Privacy policy for the use of the services of groupify

1.     What is this privacy policy about?
Data protection is a matter of trust, and your trust is important to us. Trust begins with transparency. In this privacy policy, we therefore inform you how and why we collect, process and use your personal data. This privacy policy is based on the European General Data Protection Regulation – DSGVO for short – which has established itself internationally as a benchmark for strong, effective data protection.

2.   Who are we?
Groupify.ch GmbH, Korneliusstrasse 3, 8008 Zurich, Switzerland (“we” or “us”) is responsible for data processing under this Privacy Policy. If you have any questions about this privacy policy or the processing of your personal data, please feel free to contact us as follows:
groupify.ch GmbH
data protection
Korneliusstrasse 3, 8008 Zurich
Switzerland
info@groupify.ch

H-Reg Nr.: CHE-439.790.303
Headquarter: Zurich, Switzerland
 
3.   Scope
– The following privacy policy applies to all services offered by groupify.ch GmbH and forms an integral part of the general terms and conditions of groupify.ch GmbH.
– By registering, the user expressly accepts this privacy policy. groupify.ch GmbH is entitled to change this privacy policy by applying the General Terms and Conditions mutatis mutandis. Should groupify.ch GmbH make significant changes, the user will be notified at the e-mail address provided during registration or via the platforms of groupify.ch GmbH. If the user does not agree with the changes, he has the right to delete his account at any time.
 
4.     Einwilligung und Widerrufsrecht
– The user gives his explicit consent according to Art 4 Z 11 i. In conjunction with Art 7 DSGVO, the user expressly consents to groupify.ch GmbH and its contractors collecting, processing and using all personal data in connection with the provision of services between the user and groupify.ch GmbH for the agreed purpose.
– The consent pursuant to Art 4 Z 11 i. V. m. Art 7 DSGVO can be revoked at any time. Since groupify.ch GmbH is unable to provide the services described in more detail in the GTC in the event of a revocation, the account in question will be automatically deactivated.

5.     Security / Anonymity
– groupify.ch GmbH makes every effort to protect the data entrusted to it by users of the groupify.ch GmbH platforms from unauthorized access. With the help of a differentiated system of access authorizations and technical protection measures, such as SSL encryption and firewalls, the greatest possible data security is strived for.
– The use of the platforms of groupify.ch GmbH is pseudonymized. The data transmitted to other users within the framework of the profile is always linked only to the user name selected by the user. Contacting others is done via an internal mailbox. The user’s e-mail address remains secret at all times. In this way, the user’s identity is protected and he decides for himself whether and when he discloses his identity to other users.
 
6.     Collection, processing and use of personal data
In order for groupify.ch GmbH to provide the services described in more detail in the General Terms and Conditions (Services), it is necessary to collect, process and use personal data that the user discloses, among other things, during the registration process.
During registration, the user is asked to provide certain minimum information, without which the registration cannot be completed. These mandatory data are:
– E-mail address
– Password
Furthermore, the following data will be requested during the registration process:
– Region
– Date of birth
– Gender
The access to the platform of groupify.ch GmbH takes place via the e-mail address and the password chosen by the user during registration.
The user can provide a number of other voluntary details (e.g. on leisure activities). These serve as the basis for the creation of the detailed profile. The profile data is grouped into so-called “profile sections” (e.g. personal details, appearance, interests). The user only fills in the data that he wishes to disclose about himself. He is not obliged to provide this information at any time. The use of the platforms of groupify.ch GmbH functions independently of this. However, additional profile information helps the user to make better use of the services of groupify.ch GmbH, because it makes the user easier to find by other members or makes the user’s profile more appealing. However, it is the user’s decision whether to provide confidential data in his profile and make it public. The user should not add any personal data to his profile that he does not want to be publicly available.
Each time a platform of groupify.ch GmbH is accessed, usage data is transmitted by the respective Internet browser and stored in log files, so-called server log files. These data are:
– IP address (Internet Protocol address) of the accessing computer
– User ID in the central database
– Name of the retrieved page
– Date and time of retrieval
– the referrer URL (origin URL) from which the user came to the accessed page
– Session identification number
In the so-called login records, the following usage data is stored each time the user logs in to a platform of groupify.ch GmbH:
– Date and time of login
– User ID in the central database
– IP address (Internet Protocol address) of the accessing computer
– Session cookie number
– Session identification number

