Table of Contents

Privacy Policy Aioma

Aioma is committed to the protection, confidentiality and privacy of the information and data entrusted to us. We take appropriate measures to ensure that we comply with the applicable data protection laws. 

This Privacy Policy applies to all data that we collect as data controllers. This, in relation to our business activities or the website This Privacy Policy does not apply to the data we process on behalf of our customers and in which our customers act as data controllers. 

We regularly revise and update this privacy policy and our measures to adapt them to changed or new requirements. We publish the most recent version on our website and we recommend you to read it periodically. This Privacy Policy was last updated on February 17, 2021. 

Please read this Privacy Policy to learn about your rights, what information we collect, how we use and protect it.

Why we require personal data

In particular, we collect personal data for the provision and marketing of our products and services (including our website), the fulfillment of signed contracts and the performance of our duties. We strive to be transparent when collecting data and to collect and process only relevant information. 

We would like to point out that without data we cannot provide certain services or our products and services can no longer be used. In case you do not agree with this privacy policy, you should not use our website.

In addition, we are by law required to collect certain personal data for the purpose of tracking our business activities and to retain them for the period provided for this purpose (retention obligation).

How we collect personal data

In principle, we only collect personal data for which we have received consent and which are relevant. We may also collect personal data when such data is of legitimate interest to us, provided that this is in reasonable proportion and does not override fundamental rights. 

We only collect and use information in accordance with this Privacy Policy.

Direct: We directly receive personal information from individuals who use our website, actively participate in community activities (e.g. blogs, forums, or events), register for publications, subscriptions, or newsletters, or contact us directly (e.g. via phone, email, contact forms, or in-person meetings). 

Indirect: We also receive personal data indirectly through third parties, customer orders, public sources or partner companies. In this situation, we mainly act as a data processor. Therefore, kindly also define which data you would like to provide us with, via the respective service provider that transmits data to us.

We may aggregate Personal Information into profiles (e.g. in CRM systems) to better understand and serve our customers, partners, prospects, subscribers, and individuals, to comply with a legal obligation, or to pursue our legitimate interests.

Which personal data we collect

Which data we collect and process in a specific case depends strongly on the respective interaction and which products and services are used. Further information about personal data that may be collected in the course of our activities, is provided below. 

Personal data refers to any information that personally identifies you, including contact information; such as name, email address, company name and address, phone number, and other information about you or your company. In addition, technical information such as log files, transactions, IP address of the internet device, browsing behavior on our websites or navigation/location data may also be personal data if it is possible to identify you directly or indirectly through them. 

We avoid collecting, processing and storing sensitive personal data as far as possible and only collect it for legitimate purposes. Sensitive personal data refers to information that requires special protection. This, for example, includes credit or debit card numbers, government-issued documents (e.g. passport, social security), biometric information, personal health information, children's personal information, or combinations of information that fall within the definition of "special categories of data" (under the EU General Data Protection Regulation, EU GDPR) or other applicable privacy and data protection laws.

Use of personal data

In addition to the uses already mentioned, we may use your personal information to:

  • Improve and further develop our products and services;
  • Provide or send you information that we believe may be of interest to you and is related to products and services you use;
  • Send you promotional or informational content in accordance with your communication preferences;
  • Collect statistical information on the use of our products and services; including the website, and to improve the experience and personalization derived from this information;
  • Assist you with administrative or supporting activities;
  • Monitor, prevent, or investigate security issues or misuse;
  • Meet legal requirements.

It may happen that we contact you on behalf of our external business partners or customers. In this case, we will only process your data on behalf of the data controller customer or partner.

Currently, we do not use automated processing, including machine learning, or other machine intelligence to provide or refuse services. If this changes, we will extend this section of the Privacy Policy and proactively notify you (for more information, see Section 22 of the EU GDPR).

Disclosure and sale of personal data to third parties

We never sell your personal data to third parties.

In order to provide efficient, high-quality products and services, we use third parties who support us as partners or subcontractors. We ensure that these subcontractors are bound by the same data protection and security standards as we are when processing data. Examples of third parties may include technology platform providers, software providers, payment service providers, customer campaign agencies, and government or regulatory agencies.

