PRIVACY POLICY.
COMMITMENT TO DATA PROTECTION FOR GIT SA PRODUCTS AND SERVICES
ID 49807, Version 6, Last modified on 31.08.2023, Modified by Mickaël Strazzeri
See our VISCHER Privacy Score report , produced by Vischer.
5 business segments
These provisions apply to the five business segments offered by GIT SA:
1. Use of our website (www.git.ch)
2. Use of our Cloud software
3. Use of our software in local mode
4. Assistance by GIT SA technical support
5. Commercial activities
GIT SA hereby undertakes to :
1 Use of our website (www.git.ch)
1.1 Collection of voluntary information
When you register on our site, we collect a certain amount of nominative and personal information such as your first and last name, the company you work for, e-mail address and telephone number.
1.2 Automatic information collection
During your visit, we automatically receive and record information from your computer and browser, including your IP address, and the page you request.
1.3 Use of information
Any information we collect from you may be used to:
- Meet your individual needs
- Provide personalised content such as a newsletter
- Improve our website
- Improve customer service and your support needs
- Contact you by email
1.4 Disclosure to third parties
We are the sole owners of the information collected on this site. Your personal information will not be sold, exchanged, transferred, or given to a third party for any reason whatsoever without prior authorization.
1.5 Protection of information
We implement a set of measures to preserve the security of your personal information. We use industry-standard encryption to protect sensitive information during transfer and storage. Access to personal and identifiable data is controlled and limited to GIT SA employees and their trusted technical partners for the sole purpose of carrying out their duties (e.g. newsletter dispatch or customer service, website maintenance, backups, updates, etc.). Computers and servers used to store personally identifiable information are located in a secure environment that meets industry standards.
1.6 Do we use cookies?
Yes. Our cookies improve access to our site and identify repeat visitors. In addition, our cookies improve the user experience by tracking and targeting user interests. However, this use of cookies is in no way linked to any personally identifiable information on our site.
1.7 Unsubscribe
We use the email address you provide to send you occasional information about our products, activities, company news and, where appropriate, important information about the use of our products or services. If you wish to unsubscribe and no longer receive emails, simply send us an email to this address: protectiondesdonnees@git.ch.
1.8 Consent
By checking the appropriate box, you consent to the section of this document governing the collection and use of the information covered in section (1.1).
By visiting our site, you consent to the section of this document governing the collection and use of the information covered in section (1.2).
You can manage your consent directly on our site.
2 Using our cloud-based software (git-cloud/asp4experts/ConnectMe)
As a provider of IT and software services, GIT SA is committed to complying with its obligations under active official regulations. As a result, you, our customers, are also in a position to comply with the regulatory obligations associated with our services.
As a provider of IT and software services, GIT SA is committed to the following:
2.1 Data storage and ownership
Data entrusted to GIT SA as part of its cloud services are stored exclusively in data centers based in Switzerland, and are never transferred outside these infrastructures. The customer is and remains responsible for ownership of the data stored in the GIT SA cloud service, even if the data is stored for a third party.
2.2 Security standards
GIT SA implements all technical means and measures deemed appropriate and necessary to ensure the continuity, security and confidentiality of data.
Unless prior, written and explicit agreement has been given, access to data by GIT SA staff and its technical partners is strictly limited to the tasks entrusted to them by the customer. This exclusively concerns maintenance, backup and training operations.
Data access events are limited by the system and are recorded securely for audit purposes.
Any copy of data can only be made for technical reasons, and will be deleted as soon as the customer's request is closed.
2.3 Traceability
GIT SA ensures traceability of actions carried out by SaaS users, GIT SA maintenance technicians or technical partners when accessing data. This information is stored securely and access is restricted to technicians responsible for monitoring the security of our infrastructure.
2.4 Notification
GIT SA undertakes to inform you as soon as possible in the event of a data breach.
2.5 Data isolation
GIT SA undertakes to use physical and/or logical isolation systems (depending on the services) to isolate our customers' data from one another.
2.6 Responsiveness
GIT SA undertakes to be exemplary in its responsiveness to security updates on the systems and software you use.
2.7 Roles
In addition, it is essential to distinguish between the security of the infrastructures on which your data is hosted, and their operation and implementation by you.
Role of the customer
The customer is solely responsible for the security of access to GIT SA services (e.g. secure storage of user IDs/passwords, misuse of passwords, transmission of access to a third party, etc.).
Role of GIT SA
We are committed to ensuring the security of our infrastructures in accordance with the standards in force in Switzerland. In addition, we are committed to complying with the Swiss Federal Data Protection Act and European data protection standards (nLPD & RGPD).
2.8 Delegation to third parties
GIT SA ensures that trusted third parties (technical partners) engaged by GIT SA comply with the following provisions and regulations relating to data protection.
2.9 nLPD &RGPD
GIT SA undertakes to comply with the Swiss Federal Data Protection Act and the relevant European legal provisions governing the protection of personal data (RGPD), and to employ only technical partners who comply with these same provisions.
2.10 Website (www.asp4experts.ch, www.git-cloud.ch)
Use raw statistics on browsing and use to gain a better understanding of the areas of interest to customers, and to optimize servers according to traffic. These statistics include the IP (Internet Protocol) address assigned by the customer's access provider, the identity of the customer's computer, the SaaS user, the class of browser used, the time of connection and disconnection, and data relating to access to computer applications such as the name of the program, the company and the type of operation.
