Privacy policy

ALAN Software AG

Neugutstrasse 66

8600 Dübendorf

 

The following privacy policy of ALAN Software AG explains what happens to your personal data when you visit the website of ALAN Software AG or if you are a customer of ALAN Software AG. Personal data is any data by which you can be personally identified.

For detailed information on the subject of data protection, please refer to the following data protection declaration of ALAN Software AG.

1. data processor and data protection officer

Data processing on this website is carried out by the website operator. The data processing of you as ALAN customer is carried out by ALAN as licensor and service provider.

ALAN Software AG
Neugutstrasse 66
8600 Dübendorf

Tel. 043 883 90 80
Mail contact@alan.ch
Web www.alan.ch
(hereinafter referred to as “ALAN Company”, “Website Operator”, “Licensor” or “Service Provider”).

 

The data protection officer of the company ALAN is

Udo Schneider

Tel. 043 883 90 80
Mail contact@alan.ch
(hereinafter referred to as “The Controller” or “The Data Protection Officer”).

2. Usage data and personal data via website and email

Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

Every time our website is accessed and every time a file is retrieved, general data about this process is automatically stored in a log file. The storage serves exclusively system-related and statistical purposes, as well as in exceptional cases for the reporting of criminal offences.

The data will not be passed on to third parties or evaluated in any other way, unless there is a legal obligation to do so.

In detail, the following data record is stored about each retrieval:

  • the name of your Internet service provider,
  • Your IP address or the IP address of your proxy server,
  • Date and time of the page view,
  • the version of your browser software,
  • the operating system of your computer,
  • the website from which you are visiting us,
  • the websites that you visit with us,
  • Search words that you may use with us or that you have used to find our website

Your data is collected in part by you providing it to us. This may be, for example, data that you enter in a contact form or when you sign up for our newsletter or when you register for a webinar or an online meeting via newsletter. If you contact us by e-mail or telephone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. Here, there is transport encryption (encryption in transit), but no end-to-end encryption.

We would like to draw your attention to the fact that unencrypted e-mails are generally considered to be potentially insecure and should therefore not contain any particularly sensitive personal data. In addition: Support emails (to support@alan.ch) get into our ticket system “Zammad”, which is hosted by the company of the same name in Germany (helpdesk.alan.ch). You should therefore not send us any particularly sensitive personal data, especially to the support email address, as you would be committing a data export abroad, which is probably not permitted. In the case of attorney/notary clients whose data is subject to professional confidentiality, such data export would not be permitted even if the client consented to it and the foreign data processor had a commissioned data processing agreement with you or us.

Emails to other @alan.ch email addresses arrive in our Microsoft365 mailboxes at Microsoft Switzerland.

3. professional secrecy and personal data requiring special protection

You as a customer of ALAN (usually a law firm or notary’s office, can be a sole proprietorship or a legal entity) are registered with us in the support system, in the accounting system, possibly in the mailing system as a recipient of the update announcement mails and in the license system. This data is used exclusively for the purpose of the contract or so that we can fulfill our contractual obligations. In the context of support activities, error analyses or data migrations, we can gain access to your ALAN database plus any user data (documents, emails, scans) stored in the mandates. We are aware that (in the case of attorney-at-law or notary mandates) personal data requiring special protection and data subject to attorney-at-law or notary professional secrecy are involved. All our employees who may gain access to such data in the course of their activities have signed a confidentiality agreement in which they confirm that, as assistants to the lawyer/notary, they are bound by professional secrecy pursuant to StGB Art. 321 para. 1 to be subordinated. If ALAN were ever to subcontract such activities to third parties, it would pass on this confidentiality obligation to these third parties, sign a commissioned data processing agreement with them, and in doing so ensure that no data is exported abroad.

