Privacy policy

Last Updated: May 15, 2018

Thanks for using Smoolis or visiting one of our websites. When we talk about "Smoolis," "we," "our," or "us" in this policy, we are referring to "Smoolis GmbH", the company which provides the Services. When we talk about the "Services" in this policy, we are referring to our platform.

Whenever you use our Services via a web browser specific to your desktop or mobile device, you are bound by the applicable Privacy Policy; therefore, you should carefully read this text whenever you use our platform and make sure you accept it. If you don't agree with these terms you may not access or use our Service.

At Smoolis we pay special attention to security and respect the privacy and confidentiality of the users' personal data. That is why we have invested time and resources to fully comply with the applicable national (Swiss Data Protection Act - DPA), European and international legal framework, and the European Union's General Data Protection Regulation 679/2016.

1. Introduction

1.1.
Protection of Privacy. This Privacy Policy explains how and why Smoolis collects, processes, discloses and protects the incoming information when you visit one of our websites, or when you use our Services.
1.2.Implementation of the Privacy Policy. The Privacy Policy applies to all natural persons from whom or for the benefit of whom we receive information.

2. Data controller

The Personal Data controller is the Swiss Limited Liability Company under the name "Smoolis GmbH", based in Zürich, c/o The Hub Zürich Association, Sihlquai 131, Postcode 8005, in Switzerland and is legally represented, VAT ID: CHE-114.678.574 MWST, email: privacy@smoolis.com, and is active in development, provision of services, distribution and trading of IT and data processing solutions and distribution of products in the fields of design, engineering and communication.

3. Personal Data

3.1. Concept

3.1.1.
The term "personal data" means any information related to an identified or identifiable natural person. The identifiable natural person is a person whose identity can be identified directly or indirectly, in particular by reference to an identifier such as name, address, location data, or an online identity identifier such as an Internet Protocol (IP) address.
3.1.2.
Personal information does not include any information that, by itself, cannot recognize you as a particular person or entity (e.g., anonymized information) or data collected for statistical purposes.

3.2. Processing

3.2.1.
The personal data you may enter anywhere on our platform are subject to processing and are stored in a file under the responsibility of the controller mentioned above, only for reasons relating to:
a. the development, execution, implementation and dissemination of the Smoolis platform,
b. your account management and processing of your requests,
c. the provision, with your consent, of information regarding the Smoolis platform. Such a provision of information includes email messages, and
d. in general, the improvement of the services we provide. Your personal data are not allowed to be used by any third party, except as provided by the law and this Policy.
3.2.2.
We collect and process information that is considered purely personal data, as well as other information that is not considered as such. Information that cannot identify you as a specific person can be used without restrictions.
3.2.3.
Our platform does not collect or process sensitive personal data, namely, data related to a user's health, sex life, sexual orientation, genetic or biometric data, or data revealing one's racial or ethnic origin, political opinions, religious or philosophical beliefs or membership in a trade union.
3.2.4.
When you create an account and sign up on our platform, we collect the information you provide us, including your first name, your last name, a valid email address (username), a password and a Smoolis subdomain name for using the Services (e.g. subdomainname.smoolis.com). After completing our registration form, you will receive a welcome email describing your new Smoolis account and how to access that account. You're able to opt-out from this trial notification-process by closing your trial account. The notification process will be stopped automatically after the trial phase of fourteen (14) days.
3.2.5.
If you choose to continue our Service with a paid account, we will acquire the following personally identifiable information from you: credit card number, credit card expiration date, cardholder name and security code (CVV/CVV2/CVC2). This information is used to verify credit card authenticity, and process payments as per your applicable service agreement. If we are unable to process your subscription for a given month, this information, along with your account information, may be used to contact you.
3.2.6.
When you send us emails or other communications, such as customer support inquiries, we maintain those communications and their contents so that we can resolve your inquiries or otherwise assist you.
3.2.7.
User Content. When you use our Services, we store, process and transmit your User Content (such as your photos) and information related to your User Content. We process and store such files and information in order to provide our Services, as described in our Terms of Service.
3.2.8.
Location Information. Your devices (depending on your settings) may transmit location information to our third-party service providers. We only store and process information related to your country.
3.2.9.
If not required by law, we will not obtain your consent before collecting your personal data from third parties. Instead, it will be deemed that you have previously given such consent to any third party from whom our platform receives such information.
3.2.10.
Third Party Account Information. If you use Third Party Services, such as social media or photo-sharing services, you may provide us with your Third Party Services account information, such as your username (note that we don't store any passwords you use to access Third Party Services). We transmit, and may store, such account information, only as needed to provide our Services, and only in accordance with the terms and policies of the Third Party Services.
3.2.11.
If you wish so, we may use the personal data you provide when signing up and using our platform to inform you by email about services that may be of interest, new product features, promotional communications, newsletters and other announcements.
3.2.12.
Administrative access to your Smoolis website. Please be aware that Smoolis team members are also authorized in specific situations to access the administrative section of your Smoolis website when fulfilling customer service requests and tracking errors. This necessarily grants them the possibility to view all parts of your Smoolis website, including all password-protected areas. All members of our team are regularly trained in privacy and data protection sensibility and confidentiality.
3.2.13.
We make reasonable efforts to maintain your personal data, in accordance with the terms of this Privacy Policy and the Terms of Service.

