Protecting your privacy.
We protect your data
with the associated subpages, as well as for our corporate presence on LinkedIn. Access to our website is free, although some of our online services are restricted to certain users and require registration. Our online offers are not aimed at children or the general public. Our websites are structured so that you can visit them without having to disclose any
comprehensive information about the data pro-cessing performed by us and applies to all data processing by DeepCloud, regardless of whether we receive your personal data online or offline and regardless of the communication channel (such as company website, other company websites on the Internet, by telephone, email, post, or personal contact).
Abacus-Platz 1 9300 Wittenbach – St. Gallen Switzerland
T +41 58 854 14 email@example.comWe have appointed a data protection officer for DeepCloud. They are available at:firstname.lastname@example.org
Insofar as DeepCloud processes personal data and the General Data Protection Regulation (“GDPR”) applies to such processing, we have designated as our representative in the EU:
Abacus Business Solutions GmbH
Mies-van-der-Rohe-Straße 6 Tower 1 – 10. OG 80807 Munich
If you have any questions about data protection, please feel free to contact us at any time.
What is personal data?
circumstances of an identifiable individual, such as the number of visitors to a website. There are also so-called special categories of data (“sensitive data”). This includes data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic and biometric data to
uniquely identify you, health data, or data concerning your sex life or sexual orientation. We will only process such data – if at all – with your explicit consent, unless another legal basis makes such data processing necessary.
Our data processing and your data
transmit to us in other ways, for example by mail, email, telephone, during a business transaction, or personal contact. Our data processing includes, for example, the collection, storage, transmission, deletion, and other processing of your data. Only data that is necessary and appropriate for the intended purpose will be processed. Our data
processing is carried out for the purposes stated by us or for the purposes requested by you. Data processing outside of the intended purposes will only take place if we inform you accordingly and if a change of purpose is lawful.In the following, we inform you about the individual data processing, its purpose, and its legal basis for us as a company.
Your contact information
we store and process information that you select in lists and menus on our websites. When you send us an email we save the content of the email as such, and the data that is generated when inquiries are sent to our email servers, such as sender and recipient IDs, time stamps and, if necessary, reasons for errors or rejections if the transmission of
an email fails. If you wish to receive information material, you can also provide us with your email address so that we can send you the requested information by email with your consent. We use your data ourselves or provide it to the relevant companies. This is done within the framework of data protection and competition law requirements. We process
your data based on legitimate interests. Processing is done both in your interest – you have contacted us – and in ours, to establish the satisfaction of all inquirers, if necessary to fulfil a contract with you, or to carry out pre-contractual measures. We will only process your data for the purpose of contacting you. Your data may be stored in our
CRM system and in other technical systems. When using website forms, your data will be transmitted in encrypted form according to the current state of the art. You provide us with your data voluntarily, and only as much data as necessary is requested (mandatory data are marked with *). All other information is optional.
Transmission of data to selected partners
Offers requiring registration and login
better picture of our services in the context of an online presentation, remote access in a support case, the registration for events, or the scheduling of an appointment. This involves providing and transmitting to us a variety of data resulting from the respective form or our queries. When using such a form, your data will be transmitted in
encrypted form according to the current state of the art. You provide us with your data voluntarily, and only as much data as necessary is requested (mandatory data are marked with *). All other information is optional. DeepCloud is free to choose their authentication methods. The data to be provided results directly from the specific procedure used.
You are required to choose strong passwords when choosing login credentials. You are responsible for the security of your login data and must not pass it on to unauthorised third parties. The processing of your data within the scope of our (registration and login required) offers is carried out with your consent when registering or logging in, based
on our legitimate interest in providing you with the information necessary to use our services satisfactorily, in order to be able to contact us, and for the proper processing of an existing contractual relationship.
Registration and deepbox account login
foundation or association (“Organization”). Before completing the registration process, a choice can be made between the two options. Depending on the choice, a “Private” deepbox account will be opened for the Registrant as a contractual partner with DeepCloud or, if the necessary requirements are met, an “Organization” deepbox account will be opened
for the Organization as a contractual partner For a deepbox account of an Organization, the authorization of the Registrant to enter into the contractual relationship for the Organization is required. When using certain deepbox Services or extended functionalities of the deepbox account, the unique identification of the Registrant and, if applicable,
the verification of the Organization is required. For identification and verification purposes, the services of a third-party provider are integrated. The terms and conditions of the third-party provider apply. As part of these processes, relevant data about the Registrant and the Organization, as well as the results of the identification and
verification, are transmitted between DeepCloud and the third-party provider. The identification and verification processes may take place within a reasonable period of time. If the relevant process is not successfully completed within this time period, the deepbox account will be deleted. After registration, an access-protected login can be used to
log in to the deepbox account and use various deepbox Services. Two-factor authentication, possibly also from a third-party provider, can be activated for the login. The terms and conditions of the third party provider apply. After successful registration, you have the option of using the services located there (some of which are subject to a fee),
such as a deep, shared or special box, deepo, deepv, deeppay, or deeppoint.
