Fluxim AG Privacy Policy

1. Introduction

Fluxim AG respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.

2. Data Collection

  • We collect the following categories of personal data:

  • Personal identifiers (e.g., name, email address)

  • Professional information (e.g., job title, company name)

  • Transaction information (e.g., record of Fluxim AG products you have purchased, purchasing and payment information)

  • Technical data (e.g., the version of our software you are using)

  • User-generated content (e.g., other information you upload or provide to us, details of interactions with you as a customer)

  • Recruitment data (e.g., personal data and documents in relation to job applications)

  • Cookies and similar technologies

3. Data Use

We use your personal data for the following purposes:

Communication: This includes sending important account updates, responding to inquiries, or providing customer support. It may also be used for marketing purposes, such as sending newsletters or promotional offers if you have opted in to receive these.

Customer Support: This involves understanding your preferences and needs, offering upgrades or related products, and providing technical support.

Service Improvement: We analyze user interactions and feedback to improve our products and services.

Recruitment: Job application data is used exclusively for recruitment purposes.

Fraud Prevention: We use purchasing and payment information to detect and prevent fraudulent activity.

4. Data Sharing

We may share your personal data with our distributors, when required by law, or as necessary to protect our rights. We ensure all recipients are compliant with data protection laws.

5. Data Storage

We store personal data in several distinct locations. First and foremost, we house a portion of the data on our secure internal server. However, we also utilize third-party services, such as Mailchimp and Zoho, which store information on servers in the USA and several other locations worldwide.

Mailchimp, whose servers are located in various locations around the globe, houses some of our customers' and newsletter subscribers and unsubscribers personal details. Mailchimp commits contractually to the Standard Contractual Clauses (SCCs), enabling it to lawfully process and transfer users' European data in compliance with European data protection law, including the General Data Protection Regulation (GDPR), outside of Europe and into the United States.

Our Customer Relationship Management (CRM) system, hosted by Zoho in the USA, also contains personal details. Zoho implements robust data security measures, including the encryption of customer data both in transit and at rest using industry-standard AES-256 encryption. Zoho's security measures also include the use of Transport Layer Security (TLS) 1.2/1.3 with Perfect Forward Secrecy (PFS) to protect data from unauthorized modification or disclosure during transmission over public networks. Access to customer data within Zoho is limited to a small number of our employees who require access to provide technical support.

6. Data Protection

We implement a variety of technical measures to safeguard personal data:

Encryption: Data is password protected at rest on our internal server and encrypted by the ESP in transit.

Firewalls: These tools help us monitor and block suspicious network traffic, effectively preventing unauthorised network access.

Secure Sockets Layer (SSL) or Transport Layer Security (TLS): We employ these protocols to ensure secure data transmission over the internet.

Regular Security Updates and Patch Management: To address any identified security vulnerabilities, we regularly update our systems and software.

7. Data Retention

We retain customer information for the duration of the account's lifetime. When contact details change and we are informed of such changes, we update the account details and overwrite the old information. We review old accounts every six years and delete or amend those that are no longer necessary for providing our service. For non-customer account data, we delete or anonymize personal information when it no longer serves the purposes for which it was collected.

8. International Data Transfers

Occasionally, we may securely transfer the names of potential customers to the relevant distributor, who is contractually obligated to service the designated country. We also receive information from other countries to assist with service requests. Please note that these inbound requests are treated as business-to-business (B2B) customers, and we believe such data processing activities fall under the 'legitimate interests' provision of the GDPR and other relevant data protection laws. However, we continually ensure that our legitimate interests do not override your rights and freedoms.

9. User Rights

You have the right to access, correct, delete, or restrict your data. To exercise these rights, please contact us by email. We will respond in accordance with applicable data protection laws.

10. Cookies and Tracking Technologies

Please refer to our Cookie Policy

11. Data Protection Officer

While we don't have a dedicated DPO, all enquiries regarding data protection or the information we hold on you can be sent by email or post to:

Subject: Data Protection Enquiry

Email: info@fluxim.com

Address: Fluxim AG

Katharina-Sulzer-Platz 2

CH-8400 Winterthur

Switzerland

12. Policy Updates

We may update this policy from time to time. Please review it regularly to stay informed about how we use your personal data. Any changes to this Privacy Policy will be posted on our website and, where appropriate, we will notify you of the changes for your acknowledgment and agreement. Please note that your continued use of our services after any change means that you agree with, and consent to be bound by, the new Privacy Policy. If you disagree with any changes in this policy, then you will need to stop using our services.

Complaints

If you feel that your personal data has been processed in a way that does not meet this Privacy Policy or if you are not satisfied with our response to any requests you have made regarding the use of your personal data, you have the right to lodge a complaint with the relevant Data Protection Authority.

Date of Last Update

This policy was last updated on 22/06/2023.

Deleted pages will be redirected to our 404 page.