Open Nav

Privacy policy


We (“NEXOYA“, “us“, “we“, or “our“) are committed to protecting your privacy and want you to be secure when visiting the nexoya.com website (hereinafter referred to as the “Website“).

This page informs you of our policies regarding the collection, use and disclosure of Personal Data when you use our Website and the choices you have associated with that Data.

By using the Website, you agree to the collection and use of information in accordance with this privacy policy (the “Privacy Policy“). Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

 

1 Definitions

 

Personal Data  Personal Data means data about an individual who can be identified through the data (or from the data and other information either in our possession or likely to come into our possession).
Data Subject (or User) Data Subject is any living individual who is using our Website and is the subject of Personal Data.
Data Controller Data Controller means the natural or legal person who (either alone or jointly or in common with persons) determines the purposes for which and the manner in which any other personal information are, or are to be, processed. 
Data Processor (or  Service Provider) Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. 

2 Personal Data We Collect

 

We collect the following types of Personal Data when you browse our Website and submit information in the respective forms.

Login Details* (when provided)        First and last name

Company

Phone number

Email address

Usage Data     Last login

Website activity

Source IP

This Usage Data is sent by your browser whenever you visit our Website and may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the Website with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Tracking and Cookies Data   We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.

Please refer to the Cookie Policy section for an overview of the cookies that we use.

3 How We Collect Personal Data

 

We collect information about you when you use our Website, including browsing and taking certain actions within it.

Means of collection     Explanation Personal Data collected
Directly
Your registration on our Website We collect information about you when you register on our Website or Web App. This information includes the Login Details (as defined above in Section 2 ‘Personal Data We Collect’).
Your use of the Website We keep track of certain information about you when you visit and interact with our Website or Web App. This information includes the Usage Data (as defined above in Section 2 ‘Personal Data We Collect’).
Device and connection information We collect information about your computer, phone, tablet, or other devices you use to access the Website. This information includes the Usage Data (as defined above in Section 2 ‘Personal Data We Collect’).

How much of this information we collect depends on the type and settings of the device you use to access the Website.

Cookies and other tracking technologies We and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices. This information includes the Tracking and Cookies Data (as defined above in Section 2 ‘Personal Data We Collect’).

How much of this information we collect depends on the type and settings of the browser you use to access the Website.

For more information, please refer to the Cookie Policy section.

Indirectly
Other users of the Website Other users of our Website may provide information about you when they submit content through the contact form. This information includes the Contact Details (as defined above in Section 2 ‘Personal Data We Collect’).

For example, you may be mentioned in a technical support issue opened by someone else.

Other partners We receive information about you and your activities on and off the Website from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with, our Services and online advertisements. This information includes the Tracking and Cookies Data (as defined above in Section 2 ‘Personal Data We Collect’).

For more information, please refer to Section 10 ‘Service Providers’.

4 Legal Basis and Purposes

 

Our legal basis for collecting and using the Personal Data described in this Privacy Policy depends on the Personal Data we collect and the specific purposes for which we collect it:

Legal Basis Explanation Purpose
Contract To perform our contractual obligations or take steps linked to a contract with you or your organisation.  To provide and administer services as instructed by you.
To provide you with customer support.
Consent We may rely on your freely given consent at the time you provided your Personal Data. To provide you with news, special offers and general information about goods, services and events which we offer (with your explicit consent).
Legitimate interests We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. To provide and maintain our Website, as well as to detect, prevent and address security threats.
To analyse, improve, personalise and monitor the usage of our Website and communications.
To notify you about changes to our Website and our Privacy Policy.
Public interest To meet regulatory and public interest obligations. To maintain records and conduct compliance checks, e.g. anti-money laundering, fraud and crime prevention.

5 Data Retention

 

We retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, and to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

6 Storage and Data Transfers

 

We store your Personal Data on our servers in Switzerland.

If you are located outside Switzerland and choose to provide information to us, please be aware that the data protection laws may differ from those of your jurisdiction.

We take all the steps reasonably necessary to ensure that no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your Personal Data.

In particular, for transfers of Personal Data outside the EEA, contracts containing the EU Standard Contractual Clauses according to the EU Commission decisions of 27 December 2004 (2004/915/EC) and 05 February 2010 (C(2010)593) constitute appropriate and suitable safeguards to ensure compliance with GDPR. 

7 Data Disclosure

 

We may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation (i.e. if required by law or in response to valid requests by public authorities, such as a court or government agency)
  • To protect and defend our rights or property 
  • To prevent or investigate possible wrongdoing in connection with the Website
  • To protect the safety of Website visitors or the public
  • To protect ourselves against legal liability

8 Data Security

 

We take reasonable technical and organizational security measures that we deem appropriate in order to protect your stored data against manipulation, loss, or unauthorized third-party access. Our security measures are continually adapted to technological developments.

We also take internal data privacy very seriously. Our employees and the service providers that we retain are required to maintain secrecy and to comply with applicable data protection legislation. In addition, they are granted access to personal data only insofar as this is necessary for them to carry out their respective tasks or mandate.

