Bretton Woods digital AG











Privacy Policy

(Last updated: May 31, 2025)

Data Controller

Bretton Woods digital AG
Neugasse 29
6300 Zug
Switzerland

Email: [email protected]

Data Protection Officer:
Dr. Sebastian Block LL.M.
[email protected]

Authorized Representatives:

  • Norbert M. Schmidt (Chairman/Co-Founder)
  • Prof. Dr. Martin Uzik (Board Member/Co-Founder)

Applicable Law

This privacy policy applies to the processing of personal data by Bretton Woods digital AG. Different data protection laws apply depending on your place of residence:

  • For persons in the EU/EEA: EU General Data Protection Regulation (GDPR)
  • For persons in Switzerland: Swiss Data Protection Act (nDPA)
  • Competent EU supervisory authority: Data protection authority of your EU country of residence

1. General Principles

We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with statutory data protection regulations.

Personal data means any information relating to an identified or identifiable person. Processing includes any handling of personal data, in particular storage, disclosure, acquisition, deletion, retention, alteration, destruction and use.

In cooperation with our hosting providers, we strive to protect databases as much as possible from unauthorized access, loss, misuse or falsification.

2. Data Processing Overview

Processing Purpose

Legal Basis

Retention Period

Data Categories

Website Operation

Legitimate interests (Art. 6(1)(f) GDPR)

12 months

Server logs, IP address, browser data

Contact Inquiries

Legitimate interests (Art. 6(1)(f) GDPR)

3 years

Name, email, message content

Newsletter

Consent (Art. 6(1)(a) GDPR)

Until withdrawal

Email address, delivery statistics

Contract Processing

Contract performance (Art. 6(1)(b) GDPR)

10 years

Customer, contract, payment data

KYC Procedures

Legal obligation (Art. 6(1)(c) GDPR)

10 years

Identity documents, proof of address

Biometric Identification

Public interest + Consent (Art. 9(2)(g) + (a) GDPR)

30 days after verification

Facial recognition, liveness detection

Payment Processing

Contract performance (Art. 6(1)(b) GDPR)

Until contract termination

Payment data (processed externally)

Marketing/Advertising

Legitimate interests (Art. 6(1)(f) GDPR)

3 years

Usage behavior, preferences

3. Website Usage

3.1 Server Log Files

Each time you visit our website, we automatically collect the following data for statistical purposes and to ensure system security:

  • Technical data: Browser type and version, operating system
  • Access data: Referrer URL, pages accessed, date and time
  • Network data: IP address (anonymized after 24 hours)

Purpose: Technical operation of website, security monitoring, error analysis
Legal basis: Legitimate interests (Art. 6(1)(f) GDPR)
Retention: 12 months, then deletion or anonymization
Disclosure: None, except to technical service providers (hosting providers)

3.2 Cookies and Tracking Technologies

Our website uses different types of cookies:

Technically Necessary Cookies (always active)

  • Session management: Maintaining connection
  • Security functions: Protection against cross-site request forgery
  • Basic website functions: Language settings, shopping cart

Analytical Cookies (optional, consent required)

  • Google Analytics 4: Website analysis with IP anonymization
  • Usage statistics: Visitor numbers, popular content
  • Retention: 14 months

Marketing Cookies (optional, consent required)

  • Google Ads conversion tracking: Measuring advertising effectiveness
  • Remarketing: Personalized advertising based on website visits
  • Social media plugins: Integration of social networks

Your choices:

3.3 SSL/TLS Encryption

This website uses SSL/TLS encryption to protect confidential data transmissions. You can recognize an encrypted connection by “https://” in the address bar and the lock symbol in the browser.

Data transmitted without encryption can be viewed by third parties. We assume no responsibility for data transmitted unencrypted.