7.     Legal basis
We only collect and process the user’s personal data if there is a corresponding legal basis for doing so. The legal basis is the service contract, the consent to the following data processing and the legitimate interests of groupify.ch GmbH.

8.     Purpose of the collection, processing and use of personal data
The main purpose that groupify.ch GmbH pursues when collecting personal data is to enable the user to use the services (Services) of groupify.ch GmbH safely, efficiently and personally. The personal data is used in particular for the following:
– Provision of the services requested by the user (services) of groupify.ch GmbH (based on the contract and the consent of the user);
– Adaptation, measurement and improvement of the performance (services) of groupify.ch GmbH as well as the content on the platforms of groupify.ch GmbH (based on the contract and the legitimate interests of groupify.ch GmbH);
– Notification of benefits (services) from groupify.ch GmbH,
– Prevention, detection and investigation of possibly prohibited or illegal activities by users of the platforms of groupify.ch GmbH (based on the contract, the consent of the user and the legitimate interests of groupify.ch GmbH);
– Enforcement of the General Terms and Conditions of groupify.ch GmbH (based on the contract and the legitimate interests of groupify.ch GmbH);
– Remedy of problems (due to the contract and the legitimate interests of groupify.ch GmbH).

9.     Disclosure of personal data to third parties
– No sale, exchange or other unauthorized use of personal data and information takes place at groupify.ch GmbH. Also, groupify.ch GmbH does not disclose personal data of users to third parties, unless the user has given his consent or there is a legal obligation for groupify.ch GmbH to disclose the data. Third parties are not considered to be:
– Contractors of groupify.ch GmbH who provide services on behalf of groupify.ch GmbH. These include, for example, providers of online payments, web hosting and cloud computing, email and newsletter delivery, cloud logging, web analytics, helpdesk ticketing or collection services. The commissioned data processors of groupify.ch GmbH are not exclusively based in the EEA region, but also in third countries (e.g. the USA; certified by the Privacy Shield agreement).

10.   Duration of the storage of personal data
– Registration data: The registration data (that is the e-mail address, gender, date of birth and region) will be stored for the duration of the membership.
– Changes to the registration data can be made by the user independently at any time via the user interface. To prevent misuse, further changes can only be made by the support team. In both cases, the original data will be irretrievably and permanently deleted by groupify.ch GmbH.
– A deletion of the registration data is only possible via a deletion of the entire user account. In order to exercise the right to freedom of expression and information and due to legitimate interests on the part of groupify.ch GmbH to prevent misuse of the platforms, the following data records are retained for 3 years after deletion of the user account:
– The gender, the year of birth (without month and day), the postal code and the last IP address used, in order to be able to enforce the general terms and conditions of groupify.ch GmbH.
– Profile data: Personal information provided by the user in his profile will remain stored until it is changed or deleted by the user. Changes can be made by the user independently at any time via the user interface. In the event of a deletion – regardless of whether it concerns individual details or the entire user profile – the respective data records will be irretrievably and permanently deleted by groupify.ch GmbH.
– Public content: Content published by the user in communities (on bulletin boards, in discussions, questions and activities) is preserved even if the user who created it has already deleted his account. To exclude traceability, the creator name is pseudonymized in the course of account deletion.
– Private conversations: Conversations that the user has directly with others are automatically deleted no later than 3 years after the last message in them was sent. If one of the conversation participants deletes his account before that, his messages will be displayed pseudonymously to the other.
– Log files: All types of log files described in Chapter 6 are automatically deleted after 60 days at the latest.
– Support tickets: Requests sent to the e-mail support (reachable at info@groupify.ch are handled by groupify.ch GmbH. The e-mail address and message texts of the requester are automatically deleted no later than 40 days after the closure of the respective support ticket.