3.3. Sharing

3.3.1.
We do not share, disclose or sell your personal data to other companies, third party controllers, information centers, credit institutions or other third-party service providers, except as described in this Privacy Policy and the Terms of Service.
3.3.2.
We may provide personal data to other persons in cases where:
a. you have provided your explicit consent by clicking on the checkbox "I accept";
b. this is required by law, court order or at the request of any other competent governmental, judicial, police, administrative or regulatory authority, upon legal request and in accordance with the relevant laws,
c. this is necessary to protect our rights,
d. the platform is used in a manner that violates the Terms of Service or for purposes other than those for which it was intended specifically or
e. the terms of this Privacy Policy and/or Terms of Service allow and/or require such a disclosure.
3.3.3.
Third party services. In order to perform, improve, promote and protect our Services, it may be necessary for us to employ the use of third party services. These third parties may access, process or store your information to perform tasks only for the purposes we've authorized, and we require them to provide at least the same level of protection for your information as described in this Privacy Policy. In that case data may be shared with:
3.3.3.1.
Zendesk: Should you have questions or queries, you can contact us at any time via our contact form. We save your message in our ticket system (Zendesk) in order to process your request and to improve our service. Zendesk's privacy policy can be found here.
3.3.3.2.
Mailchimp: In order to send technical emails or newsletters we use the mail services provided by Mailchimp. You can remove your consent via "unsubscribing" from the newsletter. An "unsubscribe" link can be found in every newsletter-mailing. Mailchimp's privacy policy can be found here.
3.3.3.3.
Amazon: When you use our Services, we store, process and transmit your content to the cloud services of Amazon S3 (whose servers are located in Ireland). Amazon's privacy policy can be found here. In order to send order confirmations and contact form notifications through your website we use the service provider Amazon SES.
3.3.3.4.
Stripe: When you initially provide or update your payment information, we transmit it via an encrypted connection to our payment processor, Stripe. Stripe provides us with some limited information related to you, such as your card's type, expiration date, and last four digits. Stripe uses and processes your payment information in accordance with Stripe's privacy policy.
3.3.3.5.
Third Parties You Authorize: You can give third parties access to your and your End Users' information on the Services. The third party's use of this information will be governed by the terms and privacy policies of the third party.

3.4. Purposes

The personal information we collect will be only used for the defined, explicit, and legitimate purposes explained to you and will not be further processed in a manner incompatible with those purposes. Moreover, we limit the collection to only those information that is appropriate, relevant and necessary for the purposes explained to you.

3.5. Period of maintenance

3.5.1.
We keep personal data and other information until the termination of the user's account or as long as it is necessary to answer any questions and solve problems arising from your relation therewith, with the exception of payment data. Due to tax regulations we are obliged to save billing information for a period of ten (10) years.
3.5.2.
When we no longer require your personal information, we will destroy, delete or anonymize the information without prior notice to you.
3.5.3.
We can delete information and content of your account without sending notice to you. The same holds true, when your account is terminated.

