Status 01.09.2023

1. introduction

In the following we inform about the processing of personal data

• on our website netstream.ch
• in our social media profiles
• in the context of application procedures
• outside the website (e.g. when passing on the data to recipients).

Personal data is any information that relates to an identified or identifiable natural person, such as their name or email address.

1.1. contact details

The responsible person according to Art. 5 lit. j Federal Law on Data Protection (Data Protection Act, DSG) is Netstream AG, Richtistrasse 4, 8304 Wallisellen, Switzerland, e-mail: hello@netstream.ch. We are legally represented by Alexis Caceda, Mathias Riederer.

Our data protection advisor can be contacted via heyData GmbH, Schützenstraße 5, 10117 Berlin, www.heydata.eu, e-mail: datenschutz@heydata.eu.

1.2 Announcement abroad

Insofar as we transfer persons to service providers or other third parties outside of Switzerland, mostly decisions of the Federal Council according to Art. 16 Ab. 1 DSG guarantee the security of the data during the transfer. According to these decisions, the legislation there guarantees adequate protection. Such adequacy has been determined by the Federal Council for the states, territories, specific sectors in a state and international bodies listed in Art. 8 para. 1 Ordinance on Data Protection (Data Protection Ordinance, DPA) in conjunction with Annex 1. These are available at https://www.bj.admin.ch/bj/de/home/staat/datenschutz/internationales/anerkennung-staaten.htmlabrufbar.

This is the case for the following states:

• Germany
• Andorra
• Argentina
• Austria
• Belgium
• Bulgaria
• Canada (Adequate data protection is deemed to be ensured if the Canadian federal law "Loi sur la protection des renseignements personnels et les documents électroniques" of April 13, 2000 applies in the private sector or the law of a Canadian province that largely corresponds to this federal law. The federal law applies to personal information obtained, processed or disclosed in the course of commercial activities, whether by organizations such as associations, partnerships, individuals or unions, or federally regulated entities such as plants, works, enterprises or business activities that fall within the legislative jurisdiction of the Parliament of Canada. The provinces of Québec, British Columbia, and Alberta have enacted legislation that is broadly similar to the federal law; the provinces of Ontario, New Brunswick, Newfoundland and Labrador, and Nova Scotia have enacted legislation that is broadly similar to that law in the area of health information. In all Canadian provinces, the federal law applies to all personal data obtained, processed or disclosed by federally regulated entities, including data about employees of those entities. The federal law also applies to personal data transferred to another province or country in the course of commercial activities).
• Cyprus
• Croatia
• Denmark
• Spain
• Estonia
• Finland
• France
• Gibraltar
• Greece
• Guernsey
• Hungary
• Isle of Man
• Faroe Islands
• Ireland
• Iceland
• Israel
• Italy
• Jersey
• Latvia
• Liechtenstein
• Lithuania
• Luxembourg
• Malta
• Monaco
• Norway
• New Zealand
• Netherlands
• Poland
• Portugal
• Czech Republic
• Romania
• United Kingdom
• Slovakia
• Slovenia
• Sweden
• Uruguay

In other cases (e.g., if no decision on adequacy exists), standard data protection clauses are the legal basis for data transfer as a rule, i.e., unless we indicate otherwise. These are a set of rules adopted by the Federal Data Protection and Information Commissioner (FDPIC) and are part of the contract with the respective third party. According to Art. 16 Para. 2 lit. d FADP, they ensure security in the transfer of data. Many of the providers have given contractual guarantees that protect the data beyond the standard contractual clauses. These are, for example, guarantees regarding the encryption of the data or regarding an obligation on the part of the third party to notify data subjects if law enforcement agencies want to access data.

1.3 Rights of the persons concerned

Data subjects generally have the following rights vis-à-vis us with regard to the personal data concerning them:

• Right to be informed whether personal data about them are being processed.
• The right to obtain the release of personal data that he/she has disclosed to us,
• Right of rectification,
• Right to object to processing.

2. newsletter

We reserve the right to inform customers who have already used services from us or purchased goods about our offers from time to time by e-mail or other electronic means, if they have not objected to this. The processing is for the purpose of direct marketing. Recipients of communication may object to the use of their e-mail address or other communication data for advertising purposes at any time without incurring additional costs, for example, via the link at the end of each e-mail or by sending an e-mail to our above-mentioned e-mail address.

