Privacy Notification (EN)

Privacy & Cookie Policy

This Privacy & Cookie Policy was last updated on 23 October 2023.

1. Introduction

This Privacy & Cookie Policy details how we handle the collection, use, disclosure, transfer, storage, and protection of personal information acquired through our products and services. It also covers your options concerning this data.

As you review our policy, bear in mind that it applies to Traxess AG (“Traxess AG”, “we”, “our”, or “us”), our products, including the Traxess Sentinel, Traxess Data Solutions, the mobile app SPOTAP and so on (collectively referred to as “Products”).

Traxess AG collects Personal Information when you register for or use the Services. Traxess AG does not collect any Sensitive Personal Information, known as Special Categories under GDPR.

Traxess AG processes the personal data of persons who have signed up for the service individually, employees of corporate clients and client’s customers and/or employees. In the service provided to the client segments, Traxess AG acts as the data processor as well as the data controller.

The standards outlined in this Privacy & Cookie Policy are part of the legal agreement between Traxess AG, our clients and clients’ customers. It shall comprise all security measures in place for protecting personal data and to secure the availability of the software as a service provided by Traxess AG in compliance with Swiss Data Protection Law and the EU’s General Data Protection Regulation as of 25 May 2018 (hereinafter referred to as the “GDPR”).

Before accessing or using our products and/or services, please ensure that you have read this Policy and understand how we collect, store, use and disclose your personal information as described herein. By using our products and/or services, you agree to the collection and use of information in accordance with this Privacy & Cookie Policy.

2. Terms & Definitions

Application – Mobile App (SPOTAP and SOS Travel Security App), Web User Interfaces
Products – Traxess Sentinel Travel Security Solutions, Traxess Data Solutions, Traxess Travel Security App SPOTAP, Traxess E-Learning Solutions, Traxess Editorial Systems.
Third Parties – any natural or legal person or entity other than Traxess AG;
Website – the website available at www.traxess.ch

3. Information We Collect

The purpose of collecting and processing personal data by Traxess AG is to:

provide pre- and on-trip travel and security information;
send alert information that might affect travellers;
monitor and locate travellers in case of a security incident;
have data available for initiating a crisis intervention to ensure traveller’s safety;
have access to information required for IT end user support ;
manage system access to products and services;
detect and prevent illegal activities in the software.

Traxess AG strictly utilises data solely in cases where it is legally permitted, abstaining from its use for advertising, market research, or opinion-gathering purposes.

We may collect several types of personal information from the users of our Products, and store it on your mobile device and/or our server, such as:

Personal profile information, including your name, postal address, email address, and mobile or other telephone numbers.
Information about your device, including the IP address of the device (anonymised), internet service provider, operating system, browser type, language preference, and mobile phone identification code.
Precise location information obtained through your IP address, WiFi, and GPS coordinates made available through your device.
Information from third parties, such as travel agencies.
Web behaviour information, such as information related to how the users use the Products (e.g. browser type, domains, page views) collected through cookies and other automated technology.

How We Collect Information

Visiting our user interface without logging in. If the user visits our applications outside the login-protected area, the web server technology we use automatically logs general technical visit information. These include the IP address of the user’s device (anonymised), information about the browser type, the Internet service provider and the operating system.

Visiting our user interface by logging in. When the user accesses the login-protected area of the application by logging in to their personal account, in addition to the automatic logging of general technical visit information, all data entered or submitted by the user during the registration process and during the use of the application will be stored. In particular, this is the case when the user registers and enters their travel booking details as well as personal master data (name, postal address, email address, mobile or other telephone numbers); the settings required for the respective service are collected too.

By entering data during the registration, the user gives their consent to the processing and storing of personal data within the scope described in this Privacy Policy.

Travellers’ booking reservations. Booking reservation data is provided to Traxess AG by third-party travel agencies through the optionally available automated data import function. This data shall include flight bookings, hotel and car reservations etc., processed by the travel agency. The consent and permission to receive, process, and store this information is granted to Traxess AG by the user’s employer on behalf of their employees.

Using the Traxess AG mobile security application SPOTAP. When downloading and installing the Traxess AG mobile security application SPOTAP, the device ID and the phone number are detected and linked to the user’s profile.

If the user activates the “GPS tracking” function, the device sends coordinates of its position on a time interval that is steered by changing the position of the device. These coordinates shall be captured and stored.

