Privacy Policy

INFROS HT (hereinafter also "we," "us") collects and processes personal data concerning you or other persons (so-called "third parties"). "Personal data" or "personal data" refers to data that relates to an identified or identifiable person, i.e., conclusions about their identity can be drawn from the data itself or with appropriate additional data.

In this Privacy Policy, we describe what we do with your data when you visit https://infors-ht.com or other websites of ours (e.g., our Careers Jobs Infors HT applicant page) (hereinafter collectively referred to as the "Website"), purchase our services or products, engage with us under a contract, apply to us, communicate with us, or otherwise deal with us. If necessary, we will inform you in writing of further processing activities not mentioned in this Privacy Policy. We may also inform you separately about the processing of your data, e.g., in declarations of consent, contractual terms, additional privacy statements, forms, or notices.

INFORS HT, as the controller, has implemented numerous technical and organizational measures to ensure the most complete protection possible against loss and manipulation, as well as against unauthorized access by third parties, of the personal data processed via this website. Nevertheless, internet-based data transmissions may generally have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us via alternative means, for example, by telephone.

Our security measures are continuously improved in line with technological developments.

We also take our own internal data protection seriously. Our employees and the service providers we commission are obliged to maintain confidentiality and to comply with data protection regulations. Furthermore, they are only granted access to your personal data to the extent necessary.

2. Name and address of the data controller

The controller in terms of the data protection laws is:

Infors AG
Rittergasse 27
4103 Bottmingen
Switzerland
Tel.: +41 61 425 77 00
Email: info@infors-ht.com
Website: www.infors-ht.com

3. Address of the data protection coordinator

The data protection coordinator of the data controller is:

Infors AG
Data Protection Coordinator
Rittergasse 27
4103 Bottmingen
Switzerland
Tel.: +41 61 425 77 00
Email: eu-dataprotection@infors-ht.com
Website: www.infors-ht.com

For all questions and suggestions on data protection, any data subject may contact our data security coordinator directly at any time.

4. Which data is processed and for what purpose?

We process different categories of data for various purposes, which we explain below in Section 4 a-j. Further information on data processing in the online area can be found below in Section 12. The purposes and the underlying objectives represent the legitimate interests of us and, where applicable, those of third parties. You can find information on the legal basis for our data processing in Section 5.

a)    Visiting the website

The INFORS HT website collects a series of general data and information each time a user or an automated system visits the website. This general data and information is stored in the server's log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information used to avert dangers in the event of attacks on our information technology systems.

This information is processed in order to (1) correctly deliver the contents of our website, (2) optimize the contents of our website and its advertising, (3) ensure the long-term functionality of our information technology systems and the technology of our website, and (4) to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyberattack. INFORS HT therefore statistically evaluates this collected data and information with the aim of increasing data protection and data security within our company, ultimately ensuring an optimal level of protection for the personal data we process. The data in the server log files are stored separately from other data.

b)    Registration on our website

The user has the option of registering on the website by providing personal data. The personal data transmitted to the controller is determined by the respective input mask used for registration. The personal data entered by the data subject is collected for internal use by the controller and for its own purposes and stored in a customer relations system.

The registration of the data subject with the voluntary provision of personal data serves the controller to offer the data subject content or services that, due to the nature of the matter, can only be offered to registered users. Registered individuals are free to change the personal data provided during registration at any time or to have it completely deleted from the data records of the data controller. Further information on this can be found under Section 10.

Registration on our website also stores the IP address assigned to the data subject by the Internet service provider (ISP), the date, and time of registration. This data is also stored because this is the only way to prevent misuse of our services and, if necessary, to enable the investigation of crimes committed. Therefore, storing this data is necessary to protect the data controller.

c)    Registration in the Partner Portal/Member Area

Users have the option of registering as a member for a member area. In the member area of our website, we provide additional content and services that are only available to registered members. We use the Kentico platform to administer the partner portal.

