Privacy policy
We (“NEXOYA“, “us“, “we“, or “our“) are committed to protecting your privacy and want you to be secure when visiting the nexoya.com website (hereinafter referred to as the “Website“).
This page informs you of our policies regarding the collection, use and disclosure of Personal Data when you use our Website and the choices you have associated with that Data.
By using the Website, you agree to the collection and use of information in accordance with this privacy policy (the “Privacy Policy“). Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.
1 Definitions
Personal Data | Personal Data means data about an individual who can be identified through the data (or from the data and other information either in our possession or likely to come into our possession). |
Data Subject (or User) | Data Subject is any living individual who is using our Website and is the subject of Personal Data. |
Data Controller | Data Controller means the natural or legal person who (either alone or jointly or in common with persons) determines the purposes for which and the manner in which any other personal information are, or are to be, processed. |
Data Processor (or Service Provider) | Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. |
2 Personal Data We Collect
We collect the following types of Personal Data when you browse our Website and submit information in the respective forms.
Login Details* (when provided) | First and last name
Company Phone number Email address |
Usage Data | Last login
Website activity Source IP This Usage Data is sent by your browser whenever you visit our Website and may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When you access the Website with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data. |
Tracking and Cookies Data | We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.
Please refer to the Cookie Policy section for an overview of the cookies that we use. |
Our Services are not intended for use by children under the age of 16, and we do not knowingly collect or solicit personal data from children under this age. If you believe that we might have inadvertently received information from or about a child under 16, please contact us via the contact form, and we will take appropriate steps to investigate and, if necessary, delete that information from our servers.
3 How We Collect Personal Data
We collect information about you when you use our Website, including browsing and taking certain actions within it.
Means of collection | Explanation | Personal Data collected |
Directly | ||
Your registration on our Website | We collect information about you when you register on our Website or Web App. | This information includes the Login Details (as defined above in Section 2 ‘Personal Data We Collect’). |
Your use of the Website | We keep track of certain information about you when you visit and interact with our Website or Web App. | This information includes the Usage Data (as defined above in Section 2 ‘Personal Data We Collect’). |
Device and connection information | We collect information about your computer, phone, tablet, or other devices you use to access the Website. | This information includes the Usage Data (as defined above in Section 2 ‘Personal Data We Collect’).
How much of this information we collect depends on the type and settings of the device you use to access the Website. |
Cookies and other tracking technologies | We and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices. | This information includes the Tracking and Cookies Data (as defined above in Section 2 ‘Personal Data We Collect’).
How much of this information we collect depends on the type and settings of the browser you use to access the Website. For more information, please refer to the Cookie Policy section. |
Indirectly | ||
Other users of the Website | Other users of our Website may provide information about you when they submit content through the contact form. | This information includes the Contact Details (as defined above in Section 2 ‘Personal Data We Collect’).
For example, you may be mentioned in a technical support issue opened by someone else. |
Other partners | We receive information about you and your activities on and off the Website from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with, our Services and online advertisements. | This information includes the Tracking and Cookies Data (as defined above in Section 2 ‘Personal Data We Collect’).
For more information, please refer to Section 10 ‘Service Providers’. |
4 Legal Basis and Purposes
Our legal basis for collecting and using the Personal Data described in this Privacy Policy depends on the Personal Data we collect and the specific purposes for which we collect it:
Legal Basis | Explanation | Purpose |
Contract | To perform our contractual obligations or take steps linked to a contract with you or your organisation. | To provide and administer services as instructed by you. |
To provide you with customer support. | ||
Consent | We may rely on your freely given consent at the time you provided your Personal Data. | To provide you with news, special offers and general information about goods, services and events which we offer (with your explicit consent). |
Legitimate interests | We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. | To provide and maintain our Website, as well as to detect, prevent and address security threats. |
To analyse, improve, personalise and monitor the usage of our Website and communications. | ||
To notify you about changes to our Website and our Privacy Policy. | ||
Public interest | To meet regulatory and public interest obligations. | To maintain records and conduct compliance checks, e.g. anti-money laundering, fraud and crime prevention. |
5 Data Retention
We retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, and to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.