4. Contact and Communication

4.1 Platform: Support Button

Processed data:

  • Required information: Name, email address
  • Optional information: Phone number, message content
  • Automatically collected: IP address, timestamp

Purpose: Processing and responding to your inquiry
Legal basis: Legitimate interests (Art. 6(1)(f) GDPR)
Retention: 3 years after last contact or until deletion request
Disclosure: None, except for proper inquiry processing to internal departments

4.2 Email Communication

Privacy notice: Emails are transmitted unencrypted and can be viewed by third parties. For confidential information, please use alternative communication channels.

4.3 Newsletter

Processed data:

  • Registration data: Email address, registration time, IP address
  • Delivery statistics: Open rates, clicks, unsubscriptions

Registration procedure: Double opt-in (confirmation via email required)
Purpose: Sending product information, company news, marketing
Legal basis: Consent (Art. 6(1)(a) GDPR)
Retention: Until unsubscription

Service provider: Customer.io (Peaberry Software, Inc., USA)
Guarantees: EU Standard Contractual Clauses, technical security measures

Unsubscription possible at any time:

5. Business Operations and Services

5.1 Contract Processing and Customer Management

Processed data:

  • Master data: Name, address, phone, email
  • Contract data: Service description, terms, prices
  • Payment data: Payment method, billing data (no card numbers)
  • Communication data: Emails, calls, support tickets

Purpose:

  • Contract fulfillment and service provision
  • Invoicing and payment processing
  • Customer service and support
  • Legal documentation

Legal basis: Contract performance (Art. 6(1)(b) GDPR)
Retention: 10 years (commercial and tax retention obligations)
Deletion: After expiry of retention periods, provided no other legal obligations exist

5.2 Know-Your-Customer (KYC) and Compliance

Legal background: As a financial service provider, we are obligated to verify the identity of our customers and conduct certain compliance procedures.

Processed data:

  • Identity documents: National ID, passport, driver’s license
  • Proof of address: Utility bills, bank statements, official documents
  • Beneficial ownership: Information about beneficial ownership
  • Risk assessment: Country risk, PEP status, sanctions lists
  • Biometric data: Facial recognition, liveness detection, document authenticity verification

Processing of Biometric Data (Art. 9 GDPR)

Special categories: Biometric data for identification are special categories of personal data and are subject to enhanced protection requirements.

Processed biometric data:

  • Facial recognition: Comparison between ID photo and live selfie
  • Liveness detection: Detection of live persons vs. photos/videos
  • Document analysis: Biometric features for fraud detection
  • Facial geometry: Temporary analysis for comparison purposes

Purpose of biometric processing:

  • Identity verification and fraud protection
  • Document authenticity verification
  • Compliance with regulatory requirements
  • Protection against identity theft

Legal basis for biometric data:

  • Primary: Substantial public interest (Art. 9(2)(g) GDPR in conjunction with national anti-money laundering laws)
  • Secondary: Explicit consent (Art. 9(2)(a) GDPR) – obtained during KYC process

Purpose:

  • Anti-money laundering
  • Counter-terrorism financing prevention
  • Sanctions list screening
  • Regulatory compliance

Legal basis (general): Legal obligation (Art. 6(1)(c) GDPR, Art. 7 AML Act)
Retention: 10 years after contract termination (legal obligation)
Service provider: Sum and Substance Ltd. (UK, GDPR-compliant)

Special security measures for biometric data:

  • Encrypted transmission and storage with AES-256 standard
  • Access restriction to authorized KYC personnel
  • Short-term storage: Biometric templates are deleted after successful matching (max. 30 days)
  • No permanent storage of biometric raw data
  • Regular security audits of KYC provider
  • Secure deletion after expiry of retention periods
  • Data protection impact assessment conducted due to high risk

Your rights regarding biometric data:

  • Explicit consent: Obtained before KYC process
  • Right to withdraw: Consent can be withdrawn at any time (contract conclusion may then not be possible)
  • Special access rights: Additional information about biometric processing
  • Enhanced deletion rights: Priority treatment of deletion requests

5.3 Online Shop and E-Commerce

Processed data:

  • Order data: Shopping cart content, order history
  • Delivery data: Delivery address, shipping preferences
  • Session data: Login status, temporary shopping cart contents

