Privacy2019-10-09T15:14:17+00:00

Privacy Policy

I. Introduction

This privacy policy provides information about the processing of your personal data by Financeapp Switzerland AG as operator of wefox (hereinafter also: referred to as “data controller” or “we”) when using this website, our customer platform, our contact form or our newsletter. Personal data include all information that is directly or indirectly related to you. This includes in particular your contract data, including your contact and billing data.

II. Who is responsible for collecting and using your information?

Financeapp Switzerland AG is responsible for collecting and processing your personal data under data protection legislation:


Financeapp Switzerland AG
Stampfenbachstr. 138
8006 Zürich
E-Mail: [email protected]

III. For what purposes do we use your information?

1. Use when visiting the website
When you visit our website, your browser transfers specific data to our webserver for technical reasons, in order to provide you with the information which you requested. In order to allow you to visit the website, the following data are collected, stored for a short period of time and used:

  • IP address,
  • Date and time of the request,
  • Time zone difference from Greenwich Mean Time (GMT),
  • The content of the request (specific page),
  • Access status / HTTP status code,
  • Quantity of data transferred in each case,
  • The website making the request,
  • Browser,
  • Operating system and its interface,
  • Language and version of the browser software.

In addition, to protect our legitimate interests, we store these data for a limited time, in order to arrange for the retrieval of personal data in the event of unauthorised access or access attempts on local servers. We are authorised to do this according to Art. 6 para. 1 clause 1 lit. f GDPR.

2. When registering for and logging into the app

You have the option of using our customer platform and thus benefiting from our services as an insurance comparison site and insurance broker in accordance with our GTCs, which you can find at www.wefox.ch. For this purpose, you can log onto our platform.

When you register and log in to the app, the following personal data are collected on the basis of Art. 6 para. 1 lit. b GDPR.

  • Name,
  • Address,
  • Email address,
  • Mobile phone number,
  • Date of birth and contract data.

The processing of these data is based on Art. 6 para. 1 lit. b GDPR, as these details are required for providing the services based on our GTCs, which you can find at www.wefox.ch.

If special categories of personal data (e.g. health data) are processed, or if we use your data to inform you about other products and services, we will first ask for your consent and then process your data on this basis (Art. 6 para. 1 lit. a GDPR). The scope and purpose of this processing is indicated in the consent request.

3. While using the app

To fulfil the contract (Art. 6 para. 1 clause 1 lit. a) GDPR) and in order for you to be able to use the services of the app in full, we use the following data: 

  • IP address,
  • Device and card recognition,
  • Geometric data,
  • Questionnaire answers,
  • Usage/login/contact data,
  • Operating system and interface,
  • Language and version of the app,
  • Information from security events,
  • Mobile phone number (MSISDN).

To protect our legitimate interests (Art. 6 para. 1 clause 1 lit. f) GDPR), for example, in the case of unauthorised access or attempts to access our server, we will also store this data for a limited time.

4. Use as part of the broker agreement 

As part of your broker agreement or broker sub-contract, we carry out the negotiation of insurance contracts (hereinafter for short just “negotiation”) and / or oversee and manage already existing contractual relationships. For this purpose, your personal data, which you provided as part of data recording, execution of pre-contractual measures, consulting documentation, contract request or conclusion of contract, communication with the product providers as well as contract administration, are required. Your data are collected, processed and used by the broker as part of your brokerage contract for contract-related advice and processing, and are passed on, for this purpose, from the broker to providers which (s)he requests (e.g. insurance companies, comparison sites) and are stored and used by them for reviewing the application. You can find out more from our GTCs at www.wefox.ch. The collection and use of your data associated therewith is necessary in order to fulfil the contract with you. The legal basis for this is Art. 6 para. 1 lit. b GDPR.

