Privacy Policy
Privacy Policy for tracenable.com
Last Updated: 01/09/2024 Datacie Ltd, registered in
Switzerland under company number CHE-231.706.060 (UID), with its registered address at Chemin Erna
Hamburger 1C, EPFL Innovation Park, 1015 Lausanne, Switzerland (“we”, “us”, “our”) operates the
website tracenable.com. We are dedicated to
protecting the confidentiality and privacy of your personal data. We comply with applicable data
protection laws, including the Swiss Federal Act on Data Protection (nFADP), the
General Data Protection Regulation (GDPR) where applicable, and, for California residents, the
California Consumer Privacy Act (CCPA). This Privacy Policy outlines your rights, the types of
personal data we collect, how we use it, and how we safeguard it.
1. Who is Responsible for Data
Processing? This Privacy Policy applies to Datacie Ltd, the
operator of tracenable.com. For questions related to this policy or the processing of your personal
data, please contact our Data Protection Officer (DPO) at: legal@tracenable.com 2. What Personal Data Do We Collect and
How? We collect personal data in the following
ways: a) Personal Data You Provide to
Us -
Account information: When you create an account with us, we collect information associated with
your account. This may include your name, email address, phone number, company name, account
credentials, and billing information, such as payment details and transaction history.
-
Content and files: When you use our services, we collect the information you provide to us,
including any content, documents, or files you upload or submit.
-
Communication information: If you communicate with us via email, forms on our website, or other
methods, we collect your name, contact details, and the contents of your communications.
-
Event and survey participation: If you participate in our events, surveys, or webinars, we may
collect personal information such as your name, contact details, and responses to survey
questions or event registration details.
-
Social media interactions: We have pages on social media platforms like Instagram, Facebook,
Medium, X (formerly Twitter), YouTube, and LinkedIn. When you interact with our social media
pages (e.g., by liking, commenting, or messaging us), we collect the information you choose to
share with us. In addition, social media platforms may provide us with aggregated data about
engagement and interactions on our content.
b) Personal Data We Collect
Automatically -
Log information: When you visit or interact with our website and services, our systems
automatically collect information such as your IP address, browser type, browser settings, the
date and time of your access, and how you navigate or interact with our services.
-
Usage data: We collect data on how you use our services, including the types of content you
view, features you engage with, and actions you take (e.g., downloading resources, filling out
forms). This includes information about your geographic location (e.g., country), time zone,
device type (mobile, tablet, desktop), and session data, such as timestamps of access.
-
Device information: We gather data about the device you are using to access our services, such
as the device name, operating system, and unique device identifiers. This data may also include
browser type and settings.
-
Cookies and tracking technologies: We use cookies and similar tracking technologies to manage
our website and services, improve functionality, and enhance user experience. For more
information on our use of cookies, please refer to our Cookies Policy.
c) Personal Data We Receive From
Third Parties -
Public sources: We may collect data from publicly available sources, such as business
directories, social media platforms, or other publicly accessible online sources, for purposes
like business development and recruitment.
-
Third-party partners: We receive information from our trusted partners, such as marketing
platforms or service providers, to enhance our understanding of customer needs and deliver
relevant content. Additionally, we may receive data from security partners to help prevent fraud
or security threats.
3. Why We Process Your Personal
Data We process personal data for the following
purposes: -
To provide and maintain our services: We use your personal data to provide you with the services
or products you request, ensure their functionality, and facilitate the management of your
account. This includes processing payments, responding to inquiries, and offering technical
support.
-
To improve and develop our services: We process personal data to understand how our services are
used, identify areas for improvement, and develop new features. This includes conducting
analytics, research, and user feedback analysis to enhance your experience and refine our
offerings.
-
To communicate with you: We use personal data to communicate with you directly, whether for
transactional purposes (e.g., order confirmations, updates to your account) or to provide
information and marketing about our services, events, or promotions, where you have consented to
receive such communications.
-
For marketing and promotional activities: With your consent, we process your personal data to
send newsletters, offers, and event invitations. This helps ensure you are informed about new
products, services, or relevant industry insights that may interest you. You can opt out of
marketing communications at any time.
-
To ensure the security of our services: We process personal data to safeguard our services from
unauthorized access, misuse, and other security threats. This includes monitoring and detecting
fraudulent or illegal activities, protecting our IT infrastructure, and addressing potential
risks.
-
To prevent fraud and misuse: We use personal data to prevent fraud, abuse, and other criminal
activities. This includes safeguarding user accounts, preventing identity theft, and ensuring
the integrity of our services. We may also use data to investigate violations of our terms of
service or user agreements.
-
To comply with legal obligations: We process your personal data to comply with legal,
regulatory, and contractual obligations under Swiss law and other applicable jurisdictions. This
may include fulfilling tax reporting requirements, adhering to anti-money laundering
regulations, or complying with court orders or government requests.
-
To protect the rights, privacy, and safety of our users and third parties: We may use personal
data to enforce our terms of service, protect the rights and privacy of our users, and safeguard
the safety of our customers, employees, and third parties. This includes responding to legal
claims or disputes and defending our legal rights.
