Last Modified: Nov 09, 2020
The data controller of www.nevis.net is Nevis Security AG, Birmensdorferstrasse 94, 8003 Zürich, Switzerland. Where a registration form is presented on this website, the data controller may vary depending on the actual offering or the purpose of the data collection, but it is, in any case, displayed on the individual registration form’s privacy statement.
Name of DPO: Akos Kovacs
E-Mail of DPO: firstname.lastname@example.org
General Note on Data Protection
The short version
This website stores and processes personal data wherever it is necessary to display the required content, to offer the requested information and services, and improve the customer experience. We do not collect personal data without necessity and as far as possible voluntarily.
The long version
We collect your personal data when you use our Website, provide us with information via a web form, or otherwise interact with us. We also collect personal data from other sources.
Among the types of Personal Data that this Website collects, by itself or through third parties, there are Cookies; Usage Data; email address; phone number; first name; last name; gender; company name; profession; country; the number of employees; website; various types of Data; Data communicated while using the service.
Personal Data may be freely provided by you, or, in case of Usage Data, collected automatically when using this Website.
You are responsible for any third-party Personal Data obtained, published, or shared through this Website and confirm that you have the third party's consent to provide the Data to Nevis.
Insofar as we obtain your consent for the processing of personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is required to fulfill a contract to which you are a party, Article 6 (1) (b) GDPR serves as a legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is required to fulfill a legal obligation to which our company is subject, Article 6 (1) (c) GDPR serves as a legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights, and freedoms of you do not outweigh the first-mentioned interest, Article 6 (1) (f) GDPR serves as the legal basis for processing.
Legitimate interests can, in particular, be:
We process your personal data for various purposes and based on several different legal bases that allow this processing. For example, we process your personal data to provide and improve our Services, to provide you with a personalized user experience on this website, to contact you about our Services, to provide you with personalized advertising and marketing communications, to manage data collection and online surveys and registration and authentication provided directly by this Website and to detect, prevent, mitigate and investigate fraudulent or illegal activity. We also share your information with third parties, including service providers acting on our behalf, for these purposes. In addition, we may share your personal data among Nevis group companies in order to fulfill our contract with you.
Nevis Partners and Processors
We may share data with trusted Nevis partners to contact you based on your request to receive communication, information, or provide customer support. Such third parties are prohibited from using your Personal Information except for these purposes, and they are required to maintain the confidentiality of your information.
If we (or our assets) are acquired by another company, whether by merger, acquisition, bankruptcy or otherwise, that company would receive all information gathered by Nevis on the Websites and the Subscription Service. In this event, you will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your Personal Information, and choices you may have regarding your Personal Information.
We reserve the right to use or disclose your Personal Information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.
Some recipients of your personal data are located outside your country or have offices in countries where data protection laws may provide a different level of protection than the laws in your country. When transferring personal data to such recipients, we provide appropriate safeguards.
In particular, you must anticipate your data to be transmitted to any country in which the Nevis-Group is represented by affiliates, branches, or other offices, as well as to other countries in Europe and the USA where our service providers are located. If we transfer data to a country without adequate legal data protection, we ensure an appropriate level of protection as legally required by way of using appropriate contracts (in particular on the basis of the standard contract clauses of the European Commission), or we rely on the statutory exceptions of consent, the performance of contracts, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the persons concerned.
We process and retain your personal data as long as required for the performance of our contractual obligation and compliance with legal obligations or other purposes pursued with the processing, i.e., for the duration of the entire business relationship (from the initiation, during the performance of the contract until it is terminated) as well as beyond this duration in accordance with legal retention and documentation obligations. Personal data may be retained for the period during which claims can be asserted against our company or insofar as we are otherwise legally obliged to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymized to the extent possible.
Personal Data is collected and processed for the following purposes and using the following services:
We use Navigational Information to operate and improve the Websites and to provide you with a better experience when you interact with Nevis. We may also use Navigational Information alone or in combination with Personal Information to provide you with personalized information about Nevis. Navigational Information, such as IP address, is used to approximate your location. For example, we may use your approximate location to provide content that has been translated or send emails at certain times using your local time zone.
You may disable the collection and use of your location data through browser-, operating system- or device-level settings.
We post customer testimonials and comments on our Websites, which may contain Personal Information. We obtain each customer's consent prior to posting the customer's name and testimonial.
Use of Payment Information
We use HubSpot on this page, which has a variety of security technologies and procedures to help protect your Personal Information from unauthorized access, use, or disclosure. We secure the Personal Information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. All Personal Information is protected using appropriate physical, technical, and organizational measures. For more on Security at HubSpot, please see https://www.hubspot.com/security. HubSpot is our processor and is commissioned by us to process your data for us within the scope prescribed by law for this purpose.