Use of the deepbox account and the deepbox Services
processes and accounting, with the possibility of integrating employees and other third parties. The efficient analysis and use of information within the deepbox account is also possible. If you have purchased subscriptions for certain deepbox Services within the deepbox account, these can also be used by your authorized users by releasing them in
the deepbox account and after they have registered for a deepbox account. The person who opens a deepbox account is responsible for the use of the deepbox until an organization has been verified for the relevant deepbox account. The respective Owner of the deepbox account is responsible for the use and thereby processed data within the scope of the
deepbox account and the deepbox Services, to maintain data protection if personal data is collected in the process. It is possible to collect, store, modify, or delete data with a deepbox. For the use of the deepbox account and the deepbox Services, all data will be stored and processed that accrue upon registration as well as all data and documents
that are collected and processed in deepbox and when using the deepbox Services. This includes data related to address entry, accounting, invoices and quotations, time recording, expense receipts, payroll accounting, and all content provided by the user in the process. Furthermore, this also includes content that can be processed by a fiduciary or by
additional services such as those of payment providers, when using mobile Apps, and exchanged between the respective parties involved. The data processed in the deepbox account and the deepbox Services include the following: personal master data such as name, address, date of birth, employer, contact data such as telephone and/or email address, time
and wage recording data such as working hours, absences (sickness or holidays), overtime and extra hours, expense receipts, product master data, contractual relationship data and contractual data including delivery, payment and invoicing data, bank account and credit card data, and all data recorded within the deepbox account and deepbox Services.
This data may come from current and former employees and job applicants, service providers, suppliers, banks and other payment providers, customers, business partners, prospective customers, and all the employees of the companies who act as contacts for these companies. During the contractual relationship, DeepCloud shall back up the content stored
in the Apps in accordance with standard backup procedures and shall endeavor to avoid data loss as far as possible. However, in general, the Owner of the deepbox account is responsible for the preservation and archiving of its data and documents and acknowledges that they are not archived by DeepCloud. In the event of termination of the use of the
deepbox account (e.g. ending the contractual relationship, termination) or the deepbox Services, the Owner of the deepbox account is responsible for scheduling the termination of the use of the deepbox account and the deepbox Services. The latter can instruct DeepCloud to make their data available in an export file before deletion of the data in
deepbox takes place. The Customer shall, autonomously and in due time prior to termination, ensure that its data files are backed up and delete corresponding data or authorise DeepCloud to delete the data upon termination of the contractual relationship, as the data will be deleted at the latest upon expiry of the backup periods. Access to the
Owner’s data files is excluded after termination of the contractual relationship. Data that Abacus is legally or contractually obliged to store for a limited period of time, and data that is still needed for the settlement or collection of the services provided, shall be excluded from the deletion. Your authorisation to use these services will end if
you delete your account or lose your authorisation to use the services. Your login data will be deleted once you no longer have access authorisation.
Details on the use of Matomo
Additional services activated by the user
fiduciary access to the data in the application in order to carry out the necessary data processing and data synchronization. The deepbox account Owner is responsible for granting and restricting or revoking the fiduciary’s and also its other authorized users’ access rights to its data and whether they engage in lawful data processing activities
within deepbox. The connection to the fiduciary’s deepbox account is made either by the deepbox account Owner themself or by the fiduciary. AbaNinja contains the option of connecting to services of different payment providers such as banks or payment service providers. When using deeppay, third-party services (such as payment initiation and account
information services) are possible. DeepCloud merely provides the interface to these third-party providers for a data exchange so that the executed transactions can be displayed or triggered. For the execution of the transactions, an exchange of data takes place between the participants. For unique assignment, an application-relevant ID is used
together with additional access data for the respective participant. This can be bank or payment-specific data such as account information, IBAN, or the credit card number. Each party involved is responsible for the data processing taking place in its area of responsibility and for the security of the data in accordance with the agreed provisions.
The responsibility for the provision and processing of the additional services and the processing of data when using said services (including the payment and account information processed via these services) does not lie with DeepCloud, but with these third-party providers.
Commissioned data processing and commissioned service providers
The aim is that data processing in the context of the use of the deepbox account takes place mainly in Switzerland. If we engage contracted service providers in the EU (for example in Germany) for certain services, then we aim to arrange server solutions in Switzerland. Should it nevertheless become necessary for our commissioned service providers to
process data in the EU (for example in a support case), the EU offers a level of data protection that is adequate for Switzerland. If we ourselves, as the responsible party, use contracted service providers for our own purposes, we also try to ensure that data is processed in Switzerland. In special cases, we may require the services of service
providers who provide their services outside Switzerland. In such cases, we try to commission service providers in a country that has a level of data protection appropriate for Switzerland. Otherwise, we ensure with suitable guarantees such as standard data protection clauses or upon your consent that a legally compliant data transfer can take place.
In any case, our contracted service providers are carefully selected and commissioned. They are bound to our instructions and are regularly monitored. Only such data is transmitted that is necessary for the provision of the respective service.
Data processing when using our mobile applications (Apps)
Function of the deepbox mobile App:
deepbox (iOS and Android) allows documents from different sources (via the camera, from the photo album, or from another cloud service) to be transferred to a deepbox.
Technical data and information that is processed and/or stored:
The App supports devices with iOS and Android (from Android version 5.0, exception: Huawei devices with their own operating system that do not support Google Services).
- (Static) URL for access to the deepbox system
- Authentication factors (Access & Refresh Token) for access to the deepbox Tokens are deleted after the user logs out within the App.
- App Version
- Model of the terminal device (iPhone/Android)
- Version of the operating system
- Indication of the countries/regions in which the App is used
- Android: CrashReports and StackTrace (Sentry). In the case of event logs, these are active by default (Matomo). The user can set restrictions or deactivate this via the settings.
