1. Applicability
We are committed to protecting your privacy. encara AG takes the protection of not only your personal but the safety and security of all data that flows through our website www.encara.com (“Website”) serious.
As part of this effort, we process personal data and information (“Personal Data”) in accordance with the Swiss Data Protection Law and, where applicable, with the European General Data Protection Regulation (“GDPR”). This Privacy Policy applies to the Platform of encara AG (and any subsidiaries) but does not apply to any third party websites that may be linked to our Website or App, which will be governed by their own privacy policies.
California Consumer Privacy Act (CCPA): We are not in the business of selling Personal Data. We do not sell any collected Personal Data. Personal Data that is collected by us as a result of your visiting of our Platform or using our product and services in any form, is only processed for that purpose or any other purpose that you consent to us. As a consumer, you have extensive rights under the CCPA. We have described these below for you. Contact us under the contact details provided below if you have any questions or concerns.
2. Controller
encara AG (Thurgauserstrasse 117, 8152 Glattpark, Switzerland, e-mail: privacy@encara.io is controller (“Controller” and “encara”) in the sense of Art. 4 (7) GDPR.
3. General Information
The terms “We”, “Us” and ”Our” mean encara. The terms “You” and “Your” refer to you, as a user or visitor of Our Platform provided services. The term Personal Data refers to all information relating to an identified or identifiable natural person (hereinafter referred to as “Data Subject”); an identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific characteristics expressing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person, as set out in Art. 4 (1) GDPR. In addition, personal data subject to the Swiss Federal Act on Data Protection (“FADP”) comprises data of legal persons. We treat all Personal Data confidentially.
4. Collection of Data
You may give Us information about You by submitting information on Our Platform or by corresponding with Us by phone, e-mail or otherwise. This includes information You provide when You register to use the Platform, subscribe to the Platform services, participate in discussion boards or other social media functions on the Platform, and when You report a problem relating to the Platform. The information You give Us may include your name, address, e-mail address, phone number, personal description or photograph. Any processing of Your Personal Data is based on a legal basis which is indicated below. By visiting the Platform, You agree to the collection and use of information in accordance with this Privacy Policy.
We will not collect any Personal Data unless it is voluntarily provided by You or it is automatically collected by visiting the Platform (technical data such as Internet browser, operating system, date or time of the Platform access as well as the referrer URL, IP address and host name of the accessing computer).
Access to Personal Data is limited to those employees of Us who need to know this data. The persons concerned are obliged to maintain confidentially and to comply with the applicable data protection laws and regulations.
5. Purpose of Processing and Legal Basis
Any processing of data is based on a specific legal basis. If the processing is necessary for the performance of a contract to which the Data Subject is a party, or for the implementation of pre-contractual measures taken at the request of the Data Subject, the processing may be based on Art. 6(1)b GDPR. If the processing is necessary to safeguard the legitimate interests of the Controller or a third party, provided that the interests or fundamental rights and freedoms of the Data Subject, which require the protection of Personal Data, do not prevail, it can be based on Art. 6(1)f GDPR.
We process Your Personal Data for the following purposes:
a) to fulfil Our obligation to make the services available to You in accordance with the service conditions concluded between You and Us; the legal basis for data processing is Art. 6(1)b GDPR;
b) to inform You about changes to Our services; the legal basis for data processing is Art. 6(1)b GDPR;
c) to ensure that the content of the Platform is presented on Your computer as efficiently as possible; the legal basis for data processing is Art. 6(1) GDPR;
d) in order to enable You to participate in test and trial offers of Our services; the legal basis for data processing is Art. 6(1)b GDPR;
e) to inform You about parts of the services which We believe to be of interest to You if You have given Your consent; the legal basis for data processing is Art. 6(1)a GDPR; and
f) as part of Our efforts to offer You the greatest possible security when using the Website; the legal basis for data processing is Art. 6(1)f GDPR.