We receive from the customer personal data of third parties, which we store and pass on, as far as is necessary, in order to process claims for compensation from customers. In principle, we request that you only send us such data, which are necessary or legally required for the respective purpose (e.g. processing of claims or benefits). The collection, storage and transfer consequently takes place for the purpose of fulfilling the contract and on the basis of Article 6 para. 1 lit. b GDPR and for the purpose of fulfilling a legal requirement of the data collector on the basis of Article 6 para. 1 lit. c GDPR. Failure to provide this data can lead to the insurer being unable to process the claim for compensation.

In order to provide better advice when needed, we enrich our data with the help of an external service provider. Address data are forwarded to an external service provider in a pseudonymous, encrypted form. It is not possible to infer your identity from this data. The service provider supplements address data with publicly available, neutral data such as statistical data on car density, population density, and average age for your post code. This does not involve profiling for the purpose of automated decision-making. We only do this in order to be able to make better offers adapted to your needs. The legal basis for this is Art. 6 para. 1 lit. f GDPR.

5. Email inquiries
You can contact us using the email address provided on our website. Whenever you send us an email, we collect, store and use your

  • name,
  • email address and
  • contents of your message.

The data are only processed as required for handling your inquiry and for corresponding with you. The legal basis for email inquiries results from Art. 6 para. 1 clause 1 lit. f) GDPR. If contact is established by email with the aim of concluding a contract, the legal basis results from Art. 6 para. 1 clause 1 lit. b GDPR.

The data collected are exclusively used for the purpose of being able to process your requests. The data collected during the sending process are required, in order to prevent a misuse of the function and to ensure the security of our systems.

6. Information emails and newsletter
With your consent, you can subscribe to our newsletter, which informs you about our other current products and services.

To subscribe to our newsletter, we use the so-called double opt-in procedure. This means that after your registration we will send an email to the email address you provide. This email will ask you to confirm that you would like the newsletter to be sent. In addition, we will store your IP address and the time of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.

The only required information for sending the newsletter is your email address. The provision of further, separately marked data is voluntary and is used to be able to address you personally. After your confirmation, we will save your email address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 clause 1 lit. a GDPR.

You can revoke your consent to receive the newsletter at any time (cf. §VII) and unsubscribe from the newsletter. You can do so by clicking on the link provided in every newsletter email, by sending an email to [email protected], or by contacting us in one of the ways listed in the legal notice.

a. Cookies

Our website uses cookies. Cookies are small text files which are stored by your browser in your device’s memory and provide us with specific information. Cookies cannot run programs nor deliver viruses to your computer. They serve to make our site more user-friendly and effective.

In what follows, you can find information about cookies, how we use them on our website and what options you have if you’d prefer to disable these cookies, despite their advantages. If you neither disable the cookies nor use the option of the opt-out function as described below, we assume that you accept the use of cookies.

aa. Terms

If you have any questions about the individual cookies and their functions, you can contact us at


Financeapp Switzerland AG
Stampfenbachstr. 138
8006 Zürich
Email: [email protected]

bb. Cookies which we use

This website uses cookies, which are described hereinafter, in order to improve user-friendliness:

  • Functioning of a website
    Cookies which are necessary for technical reasons for the function of our website or offer a service or option which you have requested; e.g. a cookie, which “remembers” your personal settings, such as selected language or the like.
  • Performance analysis of the website
    We strive to constantly improve our website. Cookies are used for this purpose, which provide us with overall statistics about the number of visitors, which areas of a site are viewed the most, details about the city or location of the users as well as the length of the visit etc. These can be installed by external analysis providers which we commission (cf. §III 1.b.).
  • Social Media Cookies
    A cookie has to be installed on your device so that you can share contents of our website using social media channels such as Facebook or Twitter. You can find further information in the guidelines of the corresponding company.
  • Targeting und Tracking Cookies
    On certain pages of our website, we use cookies to better understand your interests when using the Internet. We can therefore offer you a service adapted to your needs in the future. These cookies collect information about where you started your visit, whether you have been shown wefox contents, which concrete advertising material you have viewed, whether you accessed our website directly or indirectly, which device you used to visit our website and what you have downloaded (cf. §III 1.c.).