4. End User information

4.1.1.
Collection, use and storage of end user information. You may use our Services to create or publish your website, and your website may have end users. We may collect, use, store or delete all submitted information from your end users, on your behalf and at your direction, and we treat such information in accordance with this Privacy Policy. We do this in order to enable you to use our Services, and to provide, improve and protect our Services. For example, during checkout you may ask your end users to provide name, address, email address and payment information so that you can complete their orders. We never use or delete your end users' information.
4.1.2.
Your relationship with end users. You can collect, use or delete your end users' information at any time. However, you're solely responsible for complying with any laws and regulations that apply to your end users' information, including without limitation the posting of your own Privacy Policy. We're not liable for your relationship with your end users, and we won't provide you with any legal advice regarding such matters.
4.1.3.
End user payment information. Your end users' payment information may be processed via third party e-commerce payment processors which you integrate into your account, in accordance with such e-commerce payment processors' terms and policies. We transmit your end users' complete payment information when they initially provide, only so that we can pass it along to the e-commerce payment processors you agree to use. We don't collect or store your end users' payment information.

5. Security

5.1.
Our platform addresses the issue of protecting your anonymity and personal information very seriously. We protect your personal data and, in general, the information we receive about you, and we guarantee their confidentiality, integrity and availability using appropriate security measures, according to the most up-to-date and advanced technological methods. These measures include technical and procedural steps to protect your data from misuse, unauthorized access or disclosure, loss, alteration or destruction.
5.2.
To prevent unauthorized access and transmissions, promote data security, and encourage appropriate use of information, we and our service providers use a variety of tools (encryption technologies, passwords, physical and electronic security, procedural safeguards) to assist in the protection of your information. However, "perfect security" does not exist on the internet or through data transmissions, so we make no guarantees. Third parties may unlawfully intercept or access transmissions or private communications and you should not expect that your personal information will remain private.
5.3.
For the HTTPS encryption (TLS) of our website and your Smoolis website we use the free service (Let's Encrypt). Via the integration of encryption certificates Smoolis can provide a so-called transport encryption that protects the communication to a Smoolis site from unwarranted access of unauthorized third parties.
5.4.
Our platform supports security protocols (SSLs) and encryption mechanisms (HTTPS protocol) that allow secure data transmission to the network. It also uses mechanisms for access control, SQL injection, Cross-site scripting (XSS) vulnerabilities, and session hijacking security mechanisms to effectively protect data and minimize risks. We employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network (so that if one server goes down, another can cover for it) and testing for and protecting against network vulnerabilities. Payment information is transmitted using HTTPS encryption, and we maintain a PCI DSS Compliance.
5.5.
Your personal data is stored on an encrypted server (Amazon S3) and can only be accessed by the employees authorized by the company "Smoolis GmbH", and only when this is necessary, e.g. to handle your requests. We manage access to AWS services and resources securely with AWS Identity and Access Management (IAM).
5.6.
For your own safety, you should also treat all information provided on our platform as confidential and private and not disclose it to third parties. Where you have selected an access code that allows you to access some options of our platform, you are solely responsible for keeping this access code. If the access code is stolen or misused, it is your sole responsibility to notify us immediately. Additionally, it is your responsibility to limit access to your computer and browser by signing off after you have finished accessing your account.

6. Cookies

6.1.
We use cookies to collect information, only for the purposes listed in this policy.
6.2.
What are cookies? Cookies are pieces of information in the form of very short alphanumeric text, stored on your computer with your own approval, and they help the more efficient operation of our platform. Cookies in no way cause harm to the user's computers or the files kept on them.
6.3.
What cookies do we use and why?
  • Some cookies are necessary to improve and customize our Services and your experience; to allow you to access and use the Services without re-entering your username or password; to understand usage of our Services. The use of these cookies is essential for the website to work, and we do not use these cookies to collect personal information about you.
  • We also use functional cookies to remember choices you've made on information you've provided, such as your language. This allows us to tailor your website experience specifically to your preferences.
  • We use performance cookies to collect information about how you interact with our website. These cookies only gather information for statistical purposes and do not gather any information that can personally identify you. However, because these cookies are not strictly necessary for the use of our website, we require your consent to use them. The performance cookies we use include:
    • First party analytics cookies to estimate the number of unique visitors and to improve our website.
    • For statistical purposes we use Google Analytics cookies to help us understand how visitors arrive at and browse our website to identify areas for improvement such as navigation, user experience, and marketing campaigns. The data collected is processed in a nonpersonally-identifying form (anonymizeIp - IP Anonymization). Google Inc. discloses this information only to third parties to the extent required by law. To opt-out of Google Analytics visit Google Analytics Opt-out Browser Add-on.
You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

