Privacy Policy

The protection of your personal data and the protection of your privacy is important to us. You can expect us to handle your data sensitively and carefully and to ensure a high level of data security.

Naturally we comply with the provisions of the Swiss Federal Data Protection Act (FADP), the Ordinance on the Federal Data Protection Act (OFADP) and other applicable data protection provisions, in particular the EU General Data Protection Regulation (EU-GDPR).

In this  Privacy Policy, we inform you about the most important aspects of data processing within the scope of our website and our SUNNYCLOCK app “SUNNYCLOCK” as well as about your rights under data protection law.

1     Contacts

1.1     Name and Address of the Controller

The data controller responsible within the meaning of data protection law is the:

SUNNYCLOCK AG
Wassergass 9
8810 Horgen
Switzerland
E-Mail: ask@sunnylock.com
Website: www.sunnyclock.com

If you have any questions in connection with the data protection that we live by and for information regarding your rights as well as for their assertion, you can contact us at the contact options listed in section 1 of this Privacy Policy. We reserve the right to request your identification for the processing of enquiries in an appropriate manner.

1.2     Name and Address of the Data Protection Officer

The data protection officer of SUNNYCLOCK AG is:

Swiss Infosec AG
Centralstrasse 8A
6210 Sursee
Switzerland
E-Mail: dpo@infosec.ch
Website: www.infosec.ch

1.3     Name and Address of the Representative within the European Union

The EU representative of SUNNYCLOCK AG is:

Swiss Infosec (Deutschland) GmbH
Friedrichstrasse 123
10117 Berlin
Germany
E-Mail: sunnyclock.dataprivacy@swissinfosec.de

2     Collection and Processing of Personal Data

2.1     Visiting the Website / Using the SUNNYCLOCK App

When you visit our website or call up our services  on the SUNNYCLOCK app, our servers temporarily store the following data in a log file, the so-called server log files:

These data are processed for the purpose of enabling the use of our website or the service of the SUNNYCLOCK app (connection setup), ensuring system security and stability over the long term, optimising our offer and for internal statistical purposes. The legal basis for this are our legitimate interests.

These data will not be passed on to third parties or otherwise evaluated.

2.2     Contacting us

If you contact us by E-Mail or telephone, the following data provided by you will be processed for the purpose of processing your enquiry and handling it:

Basis for the processing of your personal data is our legitimate interest in the processing of your request. If the purpose of contacting us is to fulfil a contract of which you are a contracting party or to carry out pre-contractual measures, this is an additional basis for the processing of your personal data.

You can object to this data processing at any time. Please send your objection to the following E-Mail address: ask@sunnyclock.com. In such a case, your enquiry will not be processed further.

2.3     Provision of Contractual Services

We also process your data for the purpose of fulfilling our contractual and pre-contractual obligations, in particular in connection with the provision of our services related to the SUNNYCLOCK app. The personal data processed, the type, scope, purpose and necessity of their processing are determined by the underlying contractual relationship.

The personal data processed include:

We generally do not process special categories of personal data unless they are components of a contractual processing.

When using our services, we may also save the IP address and the time of the respective user action. The legal basis for such storage is our legitimate interests as well as the interests of the users in the protection against misuse and other unauthorized use.

2.4     Market Research and Opinion Surveys

We collect personal data as part of market researches and opinion survues.

Basis for the processing of your personal data in the context of market research and opinion survues is your consent.

You will find detailed information, in particular on the categories of the data collected and on the evaluation of your data, within the scope of the respective poll or where you enter your data.

Your answers to survues will not be passed on to third parties or published.

You can revoke your consent at any time. Please send your revocation to the following E-Mail address: ask@sunnyclock.com.

3     General Information on Cookies

We use cookies on our website and within our SUNNYCLOCK app based on our legitimate interests. Cookies are small text files that are stored on your mobile phone (or laptop, tablet, smartphone, etc.) using the browser. They help us make our services more user-friendly and effective and to make your visit to our website or the use of our SUNNYCLOCK app as pleasant as possible. Cookies do not damage your mobile phone. They cannot run programs or transmit viruses to your mobile phone.

Most of the cookies we use are so-called session cookies. They store a so-called session ID, which can be used to assign various requests from your browser to the web session. This allows your mobile phone to be recognised when you return to the website. Session cookies are automatically deleted when you log out or close your browser.

Other cookies we use are so-called persistent cookies and remain stored on your mobile phone beyond the respective usage process. They enable us or our partner companies (cookies from third parties, see chapter 4 (Analysis Tools) of this privacy policy) to recognize your browser the next time you visit.

Finally, we use performance cookies to collect information about how you use our services. Such cookies help us to improve our services. For example, we may use these cookies to determine whether you have visited a particular page.

