1. What is this privacy policy about?
2. Who is responsible for processing your data?
3. How do we process data from our subscribers?
4. How do we process data from our partners?
5. How do we process data in connection with advertising?
6. How do we work with service providers?
7. Can we disclose data abroad?
8. How do we process data in connection with our website?
9. How do we process data via social media?
10. How do we process data through our browser extensions?
11. Are there any other edits?
12. How long do we process personal data?
13. What are your rights?

We explain in this privacy policy how we process personal data, particularly in the course of our business and in connection with our app and website. "Personal data" means any information that can be associated with a particular individual and "processing" means any handling of it, such as obtaining, using and disclosing it.

If you would like further information on our data processing, please contact us (section 2). You will also find information in connection with our processing of personal data in the Terms of Use, which can be found at https://poinz.ch/en/terms-of-use. Some of the terms we use in this data protection statement (such as "Swiss Loyalty Partner") are explained in the terms of use. However, this Privacy Policy does not form part of the contract with you. It does not change the Terms of Use, and the processes mentioned in this Privacy Policy are subject to the Terms of Use in each case.

Incidentally, our services are aimed exclusively at persons domiciled and habitually resident in Switzerland. Accordingly, this data protection declaration is based on Swiss data protection law.

The following company is the "responsible party", i.e. the party primarily responsible under data protection law (also "we"), for data processing in accordance with this data protection declaration:

Poinz AG
Manessestrasse 170
8045 ZürichCHE-454.711.179

If you have any questions about data protection, please contact the following address:

Mail: info@poinz.ch
Poinz: +41 44 515 85 60

If you provide us with data that also relates to other persons, we will consider this as confirmation that this data is correct. Since we often have no direct contact with these third parties, we ask you to inform them about our processing of their data (e.g. by referring to this data protection statement).

Please note that we work with partners for our services who process your personal data as their own data controllers. They are obliged toinform you about their respective processing of your personal data. You can usually find the relevant information on the partner's website. Certain service providers also act as their own data controllers, e.g. PayPal, if you use PayPal for payments. Here too, the data protection regulations of these service providers must be observed.

In this section 3 you will find information on our processing of personal data of subscribers (hereinafter also referred to as "you"). The processes in connection with which we obtain, process and pass on personal data are described in more detail in the terms of use and on our website.

3.1. What data do we process about subscribers?

Master data: We process certain basic information about you, which we call "master data". This includes, for example, your name, address and contact details and, if applicable, other information that you provide when opening a user account or communicating with us. If you store means of payment in the app, we process the corresponding details, e.g. a credit card number and other data.

Contractual data: By this we mean data relating to our agreement with you (e.g. the fact that you agreed to the terms of use and when and how you agreed).
Contractual Data also includes other information relating to the formation, termination and, where applicable, enforcement of our agreement with you (e.g. information relating to the enforcement or defence of claims and information relating to complaints and, where applicable, information relating to breaches of contract, abuse etc. including investigations into such matters).

Usage data: When you make use of our services and use our website or app, we collect the data that arises in the process. We generally refer to this data here as "usage data". You can see much of this data on the website or app in the user account, in order confirmations or in the statement from the provider of the means of payment used. We are mainly concerned with the following data, and if you would like further details on this, please feel free to contact us (point 2):

We receive usage data from you or generate it ourselves, but we also receive usage data from our partners, such as details of cashback or cashback-eligible transactions.

Behavioural and preference data: When you use our website or app or read newsletters, we try to get to know you and better tailor our services to you. To do this, we collect and use data about your behaviour and preferences, e.g. your use of electronic communications.
We may link this information to other data. Preference data tells us which needs you are likely to have and which services might be of interest to you (e.g. when selecting news articles on our website). To this end, we can link behavioural data with other data and evaluate this data on a personal and non-personal basis.

Communication data: When we communicate with you or you communicate with us, e.g. by e-mail, by telephone or via our chat function, but also via the app and when sending system messages, we process the personal data associated with this (e.g. information about the time of the communication and the communication channel and the content of the communication). We also process communication data to the extent necessary if you communicate with a partner via our app or website.

3.2. For what purposes do we process your personal data?

We process your personal data in particular for the following purposes and for purposes compatible therewith:

Contract: We process your personal data for the purpose of concluding, implementing and enforcing our agreement with you. This concerns in particular master data, contract data, usage data and communication data, but also technical data and possibly other data.

Marketing: We may advertise our services, e.g. through newsletters. You will find further information on this under section 3.3. For this purpose, we process in particular master data, usage data and behavioural and preference data.

Statistics: We also process the above-mentioned data for statistical, person-related or non-person-related evaluations. Such evaluations support the improvement and development of products and business strategies. We may also use them for marketing purposes (see section 3.3 for further details) and pass them on to our partners.

3.3. Who do we disclose data about subscribers to?

We are primarily an intermediary for third-party services (e.g. from partners who offer loyalty offers, offers for goods or services or other offers via the website and app, and from Swisscard as the issuer of the Poinz Swiss Loyalty Card). We disclose data to partners when you use their goods or services and when we provide services for partners (e.g. processing loyalty campaigns, operating the Swiss Loyalty Programme, sending order confirmations, promotions, debt collection, etc.). In the case of activities and promotions by partners, we may also disclose to them personal and non-personal data relating to their success, provided that the users give their separate consent to this (opt-in). You will find further details on this in the terms of use. Our partners use the data received from us and the data collected by them as data controllers and inform you accordingly (see section 2 above).

We may also disclose data to partners in connection with complaints, misuse and corresponding investigations. We may also disclose data to partners in connection with measuring the success of their advertising, whereby only anonymous data and statistics are passed on.

