Last updated 1 June 2018
PXL Vision AG having a principle place of business at General-Wille-Strasse 8, CH-8002 Zürich, Switzerland (the “Company”, “we”, “us” or “our”) respects your privacy. Accordingly, we are responsible for the collection, processing and use of your personal data in accordance with the law.
We are committed to the responsible handling of your personal data. We therefore consider it a matter of course to comply with the legal requirements of the Swiss Federal Data Protection Act (FDPA), the Ordinance on the Federal Data Protection Act (OFDPA), the General Data Protection Regulation of the European Union (GDPR) and other regulation on data protection.
1. THE APPLICATION
- The Application allows the user to receive digital identity creation services (the “Services”). The user can scan official documents issued by a governmental institution with his/her mobile device through the Application and store the scanned version of the document on the mobile device. Upon request of the user, the Application performs document and identity verification and, therefore, the Application can be used for identifying the user in a wide range of circumstances (e.g., concluding electronic contracts, ordering services, and background checks).
- Before accessing the scanned version of the document through the Application, we will request you to provide your explicit prior consent for sharing your personal data contained in the scanned document with us or any third party which you would like to allow authenticating you. After you provide your explicit consent, your personal data will be stored on Company’s servers and, upon request of the third party authorized by you, disclosed to that third party for authentication
- Please note that the personal data collected by us may include sensitive personal data (e.g., biometric data) or special categories of personal data (e.g., geo-location data). For collection of such data, we always explicitly ask your express prior informed
- The Services should not be accessed by persons under the age of 18. However, we cannot distinguish the age of people accessing the Application. If a person under the age of 18 has provided us with personal data without obtaining parental or guardian consent in advance, the parent or guardian may request us to destroy or de-identify such personal data. Our contact details are specified in Section 12 of this Privacy
3. TYPES OF COLLECTED PERSONAL AND NON-PERSONAL DATA
- We may collect personal and non-personal data about you through the Application in a variety of ways. The types of personal and non-personal data we collect via the Application are described in detail below. Please note that the types of personal and non-personal data we collect from you depend on which functionalities of the Application you
- When you create an account though the Application, we may collect personal data, namely, your full name, email address, physical address, and mobile phone
- When you scan and submit any documents through the Application and provide your explicit consent, we have access to the personal data contained in those documents, for example your name, driving license number, or
- When you send feedback, respond to our surveys, or contact us in any other manner, we retain your name, email address, phone number, and any other information you decide to provide
- When you scan/make an image for face recognition and authentication purposes, we collect your biometric data (i.e., your face image).
- Types of collected non-personal data. When you use the Application, we collect and process the following types of non-personal data:
- Derivative data. Our servers may automatically collect information when you access the Application, such as your native actions that are integral to the Application, as well as other interactions with the Application and other users via server log
- Geo-location information. We may request access or permission to and track location- based information from your mobile device, either continuously or while you are using the Application, to provide location-based services. If you wish to change our access or permissions, you may do so in your device’s
- Mobile device access data. We may request access or permission to certain features from your mobile device, including your mobile device’s camera, microphone, sensors, storage, NFC, and other features. If you wish to change our access or permissions, you may do so in your device’s
- Mobile device data. We may collect device information that is required to provide the requested Service, such as your mobile device ID number, model, and manufacturer, version of your operating system, phone number, country, location, and any other data you choose to
- Push Notifications. We may request you to send you push notifications regarding your account or the Application. If you wish to opt-out from receiving these types of communications, you may turn them off in your device’s
- Please note that, in some cases, where strictly necessary for pursuing our legitimate interest, non-personal data collected by us may be combined with identifying elements that may enable your identification. In such a case, such combined non-personal data will be handled as personal data.
