This Privacy Policy explains our treatment of data in connection with our app services.

Brands Are Live AG
Dienerstrasse 33
CH – 8004 Zurich

Version January 2022. Valid up to revocation.

We collect and process personal data carefully and only to the extent permitted by law.

In the following, we set out the principles we follow and the purposes for which we collect and process personal data via this website and other websites and applications operated by us or affiliated companies.

When you register and use our services, we collect certain personal data so that we can target our services to you. As part of our communications, data discovery and marketing efforts, we or third-party companies providing the relevant services collect the following data:

​Registration and performance data, as well as data that you have released to social media services for sharing with the company, this includes in particular the following information:

• First name, last name, email, username, gender, date of birth.
• Analytics data (user agent, anonymized IP, device info, language, display resolution, time zone)
• Log data (file access requests with time, path, user agent, IP)
• Sentry (Error/Bug Tool) – (stores errors as well as requests from users to the servers, together with the corresponding user account, if logged in, IP, user agent, further error/bug related data)
• When participating in a voucher program, receipt and redemption of vouchers (purchase behavior).

As far as the data collection of implemented third-party tools is concerned, the respective privacy policies of these third-party providers are additionally authoritative. These are the following tools:

• Sentry
• Google Analytics
• Amplitude 
• Firebase Cloud Messaging
• Firebase Crashlytics
• Google Analytics for Firebase
• Firebase App Indexing
• AdsWizz 
• Instreamatic
• Google Mobile Ads (AdMob)
• Branch.io
• Mailgun

In the case of announcements related to contests, we may collect additional data, according to the corresponding announcement,

If you have signed up for a newsletter, we will use it to keep you informed about relevant developments and offers. If you are directed to our websites via a link in the newsletter, you also give us permission to process and use your IP address together with geodata, web beacons or similar technologies to check whether the offers made to you as part of this communication meet your requirements. In addition, we process and use the email address you provide to send you personalized offers in connection with the newsletter. If you no longer wish to receive the newsletter, you can unsubscribe at any time in the newsletter itself.

We do not collect any financial-related data from external service providers in the area of payments.

The purpose of these data collections is,

• to communicate with you,
• to provide the company services and functions,
• allow you to comment on content,
• minimize the risk of fraud,
• to be able to provide and improve our services in accordance with the contract and in a targeted manner,
• the use of data for marketing purposes
• to use it for research purposes, for example, to develop new products and services, but also to participate in competitions,
• to comply with applicable legislation and jurisdiction and to be able to respond to requests from administrative or other government authorities,
• for the possibility of sharing on social media,
• to protect the company and third parties.

By using one of our Apps, our Websites and our Services, you consent to the data processing described above for the purposes mentioned.

Under the European General Data Protection Regulation (GDPR), regulations apply which may also be applicable to companies based in Switzerland. If a matter falls within the scope of the GDPR, we will comply with these provisions. The most important of these rights are listed below. Further details can be found in the legal basis, which can be accessed via the following link: http://eur-lex.europa.eu/eli/reg/2016/679/oj 

The key aspects of these legal guidelines are listed below:

Right of information 

Where personal data is collected, data subjects must be provided with a range of information regarding the collection of the data, including in particular notification of what data is being collected and for what purpose.

Right to information 

According to the GDPR, the person affected by the data processing is entitled to request confirmation that personal data is being processed or that this is not the case. If data is processed, the GDPR establishes various rights (such as the right to receive a copy of the data).

Right to rectification 

The data subject has the right to obtain from the controller the rectification without undue delay of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration.

Right to erasure (“right to be forgotten”) 

The data subject has the right to request that personal data concerning him or her be erased without undue delay, and the personal data shall be erased without undue delay if one of the grounds listed in the GDPR applies, such as that the data is no longer necessary for the purpose for which it was collected.

Right to restriction of processing 

The data subject has the right, in certain cases described by the GDPR, to request the restriction of the processing of the data. If such restriction is requested, the data may only be kept but not further processed.

Right to notification  

According to the GDPR, all recipients to whom personal data have been disclosed must be notified of any rectification or erasure of personal data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

Right to data portability 

The data subject has the right to receive the data he or she has provided in a structured, commonly used and machine-readable format and has the right to transfer this data to another data controller, for example, in order to change service providers. However, this right can only be exercised if the data processing is based on the data subject’s consent or on a contract.

Right to object 

The data subject further has the right to object at any time, on grounds relating to his or her particular situation, to certain processing of personal data concerning him or her; this also applies to profiling based on these provisions. Subsequently, the data may no longer be processed, unless compelling legitimate grounds for the processing can be demonstrated by the data processor which override the interests, rights and freedoms of the data subject, or the processing serves the purpose of asserting, exercising or defending legal claims. If personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing; this also applies to profiling insofar as it is related to such direct marketing.

Right to object to automated decision-making in individual cases 

In addition, the data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

Right to notification of data protection breaches 

Should a personal data breach occur, the person affected by the breach will be informed, provided that it involves a high risk to personal rights and freedoms.

Special protection for children

Finally, the GDPR also provides for special protection for children. Thus, it provides that in the case of services offered directly to a child, consent to the processing of the child’s data must be given or authorized by the holder of parental responsibility, although the age limit in question may be defined differently in the various countries within the scope of the GDPR.

Technical measures for data security

We protect personal data through appropriate technical and organizational security measures and store them on secure servers. The website is secured against manipulation by customary state-of-the-art measures and against access, modification or dissemination by unauthorized persons. This includes taking data protection aspects into account as early as the planning phase of our services (“privacy by design”), and our new products or services are offered with data protection-friendly default settings (“privacy by default”).

Disclosure of data to third parties

We are entitled to pass on your personal data to service providers, also abroad, for the purposes covered by the contract. These are, for example, cloud service providers, other companies of the group of companies, other providers of services relevant to the provision of the company services, including, for example, IT service providers, business consultants and lawyers, as well as public authorities. These third parties are obliged to comply with the legal requirements on data protection as well. A complete list of the data contractors involved can be requested from the provider at any time.

Links

We have no influence on the content of external websites that are accessible via links on our website. We therefore accept no responsibility for the content of these external websites. The respective provider or operator of the sites is always responsible for the content of the linked sites. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognizable at the time of linking. However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of any infringements, we will remove such links.