WE TREAT YOUR DATA WITH CARE

1Who we are?
We are Beyondlegal GmbH, a strategy consulting and legal design company, located at Brandschenkestrasse 90 in 8002 Zurich, Switzerland. We develop and maintain a social media application that allows people to connect with each other and includes messaging, data sharing and other interactive content (App).

Why do we collect and process data?

1• General
We use the data to provide you with the content you wish to access and consume on the App, to provide other services, to carry out administrative or operational processes, monitor and analyze our business or to improve our services. If you or the organization for which you are acting fails to provide personal data that we require when requested, we may not be able to provide or continue to provide our services.
2• In particular
- operate, maintain and improve our services; - give you access to the App or restrict your access and to fulfill other contractual duties and rights agreed upon with you; - personalize our services or content; - allow you to manage your profile, update your profile and subscribe to services; - communicate with you about our services (product changes, feature updates, etc.) and content; - provide technical support or customer service; - maintain and develop our business relationship with you; - deliver advertising for our services that may be relevant to your interests; - pursue certain business development initiatives; - send you marketing communications; - detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity; - research technological development; - identify and repair errors that impair existing intended functionality; - audit interactions, transactions, and other compliance activities; protect the integrity, safety or security of our services, you or our business partners; - comply with applicable legal or regulatory obligations or enforce compliance with our Collaboration Rules, Privacy Policy or other restrictions placed on your use of our services; - evaluate your eligibility for an open job position with us that you apply to; - to the extent it is not possible to use anonymized, encrypted, coded or aggregated personal data to develop and test our services.
3• How we care
• We store and process personal data in accordance with applicable data protection laws. We do not sell or otherwise commercially exploit the personal data that is provided to us or collected by us during the course of our business.
1How do we protect data?
We have implemented appropriate security measures to hold your personal data securely in electronic and physical form, to protect it from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss.

What data do we collect and process?

1• General
We collect personal data that you provide to us directly or that is publicly available. We also receive or collect further personal data from third parties such as your organization or other organizations you deal with, regulators, government agencies and courts. In the course of our business activities, we collect and process personal data of our suppliers and other business partners, related persons and other persons as well as their respective employees and representatives.
2• When you register for the App or edit your profile
We will collect your name, e-mail address, your function, your location, your interests and any other data you provide or you shared with Google or Facebook to use their services, such as your full name, contact details, your profile picture, internet protocol (IP) address, age, date of birth, gender, nationality and interests.
3• When you post, share or otherwise transmit messages on the App
We may collect these messages and they may be monitored, filtered and moderated for purposes such as removal of profanity, personal information and other inappropriate conversations. We may use pre-filtered chat and messages for purposes such as training and improving our filter technology.
4• When you subscribe for our services and render payments
When making payments, you may be required to enter billing information, including your full name, e-mail address, billing address and credit card or other payment information. We and third-party payment service providers designated by us may collect your billing information, transaction details and purchase history may also be retained and used by our payment processors to resolve subsequent billing disputes and inquiries.
5• When you contact us
When you contact our support, report a problem or submit questions, concerns or comments regarding our services or the content, we may collect contact information such as your full name, e-mail address, internet protocol (IP) address and content-related information about your inquiry. We only use this information to respond to your inquiry and to provide customer support to you.
6• When you use or interact with third-party plug-ins
When you use such third-party plug-ins (e.g., social media plugins from Google, Facebook, Instagram, Twitter, LinkedIn, or other platforms) that may be available on the App, certain information from your social media accounts may be accessed by or shared with us, and likewise, certain information about your use of our App may be posted to your profile on those third-party platforms. The use of such third-party plug-ins may be subject to the terms of use, privacy policies and other regulations of those third parties.

How do we share data?

