Data Privacy Statemen

I. Data Privacy statement

peoplefone AG (hereinafter “peoplefone”, “we”) takes the protection of your (hereinafter “customer”; “you”, “data subject”) personal data very seriously. We strictly adhere to the relevant regulations on data protection. We comply with the principle of purpose-related use, and collect, process and store your personal data only for the purposes for which you have been informed or are otherwise aware.

This privacy statement aims to inform you about the type, scope and purpose of the personal data collected, used and processed by us. Furthermore, as data subject you will find information regarding your legal rights.

We also take internal company data protection very seriously. Our employees and service providers have an obligation to maintain confidentiality and to comply with data protection regulations. We have taken comprehensive technical and operational safety precautions to protect your personal data from unauthorised access and misuse. Our security procedures and measures are regularly reviewed along with the latest technological developments. Internet-based data transfers can nevertheless have security gaps. As a result, absolute protection cannot be guaranteed.

This data privacy statement is available in German, English, French and Italian. In case of ambiguities and/or contradictions, the German version applies.

II. Name and address of the controller

The Controller in accordance with the applicable data protection laws is:

peoplefone AG

Albisstrasse 107

CH-8038 Zurich

Switzerland

Tel.: +41 44 552 20 00

E-mail: datenschutz@peoplefone.ch

Website: www.peoplefone.com

For any queries and suggestions regarding data protection, data subjects can contact us directly and at any time (see above contact information).

III. Use of personal data when purchasing and using peoplefone products

peoplefone offers different products for which different types of personal data are required and collected. These include the operation of hosted/virtual telephone systems, the establishment of telecommunications connections, the provision of Internet and mobile subscriptions and the purchase of terminals and SIM cards. The data collected and used for telecommunication services are not combined with other data.

In order to be able to offer and provide our services and products, we collect, process and use the data of our customers. This is done on the basis of existing laws, in particular the Swiss Data Protection Act (DPA) and the corresponding ordinance (OADP), the Federal Act on the Surveillance of Post and Telecommunications (SPTA) and the corresponding ordinance (SPTO)

1. Establishment and implementation of contractual relationships

The processing (in particular storage) of contract-related data (see below) takes place insofar as this is necessary for the establishment, content-related design or amendment of the contractual relationship.

peoplefone may use this data for marketing purposes, especially for advertising our own offers, in which we have a legitimate interest.

After termination of the contractual relationship, the stock data will be deleted after a period of six months, without prejudice to any longer statutory retention obligations. We collect and process in particular:

As a registered customer, you can view and administer your stock data/contract data in your customer portal at any time.

2. Stock data in telecommunications services

In addition to the above-mentioned general requirements for data collection when concluding and performing contracts, the following applies to telecommunications services (e.g. telephony, fax) and the stock data that is generated in the process: peoplefone processes (in particular stores) stock data concerning customers, on the one hand, to fulfil legal storage obligations, and, on the other hand, to provide support services and customer advice and for billing purposes (in the context of the fulfilment of contractual services). This especially concerns the following data:

These data are stored by peoplefone up to six months after termination of the contract. After this date, they will be deleted, unless these data must remain stored to fulfil other legal obligations.

3. Traffic/usage data in telecommunications services

When you use our telecommunications service, we collect and use traffic/usage data (that is to say data collected, processed or used in the course of providing this telecommunications service) for the following purposes: the collection, processing and use of traffic and usage data is carried out in particular for billing purposes and the design of telecommunications services to meet our customer demand. This takes place in performance of the contract with regard to our services. In addition, we process traffic/usage data to provide services with additional benefits, to detect and eliminate disturbances and errors, to detect and prevent service fraud and other illegal use of the services offered by peoplefone, in which we have a legitimate interest. Furthermore, there may be specific legal processing and storage obligations. The recorded traffic and usage data include in particular the following data:

Usage and traffic data will be deleted immediately after the connection ends, unless they are necessary for the determination of the contractually agreed fee for the services provided by peoplefone. We reserve the right to keep the data for any storage period provided for under the law or contract. peoplefone is obliged to keep identification data for up to six months after termination of the contractual relationship with the respective customer. For the purpose of determination of the contractual compensation of the services provided by peoplefone, we store the corresponding usage and traffic data for a period of six months after sending the invoice, unless the data has to be stored for a longer period in order to clarify objections. In the event of customer raising objections against the invoiced charges, peoplefone is entitled to store the usage and traffic data until the objection’s final clarification. This is subject to longer statutory storage obligations.

