Usage of the Website
of Association Enso
Updated on 09.01.2023
Association Enso (a company incorporated in Switzerland, under license number CH-020-6002818-7, with registered office and principal place of business at Badenerstrasse 549, 8048 Zurich) is the operator of the website www.enso.finance and is therefore responsible for the collection, processing and use of your personal data and the compatibility of the data processing with applicable data protection laws.
Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate safeguards. We are committed to handling your personal data responsibly. It goes without saying that we comply with the legal provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (OFADP), the Telecommunications Act (TCA) and, where applicable, other provisions of data protection law.
To help you understand what personal data we collect from you and for what purposes we use it, please read the information below.
1. Scope and purpose of the collection, processing, and use of personal data
A. When visiting www.enso.finance
When you visit our website, every access is temporarily stored in a log file. The following data is collected without your intervention and stored until automatic deletion:
the IP address of the requesting computer
the date and time of access
the website, from which the access was made (referrer URL) with the search term used, if applicable
the name and URL of the retrieved file
the website, from which the access was made
the status code (e.g. error message)
the operating system of your computer and the browser you are using (type, version)
the country you accessed from and the language settings of your browser
the name of your Internet Access Provider
the transmission protocol used (e.g. HTTP/1.1) and
if applicable, your user name from a registration/authentication.
The collection and processing of this data is carried out for the purpose of enabling the use of our website (connection establishment), to ensure system security and stability on a permanent basis and to enable the optimisation of our Internet offer as well as for internal statistical purposes.
Finally, the IP address is evaluated together with other data in the event of attacks on the network infrastructure or other unauthorised or abusive website use for the purpose of clarification and defence and, if necessary, used in the context of criminal proceedings to identify and take civil and criminal action against the users concerned.
B. When registering for our newsletter
On our website, you have the possibility to subscribe to our newsletter. Registration is required for this. The following data must be provided as part of the registration (mandatory*):
email-address
After entering the aforementioned information, the registration for the newsletter takes place automatically. We use the e-mail marketing software Mailchimp from The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA (Mailchimp), to send the newsletter. You can find more information about the data processing in connection with Mailchimp here
We will use your data for sending the newsletter until you revoke your consent. You can revoke your consent at any time with effect for the future or use the unsubscribe link in the newsletter e-mails.
Our newsletter contains a so-called web beacon or similar technical means (tracking pixel). A web beacon is a 1x1 pixel, invisible graphic that is associated with the user ID of the respective newsletter subscriber. Through the web beacon, we receive the following information about the newsletter dispatch:
address file used;
subject and number of newsletters sent;
information on which addresses have received or not received the newsletter and for which addresses the dispatch has failed;
information on which addresses have opened the newsletter;
information on which addresses have unsubscribed; and
technical information (e.g. time of retrieval, IP address, browser type and operating system).
This information is used for statistical analysis of our newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. The web beacon is deleted when you delete the newsletter.
You can prevent the use of the web beacon by disabling the display of HTML in your mail programme, if this is not already the case by default. On the following pages, you will find explanations on how to make this setting in the most common e-mail programmes.
By registering for the newsletter, you give us your consent to process the data provided for the regular dispatch of the newsletter to the address you have provided as well as for the statistical evaluation of user behaviour and the optimisation of the newsletter.
2. Disclosure of data to third parties
We only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the relationship between you and Association Enso.
In addition, we pass on your data to third parties insofar as this is necessary in the context of the use of the website for the provision of the services you have requested and for the analysis of your user behaviour. The use of the data passed on for this purpose by the third parties is strictly limited to the aforementioned purposes. If the website contains links to third-party websites, Association Enso no longer has any influence on the collection, processing, storage, or use of personal data by the third party after clicking on these links and accepts no responsibility for this.
A service provider, to whom the personal data collected via the website is transferred or who has or may have access to it is our web host Vercel. Vercel Inc. is located at 340 S Lemon Ave #4133, Walnut, California 91789. The website is hosted on servers in the USA. The data is transferred for the purpose of providing and maintaining the functionalities of our website. You can find more information on Vercel's Privacy Policy here
We use the "HEROKU" service of the service provider Salesforce.com Inc, Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, California 94105, USA (hereinafter "HEROKU") to host your data, including the wallet-address, Twitter-account, if linked. Your data may be transferred to the USA. We have concluded a contract with HEROKU that includes the EU standard contractual clauses. This ensures that a level of protection comparable to that in the EU exists (see also section 8 on data transfer to the USA). Further information can be found in the HEROKU data protection declaration: https://www.salesforce.com/company/privacy/
3. Cookies
Cookies help in many ways to make your visit to our website easier, more enjoyable, and more meaningful. Cookies are information files that your web browser automatically stores on your computer's hard drive when you visit our website.