1• Authorized third-party vendors and service providers
We may share your personal data with third-party vendors and service providers who support us and the provision of our services. This can include technical and other infrastructure service providers, business analytics, accounting and payroll services and other services that require processing of your personal data.
2• Affiliates
We may share your personal data with entities affiliated with Beyondlegal as necessary or useful to fulfil our contractual and legal obligations.
3• Legal and safety purposes
If necessary to do so because we are required by law or in connection with legal proceedings, in order to exercise or defend legal rights, to respond to subpoenas, court orders, law enforcement requests or government inquiries and to protect and defend the rights, interests, safety, and security of you, our services, affiliates, content providers or the public.
4• Business transfers
We may share your personal data in connection with a substantial corporate transaction (including for a due diligence review by a potential buyer prior to any such transaction), such as the sale of the shares in Beyondlegal or a substantial part of Beyondlegal`s assets, a merger, consolidation or event of bankruptcy.
5• With your consent
Where we have no other legal justification to do so, we share your personal data for any other purposes disclosed to you at the time at which we collect your personal data and obtain your consent.
6• International transfers
For international transfers of your personal data, we rely on the Swiss Federal Data Protection and Information Commissioner's assessment on the adequacy of the data protection level in foreign countries and the European Commission's adequacy decisions (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en; https://www.newsd.admin.ch/newsd/message/attachments/62783.pdf). In case of a transfer from Switzerland to countries without an adequate level of data protection, such as, in particular, the USA, we use the standard contractual clauses approved by the European Commission (EU Model Clauses) and supplemented, to the extent required, to comply with recent EU case law or provide for other appropriate safeguards.

How long do we keep data?

1• Generally
We generally retain your personal data until it is no longer necessary to serve the purposes for which it was collected, e.g., for the duration of our business relationship, for the period required to comply with statutory or regulatory retention duties, or for as long as we have a legitimate interest in retaining the personal data unless such interest is overridden by your interests or fundamental rights or freedoms that require protection of personal data. This is a case-by-case determination that depends on factors such as the categories of the personal data, nature of the personal data, why it is collected and processed, and relevant legal or operational retention needs. In certain circumstances, we may need to retain your personal data for a longer period of time, for example, in the context of an on-going or potential litigation or as required by supervisory authorities or law. Your personal data will not be kept for more than ten (10) years from the end of the year of dissolution of Beyondlegal, unless specifically required by law.
2• In certain circumstances
In certain circumstances, we may need to retain your personal data for a longer period of time, for example, in the context of an on-going or potential litigation or as required by supervisory authorities or law. Your personal data will not be kept for more than ten (10) years from the end of the year of dissolution of Beyondlegal, unless specifically required by law.

What are your rights?

1• Access
you can ask us whether we process your personal data, and if so, how we do so
2• Rectification
if you consider that the personal data which we process relating to you is false, you can ask us to rectify it;
3• Objection
If we rely on our or a third party's legitimate interest to process your personal data, and you consider your interest in us not doing so weighs more heavily, you can object to our processing. You can also object to our processing of your personal data for direct marketing
4• Erasure
If you consider that we process your personal data without legal justification or the data was collected when you were still a minor, you can ask us to erase your personal data;
5• Restriction
If it is unclear whether there is a legal justification for the processing of your personal data (for instance, after you have objected to such processing), you can ask us to restrict the processing while the situation remains unclear
6• Data Portability
insofar as the processing of your personal data is based on a contractual necessity or on your consent, you can ask us to provide you with your data in a structured, commonly used and machine-readably format
7• Withdraw Consent
Where we rely on your consent to process personal data for a specific purpose, you can withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so. Please note, however, that your withdrawal does not invalidate the lawfulness of our processing of your personal data prior to your withdrawal.
8• Exercising these rights
If you would like to exercise these rights, please contact us in writing by email to contact@beyondlegal.ch. We will evaluate your request and provide you with an answer. Please note that we may refuse or limit these rights in accordance with applicable data protection law. In particular, to exercise your right to erasure, you also have the option to permanently delete your account and all your personal data stored on our App, subject to our mandatory legal retention obligations. We will, however, retain backup copies which include, among others, your personal data for a certain period of time in accordance with our general retention policy. You will not, in general, have to pay a fee to exercise any of your individual rights. However, we may charge a fee for access to your personal data if the relevant data protection legislation allows us to do so, in which case we will inform you as required by the law. If you feel we have not handled your query or concern to your satisfaction you also have the right to lodge a complaint with or notify your local supervisory authority. In Switzerland, the local supervisory authority is the Swiss Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
1Changes
We may amend this Privacy Policy from time to time to ensure that you are fully informed about all processing activities and our compliance with applicable data protection legislation. We may provide you with additional privacy notices where we believe that it is appropriate to do so. Those additional notices supplement and should be read together with this Privacy Policy.

