Sequence Politique de Confidentialité

 

This is the Privacy Policy (“Policy”) for sequence-erp.com (the “Website”), operated by Zero Technologies SA, Rue Agasse 54, 1208 Geneva, Switzerland (hereinafter referred to as “Sequence”). This Policy applies to all users of Sequence’s services, for as long as personal data is processed as a result. In particular, this includes Clients with whom Sequence has a contractual relationship for the provision of Sequence´s services, their employees and website visitors. In this Policy, any persons whose personal data is processed are hereinafter referred to as “Clients”.

Sequence is committed to protecting and respecting the privacy of the Clients. Sequence is responsible for the collection, processing, disclosure, storage and protection of the personal information of the Clients in compliance with either (1) the Swiss Federal Act on Data Protection of 19 June 1992 (“FADP”), as amended, in connection with the processing of personal information of Swiss Clients; or (2) the Regulation (EU) 2016/679 (General Data Protection Regulation) EU (“GDPR”) in connection with the processing of personal information of those Clients based in the EU.

Sequence is the data controller for data processing. For any questions about how the personal information is kept or for the exercise of one or more rights (as set out below) in regards to the personal information kept by Sequence, contact the Data Protection Officer (“DPO”) at dataprotection@sequence.com.

 

COLLECTION OF PERSONAL INFORMATION

Visiting the website without login

When Clients visit the Website without login, the web server technology automatically logs general technical visit information. This includes, among other things, the IP address of the device being used, which is, however, anonymized by Google before being stored so that it can no longer be assigned to the Client. Google uses the _anonymizeIp() method for this purpose. This also includes information on the browser type, the Internet service provider and the operating system being used.

Visiting the website with login

During the free trial access, as well as during the paid use of Sequence software within the protected login area, all data entered or submitted by the Clients during the registration process and during the use of the software will also be stored. This is particularly the case when the Clients register, place orders, fill out online forms, participate in surveys or contests, correspond with Sequence online or offline, or interact with Sequence via social media, blogs or other interactive media. With the collection of data, the Clients consent to the processing, use and disclosure of personal data within the context and as part of the purposes described in this Policy.

Exchange of personal data with third parties

Clients have the option to share their data with third parties. By granting access rights, the Clients agree that Sequence may provide third parties with all the Clients´ data or allow access to it. The Clients retain full control over the third party’s access rights to the data at all times and can restrict or deny access at any time. In addition, Sequence allows the third party (e.g., the trustee) to open a Sequence account itself as a client. In this case, the third party or trustee, manages the access rights as a client and can grant, restrict or deny these rights to third parties. However, Sequence reserves the right to release specific data to authorized third parties in justified individual cases.

Payroll, accounting, HR

When using Sequence´s payroll accounting HR software, the personal data of the Client´s employees is necessarily transmitted to Sequence. Sequence shall handle this data with reasonable care and shall ensure its safety in accordance with the standards set forth in this Policy. The Client declares its consent and releases Sequence from any possible claims. The Client is responsible for obtaining the consent of its employees. The Client further declares that it is solely responsible for informing its employees about the possible storage, use, processing and disclosure of data by Sequence in accordance with the guidelines of this Policy. If individual employees of the Client do not agree with the intended data processing, the Client shall be responsible for deleting the data of these employees from its Sequence cloud accordingly.

Third-party add-ons

Sequence provides the Client with an interface (“API”) to communicate with third-party software. The Client agrees that Sequence or the third-party provider may exchange data with the third-party provider when using other Add-ons. Sequence assumes no responsibility for the data processing carried out by the third-party provider.

Third-party consulting services

Sequence may offer third-party consulting services to its Clients. In order for the third-party provider to verify the Client’s eligibility and to have the necessary contact information, the following data will be transmitted to the third-party provider: Name / Company name; address (street, postal code, city, address additional address information); contracts concluded between Sequence and the Client; telephone number(s); email address(es). For further information, please refer to the currently valid version of the privacy policy of the third-party providers.

Other functions

When the Client uses any other optionally available partner functions of Sequence or when the Client connects its own account to a partner, data will be exchanged between Sequence and the partner.

