This data privacy statement applies to Indu4.0 AG, Zug, Switzerland (hereinafter Indu4.0 AG).
Should, with regard to data protection questions, there be any inconsistency between this data privacy statement and any other applicable contract terms or general terms and conditions of Indu4.0 AG, the provisions of this data privacy statement shall prevail.
Data protection is of particular importance to Indu4.0 AG. Therefore, we process personal data in accordance with the applicable laws and regulations. This Data Protection Statement is in line with the EU General Data Protection Regulation (GDPR).
In this data privacy statement, we will provide you as well as data subjects with comprehensive information about our data processing methods. Furthermore, by means of this data privacy statement, you, respectively the data subjects will be informed of the rights of the data subjects.
"Personal Data" means any information relating to persons or that we can otherwise associate with persons. Herein personal data means personal data of employees, contractors, audiences, agencies and consumers of you and your affiliated companies. If you provide us with personal data of other persons (such as family members, work colleagues), please make sure the respective persons are aware of this Data Protection Statement and only provide us with their data if you are allowed to do so and if such personal data is correct.
When, in this data privacy statement, we refer to the processing of personal data, we mean any form of handling of personal data. This includes, for example the: collection, storage, management, use, transmission, disclosure or deletion of personal data.
The “controller” of data processing as described in this data protection statement (i.e., the responsible person) is Indu4.0 AG, unless we have informed you otherwise in certain cases. You can notify us of any data protection-related concerns using the following contact details: Dammstrasse 16, 6300 Zug, Switzerland / email: firstname.lastname@example.org
How do we collect personal data?
We collect personal data, which is transmitted to us in particular in the following constellations:
- in connection with the initiation of a contractual relationship (such as the sale of cryptographic token or coins), including for purposes of combating money laundering;
- in connection with the provision of our services;
- if you (or your organs / employees) communicate with us via email or other communication channels;
- if you ask us to send you notifications, newsletters or other marketing information;
- if you register for a physical or virtual event or attend such an event; or
- via our website.
In certain cases, we supplement personal data with information that we have gathered from publicly available sources (such as the internet).
When do we collect personal data?
We collect personal data whenever we are in contact with you or data subjects respectively. We collect and process the data that you send us when using the website or using the contact form, when sending expressions of interest, purchase contracts (such as SAFT agreements) regarding the issuance or sale of cryptographic tokens or coins (called INDU token) or the purchase of goods, products or services. In addition, to the extent necessary for the provision of our service or for the examination of your documents and the intended acquisition of INDU tokens or the purchase of goods, products or services, we process personal data that we legitimately obtain from publicly accessible sources (e.g., land registers, commercial and association registers, press, internet) or that are legitimately transmitted to us by third parties (e.g. in connection with KYC audits).
Relevant personal data are in particular personal details (name, address, email address, telephone number, fax number,) identification data (e.g., ID card data). In addition, this may also be data from the fulfilment of our contractual obligations, possibly information about your financial situation (e.g., origin of assets) and other data comparable with the aforementioned categories.
For example, we collect personal data under the following circumstances:
- You send us information or documents, for example in connection with the sale of cryptographic token or coins;
- you receive a newsletter or other advertisement about our services;
- you communicate with us via telephone, fax, email, voicemail, text messaging (SMS), picture messaging (MMS), video messaging, instant messaging etc.;
- you use or communicate with us or third parties via our website;
- your mobile device connects to the WLAN provided by us in our business premises;
- you get in contact with us at special occasions such as events, advertising events, etc.
Which personal data do we collect?
Within the scope described above, we collect in particular the following personal data (if provided to us):
Data regarding a person: name and first name(s) (given names and names chosen in Metaverses or in other virtual environments); date of birth; home address; citizenship(s); invoice address and account information; wallet address(es); telephone number(s); email address(es); as well as other information necessary for the execution of the agreement made with you, in particular information in connection with potential KYC checks by an external service provider (e.g. documents on the origin of the funds, utility bills for verification of residence).