Most Internet browsers automatically accept cookies. However, you can configure your browser such that no cookies are stored on your computer or a message always appears when you receive a new cookie. On the following pages, you will find explanations of how you can configure the processing of cookies in the most common browsers:
Deactivating cookies may mean that you cannot use all the functions of our website.
4. Tracking tools (Google Analytics)
On our website, we use Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses methods that enable an analysis of the use of the website, such as cookies. The information generated by the cookie about your use of our website, such as
navigation path that a visitor follows on the website,
time spent on the website or a sub-page,
the subpage, on which the website is left,
the country, region or city, from where access is made,
end device (type, version, colour depth, resolution, width and height of the browser window),
returning or new visitor,
browser type/version,
operating system used,
referrer URL (i.e. the previously visited website),
host name of the accessing computer (IP address) and
time of the server request,
is usually transferred to a Google server in the USA and stored there. In doing so, the IP address is shortened by activating IP anonymisation ("anonymizeIP") on this website before transmission. The masked IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data, according to Google. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. In these cases, we ensure through contractual guarantees that Google complies with a sufficient level of data protection.
The information is mainly used for location tracking purposes. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf.
Users can prevent the collection of the data generated by the cookie and related to the website use by the user concerned (incl. the IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout
You can find more information about Google and how Google processes data here
LogRocket
Our website uses the LogRocket analysis service. The data processing is carried out by: LogRocket Inc, 87 Summer St, Boston, Massachusetts 02110, US, USA. When you visit our Website, LogRocket collects information about your use of our Website, such as pages visited, links clicked, non-sensitive text and mouse movements, as well as information that is collected more frequently, such as the referring URL, browser, operating system and information about your Internet service provider.
LogRocket allows us to see what users are doing on our Website, which helps us reproduce errors and resolve problems with the operation of our Website more quickly.
All data is stored anonymously on the servers of LogRocket Inc. in the USA. No conclusions about your person can be drawn from the collected data. inferred.
You can find more information about the handling of user data in the LockRocket privacy policy: https://logrocket.com/privacy
We have concluded a contract with LogRocket that includes the EU standard contractual clauses. This ensures that a level of protection comparable to that in the EU exists (see also section 8 on data transfer to the USA).
You can oppose the data collection by the LogRocket service by deactivating the respective cookies (see Section 3 above regarding Cookies).
Posthog
We use functions of the Posthog service on our Website to analyse and optimise user behaviour and the user-friendliness of our Website. These features are provided by Posthog Inc, 965 Mission Street, San Francisco, CA 94103 USA.
Posthog may record and reflect your behaviour on our Website. For this purpose, Posthog collects and processes information, such as your IP address, wallet address, your browser, visited pages, clicked links etc.) to simulate your behaviour. The storage of this data is limited in time and is only used to improve our service according to your needs.
For more information, please see Posthog's privacy policy: https://posthog.com/privacy.
We have concluded a contract with Posthog that includes the EU standard contractual clauses. This ensures that a level of protection comparable to that in the EU exists (see also section 8 on data transfer to the USA).
You can oppose to the data collection by the Posthog service by deactivating the respective cookies (see Section 3 above regarding Cookies).
5. Cloudflare
We use the functions of CloudFlare. The provider is CloudFlare, Inc. 665 3rd St. 200, San Francisco, CA 94107, USA. CloudFlare offers a so-called worldwide distributed content delivery network with DNS. Technically, the information transfer between your browser and our web pages is routed through CloudFlare's network. CloudFlare is thus able to analyze the data traffic between users and our websites, for example, to detect and prevent attacks on our services. In addition, CloudFlare may store cookies on your computer for optimization and analysis.
Cloudflare generally forwards only that data which is controlled by us as the website operator. The content is therefore not determined by Cloudflare, but always by the website operator itself. In addition, Cloudflare may collect certain information about the use of our website and process data that is sent by us or for which Cloudflare has received appropriate instructions. In most cases, Cloudflare receives data such as contact information, IP addresses, security fingerprints, DNS log data, and website performance data derived from browser activity. Log data helps Cloudflare detect new threats, for example. This allows Cloudflare to ensure a high level of security protection for our website. Cloudflare processes this data as part of the services in compliance with applicable laws.
