Protecting personal data and responsibly handling the information that you entrust to us are important concerns for us.

In this privacy statement, we, Clyde Mobility AG, explain what personal data we collect in connection with our activities and operations including our website www.clyde.ch - in particular, we explain what personal data we process, for what purpose, how and where we process it. Personal data is understood to include all information that relates to an identified or identifiable person.

Other legal documents, such as terms and conditions (T&Cs), terms of use or terms of participation, may apply to individual or additional activities.

Unless stated otherwise in individual cases, Clyde Mobility AG is the controller for data processing.

If you have any data protection concerns, you can let us know by contacting us at the contact address given below.

Clyde Mobility AG, Data Protection, Alte Steinhauserstrasse 12, 6330 Cham, Switzerland

You can also raise any concerns by emailing them to us at: [email protected].

Our representative in the EEA in accordance with Art. 27 of the GDPR is: AMAG (Vaduz) AG, Austrasse 37, 9490 Vaduz, Switzerland.

When you visit our website, or when you use our services, or when you apply for a job with us, your personal data is collected and processed. This concerns the following data in particular and is done in the following situations for the purposes listed below.

3.1 Car subscription

If you take out a subscription with us, we process the following data relating to the contract holder and the driver (if different) in order to fulfil the contract:

• Last name, first name

• Postal address

• Email address

• Date of birth

• Contact data

• Payment details

• Credit check of the contract holder

• Driving licence

Our cars are equipped with an autoSense adapter. The use of the autoSense service requires the collection, storage and processing of certain personal data and other data about the vehicle connected to the autoSense service. In particular, this includes the collection, storage and processing of the following data/categories of data by autoSense and third parties (e.g. software suppliers):

• Vehicle data (GPS position of the vehicle, driving behaviour such as speed deviations, sharp turns, abrupt acceleration and braking, etc.)

• Trip data (information on trips made such as start and end points, trip length, time travelled, etc.)

• Vehicle error messages (engine faults, DTC codes, etc.)

• Other vehicle data (tank level, mileage, battery status, vehicle model, mass and weight, etc.)

• Data concerning data connections via the SIM card in the adapter (date, time, duration, data volume (upload and download))

• Information concerning the adapter (IMEI, serial number, hardware version, signal strength, etc.)

• IMSI of the SIM card installed in the adapter

• Information about the mobile device used (device ID, manufacturer, operating system type and version, language, version of the autoSense app, etc.)

• Payment information (including credit card details, fuel card details)

• Other data (including contract data, customer activity data such as information on the purchase of data packages and use of the customer account, evaluations, etc.)

3.2 Payments

We use specialised service providers to process your payments securely and reliably. The Terms and Conditions (T&C) or privacy statements of the individual service providers also apply to the processing of payments.

In particular, we use:

• Datatrans: payment processing; provider: Datatrans AG (Switzerland), data protection information:

• Worldline (formerly SIX Payment Services): Mobile and online payment processing; provider: Worldline Schweiz AG, data protection information: Privacy statement,

3.3  Contact form, phone call and live chat

If you contact us on the website using the contact form or live chat, we will process your name and contact details.

You have the option to contact us using a contact form or by email and to send an enquiry to us. In this context, we will process your name and contact details in order to make contact with you and to process your enquiry.

As an alternative to the contact form, you have the option to contact us using live chat. In this context, we process the personal data that you provide to us in the course of the chat (such as your first and last name and email address). Data can be collected and processed when you use the chat communication channel.

In particular, we use:

• Salesforce: Customer relationship management (CRM), provider: Salesforce.com Inc. (USA), data protection information: Privacy policy[AH2]  – Salesforce.com

If you call us on one of our phone numbers, we will process your phone number. If you leave us a voice message, we will process an audio file of your message.

3.4 Applications

If you apply to us, we will process the following personal data from you as part of and for the purpose of the application process:

• Name

• Contact data

• Date of birth

• Cover letter

• Curriculum vitae (CV)

• References/certificates

Data is forwarded within Clyde Mobility AG and AMAG Corporate Service AG personnel department to controllers involved in the application process.