To use the member area, users must log in with their username and individual password. When registering for the member area, we also store the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject at the time of registration, as well as the date and time of registration. This data is also stored to prevent misuse of our services and, if necessary, to enable the investigation of crimes committed. Therefore, the storage of this data is necessary to protect the controller.

The personal data entered by the data subject is used for the purpose of processing the registration for the member area and its use. In addition, the personal data entered by the data subject will be used to provide the data subject with the information necessary for using the member area (news, updates in the member area, and in particular, technical information, e.g., regarding necessary changes, improvements, or difficulties).

The legal basis for processing your personal data when using the member area is your consent. Recourse to other legal bases is expressly reserved. The data subject is neither legally nor contractually obliged to provide information (see also Section 14). However, use of the member area is only possible by providing the personal data mentioned above. The consent to the storage of personal data that the data subject has given us for registering for the member area can be revoked at any time (see Section 10).

d)    Subscription to our newsletter

INFORS HT regularly informs its customers and business partners about the company's offers via a newsletter. A newsletter can be subscribed to on our website [link]. The personal data transmitted to the controller when subscribing to the newsletter is determined by the input mask used for this purpose. This usually includes the name and email address.

Our company's newsletter can generally only be received by the data subject if the data subject has a valid email address.

When subscribing to the newsletter, we also store the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary to be able to trace the (possible) misuse of the data subject's email address at a later date and therefore serves to legally protect the controller.

The personal data collected when registering for the newsletter will be used to send our newsletter. Furthermore, newsletter subscribers may be informed by email if this is necessary for the operation of the newsletter service or a related registration, as may be the case in the event of changes to the newsletter offering or changes to technical circumstances. The subscription to our newsletter can be canceled by the data subject at any time. A corresponding link for revoking consent is included in every newsletter. Furthermore, it is possible to unsubscribe from the newsletter at any time directly on the website of the controller or to communicate this to the controller in another way.

e)    Newsletter tracking

INFORS HT newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in emails sent in HTML format to enable log file recording and analysis. This enables a statistical evaluation of the success or failure of online marketing campaigns. Using the embedded tracking pixel, INFORS HT can determine whether and when an email was opened by a data subject and which links in the email were accessed by the data subject.

Personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by the controller in order to optimize newsletter delivery and to better adapt the content of future newsletters to the interests of the data subject. This personal data will not be passed on to third parties. Data subjects are entitled to revoke their consent at any time. After revocation, this personal data will be deleted by the controller.

Contact options via the website
The INFORS HT website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address for electronic mail (email address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject will be automatically stored by us. The personal data transmitted to the controller in the case of a contact form is determined by the input mask used for this purpose and the data you send. Such personal data transmitted voluntarily by a data subject to the controller will be processed and stored for the purposes of processing the request or contacting the data subject.

f)    Download Form

The INFORS HT website offers a range of downloads that you can download via the download form. The input mask used for this purpose determines which personal data is transmitted to the controller when using a download form. For certain downloads, only the name and email address must be provided (gated content). Such personal data voluntarily transmitted by a data subject to the controller serves to make the downloads available (gated content).

For certain downloads, we ask you to answer a few questions and provide us with further contact information (gated content). If you provide us with this information and download content from us, we will allow ourselves to inform you about our new offers and send you our newsletter. Further information about our newsletter can be found in Section 4 d.

g)    Communication with you

We process your data, in particular your contact details, in connection with our communication with you, particularly to answer general inquiries and assert your rights (see also Section 10), and to contact you with any queries you may have.

h)    Contractual relationships

We process data for the purpose of establishing, managing, and processing contractual relationships with you. Without certain data, we will generally not be able to enter into or process a contract with you (or the entity or person you represent). If we have a contractual relationship with you or are in the process of entering into one, we reserve the right to inform you regularly about our new offers and send you our newsletter. You can unsubscribe at any time. Further information about our newsletter can be found in Section 4 d.

i)    Other purposes

We process personal data to comply with laws, instructions and recommendations from authorities, and internal regulations ("compliance"). We also process data for risk management purposes and as part of prudent corporate management, including operational organization and corporate development. We may process your data for other purposes, e.g., within the scope of our internal processes and administration, or for training and quality assurance purposes. In certain cases, we may be required to conduct certain inquiries about customers ("Know Your Customer") or to submit reports to authorities. Fulfilling disclosure, information, or reporting obligations, for example, in connection with supervisory and tax law obligations, also requires or entails data processing, e.g., fulfilling archiving obligations and preventing, detecting, and investigating criminal offenses and other violations. These legal obligations may include Swiss law, but also foreign regulations to which we are subject, as well as self-regulations, industry standards, our own corporate governance, and official instructions and requests.

