Logo de Icube SA à Bulle

Privacy Policies

 

1. Preamble

Respecting privacy is of utmost importance to us, including ensuring adequate protection of your personal data entrusted to us. This document explains our policies with regards to personal data and how we process it. These Privacy Policies apply to (and are an integral part of) Icube’s contracts, either when such contracts list such policies, or when it is referred to in a letter.

 

2. As data controller for contract execution

The personal data typically involved constitutes ‘business information’. It relates to identified or identifiable individuals, such as name, phone number, address, email, and function within the customer’s organisation. It may also include technical information, such as an IP address, as well as bank details for payment purposes. In order to meet contract performance obligations and ensure that services meet high quality standards, we collect, store, and process limited (i.e. only to the extent necessary) personal data of our customers, in order to manage customers relationships, process purchase orders and contracts, provide services, bill, and support services to our customers. It further includes security and technical operations, communication, quality or similar services. Such is the sole purpose of processing of our customers’ personal data. In some cases, when contractual obligations make it necessary, the management of personal data of our customers may also include analyses and statistics, both for quality, security, reporting and invoice verification.

 

3. As data processor for our customers

As processor of our customer’s data (including customer’s content), we handle exclusively such data if outsourced services are in scope of the contractual obligations. In such a case, the customer is the appointed data controller (including all related obligations), and we process data in accordance with the stated contract. We fulfill our obligations in accordance with the Swiss Data Protection laws and also, where applicable, the EU Regulation 2016/679 (General Data Protection Regulation – GDPR). We reasonably cooperate with our customers in their fulfilment of any legal requirement, including providing access to personal data, or compliance inspection and audit requests, or when a transfer abroad necessitates additional agreement to protect personal data.

Content data that customers entrust us with by using services, is neither read, modified nor evaluated by us without customer’s knowledge. Technical and organisational security measures are in place to protect it from unlawful access by third parties. We have no influence over the security of customer content data when it is transferred via public networks. Whenever technically feasible and upon customer’s request, specific security measures could be added to the usual services, such as data encryption. Such are at customer’s choice and necessitate prior agreement by both parties. Upon customer’s request, we return or destroy customer’s content data, no later than one year following expiry or termination of services.

We only disclose customers’ data to public authorities when we are legally obliged to do so.

 

4. Third parties

 

When a third party is involved with the performance of services, we may need to provide customer data. In such cases:

  • Third parties may be granted limited and controlled access to the personal data required for business processes, e.g. for the purpose of debt collection or maintaining IT operation
  • We require our third parties to deal with data protection in accordance and compliance to the applicable law,
  • We will only disclose information that is necessary for the relevant services
  • We inform you when we use a subcontractor who would have access to personal data.

 

Icube Privacy Policies, version of december 2020