Table of Contents
Aioma is committed to the protection, confidentiality and privacy of the information and data entrusted to us. We take appropriate measures to ensure that we comply with the applicable data protection laws.
Why we require personal data
In particular, we collect personal data for the provision and marketing of our products and services (including our website), the fulfillment of signed contracts and the performance of our duties. We strive to be transparent when collecting data and to collect and process only relevant information.
In addition, we are by law required to collect certain personal data for the purpose of tracking our business activities and to retain them for the period provided for this purpose (retention obligation).
How we collect personal data
In principle, we only collect personal data for which we have received consent and which are relevant. We may also collect personal data when such data is of legitimate interest to us, provided that this is in reasonable proportion and does not override fundamental rights.
Direct: We directly receive personal information from individuals who use our website, actively participate in community activities (e.g. blogs, forums, or events), register for publications, subscriptions, or newsletters, or contact us directly (e.g. via phone, email, contact forms, or in-person meetings).
Indirect: We also receive personal data indirectly through third parties, customer orders, public sources or partner companies. In this situation, we mainly act as a data processor. Therefore, kindly also define which data you would like to provide us with, via the respective service provider that transmits data to us.
We may aggregate Personal Information into profiles (e.g. in CRM systems) to better understand and serve our customers, partners, prospects, subscribers, and individuals, to comply with a legal obligation, or to pursue our legitimate interests.
Which personal data we collect
Which data we collect and process in a specific case depends strongly on the respective interaction and which products and services are used. Further information about personal data that may be collected in the course of our activities, is provided below.
Personal data refers to any information that personally identifies you, including contact information; such as name, email address, company name and address, phone number, and other information about you or your company. In addition, technical information such as log files, transactions, IP address of the internet device, browsing behavior on our websites or navigation/location data may also be personal data if it is possible to identify you directly or indirectly through them.
We avoid collecting, processing and storing sensitive personal data as far as possible and only collect it for legitimate purposes. Sensitive personal data refers to information that requires special protection. This, for example, includes credit or debit card numbers, government-issued documents (e.g. passport, social security), biometric information, personal health information, children's personal information, or combinations of information that fall within the definition of "special categories of data" (under the EU General Data Protection Regulation, EU GDPR) or other applicable privacy and data protection laws.
Use of personal data
In addition to the uses already mentioned, we may use your personal information to:
- Improve and further develop our products and services;
- Provide or send you information that we believe may be of interest to you and is related to products and services you use;
- Send you promotional or informational content in accordance with your communication preferences;
- Collect statistical information on the use of our products and services; including the website, and to improve the experience and personalization derived from this information;
- Assist you with administrative or supporting activities;
- Monitor, prevent, or investigate security issues or misuse;
- Meet legal requirements.
It may happen that we contact you on behalf of our external business partners or customers. In this case, we will only process your data on behalf of the data controller customer or partner.
Disclosure and sale of personal data to third parties
We never sell your personal data to third parties.
In order to provide efficient, high-quality products and services, we use third parties who support us as partners or subcontractors. We ensure that these subcontractors are bound by the same data protection and security standards as we are when processing data. Examples of third parties may include technology platform providers, software providers, payment service providers, customer campaign agencies, and government or regulatory agencies.
Transfer of personal data to a foreign country
In principle, we store and process personal data on servers in Switzerland. For various products and services, we work with partners or subcontractors who process and store personal data outside of Switzerland. We do this when we have a business reason to do so. Moreover, we verify and, where applicable, require these companies to process and manage personal data in accordance with the data protection laws that are applicable and in force for us. By using our services, you agree that individual personal data may be stored outside of Switzerland and the EU. In any case, we remain data controllers and take appropriate measures to protect personal data.
Your privacy rights
In connection with data processing, you have the rights listed below.
- Access: You may request us to verify whether we are processing personal data about you and, if so, to provide more detailed information.
- Correction: You may request us to correct our records if you believe they contain inaccurate or incomplete information about you.
- Deletion: You may request us to delete your personal data after you have withdrawn your consent to the processing. We will usually delete your data that is no longer required. Note that due to legal obligations, we cannot delete all of your personal data (e.g. historical data or data for accounting purposes).
- Data transferability: If you have provided us with personal data, you may request us to transmit this data in an electronic form; if technically plausible.
- Processing Restrictions: You may ask us to temporarily restrict the processing of your personal data if you dispute the accuracy of your personal data and wish to restrict its use rather than have us delete it.
- Right to object to marketing including profiling: You may object to the use of your personal information for marketing purposes, including profiling. We may need to retain some minimal information to comply with your request to stop marketing to you.
Right to withdraw consent: You can revoke your previously given consent to the processing of your personal data. This does not affect the lawfulness of the processing that was carried out before you withdrew your consent. It may mean that we are not able to offer you certain products or services and we will inform you in this case.
Before responding to a request regarding your data rights, we may ask for proof of identity to fully identify you. This helps ensure that personal information is not disclosed to anyone who does not have a right to receive it. We may also ask you for sufficient information about your relationship with us to enable locating your personal information.
If your request is unfounded or excessive, we may deny your request or charge a fee. We reserve the right to refuse your request for legitimate reasons.
Cookies and tracking technologies
The providers of these cookies and tracking technologies and referenced sites may collect and process additional technical data. Adobe Flash Player (and similar applications) use special technologies to store preferences, settings, and usage data. These technologies create locally stored objects often referred to as "Flash cookies." We do not use Flash cookies, our technology partners or referenced sites, but may use Flash cookies from Adobe on websites related to our products or services. We are not responsible for this additional data collection in these cases, nor do we control the technology companies or providers in this case.
Security and confidentiality of personal data
To ensure the security and confidentiality of personal data, we use various security technologies and procedures. These procedures aim to protect personal data from unauthorized access, use, damage or disclosure. We protect personal data by using measures such as encryption, security certificates or strong multi-level authorization procedures. All personal data is protected by complementary, appropriate physical, technical and organizational measures.
We cannot accept any responsibility for external websites, third-party content or links to this information on our website, products or services.
Retention of personal data
We retain personal data for as long as necessary for the purposes for which it was collected. We may also retain non-sensitive personal data beyond this period to keep in touch with you and to fulfill products, services or other contractual obligations. We generally delete personal data when we no longer require it and for which any legal retention period has expired.
Contact data privacy officer
Aioma AG is a Swiss corporation and is subject to Swiss law.
If you have concerns about our data protection practices, you may also contact the competent data protection supervisory authority. Switzerland: Eidgenössischer Datenschutz und Öffentlichkeitsbeauftragter