4. security / technical and organizational measures

For the security of your data we use the latest Internet technologies. During the online request process, your information is secured with SSL encryption. For secure storage of your data, our systems are protected by firewalls that prevent unauthorized access from the outside. You can recognize an encrypted connection by the fact that the browser address bar changes from “http://” to “https://” and by the lock symbol in your browser bar. If SSL encryption is activated, the data you transmit to us cannot be read by third parties on the transmission path. (transport encryption).

In addition, we use technical and organizational measures (TOM) to protect the personal data you provide to us from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our contractual partners who have access to your data in order to provide services to you on our behalf are contractually obligated to maintain data protection and confidentiality.

5. duration of storage

Your personal data will be stored for the duration of the respective legal retention period and then routinely deleted, unless your personal data is still required thereafter to achieve the respective storage purpose (e.g. for contract fulfillment, contract initiation or logins).

After three years at the latest, we will check whether your data is still needed and whether deletion is contrary to statutory retention obligations.

6. data subject rights

As a natural person, you have the right to,

  • To request the information/disclosure/issuance of your personal data stored by us.
  • To request the correction of any inaccurate data we may have stored about you personally
  • To request the restriction of the processing and/or disclosure of the data we hold about you personally
  • To request the deletion of the data we hold about you personally. The right to erasure exists only when it comes to voluntary personal data. However, those that we MUST process (by law or because of contract performance), we do not have to/may not delete.

 

The processes for safeguarding these data subject rights are:

Information/Information/Output

  • Send your request for information by registered letter to our data protection officer (for address, see following section). The request for information must contain a photocopy of a valid official identification document of your person, must be dated and signed and must contain the statement that you wish to receive information about data stored by us about you personally.
  • Within 30 days you will receive from us the requested information, or the notice that we have not stored any personal information about you. The processing of your request for information is free of charge. The information is provided in accordance with DPA Art. 25+26 and, if applicable, DPA Art. 28+29.
  • If the same request is made by the same person more than once within 90 days, we reserve the right to disregard the request and/or to charge processing fees in the amount of CHF 300.00 and/or, in repeated cases, to file criminal charges for abuse of legal remedies.

Correction

  • Send your request for correction either informally by email or formally by registered letter to our data protection officer (for address, see following chapter). The correction request letter should include the indication of what the incorrect data is and what the correct data is.
  • Within 15 days you will receive either a) the notification that the data has been corrected as requested, or (b) a statement of the reasons why the correction cannot be made; or c) a query if your instruction is unclear or the requested data correction requires proof of your identity for security reasons. In the case of c) after clarification of the facts, the request shall be dealt with again within a further period of 15 days as described above. The processing of your rectification request is free of charge and will be handled in accordance with DPA Art. 32.
  • If the same request is made by the same person more than once within 90 days, we reserve the right to disregard the request and/or to charge processing fees in the amount of CHF 300.00 and/or, in repeated cases, to file criminal charges for abuse of legal remedies.

Restriction of processing and/or disclosure

  • Send your request for restriction by registered letter to our data protection officer (for address see following chapter). The restriction request letter must contain a photocopy of a valid official identification document of your person, be dated and signed, contain the statement that you wish the processing and/or the disclosure about data stored by us about you personally and precise information about which criteria and extent the requested restriction should cover. Furthermore, the request for restriction should contain a comprehensible factual justification.
  • Within 30 days, you will either receive notification that the requested restriction will be respected, or the reason why it cannot be addressed. The processing of your restriction request is free of charge and will be assessed in accordance with DPA Art. 32.
  • If the same request is made by the same person more than once within 90 days, we reserve the right to disregard the request and/or to charge processing fees in the amount of CHF 300.00 and/or, in repeated cases, to file criminal charges for abuse of legal remedies.