cc. Your options

You can also use our website without cookies. To prevent your Internet browser using cookies, you can disable the use of cookies via your Internet browser settings. Furthermore, cookies that have already been set can be deleted at any time using an Internet browser or other software programs. This is possible in all common Internet browsers. You can find out how to disable and/or delete cookies using your Internet browser’s help function. Please be aware that disabling/deleting cookies can lead to some features of our website no longer working as expected. Cookies which could be required for certain features of our website are set out below. In addition, disabling/deleting the cookies only applies to the Internet browser currently in use. If you use other Internet browsers, the process of disabling/deleting cookies must be correspondingly repeated.

We store these data until the end of the duration of a given cookie or until you have deleted the cookies.

You can find out about further processing of personal data using cookies in the corresponding sections of this information.

b. Cookies for web analysis

We use your information as part of website analysis, in order to make our website more user-friendly and to be able to conduct market research. We use website analysis tools for this purpose. These tools use your IP addresses either in truncated form or not at all. Analysis cookies of this type are set on the basis of Art. 6 para. 1 lit. f GDPR. As the operator of this website, we have a legitimate interest in analysing user behaviour in order to optimise our website. Find out more about the web analysis tools which we use.

Our website uses features of the web analysis service Google Analytics. The provider of this web analysis service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses cookies, which are stored on your computer and facilitate the analysis of user behaviour when visiting the website. We use Google Analytics in conjunction with the IP anonymization function. In this case, the IP address is truncated within the European Economic Area prior to transmission to the United States. The IP address is only truncated in the USA in exceptional cases. On our behalf, Google will use this information for the purpose of evaluating your use of the website, for compiling reports on website activity, and for providing us other services relating to website activity and internet usage. The IP address transmitted by Google Analytics is not conflated with other Google data.

You can prevent the installation of cookies by changing your browser settings accordingly. You can also prevent Google collecting and processing the information generated by the cookie about your use of this website (including your IP address) by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

For such exceptional cases in which personal data are transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

 In order to obtain statistics regarding the use of our website, we have also incorporated the Mixpanel service. Mixpanel is a web analysis service which is operated by Mixpanel, Inc., 405 Howard St, Floor 2, San Francisco, CA 94105, USA. Mixpanel sets a permanent cookie on your device which also records your user behaviour on the website. These data are then analysed by Mixpanel, with the results forwarded to us. Mixpanel collects and stores usage data in pseudonymous profiles. We do not conflate these with personal data. We thereby gain an insight into the way in which the website is used in general, and are then able to decide whether changes are necessary or useful in order in particular to enhance user-friendliness.

If you would like to prevent Mixpanel collecting and using usage data, you can disable the service on the website https://mixpanel.com/optout/, by setting an opt-out cookie. Please note that only the browser currently being used is affected by setting the cookie. The collection and use of your data in other browsers continues to remain possible until you have disabled Mixpanel there too. It also becomes possible to collect usage data again if you delete the opt-out cookie. You can find further information about how Mixpanel handles user data in the Privacy Policy of Mixpanel at: https://mixpanel.com/privacy/.

Data processing also takes place in the United States here. A suitable level of data protection is ensured by Mixpanel’s participation in the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).

This website uses Optimizely, a web analysis service of Optimizely GmbH, Christophstraße 15-17, 50670 Cologne., (“Optimizely”). The information generated by cookies about your use of our website is usually transmitted to an Optimizely server in the USA and stored there. We have activated the IP anonymization feature on our website, so that your IP address will be truncated by Optimizely within the EU and the EEA. Only in exceptional cases will the entire IP address be transmitted to an Optimizely server in the USA and truncated there. For these cases, Optimizely has submitted to the EU-U.S. Privacy Shield (https://www.privacyshield.gov/EU-US-Framework) in order to ensure a suitable level of data protection.