Most browsers are regularly set to accept cookies. If you do not wish to accept cookies, you can set your browser so that it informs you when cookies are set and you can allow or generally exclude the acceptance of cookies in individual cases only. You can also activate the automatic deletion of cookies whenever you close your browser. You can also delete cookies that have already been set at any time via your browser or other software programs. However, the complete deactivation of cookies could result in individual functions of our website or SUNNYCLOCK app no longer functioning.

The following links will inform you about this possibility for the most used browsers:

4     Analysis Tools

On the basis of our legitimate interests in the analysis, optimisation and economic operation of our services, we use the following services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), if you have your habitual residence in the European Economic Area (EEA) or Switzerland::

In addition, we process personal data to provide our services in connection with the use of the SUNNYCLOCK app. The legal basis for the processing is therefore, in addition to the legitimate interests, the contract between you and SUNNYCLOCK.

Google uses cookies. The cookies used by Google enable us to analyze the use of our website or our SUNNYCLOCK app. The information generated by cookies about your use of our website or the SUNNYCLOCK app (including your IP address) will be transmitted to and stored by Google on servers in Ireland or the USA.

Google is certified under the EU-US and Swiss-US Privacy Shield agreements and thus offers a guarantee of compliance with the CH-FADP and EU-GDPR. Further information in this context can be found at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

For more information about Google’s terms of use and privacy policy, please visit https://policies.google.com/privacy

4.1     Google (Universal) Analytics

We use Google Analytics in the form of “Universal Analytics” On our website or in our SUNNYCLOCK app. Universal Analytics allows us to assign data, sessions and interactions across several devices to a pseudonymous user ID and thus to analyze the activities of a user across all devices.

Pseudonymised user profiles are created and cookies are used to evaluate the use of our website or the SUNNYCLOCK app, to compile reports on the activities done on the website or on the SUNNYCLOCK app and to provide other services related to the website or SUNNYCLOCK app and Internet use. Under no circumstances will your IP address be merged with any other data held by Google.

We only use Google Analytics with IP anonymization enabled. This means that your IP address will be shortened by Google within the EU/EEA or Switzerland. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

You can prevent cookies from being saved by making the appropriate settings in your browser software on the website or the SUNNYCLOCK app by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en. This sets an opt-out cookie that prevents your data from being collected in the future when you visit the website or use the SUNNYCLOCK app. To prevent Universal Analytics from collecting your data across multiple devices, you need to opt-out on all systems you use. In this case, however, you cannot use the SUNNYCLOCK app any further. More information about Universal Analytics can be found here: https://support.google.com/analytics/answer/2838718?hl=en&ref_topic=6010376. In this case, however, you cannot use the SUNNYCLOCK app.

4.2     Google AdWords

On our website we use the Google service “Google AdWords”. If you access our website via an ad placed by Google, Google AdWords places a cookie (a so-called “conversion cookie”) on your computer.

This cookie loses its validity after 30 days. If you visit certain pages on our website and the cookie has not expired yet, we and Google will know that you clicked on the ad and were directed to that page. Each Google AdWords customer receives a different cookie. As a result, cookies cannot be tracked through AdWords customer websites. The information collected through the Conversion cookie is used to compile conversion statistics for AdWords customers. The customers know the total number of users who clicked on their ad and were directed to a page tagged with a conversion tracking tag. However, they will not receive information that personally identifies users.

If you do not wish to participate in tracking, you can refuse to set a cookie and set your browser to block cookies from the “googleleadservices.com” domain.

Please note that you must not delete the opt-out cookies for as long as you do not wish to have measurement data recorded. If you deleted all your cookies in your browser, you will have to set the respective opt-out cookie again.

Further information on data processing and data protection within the framework of Google AdWords can be found at https://policies.google.com/technologies/ads?hl=en.

4.3     Google Maps

We use the Google service “Google Maps” to visually display geographical information. When Google Maps is used, Google also collects, processes and uses data on the use of the map functions by users. According to our state of knowledge, this is at least the following data:

By using Google Maps, information about the use of our website, including your IP address and the (start) address entered as part of the route planner function, may be transmitted to Google in Ireland or the USA. Google stores this data as user profiles for the purpose of designing services, advertising and market research to suit your needs.

Further information on data processing and data protection by Google Maps can be found at http://www.google.com/intl/de_en/help/terms_maps.html and https://policies.google.com/privacy.

4.4     Google Firebase

For our push messages, we use the Google service “Firebase”.

In most cases, the personal data is limited to so-called “instance IDs”, which have a time stamp. These IDs assigned by Firebase are unique and allow the linking of different events or processes. These data do not constitute personally identifiable information for us, nor do we make any efforts to subsequently personalize them. We process this aggregated data to analyze and optimize user behavior.

For more information about Google Firebase and privacy, please visit https://policies.google.com/privacy or https://firebase.google.com/support/privacy/.

