§ 1. General information
As a Swiss company, we are subject to the applicable data protection regulations (Federal Act on Data Protection, hereinafter “FADP”) and laws of Switzerland. In order to also provide our services lawfully for clients from the European Union (EU), we comply with Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive), hereinafter “GDPR”).
When operating our website and conducting legal transactions, eCollect AG acts as data controller within the meaning of the GDPR and processes personal data based on legal regulations or your voluntary consent to data collection.
When using this website, you voluntarily provide various data (e.g. when sending a contact form or registering online) or the data is collected automatically by our IT systems (e.g. Internet browser type, operating system or time of page visit). Personal data are all data with which you can be identified as a natural person and, if applicable, also as a legal entity according to the Swiss FADP.
When collecting your personal data, we always endeavor to limit data processing as much as possible. To guarantee data protection, we have created a high security standard within our company and rely on modern technical solutions and comprehensible and secure organizational mechanisms.
Transparency is important to us, which is why we would like to inform you below about the type, scope and purpose of data processing.
§ 2. Collection and processing of your data
You can visit our website without providing any personal information. In cases in which the website user provides voluntary information, for example in the context of establishment of a contact, the settings of their browser or the used cookies, the online registration and creation of an eCollect account as well as the registration for our newsletter, further personal data is collected.
(1) Server Log Files
In the case of a simple visit to the website, we only store access data within a so-called server log file. This is data provided by your browser that is not personally identifiable, namely:
Browser type and browser version, operating system
Referrer URL (the previously visited page)
Host name of the accessing computer (IP address)
Time and date of the server request
This data cannot be assigned to any particular person. These data are not combined with other data sources.
We process the above-mentioned data for the purposes of ensuring a smooth and user-friendly connection of the website, for statistical evaluation and evaluation of system security and stability, for security reasons, e.g. to identify cases of abuse, as well as for other administrative purposes. For this purpose, user access to our website is stored in the server log files, including the IP address. These log files are processed monthly for statistical purposes with an analysis software and then deleted. A traceability to a certain person is not possible with the data used by us.
Data processing is based on Art. 6 para. 1 letter f GDPR, resp. on Art. 12 in conjunction with Art. 13 FADP (Switzerland), whereby our predominant legitimate interest follows from the above-mentioned purposes.
When cookies are saved on your computer, you have control over whether and when these cookies are deleted. Please use the corresponding function in your browser. You can set your browser so that you are informed about the setting of cookies, decide on acceptance on a case-by-case basis or generally disallow the acceptance of cookies. If cookies are not accepted, the functionality of our website may be limited. Please read the user manual of your browser or contact the manufacturer of the browser to find out how to set the programs accordingly.
(3) Contact / support form
For all matters and support requests, we offer you the opportunity to contact us via the contact / support form provided on the website. In addition to the actual message, you need to provide a valid e-mail address and your country so that we know who sent the request and what kind of information you require from us, and so that we can respond to it. Further information can be provided voluntarily. The data collected will be used for processing and responding to your enquiry and for initiation of business relationships.
In this case, the data will be processed on the one hand in accordance with Art. 6 para. 1 letter f GDPR for contacting you based on your own initiative. If, on the other hand, you contacted us to establish a future business relationship, your data will be processed in accordance with Art. 6 para. 1 letter b GDPR for the purpose of taking pre-contractual measures or the subsequent performance of the contract.
The processing of personal data for the initiation of business relationships or for their management as well as for the enforcement of our overriding interests is also justified pursuant to Art. 12 in conjunction with Art. 13 para. 1 and 2 letter a FADP (Switzerland).
Your data will be deleted after contact has been established, unless one of the legal reasons given above exists for its further processing.
(4) Online registration and creation of an eCollect account
You can register on our website to use the services we offer. All you have to do is enter a valid e-mail address and a password. Once your registration has been confirmed, you will receive our form for the actual creation of your eCollect account. For the purpose of your identification and the establishment of the business relationship, information about your person (e.g. name, postal address, telephone, if applicable representative data, information about the scope of business, bank details) is requested. Generally, all mandatory fields must be filled out. Missing information can lead to the rejection of the account creation.