WE TREAT YOUR DATA WITH CARE

1Who we are?
We are Beyondlegal GmbH, a strategy consulting and legal design company, located at Brandschenkestrasse 90 in 8002 Zurich, Switzerland. We develop and maintain a social media application that allows people to connect with each other and includes messaging, data sharing and other interactive content (App).

Why do we collect and process data?

1• General
We use the data to provide you with the content you wish to access and consume on the App, to provide other services, to carry out administrative or operational processes, monitor and analyze our business or to improve our services. If you or the organization for which you are acting fails to provide personal data that we require when requested, we may not be able to provide or continue to provide our services.
2• In particular
- operate, maintain and improve our services; - give you access to the App or restrict your access and to fulfill other contractual duties and rights agreed upon with you; - personalize our services or content; - allow you to manage your profile, update your profile and subscribe to services; - communicate with you about our services (product changes, feature updates, etc.) and content; - provide technical support or customer service; - maintain and develop our business relationship with you; - deliver advertising for our services that may be relevant to your interests; - pursue certain business development initiatives; - send you marketing communications; - detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity; - research technological development; - identify and repair errors that impair existing intended functionality; - audit interactions, transactions, and other compliance activities; protect the integrity, safety or security of our services, you or our business partners; - comply with applicable legal or regulatory obligations or enforce compliance with our Collaboration Rules, Privacy Policy or other restrictions placed on your use of our services; - evaluate your eligibility for an open job position with us that you apply to; - to the extent it is not possible to use anonymized, encrypted, coded or aggregated personal data to develop and test our services.
3• How we care
We store and process personal data in accordance with applicable data protection laws. We do not sell or otherwise commercially exploit the personal data that is provided to us or collected by us during the course of our business.
1How do we protect data?
We have implemented appropriate security measures to hold your personal data securely in electronic and physical form, to protect it from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss.

What data do we collect and process?

1• General
We collect personal data that you provide to us directly or that is publicly available. We also receive or collect further personal data from third parties such as your organization or other organizations you deal with, regulators, government agencies and courts. In the course of our business activities, we collect and process personal data of our suppliers and other business partners, related persons and other persons as well as their respective employees and representatives.
2• When you register for the App or edit your profile
We will collect your name, e-mail address, your function, your location, your interests and any other data you provide or you shared with Google or Facebook to use their services, such as your full name, contact details, your profile picture, internet protocol (IP) address, age, date of birth, gender, nationality and interests.
3• When you post, share or otherwise transmit messages on the App
We may collect these messages and they may be monitored, filtered and moderated for purposes such as removal of profanity, personal information and other inappropriate conversations. We may use pre-filtered chat and messages for purposes such as training and improving our filter technology.
4• When you subscribe for our services and render payments
When making payments, you may be required to enter billing information, including your full name, e-mail address, billing address and credit card or other payment information. We and third-party payment service providers designated by us may collect your billing information, transaction details and purchase history may also be retained and used by our payment processors to resolve subsequent billing disputes and inquiries.
5• When you contact us
When you contact our support, report a problem or submit questions, concerns or comments regarding our services or the content, we may collect contact information such as your full name, e-mail address, internet protocol (IP) address and content-related information about your inquiry. We only use this information to respond to your inquiry and to provide customer support to you.
6• When you use or interact with third-party plug-ins
When you use such third-party plug-ins (e.g., social media plugins from Google, Facebook, Instagram, Twitter, LinkedIn, or other platforms) that may be available on the App, certain information from your social media accounts may be accessed by or shared with us, and likewise, certain information about your use of our App may be posted to your profile on those third-party platforms. The use of such third-party plug-ins may be subject to the terms of use, privacy policies and other regulations of those third parties.

How do we share data?

