Privacy policy and consent

1. Objectives and responsible entity
2. Basic details about data processing
3. Processing of personal data
4. Collection of access data
5. Cookies and reach measurement
6. Newsletter
7. Inclusion of services and content from third parties
8. Contact information telephony / e-mail
9. Support / ticketing system NIBO
10. User rights and deletion
11. Changes to the privacy policy

1 Objectives and responsible entity

This privacy policy informs you of the type, extent and purpose of the processing of personal data (including its collection, processing and use, as well as obtaining consent) within our online offer and the websites, functions and contents connected with it (hereinafter “online offer” or “website”). The privacy policy applies regardless of the domain, system, platform, or device (such as desktop or mobile) on which the online offer is being run.

The provider of the online offer and thus the data controller is Netree AG, Industriestrasse 14, CH-4658 Däniken (hereinafter referred to as “providers”, “we” or “us”). For our contact details, please refer to our imprint.

The term “user” includes all customers of and visitors to our online offer. The terminology used, such as ”user” should be understood as gender-neutral.

2 Basic details about data processing

We process personal data of users strictly in compliance with the relevant data protection regulations and pursuant to the requirements of data minimisation and data avoidance. This means that user data is processed only if legally permitted, in particular if the data is necessary or legally required for the performance of our contractual services or to deliver our online services, or if consent has been obtained.

We undertake organisational, contractual and technical security measures using the best available technology in order to ensure that we comply with data protection regulations and to protect the data that we process from accidental or deliberate manipulation, loss, destruction or from being accessed by unauthorised individuals.

Insofar as the content, tools or other means of other providers (hereinafter referred to as “third-party providers”) are used in the context of this privacy policy and whose registered office is located abroad, it shall be assumed that data transfer to the country of domicile of the third-party providers takes place. The transfer of data to third countries takes place either on a statutory basis, or based on the consent of the users or special contract clauses which ensure that the data is secured as stipulated by the relevant legislation.

3 Processing of personal data

In addition to the use expressly stated in this privacy policy, personal data is processed for the following purposes on the basis of legal permissions or user consent:

To provide, execute, maintain, optimise and ensure the security of our user services;
To guarantee effective customer service and technical support.

We only transfer users’ data to third parties when this is necessary for billing purposes (for example, to a payment service provider) or for other purposes, if necessary, in order to fulfil our contractual obligations towards users (for example, address information to suppliers).

When contact is made with us (via the contact form or by email), the information the user provides is saved for the purposes of processing the enquiry and also in the eventuality that there are follow-up questions.
Personal data will be deleted once the purpose for which they were collected has been fulfilled, insofar as deletion does not conflict with statutory retention requirements.

4 Collection of access data

We collect data about each access to the server on which this service is located (so-called server log files). Access data include the name of the website visited, the file accessed, the date and time of the visit, the volume of data transferred, notification of a successful visit, the browser type and version, the user’s operating system, the referring URL (previously visited site), the IP address and the querying provider.

Pursuant to statutory provisions, we use log data without assigning it to individual users or other profiling measures. We use such data only for the statistical evaluation of the operation, security and optimisation of our online offer. However we reserve the right to check the log data retrospectively if, due to concrete evidence, there is a legitimate suspicion of illegal use.

5 Cookies and reach measurement

Cookies are small text files transmitted from our web server or third-party web servers to users’ web browsers and stored there for later retrieval. This privacy policy informs users that cookies are used in the context of pseudonymous reach measurement.

This online offer can also be viewed without cookies. If users do not wish for cookies to be saved on their computers, we ask them to activate the appropriate option in their browser’s system preferences. You can delete stored cookies using your browser’s system preferences at any time. The exclusion of cookies can lead to function limitations in this online offering.

You can manage a wide range of online advertising cookies from companies on the US American website: http://www.aboutads.info/choices, or the EU website: http://www.youronlinechoices.com/uk/your-ad-choices/.

6 Newsletter

The following information is intended to provide information on the content of our newsletter, the registration process, the distribution process, the statistical evaluation process and your right to object. When you subscribe to our newsletter, you acknowledge that you have agreed to receive the newsletter and that you agree with the processes that have been described.

Content of the newsletter: We send newsletters, emails and other electronic messages with advertising information (hereinafter referred to as ‘newsletter’) only with the recipient’s consent or if we have been granted legal permission to do so. Insofar as the contents of the newsletter are concretely described when subscribing, this is decisive for user consent. Incidentally, our newsletter contains information about our products, offers, promotions and our company.

Double opt-in and data logging: A double opt-in process is used when users register to receive our newsletter. This means that you will receive an email after registering which asks you to confirm your registration. This confirmation is necessary so that it is not possible for people to log in with external email addresses. New registrations to the newsletter are logged in order to verify that the registration process complies with the legal requirements. This involves storing the IP address and the time at which the new user registers and confirms the registration. Changes to any of your data stored by the email marketing service are also logged.

Email marketing provider: The newsletter is distributed by “MailChimp” (hereinafter “email marketing provider”). You can see the email marketing provider’s privacy policy here: https://mailchimp.com/legal/privacy/.

The email addresses of our newsletter recipients, as well as other data about them described in this privacy policy, are stored on the email marketing provider’s servers. The email marketing provider uses this information to send and evaluate the newsletters on our behalf. Furthermore, the email marketing provider can use this data to improve their own services, e.g. to enhance how the distribution process operates on a technical level and how the newsletter is presented, or for financial reasons in order to determine which countries the newsletter recipients are based in. However, the email marketing provider does not use our newsletter recipients’ data to contact them or to disclose this information to third parties.

Registration details: You only need to provide your email address when you register to receive the newsletter.