5. Basis for Data Processing

If we ask for your consent for certain processing activities (e.g., for marketing mailings or, depending on the country from which you access our website, for advertising control and behavior analysis on the website), we will inform you separately about the corresponding purposes of the processing. You can revoke your consent at any time with future effect by sending us a written notice (by post) or, unless otherwise stated or agreed, by email; our contact details can be found in Section 2. For revoking your consent for online tracking, see Section 12. Once we receive notification of your revocation of your consent, we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so. The revocation of your consent does not affect the legality of the processing carried out on the basis of your consent until the revocation.

Where we do not ask for your consent to process your personal data, we base the processing on the fact that the processing is necessary for the initiation or performance of a contract with you (or the entity you represent) or that we or third parties have a legitimate interest in doing so, in particular to pursue the purposes and associated objectives described above and to be able to implement appropriate measures. Our legitimate interests also include compliance with legal regulations, unless this is already recognized as a legal basis by the applicable data protection law (e.g., in the case of the GDPR, the law in the EEA and Switzerland). This also includes the marketing of our products and services, the interest in better understanding our markets, and in managing and further developing our company, including its operations, securely and efficiently.

If we receive sensitive data (e.g., health data), we may also process your data based on other legal bases, e.g., in the event of disputes due to the necessity of processing for a potential legal process or to enforce or defend against legal claims. In individual cases, other legal grounds may apply, which we will communicate to you separately if necessary.

6. Who do we disclose your data to?

In connection with our contracts, the website, our services and products, our legal obligations, or otherwise to protect our legitimate interests and the other purposes listed above, we also transmit your personal data to third parties, in particular to the following categories of recipients:

• Service providers: We work with service providers in Germany and abroad who process data about you on our behalf or under joint responsibility with us, or who receive data about you from us under their own responsibility (e.g., consultants, IT providers, agencies, marketing platform or CRM providers).
• Subsidiaries and distributors: A list of the countries in which we are present can be found at the end of this privacy policy (subsidiaries) or here (all) [link].
• Authorities: We may disclose personal data to offices, courts, and other authorities in Germany and abroad if we are legally obliged or authorized to do so, or if this appears necessary to protect our interests. This may also include health data. The authorities process data about you that they receive from us under their own responsibility.
• Other persons: This refers to other cases where the involvement of third parties arises from the purposes set out in Section 4.

All of these categories of recipients may, in turn, involve third parties, so that your data may also be accessible to them. We can restrict processing by certain third parties (e.g., IT providers), but not by other third parties (e.g., authorities, banks, etc.). Furthermore, we conclude contracts with our service providers that contain data protection provisions, unless such provisions are required by law. Our service providers may, under certain circumstances, process data on how their services are used and other data that arises in the context of the use of their services as independent controllers for their own legitimate interests (e.g., for statistical evaluations or billing). Service providers provide information about their independent data processing in their own privacy policies.

7. Does personal data go abroad?

As explained in Section 6, we also disclose data to other entities. These entities are not only located in Switzerland. Your data may therefore be located both in Europe and in other countries, particularly in countries where we operate. Further information can be found here: https://infors-ht.com/en/infors-locations

If a recipient is located in a country without adequate legal data protection, we will contractually oblige the recipient to comply with the applicable data protection regulations (for this purpose, we use the revised standard contractual clauses of the European Commission, which are available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is already subject to a legally recognized framework for ensuring data protection and we cannot rely on an exception. An exception may apply, in particular, in legal proceedings abroad, but also in cases of overriding public interest or when contract performance requires such disclosure, if you have consented, or if the data you have made publicly available is data whose processing you have not objected to.

