PRIVACY AND COOKIES POLICY

‍FRUSS LTD, Freudenbergstrasse 15, 8044 Zurich, Switzerland (hereafter "FRUSS", the "Company", "we", "us" or "our") is committed to protecting the privacy and security of the personal data that is provided to us or collected by us during the course of our business. We store and process personal data in accordance with applicable data protection laws, in particular the Swiss Federal Act on Data Protection and the Ordinance thereto (in their current versions) and, if applicable, the European Union General Data Protection Regulation 2016/679. We do not sell or otherwise commercially exploit the personal data that is provided to us or collected by us during the course of our business.

FRUSS is a distributor of cloud-based IT services solutions such as Platform-as-a-Service (collectively, the "Services") and certain multimedia content (the "Content") offered by FRUSS to its direct business and private customers accessing and consuming such Content (the "Direct End-Customers"); and by content providers ("Content Providers") to their business and private customers accessing and consuming such Content (the "Indirect End-Customers" and, together with the Direct End-Customers, the "End-Customers"); on FRUSS' platform, combining virtual engagement technologies, e.g. videoconferencing, instant messaging, webcasting, artificial intelligence driven robo-advisors, virtual reality experiences, collaborative online gaming (hereinafter, the "Platform").

This privacy policy (the "Privacy Policy") explains how we may collect and use personal data that you provide to us or which we collect about you in connection with our Services as well as your rights in relation to your personal data.

We may provide you with additional privacy notices where we believe that it is appropriate to do so. Those additional notices supplement and should be read together with this Privacy Policy. We are responsible for your personal data provided to us or collected by us during the course of our business.


‍1 . What Personal Data We Collect
‍

‍1. General
We collect personal data that you provide to us directly or that is publicly available. We also receive or collect further personal data from third parties such as your organization or other organizations you deal with (e.g., for Indirect End-Customers, the Content Providers), regulators, government agencies and courts.

‍1.2. Services of FRUSS
In the course of our business activities, we collect and process personal data of you, End-Customers, Content Providers, our suppliers and other business partners, related persons and other persons as well as their respective employees and representatives.

In particular, we process the following type of personal data:

When you create a login for the Platform or use or use your existing Google or LinkedIn login credentials:
‍We will collect your username, e-mail address and any other data you provide, such as your full name, contact details (e.g. your address and telephone numbers), your profile picture, internet protocol (IP) address, age, date of birth, gender, nationality and interests. Further, if you use your existing Google or LinkedIn login credentials, we will collect the personal data you shared with Google or LinkedIn to use Google's or LinkedIn's services, such as your e-mail address, your full name and your profile picture.

When you provide us with your mobile phone number:
‍If you provide a mobile phone number during registration, you may receive a verification SMS after sign-up to confirm your ownership of the number, which will allow you to log in via mobile. Your mobile phone number may also be used to recover a lost or forgotten password.

When you edit your profile on our Platform: 
We will collect your username, e-mail address and any other data you provide, such as your full name, contact details (e.g. your address and telephone numbers), your profile picture, nationality and interests.

When you use our avatar creator on the Platform: 
When you use our avatar creator on the Platform, we use your profile picture, or another picture provided by you to render your virtual copy of yourself ("Virtual Character"). We will also use personal data stored in your profile such as your username to create your Virtual Character.

When you post, share, or otherwise transmit comments or messages on the Platform via community features, such as public or private chats, forums, group walls, personal posts, etc. 
We may collect these comments and messages, and they may be monitored, filtered and moderated for purposes such as removal of profanity, personal information and other inappropriate conversations. We may use pre-filtered chat, comments and messages for purposes such as training and improving our filter technology.

When you subscribe for our Services and render payments: 
You may purchase premium subscriptions to use our Services. You may use a variety of payment methods. When making purchases, you may be required to enter billing information, including your full name, e-mail address, billing address and credit card or other payment information. We and third-party payment service providers designated by us may collect your billing information, transaction details and purchase history may also be retained and used by our payment processors to resolve subsequent billing disputes and inquiries.  

When you contact us: 
When you contact customer support, report a problem or submit questions, concerns or comments regarding our Services or the Content, we may collect contact information such as your full name, e-mail address, internet protocol (IP) address and content-related information about your inquiry. We only use this information to respond to your inquiry and to provide customer support to you.  

When you use or interact with third-party plug-ins (e.g. social media plugins from Google, Facebook, Instagram, Twitter, LinkedIn, or other platforms) that may be available on the Platform for End-Customers: 
When you use such third-party plug-ins, certain information from your social media accounts may be accessed by or shared with us, and likewise, certain information about your use of our Platform may be posted to your profile on those third-party platforms. The use of such third-party plug-ins may be subject to the terms of use, privacy policies and other regulations of those third parties.

