Privacy Policy

General points to note

This Privacy Notice explains how we process personal data, particularly in the course of our business dealings, when using our products and services (“Services”) and in connection with our website (“Website”). “Personal data” (also “data”) is any information that can be linked to a particular individual, and “process” means any handling of personal data, such as obtaining, using and disclosing it. If you would like further information on our data processing, please do not hesitate to contact us (see Section 2).

Who is responsible for processing your data?

The responsible party according to Art. 27 GDPR in the European Economic Area (EEA) including the European Union (EU) and the Principality of Liechtenstein is

VGS Datenschutz­partner GmbH
Am Kaiserkai 69
20457 Hamburg

Our data protection officer can be reached through heyData GmbH, located at Schützenstraße 5, 10117 Berlin,, Email:

How do we process data in connection with our Services?

If you use or enter into an agreement for the use of our Services, we process data to enter into and perform a contract:

  • We process data when we are in contact with the company you work for in view of a contract, for example if your company enters into a contract with us or discusses a potential contract with us. We will process your contact details as well as information about your professional role and about the activities you perform for your company, including discussions and negotiations we may conduct with your participation and the conclusion of a contract.

  • We also process personal data during and after the term of the contract. Examples are information on the procurement of Services (e.g. records of the purchased Services or information related to requests for demos), but also on payments, contacts with customer service or other feedback, claims, complaints, data on the termination of the contract and – should disputes in connection with the contract arise – also on these and corresponding procedures. In all these cases we may process data about you as you act for your company.

  • We also process information that is necessary for the use of our Services. For example, when setting up new users, we collect the e-mail address. We also process log information when you use our Services, including the IP addresses. For more information, please see Section 9 below.

  • We also process usage information in relation to the types of Services you use, such as the configuration of your computer, and performance metrics related to the use of the Services.

  • We also process the aforementioned data for statistical analysis. Such evaluations help us with the improvement and development of Services and business strategies. We may also use them on a personal basis for marketing purposes; please see Section 5 for details.

  • We also process any information and data that is provided to us via the Services. In this context, our customers will typically act as controllers for any personal data related to them or personal data that third parties upload in our systems, products, and applications in connection with the provision of our Services. Pelt8 will typically act as a data processor in accordance with applicable Service and/or data processing agreements.

How do we process data in connection with our Website?

When you visit our Website, we collect electronic network activity information through the use of cookies and other trackers. Depending on your tracking preferences, the information we collect may include but is not limited to your device’s Internet Protocol (“IP”) address, referring website, what pages your device visited, and the time that your device visited our Website. We may also rely on analytics and tools used to prevent spam and other security risks related to the use of abusive automated software. You can choose your preferences with regards to the cookies and other trackers by accessing the preference centre on our Website. For more information on the types of cookies and other trackers we use on our Website please see section 9.

When you choose to contact us on our online contact form, we also collect your e-mail address, your name, your IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and similar technical information regarding the devices you use to access the Website.

We will use this data to administer our Website and for internal operations, including troubleshooting, testing, statistical and survey purposes, to improve our Website to ensure that content is presented most effectively for you and your device, and to keep our Website secure.

How do we process data in connection with newsletter and marketing?

We also process personal data in order to promote our Services:

  • Market research: We also process data to improve and develop new services, for example information about contract conclusions, your reaction to newsletters or information from customer surveys or from social media, media monitoring services and public sources. While this data is largely focused on companies, it may include data about you as well.

More information about online ads are set out below in Section 9.

How do we work with group companies?

We may share personal data with group companies in order to provide our Services. We assume that such disclosures do not conflict with any interests of confidentiality, unless you tell us otherwise.

How do we work with service providers?

We use services from third parties, especially IT services (for example from providers of hosting or data analysis services), shipping and logistics services and services from banks, post and couriers, consultants etc. For service providers for our Website, please see Section 9. These service providers may all process personal data to the extent it is necessary for their tasks.

Can we disclose data abroad?

The recipients of data are not all located in Switzerland, for example our group companies and some of our service providers. These have locations both within the EU or the EEA, but also in other countries, for example the UK and the USA. We may also transfer data to authorities and other recipients abroad if we are under a legal obligation to do so or, for example, in the context of a corporate transaction or a sale of assets, or of legal proceedings (see Section 10). Not all of these countries have adequate data protection. We therefore use appropriate safeguards in order to protect data transmitted, in particular the EU Standard Contractual Clauses, which can be read here.

In some cases we will transfer data without safeguards, as permitted under applicable law, for example if you have provided explicit consent to the transfer or if the transfer is necessary for the performance of a contract, for the establishment, exercise or enforcement of legal claims, or for overriding public interests.