Finally, we take all the steps reasonably necessary to ensure that no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your Personal Data.

The security of your Personal Data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

9 Data Protection Rights 

 

You have certain data protection rights. We will respond to your request without undue delay, at the latest within one calendar month after receipt. Please note that we may ask you to verify your identity before responding to such requests.

Right to access You have a right to request a copy of the Personal Data held by us as a data controller, which we will provide to you in an electronic form. 
Right to amendment  You have the right to ask us to correct our records if you believe they contain incorrect or incomplete information about you. 
Right to withdraw consent If you have provided your consent to the collection, processing and transfer of your Personal Data, you have the right to fully or partly withdraw your consent. This includes cases where you wish to opt out from marketing messages.

Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another Legal Basis for the processing. To stop receiving emails from us, please click on the “unsubscribe” link in the email you received from us or contact us at info@nexoya.com.

Right to erasure  You have the right to request that we delete your Personal Data when it is no longer necessary for the Purposes for which it was collected, or when it was unlawfully processed. 
Right to restriction of processing You have the right to request the restriction of our processing of your Personal Data where you believe it to be inaccurate, our processing is unlawful, or where we no longer need to process it for the initial Purpose, but where we are not able to delete it due to a legal obligation or because you do not want us to delete it.
Right to portability  You have the right to request that we transmit your Personal Data to another data controller in a common format such as Excel, where this is data which you have provided to us and where we are processing it on the Legal Basis of your consent or in order to perform our contractual obligations (e.g. to provide our Services).
Right to object to processing Where the Legal Basis for our processing of your Personal Data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate Legal Basis for the processing which override your interests, or if we need to continue to process the Data for the establishment, exercise or defence of a legal claim.
Right to lodge a complaint with a supervisory authority You have the right of appeal to a data protection supervisory authority if you believe that the processing of your personal data violates data protection law.

In Switzerland, you may contact the Federal Data Protection and Information Commissioner, Feldeggweg 1, CH-3003 Bern

10 Service Providers

 

We may employ third party companies and individuals (“Service Providers“) to facilitate the operation of our Website, provide the Website on our behalf, perform Website-related services or assist us in analysing how our Website is used. The Service Providers have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

App Provided by Function & Address
Amplitude Amplitude Inc We use Amplitude in order to improve our Website/Web App and detect bugs in our system.

Amplitude Inc. 631 Howard St. Floor 5. San Francisco, CA 94105, United States

Auth0 Auth0 Inc We do use Auth0, for securely authenticating you with our Web App.

Wildbit, 10800 NE 8th Street Suite 700 Bellevue, WA 98004, United States

bexio bexio AG We do use bexio for running procurement and invoicing.

bexio AG, Alte Jonastrasse 24, 8640 Rapperswil-Jona, Switzerland

BL.INK Blink Global, LLC We do use Blink Global, LLC as our redirect url provider for simplified & shortened Links.

Blink Global, LLC, located at 6302 Royal Birkdale Overlook Austin, Texas 78748, United States

Calendly Calendly LLC We do use Calendly for scheduling calls or onboardings with our potential or existing customers.

Calendly LLC, 271 17th St NW, Atlanta, GA 30363, United States

CloudAMQP 84codes AB We do use CloudAMQP for sending technical messages between services.

84codes AB, Sveavägen 98, 113 50 Stockholm, Sweden

CloudFlare Cloudflare Inc. We do use CloudFlare for making sure our service is always up and running, using it as a Content delivery network (CDN).

CloudFlare Inc, Riverside Building, 6th Floor, County Hall/The, Belvedere Rd, London SE1 7PB, United Kingdom

Docusign Docusign Inc. We do use Docusign for electronically signing documents with partners, customers and alike.

Docusign Inc, 221 Main St., Suite 1550, San Francisco, CA 94105, United States

Facebook Facebook Inc. We do use Facebook for remarketing and testing.

Facebook Inc,1 Hacker Way, Menlo Park, United States

GitLab GitLab Inc. We do use gitlab for our internal project management and incident/bug management.

GitLab Inc, 268 Bush Street #350, San Francisco, CA 94104, United States of America

Google Adwords, Google AdSense Google Inc. We do use Google Adwords, Google AdSense for remarketing and testing.

Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States

Google Analytics Google Inc. Google uses the data collected to track and monitor the use of our Website.

Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States

Google GSuite Google Schweiz GmbH We do use Google as our internal office tools and document system.

Google Switzerland GmbH. Brandschenkestr. 110 8002 Zürich, Switzerland

LinkedIn LinkedIn Inc./ Linkedin Ireland Unlimited Company We do use linkedin for marketing, remarketing and testing.

70 Sir John Rogerson’s Quay, Dublin 2,Dublin,D02r296,Ireland

Mailchimp The Rocket Science Group, LLC We do use Mailchimp, for sending you emails after you subscribed to one of our newsletters, free-tools or our resource library.