- iOS: Logs are created by the Microsoft AppCenter for debugging purposes (CrashReports only). Information processed by the AppCenter can be found at
- Documents and content captured via App
“Privacy/ Data Protection”: Display of a window with selection
- Required analysis data:</strong >CrashReports and StackTrace, specification of countries/regions, Microsoft AppCenter information (by default)
- Complete analysis data:</strong >Event logs (Android)
Data, information, and documents for uploading to a deepbox are (temporarily) stored in the App (storage also possible for offline use) or made available via access authorisation. DeepCloud only stores technical or statistical analysis data on the use of the App (such as crash reports, countries/regions) within the scope of App use, otherwise storage
takes place in the user’s mobile device or after transfer of the data, information, and documents in the connected deepbox.
Third-party services used:
Microsoft AppCenter services to make the App more secure and to analyse crash reports.
Sentry, to analyse crash reports and Matomo to analyse the use of the App.
including the libraries listed within the App settings “Licences”.
The App requires access to the camera function (to be able to scan, store, and read the documents), the photo album (where documents are stored to be used), the calendar (iOS only, so that expiry dates of the documents can be determined by means of the calendar) and the activation of the location services (where the locations are recorded by code).
Furthermore, access to the “Internet” is required to enable a corresponding transfer connection to the connected deepbox. The access authorisations are requested when the App is installed and the respective function is used for the first time. They only become active when the user has agreed and can be deactivated at any time, after which certain
functions of the App can no longer be used.
On older devices (older than Android 6), permission is requested when the App is installed.
Access protection can take place via the mobile terminal, in which the possible access restrictions are activated and the existing encryptions are used. No separate App access protection is implemented.
As a network protocol, the App uses the HTTPS protocol with TLS encryption for communication.
Registration for a Webinar via LIVESTORM
you are interested in other topics are optional. Before you complete the appointment, you can check and adjust your data again. We need this data to be able to plan and conduct the meeting with you. We use LIVESTORM SAS, 24 rue Rodier, 75009 Paris, France, for the registration and implementation of the Webinar. This is a service provider commissioned
by us, to whom your data will be passed on for the purposes described above. For its services, it uses Amazon Web Services LLC, P.O. Box 81226. Seattle. This is an American company, so there is the possibility that data might also be processed in the U.S. Abacus hereby expressly points out that the U.S. is not a safe third country in the sense of
Swiss data protection law and that due to existing regulations, there is the possibility that U.S. companies are obliged to hand over data to security authorities. In this respect, data subjects currently do not have sufficient legal remedies to take action. Abacus cannot therefore exclude that U.S. authorities (such as intelligence services)
process, evaluate, or store such data in the U.S. for monitoring purposes. We have no control over that. However, we will endeavour to ensure that appropriate guarantees, such as standard data protection clauses, are in place or when using the service, you grant your consent for this in order to ensure legally compliant data transfer.
websites on the Internet or by telephone. The data provided by you will be stored by us and processed for the planning and implementation of the Event as well as for the follow-up support of the participants and, if necessary, passed on to our commissioned service providers. If you take part in an (online) event, a webinar or a survey, certain data
such as your email address, name or the company you work for are required for the implementation of the (online) Event, the webinar or for the evaluation of the survey. In some cases, a survey is also conducted anonymously. Contracted service providers are used precisely for the implementation of such events. We are happy to provide information about
our contracted service providers upon request. When participating in an Event, the General Terms and Conditions for Events apply. We reserve the right to publish your name, company and, if applicable, photo and company logo after an event (e.g. website, flyers, reports, company appearances in social media, etc.). We reserve the right to delete these
publications at any time without giving reasons.
Data processing due to legal requirements resulting from the Corona Virus
At events, we are obliged to comply with the legal requirements, for example by the Federal Office of Public Health (FOPH) (such as Safety Concept and Contact Tracing) and to collect corresponding data. These requirements can change constantly, which is why we reserve the right to adapt our safety concept at any time. You are required to follow this
accordingly. For details on how we process data in such a case, please refer to the specific protection concept.
Participation in a raffle at an event
If participation in a raffle is possible at an event, we process your data so that you can participate in the raffle and a winner can be determined and notified at the end. We use your data within the scope of the raffle on the basis of your consent to participate in the raffle. You can revoke this at any time with effect for the future. You can find
more information on a possible revocation under “Your rights”.
Video and photo recordings when participating in an event
We reserve the right to take photos and videos during an event in which you may also be featured. These photos and videos will be used exclusively for our own purposes (e.g. use for company websites, flyers, reports or via newsletters, for company appearances in social media, information to participants via email, etc.) to report on, or document the
event. If you are shown as part of a larger group of people or are merely an “accessory” to a building or location where you are not the focus of the shots, we may take these photos and videos based on our legitimate interests for the purposes described above. You can object to their use at any time. If you are portrayed as an individual or are the
focus of any recording, we will seek your consent for such recording. You then have a right of withdrawal in relation to your consent. If photos and videos (sound and image) are taken of you, e.g. for testimonials, for giving presentations or training, for your support in improving or developing our services, this will only be done with your consent.
You can also revoke this consent at any time. Details can be found in the specific declaration of consent.