IV. Transfer of data to third parties

Your personal data will not be transferred to third parties for purposes other than those stated in this privacy statement. Without your express consent or without a legal basis, personal data will not be disclosed to third parties, unless this is necessary to provide the service or to fulfil the contract and/or to carry out pre- contractual measures or because of our legitimate interests.

peoplefone may also share your personal data with our affiliated companies and partners.

peoplefone may disclose your personal data if we are required to do so by law, regulation or government authorities, or if we believe that disclosure is necessary or appropriate, or for law enforcement purposes.

peoplefone reserves the right to transfer your personal data if we sell or transfer all or part of our business or assets (including in the event of a restructuring, dissolution or liquidation).

V. Partners in the provision of our services

peoplefone cooperates with the following affiliated companies and partners for the provision of specific peoplefone offers/services:

As far as this is necessary to provide the abovementioned services, peoplefone may transfer your data to these partners. You can find more details in the privacy policies of the respective partners on their websites. Peoplefone has the right to use other partners and/or other third parties for the provision of its services.

VI. Notification to Swisscom Directories AG

1. Telephone Directories

As a telecommunications provider, peoplefone is legally obliged to notify Swisscom Directories AG of the inclusion of Swiss telephone number(s), names and addresses for public telephone directories. The customer can specify to Swisscom Directories AG which information should be published in the directories. The customer may object to his/her listing with Swisscom Directories AG at any time or request that his/her name be removed from the telephone directories.

2. Emergency call centres

As a telecommunications provider, peoplefone is legally obliged to regularly report the name and corresponding address of each Swiss telephone number to Swisscom Directories AG for the purpose of the localisation of the call centre in Switzerland geographically responsible for each emergency call.

You can find more details in the privacy policy of Swisscom Directories AG on their website

VII. Privacy-related choices in telecommunications services

1. Displaying the phone numbers of outgoing calls

Our service offers the possibility of displaying the calling line identification of outgoing calls to the called subscriber on a permanent or case-by-case basis, provided that the telecommunications equipment supports this feature. For the protection of our customers, caller identification is deactivated (default setting). The customer can activate the calling-line identification in the customer portal. For telephone calls made between peoplefone customers, the internal call number of the customer (“SIP-ID”) cannot be suppressed for technical reasons. The suppression of the calling line identification is inactive for calls being made to emergency numbers.

2. Itemised bill

The customer instructs peoplefone to save connection data when concluding the contract (see above). In the itemised bill (EVN), all incoming and outgoing connections are listed individually with date, destination number, start and duration of the connection as well as the charge for the individual connection in the case of chargeable connections. The customer can view and export the EVN in his/her admin portal. Customers with a business service contract receive the EVN together with the monthly invoice. Customers may choose, free of charge, between the following variants with regard to the desired presentation of the destination numbers:

If the customer fails to exercise his/her right of choose, an unabridged listing will be made.

By placing the order, the customer declares that he/she has informed all current and future cousers about this order and its consequences for the traceability of telephone calls.

3. Sending and receiving faxes by e-mail

The customer can activate fax receipt and transmission by e-mail in the customer portal. peoplefone stores the related documents until the successful transmission is completed. After transmission, the documents will be deleted.

VIII. Information for our customers by e-mail (newsletter) SMS or WhatsApp

peoplefone notifies its customers and business partners via e-mail, SMS or WhatsApp as soon as the corresponding customer credit falls below a certain threshold and in case of an imminent expiry of a subscription, as well as in case of malfunctions/limited availability of peoplefone services.

peoplefone uses the MessageBird service to send SMS or WhatsApp. The provider is MessageBird GmbH, Neuer Wall 63-2 & 63-3, DE-20354 Hamburg. For the purpose of sending SMS/WhatsApp only the necessary data (mobile number, first name, last name, company name) are taken from the customer portal. You can switch off or change the notification function in the customer portal of peoplefone at any time (and thus stop the corresponding data processing).

For further details, please refer to MessageBird’s privacy statement: https://messagebird.com/en/legal/privacy/ 

IX. Newsletter

peoplefone informs its customers and business partners at irregular intervals by e-mail about company news. When subscribing to the newsletter, the data transmitted by the data subject via the input form will be processed first.

