Privacy policy

By using our website, you consent to this privacy policy. We take the protection of your privacy seriously. 
In the following, we show you how we use your personal data, use cookies, safeguard the security of your 
data and much more

Principle

We take the protection of your privacy seriously. The following privacy policy details which of your personal data we process if you visit our website, use our online services, or if we provide any services to you generally. We gather and process your personal data carefully and exclusively for the purposes described in this privacy policy and only to the extent necessary in order to provide you our services. We store your personal data exclusively to the extent and for the duration necessary to provide such services, or as required by law. In close cooperation with our hosting providers, we make every effort to ensure that databases are protected from unauthorized access, loss, misuse and falsification. This privacy policy is based, in particular, on the EU’s General Data Protection Regulation (GDPR). Although the GDPR is a regulation of the European Union, it is of significant relevance in Switzerland. The Swiss Federal Act on Data Protection (FADP) is heavily influenced by EU law, and companies outside the European Union and the European Economic Area must comply with the GDPR under certain circumstances.

Data protection officer

Legal department is responsible for ensuring compliance with the applicable provisions on data protection. If you have concerns regarding data protection, you may send them to us at the following address:

NYM Technologies SA Legal department Place Numa-Droz 2, 2000 Neuchâtel, Switzerland legal@nymtech.net

Collection and processing of personal data

We process the personal data that we receive within the scope of our business activity, i.e. technologies and applications development specifically in the scope decentralised and open source infrastructures for privacy enabling technologies.

Purposes of data processing

We use the personal data that we collect for the purpose of developing and promoting decentralised and open source privacy-enabling technologies. In addition, we also process personal data from you and other persons, to the extent permitted and deemed appropriate by us, in which we (and sometimes third parties) have a relevant legitimate interest for the following purposes: - providing information about offers, services, websites and other platforms where we have an online presence; - communicating with third parties and processing their queries (e.g. applications, media queries); - examining and optimizing needs analysis procedures for the purpose of directly addressing customers, as well as collecting personal data from publicly accessible sources for the purpose of customer acquisition; - advertising and providing information about our services and offers if you have not refused permission for the use of your data for this purpose (you may refuse permission at any time and we will place you on a list to block the sending of further advertising); - market surveys, opinion research, media monitoring; and/or - safeguarding our operations, in particular our IT, our website and other platforms. If you have given us your consent to process your personal data for specific purposes (e.g., by registering to receive newsletters or by submitting other requests via online forms on our website), we process your personal data within the scope of, and based on, this consent, unless another legal basis or other legitimate grounds exist. Consent that has been given can be revoked at any time but has no effect on any data processing that has already been carried out.

Cookies/tracking and other technologies in connection with the use of our website

Cookies and figurative elements

We typically use cookies and other similar techniques which can identify your browser or your device. A cookie is a small file which is sent to your computer or stored automatically on your computer or mobile device by your web browser when you visit our website. If you visit this website again, we can then recognize you even if we do not know who you are. In addition to cookies which are only used for one session and are deleted after your visit to the website ("session cookies"), permanent cookies can also be used to save your user settings and other information for a specific duration of time (e.g. two years). However, you can adjust your browser settings so that it rejects cookies, only saves them for one session, or deletes them after a set time. Most browsers are pre-set to accept cookies. We use permanent cookies to better understand how you use our offers and content. If you block cookies, it is possible that certain functions (e.g. language options) will no longer work. To the extent permitted, we sometimes integrate visible and invisible figurative elements into our newsletters and marketing emails which, when retrieved from our servers, allow us to know if and when you have opened the email. In this way, we can also measure and better understand how you use our offers, and we can tailor them to you. You can block them in your email program.

Newsletters and marketing emails

By using our website and giving your consent to receive newsletters and other marketing emails, you agree to the use of these techniques. If you do not want this, you must adjust the settings of your browser and email program accordingly.