Online events and meetings
More and more events and meetings are being held online only to protect participants. This requires an invitation or registration, for which you will be sent an email with a participant link. There may be live presentations, video demonstrations and active information exchange. It is possible that we record an online event with sound and video and
that participants can be heard and/or seen. These recordings are used exclusively for the company’s own purposes (e.g. use within a lecture or training series, webinars, for the company’s own websites, flyers, reports, for company appearances in social media, newsletters, information to participants by email), to report on it, to document it or to
replay it. When participating in such an event, participants are set to “mute”, also, it is not necessary for the participant to activate their camera in order to send pictures of themselves. Sound and/or video activation is only carried out by the participant after their approval. By agreeing to this, the user gives their consent for sound and image
recordings to be made of them in the event that the online event is recorded. No sound or images are edited out afterwards. If the participant does not want to be recorded, they should not activate their audio and video functions throughout the event. It will still be possible to send questions to the moderator(s) via the chat function. These will be
answered by the moderator(s) as far as possible during the event or in person via the chat function. For the planning and implementation of such events and meetings (including the sending invitations and confirmations of participation, the analysis of the event or surveys relating to it) we use evenito AG, Limmatquai 122, 8001 Zurich, Switzerland.
This is a service provider commissioned by us which receives your data for the purposes described above and which itself uses commissioned service providers for this purpose. We also use software solutions from Zoom Video Communications (“Zoom”), Inc.,55 Almaden Blvd, Suite 600, 95113 San Jose, California/USA for meetings. These companies also
process data in the U.S. Abacus hereby expressly points out that the U.S. is not a safe third country in the sense of Swiss data protection law and that due to existing regulations, there is the possibility that U.S. companies are obliged to hand over data to security authorities. In this respect, data subjects currently do not have sufficient legal
remedies to take action. Abacus cannot therefore exclude that U.S. authorities (such as intelligence services) process, evaluate, or store such data in the U.S. for monitoring purposes. We have no control over that. However, we will work to ensure that appropriate safeguards are in place in this regard, such as standard data protection clauses, or
you give your consent to this when using the services or attending such an event or meeting, in order to ensure that data is transferred in accordance with the law.
unsolicited applications, are welcome to be sent by email to
. Note that unencrypted emails are not protected against unauthorised access when they are sent. You can encrypt your attachments to the application yourself, for example with a ZIP solution and communicate the corresponding password separately (by telephone). If you apply for an advertised position by email, the data you provide (e.g. title, name,
postal address, email address, telephone number, languages, earliest start date, your cover letter, and other data and documents you provide) will be stored in order to process your application. This is done in order to carry out pre-contractual measures with you in relation to possible employment as an employee.Other data processing in the context of your application
If you provide references as part of the application process, we will assume that, where the data relates to an individual, you have obtained their consent for us to contact them and you consent to us obtaining the reference from that individual. If we ask for a reference, we will only contact them with your consent. Consent is given voluntarily and
can be revoked at any time for the future. To get a better picture of your professional history, we may visit your professional profiles on LinkedIn and Xing. We process this publicly available job-related data about you in our interest to find out whether you fit the advertised position and our company. If you do not want this, you can let us know.
We do not look at or process data from social networks or other websites that do not have a company or employment-oriented context.
Quality of your data when applying
The data you provide should be accurate, complete, not misleading, and up-to-date. Failure to do so may result in your application not being considered or appropriate legal consequences being drawn after you have already been recruited.
Storage period of your application
If the application procedure does not lead to a position being filled, your application will be deleted at the latest four months after completion of the application procedure, unless the data is needed to defend legal claims asserted against us from the application procedure (this is done on the basis of our legitimate interests), unless a different
period is provided for by law or you have expressly consented to further processing of your data. If your application leads to employment, all data required for this will be processed within the framework of your employment relationship in accordance with the statutory provisions.
Recommendations and references
this; details can be found in the specific declaration of consent.
Surveys about our services
the link to the survey, whereby we receive your name and email address as part of our contractual relationship with the company for which you work. Participation in a survey is always voluntary and only takes place with your consent. By closing the browser, it is possible to terminate the survey at any time without any adverse consequences for you.
We store and analyse the results of the survey on the basis of legitimate interests in order to improve our services. We may also share the results of surveys with our business partners or prospects, but no personal information will be disclosed. As part of a survey, you also provide us with data such as your name, email address or the company you
work for, as well as data resulting from the survey that you can provide (in a free text) within the survey. To conduct surveys, we use the survey tool LimeSurvey from LimeSurvey GmbH, Papenreye 63, 22453 Hamburg, Germany with an on premise solution at our premises in Switzerland.
Use of DeepCloud Support
Use of our Help Centre
Data processing when using our websites
regulations. We are happy to provide information about our contracted service providers upon request. Through this data processing, contact data, content data, usage data, meta data, and communication data are processed by us or our service providers on our behalf when you use our website. This is done on the basis of our legitimate interests in the
efficient and secure provision of our website, to protect against misuse and other unauthorised use, on the basis of a service requested by you or a contract to be concluded with you following an order by you or, in certain cases, following your consent.