If a contract is not concluded, we will delete your data unless you have given us your consent for continued storage.

We use the personal data we collect primarily to conclude and execute our contracts with our customers and business partners, to provide, maintain, protect and improve our services, and to comply with our legal obligations in Switzerland and abroad. In addition, we process personal data from you and other persons, to the extent that this is permitted and seems appropriate to us, for the following purposes in which we (and sometimes third parties) have a legitimate interest that corresponds to the purpose:

• Offering and developing our products, services and websites, apps and additional platforms on which we are present;

• Checking the credit score and rating of potential and current customers;

• Communicating with third parties and processing their enquiries (e.g. via contact forms, media enquiries);

• Reviewing and optimising procedures to conduct needs analyses for the purpose of approaching customers directly as well as collecting personal data from publicly accessible sources for the purpose of customer acquisition;

• Advertising and marketing (including holding events) provided that you have not objected to the use of your data (if we send advertising to you as an existing customer, you may object to receiving such advertising at any time, in which case, we would place you on the list of customers to whom advertising should not be sent);

• Market and opinion research, media monitoring

• Asserting legal claims and defences in connection with legal disputes and official proceedings;

• Preventing and clarifying criminal acts and other misconduct (e.g. conducting internal investigations, data analyses for the prevention of fraud, managing whitelists and blacklists for the purposes of risk optimisation and exchanging such lists with third parties);

• Assuring our operations, in particular IT, our websites, apps and other platforms;

• Purchasing and selling business areas, companies or parts of companies and other corporate law transactions and the transfer of personal data related to this; business management measures and compliance with statutory and regulatory obligations as well as internal rules of AMAG.

• Processing of alleged violations of traffic regulations and other legal provisions, in particular disclosure of personal data of customers and other users to the competent authorities and private claimants.

If you have given us consent to process your personal data for specific purposes (e.g. when you signed up to receive newsletters or for conducting a background check), we process your personal data within the scope of, and based on, this consent if we do not have any other legal basis and/or we require such a basis. Any given consent may be withdrawn at any time, although this will not have any effect on data processing that has already been completed.

5.1       Server log files
When you visit our website, your visit is logged as with any other website. First of all, the following automatic log data is collected, which your browser/device transmits to us:

• The IP address currently used by your device or router,

• Date and time of the visit

• Browser type, version and language

• The operating system of your device

• The pages you are viewing,

• Access status / HTTP status code

• Name and size of the requested file(s)

• And, if applicable, the URL of the referring website
  

This data is only collected for the purposes of data security, to improve our website and for error analysis.

5.2 Cookies

Clyde Mobility AG uses cookies on its website. Here you can find additional information on the type, scope and purposes of data processing when cookies are used.

A cookie is a small file that is sent to your computer or automatically saved to your computer or mobile device by the web browser you use when you visit our website or install our app. At the beginning of your website visit, you can select the cookies you want in our preference centre and can give your consent to the processing or your data. You can object to the data processing at any time with effect for the future by preventing the storage of cookies through your browser settings or by changing the consents saved in the preference centre.

In general, we distinguish between the following types of cookies:

Essential cookies

These cookies are necessary for our website to function and they cannot be switched off in our systems. They are in general only placed in response to actions taken by you that amount to a service request, such as the setting of your privacy preferences, logging in or the completion of forms. You can set your browser to block these cookies or to warn you against using them. However, if you do so some parts of the website will not work. These cookies do not store any information that allow you to be personally identified.

Performance cookies

We can use these cookies to count sources of visits and traffic, in order to measure and improve the performance of our website. They help us to determine which pages are the most popular and which are requested least often, and to identify how visitors move around on the pages. All data that is collected by these cookies is aggregated and therefore anonymous. If you do not consent to these cookies, we will not know when you visited our website and we cannot monitor its performance.