Aggregated or de-identified information: We
aggregate or anonymize personal data in a manner that prevents it from identifying individuals. This
de-identified information is used for analyzing the effectiveness of our services, conducting
research, improving features, and generating statistical insights. We may also share aggregated,
non-identifiable information (e.g., general user statistics) with third parties for business or
research purposes. We do not attempt to re-identify anonymized data unless required by law.
4. Legal Basis for Processing Personal
Data We process your personal data based on the
following legal grounds: -
Consent: We may rely on your freely given consent at the time you provided your personal data to
us.
-
Contractual necessity: We may process personal data in order to fulfill our contractual
obligations.
-
Legitimate interest: We may rely on legitimate interests based on our evaluation that the
processing is fair, reasonable and balanced. These interests include delivering our sevices and
products, security monitoring, and marketing.
-
Legal obligation and public interest: We may process personal data in order to meet regulatory
and public interest obligations or mandates.
5. Sharing Your Personal Data We may share personal data with trusted third
parties to help us deliver efficient and quality services and products. These recipients are
contractually bound to safeguard the data we entrust to them. We may engage with several or all of
the following categories of recipients: -
Third parties that support us as we provide our services and products (e.g. providers of
telecommunication systems, mailroom support, IT system support, archiving services, document
production services and cloud-based software services, scanning services).
-
Our professional advisers, including lawyers, auditors and insurers.
-
A potential buyer, transferee, merger partner or seller and their advisers in connection with an
actual or potential transfer or merger/acquisition of part or all of our business or assets, or
any associated rights or interests.
-
Payment service providers.
-
Marketing service providers.
-
Law enforcement or other government and regulatory agencies (e.g. FAOA, FINMA) or other third
parties as required by, and in accordance with, applicable law or regulations.
-
Recruitment service providers.
6. Data Protection Rights If we process personal data about you, you have the
rights listed below. Before responding to your request, we may ask for proof of identity. This helps
us to ensure that personal data is not disclosed to any person not authorized to receive it. We may
also ask you for sufficient information about your interactions with us so that we can locate your
personal information. -
Access: You can ask us to verify whether we are processing personal data about you, and if so,
to provide more specific information.
-
Correction: You can ask us to correct our records if you believe they contain incorrect or
incomplete information about you.
-
Erasure: You can ask us to erase your personal data after you withdraw your consent to
processing or when we no longer need it for the purpose it was originally collected and no
retention requirements exist.
-
Processing restrictions: You can ask us to temporarily restrict our processing of your personal
data if you contest the accuracy of your personal data, or prefer to restrict its use rather
than having us erase it.
-
Data portability: In some circumstances, where you have provided personal data to us, you can
ask us to transmit that personal data in electronic form if technically feasible.
-
Automated individual decision-making: You can ask us to review any decisions made about you that
we made solely based on automated processing, including profiling, that produced legal effects
concerning you or that significantly affected you.
-
Right to object to marketing, including profiling: You can object to our use of your personal
data for marketing purposes, including profiling. We may need to keep some minimal information
to comply with your request to cease marketing to you.
-
Right to object to active sourcing: You can object to our use of your personal data for active
sourcing purposes. We may need to keep some minimal information to comply with your request to
cease recruiting activities.
-
Right to withdraw consent: You can withdraw your consent that you have previously given to one
or more specified purposes for processing your personal data. This will not affect the
lawfulness of any processing carried out before you withdraw your consent. It may mean we are
not able to provide certain products or services to you and we will advise you if this is the
case.
7. International Data Transfers If we transfer your personal data outside of
Switzerland or the European Economic Area (EEA), we ensure that adequate protection measures, such
as standard contractual clauses or binding corporate rules, are in place to protect your
data.
8. Data Security We use industry-standard security measures to
protect your personal data from unauthorized access, loss, or misuse. These include: -
Encryption: All personal data transmitted to and from our systems is encrypted using
industry-standard encryption protocols.
-
Access control: We limit access to your personal data to authorized personnel only.
-
Data minimization: We collect and process only the data necessary for the stated purpose.
9. Data Retention We retain personal data to provide our services,
offer proposals, stay in contact with you and to comply with applicable laws, regulations and
professional obligations that we are subject to. We retain personal data for so long as the personal
data is needed for the purposes for which it was collected or in line with legal and regulatory
requirements or contractual arrangements. As a rule, the statutory retention period is ten years
from the end of the business relationship. We will dispose of personal data when we no longer need
it.
10. CCPA Privacy Rights We do not, and do not intend to, sell personal
information as "selling" is defined under the California Consumer Protection Act ("CCPA"). California residents who wish to submit requests
for information pursuant to Sections 1798.110 and 1798.115 of the CCPA may do so by emailing legal@tracenable.com. 11. Protection of Young Children Our services are not directed to, or intended for,
children under 13. We do not knowingly collect personal data from children under 13. If you have
reason to believe that a child under 13 has provided personal data to us, please email us at legal@tracenable.com. We will investigate any
notification and, if appropriate, delete the personal data from our systems. Users under 18 must
have permission from their parent or guardian to use our services. 12. Changes to this Privacy
Policy We may update this Privacy Policy periodically to
reflect changes in our practices or legal obligations. We will post any updates on this page with
the latest revision date.