Privacy Policy
1. Introduction
We care about the protection of your personal data. With this Privacy Policy, we explain how we process personal data within the Netrics Holding AG group of companies. Our aim is to provide you with a clear and transparent overview of what data we collect, why we use it, how we protect it, and which rights you have.
We comply with the requirements of the Swiss Federal Act on Data Protection (FADP) and, where applicable, the EU General Data Protection Regulation (GDPR).
2. Controller and Contact Details
Netrics AG, Bern
Morgenstrasse 129
3018 Bern
Switzerland
Netrics AG, Biel/Bienne
Tennisweg 6
2504 Biel/Bienne
Switzerland
Netrics AG, Thun
Aumattweg 66
3613 Steffisburg
Switzerland
Netrics AG, Zurich
Sägereistrasse 33
8152 Glattbrugg
Switzerland
Garaio AG
Weltpoststrasse 5
3015 Bern
Switzerland
Solify GmbH
Zelglistrasse 6
8311 Brütten
Switzerland
If you have any questions about data protection or wish to exercise your rights, you may contact our Data Protection Officer:
Netrics AG
Data Protection Officer
Tennisweg 6
2504 Biel/Bienne
Switzerland
Email: privacy@netrics.ch
3. How We Collect and Use Personal Data
3.1 When We Collect Personal Data
We collect personal data in particular when you:
- visit our websites
- subscribe to or unsubscribe from our newsletter
- contact us by phone, email, contact form, ticketing system or via social media
- submit a job application or participate in a recruitment process
3.2 Purposes for Which We Use Personal Data
We use personal data for the following purposes:
- to communicate with you and respond to your enquiries
- to provide and improve our services and information
- to manage recruitment processes and assess job applications
- to technically operate, maintain and optimise our websites, platforms and systems
- to develop and improve our offering and customer relationships
- for marketing purposes, where you have consented or where we have a legitimate interest in doing so
3.3 Legal Basis for Processing
Depending on the situation, we rely on different legal bases to process personal data, including:
- your consent (e.g. for newsletters or marketing cookies)
- the performance of a contract or steps taken prior to entering into a contract (e.g. handling support requests or job applications)
- legal obligations (e.g. retention duties)
- our legitimate interests (e.g. service optimisation, IT security, business communication)
3.4 Sharing Personal Data with Third Parties
We do not sell your personal data.
We only share personal data where necessary and permitted, for example:
- to service providers who support us with IT, hosting, application management, marketing or customer support
- if required by law or public authorities
- if you have given your consent
3.5 International Data Transfers
In certain situations, personal data may be transferred to countries outside Switzerland or the European Union. In such cases, we ensure that an adequate level of data protection is guaranteed, either through an adequacy decision or by implementing appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent protective measures.
3.6 Data Retention
We retain personal data only for as long as necessary to fulfil the purpose for which it was collected or as long as we are legally required to retain it. After the relevant retention period ends, the data is deleted or anonymised. The duration depends on the type of data, purpose of processing, and statutory requirements.
3.7 How We Protect Personal Data
We take data security seriously and use appropriate technical and organisational measures to protect personal data against unauthorised access, misuse, loss or disclosure. These include:
- strict access controls
- encryption technologies
- firewalls and security systems
- role-based permissions
- regular security reviews
3.8 Use of Data Processors (Service Providers)
We work with carefully selected external companies that process personal data on our behalf. These providers are contractually obligated to process data only as instructed, solely for the agreed purpose, and to apply appropriate data protection and security measures.
4. Your Rights
You have the right to remain in control of your personal data. Subject to legal requirements, you may:
- request information about the personal data we process about you
- request the correction of inaccurate or incomplete personal data
- request the deletion of your personal data, unless retention is required by law
- request the restriction of processing
- receive your personal data in a commonly used electronic format or request that it be transferred to another organisation
- object to processing, where our processing is based on legitimate interests
- withdraw your consent at any time, where processing is based on consent (e.g. newsletter or marketing cookies)
To exercise your rights, we may require proof of identity to ensure that requests are made by the correct individual.
If you believe that your personal data is not being processed lawfully, you have the right to lodge a complaint with a data protection authority.
5. Data Collected via Our Website
5.1 Server Log Data
When you visit our website, certain technical information is automatically collected. This includes:
- browser type and version
- operating system used
- referrer URL (previous page visited)
- IP address of the device used
- date and time of the request
5.2 Cookies and Consent Management
Our website uses cookies and similar technologies. Some cookies are essential for the website to function correctly. Others help us improve the website or show relevant information.
We only use non-essential cookies if you have provided your consent through the cookie banner. You can adjust or withdraw your consent at any time via the cookie settings or your browser.
5.3 Contact via Website Forms
If you contact us via a form on our website, we use your personal data only to process your enquiry and for possible follow-up communication. We retain this data only as long as needed to respond to your request, unless legal obligations require longer retention.