6 Storage and Data Transfers
We store your Personal Data on our servers in Switzerland.
If you are located outside Switzerland and choose to provide information to us, please be aware that the data protection laws may differ from those of your jurisdiction.
We take all the steps reasonably necessary to ensure that no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your Personal Data.
In particular, for transfers of Personal Data outside the EEA, contracts containing the EU Standard Contractual Clauses according to the EU Commission decisions of 27 December 2004 (2004/915/EC) and 05 February 2010 (C(2010)593) constitute appropriate and suitable safeguards to ensure compliance with GDPR.
7 Data Disclosure
We may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation (i.e. if required by law or in response to valid requests by public authorities, such as a court or government agency)
- To protect and defend our rights or property
- To prevent or investigate possible wrongdoing in connection with the Website
- To protect the safety of Website visitors or the public
- To protect ourselves against legal liability
8 Data Security
We take reasonable technical and organizational security measures that we deem appropriate in order to protect your stored data against manipulation, loss, or unauthorized third-party access. Our security measures are continually adapted to technological developments.
We also take internal data privacy very seriously. Our employees and the service providers that we retain are required to maintain secrecy and to comply with applicable data protection legislation. In addition, they are granted access to personal data only insofar as this is necessary for them to carry out their respective tasks or mandate.
Finally, we take all the steps reasonably necessary to ensure that no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your Personal Data.
The security of your Personal Data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
In the event of a data breach that might compromise the security of your personal data, we will act promptly to investigate and mitigate the breach. If required by applicable law, we will notify the relevant supervisory authority and affected individuals without undue delay, in accordance with the Swiss Data Protection Act. Our notification will include details of the breach, the nature and likely consequences, the measures taken to address it, and guidance on how you can protect yourself from potential adverse effects.
9 Data Protection Rights
You have certain data protection rights. We will respond to your request without undue delay, at the latest within one calendar month after receipt. Please note that we may ask you to verify your identity before responding to such requests.
Right to access | You have a right to request a copy of the Personal Data held by us as a data controller, which we will provide to you in an electronic form. |
Right to amendment | You have the right to ask us to correct our records if you believe they contain incorrect or incomplete information about you. |
Right to withdraw consent | If you have provided your consent to the collection, processing and transfer of your Personal Data, you have the right to fully or partly withdraw your consent. This includes cases where you wish to opt out from marketing messages.
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another Legal Basis for the processing. To stop receiving emails from us, please click on the “unsubscribe” link in the email you received from us or contact us at info@nexoya.com. |
Right to erasure | You have the right to request that we delete your Personal Data when it is no longer necessary for the Purposes for which it was collected, or when it was unlawfully processed. |
Right to restriction of processing | You have the right to request the restriction of our processing of your Personal Data where you believe it to be inaccurate, our processing is unlawful, or where we no longer need to process it for the initial Purpose, but where we are not able to delete it due to a legal obligation or because you do not want us to delete it. |
Right to portability | You have the right to request that we transmit your Personal Data to another data controller in a common format such as Excel, where this is data which you have provided to us and where we are processing it on the Legal Basis of your consent or in order to perform our contractual obligations (e.g. to provide our Services). |
Right to object to processing | Where the Legal Basis for our processing of your Personal Data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate Legal Basis for the processing which override your interests, or if we need to continue to process the Data for the establishment, exercise or defence of a legal claim. |
Right to lodge a complaint with a supervisory authority | You have the right of appeal to a data protection supervisory authority if you believe that the processing of your personal data violates data protection law or you have complaints about our handling of your personal data.