This type of service allows User Data to be utilized for advertising communication purposes. These communications are displayed in the form of banners and other advertisements on this Website, possibly based on User interests.
This does not mean that all Personal Data are used for this purpose. Information and conditions of use are shown below.
Some of the services listed below may use Trackers to identify Users, or they may use the behavioral retargeting technique, i.e., displaying ads tailored to the User’s interests and behavior, including those detected outside this Website. For more information, please check the privacy policies of the relevant services.
In addition to any opt-out feature offered by any of the services below, Users may opt-out by visiting the Network Advertising Initiative opt-out page.
You may also opt-out of certain advertising features through applicable device settings, such as the device advertising settings for mobile phones or ads settings in general.
LinkedIn Ads (LinkedIn Ireland Unlimited Company)
The services contained in this section enable us to monitor and analyze web traffic and can be used to keep track of User behavior.
Google Analytics (Google Ireland Limited)
Google Analytics is a web analysis service provided by Google Ireland Limited (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
HubSpot Analytics (HubSpot, Inc.)
HubSpot Analytics is an analytics service provided by HubSpot, Inc.
Facebook Ads conversion tracking (Facebook pixel) (Facebook Ireland Ltd)
Facebook Ads conversion tracking (Facebook pixel) is an analytics service provided by Facebook Ireland Ltd that connects data from the Facebook advertising network with actions performed on this Website. The Facebook pixel tracks conversions that can be attributed to ads on Facebook, Instagram, and Audience Network.
Twitter Ads conversion tracking (Twitter, Inc.)
Twitter Ads conversion tracking is an analytics service provided by Twitter, Inc. that connects data from the Twitter advertising network with actions performed on this Website.
Google Ads conversion tracking (Google Ireland Limited)
Google Ads conversion tracking is an analytics service provided by Google Ireland Limited that connects data from the Google Ads advertising network with actions performed on this Website.
Contact form (this Website)
By filling in the contact form with their Data, you authorize Nevis to use these details to reply to requests for information, quotes, or any other kind of request, as indicated by the form’s header.
Phone contact (this Website)
If you provide your phone number, we might contact you for commercial or promotional purposes related to this Website, as well as for fulfilling support requests.
Mailing list or newsletter (this Website)
By registering on the mailing list or for the newsletter, your email address will be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning this Website. Your email address might also be added to this list as a result of signing up to this Website or after making a purchase and provided you do not object to receiving advertising emails.
This type of service allows you to view content hosted on external platforms directly from the pages of this Website and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.
Google Fonts (Google Ireland Limited)
Google Fonts is a typeface visualization service provided by Google Ireland Limited that allows this Website to incorporate content of this kind on its pages.
Font Awesome (Fonticons, Inc. )
Font Awesome is a typeface visualization service provided by Fonticons, Inc. that allows this Website to incorporate content of this kind on its pages.
Vimeo video (Vimeo, LLC)
Vimeo is a video content visualization service provided by Vimeo, LLC, that allows this Website to incorporate content of this kind on its pages.
YouTube video widget without cookies (Google Ireland Limited)
YouTube is a video content visualization service provided by Google Ireland Limited that allows this Website to incorporate content of this kind on its pages.
This widget is set up in a way that ensures that YouTube won't store information and cookies about Users on this Website unless they play the video.
Unless otherwise specified, this Website processes any payments by credit card, bank transfer, or other means via external payment service providers. In general, and unless where otherwise stated, Users are requested to provide their payment details and personal information directly to such payment service providers. This Website isn't involved in the collection and processing of such information: instead, it will only receive a notification by the relevant payment service provider as to whether payment has been successfully completed.
ChargeBee (ChargeBee Inc.)
ChargeBee is a payment service provided by ChargeBee Inc.
2.6. Managing contacts and sending messages
This type of service makes it possible to manage a database of email contacts, phone contacts, or any other contact information to communicate with the User.
These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.
HubSpot Email (HubSpot, Inc.)
HubSpot Email is an email address management and message sending service provided by HubSpot, Inc.
This type of service allows this Website to manage the creation, deployment, administration, distribution, and analysis of online forms and surveys in order to collect, save, and reuse Data from any responding Users.
The Personal Data collected depends on the information asked and provided by the Users in the corresponding online form.
These services may be integrated with a wide range of third-party services to enable the Owner to take subsequent steps with the Data processed - e.g., managing contacts, sending messages, analytics, advertising, and payment processing.
SurveyMonkey (SurveyMonkey Europe UC)
SurveyMonkey is a survey builder and data collection platform provided by SurveyMonkey Europe UC.
By registering or authenticating, Users allow this Website to identify them and give them access to dedicated services. Personal Data is collected and stored for registration or identification purposes only. The Data collected are only those necessary for the provision of the service requested by the Users.
