Data Protection Policy
In summary, on this web presence we introduce our company and promote our products and services, which shall empower you with seamless addition of integrity, authenticity and privacy to any kind of digital service (hereinafter “Vereign Services”).
I. OVERVIEW ABOUT OUR COMMITMENTS
II. NAME AND CONTACT DETAILS OF THE CONTROLLER
6300 Zug, Switzerland
III. LEGAL FRAMEWORK
Our data protection practice complies with applicable law including but not limited to the Swiss Data Protection Act (“Swiss DPA”) and its Ordinance (“Swiss DPO”). Also we are fully compliant with the General Data Protection Regulations (“GDPR”) of the European Union and its local adaptations including but not limited to the German Federal Data Protection Act (“Bundesdatenschutzgesetz”). We will continue to monitor and analyse further country specific data protection regulations outside of the European Union but so far we have identified the GDPR as sufficient and acceptable regulatory standard throughout the entire world.
As a matter of principle, we collect and use personal data as much as necessary to provide our services requested by you (Art. 6 para. 1 Lit. b GDPR). A notable exception applies where a contractual basis is not apparent and the processing of personal data can only be authorised via your explicit consent (Art. 6 para. 1 Lit. a GDPR). In such a situation we will explain to you the exact purposes and consequences of the concerned data processing and you may at any time retrieve your consent given to us. In no event will we sell your personal data to any third party for any business or political agenda.
IV. ALLOWED PURPOSES FOR COLLECTING AND PROCESSING YOUR PERSONAL DATA
1. CONTACT FORMS AND JOB OFFERINGS
On our website https://www.vereign.com/ we may provide you with:
a) CONTACT FORMS
We are providing you with the opportunity to get in touch with our team and in particular you may send us a respective email to firstname.lastname@example.org. Your provided contact details will be used exclusively to process and answer your query and potentially keep you up to date regarding further related developments. After you gave us your contact details, you may at any time retract your consent and object to any further usage.
b) ADVERTISED JOB OFFERINGS
On our website we may also provide you with the opportunity to apply for advertised job positions, within our company group. In case you choose to apply for such a particular job offering, we will use your name, contact details and all other provided information exclusively for the relevant application process. In case you choose to opt for “Send me further details about other vacancies” we will use your contact details and all other provided information to keep you informed about future job positions, even after the job offering you applied to has been filled. But of course, you may retract your consent any time (see also below: V. Rights of the data subject).
c) YOUR FEEDBACK REGARDING OUR DEVELOPED SOFTWARE
Regardless of the channel you use to provide us with your feedback regarding our software projects, as an open source company your collaboration and engagement is crucial for us. We need interested participants to test and try out the Vereign Services and provide us with feedback. If you choose to engage in such software testing and providing us with feedback, in the spirit of the free software community, this is also a main reason you are providing your personal data to us and this purpose forms our legal relationship in the meaning of Art. 6 para. 1 Lit. b GDPR. We commit ourselves to exclusively use your related personal data for this purpose of testing and improving Vereign Services.
2. IP-ADDRESSES AND WEB SERVER LOG FILES
In order to allow for the requested website to be displayed in your browser, we need to temporarily store and process your IP address. The legal basis for this temporal storage of personal data is Art. 6 para. 1 Lit. f GDPR.
After your individual session has ended, your IP address will be saved anonymously in log files of our web server. The information in our log files includes:
- the exact pages you accessed in our URL(s)
- date and time of your request
- the name of your telecommunication provider
- your browser type
- your operating system
- your anonymised IP address
We will use this non-personal data exclusively for optimising our webpage and to safeguard the security of our information technology systems.
3. COOKIES AND THE MATOMO WEB ANALYSIS SERVICE
We use “cookies” on our internet pages. Cookies are text files stored on your computer.
In case you provide us with your respective consent in our “cookie banner”, we will additionally place so called “tracking cookies” in your browser and we will analyse the data stored by such tracking cookies on your machine using “Matomo” web analysis software. Such cookies will remain in your browser for longer periods than the individual session. The purpose of this data processing is to improve our internet sites and for this we need to understand what function or information proves useful or at least interesting to our visitors. For this purpose, information of usage (generated by the tracking cookies) is transferred to our server and stored for respective usage-analysis.
But your IP address is stored in the cookie (and subsequently processed on our servers) in an anonymised form only. Hence, you remain as anonymous as feasible as an individual user in the context of the analysis. In detail in such tracking cookies we store:
However, if you do not wish to agree to the use of such tracking cookies any more, you may erase them or even prevent their use with a corresponding setting in your browser software. You can also object to the use of data recorded by tracking cookies by clicking the following link. In this case, an “opt-out cookie” is placed in your browser, which means that Matomo will not record any session data at all. Important: If you delete your cookies, this means that the opt-out cookie will also be deleted and that you must reactivate it, if necessary. If you do wish to place an opt-out cookie right now, please opt out below.
V. DATA PROCESSORS
However, for specific tasks, like hosting our webpage we also have contracted external service providers.
VI. YOUR RIGHTS AS A DATA SUBJECT
According to applicable law (in particular Swiss law and even more so GDPR) but also due to our own commitment you shall have the following rights toward us:
In case you exercise your rights in accordance with the GDPR towards us, we will not charge any fees. However, a reasonable fee may be charged if your inquiry is demonstrably abusive, improper or if you make a repeated inquiry without relevant justification.
We may need to collect information about you that will enable us to clearly identify you as a data subject. In doing so, we will endeavour not to complicate or even hinder your request. Rather, we want to make sure that none of your personal data falls into the hands of unauthorised persons.
We have implemented extensive security provisions and measures to establish an appropriate level of safety to protect personal data stored by us from unauthorized access, misuse, altering, misappropriation, destruction, and loss. At Vereign we seek to combine and align our overall requirements concerning cyber security and resilience, regardless whether these requirements are derived from best practise approaches, applicable law or contractual regulations. This holistic point of view makes it feasible for us to deal with the respective requirements in a transparent and effective way. As part of our security management processes, we obligated ourself to conduct regular external penetration tests of our Seal Applications and its underlying processes.
However, in case you choose to communicate with us via an insufficiently encrypted communication channel, we would like to point out that such insufficiently encrypted data transfer cannot provide any guarantee that access to your data by third parties is averted.
VIII. EXTERNAL HYPERLINKS
As of: April 2021