The newsletter of our company can only be received by the data subject if (1) the data subject has a valid e- mail address and (2) the data subject registers to receive the newsletter.

When the customer subscribes to the newsletter, we also save the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject at the time of subscription as well as the date and time of subscription. The collection of these data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a data subject at a later date. We have a legitimate interest in this, as well as in the marketing activities associated with the newsletter described here.

The personal data collected during registration for the newsletter is used exclusively for sending our newsletter. In addition, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or for registration, as it might be the case in the event of changes of the newsletter offer or changes in technical conditions. The data subject can unsubscribe from the newsletter at any time. A corresponding link for this purpose can be found in every newsletter. Furthermore, there is the possibility to unsubscribe from the newsletter at any time directly on the customer portal of peoplefone or to inform peoplefone about it by email.

peoplefone uses the TrendMailer service for sending newsletters. TrendMailer is a service provided by Trendpoint GmbH, a Swiss Whitelabel Partner of CleverReach GmbH & Co KG based in 26180 Rastede, Germany. TrendMailer organises and analyses the dispatch of newsletters. The data you enter for the purpose of receiving the newsletter (e.g. e-mail address) is stored on the CleverReach servers in Germany or Ireland.

Our newsletters sent by TrendMailer enable us to analyse the behaviour of the newsletter recipients. Among other things, we can analyse how many recipients opened the newsletter message and how often a link in the newsletter was clicked on. With the help of conversion tracking, it is also possible to analyse whether a previously defined action (e.g. purchase of a product on our website) took place after clicking on the link in the newsletter. Further information on data analysis by TrendMailer newsletter is available at: https://www.cleverreach.com/en/features/reporting-tracking/.

If you do not wish to receive an analysis by TrendMailer/CleverReach, you have to unsubscribe from the newsletter. For this purpose we provide a corresponding link in every newsletter message. The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and then deleted from our servers as well as from the servers of TrendMailer/CleverReach. Data stored by us for other purposes (e.g. e-mail addresses for the members’ area) remain unaffected.

For further details, please refer to the TrendMailer/CleverReach privacy policy at: https://www.cleverreach.com/en/data-security 

X. Payment provider

If, during the ordering process, the data subject decides to use the online payment service (e.g. when paying by credit card, PostFinance, Paypal, etc.) provided by the service provider Datatrans AG (Kreuzbühlstrasse 26, 8008 Zurich), contact, order and transaction data will be sent to Datatrans AG (and via Datatrans AG) for the purpose of processing the payment to its card issuer or PayPal (PayPal (Europe) S.à r.l. and Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg).

If the data subject decides to pay via TWINT or LSV or Ebill, their contact, order and transaction data will be transmitted to their bank via our main bank / Six Payment Services for the purpose of payment processing.

The corresponding data processing is carried out within the scope of contract processing and/or in our legitimate interest.

XI. Data collection via our website

1. Collection of general data and information via our website

The website of peoplefone collects some general data and information with every visit of the website by a data subject or an automated system. These general data and information are saved in the log files of the server. Data collected can include (1) information on the browser used and relevant versions, (2) the operating system used when visiting the website, (3) the website from which an accessing system reaches our website (referrer), (4) the sub-websites which are accessed via an accessing system on our website, (5) the date and time of an access to the internet page, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system, and (8) other similar data and information which are used to prevent danger in case of attacks on our information technology systems. When using these general data and information, peoplefone does not draw any conclusions about the data subject. This information is necessary to (1) deliver the contents of our website correctly, (2) optimise the contents and advertising of our website, (3) guarantee the permanent functionality of our information technology systems and the technology of our website, and (4) provide law enforcement agencies with the necessary information for prosecution in case of a cyber-attack. These anonymously collected data and information are therefore analysed by peoplefone for statistical purposes and with the aim to increase data protection and data security in our company, in order to ultimately ensure an optimal level of protection for the personal data processed by us. This is done based on our legitimate interest. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

2. Registration

The data subject has the opportunity to register on our website by providing personal data. The personal data transmitted to peoplefone is determined by the respective input mask used for the registration. The personal data entered by the data subject are only collected and stored for internal use at peoplefone and for our own purposes.