 

SECURITY MEASURES

Sequence uses technical and organizational security measures in accordance with recognized market standards to protect stored personal data from accidental, unlawful or unauthorized tampering, deletion, alteration, access, disclosure or use, and against partial or complete loss. Sequence´s servers are located in Switzerland. Certain services can be processed via servers in other countries – with an appropriate level of data protection – whereby the requirements according to the FADP or the GDPR are fully complied with at all times. The connection to the servers is made using SSL encryption. Sequence regularly backs up the client data. In order to prevent data loss even in extreme cases, the encrypted backups are also stored in several data centers in Switzerland and abroad. The requirements according to the FADP and the GDPR are fully complied with at all times. The security measures are continuously adapted and improved according to technological developments. Sequence assumes no liability for the loss of data or access to and use of the data by third parties. Furthermore, Sequence cannot guarantee the security of data transmission on the Internet. In particular, there is a risk of access by third parties when data is transmitted by email. However, access is protected by means of HTTPS. If explicitly requested by the Client, the Client can decide to use dual authentication at any time.

 

PURPOSE OF THE PROCESSING OF PERSONAL DATA AND DISCLOSURE

Sequence processes the collected data in order to be able to continuously improve its products and services, to manage the use of and access to the applications, products and information, to maintain its business relationship with the Clients, to monitor and improve the performance of its offer, to detect, prevent or clarify illegal activities and to send the Clients offers, information and marketing materials about products or services which Sequence, based on the data, assumes could be of interest to the Clients. The data may also be disclosed to partner companies and service providers, selected third-party companies, institutes and/or legally authorized government authorities, both domestic and foreign, for processing, storage and use as part of the above-mentioned purposes. If personal information is processed or stored in countries that do not ensure adequate data protection compared to Swiss data protection law, Sequence shall require the processor under contractual obligation to fully comply with the relevant provisions of the FADP or GDPR, as applicable.

Sequence has some of the aforementioned processes and services carried out by service providers who are based within the EU or Switzerland and who have been commissioned in accordance with data protection regulations. These are, in particular, companies in the categories of IT services, payment transactions, printing service providers, billing, collection and consulting, as well as sales and marketing and service providers used as part of order processing contracts. Sequence does not sell or trade the personal data, but sometimes Sequence may share it with trusted third parties. For example, delivery couriers, for fraud management, to handle complaints, to help Sequence personalise the offers to the Clients and so on. Applicable policy to keep the personal data safe and protect the Clients privacy include the following: (i) Sequence provides only the minimum information they need to perform their specific services; (ii) they may only use the personal data for the exact purposes specified by Sequence in the contracts with them; (iii) Sequence works closely with them to ensure that the privacy is respected and protected at all times; (iv) If Sequence stops using their services, any of the personal data held by them will either be deleted or rendered anonymous.

Examples of the kind of third parties with whom Sequence may share personal data are: (i) Any member of Sequence´s group both in the European Economic Area (“EEA”); and (ii) Selected third parties including: Professional advisors (e.g. external lawyers, tax advisors, payroll providers or other experts and consultants); Clients, business partners, suppliers and sub-contractors for the performance and compliance obligations of any contract Sequence enters into with them or the Clients; Subcontractors including email marketing specialists, event organisers, payment and other financial service providers; analytics and search engine providers that assist Sequence in the improvement and optimisation of the Website; Compliance partners and other sub-contractors for the purpose of assessing the suitability of the Clients for a role where this is a condition of Sequence entering into a contract.

Sequence may also disclose the personal data to other third parties, for example: (i) In the event that Sequence sells or buys any business or assets, Sequence will disclose Clients´ personal data to the prospective seller or buyer of such business or assets; (ii) If Sequence or substantially all of Sequence assets are acquired by a third party (or are subject to a reorganisation within the group), personal data held by Sequence will be one of the transferred assets; and (iii) If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply the agreements concerning you (including agreements between you and us).

The lawful basis for the third-party processing will include: third parties own legitimate business interests in processing the personal data; satisfaction of their contractual obligations to Sequence as Sequence´s data processor; for the purpose of a contract in place or in contemplation; to fulfil their legal obligations.