Optimizely will use this information on behalf of wefox to evaluate your use of the website and to compile reports on website activity. The IP address transmitted by your browser as part of Optimizely is not conflated with other Optimizely data.

Alongside the options set out under III.1.a.cc., you can disable Optimizely Tracking at any time and thus prevent the data generated by the cookie relating to your use of the website (incl. your IP address) being collected by Optimizely and this data being processed by Optimizely by following the instructions at http://www.optimizely.com/opt_out.

We use a plugin of the web analysis service NewRelic on our website. This service is provided by NewRelic Inc., 188 Spear Street, Suite 1200 San Francisco, CA 94105, USA. This allows us to collect statistical evaluations about the speed of our website. NewRelic receives information through the plugin that the user has accessed the corresponding page in the offering. NewRelic collects and stores your IP address for this. You can find more information on how NewRelic handles your data at: https://newrelic.com/privacy.

Data processing also takes place in the United States here. A suitable level of data protection is ensured by NewRelic’s participation in the EU-US Privacy Shield.

c. Cookies for advertising purposes on our website

We further use your information to show you advertising which is tailored to you and your interests. To this end, we use the following tools which use your IP address (in truncated or else full form) for these purposes. The legal basis for using these data is Article 6 para. 1 lit. f GDPR. As operator of this website, we have a legitimate interest in displaying product recommendations and carrying out marketing activities. Learn more about the tools which we use for this purpose.

We use Unbounce, a web analysis service of Unbounce Marketing Solutions Inc., Unit 415 -375 Water Street, Vancouver, BC, Canada V5T 4R4. In this case, certain websites are hosted by Unbounce and used by us for our actions and advertising campaigns. Your browser transfers your IP address directly to Unbounce so that cookies can be set. We receive an anonymous statistical evaluation of the users’ activities on the platforms which we use. In this way, we cannot infer the identity of a user. You can find further information on Unbounce and data protection at Unbounce here: http://unbounce.com/privacy/.

We use the function “Facebook Custom Audiences” which is operated by the company Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (”Facebook”). Thanks to this technology, users, who have already visited our website and been interested in what is on offer, are targeted once again by targeted advertising on Facebook via adverts which are shown. The advertising is shown by using cookies, with the help of which user behaviour when visiting the website can be analysed and subsequently used for targeted product recommendations and interest-based advertising. Information about the activities of the user on the website, such as surfing behaviour and subpages visited etc. is collected.

You can find more information at https://www.facebook.com/about/privacy/.

You can disable the Custom Audiences feature at https://www.facebook.com/settings?tabR=ads. For this, you will first of all have to register.

Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework, in order to guarantee a sufficient level of data protection for your data.

Wefox uses the online advertising offer from Google “Google AdWords” and conversion tracking as part of Google AdWords. Google Conversion Tracking is an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). A conversion tracking cookie is stored on your computer if you click on an advertisement placed by Google. These cookies are no longer valid after 90 days and contain no personal data. If you visit certain pages of our website and the cookie has not yet expired, Google and the website can tell that you clicked on the ad and proceeded to that page. Each Google AdWords advertiser has a different cookie. The information obtained using the conversion cookie is used to generate conversion statistics for us. Here, we only see the total number of anonymous users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, they do not obtain any information which can be used to identify users personally.

Alongside the options set out under III.1.a.cc., you can disable personalised advertising for you in the advertising settings for Google at http://www.google.ch/settings/ads.

You can find more information about how your data are handled at https://policies.google.com/privacy?hl=de&gl=de.

Google retargeting uses so-called double click cookies. This allows adverts to be proposed, optimised and evaluated for you based on your previous visits to this website, by information about your browsing behaviour being collected and stored for marketing purposes using a pseudonym. Based on this, you can then be shown targeted product recommendations as ad banners on other websites. We will under no circumstances link this information with data from your customer relationship or use the data to personally identify you as visitor of this website. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework, in order to guarantee a sufficient level of data protection when processing your data in the exceptional cases in which your data are processed in the USA.