By registration at the peoplefone website, the IP address assigned by the internet service provider (ISP) of the data subject, the date and time of the registration are stored. These data are stored to prevent any abuse of our services and, if necessary, to enable investigations of crimes. In this respect, we have a legitimate interest in the storage of these data.

The registration of a data subject and the voluntary provision of his/her personal data is necessary for peoplefone to provide the data subject with our contents or services, which due to their nature can only be offered to registered users. We have a legitimate interest in the corresponding data processing or it takes place within the performance of contractual obligations. Registered data subjects have at any time the possibility to change any personal data provided during the registration or to have their personal data deleted completely from the data stock of peoplefone.

3. SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website administrator, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

4. Contact form / e-mail and live chat

If you send us enquiries/information via the contact form/offer enquiry form or via e-mail, your details/information from the form/e-mail, including the contact details provided by you, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions.

The data you enter in the form or live chat will remain with us until you request us to delete them or until the purpose for which the data was stored no longer applies. We reserve the right to take overriding private or public interests – in particular, appropriate retention periods.

With the Tawk.to widget, peoplefone uses a service for interacting with the live chat platform Tawk.to from Tawk.to inc. 187 East Warm Springs, Rd, SB298, Las Vegas, NV, 89119 USA. Users can interact directly through the live chat platform to contact or be contacted by the support team responsible for our website.

The data collected include Chat history, IP address at the time of the chat and country of origin. These data are not disclosed to third parties and are used exclusively for support purposes (including documentation of the support services provided) and for internal statistics, in which we have a legitimate interest.

Tawk.to Widget also allows peoplefone to track your usage activities on our website in real time.

For further details – especially regarding the respective setting options – please refer to the privacy policy of tawk.to: https://www.tawk.to/data-protection/gdpr/ 

5. External Hosting

This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website. Our host will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions with regard to these data.

The use of a host is for the purpose of the performance of the contract with our potential and existing customers and is in our legitimate interest for a secure, fast and efficient provision of our online offer by a professional provider.

6. Cloudflare

We use the service “Cloudflare” operated by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA. Cloudflare is a worldwide distributed “Content Delivery Network” with DNS. Technically speaking, the information transfer between your browser and our website is routed via the Cloudflare network. This enables Cloudflare to analyse data traffic between your browser and our website and serves as a filter between our servers and potentially malicious data traffic from the internet. Cloudflare can also use cookies or other technologies for recognition purposes of internet users, but these are only used for the purpose described here. The use of Cloudflare is based on our legitimate interest in a possibly error-free and secure provision of our web offer. You can find more details in the privacy policy of Cloudflare: https://www.cloudflare.com/privacypolicy/

7. Cookies

This website uses cookies. For details, please refer to the following link: https://www.peoplefone.ch/cookies?locale=en-ch.

peoplefone uses the Cookie Consent Management Tool “Cookiebot”, a product of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter “Cybot”). Via Cookiebot, peoplefone informs you about the use of cookies on the website and enables you to make a decision on their use.

If you give your consent to the use of cookies, the following data will automatically be logged by Cybot:

The encrypted key and the cookie status are stored on the user’s terminal device using a cookie in order to establish the corresponding cookie status for future page calls. This cookie is automatically deleted after 12 months.

We have a legitimate interest in the use of Cookiebot. This consists in the user-friendliness of the website and the fulfilment of data protection regulations. The user can prevent or terminate the setting of cookies and their storage and revoke his/her consent to cookies at any time by changing the settings of his/her browser.

8. Google Analytics

This website uses functions of the Google Analytics web analysis service. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.

Google Analytics uses cookies (see https://www.peoplefone.ch/cookies?locale=en-ch). The information generated by cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

Google reserves the right to use these cookies or the corresponding data for its own purposes, namely, to follow and investigate the use of this application, to generate reports on its activities and to pass these on to other Google services. Google may use the information collected to contextualise and personalise the ads in its own advertising network.

The use of Google Analytics is based solely on your consent. You can withdraw your consent at any time (see https://www.peoplefone.ch/cookies?locale=en-ch).

9. Google Ads and Google Conversion Tracking

This website uses Google Ads. Google Ads is an online advertising programme of Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.

We use the conversion tracking as part of Google Ads. By clicking on an ad placed by Google, a cookie is set for conversion tracking. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not expired, Google and we are able to detect that the user clicked on the ad and was redirected to that page.