Do we use online tracking and online advertising?

  • Log data

Each time you visit our Website, the service collects certain information that is kept temporarily in log files (“log data”), in particular the device IP address and information about the internet service provider and the operating system of the device and browser used, about the referring URL, about the date and time of access, and about content that is accessed throughout the visit. We use this type of data in order to maintain our Website, ensure the security and stability of the Website and to optimise content, and also for statistics.

  • Cookies and similar technology

We use technology that allow us and others we engage to collect information about visits to our Website, and in some cases also visits to other websites. In order to do that, we allocate an identifier – such as an IP address or a cookie ID – to the device you use, to distinguish your visits from those of others. This helps us understand the visitor flow to and on our Website to ensure its functionality and to carry out analysis and personalization. We have no intention and usually no way of identifying you using this type of data.  

We mentioned cookies above – these are small files that your browser puts on your device. These files are kept for the set expiration time and include unique numbers that allows us to distinguish individual browsers, but without identifying you. When you next visit our Website or third-party websites, these can read the cookie and recognize you (i.e., your system).

Aside from cookies, we use other technology that can recognize your device as well, such as “fingerprinting”. A “fingerprint” is a more or less unique combination of data that your system tells the server when establishing a connection, in particular IP address, your browser, screen resolution, language settings and other information.

Therefore, your visits can be «tracked» whenever you access a server (for example when you use a website, or because an e-mail includes a visible or invisible image). If we integrate offers from an ad partner or a provider of an analysis tool on our Website, they may track you in the same way, even if you cannot be identified in a particular case.

We use this technology but also include third party code on our Website that allows these third parties to do the same. Depending on the specific purpose, we ask for your consent first. You can set your browser to block most cookies or other technology or remove stored data from your browser. You can also add software to your browser that blocks certain third-party tracking. You can find more information on the help pages of your browser or on the websites of the third parties set out below.

Because cookies are used for different purposes, there are different categories of cookies (and other technology):

  • Necessary cookies: These cookies are necessary for the Website as such or its features. For example, they enable you to go from one page another without losing some information, such as data entered in a form. These cookies are kept only temporarily (and therefore are “session cookies”). If you block these cookies the Website will not always work properly. Some cookies are necessary to keep data such as language settings beyond your visit. These cookies are set to expire after 24 months.
    Certain cookies are also necessary to provide our Services. When Pelt8 customers access their tenants hosted in the cloud we use strictly necessary cookies and other trackers to provide authentication tools, enhance security, and prevent fraud. The Pelt8 apps (the “Apps”) are the sub-domains of our Website. Therefore, the preferences signaled on our Website (through the cookies banner and preference centre) will be reflected on the Apps. For example, if you choose to accept analytics cookies on our Website, these will be active in the Apps unless you modify your choices by resurfacing the preference center. For more information about our use of cookies and other trackers visit our Cookie Notice.

  • Performance cookies: Other cookies are used to optimize and personalize the Website. These cookies record and analyze the use of our Website and may be kept after you leave the Website. For that, we use third parties that provide analytics services (see below) them below. We ask for your consent before we use performance cookies. You can withdraw consent any time through the cookie settings at the bottom left of your window. Performance cookies have an expiration date of 24 months.

  • Marketing Cookies: We and ad partners we work with wish to customize ads, i.e. only show ads to those we want to address. Below is a list of these partners. For that purpose, we and the partners use cookies that record the contents you access. We ask for your consent before we use performance cookies. You can withdraw consent any time through the cookie settings at the bottom left of your window. We and our partners can then display ads that we think will be of interest to you, on our Website and on other websites as well. The cookies used for this purpose have an expiration period of a few days up to 12 months months. If you consent for us use these cookies you will be shown more relevant ads. If you do not consent you will not see less but other, less specific ads.

We currently use the following providers and ad partners (where they use data from you, or cookies set on your computer for advertising purposes):

  • Google Analytics: We use Google Analytics, a service provided by Google Ireland Ltd. Google tracks your actions as you browse our Website (duration of the visit, page views, geographic region of access, etc.) on the basis of performance cookies (see above), and uses this data to create reports for us. We have enabled the option for Google to truncate the IP addresses in Europe before these are sent to a Google entity in the United States (Google LLC) so that these cannot be traced back. Because Google creates reports for us it can be considered to act as our processor, and we have entered into a processing agreement with Google. However, Google may process data also for its own purposes, and may be able to infer information about the identity of visitors based on other data Google knows, and link data collected on our website with existing Google accounts. When you consent to performance cookies you should assume that this processing takes place. More information about data protection and Google Analytics can be found here [https://support. google. com/analytics/answer/6004245] and if you have a Google account, you can find more details about Google’s processing here []. If you wish to opt out of Google Analytics you may also install a browser add-on: [].