1• Authorized third-party vendors and service providers
We may share your personal data with third-party vendors and service providers who support us and the provision of our services. This can include technical and other infrastructure service providers, business analytics, accounting and payroll services and other services that require processing of your personal data.
2• Affiliates
We may share your personal data with entities affiliated with Beyondlegal as necessary or useful to fulfil our contractual and legal obligations.
3• Legal and safety purposes
If necessary to do so because we are required by law or in connection with legal proceedings, in order to exercise or defend legal rights, to respond to subpoenas, court orders, law enforcement requests or government inquiries and to protect and defend the rights, interests, safety, and security of you, our services, affiliates, content providers or the public.
4• Business transfers
We may share your personal data in connection with a substantial corporate transaction (including for a due diligence review by a potential buyer prior to any such transaction), such as the sale of the shares in Beyondlegal or a substantial part of Beyondlegal`s assets, a merger, consolidation or event of bankruptcy.
5• With your consent
Where we have no other legal justification to do so, we share your personal data for any other purposes disclosed to you at the time at which we collect your personal data and obtain your consent.
6• International transfers
For international transfers of your personal data, we rely on the Swiss Federal Data Protection and Information Commissioner's assessment on the adequacy of the data protection level in foreign countries and the European Commission's adequacy decisions (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en; https://www.newsd.admin.ch/newsd/message/attachments/62783.pdf). In case of a transfer from Switzerland to countries without an adequate level of data protection, such as, in particular, the USA, we use the standard contractual clauses approved by the European Commission (EU Model Clauses) and supplemented, to the extent required, to comply with recent EU case law or provide for other appropriate safeguards.

How long do we keep data?

1• Generally
We generally retain your personal data until it is no longer necessary to serve the purposes for which it was collected, e.g., for the duration of our business relationship, for the period required to comply with statutory or regulatory retention duties, or for as long as we have a legitimate interest in retaining the personal data unless such interest is overridden by your interests or fundamental rights or freedoms that require protection of personal data. This is a case-by-case determination that depends on factors such as the categories of the personal data, nature of the personal data, why it is collected and processed, and relevant legal or operational retention needs. In certain circumstances, we may need to retain your personal data for a longer period of time, for example, in the context of an on-going or potential litigation or as required by supervisory authorities or law. Your personal data will not be kept for more than ten (10) years from the end of the year of dissolution of Beyondlegal, unless specifically required by law.
2• In certain circumstances
In certain circumstances, we may need to retain your personal data for a longer period of time, for example, in the context of an on-going or potential litigation or as required by supervisory authorities or law. Your personal data will not be kept for more than ten (10) years from the end of the year of dissolution of Beyondlegal, unless specifically required by law.

What are your rights?

1• Access
you can ask us whether we process your personal data, and if so, how we do so
2• Rectification
if you consider that the personal data which we process relating to you is false, you can ask us to rectify it;
3• Objection
If we rely on our or a third party's legitimate interest to process your personal data, and you consider your interest in us not doing so weighs more heavily, you can object to our processing. You can also object to our processing of your personal data for direct marketing
4• Erasure
If you consider that we process your personal data without legal justification or the data was collected when you were still a minor, you can ask us to erase your personal data;
5• Restriction
If it is unclear whether there is a legal justification for the processing of your personal data (for instance, after you have objected to such processing), you can ask us to restrict the processing while the situation remains unclear
6• Data Portability
insofar as the processing of your personal data is based on a contractual necessity or on your consent, you can ask us to provide you with your data in a structured, commonly used and machine-readably format
7• Withdraw Consent
Where we rely on your consent to process personal data for a specific purpose, you can withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so. Please note, however, that your withdrawal does not invalidate the lawfulness of our processing of your personal data prior to your withdrawal.
8• Exercising these rights
If you would like to exercise these rights, please contact us in writing by email to contact@beyondlegal.ch. We will evaluate your request and provide you with an answer. Please note that we may refuse or limit these rights in accordance with applicable data protection law. In particular, to exercise your right to erasure, you also have the option to permanently delete your account and all your personal data stored on our App, subject to our mandatory legal retention obligations. We will, however, retain backup copies which include, among others, your personal data for a certain period of time in accordance with our general retention policy. You will not, in general, have to pay a fee to exercise any of your individual rights. However, we may charge a fee for access to your personal data if the relevant data protection legislation allows us to do so, in which case we will inform you as required by the law. If you feel we have not handled your query or concern to your satisfaction you also have the right to lodge a complaint with or notify your local supervisory authority. In Switzerland, the local supervisory authority is the Swiss Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
1Changes
We may amend this Privacy Policy from time to time to ensure that you are fully informed about all processing activities and our compliance with applicable data protection legislation. We may provide you with additional privacy notices where we believe that it is appropriate to do so. Those additional notices supplement and should be read together with this Privacy Policy.