Transfer of personal data to a foreign country

In principle, we store and process personal data on servers in Switzerland. For various products and services, we work with partners or subcontractors who process and store personal data outside of Switzerland. We do this when we have a business reason to do so. Moreover, we verify and, where applicable, require these companies to process and manage personal data in accordance with the data protection laws that are applicable and in force for us. By using our services, you agree that individual personal data may be stored outside of Switzerland and the EU. In any case, we remain data controllers and take appropriate measures to protect personal data.

Your privacy rights

In connection with data processing, you have the rights listed below. 

  • Access: You may request us to verify whether we are processing personal data about you and, if so, to provide more detailed information.
  • Correction: You may request us to correct our records if you believe they contain inaccurate or incomplete information about you.
  • Deletion: You may request us to delete your personal data after you have withdrawn your consent to the processing. We will usually delete your data that is no longer required. Note that due to legal obligations, we cannot delete all of your personal data (e.g. historical data or data for accounting purposes).
  • Data transferability: If you have provided us with personal data, you may request us to transmit this data in an electronic form; if technically plausible.
  • Processing Restrictions: You may ask us to temporarily restrict the processing of your personal data if you dispute the accuracy of your personal data and wish to restrict its use rather than have us delete it.
  • Right to object to marketing including profiling: You may object to the use of your personal information for marketing purposes, including profiling. We may need to retain some minimal information to comply with your request to stop marketing to you. 

Right to withdraw consent: You can revoke your previously given consent to the processing of your personal data. This does not affect the lawfulness of the processing that was carried out before you withdrew your consent. It may mean that we are not able to offer you certain products or services and we will inform you in this case.

Before responding to a request regarding your data rights, we may ask for proof of identity to fully identify you. This helps ensure that personal information is not disclosed to anyone who does not have a right to receive it. We may also ask you for sufficient information about your relationship with us to enable locating your personal information.

If your request is unfounded or excessive, we may deny your request or charge a fee. We reserve the right to refuse your request for legitimate reasons.

Cookies and tracking technologies

We, our partners and subcontractors use cookies or similar technologies (such as web beacons and JavaScript) to administer the website and ensure its functionality, analyze usage, track user activity on the website, and gather aggregate demographic information about our users. Collecting this information allows us to customize the online experience, improve the performance, security, usability and effectiveness of our web presence, and measure the effectiveness of our marketing, product or service promotion activities. 

The providers of these cookies and tracking technologies and referenced sites may collect and process additional technical data. Adobe Flash Player (and similar applications) use special technologies to store preferences, settings, and usage data. These technologies create locally stored objects often referred to as "Flash cookies." We do not use Flash cookies, our technology partners or referenced sites, but may use Flash cookies from Adobe on websites related to our products or services. We are not responsible for this additional data collection in these cases, nor do we control the technology companies or providers in this case.

For more information about our use of cookies and how you can manage your cookie settings, please see our Cookie policy.

Security and confidentiality of personal data


To ensure the security and confidentiality of personal data, we use various security technologies and procedures. These procedures aim to protect personal data from unauthorized access, use, damage or disclosure. We protect personal data by using measures such as encryption, security certificates or strong multi-level authorization procedures. All personal data is protected by complementary, appropriate physical, technical and organizational measures. 

We cannot accept any responsibility for external websites, third-party content or links to this information on our website, products or services.

Retention of personal data

We retain personal data for as long as necessary for the purposes for which it was collected. We may also retain non-sensitive personal data beyond this period to keep in touch with you and to fulfill products, services or other contractual obligations. We generally delete personal data when we no longer require it and for which any legal retention period has expired.

Contact data privacy officer

If you have any questions about this Privacy Policy or our privacy practices, please contact us directly using the contact information below.

Legal Notice

Your contact for privacy questions and concerns

Aioma AG
Tomàs Avendaño
Hardturmstrasse 105
CH-8005 Zurich

Aioma AG is a Swiss corporation and is subject to Swiss law. 

If you have concerns about our data protection practices, you may also contact the competent data protection supervisory authority. Switzerland: Eidgenössischer Datenschutz und Öffentlichkeitsbeauftragter