Google Analytics

We sometimes use Google Analytics on our website, a service provided by Google LLC. Google Analytics allows us to measure and evaluate the use (non-personal) of the website. For this purpose, permanent cookies are also used, which are set by the service provider. The service provider does not receive any personal data (and does not store any IP addresses) but can track your use of the website, combine this information with data from other websites you have visited and are also tracked by the service provider, and use these insights for its own purposes (e.g. to tailor advertising). If you have registered yourself with the service provider (Google), then this service provider may identify you. The processing of your personal data by the service provider is therefore the responsibility of the service provider in accordance with its own data protection provisions. The service provider merely informs us as to how our website is used (no personal information about you).

Google reCAPTCHA

We sometimes use Google reCAPTCHA on our website, a service provided by Google LLC. We may use Google reCAPTCHA to protect our website. Data processing is based on your consent. The purpose of reCAPTCHA is to check whether a human or an automated program is entering data on our website (e.g. in a contact form). reCAPTCHA analyses the behavior of the website visitor on the basis of various characteristics. Cookies are also used for this purpose and are set by the service provider. The analysis starts automatically as soon as the visitor opens the website and runs entirely in the background. Website visitors are not informed that an analysis is taking place. For the analysis, Google can evaluate all the information on these form pages (including the IP address, how long the visitor stays on the website and the user’s mouse movements). The data collected during the analysis is forwarded to Google. The use of the reCAPTCHA service is in accordance with [Google’s Privacy Policy](https:// policies.google.com/privacy?hl=en) and Terms of Service. For more information, see the website for Google reCAPTCHA.

Plug-ins

We also may use plug-ins on our website for social networks, which are clearly indicated (usually with the relevant social network's logo). We have configured these elements to be disabled by default. If you activate them (by clicking on them), the operator of the corresponding social network registers that you are on our website and where you are located, and can use this information for its own purposes. The processing of your personal data by the operator is therefore the responsibility of the operator in accordance with its own data protection provisions. We do not receive any information about you from the operator.

Transfer of data to third parties

Your personal data is neither transferred nor sold or otherwise transmitted to third parties in any form, unless this is required to provide you the services you requested form us, or if you have expressly consented to this. In addition, data may be transmitted to third parties if we are under obligation to do so by law or by an authority of competent jurisdiction. Some recipients of your data are located in Switzerland but can also be anywhere in the world. If we transmit data to a country that does not have appropriate data protection, we ensure an appropriate level of protection by employing contracts accordingly, or we act on the basis of the following statutory/legal exemptions: consent, performance of the contract, the establishment, execution or enforcement of legal claims, overriding public interests, published personal data, or the need to protect the integrity of the persons in question. At any time, via the contact data specified under Section 2, you may request information about the contractual guarantees mentioned. However, we reserve the right to redact copies, or to supply them only in part, for data protection reasons or reasons of confidentiality

Duration of personal data storage

We process and store your personal data to the extent that it is required to provide our services or for the purposes pursued by the processing, which means, for example, for the entire duration of the business relationship (from the start and performance of services to their end date), and beyond that in accordance with legal obligations for storage and documentation.

Data security

We take appropriate technological and organizational security precautions to protect your personal data against unauthorized access and misuse, such as issuing instructions, training, IT and network security solutions, access controls and restrictions, encrypting data carriers and transmissions, pseudonymization and checks.

Your rights

Within the scope of the applicable data protection law and to the extent required by the law (e.g. in the case of the GDPR), you have the right to information, amendment, deletion, the right to restrict the processing of data and otherwise to refuse permission to our processing of the data as well as the publication of certain personal data for the purpose of transfer to another office (known as data portability). Please note, however, that we reserve the right to enforce the restrictions required by law in cases where we are obliged to store or process certain data, have an overriding interest to do so (to the extent that we may call on it) or require it to assert claims. We have provided information about your option to revoke your consent under Section 4. The exercise of such rights generally requires that you clearly prove your identity (e.g. with a copy of an ID card, if your identity cannot otherwise be clearly verified). To assert your rights, you can contact us via the address provided in Section 2. Furthermore, every person affected has the right to legally enforce their claims or to submit a complaint with the responsible data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner [https://www.edoeb.admin.ch/edoeb/fr/home.html](https:// www.edoeb.admin.ch/edoeb/fr/home.html).

Amendments

We may amend this privacy policy without prior notice at any time. The version published on our website is the version currently applicable. Where appropriate, we will update you about amendments via email or in another suitable manner.

Version of April 2022