In the registration process, the user agrees to the processing and utilization of personal data, including location information acquired via GPS tracking. This consent is given in accordance with the aims and extent outlined in the privacy notice provided before the app is installed on the device.

Data transfer to third parties

Personal data will be treated confidentially by Traxess AG and will not be passed on to third parties without the customer’s consent unless it is required due to a judicial or official request. Traxess AG will not pass on any data to non-EU countries without the customer’s consent. The data remain with Traxess AG and are not made available to any third party except to the extent of providing contracted assistance services as approved either by the users or by their employer.

Data Security

We use technical and organisational security measures in accordance with recognised market standards to protect personal data stored with us against unintentional, illegal or unauthorised manipulation, deletion, modification, access, disclosure or use and against partial or complete loss. The Traxess AG servers are located in a multi-certified and secure data centre in Germany. The connection to our servers is TLS/SSL-encrypted with a security rating of not less than A.

We regularly back up customer data (backup). In order to prevent data loss even in extreme cases (e.g., the destruction of the data centre by an earthquake), the encrypted backups are mirrored on dedicated virtual servers based in Finland. Our security measures are continuously adapted and improved in line with technological developments.

We assume no liability for the loss of data or their knowledge and use by third parties. Furthermore, we cannot guarantee the security of data transmission over the Internet; in particular, there is a risk of access by third parties when data is transmitted by email. However, access is protected according to industry best practices.

Historical Data Storage

Any user data that is processed and stored on our servers is encrypted. The data storage depends on the service contracted by clients. By default, Traxess AG applies the following standard that might change upon client request. The default standard applies to the following:

TRAXESS Travel Security Solution / TRAXESS SENTINEL

The full data history of users is stored for three months.
Anonymised data history without private user information (without name, email, and phone number) is stored for one year.

TRAXESS Data Solutions

The full data history of users is stored for six months.
Anonymised data history without private user information (without name, email, and phone number) is stored for one years.

After a contract with a corporate client has expired, all data is removed from Traxess AG’s servers within one month.

Cookies

When using the Products, we may collect certain information by automated means, such as cookies (small text files stored in your browser).

You can control cookies through your browser settings and other tools. Your device may offer you control over the use of cookies or other technologies when you use the Products. For example, you may be able to set your device or browser to disable, clear, reset or block the use of cookies or similar technologies. Please note, however, that without cookies, the Products may not work properly, or you may not be able to use all of their features.

Use of Google Analytics or other analytics tools

The TRAXESS Software Solutions system, which utilizes Google Maps, actively blocks any third-party tools designed to capture data for user profiling. Consequently, no personal data from users accessing the system is transferred to third parties.

Use of Social Media Plug-ins

The TRAXESS Enterprise Portal website is using social plug-ins from Facebook, and LinkedIn, such as “Like” button.
When you click on the plug-in, a direct connection is established between your computer and the server of this plug-in’s provider, e.g. Facebook, LinkedIn, etc. As a result, certain types of personal and non-personal data of the customer may be collected according to the privacy policy of these providers.

Links to Other Websites

The TRAXESS Travel Security Solution and the Traxess Security App SPOTAP contains hyperlinks to websites of third parties which are not operated or controlled by Traxess AG. Traxess AG is not responsible for its content or data protection practices.

Information, correction, deletion and objection

Users have the rights regarding their personal data:

the right of access under Article 15 GDPR,
the right to correction under Article 16 GDPR,
the right to cancellation under Article 17 GDPR,
the right to restrict processing under Article 18 GDPR,
the right to data transfer from Article 20 GDPR, and
the right of objection under Article 21 GDPR.

Users are asked to give consent in connection with the TRAXESS services. You grant consent by clicking on the corresponding checkbox that TRAXESS may collect, process and use personal data accordingly.

The consent given by users in the past can be revoked at any time without affecting the legality of the processing carried out based on the consent until revocation. Users can cancel the consent given in the past by not accessing the TRAXESS Travel Security Portal anymore and by removing the app installation on their mobile device. Unfortunately, the services and features provided to users will not be available anymore after the consent is revoked.

Users can request the correction of user profile data or the removal of any personal data stored on their profile by contacting the system admin dedicated by the employer who as contracted the service on behalf of its employees or by contacting TRAXESS via the contact channels included in this Privacy&Cookies Policy.

