Data Policy

If you have questions regarding the data policy, please write us an email or directly contact the person listed below who is responsible for data protection questions.

Who are we

The App was developed by DU DA Data & Commtech by Farner and Papers AG, with financial support from the Tezos Foundation. The customer (for example, a city) acts as the exchange.

This webpage and its content is operated and maintained by DU DA Data & Commtech by Farner (DU DA).

DU DA – Data & CommTech by Farner: https://www.dudagroup.com
Papers AG: https://papers.ch
Farner Consulting AG: https://farner.ch
Tezos Foundation: https://tezos.foundation

Verantwortliche Stelle im Sinne der Datenschutzgesetze lautet:

DU DA – Data & Commtech by Farner
Langstrasse 18
8004 Zürich
Schweiz

Tel.: +41 43 377 88 55
E-Mail: hey@ecoo.ch


ecoo Mobile App

Terms of Use

Copyright

The copyright for all contents of the app is – unless otherwise indicated – held by DU DA – Data & Commtech by Farner (DU DA) & Papers AG or a contractual partner of the same. It is prohibited to use the content (especially pictures and graphics) and the concept without the prior consent of DU DA.

Rights and obligations of users

In order to achieve the full functionality of the app, the input of personal data is required. This data is stored in and can be viewed by the exchange operator (e.g. city or event organizer).

Disclaimer

All texts and links have been carefully checked and are continuously updated. We make every effort to provide correct and complete information on the ecoo App, but accept no responsibility, guarantee or liability whatsoever that the information provided by ecoo App is correct, complete or up-to-date. Any liability for damages of any kind, which are in any way connected to the access, use or query of the app or the information contained therein, is excluded. We reserve the right to change the information on this website and in the App at any time and without prior notice and do not undertake to update the information contained therein. All links to external providers were checked for accuracy at the time of inclusion, but we are not liable for the content and availability of websites that can be reached via hyperlinks. Access to and use of such websites is at your own risk. For illegal, incorrect or incomplete contents and especially for damages caused by the contents of linked pages, only the provider of the page to which reference is made is liable. It does not matter whether the damage is of a direct, indirect or financial nature or whether there is any other damage that could result from loss of data, loss of use or other reasons of any kind.

Severability Clause

Should individual provisions of these terms of use be or become invalid, the content and validity of the remaining provisions shall remain unaffected and the invalid provision shall be replaced by a valid provision which comes as close as possible to the purpose of the invalid provision.

Applicable law, place of jurisdiction

Swiss law is exclusively applicable to these terms of use. Exclusive place of jurisdiction is Zurich.

Why we collect which personal data

The login to the app is done with your AppleID or your Google account. However, neither Apple nor Google have insight into the usage within the app.

The App needs access to the following functions:

  • Camera: to trigger payments via QR Code
  • Mobile data or WiFi: to transmit payment information during a transaction

Without these permissions the app can only be used with limited functionality. Without camera access, payment details must be entered manually. Without an internet connection, the other person involved in the transaction must have internet access.

As usual with blockchain technology, the transactions are stored on a Tezos blockchain in a publicly viewable way and are checked and processed according to Smart Contracts. Data, which are visible in the chain: Public wallet address of the sender (e.g. tz1hkzS6pnfnHv9KzX1nbtqXVqUkzcem8FJs), public wallet address of the receiver (e.g. tz1hkzS6pnfnHv9KzX1nbtqXVqUkzcem8FJs), amount of the transaction.

Private person

In order to receive credit from the Exchange, the User submits personal information such as name, address, hometown, telephone number and date of birth. These are encrypted for transit and stored in your database in the Google Cloud Location Switzerland. The database is accessible to the administrators of the Exchange. The access to the database is secured with 2FA

The data entered will be used exclusively to verify the credit request or exchange entitlement. They will not be used for other purposes and will not be passed on to third parties.

Store

In order to exchange purchased coins for Fiat currency at the Exchange, data such as company name, UID, address and telephone number must be provided. These are encrypted for transit and stored in your database in the Google Cloud (location Switzerland). The database is accessible to the Exchange administrators. The access to the database is secured with and is secured with 2FA.

