Privacy Policies
1. PREAMBLE
Protecting privacy is of utmost importance to us, including ensuring adequate protection of personal data we receive. This document explains our policies with regards to OpsFintech solution, including how we handle personal data, the data we collect, the purposes of processing, and the legal basis for such processing. Our OpsFintech solution is built with “privacy by design”. These Privacy Policies apply as an integral part of our contracts.
2. GENERALITIES
We are committed to complying with Swiss Data Protection Act (DPA), or standards of EU General Data Protection Regulation (GDPR) as applicable. We also acknowledge the importance of cooperating with our clients to fulfill any legal requirements, including responding to data subjects' requests, providing access to personal data, providing adequate support with regulatory inspection and audit requests, and ensuring additional agreements for international data transfers to protect personal data.
Under the express and explicit condition that no personal data or client name can be identified, we may use generic data, related to all CCN Solutions clients, to create statistical figures for the purposes of analyzing and improving our services.
3. ACTING AS DATA CONTROLLER
When we act as a data controller, we collect and manage certain personal information, commonly referred to as "business information." This includes personal data that our clients share with us, such as names, phone numbers, addresses, emails, and functions within organizations. It may also include technical information like IP addresses and bank coordinates for payment purposes.
We process this personal data solely to fulfill our contractual obligations, manage commercial relationships, process purchase orders and contracts, provide products and services, invoice, and support services. Our data processing activities include implementing security and technical measures to safeguard personal data. We also handle analytics and statistics related to contractual obligations, quality, security, reporting, and billing activities.
4. ACTING AS DATA PROCESSOR FOR SOME OF OUR CLIENTS
When the services we provide include storing, hosting, or managing client content data, we then also act as the data processor, while the client remains the data controller and owner of the content data.
As a data processor, we exclusively process personal data as a subcontractor of the client and in accordance with the applicable contractual conditions or as necessary to fulfill our contractual obligations. The entrusted content data is not read, modified, or evaluated by us without the client's knowledge or logs registration. We implement technical and organizational security measures aligned with high industry standards to protect the content data from unlawful access by third parties. We cannot influence the security of client content data during network transit. Upon request, where technically feasible, we can propose additional security measures.
We destroy client content data no later than 180 days following the expiry or termination of services. Alternatively, upon the client's request, we can promptly return the data. Disclosure of client content data to public authorities will only occur when we are legally obligated to do so.
5. TOWARDS THIRD PARTIES
In certain cases, we may need to involve third parties in service performance, requiring access to client data. When this happens:
· Third parties are granted limited and controlled access to personal data only for necessary business processes, such as debt collection or IT maintenance operations
· We require third parties to strictly adhere to applicable data protection laws and regulations
· We disclose only the minimum amount of information necessary for the provision of services.
If we engage a new third party to access client personal data, we will inform clients in writing beforehand. If a client disagrees with such an arrangement, both parties will explore alternative options, including a potential termination right for the client if no satisfactory alternative is found.
For any questions related to personal data, you can contact us at the following email address: info@opsfintech.com. You can also reach us by mail at our company address.
Version : December 2023
Copyright © 2024 Opsfintech® a CCN Solutions product. All rights reserved.