5     Disclosure of Personal Data

We generally treat your personal data confidentially and only pass them on if you have expressively agreed to this, if we are obliged to do so by law or if it is necessary in order to enforce our rights, in particular to enforce claims arising from a contractual relationship.

In addition, certain tasks and services (e.g. hosting) are performed by trustworthy third parties that have been commissioned by us. However, this is only done to the extent necessary for the performance of the services and in accordance with the obligations arising from the present data protection declaration. These third-party providers are obliged to protect the data based on a data processing agreement according to the applicable data protection law. In addition, these service providers are carefully selected and regularly reviewed by us to ensure that the privacy of our users is protected.

If the level of data protection in a country in which the data is processed does not comply with the applicable data protection provisions, we will contractually ensure that the protection of your personal data corresponds to that in Switzerland or the EEA at all times.

6     Stored Period

Unless expressly stated otherwise in this privacy policy, we will only process and store your personal data for as long as is necessary in order to fulfill our contractual and legal obligations or otherwise for the purposes for which it is processed, and in accordance with the statutory retention periods.

As soon as your personal data is no longer required for the above-mentioned purposes or a mandatory retention period expires, your personal data will be, where possible, deleted or blocked.

If we store your personal data on the basis of a contractual relationship, this data will be stored at least as long as the contractual relationship exists and as long as limitation periods for possible claims from us or legal or contractual storage obligations.

7     Data Security

We implement technical and organizational measures to protect your personal data against manipulation, loss, destruction or against access by unauthorized persons. This includes, among other things, the use of recognized encryption methods (e.g. TLS encryption).

Our security measures are continuously improved according to technological developments.

We also take our own internal data protection seriously. Our employees and the service companies commissioned by us are bound to secrecy and to compliance with data protection regulations. In addition, they will only be granted access to your personal data if necessary.

8     Use of the Website by Minors

The website and the SUNNYCLOCK app are aimed at an adult audience. It is forbidden for minors, especially children under the age of 16, to transmit their personal data to us or to register for a service without the consent of their parents or guardians. If we discover that such data has been transmitted to us, they will be deleted. The parent (or legal representative) of the child may contact us and request deletion or unsubscription. In order to comply with such a request, we need a copy of an official document that identifies you as a parent or guardian.

9     Links to Websites of other Providers

Our website may contain links to other websites which are not covered by this privacy statement. After clicking the link, we no longer have any influence on the processing of any data transmitted by third parties (such as the IP address or URL), since the behavior of third parties is naturally beyond our control. We therefore cannot assume any responsibility for the processing of your personal data by third parties. If the collection, processing or use of your personal data is associated with the use of the websites of other providers, please refer to the data protection information of the respective providers.

Illegal contents were not recognizable at the time of linking. A permanent control and examination of the contents of the linked pages without concrete evidence of a violation of the law is, however, not reasonable. As soon as we become aware of any violations of the law, such links will be removed immediately.

10     Provision and Services of the SUNNYCLOCK App

10.1     Download of the SUNNYCLOCK App

When downloading the SUNNYCLOCK app, the necessary information is transmitted to the respective App Store (e.g. Google Play or Apple App Store), that is according to the best of our knowledge:

We have no influence on this data collection by the App Store and are not responsible for it. We process the data only to the extent necessary to download the SUNNYCLOCK app on your mobile phone.

Further information can be found in the privacy statements of the App Store operators:

10.2     Registration, Access Permission and Use of the SUNNYCLOCK App

We process personal data so that we can operate, offer, improve, understand, individualize, support and market our services. This is based on our legitimate interest in doing business sustainably and improving the user experience of the SUNNYCLOCK app.

The types of information we receive and collect depend on how you use our service and can be divided into the following categories:

10.2.1     Registration

In order to use our SUNNYCLOCK app and services, you must register by providing personal data. The following personal data is entered into an input mask of the SUNNYCLOCK app or service and transmitted to us, processed and stored:

The fields marked with * are mandatory fields and required to provide you with our services. If you do not enter this data, you will not be able to create a user account. You can enter all other information voluntarily.

The basis for the processing of your personal data is the existence of your consent. For the processing of your personal data, your consent will therefore be obtained during registration and reference will be made to this Privacy Policy. If the registration serves the fulfilment of a contract of which you are a contracting party or for the implementation of pre-contractual measures, this is an additional basis for the processing of your personal data.

10.3     Access Permissions

For full functionality, the SUNNYCLOCK app requires different access permissions on your mobile phone. When the SUNNYCLOCK app accesses the respective function, you will therefore be prompted to activate the access authorization if the access authorization has not yet been granted.

The SUNNYCLOCK app requires the following authorizations:

The basis for the processing of your personal data is the existence of your consent. For the processing of your personal data, your consent will therefore be obtained within the scope of access and reference will be made to this Privacy Policy. You can revoke access at any time in the settings of the SUNNYCLOCK app or your operating system.