The restrictions according to §§ 34 and 35 GDPR apply to the right to information and the right of cancellation. In addition, there is a right of appeal to a competent data supervisory authority (Article 77 GDPR).

Changes to the Privacy & Cookies Policy

We reserve the right, at our sole discretion, to amend this Privacy & Cookies Policy or impose new clauses, at any time. If we do so, an updated version will be communicated to clients and made available in the solution. The new Privacy & Cookies Policy will be effective immediately upon being published on the company’s website and made available to clients.

Contact Information

In charge of data processing in the products provided by TRAXESS is Traxess AG. User can contact the TRAXESS data protection officer:

by sending a letter to Traxess AG, Gartenstrasse 25, 8002 Zurich, Switzerland.
by sending an email to info@traxess.ch.
by calling the phone number +41 43 505 13 31.

Privacy & Cookie Policy

This Privacy & Cookie Policy was last updated on 23 October 2023.

1. Introduction

2. Terms & Definitions

Application – Mobile App (SPOTAP and SOS Travel Security App), Web User Interfaces

Products – Traxess Sentinel Travel Security Solutions, Traxess Data Solutions, Traxess Travel Security App SPOTAP, Traxess E-Learning Solutions, Traxess Editorial Systems.

Third Parties – any natural or legal person or entity other than Traxess AG;

Website – the website available at www.traxess.ch

3. Information We Collect

The purpose of collecting and processing personal data by Traxess AG is to:

provide pre- and on-trip travel and security information;

send alert information that might affect travellers;

monitor and locate travellers in case of a security incident;

have data available for initiating a crisis intervention to ensure traveller’s safety;

have access to information required for IT end user support ;

manage system access to products and services;

detect and prevent illegal activities in the software.

Traxess AG strictly utilises data solely in cases where it is legally permitted, abstaining from its use for advertising, market research, or opinion-gathering purposes.

We may collect several types of personal information from the users of our Products, and store it on your mobile device and/or our server, such as:

Personal profile information, including your name, postal address, email address, and mobile or other telephone numbers.

Information about your device, including the IP address of the device (anonymised), internet service provider, operating system, browser type, language preference, and mobile phone identification code.

Precise location information obtained through your IP address, WiFi, and GPS coordinates made available through your device.

Information from third parties, such as travel agencies.

Web behaviour information, such as information related to how the users use the Products (e.g. browser type, domains, page views) collected through cookies and other automated technology.

How We Collect Information

Data transfer to third parties

Data Security

Historical Data Storage

Any user data that is processed and stored on our servers is encrypted. The data storage depends on the service contracted by clients. By default, Traxess AG applies the following standard that might change upon client request. The default standard applies to the following:

TRAXESS Travel Security Solution / TRAXESS SENTINEL

The full data history of users is stored for three months.

Anonymised data history without private user information (without name, email, and phone number) is stored for one year.

TRAXESS Data Solutions

The full data history of users is stored for six months.

Anonymised data history without private user information (without name, email, and phone number) is stored for one years.

After a contract with a corporate client has expired, all data is removed from Traxess AG’s servers within one month.

Cookies

Use of Google Analytics or other analytics tools

The TRAXESS Software Solutions system, which utilizes Google Maps, actively blocks any third-party tools designed to capture data for user profiling. Consequently, no personal data from users accessing the system is transferred to third parties.

Use of Social Media Plug-ins

Links to Other Websites

The TRAXESS Travel Security Solution and the Traxess Security App SPOTAP contains hyperlinks to websites of third parties which are not operated or controlled by Traxess AG. Traxess AG is not responsible for its content or data protection practices.

Information, correction, deletion and objection

Users have the rights regarding their personal data:

the right of access under Article 15 GDPR,

the right to correction under Article 16 GDPR,

the right to cancellation under Article 17 GDPR,

the right to restrict processing under Article 18 GDPR,

the right to data transfer from Article 20 GDPR, and

the right of objection under Article 21 GDPR.

Changes to the Privacy & Cookies Policy

Contact Information

In charge of data processing in the products provided by TRAXESS is Traxess AG. User can contact the TRAXESS data protection officer:

by sending a letter to Traxess AG, Gartenstrasse 25, 8002 Zurich, Switzerland.

by sending an email to info@traxess.ch.

by calling the phone number +41 43 505 13 31.