Automatic collection of access data and server log files
- the domain visited and the files accessed
- the IP address of the terminal device used
- date and time and duration of the visit
- website from which the access was made
- operating system of the end device used
- the browser used for access as well as all information from the ‘user-agent’, which the browser transmits to the server
- extent of the transmitted data volume
We use this information based on the following legitimate interests:
- to view our website
- to ensure the stability and security of our website
- for statistical evaluations of our websites
- to improve our web presence
- with clarification work of support cases
- for the analysis of technical problems
- for safety-relevant clarifications
- in suspected cases of unlawful use (e.g. to clarify acts of abuse or fraud)
This information is stored for a maximum of 90 days and then deleted, unless its retention beyond this period is necessary for evidential purposes, such as for use as evidence before authorities or courts for unlawful use of our website. We will then exempt them from deletion until the respective incident has been finally clarified and may keep them
until a legally binding decision or judgement has been reached. This information is stored in such a way that, as a rule, it cannot be assigned to any specific person by us, except if you register for a special offer on the website. As a matter of principle, the above-mentioned data will not be passed on to third parties, unless it is necessary for
the pursuit of our claims, for the fulfilment of the intended purposes, after your consent or there is a legal obligation to do so.
Cookies and other technical means
this way may subsequently be evaluated by us or third parties and merged with other data. As a rule, they serve to make the internet offer as a whole secure, more user-friendly and more effective, which is in both your and our interest. For some cookies that are not essential for technical storage or access to our website, or that are not only used
to enable the use of a service you have explicitly requested, we will ask for your consent by means of a so-called cookie consent banner.
What are the basic cookies?
cookies (these remain stored on your end device until a specified expiry date). The following cookies are generally possible:Necessary including preferences
Necessary cookies are required for the secure operation of our website, to enable us to transmit and display our website content to you, to enable you to navigate the website or to enable us to quickly identify and rectify technical problems. Preference cookies allow you to use the website more comfortably by remembering options you have chosen (such
as a language choice) or providing functionality you have requested (such as remembering a choice or performing a function). These cookies do not require your consent, but their use is based on justifiable interests.
These cookies allow statistics and analyses to be created, whereby pseudonymized or anonymized data is collected in order to gain knowledge about website usage, to improve the our service or to quickly identify and solve technical problems.
Enable the display of personalized content by recording and analyzing your usage behavior. This is also performed outside of our websites, as these cookies can follow you. Cookies from third-party providers are also used and (pseudonymised) data about your surfing habits are given to them for evaluation and further use.
Which cookies do our websites use?
means of a cookie consent banner before activating these cookies. For information on the data processing of possible third-party providers whose cookies you can consent to when using our websites, please refer to their data protection declarations. Please note that you can set the common browsers in such a way that you are informed about the setting
of cookies and can decide individually about their acceptance or can exclude the acceptance of cookies for certain cases or generally. Each browser differs in the way it manages cookie settings. The help menu of each browser explains how you can change your cookie settings. We cannot guarantee that you will be able to access all functions of our
websites without restriction if you do not allow cookies. We recommend that you regularly delete your cookies and browser history manually.
reCAPTCHA from Google
automated, machine program (e.g. a bot). For this purpose, certain entries are required before registration or login so that verification is possible. In addition, your IP address and, if applicable, other data such as the website that you visit with us and on which reCAPTCHA is integrated, the date and the time spent on our website, the
identification data of the browser and operating system type, your Google account if you are logged into Google, mouse movements on the reCAPTCHA areas as well as the tasks in which you identify images are also required by Google for reCAPTCHA. They are sent to Google and processed by them. The analysis starts automatically as soon as you open the
website with reCAPTCHA. We use reCAPTCHA from Google to ensure the security of our systems. Data and documents uploaded via a form are stored directly in our systems. If we did not install such a security tool, bots would be able to log on to our systems unhindered. This is how we protect ourselves from unwanted and dangerous automated calls. It is
in our legitimate interest to protect our system security. If you would like to know more about reCAPTCHA or how Google processes data, you can find out more directly from Google on their website.
Newsletter and promotional approach
With us you have the possibility to subscribe to a newsletter. In the following we explain the procedure involving newsletters.
- Content of the individual newsletter: We only send emails with promotional information (hereinafter “newsletter”) with your consent. Our newsletters contain information on our services and benefits, also those of the companies of the Abacus Group.
Automated processing: Web beacons are used in our newsletters. These are small, unrecognisable embedded images or objects (such as clear GIF, pixel tags and single pixel GIFs) that return information from you after you open the email you receive. In this way, we can measure success in order to compile statistics for the popularity of our offer. It
also allows us to evaluate your user behaviour accordingly. We also store information about the browser you are using and the settings you have made in the operating system you are using, as well as information about the internet connection you are using to access our website. Through the newsletter sent to you, we receive, among other things,
receipt and read confirmations as well as information about the links you have clicked on in our newsletter. Through this data processing (performance measurement), we aim to align our advertising approach to your interests and optimise our offers on our website.
- Consent: The dispatch of the newsletter and the associated performance measurement is based on your consent when registering for the newsletter.
- Registration procedure and logging: To ensure that no one can register with other people’s email addresses, you will receive an email asking you to confirm your registration. This confirmation is necessary to receive the newsletter. If the registration is not confirmed within 4 days, the information will subsequently be deleted.
Registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements and to clarify any possible misuse of your data. This includes the storage of the login and confirmation time as well as the IP address. Changes to your stored data are also logged.
- Login data: To subscribe to the newsletter, all you need to do is enter your email address. Optionally, you can enter a name for the purpose of a personal address in the newsletter.
- Recall: You can stop receiving a newsletter at any time, i.e. withdraw your consent, by sending an email email@example.com clicking on the unsubscribe link in the newsletter or by contacting the address given in theImpressum</a >
contact details given in the imprint. You will not incur any costs other than the transmission costs according to the basic rates. You will find a corresponding link for revocation at the end of each newsletter.