Further disclosures are not excluded, e.g. to authorities, courts and parties to proceedings in the context of investigations, proceedings and clarifications. Data disclosures are also possible in the case of corporate transactions and the sale of assets; you will find further information on this in section 10. In section 6 you will find further information on how we use service providers and in section 7 on possible disclosures abroad.

We assume that you have no objection to these disclosures. If you register in the app or on the website, you release us from any confidentiality obligations.

For contractors who are companies, we process less personal data because data protection law only covers data of natural persons (i.e. people). However, we do process data of the contact persons with whom we are in contact, e.g. name, contact details, professional details and details from communication, and details of management persons etc. as part of the general information about companies with which we work. We may process this data for the purposes of entering into and performing contracts, but also for marketing purposes, for investigations and proceedings, for communication, in the event of disposals, etc. You will find further information on this in section 10.

In this context, we may also disclose data, e.g. to our partners and other contracting parties, to courts, authorities and procedural partners, to potential buyers of assets, etc. You will also find details of this in section 10. You will also find information on this in section 10. You will find further information on how we use service providers in section 6 and on possible disclosures abroad in section 7.

We also process personal data to promote ourselves, our services and services provided by third parties:

We use various services from third parties, in particular IT services (examples are providers of hosting data analysis services), payment services, shipping and logistics services and services from banks, the postal service, consultants, etc. You will find information on service providers for our website under section 8. These service providers may also process personal data to the extent necessary.

The recipients of data are not only located in Switzerland. This applies in particular to certain service providers (especially IT service providers). These have locations within the EU or the EEA, but also in other countries worldwide. We may also transfer data to authorities and other persons abroad if we are legally obliged to do so or, for example, in the context of a company sale or legal proceedings (see section 9). Not all of these countries have adequate data protection. We compensate for the lower protection by the data is transferred in accordance with the relevant contracts, in particular the so-called standard contractual clauses of the EuropeanCommission. In certain cases, we may also transfer data without such contracts in accordance with data protection requirements, e.g. if you have consented to the corresponding disclosure or if the disclosure is necessary for the performance of the contract, for the establishment, exercise or enforcement of legal claims or for overriding public interests.

For technical reasons, every time you use our website, certain data is collected and temporarily stored in log files (log data), in particular the IP address of the end device, information about the Internet service provider and the operating system of your end device, information about the referring URL, information about the browser used, the date and time of access and the content accessed when visiting the website. We use this data so that our website can be used, to ensure system security and stability and to optimise our website, and for statistical purposes.

Our website also uses cookies, i.e. files that your browser automatically saves on your end device. This allows us to distinguish individual visitors, but usually without identifying them. Cookies can also contain information about the pages accessed and the duration of the visit. Certain cookies ("session cookies") are deleted when the browser is closed. Others ("permanent cookies") remain stored for a certain period of time so that we can recognise visitors on a later visit.

You can configure your browser in the settings so that it blocks certain cookies or similar technologies or deletes cookies and other stored data. You can find out more about this in the help pages of your browser (usually under the keyword "Data protection").

These cookies and other technologies may also come from third-party companies that provide us with certain functions. These may also be located outside Switzerland and the EEA (see section 7 for details). For example, we use analysis services so that we can optimise and personalise our website. Cookies and similar technologies from third-party providers also enable them to target you with individualised advertising on our websites or on other websites and social networks that also work with this third party, and to measure how effective advertising is (e.g. whether you arrived at our website via an advertisement and what actions you then take on our website). The relevant third parties may record the use of the website and combine their recordings with other information from other websites. This allows them to track user behaviour across multiple websites and devices. In order to provide us with statistical evaluations on this basis. The providers may also use this information for their own purposes, e.g. for personalised advertising on their own website or other websites. If a user is registered with the provider, the provider can assign the usage data to the relevant person.

Two of the most important third-party providers are Google and Hotjar. You can find more information about them below. Other third parties usually process personal and other data in a similar way.

We operate our own websites on social networks and other platforms. If you communicate with us there or comment on or distribute content, we collect information that we use primarily for communicating with you, for marketing purposes and for statistical evaluations (see sections 3.3 and 10). Please note that the provider of the platform also collects and uses data itself (e.g. on user behaviour), possibly together with other data known to it (e.g. for marketing purposes or to personalise the platform content). Insofar as we are jointly responsible with the provider, we will enter into a corresponding agreement about which you can obtain information from the provider.

Via our browser extensions, cashback can be collected with the computer in the poinz app.We do not store or use any purchase data that is generated via our internet browser extensions. poinz therefore does not analyze any usage behavior on the internet.

Yes, because very many processes are not possible without processing personal data, including common and even unavoidable internal processes. It is not always possible to determine this precisely in advance, nor the scope of the data processed, but you will find details of typical (although not necessarily frequent) cases below:

We process your personal data for as long as is necessary for the purpose of processing (in the case of contracts, generally for the duration of the contractual relationship), for as long as we have a justified interest in storing it (e.g. if it is necessary to comply with legal requirements) or for as long as it is necessary for the purpose of processing.

The data is stored for the purpose of enforcing claims, archiving and/or ensuring IT security) and for as long as data is subject to a statutory retention obligation (e.g. a ten-year retention period applies to certain data). After these periods have expired, we delete or anonymise your personal data.

You have certain rights under applicable data protection law to obtain further information about our data processing and to influence it:

If you wish to make use of such a right, please contact us (point 2). As a rule, we will have to verify your identity (e.g. by means of a copy of your identity card). You are also free to lodge a complaint against our processing of your data with the competent supervisory authority, in Switzerland the Federal Data Protection and Information Commissioner (FDPIC).