The data gathered from you in this context will only be collected for specified, clear and legitimate purposes. We collect and use data only to the extent that is technically and contractually necessary in order to be able to offer you an optimal performance of our services.We do not process special categories of data (i.e. sensitive, especially worthy of protection) as well as data of children. We do no profiling in the sense of the law.
The processing of your data generally occurs in accordance with Art. 6 para. 1 letter b GDPR for the purpose of implementing pre-contractual measures that follow your request as a website user, i.e. for the establishment of business relationships and for the purpose of subsequent fulfillment of the contract or legal enforcement. In addition, data processing in accordance with Art. 6 para. 1 letter c GDPR may be necessary for the fulfillment of legal retention obligations as well as other legal obligations. Furthermore, data processing on our part is also justified pursuant to Art. 6 para. 1 letter f GDPR in cases where this is necessary to safeguard our legitimate interests in ensuring the smooth provision of our services, optimization of business processes and evaluation of system security as well as in the achievement of other administrative purposes.
The processing of personal data for the purpose of concluding or processing a contract as well as for the enforcement of our predominant interests is also justified in accordance with Art. 12 in conjunction with Art. 13 para 1 and 2 letter a FADP (Switzerland).
We reserve the right, to inform you after your corresponding consent, of news regarding our offer to the contact details you have provided, as long as you have not contradicted this use of your data to us in text form.
Due to legal requirements, we may be obliged to retain your data beyond the duration of your use of our website – in particular for tax purposes. However,we will only store such data to the extent necessary, taking into account the statutory provisions.
At the time of your online registration, you will receive further details on data processing in compliance with our duty to inform in accordance with Art. 13 GDPR.
(5) Online customer portal
In the event of a debt collection procedure against you, you can log into our online customer portal at any time and obtain more detailed information, in particular details about the current status of the procedure, the owner of the claim, the exact nature and reason of the claim, the amount of the claim, etc. For this purpose, you only need to enter our file number and your e-mail address which already exists in our system. Other personal data than the access data mentioned under point (1) will not be collected. In the context of debt collection, we do not process any special categories of data (i.e. sensitive data particularly worthy of protection) or data relating to children, nor do we carry out any profiling within the meaning of the law.
Your data will be processed for the purpose of fulfilling the contract or enforcing claims and for our own receivables management. According to Art. 6 para. 1 letter b GDPR, data processing is necessary for the execution of the contract, which also includes the payment obligation. In addition, data processing in accordance with Art. 6 para. 1 letter c GDPR may be necessary for the fulfillment of our legal obligations to retain data and other legal obligations. In addition, your data is processed in accordance with Art. 6 para. 1 letter f GDPR to protect our legitimate interests and those of our clients. The legitimate interests exist in connection with the collection of receivables.
The processing of personal data to enforce our predominant interest and that of our clients in debt collection is also justified pursuant to Art. 12 in conjunction with Art. 13 FADP (Switzerland).
You will receive further details on data processing in fulfillment of our information obligations pursuant to Art. 14 or Art. 13 GDPR at the time of the first contact.
It is possible to subscribe to our newsletter, in which you will be informed about current events and our services. To do this, you must enter a valid e-mail address. If you subscribe to the newsletter, you agree to receive it electronically. You can revoke your consent to receive the newsletter at any time by e-mail and cancel your newsletter subscription.
(7) Disclosure of data
Your data will only be disclosed to third parties for the performance of contracts with you, for the fulfillment of legal obligations or for safeguarding our legitimate interests in the establishment, exercise or defense of legal claims.
Furthermore, we are entitled to provide third parties, e.g. database manufacturers or service providers, with the data necessary for the operation of the website or to collect and process this data through third parties in order to fulfill our obligations resulting from the user relationship. Persons and companies that we commission in order to fulfill our obligations are obliged to comply with these provisions.
We only work with third parties who are subject to the provisions of the GDPR and the Privacy Shield Framework between the USA and Switzerland and provide their services in compliance with data protection regulations. A transfer of personal data to third countries outside the EU or EEA only takes place if appropriate safeguards exist. These are the EU standard data protection clauses as well as an adequacy decision by the European Commission.