Direct registration (this Website)
The User registers by filling out the registration form and providing the Personal Data directly to this Website.
This type of service allows this Website and its partners to inform, optimize, and serve to advertise based on past use of this Website by the User.
This activity is facilitated by tracking Usage Data and by using Trackers to collect information, which is then transferred to the partners that manage the remarketing and behavioral targeting activity. Some services offer a remarketing option based on email address lists. In addition to any opt-out feature provided by any of the services below, Users may opt-out by visiting the Network Advertising Initiative opt-out page.
You may also opt-out of certain advertising features through applicable device settings, such as the device advertising settings for mobile phones or ads settings in general.
Google Ads Remarketing (Google Ireland Limited)
Google Ads Remarketing is a remarketing and behavioral targeting service provided by Google Ireland Limited that connects the activity of this Website with the Google Ads advertising network and the DoubleClick Cookie.
Twitter Remarketing (Twitter, Inc.)
Twitter Remarketing is a remarketing and behavioral targeting service provided by Twitter, Inc. that connects the activity of this Website with the Twitter advertising network.
Facebook Remarketing (Facebook Ireland Ltd)
Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook Ireland Ltd that connects the activity of this Website with the Facebook advertising network.
LinkedIn Website Retargeting (LinkedIn Corporation)
LinkedIn Website Retargeting is a remarketing and behavioral targeting service provided by LinkedIn Corporation that connects the activity of this Website with the LinkedIn advertising network.
This type of service helps the Owner to manage the tags or scripts needed on this Website in a centralized fashion.
This results in the Users' Data flowing through these services, potentially resulting in the retention of this Data.
Google Tag Manager (Google Ireland Limited)
Google Tag Manager is a tag management service provided by Google Ireland Limited.
This type of service allows this Website to distribute their content using servers located across different countries and to optimize their performance. Which Personal Data are processed depends on the characteristics and the way these services are implemented. Their function is to filter communications between this Website and the User's browser. Considering the widespread distribution of this system, it is difficult to determine the locations to which the contents that may contain Personal Information of the User are transferred.
Cloudflare (Cloudflare Inc.)
Cloudflare is a traffic optimization and distribution service provided by Cloudflare Inc.
The way Cloudflare is integrated means that it filters all the traffic through this Website, i.e., communication between this Website and the User's browser, while also allowing analytical data from this Website to be collected.
This type of service allows the Owner to build user profiles by starting from an email address, a personal name, or other information that the User provides to this Website, as well as to track User activities through analytics features. This Personal Data may also be matched with publicly available information about the User (such as social networks' profiles) and used to build private profiles that the Owner can display and use for improving this Website.
Some of these services may also enable the sending of timed messages to the User, such as emails based on specific actions performed on this Website.
HubSpot CRM (HubSpot, Inc.)
HubSpot CRM is a User database management service provided by HubSpot, Inc.
HubSpot Lead Management (HubSpot, Inc.)
HubSpot Lead Management is a User database management service provided by HubSpot, Inc.
Our customers can use the tools we provide, as well as tools provided by third parties, to collect Navigational Information when you visit their webpages on the Subscription Service. Nevis does not control our customers' use of these tools, nor do we control the information they collect or how they use it.
In accordance with and as far as provided by applicable law (as is the case where the GDPR is applicable), you have the right to access, rectification, and erasure of your personal data, the right to restriction of processing or to object to our data processing in addition to the right to receive certain personal data for transfer to another controller (data portability). You also have the right to withdraw a given consent at any time.
Please note, however, that we reserve the right to enforce statutory restrictions on our part. For example, if we are obliged to retain or process certain data, have an overriding interest (insofar as we may invoke such interests), or need the data for asserting claims. If exercising certain rights will incur costs on you, we will notify you thereof in advance.
In general, exercising these rights may require that you are able to prove your identity (e.g., by a copy of identification documents where your identity is not evident otherwise or can be verified in another way). To exercise any of these rights, please contact us by our contact form or postal mail to Nevis Security AG, Birmensdorferstrasse 94, 8003 Zürich, Switzerland, Attention: Privacy. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.
You may unsubscribe from our marketing communications by clicking on the "unsubscribe" link located on the bottom of our e-mails, updating your communication preferences, or postal mail to Nevis Security AG, Birmensdorferstrasse 94, 8003 Zürich, Switzerland, Attention: Privacy. Customers cannot opt-out of receiving transactional emails related to their account with us or the Subscription Service.
Our customers are solely responsible for their own marketing emails and other communications; we cannot unsubscribe you from their communications. You can unsubscribe from our customers' marketing communications by contacting them directly.
In addition, every data subject has the right to enforce his/her rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).