Functional cookies

By using these cookies, the website can provide better functionality and personalisation. They can be placed by us or third-party vendors whose services we have added to our website. The purpose of these cookies is to provide you with a more personalised experience on our website, based on your previous visits and selections. If you do not allow these cookies, some or all of these services will not function properly.

Targeting and advertising cookies

These cookies can be placed on our website by our advertising partners. They can be used and shared by these companies to build a profile of your interests and to show you relevant advertising on other websites. This process is based on uniquely identifying your browser and Internet device. If you do not allow these cookies, you will receive less targeted advertising.

Statistics cookies

Performance cookies help us understand how you interact with the website by collecting information anonymously, such as which pages and links you have visited or clicked on, how long you have been on a page, the vehicles you have configured in our configurator, and which device you have used; we use this information to improve our understanding of how people use our website and to ensure that it functions properly. This data is not used for marketing or advertising purposes and is also not disclosed to third parties.

Google Analytics

Google Analytics is a web analytics service provided by Google Ireland Limited. If the controller of data processing on this website is located outside the European Economic Area or Switzerland, then Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as ‘Google’.

Google Analytics uses performance cookies, which enable an analysis of the use of the website by the page visitor. The information generated by the cookie about the use of this website by the page visitor (including the truncated IP address) is usually transmitted to a Google server and stored there.

Google Analytics is used exclusively with the ‘_anonymizeIp()’ extension on this website. This extension ensures that the IP address is anonymised by truncating it and excludes any direct reference to a person. The IP address transmitted by your browser within the framework of Adobe Analytics is not merged with other Google data.

Google will use this information on behalf of the website operator to evaluate website use, compile reports on website activity and provide the website operator with other services relating to website activity and internet use. The legitimate interest in data processing lies in the optimisation of this website, the analysis of the use of the website and the adaptation of the content. The interests of users are adequately safeguarded by pseudonymisation.

Google LLC offers a guarantee based on the standard contractual clauses to maintain an appropriate level of data protection. The data transmitted which is linked to cookies, user IDs or advertising IDs is automatically deleted after 50 months. Data whose retention period has expired is automatically deleted once a month.

Collection by Google Analytics can be prevented by the site visitor changing the cookie settings for this website. The corresponding browser plug-in can be downloaded and installed from the following link: https://tools.google.com/dlpage/gaoptout.

Further information on Google’s use of data, as well as the settings and objection options, can be found in Google’s privacy policy (https://policies.google.com/privacy) and in Google’s marketing settings (https://adssettings.google.com/authenticated).

Google Ads conversion tracking

For the purpose of online marketing, we use Google Ads from Google Ireland Limited to advertise our products. If the data controller on this website is located outside the European Economic Area or Switzerland, Google Ads data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as ‘Google’. In this context, we use conversion tracking on our website.

When you click on an ad placed by Google, a cookie is set for conversion tracking. These cookies are valid for 30 days and are not used to identify users personally. If the user visits certain pages of this website and the cookie has not yet expired, Google and we may recognise that the user clicked on an ad and was redirected to this page.

Each Google Ads user is assigned a different cookie. The information collected with its help is used to generate statistics for Google Ads customers who have opted for conversion tracking. In this way, we find out the total number of users who click on our ads and are redirected to a page with a conversion tracking tag. However, we do not receive any information to identify these customers personally. If you do not wish to participate in tracking, you can opt out of this use by deactivating the Google conversion tracking cookie in your internet browser in the user settings. In this case, you will not be included in the conversion tracking statistics.

You can find more information about Google Ads and Google conversion tracking in Google’s privacy policy at https://policies.google.com/privacy?hl=ch.

Google Tag Manager

For our website, apps and web interface, we also use Google Tag Manager from Google Inc. Google Tag Manager allows us to manage the code sections of the tracking tools we use centrally. The Google Tag Manager itself is a domain that does not set cookies or store data, but merely acts as the administrator of the set tags.