Cookie Name

Publisher

Purpose

More Information

_ga

Google
Analytics

Analytical/Performance

Google Analytics

_gat

Google
Analytics

Analytical/Performance

Google Analytics

_gid

Google
Analytics

Analytical/Performance

Google Analytics

cookie_consent

Smoolis

Strictly
necessary/Functionality

Stores a flag when the user has accepted the cookie policy banner

JSESSIONID

Smoolis

Strictly
necessary/Functionality

Stores a flag when there is currently a user logged in

__stripe_mid

Stripe

Strictly
necessary/Functionality

Stripe

__stripe_sid

Stripe

Strictly
necessary/Functionality

Stripe
6.4.
How can you opt-out? To opt-out of our use of cookies, you can instruct your browser, by changing the relevant options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. Please note that you will be unable to use certain features on our website if cookies are disabled.
6.5.
For safe browsing on our platform, Smoolis complies with the European Directive 2002/58/EC on the processing of personal data and the protection of privacy in the electronic communications sector, as amended by Directive 2009/136/EC.
6.6.
Your prior consent is necessary to use cookies. An exception to this rule will be only cookies that serve our platform's operational needs (operational cookies) and are necessary for its display and efficient operation. By accepting the Terms of Service of our platform and this Privacy Policy it is deemed that you have consented to the use of cookies, as above.

7. Consent

7.1.
We can receive personal information about you from various sources or by different methods. The way of consent may vary depending on each source or method.
7.2.
We assume that by using our services and/or accessing thereto you have read the Terms of Service and the Privacy Policy. Moreover, by providing the information, whether personal or not, you declare it to be true and accurate and have explicitly given your consent to be disclosed and processed for the purposes stated, by clicking on the relevant checkbox "I accept", unless you update our platform that you explicitly no longer wish your information to be used. Your consent to this access/disclosure includes those cases where for the effective service provision, providers are likely to be established in the United States of America or other countries or regions outside the European Economic Area.
7.3.
In the event that you transmit third party personal data, you are responsible for informing that party about the use of his or her data and for obtaining his or her explicit consent that such information is given for the purposes explained above. In any case, the Privacy Policy applies to any information gathered from a third party.
7.4.
You can revoke your consent at any time by sending an email to privacy@smoolis.com, without prejudice to the legitimacy of the consent-based processing prior to its revocation. Your data is then deleted, or provided that it is necessary for billing and accounting purposes, blocked accordingly.

8. Access to personal data

8.1.
To modify the personal information you have provided to us, simply log into the Services and update your profile. We may retain certain information as required by law or for necessary business purposes.
8.2.
You are entitled to receive from us a confirmation of whether or not your personal data is being processed and, if so, you have the right to access your personal data, as well as
a. the purposes of the processing;
b. the relevant categories of personal data, recipients or any types of recipients to whom personal data have been or will be disclosed;
c. where possible, the period during which personal data will be stored;
d. the existence of a right to request us to correct or delete personal data or to restrict the processing of personal data or the right to object to such processing;
e. the right to submit complaint to a supervisory authority;
f. when personal data are not collected by you, any available information about their origin;
g. the existence of automated decision-making, including profile making and important information about the philosophy followed, as well as the importance and predicted consequences of such processing for you.
8.3.
You can ask us to provide to you a copy of your processed personal data. For additional copies that may be required, a fee of twenty (20) USD is required.
8.4.
Any request for access to information should be addressed to the person in charge of processing your personal data at privacy@smoolis.com.
8.5.
We will respond within one (1) month.