5.4 Job Applications (via rexx Systems)
If you apply for a job with us, your personal data is processed using an external application platform provided by:
rexx Systems GmbH
Süderstrasse 75–79
20097 Hamburg, Germany
Privacy Policy: https://www.rexx-systems.com/datenschutz/
Your personal data is processed exclusively for the purpose of the recruitment process and is accessible only to authorised individuals involved in the hiring process. Data is stored on servers in Germany. After completion of the recruitment process, your data will be deleted unless legal retention duties apply or you provide consent for longer storage.
5.5 Self-Service Customer Portal (Atlassian Jira)
To manage support requests, we use a self-service customer portal based on “Jira” provided by:
Atlassian B.V.
Vijzelstraat 68-72
1017 HL Amsterdam, Netherlands
Other Atlassian legal entities are located in the USA and Australia.
Privacy Policy: https://www.atlassian.com/legal/privacy-policy
Through this portal, you may submit and track support tickets. We process the information you provide within the ticket as well as technical access data. Data is typically stored in data centres within the EU. If data is transferred to other countries, we ensure that an adequate level of protection is in place.
6. Analytics and Marketing Tools
6.1 Google Analytics
We use Google Analytics to better understand how visitors use our website and to improve user experience. This service is provided by:
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4, Ireland
and
Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043, USA
Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en
Google Analytics collects usage data such as page views and time spent on the website. Your IP address is anonymised before being transmitted to Google. We only use Google Analytics if you have given consent. You can withdraw your consent at any time through the cookie settings.
6.2 HubSpot
We use HubSpot for our website management, customer communication and marketing activities. This includes the use of forms, newsletters, downloads, CRM, reporting and marketing automation. The service is provided by:
HubSpot Ireland Limited
2nd Floor, 30 North Wall Quay
Dublin 1, Ireland
and
HubSpot, Inc.
25 First Street, 2nd Floor
Cambridge, MA 02141, USA
Privacy Policy: https://legal.hubspot.com/privacy-policy
Cookie Policy: https://legal.hubspot.com/cookie-policy
Data is primarily stored in the EU. If personal data is transferred to the USA, appropriate safeguards are used. We do not use HubSpot for automated decision-making with legal effects. Marketing segmentation and personalisation may occur only if you have consented.
7. Newsletter
To receive our newsletter, we require your email address and your consent. You may withdraw your consent at any time by using the “unsubscribe” link in the newsletter. Once you unsubscribe, we delete your data unless legal retention duties apply.
8. Embedded External Services (Plugins and Tools)
8.1 YouTube
We embed videos using YouTube. The service is provided by:
YouTube, LLC / Google LLC
901 Cherry Ave.
San Bruno, CA 94066, USA
Represented in Europe by:
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4, Ireland
Privacy Policy: https://policies.google.com/privacy
When you start a YouTube video, a connection is established to YouTube’s servers and information about the page you are visiting is shared. If you are logged into your YouTube account, the information may be linked to your profile. We only embed YouTube content if you have consented through the cookie banner.
8.2 Mapbox
We use Mapbox to display interactive maps:
Mapbox, Inc.
740 15th Street NW, 5th Floor
Washington, DC 20005, USA
Privacy Policy: https://www.mapbox.com/legal/privacy
Mapbox processes data such as your IP address and usage behaviour. Mapbox is only used if you provide consent through the cookie banner.
8.3 Microsoft Bookings
To offer convenient online appointment scheduling, we use Microsoft Bookings, a service provided by:
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399, USA
Represented in Europe by:
Microsoft Ireland Operations Limited
One Microsoft Place
South County Business Park
Leopardstown, Dublin 18, Ireland
Privacy Statement: https://privacy.microsoft.com/en-gb/privacystatement
You may choose to schedule appointments via Microsoft Bookings. Use of this tool is voluntary. You may also contact us by email or phone to arrange appointments. Personal data is used solely for arranging and managing the appointment.
9. Social Media
We maintain pages and profiles on various social media platforms to communicate with interested parties and clients. When you visit our social media pages, the respective platform processes personal data under its own responsibility and in accordance with its privacy notice.
In some cases, we receive anonymised statistics that help us understand how our page is used and how we can improve our content. For certain platforms (e.g. LinkedIn or Meta), there may be joint responsibility regarding specific data processing activities.
10. Data Protection Authorities (Switzerland & EU)
If you believe that we are not handling your personal data correctly, you have the right to lodge a complaint with a supervisory authority.
In Switzerland, the competent authority is:
Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1, 3003 Bern, Switzerland
For GDPR-related complaints within the EU, you may contact any European data protection authority. We recommend contacting:
Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59–61, 10555 Berlin, Germany
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time, for example if our data processing activities change or if legal requirements are amended. The latest version, as published on our website, is the one that applies.