Data relating to contractual negotiations or conclusion of contracts:
- Contract data (including contract date, contract type, contract content; parties to the contract; contract term; contract value; claims asserted under the contract);
- Session data with regard to visits to our website (including duration and frequency of visits, language and country defaults, information about browser and computer operating system, Internet Protocol addresses, search terms and search results, ratings submitted);
- Communications via telephone, fax, email, voicemail, text messaging (SMS), picture messaging (MMS), video messaging, instant messaging etc.
For which purposes do we process personal data?
We process personal data for various purposes. These purposes can be structured in different groups. In particular, we may process all or some of the personal data for one or more of the following purposes:
- For the fulfilment of contractual obligations
- The processing of data takes place for the effective and proper issuance or sale of INDU tokens or the sale of goods, products or services. It can also be used to carry out precontractual measures that are necessary at the request of interested parties, such as for KYC tests.
- In the context of a balancing of interests
- To the extent necessary to safeguard our legitimate interests, we also process your data beyond the actual fulfilment of the contract. These can be, for example:
- prevention and investigation of money laundering and criminal offences,
- Compliance with and improvement of IT security,
- business management measures,
- Marketing purposes (e.g. advertising measures, market research)
- Assertion of legal claims and defense of legal interests.
- On the basis of the consent of contractual partners or interested parties
- If a contractual partner or interested party has given his consent to the processing of personal data for certain purposes, the processing on the basis of the consent is lawful. The contractual partner or interested party can revoke this consent at any time for the future.
- Due to legal requirements
- Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. (1) sentence 1 lit.c) GDPR serves as the legal basis. These may be, for example, obligations under the Swiss Anti-Money Laundering Act (AMLA). Data is used, for example, for risk analysis, fraud and money laundering prevention, control and reporting obligations, compliance, auditing, etc.
How long do we keep the data?
We process and retain your personal data as long as required for the performance of our contractual obligations and compliance with legal obligations or other purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, during the performance of the contract until it is terminated) as well as beyond this duration in accordance with legal retention and documentation obligations. Personal data may be retained for the period during which claims can be asserted against our company (i.d. particularly during legal prescription periods) or insofar as we are otherwise legally obliged to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymized, as far as possible. In general, shorter retention periods, of no more than twelve months, apply for operational data (e.g., system logs).
How do we protect personal data?
We have technical and organizational security procedures to maintain the security of personal data and to protect personal data against unauthorized or illegal processing and/or against unintentional loss, modification, disclosure or unauthorized access.
Nevertheless, you should always be aware that the transmission of data over the internet and other electronic means entails certain security risks, and that we cannot give any guarantee for the security of data that are transmitted in this way.
Insecure HTTP requests are usually redirected to use HTTPS. HTTPS requests are encrypted using SSL/TLS technology. Data transmitted over SSL/TLS encrypted connections cannot be read by third parties.
To whom may we disclose personal data?
In the context of our business activities and in line with the purposes of the data processing, we may transfer data to third parties (such as service providers and suppliers), insofar as such a transfer is permitted and we deem it appropriate, in order for them to process data for us or, as the case may be, their own purposes. We may also disclose personal data if we consider this as necessary to comply with the applicable laws and regulations, in court proceedings, at the request of the competent courts and authorities, or for the fulfillment of other legal obligations or in order to protect and defend our rights and our property respectively.
Certain data recipients may be within Switzerland but they may be located in any country worldwide. In particular, data may be transferred to countries, in which our clients, their affiliates, opposing parties or business partners are located as well as countries in which service providers (such as experts, foreign lawyers and law firms etc.) are located or where our clients and affiliate companies are involved in legal proceedings. If we transfer data to a country without adequate legal data protection, we ensure an appropriate level of protection as legally required by way of using appropriate contracts (in particular on the basis of the standard contract clauses of the European Commission) or binding corporate rules or we rely on the statutory exceptions of consent, performance of contracts, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the persons concerned. However, we reserve the right to redact copies for data protection reasons, reasons of secrecy or to produces excerpts only.
