (work) organization data
  • Personal data
  • Contract and financial data
  • Interaction and usage data
  • Information regarding the use of online services

Legitimate interest in the implementation of marketing measures

Further development of our products and services

  • Contact and identification data as well as (work) organization data
  • Personal data
  • Contract and financial data
  • Interaction and usage data
  • Information regarding the use of online services

Legitimate interest in customer satisfaction and competitiveness

Abuse Prevention

  • Contact and identification data as well as (work) organization data
  • Personal data
  • Contract and financial data
  • Interaction and usage data

Legitimate interest in preventing damage and complying with legal regulations

Compliance with legal requirements

  • Contact and identification data as well as (work) organization data
  • Personal data
  • Contract and financial data
  • Interaction and usage data
  • Information regarding the use of online services

Legal obligation and legitimate interest in legal compliance

5. disclosure of personal data and categories of data recipients

We may disclose your personal data to recipients such as service providers within the aumico group and other third parties such as shareholders/investors, business partners, service providers or authorities, in compliance with legal requirements. These include:

  • Service providers (within and outside the aumico group): We may disclose your personal data to service providers that we engage in the course of our business to perform customer-related, IT-related or administrative tasks on a contractual basis, such as IT service providers (software and hosting providers, maintenance and support service providers, etc.), sales and cooperation partners, consultants (such as lawyers), banks and marketing service providers (e.g. for sending newsletters and for other marketing measures). Such disclosure or access is generally limited to those personal data that are necessary for the provision of services by these service providers.
  • Third parties in the course of fulfilling legal obligations: We may disclose your personal information to third parties when necessary or appropriate or as deemed appropriate to comply with or verify compliance with applicable laws and regulations and to respond to requests from competent authorities to whom we are required to provide information about you and your personal information in accordance with applicable laws and regulations.
  • Collection service providers: We may process your personal data for the purpose of engaging collection service providers and make it available to these service providers.
  • Third parties in the context of combating misuse: We may disclose your personal data to third parties in connection with indications of unlawful use of services or obtain such data from third parties if this is appropriate for the purpose of detecting, preventing or eliminating fraudulent or misuse of services from aumico or third parties.
  • Other companies of the aumico group: We may share your personal data within the aumico group for internal group administration purposes and with our shareholders/investors within the scope of our legitimate interests.

6. cross-border processing of personal data in countries outside the EU/EEA (third countries)

aumico may also be dependent on products and services from foreign manufacturers, suppliers and subcontractors who access personal data on our systems or process it at their foreign locations in the course of fulfilling their orders from abroad.

Accordingly, the recipients of your personal data listed in section 5 may be located abroad and also outside the EU/EEA. The countries in question may not have laws that protect your personal data to the same extent as in Switzerland or the EU/EEA (so-called third countries). If we transfer your Personal Data to such a country, we will ensure its protection in an appropriate manner, for example by entering into data transfer agreements based on the contracts approved, issued or recognized by the European Commission (so-called standard contractual clauses). Please contact us via the contact options listed in Part C, Section 1, if you would like a copy of our data transfer contracts.

In exceptional cases, transfers to countries without adequate protection are permitted, for example, within the scope of the EU GDPR based on explicit consent, for the performance of a contract with the data subject or to process your contract request, for the conclusion or performance of a contract with someone else in the interest of the data subject, or for the assertion, exercise or defense of legal claims.

Please note that personal data processed for our own marketing purposes may be stored on servers of service providers abroad on a contractual basis and may be processed for the purpose of designing advertising campaigns on our behalf.

7. further processing of personal data for marketing purposes

As described above, we also process personal data from you for marketing purposes. We make the following further statements in this regard:

Extracting and sharing information from data analytics (smart data):

By using data analysis procedures, we obtain statistical and analytical information (data products), which we use for our own evaluations and sell commercially to other companies of the aumico Group (incl. shareholders/investors) or third parties such as business partners in anonymized, i.e. non-personal, form.

Any further use of such data, if required by law, will only take place with your additional consent.

Personal data obtained from third parties:

For marketing purposes, we may also obtain personal data from data providers (e.g. address dealers). For the same purposes, we may obtain data from third party website operators and online networks such as browsing behavior on third party websites and interests.