- Storage after revocation: We may store unsubscribed email addresses for up to three years to prove consent was previously given. The processing of this data is limited to the purpose of a possible defence against claims. An individual deletion request is possible at any time, provided that the former existence of consent is
confirmed at the same time. Your data will only be used for other purposes after you have withdrawn your consent if you have expressly consented to this or if further processing is justified, about which we will inform you.
Marketing measures by email to existing customers
If we have received your email address from you in connection with the provision of a service and you have not objected to its subsequent use, we reserve the right to use your email address for direct advertising for our own similar services already purchased. After considering our interests, these marketing measures serve our legitimate interests in
addressing our existing customers in an advertising manner. The prerequisite is that we inform you when collecting the email address and each time it is used so that you can object to its use at any time (this does not incur any costs other than the transmission costs according to the basic rates).
Commissioned service providers for marketing measures
Marketing measures by email can be carried out by commissioned service providers. For this purpose, your data such as name and email address will be passed on. For sending Newsletters, we use, among others, the mailXpert GmbH, Schulstrasse 37, 8050 Zürich. The data required for this is
We are happy to provide information about our other contracted service providers upon request. You can object to marketing measures at any time by sending an email to firstname.lastname@example.org, by clicking on the unsubscribe link in the email or by contacting the contact details given in the imprint. You will not incur any costs other than the transmission costs according to the basic rates. You will find a corresponding link for the objection at the end of each such email.
Telephone and postal advertising
We reserve the right to use your first and last name as well as your telephone number and postal address for our own advertising purposes in order to be able to send you interesting offers about us, our products, services or events organised by us by telephone or by post. Telephone advertising is only carried out with your presumed consent. After
weighing up our interests, the advertising approach by letter serves our justified interests in addressing our customers and potential interested parties. We will check and respect a possible advertising objection (e.g. through a star entry in public telephone directories) in advance. Promotional letter mail can be processed and sent by a
commissioned service provider. For this purpose we will pass on name and address data to them. We are happy to provide information about our contracted service provider upon request.
Objection to advertising and revocation of consent
You can revoke your consent to be contacted for advertising purposes or object to the storage and use of your data for the above-mentioned purposes at any time by sending a message to email@example.com or by contacting the contact details given in the imprint. You will not incur any costs other
than the transmission costs according to the basic rates. After that, your contact details (e.g. from the newsletter) will be deleted. Further processing of your data remains possible insofar as its use is further permitted or permitted by law.
Passing on data for advertising purposes
Your contact details may be passed on to another company of the Abacus Group in Switzerland or Germany as well as to our solution partners. Promotional advertising will be carried out within the framework of legal requirements. If you have given your consent, if necessary, to a promotional approach (e.g. by newsletter), and also to a transfer of
personal data for this purpose to a company of the Abacus Group or one of our solution partners, this may be used for the corresponding promotional approach by the authorised party.
Our company presence on LinkedIn
this platform, e.g. write articles on the various online presences or send messages. In addition, we are provided with statistical data of the visitors to our company website in our administrator account. This includes data evaluating visitors’ interactions with our respective posts, a follower demographic and its origin, as well as web traffic and
our company presence on this platform at regular intervals for possible violations of the law in order to be able to take immediate action. We have no influence on the data collected and data processing operations by a platform operator. It stores the data collected about you as a usage profile and uses this for the purposes of advertising, market
research, and/or designing the website to meet your needs. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of needs-based advertising and to inform other users of the network about your activities on our website. You have a right to object to the creation of these user profiles, whereby you must
contact the platform operator directly to exercise this right. Data processing by the platform operator after use of a link on our website takes place regardless of whether you have a user account there and are logged in there. If you are logged in, your data will be directly assigned to your user account. We recommend that you log out regularly
2029 Stierlin Court, Mountain View, California 94043, USA
LinkedIn is an American company, so there is the possibility that data might also be processed in the U.S. Abacus hereby expressly points out that the U.S. is not a safe third country in the sense of Swiss data protection law and that due to existing regulations, there is the possibility that U.S. companies are obliged to hand over data to security
authorities. In this respect, data subjects currently do not have sufficient legal remedies to take action. Abacus cannot therefore exclude that U.S. authorities (such as intelligence services) process, evaluate, or store such data in the U.S. for monitoring purposes. We have no control over that. However, we will endeavor to ensure that appropriate
guarantees, such as standard data protection clauses, are in place or your consent is obtained to ensure that data is transferred in accordance with the law.
optimal provision of our services, which is in our legitimate interest. When you call up such a video, a connection is established to the Vimeo servers. Vimeo receives the information that you have accessed the corresponding subpage of our website with the embedded video as well as the IP address. Vimeo is set so that your user activity is not
points out that the U.S. is not a safe third country in the sense of Swiss data protection law and that due to existing regulations, there is the possibility that U.S. companies are obliged to hand over data to security authorities. In this respect, data subjects currently do not have sufficient legal remedies to take action. Abacus cannot therefore
exclude that U.S. authorities (such as intelligence services) process, evaluate, or store such data in the U.S. for monitoring purposes. We have no control over that. However, we work to ensure that appropriate guarantees are in place in this regard, such as standard data protection clauses, or you give your consent when using these services to
ensure that data is transferred in accordance with the law.
regular intervals in order to remove the link immediately in the event of possible infringements. If you have any indications of possible legal violations on the pages linked by us, we ask you to inform us so that we can stop a possible connection. If you click on such links, your data may be transferred to companies in countries outside Switzerland,
the EU or the EEA that do not ensure an adequate level of protection for the processing of personal data. Please remember this before clicking on a link and thereby triggering a possible transfer of data.