4. PURPOSES OF PERSONAL DATA COLLECTION
- Having accurate information about you permits us to provide you with a smooth, efficient, and customized user experience. Specifically, we will use your personal data collected through the Application based on the following legal permission and for the below mentioned purposes:
- In the following cases we process the data based on your consent in the sense of Art. 6 para. 1 lit. a GDPR:
- Enable user-to-user communications
- Generate a personal profile about you to make future visits to the Application more personalized
- In the following cases we process the data based on your consent in the sense of Art. 6 para. 1 lit. a GDPR:
- Send you information about new services offered by us that are similar or relate to the Services used by
- In the following cases we process the data for the performance or execution of a contract in the sense of Art. 6 para. 1 lit. b GDPR:
- Provide you with the requested Services
- Create and manage your user account
- Email you regarding your user account or the Services
- Notify you of updates to the Application
- Request feedback and contact you about your use of the
- In the following cases we have a legitimate interest for the processing of such data in the sense of Art. 6 para. 1 lit. f GDPR:
- Increase the efficiency and operation of the Application
- Monitor and analyze usage and trends to improve your experience with the Application
- Resolve disputes and troubleshoot problems
- Compile anonymous statistical data about your use of the Application
- Prevent fraudulent transactions, monitor against theft, and protect against criminal activity
- Respond to product and customer service request
- Solicit support for the Application
- Improve the functioning of the Application and the software algorithms related thereto.
- Marketing communication. After we obtain your explicit prior consent, we use your personal data for direct marketing purposes, such as:
- Sending you a newsletter;
- Offering you new products, services, mobile applications, and/or recommendations;
- Administering sweepstakes, promotions, and contests; and
- Delivering you targeted advertising, coupons, newsletters, and other information regarding promotions related to the Application to
In these cases we process the data based on your consent in the sense of Art. 6 para. 1 lit. a GDPR.
- Please note that you can object to each of this data processing at any time (contact details see below).
- If we would like to use your personal data for the purposes other than the purposes indicated in this Section 4, we will seek your prior explicit
5. THIRD PARTY ACCESS TO PERSONAL DATA
- In certain situations, we may disclose or transfer the personal data we have collected about you to third parties. Such a disclosure or transfer is limited to the situations when the personal data is required for the purposes of (i) provision of the Services, (ii) pursuing our legitimate business interests, (iii) law enforcement purposes, or (iv) if you provide your prior explicit consent. Please note that some third parties may be located outside the European Union and your personal data may be transferred outside the European
- Your personal data will be disclosed and transferred to third parties that request your personal data through the Application for the purpose of provision of the Services (e.g., authenticating you when you conclude a contract with a bank) only after you submit your prior explicit consent through the Application on the case-by-case
- Your personal data may be disclosed to the following third parties:
- Third-party service providers. We may share your personal data with third parties that perform services for us or on our behalf, including face recognition providers (e.g., Microsoft). Please note that, where possible, we will anonymize the personal data that we may disclose to such third-parties.
- Interactions with other users. If you interact with other users of the Application, those users will only see the personal data that you have approved to share with
- Business Partners. After obtaining your prior express consent, in some cases, we may use your personal data to offer you certain products, services or promotions of our business
- Other Third Parties. We may share your anonymized personal data with advertisers and investors for the purpose of conducting general business analysis. We may also share your anonymized personal data with such third parties for marketing purposes, as permitted by
- By law or to protect rights. If we believe the release of personal data is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your personal data as permitted or required by any applicable law, rule, or regulation. This includes exchanging personal data with public authorities for fraud protection and credit risk
- We are not responsible for the actions of third parties that are not mentioned in this Section 5 and with whom you share your personal data, and we have no authority to manage or control third party
- We do not sell your personal data to third parties and do not intend to so in the
- With the exception of the cases mentioned in this Section 5, we do not disclose or transfer your personal data to third
6. COOKIES AND TRACKING TECHNOLOGIES
- Website Analytics. We may partner with selected third party vendors, such as Google Analytics to allow tracking technologies and remarketing services on the Application through the use of first party cookies and third-party cookies, to, among other things, analyze and track your use of the Application, determine the popularity of certain content, and better understand your online activity. By accessing the Application, you consent to the collection and use of your personal data by these third-party vendors. You are encouraged to review their privacy policies and contact them directly for responses to your
However, some of the mentioned partners are seated in the US. For the sake of completeness, we note that as part of US legislation, the US authorities are able to take surveillance measures, under which the general storage of all data sent from the European Union to the US is possible. This takes place without distinction, limitation or exception, on the basis of the objective pursued and without objective criteria that would allow it to limit access by US authorities to personal data and its subsequent use to specific, strictly limited purposes that justify access to this data.