Provision of data for third-party advertising marketing:

With your separate consent, you allow us to make your personal data processed by us for marketing purposes available to advertising marketing companies on the basis of an identification number without personal reference and in aggregated form for the purpose of target group-based advertising.

In addition, we may provide advertising marketing companies with information about you in aggregate form, which may be linked by those advertising marketing companies to information from your use of a website or online service of partners of the advertising marketing companies' network. For this purpose, we use your IP address, which we receive from the respective partners of the advertising marketing network.

aumico does not disclose your identity to advertising marketing companies or partners of advertising marketing networks. The parties involved are obliged to refrain from and prevent the establishment of a personal reference.

Right to object:

You have the option at any time to object to (i) the receipt of advertising and the processing of your data for marketing purposes and/or (ii) the provision of your data for third-party advertising marketing. In this case, no personal data will be obtained or processed for this purpose. The personal data already obtained and merged for this purpose will be deleted within five working days.

Please refer to the relevant provisions in Part B with regard to preventing the processing of personal data collected and processed via our online services.

8. Technical and organizational measures

We have taken appropriate technical and organizational measures to protect your personal data (in particular access and misuse by unauthorized third parties) and to ensure data security commensurate with the risk, and have also agreed such measures with the third parties we have engaged (see section 5 above).

B. Online Privacy Policy

1. general

We process personal data from you that you provide to us, for example, as part of the conclusion of a contract, as part of an order or when participating in surveys or competitions and the like (e.g. your contact details such as name, telephone number, address or e-mail address and other details). In addition, when you visit our online services, we register and process information such as pages accessed, files downloaded, date and time of visit, IP address, browser type and version, operating system used and host name of the accessing end device.

We use cookies in our online services in accordance with the explanations in section 3 of this declaration so that you can use our online services properly. In addition, we only use cookies if you have consented via the cookie popup that is displayed when you visit our online services. With your consent, we use cookies in particular for statistical and analytical purposes, to personalize our online services and to personalize our advertising on third-party websites as well as visitor recognition of customers.

 2. online platform

As a customer, you have the possibility to access our online platform with your login, to use services provided via it and to manage personal data and view information in it. If you have logged in to our online platform, we may link your online usage data, such as the way you use the online platform and the services provided via it or the data you disclose to us via the online platform, with other customer data that we collect and process in connection with your use of our services and process it for the provision of the services and functions in the online platform, for marketing purposes and for the evaluation, improvement and new development of services and functions. This is also possible after you have logged out of the online platform.

3. cookies

So-called cookies are used on our online services. Cookies are small files that are stored on your computer or mobile device when you visit or use one of our online services. Cookies store certain information and settings about your browser and data about the exchange with the relevant online service via your browser. When a cookie is activated, it is assigned an identification number (cookie ID) by which your browser is identified and the information contained in the cookie can be used. In particular, the following types of cookies are used:

  • Essential cookies: Essential cookies (also called absolutely necessary cookies) enable essential core functions of the Online Services such as user login and account management. Without the essential or absolutely necessary cookies, the Online Services cannot be used properly.
  • Marketing cookies: Marketing cookies are used to follow visitors and users on online services and to identify them between different online services. These cookies can be used to profile interests or serve relevant ads on other online services.
  • Performance cookies: Performance cookies collect information about how you use our online services. These cookies cannot be used to directly identify a specific visitor.
  • Functional cookies: Functional cookies (also called preference cookies) are used to store visitor information on the online services, e.g. language, region or time zone.
  • Cookies from external media

Most of the cookies used are temporary session cookies that are automatically deleted from your computer or mobile device at the end of the browser session. In addition, permanent cookies are also used. Depending on the type of cookie, the permanent cookies remain stored on your computer or mobile end device for between one month and ten years after the end of the browser session and are automatically deactivated after the programmed time.

Cookies record usage information such as the date and time of accessing our online services, the name of the Internet page visited, the IP address of your computer or mobile device, and the operating system used. Cookies also provide information, for example, about which of our online services you visit and from which website you came to our online services. Likewise, we can use cookies to track which topics you research on our online services.

The cookies or related technologies stored on your computer or mobile device may also originate from other companies within the aumico group or independent third parties such as advertising partners or internet service providers (collectively "Partner Companies").

These cookies enable our partner companies to target you with individualized advertising and measure its impact. The cookies of the partner companies also remain stored on your computer or mobile device for between one month and ten years and are automatically deactivated after the programmed time has expired.

