Privacy Policy

1. Scope of privacy policy

This Privacy Policy applies exclusively to the website https://digiflow.ch.

We respect your privacy and are committed to protecting any Personal Data we collect from or about you. This Privacy Policy outlines our practices regarding the collection, use, storage, and disclosure of your Personal Data when you visit or interact with our website.

This policy is governed primarily by the Swiss Federal Act on Data Protection (DSG). Where applicable, we also adhere to the requirements set forth by the European Union’s General Data Protection Regulation (GDPR), particularly in cases involving cross-border data transfers or if you are located in the EU/EEA.

2. Processing of Personal Data: Type, Purpose, and Use

When you access our website, certain information is temporarily stored in server log files. This information is automatically transmitted by your device’s browser and includes the following data:

  • IP address of the accessing device
  • Date and time of the visit
  • URL of the page accessed
  • Referrer URL (the page from which you were referred)
  • Browser type and other device details
  • Technical data necessary for ensuring secure transmission, error analysis, and site improvements

The above data is processed for the following purposes:

  • Establishing a connection to the website
  • Ensuring the proper functioning and usability of our website
  • Maintaining system security and stability

Data processing is carried out based on your access and is necessary for fulfilling our legitimate interests in accordance with Art. 6(1)(f) GDPR and Art. 31 DSG. If your access is related to a contractual engagement or pre-contractual measures, the legal basis is Art. 6(1)(b) GDPR.

If you enter into a contract with us or provide information via our website, we may collect and process the following personal data:

  • Last name, first name
  • Email address
  • Mobile number
  • Other information you provide as part of your inquiry

In this context, data processing is necessary to fulfill the contract in accordance with Art. 6(1)(b) GDPR or based on your consent under Art. 6(1)(a) GDPR, as applicable.

3. Transfer of Data to Third Parties (Including Joint Controllers and Data Processors)

We may engage external service providers (data processors) to support the operation of our website and related services, such as web hosting. To ensure the protection of your personal data, we have established separate data processing agreements with these service providers, as required under Art. 28 GDPR and the relevant provisions of DSG.

In certain circumstances, it may also be necessary to share your data with the following categories of recipients:

  • Other customers (if required for business purposes and explicitly consented to by you)
  • Suppliers and business partners (where necessary for the performance of a contract or business interaction)
  • Public authorities or courts (only if legally required or necessary to assert, exercise, or defend legal claims)

Any data transfer to these parties is conducted in compliance with the principles of data minimization and purpose limitation, and where applicable, is governed by the legal basis set out in Art. 6 GDPR and Art. 31-34 DSG.

4. Cookies

We use cookies on our website, including session cookies as well as temporary and permanent cookies. Cookies are small text files stored on your device (such as a laptop, tablet, or smartphone) by your browser when you visit our website. While cookies help us recognize returning visitors, they do not necessarily identify you personally.

Purpose of Cookies

The use of cookies serves the following purposes:

  • Analysis: To measure the frequency of use, the number of visitors, and analyze user behavior on our website.
  • Security: To enhance the security of the website and its users.
  • User Experience: To make our services more user-friendly by remembering your preferences and settings, so you do not have to re-enter them during subsequent visits.

Types of Cookies Used

  • Session Cookies: These are automatically deleted when you leave our website.
  • Temporary Cookies: These are stored on your device for a specific period and allow us to recognize your device during future visits.

The legal basis for the use of cookies is our legitimate interest in operating an efficient, secure, and user-friendly website as per Art. 6(1)(f) GDPR. Where the use of cookies involves the processing of personal data, your consent is required under Art. 6(1)(a) GDPR.

Managing Cookies

You can configure your browser settings to block cookies or alert you before cookies are saved. However, please note that completely disabling cookies may limit the functionality of our website.

By continuing to use our website, you consent to the use of cookies as described in this Privacy Policy and the processing of your personal data, even after the end of your browser session. You may withdraw your consent at any time by adjusting your browser settings to refuse third-party cookies.

5. Analysis tools

Our website utilizes the following web analysis services to better understand user behavior and optimize the user experience. These tools process information such as IP addresses and interaction data through cookies. For more information, please refer to the “Cookies” section of this Privacy Policy.

Google Analytics

We use Google Analytics, a web analysis service provided by Google LLC, USA (“Google”). Google Analytics uses cookies to analyze how users interact with our website. Please note that we have integrated the code “gat._anonymizeIp();” into our Google Analytics implementation to ensure anonymization of IP addresses (known as IP masking).

When IP anonymization is enabled, Google shortens IP addresses within the member states of the European Union (EU) or other signatory states to the Agreement on the European Economic Area (EEA). This process prevents any direct association with your identity. Only in exceptional cases will the complete IP address be transmitted to a Google server in the USA and truncated there.

Google uses the collected information on our behalf to analyze website usage, compile reports on website activity, and provide additional related services. More information about data privacy with Google Analytics can be found at Google Analytics Privacy Overview. You can also deactivate Google Analytics using the following tool: Google Analytics Opt-Out Browser Add-On.

Legal Basis: The use of Google Analytics is based on your consent as per Art. 6(1)(a) GDPR and our legitimate interests in accordance with Art. 6(1)(f) GDPR to optimize the functionality and performance of our website.