- We do not transfer your personal data to the third-party vendors mentioned in this Section 6. However, if you do not want any data to be collected and used by tracking technologies, you can visit the third-party vendor or http://www.aboutads.info/choices/, http://www.adobe.com/privacy/opt-out.html, Digital Advertising Alliance Opt-Out Tool, or Network Advertising Initiative Opt-Out Tool.
- You should be aware that getting a new computer, installing a new browser, upgrading an existing browser, or erasing or otherwise altering your browser’s cookies files may also clear certain opt-out cookies, plug-ins, or
7. THIRD-PARTY LINKS
- We are not responsible in any manner for the content or privacy and security practices and policies of any third parties, including other websites, services or applications that may be linked to or from the
8. SECURITY OF YOUR PERSONAL DATA
- We use administrative, technical, and physical security measures to protect your personal data. Such information security tools include, but are not limited to, secured networks and encryption. Our security measures are adapted continually in line with the technological developments.
- We also take internal data privacy very seriously. Our employees and the service providers commissioned by as are obliged to maintain secrecy and comply with the provisions of data protection In addition, they are granted access to personal data only to the extent necessary.
9. CONTROLS FOR DO-NOT-TRACK FEATURES
- Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow it in the future, we will inform you about that practice in a revised version of this Privacy
10. OPTIONS REGARDING YOUR PERSONAL DATA
- Accessing and correcting personal data
- We take reasonable steps to ensure that the personal data collected and processed by us is accurate, complete, and up-to-date. Thus, we ask you to keep your personal data as current as possible and update your personal data through the Application if
- You may at any time review or change the personal data in your user account or terminate your user account by logging into it through the Application and updating your personal data. You further have the right to obtain information on the personal data that we store about you on request free of charge. In addition, you have the right to correct inaccurate
- Upon your request to terminate your user account, we will deactivate or delete your account and information from our active
- You also have the right to demand the release of the data you have given to us (right to data portability). On request, we will also forward the data to a third party of your choice. You have the right to receive the data in a common file
- If you would like to access, modify, or delete your personal data that is processed through the Application, please send us an email to the following email addresses: email@example.com or firstname.lastname@example.org. We will answer your request within a reasonable timeframe but no later than within two
- Apart form that you have the right to complain to a data protection authority at any time.
10.2 Opt-out from marketing communication
- If you no longer wish to receive any correspondence, emails, or other marketing communications from us, you may opt-out by:
- Noting your preferences at the time you register your user account through the
- Logging into your account settings and updating your marketing communication preferences; or
- Clicking on the “unsubscribe” link contained in each such marketing email sent to
- If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party
- Retention period. Your personal data will be kept for as long as it is necessary to provide you with the requested Services. When your personal data is no longer necessary to deliver the requested Services, we will delete your personal data immediately, unless we are obliged by law to retain such personal data for a specific period of time (e.g., for accounting record purposes, enforcement of our terms and conditions statement, fraud prevention, and troubleshoot problems).
11. COMPLAINTS ABOUT HANDLING OF PERSONAL DATA
- You have the right to submit a complaint about the way in which your personal data has been handled to us by using the contact details indicated in Section 12 of this Privacy
- After you submit such a complaint, we will send you an email within 5 business days confirming that we have received your complaint. Afterwards, we will investigate your complaint and provide you with our response within a reasonable timeframe but no later than 2
- If you are a resident of the European Union and you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority.
12. CONTACT US
Address: PXL Vision AG, General-Wille Strasse 8, Zürich 8002, Switzerland
Phone number: +41 44 295 10 40
Contact form: https://pxl-vision.com/contactus/
14. LAST AMENDMENT