You can prevent Google/DoubleClick collecting usage data by following the instructions at the following link: http://www.google.ch/settings/ads.

This website takes part in partner programmes of Affilinet GmbH (Sapporobogen 6-8, 80637 Munich). This involves a service for incorporating advertisements in the form of text links, picture links, ad banners or input masks. In this case, cookies are used which enable a usage analysis of the website. Affilinet also uses “web beacons” (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on websites. The information about the use of this website (including your IP address) generated by the cookies and web beacons, and delivery of advertising formats, will be transferred to an Affilinet server and stored there. Affilinet may pass this information on to its contractual partners. However, Affilinet will not combine your IP address with other data which you have stored. You can prevent the installation of cookies by changing the settings in your browser software accordingly. You can find further information on data usage in Affilinet’s Privacy Policy: https://www.affili.net/de/footeritem/datenschutz

d. Usage of your data to ensure the operation and security of our website

On our website we also use a web service from the company Cloudflare Inc., 101 Townsend St, 94107 San Francisco, USA (hereinafter: CloudFlare), to make our website faster and more secure. For this purpose, Cloudflare collects your information, such as IP addresses, system configuration information and other information regarding the traffic from and to the website as well as log data. These data help us detect new threats and access by unauthorised third parties. Legal basis for data processing is Art. 6 para. 1 letter f GDPR. The legitimate interest lies in an error-free and secure function of our website.

Cloudflare has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework, in order to guarantee a sufficient level of data protection when processing your data in the USA.

You can find further information about how Cloudflare handles your data at https://www.cloudflare.com/de-de/privacypolicy/.

In addition, wefox uses the service “LogEntries”, which is operated by RAPID7, The One Building, 2nd Floor, 1 Grand Canal Street Lower, Dublin 2, Dublin, Ireland, in order to evaluate the log files. In this case, log files (such as IP address, operating system used, name of the Internet service provider) are transferred to log entries, in order to evaluate them anonymously. They are evaluated in order to ensure the functionality of the website. Furthermore, the data are used to optimise the website and to ensure the safety of our information technology systems. The data are not evaluated for marketing purposes in this context. Therefore, processing takes place for these legitimate interests, Art. 6 para. 1 lit. f GDPR. You can find further information in this regard at: https://logentries.com/privacy/.

Data processing also takes place in the United States here. A suitable level of data protection is ensured by Rapid7 Inc’s participation in the EU-US Privacy Shield.

e. Social Plug-ins

We have implemented social plug-ins from Facebook and Twitter on our website. You can recognise the provider of the plug-in by the marking on the box above its initial letter or the logo. We use the so-called two-click solution. Thus, when our website is visited purely for informational purposes, no personal data are, in principle, passed on to the providers of the plug-ins. We offer you the possibility to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. The data are passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected with us will be directly assigned to your existing account with the plug-in provider. When activating the activated button and linking the page, for example, the plug-in provider also stores this information in your user account and communicates this to your contacts in public.

The legal basis for the use of plug-ins is Article 6 para. 1 sentence 1 lit. f) GDPR. Through the plug-ins, we offer you the possibility to interact with social networks and other users, so that we can improve our offering and make it more interesting for you as a user. The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or demand oriented design of its website. Such evaluation is carried out in particular (also for users who are not logged in) to display customised advertising and to inform other users of the social network about your activities on our website.