6. Place of Data Processing and Cross-Border Data Transfers

We store and process your personal data primarily within Switzerland and the European Union (EU). However, in some instances, it may be necessary to transfer your data to recipients in countries outside of Switzerland or the EU/EEA, which may not have an equivalent level of data protection.

When transferring data to countries without an adequate level of protection as defined by the European Commission or the Swiss Federal Data Protection and Information Commissioner (FDPIC), we ensure that your data is protected through the use of appropriate safeguards.

7. Cross-Border Disclosure to Third Countries Without an Adequate Level of Data Protection

For transfers to third countries without an adequacy decision, we base such transfers on Standard Contractual Clauses (SCCs) approved by the European Commission, or we rely on other legally recognized exceptions, such as your explicit consent or the necessity of the transfer for the performance of a contract.

To ensure that an appropriate level of data protection is maintained during cross-border transfers, we implement security measures such as encryption and pseudonymization where necessary.

For data transfers to the United States, we comply with the EU-U.S. Data Privacy Framework, which has been in force since July 10, 2023. This framework provides an adequate level of protection for data transferred to certified U.S. entities.

If you have any questions about cross-border data transfers, would like a copy of the EU Standard Contractual Clauses, or need information about additional security measures, please contact the Data Protection Officer or use the link to EU Standard Contractual Clauses

8. Your rights

As a data subject, you have the following rights under the General Data Protection Regulation (GDPR) and the Swiss Data Protection Act (DSG):

  • Right to Access

    You have the right to request information about your personal data processed by us (Art. 15 GDPR). This includes details such as:

    • The purposes of processing
    • The categories of personal data processed
    • The recipients or categories of recipients to whom your data has been or will be disclosed
    • The planned storage period
    • The existence of rights to rectification, deletion, restriction of processing, or objection
    • The existence of a right to complain
    • The source of your data if it was not collected directly from you
    • The existence of automated decision-making, including profiling, and—if applicable—meaningful information on its details

    Note: If responding to such a request involves disproportionate effort, we may ask you to provide proof of identity or cover any reasonable costs associated with fulfilling your request.

  • Right to Rectification

    You have the right to request the immediate correction of inaccurate personal data or the completion of incomplete personal data stored by us (Art. 16 GDPR).

  • Right to Erasure ("Right to be Forgotten")

    You have the right to request the deletion of your personal data, provided that the processing is not necessary:

    • To exercise the right to freedom of expression and information
    • To comply with a legal obligation
    • For reasons of public interest
    • To assert, exercise, or defend legal claims (Art. 17 GDPR)
  • Right to Restriction of Processing

    You have the right to request the restriction of the processing of your personal data if:

    • You contest the accuracy of your data
    • The processing is unlawful, but you oppose its deletion
    • We no longer need your data, but you require it for the establishment, exercise, or defense of legal claims
    • ou have objected to the processing pursuant to Art. 21 GDPR pending verification of whether our legitimate grounds override yours (Art. 18 GDPR)
  • Right to Data Portability

    You have the right to receive the personal data that you have provided to us in a structured, commonly used, and machine-readable format. You may also request that this data be transmitted to another data controller, where technically feasible (Art. 20 GDPR).

  • Right to Withdraw Consent

    If you have provided consent to the processing of your personal data, you may withdraw this consent at any time. The withdrawal of consent does not affect the lawfulness of processing carried out based on consent before its withdrawal (Art. 7(3) GDPR).

  • Right to Lodge a Complaint

    You have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work, or place of the alleged infringement, if you believe that the processing of your personal data violates applicable data protection regulations (Art. 77 GDPR).

If you wish to exercise any of these rights or require further information, please feel free to contact the Data Protection Officer at any time.

9. Right to Object

If your personal data is processed based on legitimate interests in accordance with Art. 6(1)(f) GDPR, you have the right to object to this processing at any time under Art. 21 GDPR, provided that there are grounds relating to your particular situation, or if the objection is directed against direct marketing.

If your objection is based on reasons related to your specific situation, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

If your objection is related to direct marketing purposes, you have a general right to object, which we will honor without requiring a specific reason or situation.

To exercise your right to object, please contact us via the contact details provided in this policy.

10. Data Security

We take the security of your personal data seriously and implement appropriate technical and organizational measures (TOM) to protect it from unauthorized access, misuse, or disclosure. All data transmitted between your device and our servers is encrypted using SSL (Secure Socket Layer) technology to ensure secure communication.

Our data protection practices are regularly reviewed and updated to reflect the latest security standards.

11. Storage Period

We process and store your personal data responsibly and in accordance with applicable data protection laws. Your data will be retained only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by legal obligations.

The specific storage period depends on the nature of the data and the purposes for which it was collected. Once the storage purpose no longer applies or upon your request, the data will be deleted or anonymized, unless we are legally required to retain it.

12. Contact Details

This Privacy Policy applies to the data processing activities of:

Company Name: DigiFlow Solutions GmbH
Address: Neubadrain 10, CH-4102 Binningen
UID : CHE-211.066.808 MWST
Email : [email protected]
Supervisory authority (in Switzerland): Federal Data Protection and Information Commissioner

For any questions or concerns regarding this Privacy Policy or data protection practices, please feel free to contact us using the information provided above.

13. Updates to This Privacy Policy

We may update or amend this Privacy Policy from time to time to reflect changes in legal requirements or our data processing practices. The latest version of this Privacy Policy is available at https://digiflow.ch.