10.3.1     Ongoing Use of SUNNYCLOCK App and Services

The following data may be collected, processed and stored for each subsequent access to or ongoing use of our SUNNYCLOCK app and services, provided you make them available to us:

We also receive information about you from other users and companies. For example, when other users or companies you know use our services, they may provide your phone number, name and other information as well as you may provide theirs, or you may send a message to yourself or messages to groups to which you belong.

This data is processed to provide our services. This forms our legitimate interest in the data processing. If the processing serves the fulfilment of a contract to which you are a party, it is an additional basis for the processing of your personal data.

10.3.2     Group Invitations to Non-Users of the SUNNYCLOCK App

The SUNNYCLOCK app offers a function for sending invitations to the app for group setups by differentiating between contacts who are already using the SUNNYCLOCK app (with SUNNYCLOCK logo) and contacts who are not (with SMS logo) using the SUNNYCLOCK app when creating a group.

If you select non-users in the group setup, an additional display appears on your mobile phone with which you can invite the non-users to the SUNNYCLOCK app and the corresponding group. The personal data of these non-users (telephone number, names) will only be stored on your mobile phone and not by SUNNYCLOCK.

Only when the non-user has installed the SUNNYCLOCK app and your device recognizes it as a new user will he or she be granted access to the group.

For more information on creating groups, see the FAQ at www.sunnyclock.com

10.4     Push-Notifications

Our SUNNYCLOCK app offers you the possibility to receive current information about our offers, news and relevant advertising by means of so-called push messages. Push-messages are messages that appear on your mobile phone without opening the respective SUNNYCLOCK app.

We use Google Firebase technology to send push messages (see section 4.4). For this purpose, during the SUNNYCLOCK app installation for iOS devices and Android devices, individual codes are assigned for each mobile phone (so-called “Device token” or “Instance ID”). Further data will not be collected.

When a push message is sent, the message text and the respective code number are transmitted to the Google server, which then sends the message to the users’ devices.

You can activate or deactivate push messages at any time as follows:

You can find more information about Google Firebase and privacy in chapter 4 of this Privacy Policy and at https://policies.google.com/privacy or at https://firebase.google.com/support/privacy/.

10.5     End-to-End Encryption

All data sent directly from a chat text field are end-to-end encrypted, i.e. all texts, images, videos, audio messages, positions on maps and web links of the group chat and comments from pins are sent end-to-end encrypted.

10.6     Storage and Deletion of Data

In order to maintain a good balance between data use and privacy, we have established the following rules for the storage of data:

Via Settings/Data storage in the menu of the SUNNYCLOCK app, contents of the groups can be actively deleted. All your data will be deleted locally on your phone as well as all your created chat elements and comments which are still on the chat server. Items created by you such as task lists and survues can only be deleted from the item itself. The deletion of these items is not possible via Settings.

When you delete your account, the following data will be deleted from our servers:

Messages and media sent by you may still exist on the group members’ phones despite deletion:

11     Your Rights

11.1     Right of Access

You have the right to request information from us about whether and if so, which personal data concerning you we process.

11.2     Right to Rectification

You have the right to demand the rectification of your incorrect personal data and, if necessary, the completion of incomplete personal data in our systems.

11.3     Right to Erasure

You have the right to demand that your personal data be deleted, for example if the data is no longer needed for the purposes pursued. However, if we are obliged or entitled to keep your personal data due to legal or contractual obligations, we cannot restrict or block your personal data in these cases.

11.4     Right to Restriction of Processing

You have the right to demand that we restrict the processing of your personal data. In such a case, our SUNNYCLOCK apps and services can no longer be provided or used.

11.5     Right to Data Portability

You may have the right to receive your personal data, which we process automatically on the basis of your consent or to fulfil a contract, in a structured, common and machine-readable format or to request the transfer of this data to a third party. If you request the direct transfer of personal data to another controller, this will only take place as far as technically feasible.

11.6     Right to Object

You have the right to object to the processing of your personal data at any time in accordance with legal requirements. In such a case, our SUNNYCLOCK apps and services can no longer be provided and used.

11.7     Withdrawal of Consent

You have the right to withdraw your consent to the processing of your personal data at any time, in principle with effect for the future.

11.8     Right to Lodge a Complaint

If the GDPR is applicable, you have the right to lodge a complaint with a competent supervisory authority if you are of the opinion that the processing of your personal data violates data protection regulations.

12     Changes to the Privacy Policy

Due to the further development of our website and the SUNNYCLOCK app or due to changes in legal or official requirements, it may be necessary to amend this Privacy Policy. We expressly reserve the right to amend or change this Privacy Policy at any time. The current data protection declaration can be accessed at any time on the website at www.sunnyclock.com . We recommend that you re-read the current Privacy Policy from time to time.

 

The current status is 26.04.2019.