From time to time this website uses Google Analytics, a web analysis service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States of America. Google Analytics uses the Google Tag Manager and Google Double Click services.
However, if IP anonymization is activated on this website, Google will shorten your IP address within the EU or in any other country that is party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. We would like to point out that IP anonymization has been added to Google Analytics on this website in order to ensure anonymous collection of IP addresses (so-called IP masking). The IP address transmitted by your browser in the framework of Google Analytics is not merged with other Google data.Google will use this information within the scope of processing to evaluate the use of the website, to compile reports on the website activities for us, to provide further services associated with the use of the website and the internet.
Google Analytics is used on the basis on a consent according to Art. 6 para. 1 letter a GDPR resp. on the basis on a legitimate interest according to Art. 6 para. 1 letter f GDPR, resp. for Switzerland based on Art. 12 in conjunction with Art. 13 FADP. We have a predominant legitimate interest in analyzing and optimizing our online presence.
You can prevent the storage of cookies by setting up your browser software accordingly. In this case, however, we would like to point out that you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting data generated by cookies and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser add-on: https://tools.google.com/dlpage/gaoptout?hl=en.
We use Google reCAPTCHA (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA (“Google”). The purpose of reCAPTCHA is to verify whether data entry on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website users are not made aware that an analysis is taking place.
The data processing takes place on the basis of a given consent according to Art. 6 para. 1 letter a GDPR as well as on the basis of a legitimate interest according to Art. 6 para. 1 letter f GDPR, or for Switzerland according to Art. 12 in conjunction with. Art. 13 FADP. In doing so, we have a legitimate interest in protecting our web offers from abusive automated spying and from SPAM.
Our website uses the conversion tool “LinkedIn Insight Tag” from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This tool creates a cookie in your web browser, which enables the collection of, among other things, the following data: IP address, device and browser properties, and page events (e.g. page views). This data will be encrypted, anonymized within seven days, and the anonymized data will be deleted within 90 days. LinkedIn does not share any personal data with us, but offers anonymized reports on website audience and ad performance. In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. We can use this data to display targeted advertising outside of our website without identifying you as a website visitor.
The use of LinkedIn Insight Tag is based on a given consent according to Art. 6 para. 1 letter a GDPR as well as on a legitimate interest according to Art. 6 para. 1 letter f GDPR, resp. according to Art. 12 in connection with. Art. 13 DSG (for Switzerland), whereby we, as the website operator, have an overriding legitimate interest in analyzing user behavior in order to optimize both our web offering and our advertising.
LinkedIn members can control the use of their personal data for advertising purposes in their account settings. You can turn the Insight tag on our website on and off at any time via our Privacy Settings.
Our website uses plugins from the website provenexpert.com. The operator of the website is Expert Systems AG, Quedlinburger Straße 1, 10589 Berlin, Germany.
When you visit one of our pages equipped with a ProvenExpert plugin, a connection to the servers of Expert Systems AG is established. In the process, the ProvenExpert server is informed which of our pages you have visited.
The data processing takes place on the basis of a given consent according to Art. 6 para. 1 letter a GDPR as well as on the basis of a legitimate interest according to Art. 6 para. 1 letter f GDPR, or for Switzerland according to Art. 12 in conjunction with. Art. 13 FADP. The use of ProvenExpert is in the interest of an effective presentation of our online offers.
Our website uses plugins of the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. In the process, the Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account by Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.
The data processing takes place on the basis of a given consent according to Art. 6 para. 1 letter a GDPR as well as on the basis of a legitimate interest according to Art. 6 para. 1 letter f GDPR, or for Switzerland according to Art. 12 in conjunction with. Art. 13 FADP. The use of Vimeo is in the interest of an effective presentation of our online offers.
§ 8. Data security
In compliance with the provisions of the GDPR and the Swiss Federal Data Protection Act, we have taken a number of technical and organizational measures against the loss, destruction, access, modification and dissemination of your data by unauthorized persons, which are suitable for ensuring effective, legally compliant data protection in the area of general and automated processing of personal data and the use of network and telecommunications channels. The measures we have taken are state of the art, they are regularly updated, adapted to the latest developments in our system and periodically reviewed.