The customer is informed that these statistics are used for no other purpose than to better analyze general customer behavior and for maintenance purposes. GIT SA keeps this information confidential for a period of 12 months, undertakes not to communicate it to third parties other than its technical partners, and reserves the right only to communicate anonymous statistical analyses.
2.11 Data backup
GIT SA backs up the entire service infrastructure and customer data. These various backups are stored in the active data center and then immediately outsourced to a second data center in Switzerland. Both data centers comply with current legal requirements. Backups are kept for the current week (7 days).
2.12 Deletion of data
GIT SA will delete data (complete or partial) as soon as the customer has explicitly requested this. This request will be carried out within 8 days. The final and definitive deletion of the data will only be effective when the oldest backup set containing this data expires.
2.13 Enquiries
If you have any inquiries regarding our privacy policy or current regulations, please email us at protectiondesdonnees@git.ch.
2.14 General terms and conditions
In the event of any discrepancies between this text and the SaaS General Terms & Conditions & SLA, the French-language general terms and conditions of service shall prevail.
3 Using our software in local mode
As a local software provider :
3.1 Compliance
GIT SA is committed to ensuring that all its software complies with the obligations of active official regulations, in particular the European legal provisions governing the protection of personal data (RGPD) and the Swiss Data Protection Act (nLPD). Therefore, by using our software, you are also able to comply with the points of your regulatory obligations with regard to security, confidentiality, nLPD and RGPD.
It is understood that, as a user of our software, you must imperatively comply with your security processes in order to guarantee the confidentiality of the data used.
3.2 Tools and functionalities
GIT SA undertakes to ensure that all its software has the functions required by the nLPD as well as the RGPD, in particular traceability measures and other requests.
GIT SA also undertakes, if requested by the customer, to provide him with all the support necessary to comply with the European legal provisions governing the protection of personal data (RGPD) as well as the Federal Law on Data Protection (nLPD) in the context of the use of its software.
3.3 Enquiries
If you have any inquiries regarding our privacy policy or current regulations, please email us at protectiondesdonnees@git.ch.
4 Assistance from GIT SA technical support
GIT SA is a publisher of business management software. In the course of its activities and in order to provide an efficient service to its customers, GIT SA may need to consult customer data or ask its customers to provide accounting or payroll data in order to provide support services.
GIT SA hereby undertakes to :
4.1 Use
Use information or data only for analysis, diagnosis or treatment to meet specific customer needs or requests.
Do not use information or data received by the customer in a way that is detrimental to the other party.
4.2 Disclosure
Do not disclose or otherwise communicate any information or data, in whole or in part, to any third party unless explicitly authorized by the customer.
4.3 Data protection
Respect the Federal Law on Data Protection (nLPD) as well as the applicable European legal provisions governing the protection of personal data (RGPD).
GIT SA undertakes to take all necessary measures to preserve the confidentiality, security of information and as well as to apply the same care and deploy the same efforts as it would apply and deploy to protect the confidentiality and security of its own corresponding information.
4.4 Special conditions for remote support
4.4.1 Customer control
The customer can terminate remote access at any time by simply closing the "Bomgar Support" window. At the end of remote support, the technician closes the remote assistance and no software remains on the customer's workstation.
4.4.2 Conditions of use
By using the remote assistance access code, the customer authorizes the technician to access his PC in order to carry out assistance, technical maintenance or training. The technician's access is limited to the scope of the intervention.
4.4.3 Data confidentiality
In the event of technical requirements and with the customer's consent, data may be transferred during the support session. In this case, it will ONLY be used for quality control or maintenance purposes and will be deleted once the request has been closed. All data collected is stored in Switzerland.
4.4.4 Connection security
The connection between the technician and the customer is fully encrypted, in line with current best practice.
4.4.5 Use of third-party software
The use of software other than that supplied by GIT SA for the purposes of technical support or remote training is restricted as follows: the customer must expressly request it, and is responsible for the legality and quality of the tools concerned. The customer also undertakes to cover any additional costs incurred by the use of these tools.
5 Commercial activities
5.1 Customer file
We collect information from prospective customers or when they purchase our software/services. The information collected includes company name, postal address, telephone number, account manager's first and last name, e-mail address, telephone number and various billing information such as invoices issued by GIT SA, products and their licenses.
5.2 Newsletters
Approximately two newsletters a year are sent to our customers. These newsletters include various information related to the company, new regulations, software updates or any other information we feel would be useful to pass on to our customers. The file containing newsletter e-mail addresses is managed internally and not disclosed to third parties other than for technical reasons (file generation, newsletter processing or list storage).
5.2.1 Unsubscribing
If you wish to unsubscribe and no longer receive emails, simply send us an email to this address: protectiondesdonnees@git.ch.
5.3 Use of information
Any information we collect from you may be used
to:
- Meet your individual needs
- Provide personalized content such as a newsletter
- Improve our services and products
- Improve customer service and your care needs
- Contact you
5.4 Disclosure to third parties
We are the sole owners of the information collected. Your personal information will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever without your prior consent.
5.5 Access to customer database
For organizational and maintenance purposes, we authorize our IT service provider GIT-IT SA to access our customer database. The latter undertakes to respect the present conditions of confidentiality and data security and not to divulge the information contained in the customer file to third parties.
5.6 Protection of information
We implement a set of measures to preserve the security of your personal information. The computers and servers used to store personally identifiable information are located in a totally secure environment in Switzerland.
5.7 Deletion of data
At the express request of the customer, we may delete all data relating to the customer insofar as it is not required for billing/accounting, customer service or support purposes.
The request must be made to protectiondesdonnees@git.ch.