 

SPECIFIC DATA PROTECTION OBLIGATIONS DERIVED FROM THE CONTRACTUAL RELATIONSHIP BETWEEN SEQUENCE AND THE CLIENTS

The processing of Client´s personal data is carried out by Sequence within the context of the use by the Client of Sequence software as a Service. The Client’s personal data shall be transferred to Sequence for processing within the context of the software as a service, and Sequence shall process this data exclusively in accordance with the Terms and Conditions and the corresponding service description on Website.

The types of data depend on the data provided by the Client. These may include (i) personal master data (name, date of birth, address, employer), including contact data (e.g., telephone, email), and (ii) contract data, including billing and payment data.

The categories of data subjects depend on the data provided by the Client. These are in particular (i) employees (including job applicants and former employees) of the Client; (ii) customers of the Client; (iii) interested parties of the Client; (iv) service providers of the Client; (v) contact details of contact persons.

Responsibility

Sequence processes personal data on behalf of the Client. This includes activities that are specified in the Terms and Conditions, this Policy and in the current service description on the Website. In the context of the contractual relationship, the Client is solely responsible for compliance with the legal provisions of the data protection laws, in particular for the legality of the transfer of data to Sequence as well as for the legality of the data processing. By filling out the login screen when registering and by ordering a user account (the “sequence account”) on the Website, the Client gives Sequence the instruction for data processing. The Client may amend, change or withdraw its instructions in its sequence account or by notifying Sequence.

Sequence´s Obligations

Sequence processes the data of data subjects only within the context of the contractual relationship in accordance with the Terms and Conditions and this Policy. Sequence shall design the internal organization within its area of responsibility in such a way that it meets the special data protection requirements. Sequence shall take the appropriate technical and organizational measures to protect the Client’s data in accordance with the respective legal requirements. In particular, these measures shall continuously ensure the confidentiality, integrity, availability and resilience of the systems and services in connection with the processing. The technical and organizational measures are subject to technical progress and further development. Sequence shall have the right to implement alternative adequate measures at any time.

The employees involved in the processing of the Client’s data and other third parties working for Sequence shall process the data exclusively within the context of the contractual relationship in accordance with the Terms and Conditions and this Policy and are obliged to maintain confidentiality. If Sequence becomes aware of any violation of the protection of personal data, it shall take reasonable measures to secure the data and to mitigate any possible adverse consequences for the data subjects. In addition, Sequence shall fully comply with the applicable legal provisions regarding the notification of data protection violations.

Sequence shall fully comply with the applicable data protection provisions and shall regularly review the effectiveness of the technical and organizational measures to ensure the security of the processing.

Sequence shall process and store personal data for as long as the contractual relationship between Sequence and the Client exists. Sequence shall rectify or erase the contractual data if the Client instructs it to do so and if this is covered by the scope of the instructions.

This provision shall not apply to data that is required for further processing due to legal regulations or for compelling internal purposes.

Client’s Obligations

The Client shall inform Sequence immediately and in full in writing or via the sequence account if it discovers errors or irregularities in the order results with regard to data protection regulations.

The Client shall give Sequence the name of the contact person for any data protection issues arising within the context of the contractual relationship, if this person is not the same as the designated contact person.

The Client declares that it is solely responsible for informing the data subjects whose data is being processed regarding the possible storage, use, processing and transfer of their data by Sequence in accordance with the provisions in the Terms and Conditions and this Policy. If individual data subjects do not agree with the intended data processing, the Client shall be responsible for erasing the respective data in its sequence account.

By accepting the Terms and Conditions and this Policy, the Client expressly agrees to the transfer of its data within Sequence´s group of companies. The Client releases Sequence from any possible claims. The Client is responsible for obtaining the consent of the data subjects.

 

COOKIES

Cookies are information files that the web browser automatically stores on the computer’s hard disk when the Client visits the Website and uses the offers. Clients can choose to manage the security settings in their browser and thus block or disable cookies that have been installed, in which case, certain services of Sequence may no longer be able to be (fully) used.