All data is processed centrally on servers of eCollect AG at a secure location in Switzerland and thus within the framework of the EU data protection standards. For Switzerland, there is an adequacy decision of the European Commission pursuant to Art. 45 para 1 and 3 GDPR, which recognizes a level of data protection equivalent to that of the EU. However, we would like to point out that there may be exceptions under §§ 3,4 and 7, where personal data may be transferred to the USA under the Privacy Shield Framework between the USA and Switzerland resp. based on EU standard data protection clauses.
The data center in which our servers are located meets the strictest standards for information security, storage, operation and security of computer servers and is equipped with state-of-the-art security mechanisms. Security personnel, locking and surveillance systems, surveillance cameras, extinguishing devices and redundant air conditioning ensure the necessary security. An uninterruptible power supply (UPS) with triple redundancy and 99.9 % network availability is provided.
Data protection risks are sufficiently minimized by developing and implementing our own system (eCollect system) with a secure system architecture. The personal data is logically separated from each other. There is an independent access management for the assignment of individual access authorizations. All public communication is encrypted using the HTTPS protocol. Encryption with digital certificates ensures that data is transmitted securely. All our SSL/TTL certificates are issued by DigiCert Inc.
We would like to point out that you should always treat your access information confidentially and close the browser window when you have finished using our website, especially if you share your computer with others in order to prevent misuse of your account.
§ 9. Duration of data retention
Personal data are recorded by us in a form that allows the identification of the data subjects only for as long as is necessary for the purposes for which they are processed. We limit the retention period for personal data to the absolutely necessary minimum. With regard to our international activities, we have to comply with various legal retention obligations depending on the individual case and the respective applicable national law. This also determines the criteria for specifying the retention period.
§ 10. Data subject’s rights
According to Art. 15 GDPR, you have the right to request free-of-charge information about which personal data is processed by us.
You also have the right to have false data corrected in accordance with Art. 16 GDPR, to have your personal data deleted (right to be forgotten) in accordance with Art. 17 GDPR and to have processing restricted in accordance with Art. 18 GDPR. If applicable, you can also assert your right to data portability in accordance with Art. 20 GDPR.
As a rule, you can exercise your right to be forgotten if the storage of your data is no longer necessary for the purposes for which it is collected or otherwise processed, or if there are no legal retention periods in conflict with the deletion.
If you believe that your data are being processed unlawfully, you may lodge a complaint with the competent supervisory authority pursuant to Art. 77 GDPR.
You can send your queries to us free of charge in written, electronic form to the e-mail address given below in § 12 or by post to our business address. Please note that we must sufficiently verify your identity on the basis of the request. In case of doubt, we can demand further information to confirm your identity. We will answer your request immediately, at the latest within one month after its receipt. In exceptional cases, an appropriate fee may be charged or the request may be rejected for a legal reason.
§ 11. Revocation of consent to data processing and Right of objection
(1) You can revoke an already granted consent for data processing at any time with effect for the future. For this purpose, an informal communication by e-mail to our data protection officer is sufficient (see § 12). The cookies already accepted by you can also be rejected at any time via our Privacy Settings on the website.
(2) Users of this website may exercise their right of objection and object to the processing of their personal data.
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 letter f GDPR, you have the right to object to the processing pursuant to Art. 21 GDPR, provided that there are reasons for this arising from the particular situation of the data subject or if the objection relates to direct advertising. In the event of a legal objection, we will no longer process the personal data concerned, unless there are overriding legitimate reasons for the processing of such data, which outweigh the interests, rights and freedoms of the data subject or the personal data are used to enforce, exercise or defend legal claims.
§ 12. Contact person for data protection
You can contact the persons responsible for data protection (data protection officer) within eCollect AG at any time at the following e-mail address: firstname.lastname@example.org. We are committed to strictly adhering to our legal obligations to provide information, to respond in a timely manner to you as the data subject, and to make notifications, deletions, etc. in accordance with the law. We are happy to support our business partners with data-related queries within the framework of debt collection.
Last updated: 23.05.2022
Privacy Settings saved!