Privacy

Overview Privacy Policy

We are committed to “Privacy By Design” principles when we build our products and services.

For the maximum protection of your data, BitsaboutMe guarantees the following 10 points:

  1. Your personal data is your property and will always remain so. BitsaboutMe has no rights to, and no access to, your data unless you explicitly authorize us to do so.
  2. BitsaboutMe stores your personal data in a Personal Data Store (PDS) assigned to you and only to you.
  3. All data in your PDS are encrypted and only you have the key in the form of your login password.
  4. Your PSD is hosted exclusively in trustworthy data centers within the EU (including Switzerland).
  5. We do not store any personal data outside your encrypted PDS, except for the name, email address, and mobile number (for two-factor authentication) that we need to verify and manage your account (access).
  6. You alone decide which data from which data sources are stored in your PDS.
  7. No one, including BitaboutMe, can read or use your data without your key. Accordingly, your data cannot be passed on to third parties without your consent.
  8. You can correct, download, or delete the data in your PDS at any time.
  9. All communication within our systems and with your web browser is done exclusively via encrypted channels (HTTPS).
  10. BitsaboutMe does not use cookies, the only exception is our session cookie, which is mandatory for a web application and is automatically deleted after the session.

You can find out more about the handling of your personal data here in our privacy policy below.

Definitions:

Term Definition
You Person who visited our website or registered to use the services of BitsaboutMe.
We / Us / BitsaboutMe BitsaboutMe AG and its affiliates.
Contract partners 3rd parties contracted by BitsaboutMe to provide its services like contract workers, distribution partners, suppliers, and other service providers.
3rd party All others except you and us.
Account Your personal, password-protected account with BitsaboutMe as a prerequisite for the use of our services.
PDS – Personal Data Store Encrypted storage space associated with your account and accessible only with your personal password.
Services Web pages, tools and interfaces provided by us for the import, storage, analysis, statistical processing, visualization and use of data.
Data sources Third-party service providers (data controllers) who store and edit your personal data. BitsaboutMe allows you to link your external account and import a copy of the data into your PDS.
Data All information, data, texts, images provided by you, third party sources, or BitsaboutMe that are added to your PDS.
Personal data All data about you or yourself.
Personal Identifiable Information (PII) All data relating to a specific or identifiable person.

Privacy Policy

Published on March 1, 2017

This translation is provided for informational purposes only. In case of inconsistencies, the original German Text is binding.

Who we are

This website is operated by BitsaboutMe AG. We are responsible for your personal data stored by us. You can contact us here:

BitsaboutMe AG / Bollwerk 4 / 3011 Berne / Switzerland

Web: www.bitsabout.me Email: privacy@bitsabout.me

Introduction

We are pleased that you use BitsaboutMe! The following describes how we deal with your personal data as well as the personal data you provide when you use our services and how we store and process these data.

We have developed a product with BitsaboutMe that allows you to get an overview of the data stored by third parties and to use our services to get interesting and valuable insights about these aggregated data. Our mission is to provide users with control over their personal data, thereby protecting their privacy and allowing them to participate appropriately in value with their data.

As a Swiss company, we not only act in strict accordance with the applicable provisions of the Swiss Data Protection Act, but have also written it on our flag in accordance with the General Data Protection Regulation (GDPR) as adopted in the European Union in May 2018. As an active supporter of this policy, we provide BitaboutMe with a product that allows you, ultimately, to keep the legal rights and obligations technically simple and transparent to third parties who store data about you (data sources).

Your personal data will therefore be collected and processed only as part of the applicable statutory provisions and in accordance with these data protection regulations, as you wish or explicitly consent to.

