GIT SA'S COMMITMENT TO DATA PROTECTION FOR ITS PRODUCTS AND SERVICES
ID 49807, Version 6, Last modified on August 31, 2023, Modified by Mickaël Strazzeri
View our VISCHER Privacy Score report, provided by the research firm Vischer.
5 business areas
These provisions apply to the five business areas offered by GIT SA:
1. Use of our website (www.git.ch)
2. Using our software in the cloud
3. Using our software on-premises
4. Assistance from GIT SA Technical Support
5. Business Activities
GIT SA hereby undertakes to:
1. Use of our website (www.git.ch)
1.1 Voluntary Information Collection
When you register on our website, we collect certain personal and identifying information, such as your first and last name, the company you work for, your email address, and your phone number.
1.2 Automatic Information Collection
When you visit our site, we automatically receive and record information from your computer and browser, including your IP address and the page you request.
1.3 Use of Information
All information we collect from you may be used to:
• Respond to your individual needs
• Provide personalized content such as a newsletter
• Improve our website
• Improve customer service and address your support needs
• Contact you via email
1.4 Disclosure to Third Parties
We are the sole owners of the information collected on this site. Your personal information will not be sold, exchanged, transferred, or given to any third party for any reason without your prior consent.
1.5 Protection of Information
We implement a range of measures to ensure the security of your personal information. We use industry-standard encryption to protect sensitive information during transmission and storage. Access to personal and identifiable data is controlled and limited to GIT SA employees and their trusted technical partners, and only for the purposes of performing their duties (for example: sending a newsletter or providing customer service, website maintenance, backups, updates, etc.). The computers and servers used to store personally identifiable information are located in a secure environment that meets industry standards.
1.6 Do we use cookies?
Yes. Our cookies improve access to our site and identify repeat visitors. In addition, our cookies enhance the user experience by tracking and targeting their interests. However, this use of cookies is in no way linked to personally identifiable information on our site.
1.7 Unsubscribe
We use the email address you provide to send you occasional information about our products, our activities, company news, and, where applicable, important information regarding the use of our products or services. If you wish to unsubscribe and no longer receive emails, simply send us an email at this address: protectiondesdonnees@git.ch.
1.8 Consent
By checking the corresponding box, you consent to the section of this document governing the collection and use of the information covered in section (1.1).
By visiting our site, you consent to the section of this document governing the collection and use of the information covered in section (1.2).
You can manage your consent directly on our site.
2. Use of our cloud-based software (git-cloud/asp4experts/ConnectMe)Use of our website (www.git.ch)
As a provider of IT and software services, GIT SA is committed to complying with its obligations under current official regulations. As a result, you, our customers, are also able to meet the regulatory requirements associated with our services.
As a provider of IT and software services, GIT SA makes the following commitments:
2.1 Data Storage and Ownership
Data entrusted to GIT SA in connection with its cloud services is stored exclusively in data centers located in Switzerland and is never transferred outside of these facilities. The customer is and remains responsible for the ownership of data stored in GIT SA’s cloud service, even when data is stored on behalf of a third party.
2.2 Security Standard
GIT SA implements all technical means and measures deemed appropriate and necessary to ensure the durability, security, and confidentiality of data.
Unless otherwise agreed upon in advance, in writing, and explicitly, access to data by GIT SA staff and its technical partners is strictly limited to the tasks assigned to them by the client. This applies exclusively to maintenance, backup, and training operations.
Data access events are limited by the system and are securely logged for auditing purposes.
Any data copies may only be made for technical reasons and will be deleted upon completion of the client’s request.
2.3 Traceability
GIT SA ensures the traceability of actions performed by SaaS users, GIT SA maintenance technicians, or technical partners when accessing data. This information is stored securely, and access to it is limited to technicians responsible for monitoring the security of our infrastructure.
2.4 Notifications from
GIT SA is committed to notifying you as soon as possible in the event of a data breach.
2.5 Data Isolation
GIT SA is committed to maintaining physical and/or logical isolation systems (depending on the services) to keep our customers’ data separate from one another.
2.6 Responsiveness
GIT SA is committed to setting the standard for responsiveness when it comes to security updates for the systems and software you use.
2.7 Roles
Furthermore, it is essential to distinguish between the security of the infrastructure on which your data is hosted and your own operation and implementation of that infrastructure.
Role of the client
The client is solely responsible for the security of the access credentials used in connection with GIT SA’s services (e.g., secure storage of usernames and passwords, misuse of passwords, sharing access credentials with third parties, etc.).
Role of GIT SA
We are committed to ensuring the security of our infrastructure in accordance with current Swiss standards. In addition, we are committed to complying with the Federal Data Protection Act as well as European data protection standards (nLPD & GDPR)
2.8 Outsourcing to Third Parties
GIT SA ensures that trusted third parties (technical partners) engaged by GIT SA comply with the following provisions and data protection regulations.
2.9 Swiss Federal Data Protection Act (nLPD) & General Data Protection Regulation (GDPR)
GIT SA is committed to complying with the Swiss Federal Data Protection Act and the applicable European legal provisions governing the protection of personal data (GDPR), and to working exclusively with technical partners who also comply with these provisions.
2.10 Website (www.asp4experts.ch, www.git-cloud.ch)
Use raw browsing and usage statistics to better understand which sections interest customers and to optimize servers based on traffic. These statistics include the IP (Internet Protocol) address assigned by the customer’s internet service provider, the customer’s computer identifier, the SaaS user, the type of browser used, the time of connection and disconnection, and data related to access to computer applications such as the program name, company, and type of operation.