- Which cookies do we use?Most of the cookies we use are automatically deleted from your computer or mobile device after your browser session has ended (so-called session cookies). Session cookies may for example be used to store your language defaults over different sites in a web session.In addition, we use temporary respectively permanent cookies. These remain stored on your computer or mobile device after the end of the browser session. When you revisit our website your preferred entries and settings are automatically identified. Depending on the type, these temporary and permanent cookies remain stored on your computer or mobile device for between one month and ten years, and are automatically deactivated after the end of the programmed period. They are used to make our website more user friendly, more effective and more secure.
- How can you prevent the storage of cookies?Most web browsers automatically accept cookies. You may, however, instruct your browser not to accept any cookies, or to ask you each time before a cookie from a website you have visited is accepted. You may also delete cookies from your computer or mobile device by using the appropriate function on your browser. If you decide not to accept our cookies or the cookies of our partner companies, you will not be able to see certain information on our website or use a number of functions which should improve your visit.
How do we use log files?
Every time you access our website, certain usage data is transmitted to us by your internet browser for technical reasons, and stored in protocol files, the so called log files. The usage data in question is the following: date and time our website is accessed; name of the website accessed; IP address of your computer or mobile device; address of the website from which you accessed our website; volume of data transferred; as well as name and version of your browser.
Analysis of the log files helps us to further improve our internet products and make them more user friendly, to find and remove errors more quickly, and to control server capacities. Using log files, we can, for instance, determine the time when the use of our internet products is particularly popular and make appropriate data volumes available to guarantee you optimum usage.
How do we use web analysis tools?
In order to constantly improve and optimize our internet offering, we use so-called tracking technologies. Web analysis tools provide us with statistics and graphics which provide us with information about the use of our website. This involves data about the use of a website being transferred to the server used. Depending on the provider of a web analysis tool, these servers may be located abroad.
For the most frequently used web analysis tool, Google Analytics, these data are transferred including shortened IP addresses, which prevents the identification of individual devices. Google complies with the data protection rules of the "Swiss-U.S. Privacy Shield” Framework and is registered with the “Swiss-U.S. Privacy Shield” program of the US Department of Commerce (information about the “Swiss-U.S. Privacy Shield” may be found under https://www.privacyshield.gov/Swiss-US-Privacy-Shield-FAQs). The IP address transmitted by your browser within the framework of Google Analytics will not be merged with other Google data. Transfer of these data by Google to third parties may only take place on the basis of legal regulations or as part of contractual data processing.
You may prevent the recording of the data generated by cookies and relating to your use of the website (including your IP address) at Google, as well as the processing of these data by Google, by downloading and installing the browser plugin available under the following link (https://tools.google.com/dlpage/gaoptout). You will find more detailed information about Google Analytics and data protection at https://tools.google.com/dlpage/gaoptout?hl=en or https://support.google.com/analytics/answer/6004245?hl=en.
What rights do data subjects have in respect to their personal data?
You have the right:
- in accordance with Art. 7 para. (3) GDPR, to revoke your consent, once given, at any time in relation to us. This means that we may no longer continue the data processing based on this consent in the future;
- to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of appeal, the right of access to your personal data and the right to object.
- the origin of your data, if it was not collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
- in accordance with Art. 16 GDPR, to request the correction of incorrect or incomplete personal data stored by us without delay;
- pursuant to Article 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims;
- to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
- pursuant to Art. 20 GDPR, to receive the personal data you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller; and
- complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.
In addition, every data subject has the right to enforce his/her rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch).
Right of objection
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f) GDPR or on the basis of Art. 6 (1) p. 1 lit. e) GDPR (data processing in the public interest), you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so which arise from your particular situation. This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If you wish to exercise your right of objection, this can be done informally with the subject "Objection", stating your name and address. You can send your revocation to:
Postal address: Indu4.0 AG, Dammstrasse 16, 6300 Zug, Switzerland by email to: email@example.com
Actuality and Modification of the data privacy statement
This data privacy statement may be amended at any time. If you or data subjects wish to refer to this data privacy statement, please ask us for the current version.