When you subscribe to other features on our Platform.
We may offer other features on our Platform from time to time, and you may be able to provide personal data in connection with such features. The data being collected for such features and their intended uses will be indicated at the time of data collection.

When you browse, navigate, or otherwise interact with our Website: 
We collect personal data from your device when you visit our Website, as outlined in section 1.3

We may also process other personal data and other information of all kind that you provide to us in the course of using our Services.

We may use this data to provide you with the Content you wish to access and consume on the Platform, to provide other Services, to carry out administrative or operational processes, monitor and analyze our business or to improve our Services.

If you or the organization for which you are acting fail to provide personal data that we require when requested, we may not be able to provide or, as the case may be, continue to provide our Services.

‍1.3. Website
‍
‍1.3.1 General
When you interact with us through our websites on the fruss.com domain (collectively, the "Website"), such as by subscribing to our newsletter or contacting us via our Website, we may, for example, collect, receive, or store the following personal data: contact or other identifying data: your full name, title, and e-mail address.

When you use our Website, we may, for example, automatically collect, receive, or store the following personal data, such as: your internet protocol (IP) address, mobile device identifier, browser type, operating system, Internet service provider, pages that you visited before (if you clicked on a link on that page to get to our Website) and after using our Website, the date and time of your visit, information about the links you click and pages you view within our Website, and other standard server log information.

‍1.3.2. Cookies
A cookie is a small piece of data, stored in text files that are stored on your browser or other device when websites are loaded in the browser. Cookies are used to "remember" you and your preferences when you visit our Website either for a single visit (through a "session cookie") or for multiple repeat visits (called a "persistent cookie"). A session cookie is deleted when you close your browser or after a short time. A persistent cookie is kept for a set period of time after which it expires and is deleted.

We use session cookies and persistent cookies on our Website to ensure consistent and efficient experiences for users of our Website. Cookies also perform functions like allowing users to remain logged into the Website, if applicable.

We use the following types of cookies for the following purposes:  

Strictly Necessary: 
These cookies are essential in order to enable you to use our Website and its features. The information collected by these cookies relate to the operation of our Website, for example, language detection, website scripting language and security tokens to maintain secure areas of our Website.

Performance and Analytics: 
These cookies collect anonymous information about how you use our Website, for example which pages you visit most often, whether you receive any error messages, and how you arrived at our Website. They are also used to track details like the number of unique visitors and pageviews to improve user experience. Information collected by these cookies is used only to improve your use of our Website and never to identify you. These cookies are sometimes placed by trusted third-party providers, such as Google Analytics.

Functionality: 
These cookies remember choices you make, for example the country you visit our Website from and any changes you have made to text size or other parts of web pages that you can customize, in order to improve your experience of our Website and to make your visits more tailored and enjoyable. The information these cookies collect may be anonymized and cannot be used to track your browsing activity on other websites.  

Third-Party / Embedded Content: 
These cookies enhance the experience of Website users. These cookies allow you to share what you've been doing on our Website with social media organizations such as Facebook and Twitter. We have no control over the information collected by these cookies.

Our Website only automatically uses Strictly Necessary cookies to enable you to use our Website and its features and ensure the functionality of our Website.

Upon your consent, the Website uses Performance and Analytics, Functionality and Third-Party or Embedded Content cookies for the purposes of providing relevant content, analyzing our traffic, and providing a variety of features to you. You may withdraw your consent to the use of certain cookies (other than Strictly Necessary cookies) any time.

‍How do I disable cookies?

Most internet browsers are automatically set up to accept cookies. If you want to change your cookie preferences or refuse or delete any cookies (or similar technologies), please refer to the help and support area on your internet browser for instructions on how to block or delete cookies.

Please note you may not be able to take advantage of all the features of our Website if you delete or disable certain cookies, such as the Performance cookies.

‍Microsoft Application Insights

We use Microsoft Application Insights (Application Insights), a web analytics service provided by Microsoft Corporation (Microsoft) to ensure the needs-based design and continuous optimization of our Website, to statistically record and evaluate the use of our Website and to detect issues earlier. Application Insights uses cookies to analyze how you use our Website. The information generated by the cookie about your use of the Website is usually transmitted to and stored on a Microsoft server in the USA or Germany. Microsoft will use this information on our behalf to evaluate your use of the website in order to provide us with reports on the activities of users on our Website and to provide other services related to the use of the Website and internet usage. Furthermore, Microsoft will transfer this information to third parties if required by law or if third parties process this data on behalf of Microsoft. The IP address provided by your browser will not be merged with Microsoft's other data.