The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 United States

Microsoft Microsoft Schweiz GmbH We do use Microsoft as our hosting provider for database, middleware and web-application hosting.

Microsoft Schweiz GmbH, Richtistrasse 3, 8304 Wallisellen, Switzerland

Pipedrive Pipedrive Inc We do use Pipedrive for our customer relationship management system.

Pipedrive Inc, LABS House, 15-19 Bloomsbury Way, London WC1A 2TH, United Kingdom

Postmark Wildbit, LLC We do use Postmark, for sending transactional emails via the website or the web app.

Wildbit, LLC, 2400 Market Street, No. 200, Suite 235B, Philadelphia, PA 19103, United States

Recruitee Recruitee B.V. We do use Recruitee B.V. for recruiting purposes.

Recruitee B.V., Keizersgracht 313, 1016 EE Amsterdam, The Netherlands

Slack Slack Technologies Inc We do use Slack for internal communication.

Slack Technologies Inc, 500 Howard St, San Francisco, CA 94105, United States

Twitter Twitter Inc. We do use twitter for marketing, remarketing and testing.

Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 United States

Typeform TYPEFORM SL We do use Typeform for running interviews or questionnaires.

TYPEFORM SL, Carrer Bac de Roda 163, 08018 Barcelona, Spain

WPEngine WPEngine Inc. We do use WPEngine to host our website as well as free-tool and free templates.

WP Engine, Irongate House, 22-30 Duke’s Place, London, EC3A 7LP United Kingdom

Zapier Zapier Inc. We do use Zapier, for connecting our website with other services such as Mailchimp.

Zapier, Inc. 548 Market St. #62411. San Francisco, CA 94104-5401.Nov 5, 2019

11 Cookie Policy

 

Our Website uses cookies to improve the user experience and ensure that it is functioning effectively. Cookies are small text files that are downloaded to your device by visiting the Website. We use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your device for a set period of time or until you delete them). You may change your browser settings to delete and/or block cookies. 

We use the following types of cookies for the purposes explained:

Cookie Type Qualification Function
handl_url
handl_ip
handl_original_ref
handl_ref
handl_landing_pagewp-wpml_current_languag
Persistent Functional Website cookies which enable us to provide our Website.
auth0_nonce
auth0_state
com.auth.auth.*
Session Functional Auth0 cookie to verify login into the WebApp.
_gat Session Functional Google Analytics cookie used to throttle request rate.
_gid

_ga

_gcl_au

ANID

APISID

HSID

NID

SAPISID
SID

SIDCC

SSID

1P_JAR

CONSENT

Persistent Performance and tracking cookies Google Analytics cookies to track users as they navigate the Website and help improve the Website’s usability.

These allow us to recognize and count the number of users of our Website and understand how such users navigate through our Website. This helps to improve how our Website works, for example, by ensuring that users can find what they are looking for easily. We use Google Analytics.

fr

_fbp

datr

dpr

sb

wd

OTZ 

COMPASS

Persistent Targeting Facebook cookies which help Facebook provide visitors with more personalized advertisements. They collect information about your browsing habits in order to make advertising relevant to you and your interests.
utm_campaign
utm_content
utm_source
Session Performance and tracking cookie Stores respective campaign of the website user.
helpful_user Session Functional Stores user feedback on our help pages
__cfduid Persistent Functional CloudFare cookie used to speed up page load times.
Lidc

lang

bcookie

bscookie

UserMatchHistory

li_oatml

liap

lissc

Persistent Targeting LinkedIn cookies which help LinkedIn provide visitors with more personalized advertisements. They collect information about your browsing habits in order to make advertising relevant to you and your interests.

We employ tracking systems such as Google Analytics or similar services on our Website. These are services provided by third parties, which may be located in any country worldwide and which allow us to measure and evaluate the use of our Website (on an anonymized basis). For this purpose, permanent cookies are used, which are set by the service provider.

The service provider does not receive (and does not retain) any Personal Data from us, but the service provider may track your use of the Website.

The information generated through the cookies about the utilization of this website (including your IP address) is transferred to and stored on a central server. If appropriate, this information will be passed on to third parties to the extent this is prescribed by law or to the extent that third parties process the data under contract.

We reserve the right, if required, to employ other tracking systems than those named in the section on tracking data for the specified purpose.

12 Links to Other Sites

 

Our Website may contain links to other sites that are not operated by us. If you click a third-party link, you will be directed to that third party’s website.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

13 Changes to This Privacy Policy

 

We may update our Privacy Policy from time to time.

We will notify you via email and/or a prominent notice on our Website, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy, but we encourage you to review this Privacy Policy periodically for any changes. 

Changes to this Privacy Policy are effective when they are posted on this page.

14 Contact Us

 

If you have any questions about this Privacy Policy, please contact us at:

nexoya AG

Hafnerstrasse 31

8005 Zurich 

Switzerland

info@nexoya.com

 

Terms & Conditions