Cookies in online shop:

  • Session cookies: Shopping cart management (technically necessary)
  • Persistent cookies: Login status, language settings

User account (optional):

  • Creation on voluntary basis
  • Overview of orders and invoices
  • Not public, not indexable by search engines
  • Deletion upon request (except for legal retention obligations)

6. External Service Providers and Third Parties

6.1 Google Services

We use various Google services with specific privacy guarantees:

Google Analytics 4

  • Purpose: Website analysis, user behavior, performance measurement
  • Configuration: IP anonymization activated, enhanced privacy settings
  • Data retention: 14 months
  • Transfer basis: EU-US Data Privacy Framework (Google is certified)
  • Opt-out: Google Analytics Browser Add-on

Google Ads and Conversion Tracking

  • Purpose: Measure advertising effectiveness, conversion tracking
  • Cookie duration: 30 days
  • Personalization: No combination with other Google data without consent
  • Objection: Google Ads settings or browser cookie settings

Google reCAPTCHA

  • Purpose: Protection against spam and bots
  • Processed data: IP address, browser information, mouse movements
  • Privacy: IP address is shortened in EU/EEA

Other Google Services

  • Google Fonts: Local hosting to avoid data transfers
  • Google Maps: Only loaded upon explicit user activation
  • YouTube: Enhanced privacy settings activated

6.2 Social Media Integration

Facebook/Meta

  • Integration: Like button, pixel for conversion tracking
  • Data transmission: Only upon active use of plugins
  • Protection measure: Two-click solution implemented

LinkedIn

  • Purpose: Business networking, B2B marketing
  • Usage: Analytics, conversion tracking
  • Privacy: Pseudonymized processing

Twitter/X

  • Integration: Tweet button, content embedding
  • Activation: Only after user activation

General protection measures:

  • Two-click solution for social media buttons
  • Prior information about data transmission
  • Opt-out options in respective platform settings

6.3 Payment Service Providers

Used services:

  • Stripe: Credit cards, SEPA, various local payment methods
  • PayPal: PayPal account, Express Checkout
  • Klarna: Buy now, pay later services
  • Apple Pay / Google Pay: Mobile payments
  • Others: Region-specific local providers

Data processing:

  • No storage of payment data on our servers
  • Tokenization: Secure tokens instead of card data
  • PCI-DSS compliance: All payment providers are certified

Transmitted data:

  • Transaction amount and details
  • Buyer information (name, email, address)
  • Order information

Legal basis: Contract performance (Art. 6(1)(b) GDPR)
Guarantees: EU Standard Contractual Clauses for US providers

7. International Data Transfers

7.1 Principles

Your data is generally processed within the EU/EEA. In certain cases, transfer to third countries is necessary:

7.2 USA Transfers

Affected services:

  • Google services (Analytics, Ads, etc.)
  • Customer.io (newsletter dispatch)
  • Certain payment service providers
  • Cloud services (partially)

Guarantees and protection measures:

EU-US Data Privacy Framework (DPF)

  • For certified US companies (e.g., Google)
  • Adequacy decision of the EU Commission from July 10, 2023
  • Annual recertification required

EU Standard Contractual Clauses (SCCs)

  • For non-DPF certified providers
  • Version 2021/914 of the EU Commission
  • Additional technical and organizational measures (TOMs)

Additional protection measures

  • Encryption: End-to-end for data transmission
  • Pseudonymization: Where technically possible
  • Minimization: Only necessary data is transmitted
  • Monitoring: Regular review of protection measures

7.3 Risk Assessment

General risks with USA transfers:

  • US authorities may access data under certain circumstances
  • Weaker data protection rights for non-US citizens
  • Possible surveillance programs

Our assessment:

  • Risk assessed as low with implemented protection measures
  • Regular reassessment upon legal changes
  • Alternative EU providers are reviewed and preferred when available

7.4 Your Rights Regarding Third Country Transfers

  • Right to object: You can object to the transfer
  • Right to information: Information about specific transfers
  • Complaint: To the competent supervisory authority

8. Your Data Protection Rights

8.1 Right of Access (Art. 15 GDPR)

You have the right to information about:

  • Which personal data we process about you
  • Purpose and legal basis of processing
  • Categories of processed data
  • Recipients or categories of recipients
  • Planned storage duration or criteria for determination
  • Existence of other data subject rights
  • Origin of data (if not obtained directly from you)
  • Existence of automated decision-making

8.2 Right to Rectification (Art. 16 GDPR)

Right to correction of inaccurate or incomplete data without undue delay.