Tracking and analysis tools / Social media

The use of Sequence´s digital offerings is measured and evaluated by means of various technical systems, mainly from third-party providers such as Google Analytics. These measurements can be both anonymous and personal. The collected data may in turn be transferred by Sequence or the third-party providers of these technical systems to third parties in Switzerland and abroad for processing. The most frequently used and best-known analytics tool is Google Analytics, a service provided by Google Inc. This means that the data collected may be transmitted to a Google server in the United States (or to a location specified by Google).

The Website uses Google Analytics, a web analytics service provided by Google Inc. with registered office at 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A. (“Google”). Google Analytics uses cookies. Cookies are text files which are stored on the Client’s computer and which are used to analyze the Client’s use of the website. The information generated by the cookies about the use of the website (including the IP address, which is, however, anonymized by Google before being stored so that it can no longer be assigned to the Client) is transmitted to a Google server in the United States (or to a location determined by Google) and stored there. Google will use this information for the purpose of evaluating the use of the website, compiling reports on website activity for Sequence and providing other services relating to website activity and Internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate the IP address of Clients with any other data held by Google.

The Website uses the “demographic characteristics” function of Google Analytics. This allows reports to be created that contain information about the age, gender and interests of Clients. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. Clients can disable this function at any time via the ad settings in their Google account or generally prohibit Google Analytics from collecting their data. Further information can be found in Google’s privacy policy at: https://support.google.com/analytics/answer/6004245?hl=en If Clients do not want their website activity to be made available to Google Analytics, they can install the browser add-on to disable Google Analytics: https://support.google.com/analytics/answer/181881?hl=en

This prevents activity data from being shared with Google Analytics via JavaScript executed on websites (ga.js, analytics.js and dc.js). The analysis of data by other tools of the website owner is not prevented when Clients use the add-on. Data may still be sent to the website or to other web analytics services.

Finally, Sequence collects certain information about its website in so-called server log files, which are automatically transmitted by the Client´s Internet browser. This includes the user agent (browser type and version, operating system used), http header information (referrer URL, IP address of the accessing computer), the time of the server request and the login status. These server log files are only merged with other data sources for error analysis.

Integration of third-party offers / Social media

Sequence´s digital offerings are networked with third-party functions and systems in a variety of ways, for example by integrating plug-ins from third-party social networks such as Facebook, Twitter, etc. If the Client has a user account with these third parties, they may also be able to measure and evaluate the use of the Sequence’s digital offerings. In the process, additional personal data, such as IP address, browser settings and other parameters may be transmitted to these third parties and stored there. Sequence has no control over the use of such personal data collected by third parties and assumes no responsibility or liability. Moreover, Sequence has no detailed knowledge of what data is transmitted to the third parties, where it is transmitted to, and whether it is anonymized. Plugins from YouTube are integrated on the Website. The provider is YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

The YouTube plugin establishes a connection to the YouTube servers. In doing so, the YouTube server is informed about which of the Sequence’s pages the Client has visited.

If Clients are logged into their YouTube account, YouTube can assign their browsing behavior directly to their personal profile. Clients can prevent this by logging out of their YouTube user account.

For more information, please refer to YouTube’s privacy policy: https://www.google.com/intl/en/policies/privacy

 

PROFILING AND AUTOMATED DECISION-MAKING

Profiling is the automated processing of personal data in order to analyze or predict certain personal aspects or behavior. This makes it possible, for example, to provide Clients with more individualized support and advice or to better tailor offers to individual client needs. An “automated individual decision” is a decision that is fully automated, i.e., without relevant human influence. As a rule, Sequence does not make automated individual decisions.

 

NEWSLETTERS

If the Client wishes to receive a newsletter offered on the Website, Sequence requires an email address and other information that allows verification that the email address provided is correct and that the Client agrees to receive the newsletter (the “double-opt-in” procedure).

The newsletter provides regular recommendations and offers that may be of interest to the Client. For this purpose, Sequence collects and processes personal data regarding the Client´s usage behavior on the Website, in the sequence software and in relation to the use of the newsletter (e.g., whether the Client opens the newsletter or on which web URL links the Client clicks). Sequence evaluates this data for statistical purposes in order to better tailor the content of the newsletter to the interests of its Clients.

