This privacy policy of Knowlance AG, Artherstrasse 28A, 6300 Zug, Switzerland (hereinafter “we” or “controller”), applies to requests and following business transactions. Further information about the provider can be found in our imprint.
§ 1 General information
As a Swiss company, we are subject to the applicable data protection regulations and laws of Switzerland. In order to lawfully provide our services to customers from the European Union (EU), we comply with Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter “GDPR”).
For the purposes of requests and conducting of legal transactions, we act in generally as data controller within the meaning of the GDPR and processes personal data based on legal regulations or your voluntary consent to data collection.
When you fill out our online request form, you voluntarily provide various personal data. Personal data are all data with which you can be identified as a natural person.
When collecting your personal data, we always endeavour to limit data processing as much as possible. To guarantee data protection, we rely on modern technical solutions and comprehensible and secure organisational mechanisms.
The following privacy policy gives you an overview of how we guarantee data protection, what kind of data is collected for what purpose and what data is passed on to third parties for what purpose. The privacy policy is also made in compliance with our information obligations under the GDPR.
§ 2 Collection and processing of your data
In order to use our services, you can send us a free and non-binding request at any time. This can be done through our online form, whereby we need a valid e-mail address to process and respond to your request.
The data gathered from you in this context will only be collected for specified, explicit and legitimate purposes. We only collect and use data to the extent that is technically and pre-contractually or contractually necessary in order to be able to offer you optimum performance of our services.
Based on your request, a suitable freelancer for your topic and requirements will be selected and you will receive an individual offer together with other information belonging to our service performance.
Data categories and data provision
Within the scope of the request, various information on your person (name, e-mail address, telephone number) as well as further information on the concretisation of the request (area of study, working topic, specification, etc.) are requested.
We process the following categories of data: master data, communication data and history, request data, information on our offer, contract data and payment information, if applicable.
We do not process special categories of data (i.e. sensitive, especially worthy of protection) as well as data of children. We do no profiling in the sense of the law.
You provide us with the required data voluntarily and directly. Their provision is necessary for processing and responding to your request. In the case of missing data, the use of our services may be rejected.
(2) Purposes of the processing and legal basis
The processing of your data generally occurs in accordance with Art. 6 para. 1 letter b GDPR for the purpose of implementing pre-contractual measures upon your request. If a contract will be concluded with you, your data will be used for subsequent contract performance or legal enforcement.
In addition, data processing in accordance with Art. 6 para. 1 letter c GDPR may be necessary for the fulfilment of legal retention obligations as well as other legal obligations.
We are also entitled to process data in cases where this is necessary to safeguard our legitimate interests in ensuring the smooth provision of our services, optimising business processes and in particular the request procedure and in the establishment, exercise or defence of legal claims. This is based on Art. 6 para. 1 letter f GDPR.
Furthermore, we reserve the right to send you after your corresponding consent, news regarding our offer to the contact details you have provided, as long as you have not objected to this use of your data in text form.
(3) Disclosure of data and recipients
Should your data be passed on to our contractual and business partners involved in the business process, this will only be done in compliance with the statutory data protection regulations, this privacy policy, if necessary within the scope of a data processing contract in compliance with data protection laws and exclusively for the legitimate purposes specified in § 2 (2) above.
Within the performance of a contract, we explicitly point out that selected data will be passed on to our subcontractors (freelancers) who will fulfil your order in communication with us. They are contractually bound to comply with these provisions. The freelancers are located in the EU or Switzerland, which ensures an adequate level of data protection.
In individual cases, data may be transferred on the basis of overriding legal regulations or permission rates to administrative and investigative authorities, judicial authorities, lawyers.
(4) Use of Google reCaptcha
To protect our contact form against unwanted use, we use the service reCaptcha of the company Google Inc. This service makes it possible to distinguish whether the input is made by a human or abusive and automated by a machine (spambot). For this purpose, your IP address and any other data required by Google Inc. for the reCaptcha service will be transmitted to Google Inc. This data is subject to Google Inc.’s privacy policy, which can be found at: https://www.google.com/intl/de/policies/privacy/.
§ 3 Data security
In compliance with the provisions of the GDPR and the Swiss Federal Data Protection Act, we have taken a number of technical and organisational measures against the loss, destruction, access, modification and dissemination of your data by unauthorized persons, which are suitable for ensuring effective, legally compliant data protection in the area of general and automated processing of personal data and the use of network and telecommunications channels. The measures we have taken are state of the art, they are regularly updated, adapted to the latest developments in our system and periodically reviewed.
All data is processed centrally on our servers at a secure location in Switzerland and thus within the framework of the EU data protection standards.
§ 4 Duration of data storage
Personal data are stored by us in a form that allows the identification of the data subjects only for as long as is necessary for the purposes for which they are processed. We limit the retention period for personal data to the absolutely necessary minimum. With regard to our international activities, we have to comply with various legal retention obligations depending on the individual case and the respective applicable national law. This also determines the criteria for specifying the retention period.
After the fulfilment of the contract, we will generally check after three years whether we still need your data and whether there is a legal obligation to store it.
Data collected within the scope of a request, which, however, did not result in the conclusion of a contract, can also be used beyond the period of processing the request to improve our offers and optimise business processes and to establish, exercise or defend legal claims or to clarify cases of misuse. After processing your request, we generally check after three years whether our legitimate interest in data retention still exists and whether there is a legal obligation to store it.
§ 5 Obligation to provide information and data subject’s rights
If personal data is collected directly from you as the requesting party, we are obliged to inform you about the processing of your data by us in accordance with the requirements of Art. 13 GDPR. This privacy policy is in compliance with our obligation to provide information.
According to Art. 15 GDPR, you have the right to request free-of-charge information about which personal data is processed by us.
You also have the right to have false data corrected in accordance with Art. 16 GDPR, to have your personal data deleted (right to be forgotten) in accordance with Art. 17 GDPR and to have processing restricted in accordance with Art. 18 GDPR. If applicable, you can also assert your right to data portability in accordance with Art. 20 GDPR.
As a rule, you can exercise your right to be forgotten if the storage of your data is no longer necessary for the purposes for which it is collected or otherwise processed, or if there are no legal retention periods in conflict with the deletion.
If you believe that your data are being processed unlawfully, you may lodge a complaint with the competent supervisory authority pursuant to Art. 77 GDPR.
You can send your queries to us free of charge in written, electronic form to the e-mail address given below in § 7 or by post to our business address. Please note that we must sufficiently verify your identity on the basis of the request. In case of doubt, we can demand further information to confirm your identity. We will answer your request immediately, at the latest within one month after its receipt. In exceptional cases, an appropriate fee may be charged or the request may be rejected for a legal reason.
§ 6 Right of objection
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 letter f GDPR, you have the right to object to the processing pursuant to Art. 21 GDPR, provided that there are reasons for this arising from the particular situation of the data subject or if the objection relates to direct advertising. In the event of a legal objection, we will no longer process the personal data concerned, unless there are overriding legitimate reasons for the processing of such data, which outweigh the interests, rights and freedoms of the data subject or the personal data are used to enforce, exercise or defend legal claims.
§ 7 Contact person for data protection and representative in the EU
You can contact the persons responsible for data protection within Knowlance AG at any time at the following e-mail address: [email protected]. Our EU representative within the meaning of the GDPR is Mr. Christopher Waluga with business address in Ul. Płk F. Nullo 38/92, 31-543 Kraków, Poland. You can also contact him at the above e-mail address.
We are committed to strictly adhering to our legal obligations to provide information, to respond in a timely manner to you as data subjects, and to make notifications, deletions, etc. in accordance with the law.