8.3 Right to Erasure (Art. 17 GDPR)

Right to deletion under the following conditions:

  • Data no longer necessary for original purpose
  • Withdrawal of consent without other legal basis
  • Objection without overriding legitimate grounds
  • Unlawful processing
  • Deletion to fulfill legal obligations

Limitations: Retention obligations, freedom of expression, legal claims

8.4 Right to Restriction (Art. 18 GDPR)

Right to restriction of processing when:

  • Contesting accuracy (during verification)
  • Unlawful processing (instead of deletion)
  • Need for legal enforcement (although we no longer need data)
  • Objection (during balancing of interests)

8.5 Data Portability (Art. 20 GDPR)

Right to receive your data:

  • In structured, commonly used, machine-readable format
  • Direct transmission to another controller (technically possible)
  • Only for processing based on consent or contract
  • Only for automated processing

8.6 Right to Object (Art. 21 GDPR)

General right to object

  • For legitimate interests: Objection for reasons of your particular situation
  • Review: Whether overriding legitimate grounds for processing exist

Direct marketing

  • Absolute right to object to processing for direct marketing
  • Including profiling for advertising purposes
  • Immediate cessation after objection

8.7 Withdrawal of Consent

  • Possible at any time without giving reasons
  • Effective for the future (previous processing remains lawful)
  • Same procedure as granting consent

8.8 Right to Complain

Right to lodge complaint with supervisory authority:

  • EU citizens: Supervisory authority of your habitual residence
  • Swiss citizens: Federal Data Protection and Information Commissioner (FDPIC)
  • Alternative: Supervisory authority at the place of alleged data protection violation

8.9 Exercising Your Rights

Contact:

  • Email: [email protected]
  • Mail: Bretton Woods digital AG, Attn: Data Protection Officer, Neugasse 29, 6300 Zug

Processing procedure:

  • Identity verification: Proof required to prevent abuse
  • Processing time: Generally 1 month, extension by 2 months for complex requests
  • Free of charge: Generally free, except for unfounded or excessive requests
  • Information obligation: We inform you about measures taken

9. Data Security

9.1 Technical Protection Measures

Encryption

  • Transport: TLS 1.3 for all data transmissions
  • Storage: AES-256 encryption for sensitive data
  • Backups: Fully encrypted backup copies
  • End devices: Disk encryption on all workstations

Network Security

  • Firewalls: Multi-layer firewall systems
  • Intrusion detection: Automatic attack detection
  • VPN: Secure remote access via encrypted connections
  • Segmentation: Network isolation of critical systems

System Security

  • Updates: Automatic security updates
  • Antivirus: Enterprise virus protection on all systems
  • Monitoring: 24/7 system monitoring
  • Patch management: Regular security patches

9.2 Organizational Protection Measures

Access Controls

  • Principle of least privilege: Only necessary access
  • Two-factor authentication: For all administrative access
  • Regular reviews: Review of permissions
  • Logging: Complete access logs

Personnel and Training

  • Commitment: All employees committed to data confidentiality
  • Training: Regular data protection and security training
  • Background checks: Screening of new employees
  • Awareness: Ongoing awareness programs

Processes and Procedures

  • Incident response: Defined procedures for security incidents
  • Business continuity: Emergency plans and recovery procedures
  • Change management: Controlled changes to critical systems
  • Documentation: Complete documentation of all security measures

9.3 Data Protection Impact Assessment

Procedure: For new processing with high risk, we conduct systematic data protection impact assessments.