Interested parties have the option to subscribe to a free newsletter. We process the data provided during registration for sending the newsletter. Subscription is done by selecting the appropriate field on our website, by ticking the appropriate field in a paper document or by another clear action, whereby interested parties give their consent to the processing of their data. We process the data for the purpose of direct marketing. The consent of the interested party can be revoked at any time, e.g. by clicking the appropriate link in the newsletter or notifying our e-mail address given above.

We also process the open and click-through rate of our newsletters by prospects to understand which content is relevant to our recipients. This serves to improve our direct marketing.

We use a service of the provider

• HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/de/privacy-policy) for email marketing. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

• HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/de/privacy-policy) for email marketing. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3. data processing on our website netstream.ch

3.1 Informational use of the website

During the informative use of the website, i.e. when site visitors do not separately transmit information to us, we collect the personal data that the browser transmits to our server in order to ensure the stability and security of our website. This serves to ensure the IT security of the website.

These data are e.g.:

• IP address
• Date and time of the request
• Time zone difference from Greenwich Mean Time (GMT)
• Content of the request (concrete page)
• Access status/HTTP status code
• Data volume transferred in each case
• Website from which the request comes
• Browser
• Operating system and its interface
• Language and version of the browser software.

This data is also stored in log files.

3.2 Data on third-party devices

Through our website, we process data on third-party devices by means of telecommunication transmission within the scope described in the preceding and following sections.

Visitors can refuse processing, e.g. by setting appropriate preferences in their browser to block or delete cookies.

3.3 Web hosting and provision of the website

We host our website ourselves, processing the personal data accessed via the website. The purpose of this is to provide a website and thus appear to the outside world.

3.4 Contact form

When contact is made via the contact form on our website, we process the data requested there and the content of the message in order to process the inquiry. To the extent permitted by law, we may also process the data for direct marketing purposes.

3.5 Booking appointments

Site visitors can book appointments with us on our website. We process the data collected in the process in order to plan and carry out the appointments and to offer interested parties a user-friendly option for making appointments via the website.

3.6 Offer of services

We offer services via our website. Personal data is processed in order to provide the contract concluded with the respective site visitor.

3.7. third party providers on the website

3.7.1 Google Web Fonts

We use a service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (privacy policy: https://policies.google.com/privacy?hl=de) for fonts on the website. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.2 Elementor

We use a service of the provider Elementor LTD, Tuval St 40, Ramat Gan, Israel (privacy policy: https://elementor.com/terms/) to create websites. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

3.7.3 Google Conversion Tag

We use a service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (privacy policy: https://policies.google.com/privacy?hl=de https://support.google.com/tagmanager/answer/9323295?hl=de&ref_topic=3441532) for conversion tracking. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.4 GDPR Legal Cookie

We use a service of the provider beeclever GmbH, Universitätsstraße 3, 56070 Koblenz (privacy policy: https://gdpr-legal-cookie.com/pages/datenschutzerklarung) for the management of consents. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

3.7.5 Google Analytics

We use a service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, Ireland (privacy policy: https://policies.google.com/privacy?hl=de) for analysis. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.6 HubSpot LiveChat

We use a service of the provider HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/privacy-policy) as live chat. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.7 YouTube videos

We use a service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (privacy policy: https://policies.google.com/privacy) for videos on the website. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.8 Font Awesome

We use a service of the provider Fonticons, Inc, 307 S Main St, Bentonville, Arkansas, 72712, USA (privacy policy: https://fontawesome.com/privacy) for fonts on the website. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.9 Google Marketing Platform

We use a service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (privacy policy: https://policies.google.com/privacy?hl=de) for analysis and advertising. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.10. HubSpot

We use a service of the provider HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/privacy-policy) for the management of customer relationships and for questionnaires and forms. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.11. Google Tag Manager

We use a service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (privacy policy: https://policies.google.com/privacy?hl=de) for analysis and advertising. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.12. WP rocket

We use a service of the provider SAS WP MEDIA, 4 rue de la République, 69001 LYON, France (privacy policy: https://wp-rocket.me/de/impressum/) for website performance. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

3.7.13. Visitor analytics

We use a service of the provider Visitor Analytics GmbH, Stefan-George-Ring 19, 81929 Munich, Germany (privacy policy: https://www.visitor-analytics.io/de/support/rechtliches-datenschutz-zertifikate/visitor-analytics-webseite/datenschutzerklaerung/) for analysis. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

3.7.14. HubSpot

We use a service of the provider HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/privacy-policy) for the management of customer relationships and for questionnaires and forms. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