For more information on the purpose and extent of the data collection and their processing by the plug-in provider, please refer to the privacy policies of these providers shown below. Here, you will also find further information on your rights and settings options for protecting your privacy. The addresses of the individual plug-in providers and URL with their privacy policies are listed below:

aa. Facebook
Facebook Ireland Ltd., Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland, operated (“Facebook”) You can find information on Facebook data protection here: http://www.facebook.com/policy.php. Facebook has also submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

bb. Twitter
Twitter Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. You can find further information and adjustment options at:

Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

cc. Google +
Plug-ins of the social network Google+; is operated by Google Inc.,1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“). You can find an overview of the plug-ins of Google+ and what they look like here: https://developers.google.com/+/plugins; you can find information on Google+ data protection here: http://www.google.ch/intl/de/policies/privacy/. Google has also submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

f. Links to social media networks

In addition, you can find links to social media networks such as Facebook, Twitter, Google+, YouTube and LinkedIn on our website. These are not social plug-ins provided by the social media provider which transfer data to the provider as soon as you load the page, without the user being able to have an influence over it. After clicking on the social media networks, there is simply a link to the social media network including the transfer of the website to be shared. No user data are transferred from the website to the social media network. If you are already registered with the corresponding social media service when you click on the button, the sharing dialogue recognises this so that you can directly share the content. If this is not the case, you will be requested to log into the social media network. From that point, you’ll find yourself on the website of the respective social media network. You can find information on data processing of the respective providers below.

aa. Facebook
Facebook Ireland Ltd., Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland, operated (“Facebook”) You can find information on Facebook data protection here: http://www.facebook.com/policy.php. Facebook has also submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

bb. Twitter
Twitter Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. You can find further information and adjustment options at:

Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

cc. Instagram
Instagram is a product provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, https://help.instagram.com/519522125107875.

Instagram has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

dd. LinkedIn
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; https://www.linkedin.com/legal/privacy-policy.

LinkedIn has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

ee. XING
New Work SE, Dammtorstraße 30, 20354 Hamburg, https://privacy.xing.com/de/datenschutzerklaerung.

g. Performance tools

aa. Salesforce CMS-System
We use the customer management system of the provider, salesforce, in order to be able to process user inquiries more quickly and efficiently. You can find information on data protection at salesforce.com Austria GmbH, Erika-Mann-Str. 31, 80636 Munich https://www.salesforce.com/.

bb. Intercom
Intercom offers messaging for sales, marketing, and customer service on a single platform and improves user interaction via chat. You can find information on data protection from Intercom Inc., 55 2nd St, San Francisco, CA 94105, USA; https://www.intercom.com.

cc. Adjust
The Adjust tool uses the anonymous IP addresses of the users for its analytics. This enables us to analyse campaigns and events as well as the function and utilisation of the app and to improve our service. You can find information on data protection from Adjust GmbH, Saarbrückener Str. 37a, 10405 Berlin; https://www.adjust.com.

IV. With whom and how do we share your information?

1. Disclosure of data for third-party processing
wefox outsources certain processes and tasks to service providers in order to guarantee the handling of complicated topics, which require particular knowledge or cannot be undertaken inhouse or to be able to fulfil the contract with you, for example hosting our website, analysing user behaviour on our websites and so on. Therefore, we will pass on your data to the following categories of recipients:

  • Insurance companies, collaborating intermediaries, broker pools
  • Technical service provides which work for us
  • For web analysis and marketing purposes (cf. §III 1.b and c)

Furthermore, data are also shared with the following specialised companies in the wefox group of companies in order to carry out central data processing tasks. In this case, your data may be processed centrally by a company of the group for the central management of address data, for the customer services help line, for the processing of benefits or for general mail handling. These companies include:

  • wefox Group services (GER) GmbH
  • FinanceFox Services BCN S.L.

In this case, we will only pass on such information to the companies which is necessary for the respective service. Information beyond this is not communicated to the companies.

In addition, in the context of your information being forwarded to other service providers, we would like to ensure that your data are handled carefully and that you are able to exercise your rights even when other service providers are involved. For this reason, corresponding contracts for protecting your information have been concluded with the service providers, wherever necessary.