Deletion

  • Send your request for deletion by registered letter to our data protection officer (for address see following chapter). The deletion request letter must include a photocopy of a valid official identification document of your person, be dated and signed and contain the statement that you wish the deletion of the data stored by us about you personally.
  • Within 30 days, you will receive either confirmation that the requested deletion has been carried out, or that there is no data to be deleted, or a reasoned decision that we cannot proceed with the requested deletion. The processing of your deletion request is free of charge and will be assessed in accordance with DPA Art. 32.
  • If the same request is made by the same person more than once within 90 days, we reserve the right to disregard the request and/or to charge processing fees in the amount of CHF 300.00 and/or, in repeated cases, to file criminal charges for abuse of legal remedies.

7. our data protection officer

ALAN Software AG
Udo Schneider, Data Protection Officer
Neugutstrasse 66
8600 Dübendorf

Tel. 043 883 90 80
Mail contact@alan.ch

8. Links to other websites

Our online offer contains links to websites of other providers. We have no influence on whether their operators comply with data protection regulations.

9. cookies

We use so-called cookies in some areas of our website. The processing is carried out to improve the functioning of our website. It is therefore necessary for the protection of our legitimate interests.

Through such file elements, your computer can be identified as a technical entity during your visit to this website in order to facilitate your use of our offer – also during repeat visits.

However, you usually have the option of setting your Internet browser so that you are informed about the occurrence of cookies, so that you can allow or reject them, or delete existing cookies.

Please use the help function of your Internet browser to obtain information on how to change these settings. We would like to point out that individual functions of our website may not work if you have deactivated the use of cookies.

Cookies do not allow a server to read private data from your computer or the data stored by another server. They do not cause any harm to your computer and do not contain viruses.

Our offer and our website are aimed at Swiss target customers. We are therefore not subject to the European GDPR, but to the Swiss GDPR. The popping up of a “cookie banner” when visiting our website is therefore not necessary.

10. analysis tools, advertising, plugins and tools

These are used because the website operator has a legitimate interest in analyzing user behavior in order to optimize both its web offering and its advertising. The website operator has a legitimate interest in marketing its products as effectively as possible.

ANALYSIS TOOLS AND TOOLS FROM THIRD PARTY PROVIDERS
When you visit our website, your surfing behavior may be statistically analyzed. This is done mainly with cookies and with so-called analysis programs. The analysis of your surfing behavior is usually anonymous, i.e. the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. For detailed information, please refer to this Privacy Policy.

GOOGLE ANALYTICS
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses cookies. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

IP anonymization
We have activated the IP anonymization function on this website. As a result, your IP address is shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.

Browser plugin
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. You can also find more information on how Google Analytics handles user data at the following link: https://support.google.com/analytics/answer/6004245?hl=de.

Demographic characteristics in Google Analytics
This website uses the “demographic characteristics” function of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the previous point “Objection to data collection”.

GOOGLE-DAY-MANAGER
We use the Google Tag Manager of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The Google Tag Manager is a cookie-less domain and does not collect any personal data. The tool provides for the triggering of other components, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.

GOOGLE ADS
The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to play advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be played out based on the user data available at Google (e.g. location data and interests) (target group targeting). As a website operator, we can evaluate this data quantitatively by analyzing, for example, which search terms led to the playout of our advertisements and how many ads resulted in corresponding clicks.

GOOGLE REMARKETING
This website uses the functions of Google Analytics Remarketing. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyzes your user behavior on our website (e.g. clicking on certain products) in order to classify you in certain advertising target groups and then play you suitable advertising messages when you visit other online offers (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Remarketing can be linked with Google’s cross-device functions. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. cell phone) can also be displayed on another of your end devices (e.g. tablet or PC).

Further information and the privacy policy can be found in Google’s privacy policy at the address: https://policies.google.com/technologies/ads?hl=de.

GOOGLE CONVERSION TRACKING
This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google conversion tracking allows Google and us to recognize whether the user has taken certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they took. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification purposes.

For more information on Google conversion tracking, please see Google’s privacy policy: https://policies.google.com/privacy?hl=de.