The entered data will only be used to verify the credit request or exchange authorization. They will not be used for other purposes and will not be given to third parties.

How long we store your data

The data collected in the context of the app usage will be deleted after the end of the campaign. Entries in the blockchain remain.

Which rights you have on your data

You can request the deletion of all personal data we have stored about you. This does not include data that we are required to keep due to administrative, legal or security-related necessities.

Where we send your data

The verification data is stored in the Google Cloud Location Switzerland. Transactions are stored publicly on the Tezos Chain.

How we protect your data

SSL Encryption

To protect the security of your data during transmission, we use the encryption method (e.g. SSL) via HTTPS, which is state of the art.

Two-factor authentication

Access to the database is secured with 2FA.


Website

Terms of Use

Copyright

Unless otherwise indicated, the copyright for all content on this website is owned by DU DA – Data & Commtech by Farner (DU DA) or a contractual partner of the same. It is prohibited to use the contents (especially pictures and graphics) without the prior consent of DU DA.

Disclaimer

All texts and links have been carefully checked and are continuously updated. We make every effort to provide correct and complete information on this website, but accept no responsibility, guarantee or liability whatsoever that the information provided by this website is correct, complete or up-to-date. Any liability for damages of any kind, which are in any way connected with the access, use or query of the website or the information contained therein, is excluded. We reserve the right to change the information on this website at any time and without prior notice and are not obliged to update the information contained therein. All links to external providers were checked for correctness at the time of their inclusion, but we are not liable for the content and availability of websites that can be reached via hyperlinks. Access to and use of such websites is at your own risk. For illegal, incorrect or incomplete contents and especially for damages caused by the contents of linked pages, only the provider of the page to which reference is made is liable. It does not matter whether the damage is of a direct, indirect or financial nature or whether there is any other damage that could result from loss of data, loss of use or other reasons of any kind.

Severability Clause

Should individual provisions of these terms of use be or become invalid, the content and validity of the remaining provisions shall remain unaffected and the invalid provision shall be replaced by a valid provision which comes as close as possible to the purpose of the invalid provision.

Applicable law, place of jurisdiction

Swiss law is exclusively applicable to these terms of use. Exclusive place of jurisdiction is Zurich.

Privacy policy

1 privacy

The protection of your privacy is of great importance to DU DA – Data & Commtech by Farner (hereinafter DU DA). Please note the following data protection regulations.

2 Scope of application

DU DA collects, processes, stores and protects the data of people who access its website. This Privacy Policy applies to this website and all of its applications and features such as chat, newsletters, events, etc.

3 Legal basis

The present data protection principles are based on the Swiss Data Protection Act (DSG) and, where applicable, the European Data Protection Ordinance (DSGVO).

4 Name and address of the data controller and his representative

Responsible in the sense of the data protection laws is the:

DU DA – Data & Commtech by Farner
Langstrasse 18
8004 Zurich
Switzerland

Phone: +41 43 377 88 55
e-mail: info@dudagroup.com

Marc van Nuffel, Partner & CEO at DU DA

5 Use of information

Visiting the DU DA website is generally possible without providing any personal data. Impersonal usage data such as the IP address, the browser used, date, time, etc. are evaluated without any conclusions about your person.

Visitors to our website can also activate the “do not track” function on their browser, so that only the log-in is tracked as such.

Personal data are strictly collected and processed in accordance with the relevant laws and regulations and only with your express consent.

6 Transfer of personal data

We treat your personal data confidentially and only pass it on if you have expressly agreed to this, if we are legally obliged or entitled to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we pass on your personal data to third parties if this is necessary or expedient in the context of the use of the website or for the possible provision of the services requested by you.

We disclose your personal data to the following categories of recipients:

  • Business partners
  • Service operators
  • Service company
  • Authorities as far as this is required or necessary

The legal regulations for the transfer of personal data to third parties are naturally observed. If we involve third parties to provide our services, we take appropriate legal precautions as well as appropriate technical and organizational measures to ensure the protection of your personal data in accordance with the relevant legal regulations.