Criteria for high risks:

  • Automated decision-making with legal effect
  • Systematic monitoring of public areas
  • Processing special categories on a large scale
  • Biometric data for identification

9.4 Data Breach Notification

Internal procedures:

  • Immediate escalation to data protection officer
  • Documentation and assessment of incident
  • Implementation of immediate measures

External notifications:

  • To supervisory authority: Within 72 hours if risk to data subjects
  • To data subjects: Without undue delay if high risk
  • Content: Nature of breach, affected categories, number of affected, consequences and measures

10. Automated Decision-Making and Profiling

10.1 General Position

No automated decision-making with legal effect: We do not make decisions based solely on automated processing that have legal effect or significantly affect you.

10.2 Marketing Automation

Scope: Newsletter and advertising

Processed data:

  • Email open rates
  • Click behavior in newsletters
  • Website visiting behavior
  • Interest profiles based on actions

Purpose:

  • Content personalization
  • Optimization of sending times
  • Segmentation for relevant offers

Legal effects: None – only leads to personalized content without legal or significant consequences

10.3 Website Analytics

Google Analytics:

  • Automated evaluation of user behavior
  • Creation of audience segments
  • No decisions with individual legal effect

10.4 Your Rights

  • Right to object: Against any form of automated processing
  • Human intervention: For all business-relevant decisions, you can request human review
  • Information: About the logic of automated procedures
  • Correction: Possibility to correct automatically created profiles

11. Special Situations

11.1 Minors

Principle: Our services are not specifically directed at persons under 18 years of age.

11.2 Biometric Recognition

High data protection risks: The processing of biometric data for identification poses special risks to the rights and freedoms of data subjects.

Special protection measures:

  • Data protection impact assessment conducted for all biometric procedures
  • Minimal storage duration: Biometric templates only 30 days
  • No reuse: Biometric data is not used for other purposes
  • Enhanced security standards: AES-256 encryption, strict access controls
  • Regular review: Quarterly assessment of necessity

Your enhanced rights:

  • Explicit consent required before any biometric processing
  • Immediate withdrawal of consent possible at any time
  • Priority information about biometric data processing
  • Accelerated deletion upon request within 48 hours

12. Changes to this Privacy Policy

12.1 Reason for Changes

We reserve the right to change this privacy policy in case of:

  • Changes in legal situation
  • New or changed services
  • Technical developments
  • Changes in business processes

12.2 Notification Procedure

Significant changes:

  • Email notification to registered users
  • Prominent notice on website
  • Possibility to object before taking effect

Minor changes:

  • Update of date
  • Notice on website

12.3 Archiving

  • Previous versions are archived
  • Access to previous versions upon request
  • Documentation of change history

13. Contact and Support

13.1 Data Protection Officer

Dr. Sebastian Block LL.M.
Data Protection Officer
Bretton Woods digital AG

Contact:

13.2 Service and Support

General inquiries:

  • Email: [email protected]
  • Business hours: Monday to Friday, 9:00 AM – 5:00 PM (CET)
  • Platform: Support button

13.3 Response Times and Service Levels

  • Privacy inquiries: Response within 5 business days
  • Data subject rights: Processing within one month
  • Complaints: Priority processing within 3 business days

14. Final Provisions

14.1 Choice of Law and Jurisdiction

  • Applicable law: Swiss law or EU GDPR depending on applicability
  • Jurisdiction: Zug, Switzerland (for Swiss matters)
  • EU disputes: Competent courts of the EU member state of the affected person

14.2 Severability Clause

Should individual provisions of this privacy policy be invalid, the validity of the remaining provisions remains unaffected.

14.3 Language Versions

This privacy policy is available in German and English. In case of contradictions, the German version shall prevail.

Version of this privacy policy: May 31, 2025

This privacy policy has been prepared with the utmost care. However, no guarantee can be given for completeness and timeliness. If you have any questions, please contact our data protection officer.

Sign Up
en_USEN
en_USEN de_DEDE