Your personal data are communicated for the purpose of contract initiation or implementation with you on the basis of Art. 6 para. 1 clause 1 lit. b GDPR, owing to our legitimate interest, to keep our products functional and safe, on the basis of Art. 6 para. 1 clause 1 lit. f GDPR and provided that you have given us your consent for your personal data to be processed on the basis of your consent within the meaning of Art. 6 para. 1 S.1 lit. a GDPR.

2. Disclosure due to statutory obligation
Moreover, we communicate your personal data only and in so far as there is a statutory obligation for disclosure on our part. This communication is done on the basis of Art. 6 para. 1 S.1 lit. c GDPR (e.g. to the police authorities as part of criminal investigations or to the data protection supervisory authorities).

3. Processing of data outside the EU/EEA
Your data are also partly processed in countries outside of the European Union (“EU”) or the European Economic Area (“EEA”). In these cases, we ensure with our contractual partners that a sufficient level of data protection is guaranteed for your data, e.g. by contractual arrangements (EU standard contractual clauses).

V. When will your information be deleted?

We store your data as long as necessary for the abovementioned purposes or until you revoke your consent to its storage (for more information cf. §VII). 

We shall delete the data as long as we determine no other legal grounds for further storing them. If data cannot be deleted because they are required for other and legally permissible purposes, their processing shall be restricted. This means that the data will be blocked and not processed for other purposes. Information which is collected in connection with tax and statutory obligations is partially stored correspondingly longer. The storage periods are thereafter up to ten years. In addition, personal data may have to be retained for the period in which claims can be asserted against Financeapp Switzerland AG (statutory limitation period of up to thirty years).

VI. What rights do you have in connection with the processing of your information?

In order to show you all possibilities as part of the collection and use of your information/personal data, we would hereby like to draw your attention to the rights, to which you are entitled in this regard.

a. Right to receive information
You can request information about how, by whom, for what purposes, and under what conditions your data are collected and used.

b. Right to correction
Naturally, we do not want to forward any false or out-of-date information as part of the use of your personal information, in order e.g. to avoid misunderstandings or possible harm. Therefore, you may at any time update or correct the information we have collected about you.

c. Right to restrict processing
You may further ask that we use your data only to a limited extent. This means that although your data are still stored, they may, however, only be used in restricted circumstances (e.g. for asserting legal claims).

d. Right to object
If we collect and use your information for legitimate purposes, you of course have the right to object to the use of your information.

e. Right to file a legal complaint with a supervisory authority
We are, of course, keen to comply with all laws in respect of your data. However, if you believe that the use of your data violates data protection regulations, you have the right to file a complaint with a regulatory authority.

f. Right to deletion
Not least, we shall also delete your data as long as they are no longer required for the purposes stated here and as long as we are not bound by any retention requirements (cf. §V). However, if you believe that there is no legal basis for further storage, you may ask that we delete the data.

g. Right to data portability
You also have the right to data portability with regard to all the data you have provided to us. This means that we are required to provide you with this data in a structured, common, and machine-readable format.

VII. Consent and revocation of consent

If you have given us your consent for your personal data to be processed, you can revoke this at any time. Revocation of consent applies to the future. This does not affect the legitimacy of any prior processing of your data.

VIII. How can you contact us?

In order to exercise your abovementioned rights or in connection with your consent or if you have any further questions regarding data protection in our company, you can contact us as well as our Data Protection Officer as follows: 

Data protection officer, Stampfenbachstr. 138, 8006, Zürich at [email protected].

You can also contact us in this way if you would like to lodge a complaint about how we collect, store and use your personal data. It is our aim to offer the best possible solution regarding your complaints. However, if you are not satisfied with our answer, you can also get in touch with the competent supervisory authority.

IX. Changes to this privacy policy

We reserve the right to update this privacy policy from time to time. Updates made to this privacy policy will be published on our website. Changes shall come into effect from the time of their publication on our website. We therefore recommend that you regularly visit this page in order to keep abreast of any possible updates.