The storage of “conversion cookies” is subject to your consent. You can revoke this consent at any time (see https://www.peoplefone.ch/cookies?locale=en-ch).

10. YouTube

Our website uses plugins from the Google-operated YouTube page. The site is operated by YouTube, LLC, 901 Cherry Ave. San Bruno, CA 94066 USA.

When you visit one of our websites with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server receives information on which of our pages you have visited. If you are logged in to your YouTube account, you enable YouTube to associate your surfing behaviour directly to your personal profile.

You can prevent this by logging out of your YouTube account. The use of YouTube is based on an attractive presentation of our online offers, which is in our legitimate interest. For further details, please refer to the YouTube privacy policy: https://policies.google.com/privacy?hl=en&gl=en.

11. Google Maps

This site uses the Google Maps service to display our sales partners. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.

The location information of our partners is usually transferred to a Google server in the USA and stored there.

The use of Google Maps is in the interest of an attractive presentation of our online offers and to make it easier for the user to find the places we have indicated on the website. We have a legitimate interest in this.

For more information, please refer to Google’s privacy policy: https://policies.google.com/privacy?hl=en&gl=en.

XII. Audio and video conferencing

Among other things, we use online conference tools (“conference tool”) for communication with our customers. The conference tools used by us are listed below. If you communicate with us by video or audio conference via the Internet, personal data are collected and processed by us and the provider of the respective conference tool.

The conference tools collect all data that you provide/set for the use of the conference tools (email address and/or your telephone number). Conference tools also process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “contextual information” related to the communication process (metadata).

Furthermore, the provider of a conference tool processes all technical data required for the handling of online communication. This includes in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker as well as the type of connection.

If contents are exchanged, uploaded or made available in any other way within the tool, these are also stored on the servers of the conference tool providers. Such content includes in particular cloud recordings, chat/instant messages, voicemail, uploaded photos and videos, files, whiteboards and other information shared while using the conference tool.

For further information on data processing by the conference tools, please refer to the privacy policy of the respective conference tool. These conference tools are used to communicate with prospective or existing contract partners or to offer our services to our customers. Furthermore, the use of conference tools serves to generally simplify and accelerate communication between our customers/partners and us. This represents a legitimate interest.

Data collected directly by us via the video and conference tools is routinely deleted from our systems (see section XIII below).

Currently we use the service “peoplefone MICROSOFT TEAMS” by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA as well as “peoplefone MEET” by Veeting AG, Aegertenstrasse 32, CH-8003 Zurich. For further details, please refer to the privacy policy of Microsoft Teams: https://privacy.microsoft.com/en-us/privacystatement and Veeting: https://www.veeting.com/en/privacy.

By using Microsoft Teams, you can share your online status with other “Microsoft Teams” users. You can disable this function in your client account.

XIII. Routine deletion of personal data

The personal data that we collect will only be stored as long as this is necessary for the processing of the contractual relationship (from execution to termination) or for the purposes otherwise pursued with the processing and/or under a legal obligation to store and document data or if an overriding private or public interest exists.

peoplefone is in particular legally obliged to keep identification data up to six months after termination of the contractual relationship with the respective customer. In addition, there is a legal obligation to retain business documents for ten years.

As soon as the collected personal data is no longer required for the purposes stated in this privacy statement, they will be deleted or anonymised as a matter of principle and as far as possible.

XIV. Rights of the data subject

Under the applicable data protection law and insofar as provided therein, you have the right to obtain free information about the data relating to you stored by us, to have incorrect data corrected and to demand the deletion or limitation of processing and transferring of your personal data. Deviating statutory provisions are reserved, e.g. as regards legal storage obligations. If you have consented to the corresponding data processing, you may revoke this consent without affecting the legality of the processing carried out on the basis of the consent until revocation. At any time you can object to the future use of the data. In some cases, however, we are not allowed to delete user data completely due to legal storage obligations.

You also have the right to take legal action to enforce your rights or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner. If you have any questions regarding the processing of personal data, please contact our officer in charge of data protection datenschutz@peoplefone.ch (see above).

XV. Amendment of this privacy statement

We reserve the right to amend this privacy statement at any time without prior notice. We will notify you of any changes by posting the updated privacy statement on our website. If the privacy statement is part of an agreement with you, we will send you an updated privacy statement by email or will inform you by other appropriate means. Any changes we make will be effective from the date we post them on our website.

Data Privacy Statement