  • Hotjar: We use Hotjar in order to better understand your use of our Website, to optimize our Website, and to improve your experience. For further details, please see Hotjar’s privacy notice []. You can opt out of all Hotjar supported analytics and data collection on our Websites by visiting [].

  • Third-party content

We may integrate third-party code on our Website, in particular to show content from social media networks. In particular, the career section of the Website may integrate with LinkedIn which independently may set marketing cookies on your computer. This code is deactivated by default, but when you activate them the providers know that you browse our Website. If you have an account with a provider, that provider will be able to link this information to you and that way track your actions on our Website. These providers process this data as separate controllers. Therefore, please note that we do not have any control over how the information in these cookies is used nor do we have access to it. Please see the LinkedIn privacy notice [] for more information

Do we process data for other purposes?

Yes, because many tasks require data processing. It is not always possible to determine these types of processing nor the extent of the data processed in advance, but the following list includes the most relevant processing:

  • Communication: When you and we communicate with each other we process the content of communication exchanged as well as information about its nature, time and location, for the purpose of communicating with you and keep a record of communication. If you use the online form to contact us we will process the information you provide in the form, and when we need to identify you we will also process data about your proof of identity.

  • Compliance with legal requirements: We may disclose information to authorities as required by law and as necessary to comply with our internal regulations.

  • Prevention: We process data to prevent criminal offences and other breaches, for example in the context of fraud prevention or internal investigations.

  • Legal proceedings: Where we are involved in legal proceedings (for example before a court or administrative body), we process data about the parties to the proceedings and other persons involved, such as witnesses, and disclose data to these parties and to courts and authorities, possibly outside of your country.

  • IT security: We process data for monitoring, controlling, analysing and securing our IT infrastructure, as well as for backups and archiving data.

  • Competition: We process data about our competitors and the market environment in general. We may process data about key individuals, in particular their name, contact details, role or function and public statements.

  • Transactions: If we sell or acquire assets, businesses or companies, we process data as reasonably necessary to prepare and execute these transactions, for example information about our customers’ contact persons or employees and disclose that data to potential buyers or sellers.

  • Other purposes: We process data for other purposes such as training and education, for administration (for example contract management or accounting), to enforce and defend of claims, to evaluate and improve how we work internally, to create non-personal statistics, and protect other legitimate interests.

How long do we process personal data?

We process your personal data for as long as it is necessary for the processing purpose (in case of contracts, generally for the duration of the relationship), as long as we have a legitimate interest in keeping data (for example to enforce legal claims, or for archiving and or ensuring IT security) and as long as we are under a legal retention obligation (for example, a ten-year retention period applies for some business-related data). When these periods expire we delete or anonymise your personal data.

Anything else to consider?

Depending on the applicable law, data processing is only permitted if the applicable law specifically allows it. This does not apply under the Swiss Data Protection Act, but does under the GDPR, where it applies (which can only be determined on a case-by-case basis). In this case, the processing of your personal data is based on the fact that it is necessary for the preparation and execution of contracts (Section 3), that it is necessary for the legitimate interests of us or third parties, for example for statistical evaluations (Sections 3 and 4) or for marketing purposes (Section 5), that it is required or permitted by law or that you have separately consented to the processing. You will find the relevant provisions in articles 6 and 9 of the GDPR.

You are not obliged to disclose data to us, except in some cases (for example if a contractual obligation involves disclosing data to us). However, we need to process data for legal and operational reasons when we conclude and execute contracts. The use of our Website and our Services is also not possible without data processing (see Sections 3 and 4).

What are your rights?

You have certain rights under applicable data protection law:

  • If you wish to receive further information and a copy of your data, you can also submit an access request to us;

  • you can object to our data processing, especially in connection with direct marketing;

  • you may have inaccurate or incomplete personal data corrected or completed, or have it supplemented by a note of objection;

  • you have the right to receive certain personal data in a structured, common and machine-readable format;

  • if we process data on the basis of your consent, you can withdraw consent at any time. Withdrawal is only valid going forward, and we reserve the right to continue to process data on another basis, where applicable.

Note please that these rights may be subject to conditions and restrictions. – If you wish to exercise such a right, please feel free to contact us (Section 2). We will have to verify your identity (for example by means of a copy of an ID). You are also free to lodge a complaint against our processing of your data with the competent supervisory authority, in Switzerland the Federal Data Protection and Information Commissioner (FDPIC).

Changes to this Privacy Notice

This Privacy Notice does not form part of any contract with you and we may amend this Privacy Notice at any time. The version published on this Website is the current version at the time.