In Switzerland, you may contact the Federal Data Protection and Information Commissioner, Feldeggweg 1, CH-3003 Bern |
10 Service Providers
We may employ third party companies and individuals (“Service Providers“) to facilitate the operation of our Website, provide the Website on our behalf, perform Website-related services or assist us in analysing how our Website is used. The Service Providers have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
App | Provided by | Function & Address |
Auth0 | Auth0 Inc | We do use Auth0, for securely authenticating you with our Web App.
Wildbit, 10800 NE 8th Street Suite 700 Bellevue, WA 98004, United States |
bexio | bexio AG | We do use bexio for running procurement and invoicing.
bexio AG, Alte Jonastrasse 24, 8640 Rapperswil-Jona, Switzerland |
BL.INK | Blink Global, LLC | We do use Blink Global, LLC as our redirect url provider for simplified & shortened Links.
Blink Global, LLC, located at 6302 Royal Birkdale Overlook Austin, Texas 78748, United States |
Calendly | Calendly LLC | We do use Calendly for scheduling calls or onboardings with our potential or existing customers.
Calendly LLC, 271 17th St NW, Atlanta, GA 30363, United States |
CloudAMQP | 84codes AB | We do use CloudAMQP for sending technical messages between services.
84codes AB, Sveavägen 98, 113 50 Stockholm, Sweden |
CloudFlare | Cloudflare Inc. | We do use CloudFlare for making sure our service is always up and running, using it as a Content delivery network (CDN).
CloudFlare Inc, Riverside Building, 6th Floor, County Hall/The, Belvedere Rd, London SE1 7PB, United Kingdom |
Datadog | Datadog, Inc. | We do use Datadog monitor our infrastructure on performance, operation, maintenance and troubleshooting.
Datadog, Inc., 620 8th Avenue, Floor 45, New York, NY 10018, United States |
Docusign | Docusign Inc. | We do use Docusign for electronically signing documents with partners, customers and alike.
Docusign Inc, 221 Main St., Suite 1550, San Francisco, CA 94105, United States |
Facebook Inc. | We do use Facebook for remarketing and testing.
Facebook Inc,1 Hacker Way, Menlo Park, United States |
|
GitLab | GitLab Inc. | We do use gitlab for our internal project management and incident/bug management.
GitLab Inc, 268 Bush Street #350, San Francisco, CA 94104, United States of America |
Google Adwords, Google AdSense | Google Inc. | We do use Google Adwords, Google AdSense for remarketing and testing.
Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States |
Google Analytics | Google Inc. | Google uses the data collected to track and monitor the use of our Website.
Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States |
Google GSuite | Google Schweiz GmbH | We do use Google as our internal office tools and document system.
Google Switzerland GmbH. Brandschenkestr. 110 8002 Zürich, Switzerland |
LinkedIn Inc./ Linkedin Ireland Unlimited Company | We do use linkedin for marketing, remarketing and testing.
70 Sir John Rogerson’s Quay, Dublin 2,Dublin,D02r296,Ireland |
|
Mailchimp | The Rocket Science Group, LLC | We do use Mailchimp, for sending you emails after you subscribed to one of our newsletters, free-tools or our resource library.
The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 United States |
Microsoft | Microsoft Schweiz GmbH | We do use Microsoft as our hosting provider for database, middleware and web-application hosting.
Microsoft Schweiz GmbH, Richtistrasse 3, 8304 Wallisellen, Switzerland |
Pipedrive | Pipedrive Inc | We do use Pipedrive for our customer relationship management system.
Pipedrive Inc, LABS House, 15-19 Bloomsbury Way, London WC1A 2TH, United Kingdom |
Postmark | Wildbit, LLC | We do use Postmark, for sending transactional emails via the website or the web app.
Wildbit, LLC, 2400 Market Street, No. 200, Suite 235B, Philadelphia, PA 19103, United States |
Recruitee | Recruitee B.V. | We do use Recruitee B.V. for recruiting purposes.
Recruitee B.V., Keizersgracht 313, 1016 EE Amsterdam, The Netherlands |
Slack | Slack Technologies Inc | We do use Slack for internal communication.