3.7.15. Google reCAPTCHA

We use a service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, Ireland (privacy policy: https://policies.google.com/privacy?hl=de) to manage authentications. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

3.7.16. Weglot

We use a service of the provider Weglot, 138, rue Pierre Joigneaux in BOIS-COLOMBES (92270), France (privacy policy: https://weglot.com/de/privacy/) for translations. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

3.7.17. HubSpot LiveChat

We use a service of the provider HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/de/privacy-policy) as live chat. The provider is a recipient of personal data in the context of the aforementioned processing.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

4. payment service provider

To process payments, we use payment processors, most of which are data controllers themselves. When they are used, they process payment data. The purpose of the processing is the execution of payments.

These payment service providers are:

• Stripe Payments Europe, Ltd, Ireland

5. data processing on social media platforms

We are represented in social media networks in order to present our organization and our services there. The operators of these networks regularly process their users' data for advertising purposes. Among other things, they create user profiles from their online behavior, which are used, for example, to show advertising on the pages of the networks and elsewhere on the Internet that corresponds to the interests of the users. To this end, the operators of the networks store information on user behavior in cookies on the users' computers. Furthermore, it cannot be ruled out that the operators merge this information with other data. Users can obtain further information and instructions on how to object to processing by the site operators in the data protection declarations of the respective operators listed below. It is also possible that the operators or their servers are located abroad, so that they process data there. This may result in risks for users, e.g. because it is more difficult to enforce their rights or because government agencies have access to the data.

When users of the networks contact us through our profiles, we process the data provided to us in order to respond to the requests.

5.1. facebook

We maintain a profile on Facebook. The operator is Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy is available here: https://www.facebook.com/policy.php. A possibility to object to data processing arises via settings for advertisements: https://www.facebook.com/settings?tab=ads.
We are jointly responsible for processing the data of visitors to our profile on the basis of an agreement with Facebook. Facebook explains exactly what data is processed at https://www.facebook.com/legal/terms/information_about_page_insights_data. Data subjects can exercise their rights both against us and against Facebook. However, according to our agreement with Facebook, we are obliged to forward requests to Facebook. Data subjects will therefore receive a faster response if they contact Facebook directly.

5.2 Instagram

We maintain a profile on Instagram. The operator is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy is available here: https://help.instagram.com/519522125107875.

5.3 YouTube

We maintain a profile on YouTube. The operator is Google Ireland Limited Gordon House, Barrow Street Dublin 4. Ireland. The privacy policy is available here: https://policies.google.com/privacy?hl=de.

5.4 Twitter

We maintain a profile on Twitter. The operator is Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The privacy policy is available here: https://twitter.com/de/privacy. One way to object to data processing is via the settings for advertisements: https://twitter.com/personalization.

5.5 LinkedIn

We maintain a profile on LinkedIn. The operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The privacy policy is available here: https://https://www.linkedin.com/legal/privacy-policy?_l=de_DE. One way to object to data processing is via the settings for advertisements: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

5.6 Xing

We maintain a profile on Xing. The operator is New Work SE, Dammtorstraße 29-32, 20354 Hamburg. The privacy policy is available here: https://privacy.xing.com/de/datenschutzerklaerung.

5.7 BeReal

We maintain a profile on BeReal. The operator is BeReal SAS, 30/32 Boulevard Sébastopol, 75004 Paris, France. The privacy policy is available at https://bereal.com/de/datenschutzbestimmungen/.

6. data processing of applicants

When individuals apply to us for open positions or submit unsolicited applications, we process their data for the purposes of the application process.

It may also be that we write to interesting applicants directly for a position. In this case, we process their master data (e.g. name), contact data (e.g. e-mail address) and other data that may be of interest for the specific position.

Recipients of the data are service providers used as part of the application process (e.g. order processors as part of recruiting) and providers of cloud software that we use. We have listed recipients that we can currently identify below in the section "Recipients of data".

We ask applicants to refrain from providing information on political opinions, religious beliefs and similarly sensitive data in their resumes and cover letters. They are not required for an application. If applicants nevertheless make such statements, we cannot prevent them from being processed.

7. data processing outside the website

7.1. processing purposes

We process personal data for the purposes set out below or elsewhere in this document (e.g. under "Recipients of data"):

• Provision of contractual services and fulfillment of contractual obligations
• Contact us (e.g. by e-mail or telephone)
• Communication
• Answering inquiries
• IT security measures
• Direct marketing
• Request and consideration of feedback
• Conducting sweepstakes and contests. We reserve the right to use the data collected in the process also for direct marketing purposes.
• Security measures in our office

7.2 Recipients of data

Recipients of data are service providers we use (e.g. order processors), providers of cloud software we use, and other external entities. Recipients that we can currently identify are listed by name below. However, the list is not to be understood as exhaustive.