For security reasons, Cloudflare also uses a cookie. The cookie (__cfduid) is used to identify individual users behind a shared IP address and to apply security settings for each individual user. This cookie becomes very useful, for example, when you use our website from a location where there are a number of infected computers. However, if your computer is trustworthy, we can recognize this from the cookie. Thus, despite infected PCs in the vicinity, you can surf our website unhindered. It is also important to know that this cookie does not store any personal data. This cookie is absolutely necessary for the Cloudflare security features and cannot be disabled.
We have concluded a contract with Cloudflare that includes the EU standard contractual clauses. This ensures that a level of protection comparable to that in the EU exists (see also section 8 on data transfer to the USA).
Cloudflare addresses in their privacy policy that they are not responsible for the content they receive. For example, when you ask Cloudflare to update or delete your content, Cloudflare basically refers you to us as the website operator. You can also completely prevent Cloudflare from collecting and processing all of your data by disabling the execution of script code in your browser or by installing a script blocker in your browser (see section 3 above regarding Cookies).
Please find further information about the data processing by Cloudflare on:
https://www.cloudflare.com/gdpr/introduction6. Transfer of personal data abroad
Association Enso is also entitled to transfer your personal data to third companies (commissioned service providers) abroad, insofar as this is necessary for the data processing described in this privacy policy. These are obliged to data protection to the same extent as we are. If the level of data protection in a country does not correspond to that in Switzerland, we will ensure by contract that the protection of your personal data always corresponds to that in Switzerland.
7. Data security
We use appropriate technical and organisational security measures to protect personal data against manipulation, partial or complete loss and against unauthorised access by third parties.
8. Note on data transmissions to the USA
Some of the third-party service providers mentioned in this privacy policy are based in the USA. For the sake of completeness, we would like to point out that there are surveillance measures in place in the USA by US authorities, which generally allow the storage of all personal data of all persons, whose data has been transmitted to the USA. This is done without any differentiation, limitation or exception based on the objective pursued and without any objective criterion that would make it possible to limit the access of the US authorities to the data and its subsequent use to very specific, strictly limited purposes that are capable of justifying the intrusion associated with both the access to and the use of this data. Furthermore, we would like to point out that in the USA, foreign data subjects do not have any legal remedies that allow them to obtain access to the data concerning them and to obtain its correction or deletion, or that there is no effective judicial legal protection against general access rights of US authorities. We explicitly draw the attention of data subjects to this legal and factual situation so that they can make an appropriately informed decision to consent to the use of their data.
We would like to point out that the USA does not have a sufficient level of data protection from the perspective of Switzerland – among other things, due to the issues mentioned in this section. Insofar as we have explained in this privacy policy that recipients of data (such as Google, Mailchimp) are based in the USA, we will ensure that your data is protected at an appropriate level with our partners through contractual arrangements with these companies as well as any additional appropriate guarantees required, which protect the rights of individuals, whose personal data is transmitted to a third country.
9. Your rights
You can object to data processing at any time. You also have the following rights:
A. Right of access:
You have the right to request access to your personal data stored by us at any time and free of charge when we process it. This gives you the opportunity to check what personal data we process about you and that we use it in accordance with applicable data protection regulations.
B. Right to rectification:
You have the right to have inaccurate or incomplete personal data rectified and to be informed of the rectification. In this case, we will inform the recipients of the data concerned of the adjustments made, unless this is impossible or involves disproportionate effort.
C. Right to erasure:
You have the right to have your personal data erased under certain circumstances. In individual cases, the right to erasure may be excluded.
D. Right to restriction of processing:
You have, under certain conditions, the right to request that the processing of your personal data be restricted.
E. Right to data portability:
Under certain circumstances, you have the right to obtain from us, free of charge, the personal data you have provided to us in a machine-readable format
F. Right to complain:
You have the right to complain to the Federal Data Protection and Information Commissioner about the way your personal data is processed.
G. Right of revocation:
In principle, you have the right to revoke your consent at any time with effect for the future. Processing activities based on your consent in the past do not become unlawful as a result of your revocation.
10. Contact
If you have any questions about data protection on our website, would like information or would like to have your data deleted, please contact us by sending an e-mail to privacy@enso.finance.