The processing of the personal data entered in the newsletter registration form is based on the Client´s consent, which the Client can revoke at any time with effect for the future. The Client may withdraw this consent at any time via the “unsubscribe” link in the newsletter. The personal data collected is used for the design of the content and for sending of newsletter.

Sequence stores the personal data provided by the Client for the purpose of receiving the newsletter until the Client unsubscribes from the newsletter.

 

DURATION OF STORAGE

Sequence processes and stores personal data for as long as the Client uses the Service and subject to the duration of the contractual relationship between Sequence and the Client.

After termination of the contractual relationship, Sequence is generally not obliged to store the Client´s data. For this reason, data that is no longer required is regularly deleted. This does not apply to data which is required for further processing due to legal regulations or for mandatory internal purposes.

 

RIGHTS

With regard to their personal data, Clients have the following rights according to the FADP or the GDPR. In principle, Sequence grants the rights contained in the GDPR to Swiss clients as well. However, Sequence reserves the right to make a different assessment in individual cases.

Right of access

This includes the right to receive a copy of the personal data held by Sequence, subject to certain exemptions.

Right to rectify

This includes the right to ask Sequence to correct the personal data held where it is incorrect or incomplete.

Right to erasure

This includes the right to ask the personal data to be deleted in certain circumstances. For example (i) where the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise used; (ii) if the Client withdraws its consent and there is no other legal ground for which Sequence relies for the continued use of the personal data; (iii) if the Client objects to the use of the personal data (as set out below); (iv) if Sequence has used the personal data unlawfully; or (v) if the personal data needs to be erased to comply with a legal obligation.

Right to restrict the use

This includes the right to suspend our use of the personal data in certain circumstances. For example (i) where the Client thinks that the personal data is inaccurate and only for such period to enable Sequence to verify the accuracy of the personal data; (ii) the use of the personal data is unlawful and the Client opposes the erasure of the personal data and requests that it is suspended instead; (iii) Sequence no longer needs Client´s personal data, but the personal data is required by the Client for the establishment, exercise or defence of legal claims; or (iv) the Client has objected to the use of the personal data and Sequence is verifying whether its grounds for the use of the personal data override Client´s objection.

Right to data portability

This includes the right of the Client to obtain the personal data in a structured, commonly used and machine-readable format and for it to be transferred to another organisation, where it is technically feasible. The right only applies where the use of the personal data is based on Client´s consent or for the performance of a contract, and when the use of the personal data is carried out by automated (i.e. electronic) means.

Right to object to the use

This includes the right to object to the use of the personal data in certain circumstances. For example (i) where the Client has grounds relating to its particular situation and Sequence uses the personal data for its legitimate interests (or those of a third party) including for profiling; and (ii) if the Client objects to the use of its personal data for direct marketing purposes, including profiling (to the extent it relates to direct marketing).

Right to object to decision which is based solely on automated processing

This includes the right in certain circumstances not to be subject to a decision which is based solely on automated processing without human intervention.

Right to withdraw consent

This includes the right to withdraw the consent at any time where Sequence relies on consent to use the personal data. The withdrawal can be sent in writing to Sequence´s addres or by email to dataprotection@sequence.com

Right to complain

This includes the right to lodge a complaint with the supervisory authority of the relevant country.

 

LINKS

The Website may contain hyperlinks to third-party websites that are not operated or controlled by Sequence. Sequence is not responsible for the content or data protection practices of these third-party websites.

 

MINORS

The Website is not intended for individuals under the age of eighteen (18). Sequence does not intentionally collect personal data from children.

 

CHANGES OF THIS POLICY

Any changes Sequence makes to this Policy in the future will be posted on this page and, where appropriate, notified by e-mail. Please check back frequently to see any updates or changes to this Policy.

This Policy was last updated on 16 January 2023.

 

CONTACT

Questions, comments and requests regarding this Policy are welcomed and should be addressed to dataprotection@sequence.com