Mixpanel

Our website uses Mixpanel, a tool for product analysis. The service provider is the American company Mixpanel Inc., One Front Street, Floor 28, San Francisco, CA 94111, USA

Mixpanel also processes your data in the USA, among other places. You can find out more about the data processed through the use of Mixpanel in their Privacy Policy at https://mixpanel.com/legal/privacy-policy

Hotjar

We use the ‘Hotjar’ analytics tool on our websites to analyse your user behaviour. Your data is processed based on your consent provided in the cookie settings. Hotjar uses cookies and tracking codes to collect your user data on our websites on our behalf. Hotjar collects the following information (list not exhaustive):

• The end device’s IP address

• The end device type

• The size of the end device screen

• The geographic location

• The language selected on the website

• The referring domain

• Date and time of the website visit.
  

Your data is stored on servers in Ireland.

5.4 Processing of your data on our pages on social networks

We may operate pages and other online presence on social networks and other platforms operated by third parties (e.g. ‘Fan Pages’, ‘Channels’, ‘Profiles’, etc.) and collect the following data about you there. We receive this information from you and the Platforms when you contact us via our online presence (e.g. when you communicate with us, comment on our content or visit our website). The respective platforms also collect technical data, registration data, communication data, behavioural and preference data about you, and at the same time evaluate your use of our online site (e.g. what you view, comment on or share) and link this data with other data about you known to the platforms (e.g. about your behaviour and preferences). They also process this data for their own purposes and on their own responsibility, specifically for marketing and market research purposes (e.g. personalised advertising) and for managing the platforms.

For more information on the processing carried out by the operators of the platforms, please refer to the privacy policy of the respective platform. It also tells you where the respective platform processes your data, what data subject rights you have and how you can exercise those rights. We currently use the following platforms:

Facebook

This is where we operate the site (Clyde Mobility). The responsible party for operating the platform for users is Meta Platforms Ireland Limited (‘Meta’), Dublin, Ireland. You can find their privacy policy at facebook.com/policy. Some of your data will be transferred to the USA. You can object to advertising here: www.facebook.com/settings?tab=ads. We and Meta are jointly responsible for the data that is collected and processed when you visit our website for the purpose of creating ‘Insights’. Insights generate statistics about what visitors do on our site (commenting on posts, forwarding content, etc.). This is described at https://www.facebook.com/business/help/144825579583746?id=939256796236247. This helps us to understand how our site is used and how we can improve it. We only receive anonymous, aggregated data. We have defined our responsibilities with regard to data protection in accordance with the information provided at https://www.facebook.com/legal/controller_addendum.

Instagram

We run the fan page (Clyde_Mobility) on Instagram. Meta Platforms Limited (‘Meta’), Dublin, Ireland, is responsible for operating the platform for users from Europe. You can find their privacy policy at https://privacycenter.instagram.com/policy/?__coig_consent=1. Some of your data may also be transferred to the USA. We and Meta are jointly responsible for the data that is collected and processed when you visit our fan page for the purpose of creating ‘Insights’. Insights generate statistics about what visitors do on our site (commenting on posts, forwarding content, etc.). This is described at https://www.facebook.com/business/help/441651653251838?id=419087378825961. This helps us to understand how our fan page is used and how we can improve it. We only receive anonymous aggregated data. We have defined our data protection responsibilities in accordance with the information provided at https://www.facebook.com/legal/controller_addendum.

LinkedIn

We operate a company page on LinkedIn (Clyde Mobility). LinkedIn Ireland Unlimited Company (‘LinkedIn’) is responsible for operating the LinkedIn platform for users from the EU, the EEA and Switzerland. You can find LinkedIn’s privacy policy at https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy. Some of your data may also be transferred to the USA. We and LinkedIn are jointly responsible for the data collected and processed in connection with your visit to our company page (‘Page Insights’). As part of Page Insights, we receive statistics on visitors to our Company Page. This is described at https://legal.linkedin.com/pages-joint-controller-addendum and allows us to improve our understanding of how our company page is used and how we can improve it. We are responsible for data protection according to the information provided at https://legal.linkedin.com/pages-joint-controller-addendum

Pinterest

Our website uses the plug-in of the social network Pinterest, which is operated by Pinterest Inc., 505 Brannan Street San Francisco, CA 94107, USA.

