Privacy Policy
Updated: January 1, 2025
This Privacy Policy explains how Datapunctum AG, Sihleggstrasse 5, CH-8834 Wollerau, Switzerland (hereinafter “we”, “us”, or “our”), collects and processes personal data in the course of its business activities.
1. General Information
“Personal data” refers to all information relating to an identified or identifiable natural person.
If you provide us with personal data of third parties (e.g., employees, colleagues, representatives), please ensure that such individuals are aware of this Privacy Policy and that you are authorized to share their data.
This Privacy Policy is aligned with the Swiss Data Protection Act (DPA) and the EU General Data Protection Regulation (GDPR), to the extent applicable in each case.
2. Controller and Contact
Datapunctum AG is responsible for the data processing described in this policy, unless stated otherwise in individual cases.
For questions related to data protection, you may contact our Data Protection Officer:
Postal Address:
Data Protection
Datapunctum AG
Sihleggstrasse 5
CH-8834 Wollerau, Switzerland
Email: privacy@datapunctum.com
3. Personal Data We Process
We primarily process personal data that:
You provide to us in connection with our business relationship,
We collect through your use of our websites, applications, or platforms,
We receive from third parties, including public sources, commercial registers, credit agencies, or business partners.
Examples include:
Identification and contact data (e.g., name, address, email, telephone),
Job title, employer information,
Information from correspondence and meetings,
Contractual and transaction-related data,
Financial information (e.g., payment data),
Data from public sources or authorities,
Technical data from website or app use (e.g., IP address, browser type, device info, cookies, log files).
4. Purpose and Legal Basis of Processing
We process personal data primarily to perform contractual obligations and manage business relationships, including:
IT consulting and software delivery,
Order fulfillment and customer support,
Procurement and supplier management.
We may also process data for the following legitimate interests, provided applicable law permits:
Improving our products, services, websites, and platforms,
Customer and partner communication,
Marketing and event management (with opt-out options),
Market research and media monitoring,
Legal claims and dispute resolution,
Fraud detection, security, and access control,
Compliance with legal and regulatory obligations,
Corporate transactions such as mergers or asset sales.
5. Cookies, Tracking, and Analytics
We use cookies and similar technologies to optimize website functionality and user experience. This includes:
Session cookies (temporary),
Persistent cookies (e.g., to store language or login preferences),
Analytics cookies (e.g., Google Analytics, with IP anonymization enabled),
Marketing and retargeting tools.
You can manage cookie preferences through your browser settings. Note that disabling cookies may limit site functionality.
We may also include tracking pixels in newsletters or marketing emails to understand engagement, subject to your email client settings.
We use plugins from third parties (e.g., LinkedIn, YouTube). These are disabled by default. Once activated, these third parties may collect data according to their privacy policies. We do not receive personal data from these third parties.
6. Disclosure of Data to Third Parties
We may share personal data with:
Service providers (e.g., IT, payment processors, cloud services),
Business partners, suppliers, subcontractors,
Authorities or courts, where legally required,
Buyers in case of mergers or acquisitions,
Affiliated companies, clients, or third parties involved in business activities.
Such recipients are contractually bound to comply with applicable data protection regulations, including processing agreements where necessary.
7. International Data Transfers
We may transfer personal data to jurisdictions outside Switzerland or the EEA. Where such jurisdictions lack an adequate level of data protection, we ensure appropriate safeguards, such as:
Standard Contractual Clauses (SCCs) issued by the EU Commission,
Other contractual measures as required by law.
Exemptions may apply in specific cases (e.g., legal proceedings, public interest, or explicit consent).
8. Retention Periods
We retain personal data:
As long as necessary to fulfill contractual and legal obligations,
Beyond the duration of a business relationship, if required by law (e.g., commercial and tax laws),
As long as necessary for legal claims, compliance, or documentation purposes.
Once no longer needed, data is deleted or anonymized, subject to shorter retention periods for technical data (e.g., system logs).
9. Data Security
We implement appropriate technical and organizational measures to protect data from unauthorized access and misuse, including:
Access restrictions and encryption,
Secure IT infrastructure and regular audits,
Data protection by design and by default,
Staff training and internal policies.
10. Obligation to Provide Personal Data
In the context of business relationships, you must provide the personal data required to enter into and perform contractual obligations. Without such data, we may be unable to initiate or fulfill agreements or enable website access.
11. Your Rights
Where applicable, and in accordance with the law, you have the following rights:
Access to your personal data,
Rectification of incorrect or outdated data,
Erasure of data (“right to be forgotten”),
Restriction of processing,
Data portability (transfer to another controller),
Objection to processing for legitimate interest or marketing,
Withdrawal of consent, where processing is based on consent.
To exercise your rights, you may contact us as specified in Section 2. We may require proof of identity.
You also have the right to lodge a complaint with the competent supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC):
12. Changes to This Policy
We may update this Privacy Policy at any time. The current version is published on our website. If the policy is part of an agreement with you, material changes will be communicated to you directly.
