1. General
dua AG is the operator of the website www.dua.com and provider of the services offered on this website and the apps, in short “Services”.As such, dua AG, Leutschenbachstrasse 95, 8050 Zurich, Switzerland, is responsible for the collection, processing and use of your data and must ensure compliance with the applicable data protection laws.The protection of your personal data is of the utmost importance to dua AG.We hereby inform you about the data collected on www.dua.com and how it is used.You can also find out how you can check the accuracy of this data and request that we delete it.Please note that this privacy policy may change from time to time.We therefore recommend that you read this privacy policy regularly to ensure that you are always familiar with the latest version.
2. collection, use and processing of personal and company data
The person responsible for data protection is
Name: LEXR Law Switzerland AG
Full name: Christian Meisser
Function: Data Protection Officer
Email: christian.meisser@lexr.ch
We collect the following types of personal data when you use our Services: – Identity and contact data – Profile, usage and website interaction – Technical data – Unique user IDs – Location-based data Personal Data (including any sensitive personal data) explicitly disclosed by you whilst using our Services (includes communication data as well as information disclosed in your profile) When you use our Services, certain data is automatically stored on our servers for system administration, statistical or backup purposes. These are as follows: – the name of your Internet service provider – Your IP address (under certain circumstances) – the date – the time – the website or app from which you use our Services – the search words you used to find our Services.
3. Legal Basis and Purposes
Our legal basis for collecting and using the personal data described in this Privacy Policy depends on the personal data we collect and the specific purposes for which we collect it. Contract: To perform our Services or take steps linked us providing Services to you. – To provide and protect our Services – To administer, manage and develop our business and Services Consent: We may rely on your freely given consent at the time you provided your personal data. – To provide you with news, special offers, newsletters, and general information about goods and Services which we offer (with your explicit consent). – The personal data that you decide to publish while using our Services are processed on the basis of your consent. If you share sensitive personal data as defined by applicable data protection laws, we process such data on the basis of your explicit consent only for the purpose of offering our online meeting Service. We do not process such sensitive personal data for any other purpose. – If you disclose sensitive personal data such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership while using our Services, we process such data with your explicit consent and only for the purpose of providing our Services to you. Legitimate interests: We may rely on legitimate interests based on our evaluation that the processing is fair and reasonable. – To maintain and improve our Services – To develop new Services Public interest: To meet regulatory and public interest obligations. – To comply with applicable regulation and legislation.
4. Data Transfers
Your data will be transferred to our partners (third parties) as far as the order processing or storage makes it necessary.
We may, where necessary and according to the relevant legal basis, share your Personal Data with any number of the following categories of third parties:
- Insurers
- Regulators/tax authorities/corporate registries
- Professional advisers that we use, such as accountant and lawyers
- Government or regulatory authorities
- Third parties who provide services such as, document processing and translation services, software providers or IT systems, IT support services, document and information storage providers
- Third parties that are engaged in the course of your matter, such as counsel, mediators, banks and other payment providers, court, tax advisors or valuation experts
- Third party service providers who help us with client insight analytics, such as Google Analytics
- Third party postal or courier providers who deliver our postal marketing campaigns or documents related to a client matter
We and our Service Providers may process your data in the following countries: – Switzerland EU/EEA – Kosovo – US For the transfer to countries that have not been deemed to provide an adequate level of protection according to lists of countries published by the Federal Data Protection and Information Commissioner, we safeguard your data by applying standard contractual obligations which provide for appropriate protection of data. If you provide us with personal or company data of your own accord, we will not use, process or pass on this data beyond the scope permitted by law or specified by you in a declaration of consent. Furthermore, we will only pass on your data to external service providers if this is necessary for the execution of the contract and if these service providers have agreed to the relevant confidentiality and due diligence provisions.
Map function: A function that displays a map to find users you have met up with.You can deactivate the map function by switching off the location services in the settings of your smartphone.