If the level of data protection in a country in which the data is processed does not comply with the applicable data protection regulations, we contractually ensure that the protection of your personal data is equivalent to that in Switzerland or the European Economic Area (EEA) at all times.

7 Contact options via the website

If you contact DU DA via our website, the personal data you provide will be stored automatically. Such voluntarily transmitted data is stored exclusively for the purpose of processing your inquiry or contacting you. We have a legitimate interest in processing your contact requests. This personal data will not be passed on to third parties.

You can object to this data processing at any time. Please send your objection to info@dudagroup.com. In this case, your data will be deleted and your inquiry will not be processed further, as far as this does not conflict with legal storage obligations.

8 Routine deletion and blocking of personal data

Unless expressly stated in this Privacy Policy, DU DA will process and store personal data of data subjects only for the period of time necessary to achieve the purpose of storage, or if required by legal regulations to which DU DA is subject.

If the purpose of storage no longer applies or if any statutory storage period expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

9 Legal basis of the processing

No data will be processed without legal basis. Serve as such:

the consent
the conclusion or fulfillment of a contract or the inquiry of affected persons in advance thereof (preliminary contract)
legal obligations
the protection of a legitimate interest of DU DA or a third party
vital interests, if any
10 Rights of the data subjects

a) Right to information

Any person affected by the processing of personal data has the right to obtain confirmation as to whether personal data concerning him/her is being processed and to obtain free information on such data, as well as further information and a copy of the data in accordance with the law.

b) Right of rectification

Any person affected by the processing of personal data has the right to request the immediate rectification of inaccurate personal data concerning him and/or the completion of incomplete personal data.

c) Right of cancellation (right to be forgotten)

Any person affected by the processing of personal data has the right, in accordance with the law, to demand that the personal data concerning him/her be deleted immediately.

d) Right to limit processing

Any person affected by the processing of personal data has the right to demand the restriction of the processing in accordance with the legal requirements. f) Right to data transferability

Any person concerned by the processing of personal data has the right to obtain, in accordance with the law, the personal data concerning him/her provided by the data subject to DU DA, in a structured, common and machine-readable format, or to request that it be communicated to another controller.

e) Right of appeal

Any person concerned by the processing of personal data has the right to object at any time to the processing of personal data concerning him. This also applies to profiling based on these provisions.

DU DA will no longer process the personal data in the event of an objection, unless compelling reasons for processing worthy of protection can be demonstrated which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

f) Automated decisions in individual cases including profiling

Any person affected by the processing of personal data has the right, in accordance with the law, not to be subject to a decision based solely on automated processing, including profiling, which has legal effect vis-à-vis him or her or which significantly affects him or her in a similar manner.

g) Right to revoke a data protection consent

Every person affected by the processing of personal data has the right to revoke his or her consent to the processing of personal data at any time with effect for the future. Revocation of the consent does not affect the lawfulness of the processing of personal data carried out on the basis of the consent until revocation.

h) Right to appeal to a supervisory authority

Depending on the applicable data protection legislation, the person concerned by the processing of personal data may have the right to complain to a competent data protection authority.

Please note that exceptions apply to these rights. In particular, DU DA may need to process and store personal data of data subjects in order to fulfil a contract with you, to protect its own legitimate interests such as the assertion, exercise or defense of legal claims, or to comply with legal obligations. As far as legally permissible, DU DA can therefore also reject your data protection-related requests or only comply with them to a limited extent.

For questions in connection with the data protection practised by DU DA and for information regarding the rights of the persons concerned and for the assertion of these rights, the person concerned can contact DU DA at any time using the contact details provided at the beginning of this Data Protection Declaration. If necessary, DU DA reserves the right to request the identification of the data subjects in an appropriate manner for the processing of requests.