What data we edit and why

In order to offer, develop and protect our services as best as possible, we and the contract partners and service providers whom we have consulted collect, process, store and use the following data:

Your use – In order to constantly optimize our services and to detect and prevent misuse, we collect, use and store information from and to your device. These usage data are transmitted to us by BitaboutMe and the use of our services from your Internet browser and stored in log files, the so-called log files. This includes the date and time of the retrieval, the name of the website visited, the IP address of your device, the type of browser and device you are using, and the referrer URL (the address of the Internet page from which you came to our Internet site ), The user ID (for logged in users), and the amount of data transferred. These data are always used anonymously and stored only for as long as they are actually needed. See also the following web analytics “Cookies and Counting Pixels”. Certain information related to access to your account (IP address, access times) is stored in your account for security reasons and for your information. BitsaboutMe can publish anonymous statistics about the use of the services.

Your account – To set up your personal BitaboutMe account and to ensure your access to it, we use and store your name, email address, phone number (together “account information”) and your encrypted password and link it to your account . Your account is then automatically linked to your personal data store (see “Your PDS” below). The access to your account and the decryption of the data stored in your PDS is only possible via the password you have created. Your encrypted password and account information will be stored on protected servers outside your PDS to authorize access to your account and PDS.

Your PDS – In your personal data store, we store, process and analyze the data imported from third-party sources, as well as from our services or yourself, according to your request and your order (also “Our Services”). These data are always stored encrypted in your PDS and are only readable if you are logged into your account with your password. The data from third-party sources imported by us to your PDS on your behalf are always a copy. We will not delete or alter any of your personal data in the source systems of the respective third party sources. No one but yourself will have access to your PDS, unless you give us or third parties your explicit and revocable consent at any time.

Our Services – BitsaboutMe allows you to evaluate the data in your PDS by analyzing tools from BitsaboutMe. All analysis tools provided by BitsaboutMe run within a closed system. The data analyzed and evaluated are stored in your PDS and are thus neither accessible by us nor by third parties at any time. By specifying your login data for the respective account (e.g. Facebook, Migros Cumulus, E-Mail), you authorize and authorize the respective accounts with your PDS and by means of interface a copy of the data selected by you for the import from the respective To import, edit (in particular analysis and evaluation) and to store the data source in its PDS. Every time you login to BitsaboutMe through your account, grant us these permissions again. This allows us to ensure current, automatic data synchronization and analysis at all times. In your account settings, you can manually manage this automatic data update and analysis for individual services. We store your login data for access to the data sources encrypted in your PDS.

Newsletter – If you agree to our newsletter (Opt-in), we use your personal data (especially your email address) to send it. Our newsletters may contain information and offers about their own services, as well as services provided by third parties, which are related to the services of BitsaboutMe. You can always unsubscribe from newsletters in your account, or directly by unsubscribing in the appropriate email.

Web analytics “Cookies and Counting Pixels” – On our website we use “cookies” and “counting pixels”, technologies which enable us to collect and analyze statistical data about the use of our website in order to improve our services on an ongoing basis. The cookie is a small data packet that is sent to your browser by the web server and stored on the hard disk of your computer (cookies can be deleted or denied at any time via your browser settings). A counting pixel is a file that is implemented on our website and allows us to collect statistical usage data, such as the evaluation of the visitor traffic.

The only cookie we use is the so-called session cookie. This is essential for the functioning of our services and will be deleted automatically at the end of your session. We deliberately forgo cookies, especially third-party cookies, which are commonly used to track users. This results in small losses in convenience, e.g. we need to wait until after logging in to set your preferences (e.g. language selection) in our services.

We use the open source software Matomo (formerly Piwik), which allows us to ensure your privacy, by using counting pixels for web analysis. We consciously refrain from using Google Analytics.

In both cases (cookies and counter pixels), we ensure that your data is always processed anonymously.

Social media plugins – In your account/services are integrated functions (so-called plugins) of different third-party social media platforms (like Facebook, Twitter, Instagram). We use a special “two-click” implementation of these plug-ins to protect your privacy, where only third-party data are exchanged when the plugins are activated by you, i.e. clicked. As long as these plugins are only displayed, no data exchange takes place. These plugins allow you to share content on social networks. If you enable this plug-in when browsing the web page (for example, “share button” from Facebook), a connection to the servers of this website is established. Data can be transmitted to this third party provider. If you are logged on to this third-party network at the same time, the visit to BitsaboutMe can be associated with your network account (e.g. Facebook account). BitsaboutMe has no influence on the way this data is transmitted. The purpose and scope of the data collection and the further processing and use of the data by your Social Media provider as well as your rights and settings for the protection of your privacy can be found in the privacy notice of this provider.