‍Web Beacons

We, or our third-party partners, may employ a software technology called web beacons (also known as web bugs, clear gifs or pixels) which helps us understand what content is effective, for example by counting the number of users who have visited these pages, and to understand usage patterns. Web beacons are tiny graphics with a unique identifier, similar in function to cookies, and are used to let us know when content is viewed. In contrast to cookies, which are stored on a user’s computer hard drive, web beacons are embedded on web pages, ads, and e-mail. We, or our third-party partners, may tie the information gathered by web beacons to the other information we collect about you.

‍1.3.3. Do Not Track Signals
Do Not Track ("DNT") is an optional browser setting offered by various browsers that allows you to express your preferences regarding tracking by advertisers and other third parties. At present, there is no industry standard for recognizing DNT browser signals, so we do not respond to such DNT signals.

‍1.4. Business Development
When you interact with us as an employee or representative of your organization, a current or prospective Content Provider, End-Customer or other business partner, for current or potential business purposes, we may for example, collect, receive or store the following personal data:

Contact data: your full name, employer's name, address, telephone number, and email.

Correspondence data: any contacts and interactions you have had with us.

We will only use your personal data to maintain and develop our business relationship with you, identify Services you may be interested in, to pursue certain business development initiatives and send you marketing communications.

You can control the data you receive through our marketing communications by using the corresponding option at the bottom of our e-mails. If you no longer wish to receive emails relating to our Services, you can unsubscribe at any time by using such option at the bottom of the e-mail or by contacting us at support@fruss.net.

‍1.5. Recruitment
‍If you apply for a job at FRUSS or provide us with information in connection with a recruiting event, you need to provide the personal data set out below, in addition to other categories of personal data we receive from you with your application. By applying for a position or participating in a recruiting event, you consent to our use of this personal data. We use this personal data to consider your application and to carry out checks to verify the personal data you provided. We collect, receive or store the following personal data from you:

contact data: your full name, address, telephone number, email address, other information included in identification documentation;

employment data: references, background, education and employment history;  

background data: excerpts from the debt collection register and criminal record checks; and any other data you enclose in your application dossier.

Where we need to collect additional personal data required to process your employment application, and you fail to provide that personal data when requested, we may not be able to further consider your application.

‍1.6. Other Contacts
Further, we collect and process data about you if you offer or provide products or services to us to evaluate your products or services and generally when you request data from us or provide data to us.


‍2. How We Use Personal Data

‍
Personal data collected from you or from third parties and publicly available sources is used: to operate, maintain and improve our Services;

to provide the Services to you, give you access to the Platform or restrict your access and to fulfill other contractual duties and rights agreed upon with you;

to personalize our Services or Content;

to allow you to manage your profile, update your profile and subscribe to Services;

to communicate with you about our Services (product changes, feature updates, etc.) and Content;

to provide technical support or customer service;

to maintain and develop our business relationship with you;

to deliver advertising for our Services that may be relevant to your interests;

to pursue certain business development initiatives;

to send you marketing communications (including to invite you to events),

to operate and improve the functionality and design of our Website;

to detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity;

to research technological development;

to identify and repair errors that impair existing intended functionality;

to audit interactions, transactions, and other compliance activities; and to protect the integrity, safety, or security of our Services or you, End-Customers, Content Providers or our business partners, comply with applicable legal or regulatory obligations or enforce compliance with our Terms of Use, Privacy Policy or other restrictions placed on your use of our Services;

to evaluate your eligibility for an open job position with us that you apply to; and to the extent it is not possible to use anonymized, encrypted, coded or aggregated personal data, to develop and test our Services.

In general, we do not use automated individual decision-making in any of our data processing activities. If we should rely on such processing in a particular situation, we will inform you separately, insofar as we are legally required to do so.


‍3. Our Legal Bases for Processing Your Personal Data

‍
We will only use your personal data if and to the extent that applicable law allows and rely on a variety of legal bases to process your personal data for the above purposes, including:

it is necessary for the performance of a contract with you or the organization you work for;

it is necessary in connection with a legal obligation;

if we or a third party have a legitimate interest which is not overridden by your interests or your rights and freedoms; or you have given your consent at the time of collecting your data (which you can withdraw at any time thereafter).


‍4. How and Why We May Share Your Personal Data


‍4.1. General
We may share your personal data with certain third parties if required or useful for providing our Services as set forth below:

Authorized third-party vendors and service providers: 
We may share your personal data with third-party vendors and service providers who support us and the provision of our Services. This can include technical and other infrastructure service providers, business analytics, accounting and payroll services and other services that require processing of your personal data. Among those service providers are, for example, Microsoft, Google, AvatarSDK and Agora Video.  

Affiliates: 
We may share your personal data with entities affiliated with FRUSS ("Affiliates") as necessary or useful to fulfil our contractual and legal obligations.