Dislike function: An option is represented by an X button, which signals disinterest.This action is private and no notifications are sent.Profiles that are marked as “disliked” will no longer appear in the user’s timeline in future.
However, as dislikes and likes expire after some time, profiles that have been marked as “disliked” will be displayed again at some point.
Services: dua.com offers all paid or free services to facilitate virtual or face-to-face meetings between users who have seen each other in real life and share common interests based on selected search criteria.
- Data required for certain purposes
Location information: Your geographical position or at least your city. - Meeting places: Pins on which you have interacted with other users.
- Search criteria: Preferences for people you want to meet, including age and gender.
If you deactivate the geolocation function during registration, dua.com will be prevented from collecting your location data in order to recommend profiles of people you have met. This allows dua.com to suggest profiles for users in the vicinity.
Location data and meeting points with other users (public)
- The main aim of the app is to help users find people they have already met or might meet in the future.
Collection of location data: Your location will only be collected if you agree to this. You will be asked to allow dua.com to collect and use your location data to find out where you have seen other users in real life who have also agreed to share their location. Unless you set up stricter controls on your device, dua.com will regularly collect your location data. - Regular updates: Unless you set up stricter controls on your device, dua.com will regularly track your location.
- Identification of meeting pins: dua.com marks a meeting pin when two users are close to each other or discover each other.
- Show meeting pins: Your Meeting Pins will be displayed in your profile, but other users will not be able to see your exact location. When a meeting pin is recorded, each member only sees their own location within a certain radius. However, they cannot see the exact location of other users.
- Geolocation: If you do not specify your location when registering, dua.com will continue to suggest profiles with inaccurate locations in the Spotted area.
Spotting pins can be displayed in the spotted area or on the map.
- You can revoke your consent to geolocation at any time by deactivating the location services on your smartphone. If you deactivate geolocation, your “Spotted” area will no longer be updated and you will no longer be able to see who you have spotted. As soon as your Spotted area no longer contains profiles, we will ask you for the name of your city so that we can recommend profiles that are close to you.
- You can request that your profile and your crossing points are no longer displayed on the map in future. You will then only appear in the “Spotted” section of other users and will no longer see the profiles you have spotted on the map. You will only see them in your Spotted area. To activate this function as soon as it is available, go to “Settings” in the app, scroll down and deactivate it.
Search preferences (private)
You can customize the app so that you meet people who match your preferences in terms of age, gender and physical characteristics. You can change these settings within the app by specifying the gender, age range and characteristics of the person you want to meet and giving your consent to data collection and processing. This way, you will only see profiles in your Spotted area of people you have seen in real life and who match your search criteria.
Suggesting profiles that you have discovered or could discover in the future
Geolocation is used to suggest profiles of users that you have discovered or could discover in the future.
Additional information
dua.com wants to help you find other users that you have discovered or could discover in the future. When a user agrees to share their location, dua.com finds these spotting pins. Thanks to these spotting pins, dua.com can display user profiles that match your search parameters.
Your activities, location and profile details can be used to suggest your profile to other users. We can also use your shortlist to suggest other users to you, including people you may or may not have seen in real life.
Legal basis: Performance of the contract
Processing this data increases the likelihood that you will come into contact with users who are a good match for you and enables us to offer our services. We may also send an email recommending your profile to other users you have seen in real life or may see in the future. We may also send an email recommending your profile to other users that you have discovered in real life or may discover in the future.
Shorter storage times apply for your geographical locations and spotting pins:
- Your geographical locations are stored for one month after they are recorded in order to identify your spotting pins with other users.
- Your spotting pins are stored for six months from the time they are collected. They are used to display the profiles of the users you have spotted in the application.
5. disclosure of data
We may disclose your personal information when we believe in good faith that it is necessary: – To comply with a legal obligation (i.e. when required by law or in response to valid requests by public authorities, such as a court or government agency); – To protect the security of our services and defend our rights or property; – To prevent or investigate possible wrongdoing in connection with us; – To protect us against legal liability.