The data is only sent to Pinterest when the user activates the social media plug-in by clicking on the selected plug-in. The user can choose when to activate the plug-in. In this case, Pinterest may establish a direct connection to the user during your visit to the website that enables Pinterest to detect details of the user’s visit and analyse the relevant information. Pinterest is responsible for further processing of personal data in accordance with data protection laws and the data protection guidelines published on its website (https://policy.pinterest.com/en-gb/privacy-policy). Please read the privacy policies of your social networks carefully for detailed information about the collection and transfer of personal information, your rights, and how to achieve satisfactory privacy settings.

5.5 MyClyde

MyClyde is Clyde’s digital customer portal. You can register there with your email address and a password. You can view your subscription and access documents on the portal.

To provide our services, we need to transfer personal data both within the company and externally.

This involves, in particular, the following parties:

• Our service providers (within the AMAG Group and to the extent permitted by law also externally, e.g. banks or insurance companies), including processors (e.g. IT providers);

• Dealers, service partners, suppliers, subcontractors and other business partners;

• Authorities, official agencies or courts in Switzerland and abroad

• Processing traffic regulations and other violations of law, in particular disclosing personal data of customers and other users to the competent authorities and private claimants.

Where necessary for the provision of our services, personal data will be transmitted to the aforementioned bodies in Switzerland and the EU. If we transfer data to a third country, we will provide an adequate level of protection, as prescribed by law, through use of appropriate contracts and/or measures (based in particular on the standard contractual clauses of the European Commission) or so-called Binding Corporate Rules.

We process and store your data for as long as it is necessary for the fulfilment of our contractual and legal obligations or for the purposes pursued by the processing.

To protect your personal data against unauthorised access and misuse, we take appropriate technical and organisational safety precautions such as issuing directives, providing training, IT and network security solutions, access monitoring and restrictions, pseudonymisation and controls.

In the course of our business relationship, you must provide us with the personal data required to enter into and conduct a business relationship, and to perform the related contractual obligations (as a rule, you do not have a statutory obligation to provide us with data). Without this data, we will generally not be in a position to conclude a contract with you (or with the body or person you represent) or to execute it. In addition, our websites can only be used if certain information ensuring the free flow of data (e.g. IP address) is disclosed.

As a data subject, you have the following rights with us:

Right of access

You have the right to obtain information about the processing of your personal data.

A request for information is generally free of charge. A fee may be charged where the request entails a particularly extensive amount of work, the request for access to information is excessive or notorious, unless there is a legitimate interest. 

In order to exercise these rights, you must provide unambiguous proof of identity (e.g. by means of a copy of an ID document). To assert your rights, you can contact us at the address indicated in section 2.

Right to rectification

You have the right to request the rectification of inaccurate or incomplete personal data about you.

Right to erasure

You have the right to request the erasure of your data under certain circumstances. Under this right, you may, for example, request the erasure of your data, provided this data is no longer required for the purposes for which it was collected. You can also request erasure if we process your data on the basis of your consent and you withdraw that consent.

Right of withdrawal

At all times, you have the right to withdraw your consent with effect for the future. Please send your notice of withdrawal to: [email protected].

Complaints

Furthermore, every data subject has the right to assert their claims in a court of law or to file a complaint with the responsible data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch/edoeb/en/home.html).

In Liechtenstein the data protection authority of the Principality of Liechtenstein (https://www.datenschutzstelle.li) is responsible.

We may amend this Privacy Statement at any time without prior notice. The applicable version of the Privacy Statement is the latest version as published on our website. If the Privacy Statement forms part of an agreement with you, we will notify you of any updates to it where this is possible without undue expense.