11 Links to other websites

The DU DA website links to other websites that are not operated by DU DA and to which this Privacy Policy does not apply. After clicking on the link, DU DA no longer has any influence on the processing of any data transferred to third parties (such as the IP address), as the behaviour of third parties is naturally beyond our control. Therefore, DU DA cannot accept any liability for these external contents. The respective provider or operator of the sites is always responsible for the content of the linked sites.

The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. A permanent control and examination of the linked pages without concrete evidence of a violation of the law is not reasonable. If we become aware of any infringements of the law, such links will be removed immediately.

12 cookies

This website uses cookies. Cookies are small text files that are stored permanently or temporarily when you visit this website. The purpose of cookies is in particular to analyze the use of this website for statistical evaluation and for continuous improvements.

In the settings of your browser you can deactivate cookies at any time, either completely or partially. If cookies are deactivated, you may no longer be able to use all the functions of this website.

12.1 What are cookies?

Cookies are small files which are stored on your data carrier and which store certain settings and data for exchange with our system via your browser.

Basically there are 2 different types of cookies, so-called session cookies, which are deleted as soon as you close your browser and temporary/permanent cookies, which are stored on your data carrier for a longer period of time or indefinitely. This storage helps us to design our web pages and our offers for you accordingly and makes it easier for you to use them, for example by storing certain entries made by you in such a way that you do not have to repeat them constantly.

12.2 Which cookies does DU DA use?

Most of the cookies we use are automatically deleted from your hard drive at the end of the browser session (end of session) (hence session cookies). In addition, we also use cookies that remain on your hard drive. During a further visit, we will automatically recognize that you have already been with us and which entries and settings you prefer.

These temporary or permanent cookies (lifetime 1 month to 10 years) are stored on your hard disk and delete themselves after the specified time. These cookies in particular serve to make our offer more user-friendly, effective and safer. Thanks to these files, it is possible, for example, that you will be shown information on the site that is specially tailored to your interests.

The exclusive purpose of these cookies is to adapt our offer to your customer wishes in the best possible way and to make your surfing on our website as comfortable as possible.

12.3 What data is stored in the cookies?

Only pseudonymous data is stored in the cookies used by DU DA. When the cookie is activated, it is assigned an identification number and your personal data is not assigned to this identification number. Your name, your IP address or similar data that would allow the cookie to be assigned to you will not be placed in the cookie. On the basis of cookie technology, we only receive pseudonymized information, for example about which pages of our website were visited, which services, articles or cases were viewed, etc.

12.4 What is Onsite Targeting?

On the DU DA website, data is collected on the basis of cookie technology to optimise our advertising and the entire online offering. This data is not used to identify you personally, but is used solely for a pseudonymous evaluation of the use of the website. Your data will at no time be merged with the personal data stored by us.

This technology enables us to present you with advertising and/or special offers and services whose content is based on the context of the clickstream analysis of acquired information (e.g. advertising which is aimed at showing that in the last few days only content on topics such as digital marketing or media relations was viewed).

Our goal is to make our online offerings as attractive as possible for you and to present you with advertising that corresponds to your areas of interest.

12.5 Are third-party cookies also available? (so-called third party cookies)?

DU DA makes use of some advertising partners who help to make the online offer and our website more interesting for you. Therefore, when you visit the website, cookies from partner companies are also stored on your hard drive. These are temporary/permanent cookies that are automatically deleted after the specified time. These temporary or permanent cookies (lifetime 14 days to 10 years) are stored on your hard disk and delete themselves automatically after the specified time.

The cookies of our partner companies also contain only pseudonymous, mostly even anonymous data. These are for example data about which products you have looked at, whether something was bought, which products were searched for, etc. Some of our advertising partners also record information beyond the web pages about which pages you have visited before or which products you are interested in, for example, in order to be able to display the advertising that best meets your interests.

This pseudonymous data is at no time merged with your personal data. Their sole purpose is to enable our advertising partners to address you with advertising that might actually interest you.

12.6 How can you prevent the storage of cookies?

You can set your browser to accept cookies only if you agree to this. If you only want to accept the DU DA cookies but not the cookies of our service providers and partners, you can select the setting in your browser “Block third-party cookies”.