11.     Data subject rights
– In order to assert his or her data subject rights in accordance with the GDPR, a user of the platforms of groupify.ch GmbH may contact info@groupify.ch by e-mail. For the purpose of identity verification, the request must be made from the same e-mail address with which the user is registered on the respective platform. Due to the lack of an obligation to use a clear name, the user is also required to submit a copy of an official photo ID. This is necessary due to Art 12 (6) in conjunction with Art 15-21 DSGVO to ensure that the inquirer is a natural person and that the identity can be verified. Unless otherwise specified, all requests will be processed within the statutory period of 30 days:
– Right to information: The user has the right to request an extract of his personal data stored by groupify.ch GmbH, its processing purposes and recipients (processors).
– Right to rectification: The user has the option of independently correcting all personal data that he/she provides during registration, among other things, at any time in the settings or his/her profile.
– Right to deletion (“right to be forgotten”): The user has the option to delete his user account independently at any time. This is done in the options under settings by clicking on the button “Delete account”. The deletion is carried out with immediate effect and cannot be reversed. Alternatively, as indicated above, the user can contact info@groupify.ch by e-mail to request account deletion. This will be carried out within 7 days at the latest.
– Right to data portability: The user has the right to request an export of his personal data stored by groupify.ch GmbH. This is done in JSON format, which is equally readable by humans and machines.
– Right of objection and restriction of processing: The User may request groupify.ch GmbH to discontinue the use of his personal data in whole or in part (e.g. if he wishes to unsubscribe from the newsletter but retain his account), or to restrict its use (e.g. if the User believes that the data processing is unlawful; in this case, the data processing will be restricted until the legal situation is clarified).

12.   Use of cookies / avoidance of cookies
– Cookies are small text files that contain, for example, information about the user’s previous accesses to the corresponding server or information about which functions have been called up so far. Cookies are not used to execute programs or to load them onto the user’s device. The main purpose of cookies is rather to provide an offer tailored specifically to the user and to make the use of the service as comfortable as possible. For these very purposes, groupify.ch GmbH uses two types of cookies:
– “First Party Cookies”, i.e. cookies that are set by groupify.ch GmbH itself to provide the basic functions of the platforms of groupify.ch GmbH (see 10.2 Essential Cookies).
“Third Party Cookies”, i.e. cookies that may be set by third party companies when visiting the platforms of groupify.ch GmbH (see 10.2-10.5).
– Essential cookies: groupify.ch GmbH uses first-party cookies to customize and optimize the user’s online experience and time (e.g. so that the user does not have to log in again, even if the web browser has been closed in the meantime). groupify.ch GmbH uses both “session cookies” (temporary cookies that only exist as long as the user accesses the website) and “permanent cookies” (cookies that remain on the user’s device even after the website has been visited). In addition, groupify.ch GmbH integrates some strictly necessary third-party services that may set third-party cookies: CloudFlare, to shorten the loading times of the platforms of groupify.ch GmbH and to protect them from hacker attacks, and OneTrust, to manage and store the cookie preferences of the user.
– Functional cookies: groupify.ch GmbH integrates services from third-party companies in order to be able to resolve links to external websites and display them in an appealing manner (Embedly) as well as to enable registration or login via Facebook (Facebook Connect). These third-party providers may set cookies when you visit the platforms of groupify.ch GmbH.
– Performance cookies groupify.ch GmbH integrates services from third-party companies in order to be able to analyze server performance (DataDog) and aggregate visitor behavior (GoogleAnalytics). These third-party providers may set cookies when you visit the platforms of groupify.ch GmbH.
– The following advertising marketers may set cookies when the platforms of groupify.ch GmbH are visited in order to make the advertisements played out more relevant to the user. In the process, information is processed about which websites were visited with the browser, which advertising spaces were clicked on, how long the user stayed on a website and how the user generally interacted with the website. Furthermore, information is collected on the attractiveness of online advertising, for example the number of clicks and the resulting online sales generated by an ad.
– Google (AdSense): Users can deactivate so-called “personalized advertising” in Google’s advertising settings. It is then possible that just as much advertising will be displayed as before, but its content will be less relevant for the user. In addition, cookies will continue to be set after personalized advertising is deactivated, as these are also necessary for displaying non-personalized advertising. Users can find more information about how Google processes and protects personal data in Google’s privacy policy and terms of use.
– GroupM: Privacy policy, request for information
– Traffective: Privacy policy, request for information
– Teads: Privacy policy, request for information
– When visiting the publicly accessible areas of the platforms of groupify.ch GmbH for the first time, the user has the option of adjusting or completely rejecting the use of cookies via a consent management dialog (except for absolutely necessary cookies). The selection made there can be subsequently changed at any time via the link “Cookie settings” in the footer of the publicly accessible areas of the platforms of groupify.ch GmbH.