6. data security
We will store your data securely and therefore take all reasonable measures to protect your data from loss, access, misuse or alteration. Our employees and contractual partners who have access to your data are contractually obliged to maintain confidentiality and to comply with data protection regulations. The security of your personal information is important to us, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. We recommend that you use anti-virus software, a firewall and similar software to protect your system. However, should a data security incident occur, we will follow our internal procedure to respond to the incident and notify you as soon as possible.
7. data protection rights
You have the following data protection rights on the basis of the Swiss Federal Act on Data Protection and the EU General Data Protection Regulation. You can request information about your data stored by us at any time. To do so, please send a request for information by e-mail to the address below. You can request the deletion or correction of your data at any time. Of course, you also have the right to withdraw your consent to the use or processing of personal data at any time with effect for the future. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose(s) to which you originally consented, unless there is another legal basis for the processing. For this purpose, we ask you to write to us by e-mail at privacy@dua.com. To stop receiving emails from us, please click on the “Unsubscribe” link in the email you have received. Stored data will be deleted by us when it is no longer required for the stated purpose. With regard to the deletion of data, it is important to know that we are subject to certain legal obligations that require us to retain certain data. We must comply with this obligation. If you request the deletion of data that is subject to the statutory retention obligation, the data will be blocked in our system and only used to fulfill the statutory retention obligation. After the statutory retention period has expired, your request for erasure will be complied with. Right to portability: You have the right to request that we transfer your personal data to another data controller in a commonly used format such as Excel, provided that it is data that you have provided to us and we process it on the legal basis of your consent or to fulfill our contractual obligations. Right to lodge a complaint with a supervisory authority: You have the right to complain to a data protection supervisory authority if you believe that the processing of your personal data violates data protection law. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner(www.edoeb.admin.ch/edoeb/en/home.html). If you use our services in the EU, you can assert this right, for example, before a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement.
8. website and app hosting
The dua AG website is hosted in Switzerland(Hostpoint). Our app “dua.com” is hosted in Ireland by Amazon Web Services(AWS). The customer is aware that for various applications offered by dua AG or required for the provision of services, data may be processed or stored on servers in the territory of the European Union (EU) and Kosovo.
9. cookies
Details of the cookies we use can be found in our cookie policy.
10. plug-ins
10.1.Facebook-Plugins
Plugins from the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our website. You can recognize the Facebook plugins by the Facebook logo or the “Like” or “Share” button on our site. You can find an overview of the Facebook plugins here: – http://developers.facebook.com/docs/plugins/ When you visit our pages, the plugin establishes a direct connection between your browser and the Facebook server. The content of the plugin is transmitted by Facebook directly to your browser, which integrates it into the website. Facebook receives the information that you have visited our site with your IP address, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there. If you click on the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate visits to our pages with your user account. The information about your interaction is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data and its use by Facebook. Facebook may use this information for the purposes of advertising, market research and the market-oriented design of Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website and to offer other services associated with the use of Facebook. You can find more information in Facebook’s privacy policy at – https://www.facebook.com/about/privacy/. If you do not want Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account before using our website.
10.2.Twitter
On our website you will find integrated plugins of the short message network Twitter Inc. 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. You can recognize the Twitter plugins (Tweet button) by the Twitter logo on our site. You can find an overview of the Tweet button at https://dev.twitter.com/. When you visit a page on our website that contains such a plug-in, a direct connection is established between your browser and the Twitter server. Twitter then receives the information that you have visited our site with your IP address. If you click on the “Tweet button” while you are logged into your Twitter account, you can link the content of our pages to your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Twitter. Further information can be found in Twitter’s privacy policy. If you do not want Twitter to be able to track your visit to our site, please log out of your Twitter account.