We also process data that cannot be assigned to any person. These are data that do not personally identify You, including anonymous information and aggregated data. This information helps Us to better understand how Our visitors use the services, to analyse demographics, interests and behaviours of Our visitors, to improve the services, to provide customized services and information to visitors, and similar purposes.
6. Feedback
If You contact Us to provide feedback, register a complaint, or ask a question, We will record any Personal Data and other content that You provide in Your communication so that We can effectively respond to Your communication. We reserve the right to use this information in any manner permitted by law, to respond to Your communication. The processing of Your Personal Data for feedback processing is based on Art. 6(1)f GDPR.
7. Activity
When You use the services, We receive and store certain information which may include Your Personal Data, regarding Your use of the services. Examples include IP addresses, browser types, domain names, and other statistical data regarding Your use of the services. We may use this data in a way that does not disclose any of Your personally identifiable information, including, but not limited to, for purposes of developing new product and service offerings.
8. Cookies
We may send cookies to Your computer in order to uniquely identify Your browser and improve the quality of Our service. The term “cookies” refers to small text files that are stored permanently or temporarily on Your computer when You visit the Platform. Their main function is to analyse how the Platform is used, both for statistical evaluation and to help continually improve the Platform. Furthermore, the data collected by cookies is used to learn about Your preferences and to ensure that the Platform is provided without errors. Cookies do not cause any damage to Your computer and do not contain viruses. We may use both session cookies (which expire once You close Your browser) and persistent cookies (which stay on Your computer until You delete them). You can set Your browser to partly or completely deactivate cookies at any time. However, the complete deactivation of cookies can lead to the fact that You cannot use all functions of the Platform. You can find further information on this in the browser instructions. The use of cookies is based on Art. 6(1)f GDPR.
9. Web Analytics Services
For visitors to the encara.io website we do not collect any personal information and do not use cookies. We use Plausible Analytics (a GDPR, CCPA & cookie law compliant site analytics) to keep track of trends in the usage of our website.
- No personal information is collected
- No information such as cookies is stored in the browser
- No information is shared with, sent to or sold to third-parties
- No information is shared with advertising companies
- No information is mined and harvested for personal and behavioral trends
- No information is monetized
For more information, see the Plausible Data Policy.
Data collected includes websites that send us traffic, pages on our site that are visited, duration of the visits, information from the devices (device type, operating system, country and browser) used during the visit and more.
10. Disclosure of Personal Data
We may disclose Your Personal Data for the following purposes:
a) Legal obligation
We may disclose Your Personal Data in response to a request for information if We believe such disclosure is in accordance with any applicable law, regulation or legal process, or as otherwise required by any applicable law, rule or regulation. The legal basis for processing to fulfil a legal obligation is Art. 6(1)c GDPR.
b) Violation of terms of services
We may disclose Your Personal Data if We believe Your actions are in violation of Our terms of service and Privacy Policy, or to protect the rights, property and safety of Us or others. In this case, the transfer is based on Art 6 (1) GDPR.
c) Disclosure within the company
If necessary, We transmit Personal Data to other parts of the company, e.g. for billing purposes. In this case, the transfer is based on Art. 6 (1) GDPR.
11. Disclosure of Personal Data to Third Parties
Under no circumstances will we rent, sell or otherwise share Personal Data to third parties, except with your consent, the disclosure is necessary to assert, exercise or defend legal claims, a legal obligation exists or it is legally permissible and necessary for the execution of contractual relationships with You. Your rights regarding the transmission and processing of its Personal Data to third parties in accordance with the applicable data protection laws and regulations will be respected. A transfer of Personal Data to third parties will take place e.g. by transmitting the credit card data to the processing bank institutes or payment service providers for the purpose of debiting the purchase price. Furthermore, a transfer of Personal Data will take place in relation to the web analysis services as listed above.
12. Links
Our Platform and services may contain links to third party websites to which We have no affiliation. This Privacy Policy does not extend to any external links. Except as set forth herein, We do not share Your Personal Data with those third parties, and are not responsible for and accept no liability for their privacy practices. We suggest You to read the privacy policies on all such third party websites.