Slack Technologies Inc, 500 Howard St, San Francisco, CA 94105, United States |
Twitter Inc. | We do use twitter for marketing, remarketing and testing.
Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 United States |
|
Typeform | TYPEFORM SL | We do use Typeform for running interviews or questionnaires.
TYPEFORM SL, Carrer Bac de Roda 163, 08018 Barcelona, Spain |
WPEngine | WPEngine Inc. | We do use WPEngine to host our website as well as free-tool and free templates.
WP Engine, Irongate House, 22-30 Duke’s Place, London, EC3A 7LP United Kingdom |
Zapier | Zapier Inc. | We do use Zapier, for connecting our website with other services such as Mailchimp.
Zapier, Inc. 548 Market St. #62411. San Francisco, CA 94104-5401.Nov 5, 2019 |
11 Cookie Policy
Our Website uses cookies to improve the user experience and ensure that it is functioning effectively. Cookies are small text files that are downloaded to your device by visiting the Website. We use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your device for a set period of time or until you delete them). You may change your browser settings to delete and/or block cookies.
We use the following types of cookies for the purposes explained:
Cookie | Type | Qualification | Function |
handl_url handl_ip handl_original_ref handl_ref handl_landing_pagewp-wpml_current_languag |
Persistent | Functional | Website cookies which enable us to provide our Website. |
auth0_nonce auth0_state com.auth.auth.* |
Session | Functional | Auth0 cookie to verify login into the WebApp. |
_gat | Session | Functional | Google Analytics cookie used to throttle request rate. |
_gid
_ga ANID APISID HSID NID SAPISID SIDCC SSID 1P_JAR CONSENT |
Persistent | Performance and tracking cookies | Google Analytics cookies to track users as they navigate the Website and help improve the Website’s usability.
These allow us to recognize and count the number of users of our Website and understand how such users navigate through our Website. This helps to improve how our Website works, for example, by ensuring that users can find what they are looking for easily. We use Google Analytics. |
fr
_fbp datr dpr sb wd OTZ COMPASS |
Persistent | Targeting | Facebook cookies which help Facebook provide visitors with more personalized advertisements. They collect information about your browsing habits in order to make advertising relevant to you and your interests. |
utm_campaign utm_content utm_source |
Session | Performance and tracking cookie | Stores respective campaign of the website user. |
helpful_user | Session | Functional | Stores user feedback on our help pages |
__cfduid | Persistent | Functional | CloudFare cookie used to speed up page load times. |
Lidc
lang bcookie bscookie UserMatchHistory li_oatml liap lissc |
Persistent | Targeting | LinkedIn cookies which help LinkedIn provide visitors with more personalized advertisements. They collect information about your browsing habits in order to make advertising relevant to you and your interests. |
We employ tracking systems such as Google Analytics or similar services on our Website. These are services provided by third parties, which may be located in any country worldwide and which allow us to measure and evaluate the use of our Website (on an anonymized basis). For this purpose, permanent cookies are used, which are set by the service provider.
The service provider does not receive (and does not retain) any Personal Data from us, but the service provider may track your use of the Website.
The information generated through the cookies about the utilization of this website (including your IP address) is transferred to and stored on a central server. If appropriate, this information will be passed on to third parties to the extent this is prescribed by law or to the extent that third parties process the data under contract.
We reserve the right, if required, to employ other tracking systems than those named in the section on tracking data for the specified purpose.
12 Links to Other Sites
Our Website may contain links to other sites that are not operated by us. If you click a third-party link, you will be directed to that third party’s website.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
13 Changes to This Privacy Policy
We may update our Privacy Policy from time to time.
We will notify you via email and/or a prominent notice on our Website, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy, but we encourage you to review this Privacy Policy periodically for any changes.
Changes to this Privacy Policy are effective when they are posted on this page.
14 Contact Us
If you have any questions about this Privacy Policy, please contact us at:
nexoya AG
Konradstrasse 32
8005 Zurich
Switzerland
info@nexoya.com