8. Duration of Retention

We process and store your personal data as long as it is necessary to fulfill our contractual and legal obligations or otherwise for the purposes pursued by the processing, i.e., for example, for the duration of the entire business relationship (from initiation and processing to termination of a contract) and beyond, in accordance with statutory retention and documentation obligations. Personal data may be retained for the period during which claims can be asserted against our company and to the extent that we are otherwise legally obligated to do so or legitimate business interests require it (e.g., for evidentiary and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will generally be deleted or anonymized as far as possible. For operational data (e.g., system logs, log files), shorter retention periods of twelve months or less generally apply.

9. How do we protect your data?

We take appropriate security measures to preserve the confidentiality, integrity, and availability of your personal data, to protect it against unauthorized or unlawful processing, and to counteract the risks of loss, accidental alteration, unwanted disclosure, or unauthorized access.

10. Rights of the data subject

You have various rights, which we will inform you about below.

Please note that we reserve the right to assert the restrictions provided for by law, for example, if we are obliged to retain or process certain data, have an overriding interest in doing so (to the extent we are entitled to rely on this), or require it to assert claims. If you incur costs, we will inform you in advance.

Please note that exercising these rights may conflict with contractual agreements and may result in consequences such as early termination of the contract or additional costs. We will inform you in advance of this unless already contractually agreed.

Exercising such rights generally requires you to clearly prove your identity (e.g., by providing a copy of your ID card where your identity is otherwise unclear or cannot be verified). To assert your rights, you can contact us at the address provided in Section 2.

Furthermore, every data subject has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

a)    Right to information

Every person affected by the processing of personal data has the right to receive from the controller information about the personal data stored about them and a copy of this information. Furthermore, the following information may be provided, where appropriate:

• The identity and contact details of the controller
• The personal data processed as such
• The purposes of the processing
• The categories of personal data being processed
• The recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations, and the safeguards in place
• Where possible, the envisaged period for which the personal data will be stored, or, where not possible, the criteria used to determine that period
• The existence of a right to request from the controller rectification or erasure of personal data concerning the data subject or to restrict processing of such data or to object to such processing
• The existence of a right to lodge a complaint with a supervisory authority
• Where applicable, the existence of an automated individual decision-making process and the logic on which the decision is based

If the personal data are not collected from the data subject:

• All available information on the origin of the data
  
  

b)    Right to rectification

Any person affected by the processing of personal data has the right to request the rectification of inaccurate personal data concerning them or to request the completion of incomplete personal data, including by means of a supplementary statement.

c)    Right to erasure (right to be forgotten)

Any person affected by the processing of personal data has the right to request the controller to erase personal data concerning them, provided that one of the following reasons applies and the processing is not necessary:

• The personal data were collected or otherwise processed for purposes for which they are no longer necessary.
• The data subject withdraws their consent on which the processing was based and there is no other legal ground for the processing.
• The data subject objects to the processing for reasons related to their particular situation and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing in the case of direct marketing and related profiling.
• The personal data were processed unlawfully.
• The erasure of the personal data is necessary to comply with a legal obligation under Union or Member State law to which the controller is subject.
• The personal data were collected in relation to information society services offered directly to a child.
  
  

d)    Right to restriction of processing

Any person affected by the processing of personal data has the right to request the controller to restrict processing if one of the following conditions applies:

• The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
• The processing is unlawful, the data subject opposes the erasure of the personal data and instead requests the restriction of their use.
• The controller no longer needs the personal data for the purposes of the processing, but the data subject requires them to assert, exercise, or defend legal claims.
• The data subject has objected to the processing pending the verification whether the legitimate grounds of the controller override those of the data subject.
• If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of personal data stored by INFORS HT, they may contact the data protection coordinator of the controller at any time. The data protection coordinator of INFORS HT will arrange for the restriction of processing.