Data processing within the scope of our business operations, its purposes and its legal basis
We process data from our employees, customers, suppliers, applicants, interested parties, other business partners, or third parties and their employees. This data is either provided by the data subject or the respective company itself or we receive it from another company of the Abacus Group, from third parties such as other business partners (e.g.
customers, suppliers or other service providers), public authorities or from publicly accessible sources (e.g. public telephone, address and trade directories, public notices or databases, the Internet, trade, cooperative or association registers). The data provided by you or the relevant company, for example when making an enquiry, registering,
obtaining a quote, entering into a contract, completing a questionnaire or otherwise communicating with us, may be as follows:
- Contact details including full name, position, company, address, telephone, email address
- Contractual data arising from pre-contractual measures or the fulfilment of a contract, including delivery data
- Payment data, including bank details, payment history, credit card data, debit card data, access data, as well as other data for smooth payment transactions
- Content data including entries in our CRM or project system, in contact forms, data of a conducted communication via email or another form of communication
- Registration data (such as user name and password) when using offers requiring registration or login
- Data for the prevention of fraud, money laundering or other criminal offences
- All data in connection with an application or employment as an employee with regard to the profession, the previous employer, the professional career including certificates and further training, all data that are provided or may be legitimately collected and processed in the context of an application procedure or employment relationship
- Sensitive data such as health data, which is only collected by us with the explicit, prior consent of the data subject, which can be revoked at any time, or where there is a legal obligation to process it
- Data on the company for which a person works
- Data as described above when using one of our websites
Data obtained through other companies, public authorities or publicly available sources, such as:
- Credit information
- Contact data (name, company, postal addresses, email addresses, telephone numbers, publicly accessible data as can be seen in the commercial register) from credit agencies that are used within the legal framework for an advertising approach
- Data from banks or insurance companies in connection with the fulfilment of a legal or contractual obligation
- Data from judicial or official proceedings
- References from previous employers or business partners
- Data related to fraud and money laundering prevention or screening related to export restrictions
- Data from publicly accessible sources such as the internet, the press or public registers such as the commercial register
For what purposes is data processed and on what legal basis?
Data is processed for different purposes and on the basis of different legal bases:
- Carrying out pre-contractual measures in the context of an application or in connection with the conclusion of contracts with customers or other business partners, such as when preparing an offer. Due to their function at the contractual partner, data of their employees is also processed, in which we have the legitimate interest of a successful
- Processing of employee data based on contract, legal obligation, given consent or legitimate interests
- Provision of contractual services and customer care in the fulfilment of contracts, implementation of contractual measures, payments and accounting, guarantee of contractual claims. Due to their function at the contractual partner, data of their employees is also processed, in which we have the legitimate interest of a successful business
- Processing of contact requests based on the legitimate interest of customer satisfaction or pre-contractual measures
- Communication with the media based on a legitimate interest in successful business development
- Sending personalised newsletters, carrying out other marketing measures, sending Christmas mail/gifts as well as internal market and opinion research to address customers in an advertising manner with regard to our companies and services in order to increase sales after consent has been granted or in special cases due to justified interests in
direct marketing within the framework of existing legal requirements
- Exchange information and maintain contact with the press on the basis of legitimate interests of successful business development
- Improvement of our online offers, products, and services due to legitimate interests of a successful business development
- Collection of data from publicly accessible sources on the basis of legitimate interests for customer acquisition
- To establish, maintain and protect the operation and security of our IT, online offering, products, services and other offerings, based on legitimate interests to prevent potential security threats, criminal offences, or other adverse activities
- Video surveillance to safeguard domiciliary rights and damage prevention and other IT security measures to protect persons, intangible assets and tangible assets
- Compliance with internal policies or industry standards due to legitimate interests to comply with specified regulations
- Enforcing contracts, settling, asserting or defending legal claims in judicial or official proceedings based on our legitimate business interests
- Mergers, transfers, and acquisitions of companies, parts thereof or business divisions, as well as other transactions under company law, including the transfer of data on the basis of legitimate interests of successful business development or after consent has been granted
- Provision of certain online services for the management of customers and business partners and communication in the context of the use of online services requiring registration (including orders, payments, document management, other information) on the basis of legitimate business interests
- Enabling participation in interactive functions of our online offer due to legitimate interests upon request
- Obtaining references as part of an application procedure after consent has been given
- Verification of identity in order to be able to fulfil rights and obligations under data protection law, due to legal obligation
- Credit assessments based on (pre-) contractual relationships or after consent has been given
- Other data processing after consent has been given
- Fulfilment of legal obligations and due diligence for the prevention or investigation of criminal offences, economic crime or money laundering
- To fulfil the purposes you specified when you provided the data or that we notified you of when we collected the data
- In addition, data from different sources are brought together, which can also be processed for the purposes listed above. This allows us to compare, match and use customer or sales partner data from the individual companies within the Abacus Group and manage it in a central system. For current and correct delivery and address data, we may match
existing data with other sources, correct it if necessary and use it; this is due to legitimate business interests
Data transfers to the U.S. or to third countries without an adequate level of data protection
a member state of the EU/EEA, we expressly point out that the U.S. does not have an adequate level of data protection from the point of view of Switzerland and the EU and EEA. In the case of data transfers to a company in the U.S., there is a possibility that data could also be processed in the U.S. In this regard, we inform you that companies in
the U.S. may be obliged to hand over data to security authorities due to regulations in force there. In this respect, data subjects currently do not have sufficient legal remedies to take action. We therefore cannot rule out the possibility that U.S. authorities (such as intelligence services) may process, evaluate or store such data in the U.S.