7.2.1 Microsoft 365

We use a service of the provider Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (privacy policy: https://privacy.microsoft.com/de-de/privacystatement?culture=de-de&country=DE) for work collaboration, document authoring and storage in the cloud. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees, users, third parties and customers.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.2 Microsoft 365

We use a service of the provider Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (privacy policy: https://privacy.microsoft.com/de-de/privacystatement?culture=de-de&country=DE) for work collaboration, document authoring and storage in the cloud. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees, third parties, users and customers.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.3 Atlassian Cloud

We use a service of the provider Atlassian B.V., c/o Atlassian, Inc., 350 Bush Street, Floor 13, San Francisco, CA 94104, USA (privacy policy: https://www.atlassian.com/de/legal/privacy-policy) for storage in the cloud. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.4 OneDrive for Business

We use a service of the provider Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (privacy policy: https://privacy.microsoft.com/de-de/privacystatement?culture=de-de&country=DE) for storage in the cloud and collaboration at work. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees, users, third parties and customers.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.5 Atlassian Cloud

We use a service of the provider Atlassian B.V., c/o Atlassian, Inc., 350 Bush Street, Floor 13, San Francisco, CA 94104, USA (privacy policy: https://www.atlassian.com/de/legal/privacy-policy) for storage in the cloud. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.6 OneDrive for Business

We use a service of the provider Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (privacy policy: https://privacy.microsoft.com/de-de/privacystatement?culture=de-de&country=DE) for storage in the cloud and collaboration at work. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees, users, third parties and customers.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.7 Adobe Creative Cloud

We use a service provided by the provider Adobe Systems Software Ireland Ltd, 4-6 Riverwalk, Citywest Business Park 0000 Dublin 24, Ireland (privacy policy: https://www.adobe.com/de/privacy/policy.html) for cloud storage and work collaboration. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are prospective customers, employees and customers.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.8 Slack

We use a service of the provider Slack Technologies Limited, One Park Place, Upper Hatch Street, Dublin 2, Ireland (privacy policy: https://slack.com/intl/de-de/trust/privacy/privacy-policy) for video conferencing and communication. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees and customers.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.9 Microsoft Teams

We use a service of the provider Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (privacy policy: https://privacy.microsoft.com/de-de/privacystatement?culture=de-de&country=DE) for video conferencing. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.10. Slack

We use a service of the provider Slack Technologies Limited, One Park Place, Upper Hatch Street, Dublin 2, Ireland (privacy policy: https://slack.com/intl/de-de/trust/privacy/privacy-policy) for communication. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees and customers.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.11. Microsoft Teams

We use a service of the provider Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (privacy policy: https://privacy.microsoft.com/de-de/privacystatement?culture=de-de&country=DE) for communication. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees and customers.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.12. Jira

We use a service of the provider Atlassian B.V., c/o Atlassian, Inc., 350 Bush Street, Floor 13, San Francisco, CA 94104, USA (privacy policy: https://www.atlassian.com/de/legal/privacy-policy) for project management. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are interested parties, employees, users, third parties and customers.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.13. Confluence

We use a service of the provider Atlassian B.V., c/o Atlassian, Inc., 350 Bush Street, Floor 13, San Francisco, CA 94104, USA (privacy policy: https://www.atlassian.com/de/legal/privacy-policy) for project management. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are interested parties, employees, users, third parties and customers.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.14. Skribble

We use a service of the provider Skribble AG, Förrlibuckstrasse 190, CH-8005 Zurich, Switzerland (privacy policy: https://www.skribble.com/de-de/datenschutz/) for electronic signatures. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are interested parties and employees.