The customer is informed that these statistics serve no other purpose than to better analyze general customer behavior and for maintenance purposes. GIT SA retains this information confidentially for a period of 12 months, undertakes not to disclose it to third parties other than its technical partners, and reserves the right to disclose only anonymous statistical analyses.
2.11 Data Backups
GIT SA backs up the entire service infrastructure as well as customer data. These backups are stored in the active data center and then immediately replicated to a second data center in Switzerland. Both data centers comply with applicable legal requirements. Backups are retained for the current week (7 days).
2.12 Data Deletion
GIT SA deletes the data (in whole or in part) as soon as the customer makes an explicit request to do so. This request will be fulfilled within 8 days. The final and permanent deletion of the data will not take effect until the oldest backup containing that data has expired.
2.13 Inquiries
If you have any questions regarding our privacy policy or applicable regulations, please email us at protectiondesdonnees@git.ch.
2.14 General Terms and Conditions
In the event of any conflict between this text and the General Terms and Conditions & SaaS SLA, the French-language version of the General Terms and Conditions shall prevail.
3. Using our software on-premises
As an on-premises software provider:
3.1 Compliance
GIT SA is committed to ensuring that all its software complies with the requirements of current official regulations, in particular the European legal provisions governing the protection of personal data (GDPR) and the Swiss Data Protection Act (nLPD). Consequently, by using our software, you are also able to meet your regulatory obligations regarding security, confidentiality, the nLPD, and the GDPR.
It is understood that, as a user of our software, you must strictly adhere to your security processes to ensure the confidentiality of the data used.
3.2 Tools and Features
GIT SA undertakes to ensure that all its software includes the features required by the nLPD and the GDPR, in particular traceability measures and other requirements.
GIT SA also undertakes, upon the customer’s request, to provide all necessary support to ensure compliance with European legal provisions governing the protection of personal data (GDPR) as well as the Federal Data Protection Act (nLPD) in connection with the use of its software.
3.3 Inquiries
If you have any questions regarding our privacy policy or applicable regulations, please email us at protectiondesdonnees@git.ch.
4. Assistance from GIT SA Technical Support
GIT SA is a provider of business management software. As part of its operations and in order to provide effective service to its customers, GIT SA may need to access customer data or ask its customers to provide accounting or payroll data in order to provide support services.
GIT SA hereby undertakes to:
4.1 Use
Use the information or data solely for the purposes of analysis, diagnosis, or treatment to address the specific needs or requests of clients.
Do not use the information or data received by the client in a manner that is detrimental to the other party.
4.2 Disclosure
Do not disclose or otherwise communicate the information or data, in whole or in part, to any third party unless expressly authorized by the client.
4.3 Data Protection
Comply with the Federal Data Protection Act (nLPD) as well as applicable European legal provisions governing the protection of personal data (GDPR).
GIT SA is committed to taking all necessary measures to preserve the confidentiality and security of information, and to applying the same care and making the same efforts as it would to protect the confidentiality and security of its own corresponding information.
4.4 Special Terms and Conditions Regarding Remote Support
4.4.1 Customer Control
The customer may, at any time, end the remote session simply by closing the “Bomgar Support” window. Once the remote support session is over, the technician ends the remote assistance, and no software remains on the customer’s computer.
4.4.2 Terms of Use for
By using the remote support access code, the customer authorizes the technician to access their PC for the purpose of providing support, technical maintenance, or training. The technician is limited to the scope of work related to the service call.
4.4.3 Data Confidentiality
If technically necessary and with the customer’s consent, data may be transferred during the support session. In such cases, the data will be used SOLELY for quality control or maintenance purposes and will be deleted as soon as the request is closed. All collected information is stored in Switzerland.
4.4.4 Connection Security
The connection between the technician and the customer is fully encrypted, in accordance with current best practices.
4.4.5 Use of Third-Party Software
The use of software other than that provided by GIT SA for technical support or remote training purposes is subject to the following restrictions: the customer must make an express request for such use and is responsible for the legality and quality of the tools in question. The customer also agrees to cover any additional costs that may arise from the use of these tools.
5. Business Activities
5.1 Customer Database
We collect information when a prospect contacts us or when our software/services are purchased. The information collected includes the company name, mailing address, phone number, the first and last name of the account manager, their email address, their phone number, as well as various billing-related details such as invoices issued by GIT SA, the products, and their licenses.
5.2 Newsletters
We send out approximately two newsletters per year to our customers. These newsletters include various information related to the company, new regulations, updates to our software, or any other information we believe would be useful to share with our customers. The file containing the newsletter email addresses is managed internally and is not disclosed to third parties except for technical reasons (file generation, newsletter processing, or list storage).
5.2.1 Unsubscribe
If you would like to unsubscribe and stop receiving emails, simply send us an email at this address: protectiondesdonnees@git.ch.
5.3 Use of Information
All information we collect from you may be used
to:
• Respond to your individual needs
• Provide personalized content such as a newsletter
• Improve our services and products
• Improve customer service and address your support needs
• Contact you
5.4 Disclosure to Third Parties
We are the sole owners of the information we collect. Your personal information will not be sold, traded, transferred, or given to any other company for any reason without your prior consent.
5.5 Access to the Customer Database
For organizational and maintenance purposes, we grant access to the customer database to our IT service provider, GIT-IT SA. GIT-IT SA agrees to comply with these terms and conditions regarding data confidentiality and security and not to disclose the information contained in the customer database to third parties.
5.6 Protection of Information
We implement a range of measures to ensure the security of your personal information. The computers and servers used to store personally identifiable information are located in a fully secure environment in Switzerland.
5.7 Data Deletion
Upon the customer’s explicit request, we may delete all data relating to the customer, provided that such data is not required for billing/accounting, customer service, or support.
The request must be submitted to protectiondesdonnees@git.ch.