9. Rights of correction, deletion, limitation, portability and objection

9.1.
We are committed to ensure that your personal data is kept confidential and to ensure that you exercise your rights of access, correction, deletion, restriction, portability and objection by sending an email to privacy@smoolis.com. If necessary, we will ask you to provide us with a photocopy of your identity card, passport or other valid documentary evidence.
9.2.
Right of correction. The user is entitled to require us without undue delay to correct inaccurate personal data. Having regard to the purposes of the processing, the user is entitled to require the completion of incomplete personal data, including among others through a supplementary statement.
9.3.
Right of deletion. The user is entitled to ask us to delete personal data if:
a. the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed,
b. the user has revoked the consent on which the processing is based and there is no other legal basis for the processing,
c. the user objects to the processing,
d. the personal data have been processed illegally,
e. data must be deleted so that the controller's legal obligation is respected; and
f. personal data has been collected in connection with the provision of services in the information society. Requests for deletion of personal data are processed within one (1) month. In the event that personal data is disclosed, we, taking into account the available technology and implementation costs, shall take reasonable steps, including technical measures, to inform third parties processing such data that the platform's user has requested the deletion of any links to such data or copies or replications of personal data. Please note that there may be latency in deleting your personal information from our servers and backup storage, and we may retain your personal information in order to comply with the law, protect our rights, resolve disputes or enforce our agreements.
9.4.
You have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the General Data Protection Regulation (EU) 2016/679 (GDPR).

10. Disclaimer on Third-Party Websites

10.1.
Links to third-party websites. When you visit our site, you may be forwarded to third-party internet pages which are not under our control. These links are set up to make it easier for you to use the internet. Please be aware that we are not responsible for the privacy practices or content of such other sites and expressly disclaim any liability for any loss or damage that may be caused by the use of such links. We encourage you to be aware when you leave our site and to read the privacy statements of each and every website that collects personally identifiable information.
10.2.
Social media platforms and widgets. We also maintain presences on social media platforms including Facebook, Twitter, Pinterest, and Instagram. Any information, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those features and platforms are governed by the privacy policies of the companies that provide them.
10.3.
We encourage you to be aware when you leave our site and to read the privacy statements of each and every website that collects personal data.

11. Customer Obligations

11.1.
By using our platform, you agree to use any information about any other user in a manner consistent with the "Terms of Service" and the "Privacy Policy".
11.2.
The user of our platform guarantees that the provided information is correct and accurate and is committed to disclose any changes or modifications thereof. The user is the sole responsible for any loss or damage caused to our platform or to any third party responsible for the platform as a result of incorrect, inaccurate or incomplete information in the login fields.

12. Communications

12.1.
We may periodically email you to inform you about changes in our Services, our Services offerings (discounts), and important service-related announcements such as security and fraud notices. We'll also send you emails related to your transactions. These communications are considered part of the Services and you may not opt out of them.
12.2.
We may also send you at regular intervals marketing or promotional communications. Such messages are sent only if you subscribe to them and for as long as you wish. You can opt out of receiving subsequent marketing or promotional communications by clicking the link marked unsubscribe (or a similar phrasing) that's included in those communications.
12.3.
We use third party service providers to assist us in managing and administering communications and emails sent to us through the website and through some Smoolis managed sites. Any personal information disclosed through such communications will be governed by such third-party vendors privacy policy.

13. Additional information

13.1.
When you post content on our platform or under your Smoolis account, this may include your personal data. You are solely responsible for the information that you:
a. post online,
b. post via our platform or under your account and/or
c. share with another website where you log in from our platform. If you post personal information online that is accessible to the public, you may receive unsolicited messages from other parties or other unwanted and potentially harmful contacts. We warn you to be careful when posting information that is accessible to the public.
13.2.
Blog. We have a public blog on our Website. Any information you include in a comment on our blog may be read, collected, and used by anyone. If your Personal Information appears on our blogs and you want it removed, contact us at privacy@smoolis.com.

14. Changes to the Privacy Policy

14.1.
We reserve the right to revise or modify this "Privacy Policy", the "Terms of Service" and other policies and agreements at any time and in any way.
14.2.
We will notify you of such changes by posting the revised policies on its homepage and
a. will notify you through the Smoolis admin area, or
b. send you an email to the address you provided when creating your account.
14.3.
It is your responsibility to read the "Terms" and the "Privacy Policy" at regular intervals, since the Terms and Privacy Policy in force at the time you use our platform are applicable.

15. Final provisions

We respect and esteem the users of our platform and their privacy. Therefore, we want to hear from you, if you have any questions, comments or complaints about our privacy practices, or if you want to update, delete, or change any personal information we hold. You can email us at privacy@smoolis.com or mail us to "Smoolis GmbH, c/o The Hub Zürich Association, Sihlquai 131, 8005 Zürich, Switzerland".

This website uses cookies to ensure you get the best experience on our website.

More info