7.2.15. Abacus

We use a service of the provider Abacus Business Solutions GmbH, Mies-van-der-Rohe-Straße 6, 80807 Munich, Germany (privacy policy: https://www.abacus-solutions.de/datenschutz/) for the management of employees and as an enterprise resource planning (ERP) system. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are interested parties and employees.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.16. LinkedIn Recruiter (Lite)

We use a service of the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (privacy policy: https://www.linkedin.com/legal/privacy-policy?) for recruiting. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees and third parties.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.17. Google Ads

We use a service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (privacy policy: https://policies.google.com/privacy?hl=de) for advertising. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.18. HubSpot

We use a service of the provider HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/de/privacy-policy) for marketing automation. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are interested parties.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.19. Yoast

We use a service of the provider Yoast B.V., Don Emanuelstraat 3, 6602 GX Wijchen, Netherlands (privacy policy: https://yoast.com/privacy-policy/) for SEO optimization. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.20. Yoast

We use a service of the provider Yoast B.V., Don Emanuelstraat 3, 6602 GX Wijchen, Netherlands (privacy policy: https://yoast.com/privacy-policy/) for SEO optimization. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.21. LinkedIn Ads

We use a service of the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (privacy policy: https://www.linkedin.com/legal/privacy-policy?) for advertising. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.22. HubSpot

We use a service of the provider HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/de/privacy-policy) for marketing automation. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are interested parties.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.23. HubSpot

We use a service of the provider HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/de/privacy-policy) for the management of customer relationships. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are customers.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.24. Jira

We use a service of the provider Atlassian B.V., c/o Atlassian, Inc., 350 Bush Street, Floor 13, San Francisco, CA 94104, USA (privacy policy: https://www.atlassian.com/de/legal/privacy-policy) for project management. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are interested parties, employees, users, third parties and customers.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.25. Google Analytics

We use a service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, Ireland (privacy policy: https://policies.google.com/privacy?hl=de) for analysis. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.26. Postman

We use a service of the provider Postman Inc, 55 2nd St Ste 300, San Francisco, CA 94105, USA (privacy policy: https://www.postman.com/legal/privacy-policy/) for API development. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.27. DigitalOcean

We use a service of the provider Digitalocean LLC, 101 Avenue of the Americas 10th Floor New York, NY 10013, USA (privacy policy: https://www.digitalocean.com/legal/privacy-policy) for storage in the cloud. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees, users, third parties and customers.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.28. DocuSign

We use a service of the provider DocuSign Germany GmbH, Neue Rothofstrasse 13-19, 60313 Frankfurt (privacy policy: https://www.docusign.de/unternehmen/datenschutz) for electronic signatures. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees, third parties and customers.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.29. Stripe

We use a service of the provider Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (privacy policy: https://stripe.com/de/privacy#translation) for payments. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are third parties and customers.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.30. Microsoft Authenticator

We use a service of the provider Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (privacy policy: https://privacy.microsoft.com/de-de/privacystatement) to manage authentications. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.31. BitBucket

We use a service provided by the provider Atlassian Pty Ltd, Level 6, 341 George Street Sydney NSW 2000, Australia (privacy policy: https://www.atlassian.com/de/legal/privacy-policy) for work collaboration, source code management and version management for software development. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.32. Postman

We use a service of the provider Postman Inc, 55 2nd St Ste 300, San Francisco, CA 94105, USA (privacy policy: https://www.postman.com/legal/privacy-policy/) for API development. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.33. Docker Hub

We use a service of the provider Docker Inc, 3790 El Camino Real # 1052, Palo Alto, CA 94306, USA (privacy policy: https://www.docker.com/legal/docker-privacy-policy) to isolate applications and for application development. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

7.2.34. 1Password

We use a service of the provider AgileBits, Inc, Suite 303, 49 Spadina Ave, Toronto, Ontario, M5V 2J1, Canada (privacy policy: https://1password.com/de/legal/privacy/) to store passwords. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are employees.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.35. PyraCloud

We use a service of the provider SoftwareOne Deutschland GmbH, Blochstraße 1, 04329 Leipzig (privacy policy: https://www.softwareone.com/de-de/datenschutzerklaerung) for the management of software. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the EU. Information on guarantees pursuant to Article 16(2) can be found in the section "Disclosure abroad".

7.2.36. Docker

We use a service of the provider Docker Inc, 3790 El Camino Real # 1052, Palo Alto, CA 94306, USA (privacy policy: https://www.docker.com/legal/docker-privacy-policy) to isolate applications. The provider is a recipient of personal data in the context of the aforementioned processing. Data subjects are users.

The provider processes personal data in the USA. Information on guarantees pursuant to Article 16 (2) can be found in the section "Disclosure abroad".

8. changes to this privacy policy

We reserve the right to change this privacy policy with effect for the future. A current version is always available here.

9. questions and comments

If you have any questions or comments regarding this privacy policy, please feel free to contact us using the contact information provided above.