10.3.LinkedIn
Plugins of the social network LinkedIn of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter referred to as “LinkedIn”) are integrated on our website. You can recognize the LinkedIn plugins by the LinkedIn logo or the “Recommend” button on our site. When you visit our pages, the plug-in establishes a direct connection between your browser and the LinkedIn server. This gives LinkedIn the information that you have visited our site based on your IP address. If you click on the LinkedIn “Recommend button” while you are logged into your LinkedIn account, you can link the content of our pages to your LinkedIn profile. This allows LinkedIn to associate your visit to our pages with your LinkedIn account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn. Details on data collection (purpose, scope, further processing, use) as well as your rights and settings options can be found in LinkedIn’s privacy policy. You can find this information at: http://www.linkedin.com/legal/privacy-policy.
10.4.YouTube
Our websites contain at least one plug-in from YouTube, a company of Google Inc. based in LLC 901 Cherry Ave. San Bruno, CA 94066 USA. As soon as you visit a page on our website that is equipped with a YouTube plug-in, a connection to the YouTube servers is established. This tells the YouTube server which specific page of our website you have visited. If you are logged into your YouTube account, you also allow YouTube to associate your browsing behavior directly with your personal profile. You can remove this possibility of assignment if you log out of your account beforehand. You can find more information about the collection and use of your data by YouTube in their privacy policy at http://www.youtube.com/t/privacy.
10.5.Instagram
On our website, we use so-called social plugins from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”. When you access a page on our website that contains such a plug-in, your browser establishes a direct connection to Instagram’s servers. The content of the plug-in is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can immediately associate your visit to our website with your Instagram account. If you interact with the plugins, for example by clicking on the “Instagram” button, this information is also sent directly to an Instagram server and stored there. The information is also published in your Instagram account and displayed to your contacts. The purpose and scope of the data collection and the further processing and use of the data by Instagram as well as your rights and setting options to protect your privacy can be found in Instagram’s data protection information: https://help.instagram.com/155833707900388/ If you do not want Instagram to assign the data collected via our website directly to your Instagram account, you must log out of Instagram before visiting our website. You can also completely prevent Instagram plugins from loading by using add-ons for your browser, e.g. the script blocker “NoScript”(http://noscript.net/).
10.6.Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie (browser type/version, operating system used, referrer URL of the previously visited website, IP address, time of the server request) about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on our website, your IP address will be shortened by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before this happens. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can refuse the use of cookies by selecting the appropriate settings on your browser. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You can find more information about the web analysis service used on the Google Analytics website. Instructions on how you can prevent the processing of your data by the web analysis service can be found at – http://tools.google.com/dlpage/gaoptout?hl=de.
10.7.Google Webfonts
Google web fonts(http://www.google.com/webfonts/) are used to improve the visual presentation of various information on this website. The web fonts are transferred to the browser cache when the page is called up so that they can be used for the display. If the browser does not support Google Web Fonts or prevents access, the text is displayed in a standard font. When the page is accessed, the website visitor does not receive any cookies. The data transmitted in connection with the page view is sent to resource-specific domains such as fonts.googleapis.com or fonts.gstatic.com. They are not associated with data that can be collected or used in connection with the parallel use of authenticated Google services such as Gmail. You can set your browser so that the fonts are not loaded from the Google servers (e.g. by installing add-ons such as NoScript or Ghostery for Firefox). If your browser does not support Google fonts or if you prevent access to the Google servers, the text will be displayed in the system’s default font. You can find information on the data protection provisions of Google Web Fonts at – https://developers.google.com/fonts/faq#Privacy General information on data protection can be found in the Google Privacy Center at: http://www.google.com/intl/de-DE/privacy/
11 Amendments and validity
Changes to this privacy policy will be published on this page. In this way, you can find out at any time what data we store and how we collect and use it. You can save and/or print the privacy policy here.
12. changes to our privacy policy
Should we need to amend the privacy policy due to changes to our services or new requirements, the latest available version will apply. Our group of companies operates in Switzerland as well as in the EU-EEA area and in Kosovo. The information provided here relates to the EU General Data Protection Regulation while at the same time taking into account the Swiss Data Protection Act. Should deviations or additions be necessary in this regard, these will be incorporated into the information presented here.