XOVI
On our website you can find the XOVI – SEO (search engine optimization) of the company XOVI GmbH, Hohenzollernring 72, 50672 Köln. XOVI allows to obtain accurate information about traffic, audience, acquisition and visitor behavior on the website, as well as search queries, countries and devices of users.

XOVI GmbH is not permitted to pass on or sell your data. XOVI GmbH is a German provider, which was carefully selected according to the requirements of the GDPR and the DSG. You can find detailed information on data protection security directly from the service provider at: https://www.xovi.de/datenschutz/.

LINKEDIN WEBSITE DEMOGRAPHICS
We use social plug-ins of the social media network LinkedIn, of the company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA on our website. The social plug-ins may be feeds, sharing content, or linking to our LinkedIn page. The social plug-ins are clearly marked with the familiar LinkedIn logo and allow, for example, interesting content to be shared directly via our website. For the European Economic Area and Switzerland, LinkedIn Ireland Unlimited Company Wilton Place in Dublin is responsible for data processing.

By embedding such plug-ins, data can be sent to LinkedIn, stored and processed there.

YOUTUBE
Our website uses plugins of the website YouTube. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

We use YouTube in extended data protection mode. According to YouTube, this mode causes YouTube not to store information about visitors to this website before they watch the video. The transfer of data to YouTube partners, on the other hand, is not necessarily excluded by the extended data protection mode. Thus, YouTube – regardless of whether you watch a video – connects to the Google DoubleClick network.

As soon as you start a YouTube video on our website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube may store various cookies on your end device after starting a video. These cookies allow YouTube to obtain information about visitors to our website. This information is used, among other things, to collect video statistics, improve the user experience, and prevent fraud attempts. The cookies remain on your terminal device until you delete them.

If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.

YouTube is used in the interest of an appealing presentation of our online offers.

For more information about privacy at YouTube, please see their privacy policy at: https://policies.google.com/privacy?hl=de.

VIMEO
Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.

When you visit our website, a connection is established to the servers of Vimeo. This tells the Vimeo server which pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.

If you are logged into your Vimeo account, you allow Vimeo to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.

The use of Vimeo is in the interest of an appealing presentation of our online offers.

For more information on the handling of user data, please see Vimeo’s privacy policy at: https://vimeo.com/privacy.

GOOGLE WEB FONTS
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.

GOOGLE MAPS
This site uses the mapping service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.

Google Maps is used in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website.

You can find more information on the handling of user data in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

GOOGLE RECAPTCHA
The website operator also uses “Google reCAPTCHA” (hereinafter “reCAPTCHA”). The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

The purpose of reCAPTCHA is to verify whether data entry on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not made aware that an analysis is taking place.

The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM.

For more information about Google reCAPTCHA and Google’s privacy policy, please see the following links:
https://policies.google.com/privacy?hl=de and https://www.google.com/recaptcha/intro/android.html.

11. privacy policy according to DSG Art. 19

This privacy policy was created in accordance with DSG Art. 19:

  • Identity and contact details of the responsible person(s): According to point 1 of this Privacy Policy.
  • Purpose of processing: For website and related tools: In accordance with section 10, paragraph 1 of this Privacy Policy. For customers: According to the respective license agreement, update and maintenance agreement, and/or individual service, training, migration, software development or similar agreements. Vis-à-vis the State: to comply with statutory accounting and record-keeping requirements.
  • Recipients or categories of recipients of the personal data: The employees or contractors (order data processors) of ALAN who are entrusted with the fulfillment of the respective processing purpose mentioned in the previous paragraph.
  • Transmission of data abroad: Does not take place in principle. The only exception is the support ticket system according to section 2 (last two paragraphs) of this privacy policy.
  • If third-party sources are available, details of the categories and data: As a matter of principle, we do not procure personal data through third-party sources, but always obtain them directly from our customers and interested parties.

12. reservation of right of modification

We reserve the right to occasionally adjust this privacy policy to ensure that it always complies with the current legal requirements or to implement changes to our services in the privacy policy. The version published on our website at any given time shall apply.