The partner companies only receive access to data based on an identification number (cookie ID). This is online usage information such as which of our online services you have visited and which content you have used.

The list of cookies used on our online services can be found in our cookie popup.

4. web analysis tools

In order to obtain information about the use of our online services and to improve our offer, we use web analysis tools. These tools are mostly provided by a third-party provider. As a rule, the information collected for this purpose about the use of our online services is transmitted to the third-party provider's server through the use of cookies. Depending on the third-party provider, these servers may be located abroad.

We also use so-called re-targeting technologies on our online services. This allows us to target users of our online services with advertisements on third-party websites as well. The display of advertisements on Internet pages is based on cookies in your browser, a cookie ID and an analysis of previous usage.

5. prevention of cookies and web analysis tools

Most Internet browsers accept cookies by default. However, you can set your browser to not accept cookies, to accept only certain cookies, or to notify you each time before accepting a cookie from an online service you visit. You can also delete cookies on your computer or mobile device by using the appropriate function of your browser. Instructions on how to prevent cookies through browser settings can be found at the following link: allaboutcookies.org/ge

In addition, you have the option to adjust your consent to the use of cookies on our online services via cookie popup.  

If you choose not to accept our cookies or the cookies and tools of our partner companies, you will not see certain information on our online services and will not be able to use some features designed to enhance your visit.

6. social plugins

We also use so-called social plugins from social networks on our Internet pages. The plugins are recognizable by the logo of the respective social network.

All plugins used are set up in the 2-click process. This means that the respective plugins are only activated when you click on the provider's icon.

When you call up a page of our website that contains an activated plugin, your browser establishes a direct connection to the servers of the respective provider. The content of the plugin is transmitted directly to your browser by the respective provider and integrated into the page. By integrating the plugins, certain information is transmitted to and stored by the third-party provider.

If you are not a member of the corresponding social networks, there is still the possibility that they learn and store your IP address via the social plugin. If you are logged into one of the social networks, the third-party providers can directly assign the visit to our website to your personal profile in the social network. If you interact with the plugins, for example by clicking a corresponding button, the corresponding information is also transmitted directly to a server of the third-party provider and stored there. The information will also be published in the relevant social network in your respective profile and displayed there to your contacts. The purpose and scope of the data collection and the further processing and use of the data by the third-party providers, as well as your rights in this regard and setting options for protecting your privacy, can be found in the privacy notices of the third-party providers.

If you would like to prevent the social network providers concerned from assigning the data collected via our website to your personal profile on the respective social network, you must log out of the corresponding social network before visiting our website. You can also completely prevent the loading of the plugins with specialized add-ons for your browser, such as "NoScript"(http://noscript.net/) or "Ghostery"(https://www.ghostery.com/).

7 Third-party services used by us in detail

Upon request, we will provide you with a list of the third-party services used on our online services (including web analytics tools, social plugins and other services such as Google Maps, OpenStreetMap, Google Tag Manager, Vimeo and YouTube). To do so, please contact us via the contact options listed in Part C, Item 1.

C. General

1. contact

If you have any questions or concerns, you can contact us as follows:

Via contact form: aumico.io/contact
By e-mail: hello@aumico.ch
By phone: +41 71 571 89 70
By mail: aumico AG, Hardturmstrasse 161, 8005 Zurich, Switzerland

You can contact the data protection officer or data protection advisor of aumico as follows:

By email: privacy@aumico.io
By mail: aumico AG, Chris Zurbrügg, Hardturmstrasse 161, 8005 Zurich, Switzerland

You can contact aumico 's data protection representative in the European Union for questions related to EU data protection law as follows:

By email: info@datenschutzpartner.eu
By mail: VGS Datenschutzpartner UG, Am Kaiserkai 69, 20457 Hamburg, Germany

2. duration of retention of personal data and deletion/anonymization

We store and process your personal data for as long as is necessary to achieve the purpose for which it was collected or as long as is required or permitted by law. For example, we have a legitimate interest in storing your personal data for as long as it is subject to a retention obligation or the storage is necessary for reasons of evidence or security. Afterwards, your personal data will be deleted from our systems or anonymized so that you can no longer be identified.