Legal and safety purposes: 
If necessary to do so because we are required by law or in connection with legal proceedings, in order to exercise or defend legal rights, to respond to subpoenas, court orders, law enforcement requests or government inquiries and to protect and defend the rights, interests, safety, and security of our Website, Affiliates, Content Providers, End-Customers or the public.

Business transfers: 
We may share your personal data in connection with a substantial corporate transaction (including for a due diligence review by a potential buyer prior to any such transaction), such as the sale of the shares in FRUSS or a substantial part of FRUSS' assets, a merger, consolidation or event of bankruptcy.

With your consent: 
Where we have no other legal justification to do so, we share your personal data for any other purposes disclosed to you at the time at which we collect your personal data and obtain your consent.

‍4.2. International Transfers
For international transfers of your personal data, we rely on the Federal Data Protection and Information Commissioner's and the Swiss European Commission's adequacy decisions (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en; https://www.newsd.admin.ch/newsd/message/attachments/62783.pdf) and, in case of a transfer from Switzerland to countries without an adequate level of data protection, such as, in particular, the USA, we use the standard contract clauses approved by the European Commission (EU Model Clauses) or provide for other appropriate safeguards.


‍5. How You Exercise Your Rights


In relation to the processing of your personal data, you may have the right to:

access: you can ask us whether we process your personal data, and if so, how we do so;

rectification: if you consider that the personal data which we process relating to you is false, you can ask us to rectify it;

objection: if we rely on our or a third party's legitimate interest to process your personal data, and you consider your interest in us not doing so weighs more heavily, you can object to our processing;

objection: you can also object to our processing of your personal data for direct marketing;

erasure: if you consider that we process your personal data without legal justification or the data was collected when you were still a minor, you can ask us to erase your personal data;

restriction: if it is unclear whether there is a legal justification for the processing of your personal data (for instance, after you have objected to such processing), you can ask us to restrict the processing while the situation remains unclear;

data portability: insofar as the processing of your personal data is based on a contractual necessity or on your consent, you can ask us to provide you with your data in a structured, commonly used and machine-readably format; and

withdraw consent: where we rely on your consent to process personal data for a specific purpose, you can withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so. Please note, however, that your withdrawal does not invalidate the lawfulness of our processing of your personal data prior to your withdrawal).

If you would like to exercise these rights, please contact us in writing by email to support@fruss.net. We will evaluate your request and provide you with an answer and its justification no later than is required by law. Please note that we may refuse or limit these rights in accordance with applicable data protection law. In particular, to exercise your right to erasure, you also have the option to permanently delete your account and all your personal data stored on our Platform, subject to our mandatory legal retention obligations. We will, however, retain backup copies which include, among others, your personal data for a certain period of time in accordance with our general retention policy set out in section 7 (How Long We Keep Your Personal Data) below.

Also, we have obliged the Content Providers contractually to delete, upon your request, to permanently delete any personal data relating to such requesting End-Customer, subject to their mandatory legal retention obligations, to permanently delete your personal data. We have also obliged the Content Provider contractually not to use your personal data collected for the purpose of making Content available to you via the Platform for any other purpose.

You will not, in general, have to pay a fee to exercise any of your individual rights. However, we may charge a fee for access to your personal data if the relevant data protection legislation allows us to do so, in which case we will inform you as required by the law.

If you feel we have not handled your query or concern to your satisfaction you also have the right to lodge a complaint with or notify your local supervisory authority. In Switzerland, the local supervisory authority is the Swiss Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).


‍6. How We Protect Your Personal Data
‍
‍
We have implemented appropriate security measures to hold your personal data securely in electronic and physical form, to protect it from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss.

Our Data Security Management System (ISMS) is certified to ISO 27001.


‍7. How Long We Keep Your Personal Data


We generally retain your personal data until it is no longer necessary to serve the purposes for which it was collected, e.g., for the duration of our business relationship or recruiting process, for the period required to comply with statutory or regulatory retention duties, or for as long as we have a legitimate interest in retaining the personal data unless such interest is overridden by your interests or fundamental rights or freedoms that require protection of personal data. This is a case-by-case determination that depends on factors such as the categories of the personal data, nature of the personal data, why it is collected and processed, and relevant legal or operational retention needs.

In certain circumstances, we may need to retain your personal data for a longer period of time, for example, in the context of an on-going or potential litigation or as required by supervisory authorities or law. Your personal data will not be kept for more than ten (10) years from the end of the year of dissolution of FRUSS, unless specifically required by law.

We may amend this Privacy Policy from time to time to ensure that you are fully informed about all processing activities and our compliance with applicable data protection legislation.

Changes to this Privacy Policy will be brought to your knowledge by appropriate means.

Last update: 11/26/2020