13. Security
We take commercially reasonable steps to protect Your Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. We use up to date TLS-encryption that Your systems support when transmitting data via Our systems. However, a complete protection of data against access by third parties is not possible. We cannot guarantee that all Internet or e-mail transmission is fully secure or free of errors. We also use suitable technical and organisational security measures to protect Your Personal Data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. Nevertheless, We cannot guarantee their absolute security and We therefore cannot be held liable for intercepted information sent via the Internet or for third parties using revoked, stolen, forged, or otherwise insecure certificates. You should therefore take special care in deciding which information You send Us by e-mail and keep this in mind by disclosing any Personal Data to Us or to any other party via Internet.
14. Retention Period
We store Your Personal Data for as long as it is necessary for the respective purpose for which it was collected, in particular to fulfil contractual and legal obligations, such as statutory retention periods, or until You revoke Your consent in the processing of Personal Data. We may in any event retain and use such Personal Data as necessary to maintain accurate accounting, financial and other operational records, resolve disputes, and enforce the rights connected to the use of the Platform.
15. Your Rights
You are entitled to extensive rights which You can assert against Us based on Art. 15 to 21 GDPR. Upon request, We will inform You in writing, in accordance with the applicable statutory provisions, which Personal Data We have stored about You. You may request information about the origin, transfer, purpose of collection and use, the planned storage period and the type of processing of the Personal Data. Furthermore, at Your request, We will correct, complete, amend, delete or restrict the processing and storage of the Personal Data at any time, unless the processing is justified by Our legitimate interests, necessary to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims. For this purpose and/or to obtain further information, please contact Us at privacy@encara.io.
You have the right to receive the Personal Data We hold about You in a structured, common, machine-readable format and free of charge. Upon request, we will transfer your Personal Data to another controller. If You wish to exercise any of the rights mentioned in this section or if You have any questions about the processing of Your Personal Data, please contact Us at the e-mail address privacy@encara.io.
We are obliged to verify your identity in such requests. Inquiries can therefore only be processed if a suitable proof of your identity (copy of identity card or similar) is enclosed. If the processing of the Personal Data is carried out on the basis of the consent pursuant to Art. 6(1)a GDPR, You have the right to object such consent at any time. The data processing’s legality up to the time of objection stays untouched. Should the processing of Your Personal Data be based on Art. 6 (1) GDPR, You have the right to object, on grounds relating to Your particular situation, at any time to processing of Your Personal Data, including profiling based on those provisions. The respective legal basis for a processing of data is explained in this Privacy Policy. If You object, We will no longer process Your Personal Data, except we can prove reasons of compelling worth of protection, outweighing Your interests, rights and freedom or the processing is necessary for the establishment, exercise or defence of legal claims (Art. 21 (1) GDPR). Should Your Personal Data be processed for direct marketing purposes, You have the right to object at any time to the processing of Your Personal Data for such marketing. If You object, We will no longer process Your Personal Data for direct marketing (Art. (2) GDPR).
Furthermore, You have the opportunity to file a complaint with the competent data protection supervisory authority and to revoke consent to data processing based on Art. 77 GDPR. Under the FDAP, the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/en/home.html) is responsible for complaints.
16. Existence of an Automatic Decision-Making Process
As a responsible company, we refrain from automatic decision-making or profiling within the meaning of Art. 22 (1) and (4) GDPR.
17. Conditions and Changes to this Privacy Policy
This is Our currently valid Privacy Policy. We are free to change this Privacy Policy from time to time. The new version will always be posted on the Website or App and will replace all previous versions. The changes will be effective immediately for new visitors and users of Our services and will become effective for existing users through continued use of the services after the effective date of the posted change. If You do not want to approve the changes to Our use of Your Personal Data, You have to notify Us before such changes take effect that You want to deactivate Your account with Us. Please note that You are always responsible for keeping Your Personal Data up to date and providing Us with Your current contact information.