In the event of subsequent registration or login, functional and analysis cookies are also set. If the user opts for an advertising-financed basic membership, cookies are also used for marketing purposes and personalized advertising (see general terms and conditions of groupify.ch GmbH). Both are done based on the contract and the legitimate interests of groupify.ch GmbH.

If the user blocks all types of cookies (i.e. also absolutely necessary and functional cookies) through his web browser or an external tool, this may reduce the scope of groupify.ch GmbH’s services and have a negative impact on their use.

13.   Use of Google Analytics
– groupify.ch GmbH uses Google Analytics, a web analytics service provided by Google, Inc (hereinafter referred to as “Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymization is active on the platforms of groupify.ch GmbH. On behalf of groupify.ch GmbH, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage.
– The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of the groupify.ch GmbH platforms. Instead, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

14.   Verification of data and messages
– The platforms of groupify.ch GmbH are about making new contacts online for all areas of private life. This is a new experience for many people, and one that takes place outside their usual comfort zone. For this reason, groupify.ch GmbH attaches great importance to seriousness and strives to protect its users from inappropriate contact requests and content. To ensure this, the following precautions have been taken:
– To protect against persons abusing the platforms of groupify.ch GmbH, groupify.ch GmbH uses various automated monitoring tools to randomly analyze activities and check user entries for plausibility, without groupify.ch GmbH being obliged to do so. Certain strings or logins of different users that appear to originate from one and the same computer, for example, may lead to blocking due to suspicious activities.
– In addition, groupify.ch GmbH – also without being obliged to do so – carries out an automated filtering of messages. Texts written by users are checked for their compatibility with applicable law and the General Terms and Conditions of groupify.ch GmbH using word lists. Words, e.g. from the pornographic area or clearly offensive words, are automatically compared with the user’s texts. An attempt is also made to protect users from “spammers”. Should the suspicion of misuse arise in the course of the random/automated checks, the legal consequences are listed in the General Terms and Conditions of groupify.ch GmbH. groupify.ch GmbH is also entitled to refuse acceptance and delivery of incoming and/or outgoing messages if, based on the automated checking process, there is a high probability that the message in question is illegal and/or violates the General Terms and Conditions of groupify.ch GmbH. The user will not receive any notification of rejected and/or undelivered messages.
 
15.    Best practices in online communication
– The user is aware that, according to the current state of the art, data protection is not yet ensured when transmitting data on the Internet. E-mails in particular do not represent secure communication, because the “reading” of content cannot be technically ruled out. The user is responsible for the security of the data he or she transmits via the Internet.

16.   Data Protection Officer
You can contact our data protection officer at the following e-mail address info@groupify.ch.


Zurich, 15.07.2022
groupify.ch GmbH

EN
DE EN