PRIVACY NOTICE

1. About this Privacy Notice

  1. ‍This is the privacy notice (Notice) of wearonize Ltd., Bäulerstrasse 20, 8153 Rümlang, Switzerland. wearonize is the data controller for the purpose of this Notice.
  2. This Notice, together with our Terms of Use, sets out the basis on which any data obtained as a result of your downloading, installing, or using the SwatchPay! by Wearonize App (the “APP”) will be processed.
  3. We will post any changes we may make to our Notice directly on the APP, on our Website, or communicate them to you by email.
  4. The Notice currently in place dates of 01.07.2020.

2. What personal data do we collect from you?

  1. ‍We only request the absolute minimum amount of data needed to fulfill the requirements of the payment networks (Card schemes, Token service providers, Bank issuers, etc.) to provide the service of tokenizing consumers‘ payment cards to the consumer-owned wearonize wallet. No sensitive information will be logged by the APP.
  2. We collect personal data that you provide to us by registering for an account, using interactive features, adding a payment card. Such personal data may consist of:
    ‍Email address (stored, transmitted)
    Primary Account Number (PAN) (not stored, transmitted)
    Cardholder Name (stored, transmitted)
    CVV / CVC (not stored, transmitted)
    Card Expiration Date (not stored, transmitted)
    Secure Element (chip) ID (stored, transmitted)
    Device (watch) ID (not stored, transmitted)
    Last 4 Digits of PAN (FPAN) (stored, transmitted)
    Last Transactions Data (not stored, transmitted)
    Device Location (not stored, transmitted)
    Device IP address (not stored, transmitted)
    Consumer Language (stored, transmitted)
  3. ‍Through your use of the APP, we may also gather certain automatically generated information about your use of the APP that does not identify you individually. We may collect and store such information automatically whenever you interact with the APP. For example, we may collect information about your mobile device, i.e. operation system type and version and the hardware model, your IP address, device ID or preferred language every time you visit the APP. We may also collect information regarding customer APP usage patterns. This information does not, however, contain anything that can personally identify you; it is used to analyze and improve the APP and to provide our customers with a fulfilling APP experience.
  4. Please note that no data collected from you or your mobile phone is permanently stored locally on the APP or your mobile phone. No client secret credentials will be store in the mobile application. If you choose to enable alternative authentication email and password will be stored in OS protected secure storage.

3. On which basis do we process your personal data?

  1. ‍We process your personal data for the purposes indicated or obvious at the time of collection and to which you have agreed, for example by checking a box (to install the APP); or for which we are required by applicable laws, for example, to comply with data retention requirements regarding data relevant for financial reporting; or which is necessary for the performance of a contract, for example, to provide you with the wallet payment system and tokenization of your payment card, for which we rely on other legitimate interests, which include:

  1. ‍delivering and improving our products or services;
  2. management of customer, client, vendor, and other relationships, sharing intelligence with internal stakeholders, implementing safety procedures, and planning and allocate resources and budget;
  3. monitoring, detecting and protecting the organization, its systems, network, infrastructure, computers, information, intellectual property and other rights from unwanted security intrusion, unauthorized access, disclosure and acquisition of information, data and system breaches, hacking, industrial espionage, and cyberattacks;
  4. protecting and developing industry standards; sharing intelligence about individuals or concerns that may have a negative or detrimental impact, and following industry best practices; or
  5. complying with industry standards, regulatory requirements, and other requirements related to fraud prevention and anti-money laundering.

4.For which purposes do we process your personal data?

  1. ‍We process your personal data for the following purposes:

  1. ‍If you register an account with us, then we process the data required to fulfill the requirements of the payment networks (Card schemes, Token service providers, Bank issuers, etc,) to provide the service of tokenizing consumers‘ payment cards to the consumer-owned wearable item.
  2. We process your personal data also to comply with and enforce applicable legal requirements, our Terms of Use, relevant industry standards, contractual obligations, and our policies.

5.To whom do we disclose and transfer your personal data?

  1. ‍We may disclose your personal data to the following recipients or categories of recipients acting on our behalf and/or as partners (processors): Our third-party service providers, limited to the purpose of the execution of their obligations; they are contractually bound to adhere to an adequate level of data protection when processing your personal data.
  2. We may disclose your personal data to an acquirer if wearonize or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  3. We may disclose your personal data if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of wearonize, our customers, or others. This includes exchanging data with other companies and organizations for the purposes of fraud protection and credit risk reduction.
  4. We may internationally transfer your personal data, including to countries that are not considered providing an adequate level of data protection by the relevant regulatory bodies, for example to countries not considered by the European Commission or the Swiss Federal Data Protection and Information Commissioner to be providing such level. In such a case, we ensure the adequate protection of your personal data by having the recipients adhere to binding contractual obligations in accordance with applicable standards approved by the relevant regulatory bodies or by relying on other safeguards, such as self-certifications, approved by the relevant regulatory bodies. You may contact us for a copy of the contractual and other safeguards in place (see section 9 below).

6.For how long do we process your personal data?

‍We process your personal data:

  1. Data stored according to 2.2 above, until you withdraw your consent for future processing, for example until you delete your account and/or Delete the APP on your wearable item;

  2. For as long as laws require us, e.g. legal retention obligations based on bookkeeping or tax laws and regulations.

7. When do we require your personal data?

  1. If you wish to download and install the APP in order to use the contactless payment system embed in your APP, then we are required to obtain from you certain personal data to allow us to enter into this contract, for example, your name, email address, payment information or contact information. Should you decide not to provide us the required information, we may not conclude this contract with you.

8.What are your rights?

  1. You have the right

  1. to request from us access to and rectification or deletion of your personal data;
  2. to request us to restrict the processing of your personal data, in particular, to object to the processing of your personal data for direct marketing purposes; and
  3. to request from us to provide you or any person or entity you appointed with a digital file of your personal data (data portability).

  1. You may withdraw your consent that allows us to process your personal data for the indicated purposes at any time by deleting your account via the APP.
  2. To exercise the above rights, you may contact us as indicated below. Please note you have the ability in the settings menu of the APP to download what data is stored about you. This function collects all data stored about the customer/user in the Wallet provider server as well as the user management system and provides a link to a PDF file. This function will not display data store at the respective payment network Token service providers or issuing bank systems as wearonize or its subcontractors do not have access to these systems.
  3. At any time you have the option to delete your account and create a new with corrected information. You have also the ability to change your email address stored in the system. Furthermore, payment card tokens if found by the consumer to be incorrect can be deleted anytime and new tokens can be created when the consumer is able to use a SwachPAY! box.
  4. You also have the right to lodge a complaint with the competent authority.

8.How can you contact us?

  1. For any questions or to exercise your rights,
    you may contact us as follows:
  2. Data Protection Officer: Fabio Velardi
    Postal address: wearonize Ltd., Bäulerstrasse 20, 8153 Rümlang, Switzerland
    Telephone number:+41 792484422
    Email-address: fabio@wearonize.com