Statistical surveys and analysis – The newsletters contain what is known as a web beacon, which is a pixel-sized file called up by the email marketing provider’s server when the newsletter is opened. Technical information such as information on your browser, your operating system and IP address are collected at the time the file is called up. This information is used to facilitate technical improvements in our services by means of gathering technical data, information on target groups and their reading behaviour by analysing access times and the locations from which readers call up the files (determined by means of IP addresses). Further statistical analysis includes determining whether the newsletter has been opened, when it was opened and which links have been clicked. For technical reasons, this information can be matched to individual newsletter recipients. However, neither we nor the email marketing service intend to monitor individual users. The main purpose of this analysis is to identify the reading habits of our users and to tailor our content to their requirements or to publish content that matches the interests of our readers.

Cancelation/revocation – You can cancel your subscription to our newsletter i.e. revoke your consent, at any time. In doing so, your consent to receive the newsletter via the email marketing provider and to statistical analysis both also terminate. Unfortunately you cannot terminate these services separately. You will find an unsubscribe link at the end of each newsletter.

7 Inclusion of services and content from third parties

It may occur that third-party content or services from other websites such as maps or fonts are included in this online service. The inclusion of third-party content always takes for granted that third-party providers detect users’ IP address, because they cannot send content to users’ browsers without the IP address. This means that the IP address is required to display the content in question. Furthermore, providers of third-party content can set their own cookies and process users’ data for their own purposes. User profiles can thereby be generated from processed data. Insofar as this is possible, we will comply with the principles of data avoidance and data economy when using this content, and we will select reliable third-party providers with regard to data security.

The following list provides an overview of third party providers, their contents, as well as links to their privacy policies, which contain further information on the processing of data and, as already mentioned here, options for objecting (so called opt-out):

External fonts from Google, Inc., https://www.google.com/fonts (“Google Fonts”). The integration of Google fonts is carried out through a server request to Google (usually in the USA). Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://www.google.com/settings/ads/.
Maps from the Google Maps service operated by third-party provider Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://www.google.com/settings/ads/.
Videos from the “YouTube” platform, operated by third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://www.google.com/settings/ads/.

Google Analytics

Our websites use Google Analytics, a web analysis service from Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of the website is usually transferred to a Google server in the USA and stored there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. We have also added the code “anonymizeIP” to Google Analytics on this website. This guarantees that your IP address is masked so that all data is collected anonymously. The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases.

On behalf of the operator of our website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website activity and internet usage. You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout?hl=de. As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie will be set which prevents the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.

We continue to use Google Analytics to evaluate data from double-click cookies and AdWords for statistical purposes. If you do not want this, you can deactivate it using the Ads Preferences Manager (http://www.google.com/settings/ads/onweb/?hl=de).

We use Google Analytics including the functions of Universal Analytics. Universal Analytics allows us to analyze the activities on our sites across devices (e.g. when accessing via laptop and later via a tablet). This is made possible by the pseudonymous assignment of a user ID to a user. Such an assignment takes place, for example, when you register for a customer account or log in to your customer account. However, no personal data is passed on to Google. Even if Universal Analytics adds additional functions to Google Analytics, this does not mean that there are restrictions on data protection measures such as IP masking or the browser add-on.

8 Contact information telephony / e-mail

For telephony and e-mail traffic, Netree uses the Microsoft Exchange Online service, which operates in the Microsoft Azure cloud in Western Europe. The contact data stored in our ERP are thus synchronized with the Microsoft cloud service Azure Active Directory (AAD).

The data and information that must be sent to Netree in connection with telephony and e-mail are kept strictly confidential and are neither sold nor made available to third parties. Netree does not collect data for commercial purposes and uses only those necessary for communication by telephony or e-mail. Netree undertakes to take all necessary measures to protect the stored data in the best possible way. The Microsoft and Microsoft Azure privacy policy can be found at the following links:

9 Support / ticketing system NIBO

Customers using Netree’s support and operations services acknowledge and accept that the NIBO ticketing system is operated in the Microsoft Azure Cloud in Western Europe and the following data is stored in the cloud.

Contact details of the contact persons
(name, first name, e-mail address, telephone number, company and address).
All information relevant to the case to be processed, including e-mail traffic (no sensitive data and access data [especially passwords] should be communicated via e-mail).
If the customer operates with his own paid ticketing system NIBO with advanced features, all employees business contact information, involved in a support request, will also be managed in the cloud.

The data and information that must be transmitted to Netree in connection with NIBO, are kept strictly confidential and neither sold nor left to third parties. Netree does not collect data for commercial purposes and uses only those necessary for the ticketing system NIBO. Netree undertakes to take all necessary measures to protect the stored data in the best possible way. The Microsoft and Microsoft Azure privacy policy can be found at the following links:

If you do not accept this, please contact Netree.

10 User rights and deletion of data

On request, users are entitled to receive information on the personal data we store about them free of charge.
In addition, users have the right to correct inaccurate data, to revoke previously given consent, to limit the processing and/or request the erasure of their personal data and, in the event of unlawful processing, lodge a complaint with the appropriate supervisory authority.

The data stored by us shall be deleted as soon as they are no longer necessary for the purpose for which they were collected, insofar as their deletion does not conflict with any statutory storage requirements.

11 Changes to the privacy policy

We reserve the right to change our privacy policy in order to ensure that it complies with any changes in the law or to ensure that it conforms with any changes to our services or the way we process data. However, this only applies with respect to declarations relating to data processing. Insofar as user consent is required or elements of the privacy policy contain provisions of the contractual relationship with the users, changes shall only be made with the consent of the users.
Users are requested to consult the content of the privacy policy regularly.

Issued: 17/05/2021