3. making personal data available through aumico

In the course of providing our services, we provide you with Personal Data about you and, where applicable, other individuals (e.g., employees of your company or employees of your company's customers). If (i) we conclude that the provision of certain personal data to you and your subsequent processing of such personal data violates legal or regulatory requirements, or if (ii) a data subject, a supervisory authority or another competent authority (e.g. a court) objects to the provision of all or certain personal data to you, we reserve the right to cease or temporarily suspend the provision of the relevant personal data. This may mean that in such a case you will no longer be able to use our services or will only be able to use them to a limited extent. We will inform you in such a case.

4. your rights

You have, to the extent provided for in the scope of applicable law (including the EU GDPR) and subject to the conditions set forth in applicable law, the following rights with respect to the processing of your personal data:

  • Right to information: You have the right to obtain confirmation from us as to whether we are processing personal data about you and, if so, to request information about the processing of your personal data. This information includes, in particular, details of the purpose of the processing, the categories of personal data and the recipients or categories of recipients to whom the personal data have been or will be made accessible.
  • Right to rectification: You have the right to rectify and/or complete your personal data processed by us.
  • Right to erasure: You have the right to have your personal data erased unless we are required by applicable laws and regulations to continue to retain your personal data (in whole or in part) or have an overriding interest in continuing to retain it if
  • the personal data is no longer required for the purposes pursued;
  • you have revoked your consent (if such consent has been given) and there is no other legal basis for processing;
  • you have effectively objected to the processing;
  • the personal data has been processed unlawfully.
  • Right to restrict processing: You may request us to restrict processing in the following cases:
  • if you dispute the accuracy of the personal data, for the duration of our review and subsequent correction or rejection of the correction;
  • if, in the event of unlawful processing, you object to the deletion and wish instead to restrict the processing;
  • if, after the purpose has been fulfilled, you request that the personal data not be deleted but be retained for the purpose of asserting rights;

The personal data concerned will be segregated or marked for the duration of the restriction. In addition to the storage, any further processing of this personal data will only take place with your consent.

  • Right to data portability: Under certain conditions, you have the right to receive the personal data you have provided in a structured, commonly used and machine-readable format. You are entitled to have this personal data transferred to another company without hindrance, insofar as this is technically possible.
  • Right to object: You have the right to object to our processing of your personal data at any time for reasons relating to your particular situation and to request us to stop processing your personal data. If you have the right to object and exercise this right, your personal data will no longer be processed by us for such purposes.

In particular, there is no right to object if we have compelling legitimate grounds for processing that override your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims or is necessary for the conclusion and performance of a contract.

Insofar as we process your personal data for the purpose of direct advertising, you have the right to object to this processing at any time. After your objection, your personal data will no longer be processed for this purpose.

  • Right to withdraw consent: If you have given us consent to process your personal data for one or more specific purposes, you have the right to withdraw consent for one or more of those purposes. The revocation of consent does not affect the lawfulness of the processing carried out until the revocation.

You can assert your rights in connection with the processing of your personal data in writing via the contact options listed above by sending us your request by mail or e-mail. Please enclose a copy of your identification document (identity card or passport) with your request.

For our part, we reserve the right to assert the restrictions provided for by law, for example if we are legally obliged to retain or process certain personal data or have an overriding interest in doing so because we need it, for example, to assert, exercise or defend legal claims. Please note that the exercise of the aforementioned rights may conflict with contractual agreements between you and us (e.g. on the provision of services) and this may lead to consequences such as the premature termination of the contract or costs. In these cases, we will inform you in advance.

You also have the right to lodge a complaint with the competent supervisory authority, in particular in the Member State of your habitual residence or of the place of the alleged infringement, if you believe that the processing of your personal data violates applicable data protection law. The competent supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

5. changes

We reserve the right to amend and supplement all parts of this declaration at any time and at our own discretion. The version published on our website (aumico.io) shall apply in each case. We will inform you of these changes appropriately and in accordance with the requirements of applicable law.

If this statement forms part of the contract between you and us, we will inform you appropriately in advance and obtain your consent if we change or amend the statement to your disadvantage. Your consent is voluntary. If you do not agree with the relevant change or addition, you may object to it. If you do not object within the previously announced period, you will be deemed to have given your consent to the relevant change or addition. You do not have the right to terminate a contract without notice due to a change or addition to the present declaration.