for monitoring purposes without us being able to influence For data processed in a third country that does not have an adequate level of data protection, DeepCloud provides appropriate safeguards such as the conclusion of standard data protection clauses (adapting necessary contractual and technical measures) to ensure legally compliant data
transfer abroad. Only in individual cases is recourse made to the legally possible exceptions, such as the explicit consent of the data subject for a data transfer to a third country without an adequate level of data protection.
Time limits for the deletion or blocking of data
us newsletters, when we perform a contract or a continuing obligation, for as long as you have given us permission to store the data, for as long as any obligations exist or are owed to us, for as long as a particular legal situation requires, such as with regard to legal disputes, limitation periods or official investigations, or for as long as
you were notified when the data was collected. In addition, legislation has provided for a variety of documentation and retention obligations and periods, so that if such a legal obligation for retention or documentation exists, we also store data – possibly limited – for a correspondingly long period of time. In Switzerland, for example, there are
retention obligations under tax or commercial law of up to 10 years, as well as possible retention obligations of 30 years due to existing statutes of limitation, plus obligations under special laws. For this reason, an examination of the respective storage period takes place in each individual case for the corresponding data processing. After
exercising your right of revocation or objection, after the stated purposes have been achieved or after the expiry of existing tax or commercial law, other legal or contractual documentation and storage obligations and periods, we will delete your data or, if permissible, restrict its processing, unless you have consented to further use of your
data or we have expressly reserved the right to use data beyond this, as permitted by law or contract, about which we will inform you accordingly.
seriously and treat your data confidentially and in accordance with the statutory regulations. To this end, we have taken technical and organisational measures to ensure a level of protection appropriate to the risk. These measures may include the pseudonymisation and encryption of data, security measures relating to the confidentiality, integrity,
availability and resilience of systems, the ability to rapidly restore the availability of and access to data in the event of a physical or technical incident, and the regular review, assessment and evaluation of the effectiveness of technical and organisational measures to ensure the security of processing. We want to protect your data from loss,
misuse, alteration or destruction and unauthorised access in accordance with the state of the art. The safety standard is continuously adapted to the latest technological developments. Our employees and contracted service providers are bound to confidentiality and act within the framework of our instructions. It is possible that emails are sent in
unencrypted form (i.e. that they are immediately readable without any required prior decryption), especially if you cannot access encrypted emails yourself. Such unencrypted emails are exposed to a greater risk than encrypted emails, which is why we hereby expressly advise you not to send any confidential information such as application documents
without encryption. When using website forms or in the context of email communication with us, your data will be transmitted encrypted according to the current state of the art when it is sent. Our website including the areas requiring registration and login are secured (https). Keep in mind that security gaps can never be completely ruled out when
transmitting data on the Internet. We cannot guarantee 100% security of all systems, especially when using our websites. We accept no liability for unauthorised actions by unauthorised third parties.
Decisions based solely on automated processing, including profiling
employees in the HR department. As a matter of principle, when concluding a contract or executing it, no decisions are made exclusively on the basis of automated processing which would produce legal effects against you or which would significantly affect you in a similar way. We will inform you in advance if this should take place in individual
cases and ensure that data processing is lawful.
case national law of another state is applicable to data subjects. DeepCloud will review this on a case-by-case basis and will carry out the data processing that takes place within the framework of the respective legal requirements.
- Right to access
- Right of rectification
- Right to erasure
- Right to restriction of processing
- Right to object
- Right to data portability
Furthermore, you have the right to assert your claims in court and to complain to a data protection supervisory authority about the processing of your data by us. We will comply with your request for deletion unless it conflicts with an obligation to retain data or we need the data to assert, exercise or defend our legal claims. You can revoke your
consent to the processing of your data at any time for the future. Such a revocation shall not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. If we base the processing of your data on our legitimate interests or those of a third party following a balancing of interests, you may object to such
processing. In such a case, we will review your objection and either stop or adapt the data processing or show you our compelling interests worthy of protection why we want to continue the processing. These must override your interests, rights and freedoms or the processing must serve the assertion, exercise or defence of legal claims. Should we
process your data in order to conduct direct advertising with it, you have the right to object to this processing of your data for the purpose of direct advertising at any time. This also applies to any profiling that may take place if it is connected with such direct advertising. In such a case, we will stop this data processing. You are not
obliged to provide us with your data. However, it is possible that certain functions of our website will not be available or will only be available to a limited extent if you do not provide any data. Furthermore, it is possible that no contractual relationship can be entered into with you without the corresponding data. If you have any questions
about data protection or if you wish to exercise your rights, withdraw consent or object to data processing, please contact us using the contact details provided above under “Responsible party”. We have appointed a data protection officer for DeepCloud. They are available at:
If you have any questions about data protection, please feel free to contact us at any time.