For what purpose we can make data available to third parties

Because the data in your PDS is encrypted, we can only disclose the data associated with your account (name, email, mobile number) and anonymous usage information to third parties according to these privacy guidelines. If for some reason it is necessary to divide the data stored in your PDS encrypted with BitsaboutMe or a third party, this can only be done after an explicit approval by you (Opt-in).

Contract partners working with BitaboutMe – In some cases (especially to improve and protect our services), it may be useful for us to access third-party services (e.g. hosting providers, IT support, or web analytics). When selecting these assistants and service providers, we pay particular attention to their trustworthiness and the fact that any personal data transmitted should only be processed anonymously and not disclosed in the scope of the respective contractual purpose and wherever possible.

Our two most important data-relevant service providers are:

OVH – Global number 3 among the internet hosting providers
We rent our servers and data storage at OVH, in the most modern, exclusively European data centers and manage this infrastructure independently.

Matomo.org – Leading open source web analytics platform
We run our own Matomo instance on our servers under our control. To protect your privacy, our Matomo implementation “Do Not Track” respects browser settings, does not use cookies and does not store personal data.

Without your explicit consent, we will never share or sell your personal data to advertisers or any third parties who are not contractors.

Judicial and administrative authorities – In the case of plausible evidence, we may process and disclose the personal data required to uncover or block fraudulent, unlawful or illegal use of BitsaboutMe, our services or our proprietary rights. Furthermore, we may be required to disclose personal data on the basis of a court or administrative authority request or on suspicion of a criminal offense or an unlawful act.

How we protect your data

Location – Site data will only be stored and processed within trustworthy data centers of leading providers within the EU and Switzerland. In doing so, we ensure that all rights between you and BitaboutMe are respected.

Security – BitaboutMe’s primary priority is to protect your data against manipulation, loss, and unauthorized third-party access by means of appropriate technical and organizational measures, and to continually improve our security measures in accordance with technological developments. Our employees and the third parties commissioned by us have been obliged by us to maintain confidentiality and to comply with these data protection guidelines. All data, logins and passwords in your PDS are stored encrypted and can only be decrypted by you with your personal password. BitsaboutMe always uses recognized, high standards of encryption technology, i.e. only HTTPS for data transfer as well as SQLCipher, an open source extension of SQLite, which ensures a transparent 256-bit AES encryption of the data in the PDS.

Duration – We store your data only as long as we need it to provide you with our services or as required by law. When you delete your account, we will also irrevocably delete your data stored in your PDS.

These are your rights: information, deletion and data export rights

You have the right at any time to receive information about the personal data which we have stored about you, to correct, supplement or completely delete them and to dispute the processing of your personal data. The corresponding functionalities are included in BitaboutMe services right from the start and are easily accessible. Please note that the use of our services is no longer possible and that an application for deletion may be subject to statutory storage obligations. Any further requests in this regard should be directed to privacy@bitsabout.me.

Changes

Privacy Policy – BitsaboutMe reserves the right to alter or amend this Privacy Policy from time to time. We will inform you in advance about any significant changes. Your continued use of BitsaboutMe is deemed to be your acceptance of any changes.

Legal conditions – Your personal data is yours, we import and keep it on your behalf for you. This fact remains unaffected by changes in the context of any restructuring, merger, takeover or sale of BitsaboutMe. Your personal data is always encrypted and under your sole control. In the case of a structural change, BitaboutMe will notify you of this via the email address associated with your account. If you do not agree to such a change, you may at any time download your data from your PDS and/or permanently delete your account with all data.

Version March 2017