Usually, the Help function in the menu bar of your web browser will tell you how to reject new cookies and how to disable cookies you have already received. Alternatively, you can visit the https://www.aboutcookies.org website. There you will find step-by-step instructions on how to check and delete cookies in most browsers.

We recommend that you always log off completely after finishing your session on shared computers that are set to accept cookies and flash cookies.

13 Log Files

Every time you access the DU DA pages, usage data is transmitted by the respective internet browser and stored in log files, the so-called server log files. The data records stored in this process contain the following data: Date and time of access, name of the page accessed, IP address, referrer URL (the URL from which you accessed the website), the amount of data transferred, as well as product and version information of the browser used.

The IP addresses of users are deleted or made anonymous after the end of use. In the case of anonymization, the IP addresses are changed in such a way that the individual information about personal or factual circumstances can no longer be attributed to a specific or determinable natural person, or can only be attributed to a specific or determinable natural person with a disproportionate expenditure of time, cost and manpower.

We evaluate these log file data records in anonymized form in order to further improve our offer and make it more user-friendly, to find and correct errors faster and to control server capacities. For example, it is possible to track at what time the use of the DU DA website is particularly popular and provide the corresponding data volume to ensure that you can make purchases as quickly as possible. In addition, by analysing the log files, we can also identify and correct any errors on the DU DA website more quickly. These purposes also constitute our legitimate interest in data processing.

14 Web Analysis

This website uses various services for website analysis and tracking, which we explain in more detail below. In addition, we will show you how you can prevent these services from evaluating your usage behavior on our website. If we ask you for your consent to use the third-party services, the legal basis for this form of data processing is your consent. If we do not obtain your consent, your personal data will be processed on the basis of our legitimate interests (i.e. for optimization and marketing purposes and the design of our website to meet your interests).

14.1 Google Analytics

This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or if you are a resident of the European Economic Area (EEA) or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics uses “cookies”. The information collected by the cookie about your use of our website (including your IP address) may be transferred to a Google server in the USA and stored there.

We only use Google Analytics with activated IP anonymization. This means that your IP address is shortened by Google within Switzerland or the EU/EEA.

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

Google uses this information to evaluate your use of our website, to compile reports on website activity for us and to provide us with other services associated with the use of websites and the Internet. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website.

You can also prevent Google from collecting and processing data by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de. An opt-out cookie is set to prevent the future collection of your data when you visit our website.

Google is certified under the Swiss-U.S. and EU-U.S. Privacy-Shield-Agreements and thus offers a guarantee to comply with Swiss and European data protection laws. You can find further information in this context at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

Further information on Google Analytics and data protection can be found at www.google.com/analytics/terms/de.html and https://policies.google.com/privacy.

14.2 Hotjar

This website uses features of the web analytics service Hotjar, operated by Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta. We use Hotjar to better understand the needs of our users and to optimize the offer on this website.hotjar’s technology helps us to gain a better understanding of our users’ experiences (e.g. how much time users spend on which pages, which links they click, what they like and what they don’t like, etc.) and this helps us to better understand our users and to optimize the offer on our website. Hotjar uses cookies and other technologies to collect information about the behavior of our users and about their end devices (in particular, IP address of the device (only collected and stored in anonymous form), screen size, device type (Unique Device Identifiers), information about the browser used, location (country only), language preferred for viewing our website). For more information, please see Hotjar’s privacy policy at https://www.hotjar.com/legal/policies/privacy/.

You may object to Hotjar’s data processing at any time. Hotjar offers each user the possibility of preventing the use of the Hotjar tool by means of a “Do Not Track” header, so that no data about the visit to the website in question is recorded. The opt-out option can be found at https://www.hotjar.com/legal/compliance/opt-out.

You may object to the use of Hotjar. Instructions are available at: https://www.hotjar.com/opt-out.


Changes

We may change this privacy policy at any time without notice. The current version published on our website applies.

Zurich, 17.08.2020