This document (herein after, the “Privacy Notice”) describes the types of data that Authena AG (herein after, “Authena” or “we” or “us”) collect through Authena Pharma app, Authena Wine app, Authena Agro app, Authena Fragrances app and Authena website –http://authena.io– (herein after, the “Apps” ), how we use your data, with whom we share it and the rights and choices you have available with regards to the use we do of your personal data. We also describe the measures implemented to protect the security and confidentiality of the personal data collected, and the way in which users can contact us to obtain information about our practices on privacy matters. Authena clients (“Client”) for the purpose of this Privacy Notice are those companies that protect their products and goods using Authena solution.
Authena, domiciled at Chamerstrasse 172, 6300 Zug, Switzerland, is the responsible for the processing of the personal data. You expressly, voluntarily, unequivocally and by being informed consent to the inclusion of your personal data provided through the Apps, on Authena’s database, as well as to the processing of your personal data for the purposes described in this Privacy Notice.
1. COLLECTED DATA
We collect certain data through the Apps, including your personal data, that is any information through which you can be directly or indirectly identified. To us, your privacy and the security of your information are important and, therefore, we will request only data that is strictly necessary for you to use the services offered by Authena through the Apps. To that end, Authena may request and process the data listed as follows.
1- Data provided by users. This includes:
• User profile: We collect data when users create or update their Authena accounts. This may include their name, email, phone number, login name and password, address, gender, and birth date.
• Demographic data: We may collect demographic data about users, including through user surveys. In some countries, we may also receive demographic data about users from third parties.
• User content: We collect the information users submit when they contact Authena customer support and report fake products, provide ratings or compliments for Clients, or otherwise contact Authena. This may include feedback, photographs or other data provided by users.
2- Data created during use of our services. This includes:
• Location data: Authena collects this data when the App is running in the foreground (app open and on-screen) or background (app open but not on-screen) of their mobile device.
• Location data: We collect precise or approximate location data from users tapping Authena NFC tags mobile devices if they enable us to do so. We use this data to enable authenticity features and prevent and detect product counterfeit, also we provide Authena Clients with information of the location of their products are located and consumed.
• Transaction information: We collect NFC tapping information related to the use of our authentication service, including the type of product tapped, details, date and time the tap was performed.
• Usage data: We collect data about how users interact with our services. This includes data such as access dates and times, app features or pages viewed, app crashes and other system activity, type of browser, and third-party sites or services used before interacting with our services. In some cases, we collect this data through cookies, pixels, tags, and similar tracking technologies that create and maintain unique identifiers.
• Device data: We may collect data about the devices used to access our services, including the hardware models, device IP address, NFC readings, operating systems and versions, software, preferred languages, unique device identifiers, advertising identifiers, serial numbers, device motion data, and mobile network data.
• Communications data: We enable users and Clients to communicate with each other and Authena through the Apps. For example, we enable user (final consumer) and Client (supplier of authenticated goods) to interact directly. To provide this service, Authena receives some data regarding the communications, including the date and time of the communications and the content of the communications. Authena may also use this data for customer support services (including to resolve disputes between users and Clients), for safety and security purposes, to improve our products and services, and for analytics.
3- Data from other sources. This includes:
• User feedback, such as ratings, reviews, or compliments.
• Users participating in our referral programs. For example, when a user refers another person, we receive the referred person’s personal data from that user.
• Users or others providing information in connection with claims or disputes.
• Authena business partners through which users create or access their Authena account, such as payment providers, social media services, or apps or websites that use Authena APIs or whose APIs Authena uses.
• Publicly available sources.
• Marketing service providers.
Authena may combine the data collected from these sources with other data in its possession.
2. PROCESSING OF PERSONAL DATA
Authena collects and uses data to protect authenticity of products secured with Authena technology. We also use the data we collect to:
• Enhance the safety and security of our users and services
• For customer support
• For research and development
• To enable communications between users and Clients
• To send marketing and non-marketing communications to users
• In connection with legal proceedings
Authena does not sell or share user personal data with third parties for their direct marketing, except with users’ consent.
Authena uses the data it collects for purposes including:
(i) Providing services and features. Authena uses the data we collect to provide, personalize, maintain, and improve our products and services.
This includes using the data to:
• Create and update users’ accounts.
• Authenticate Authenas secured products (NFC readings).
• Enable transportation, deliveries, and other services.
• Offer, process, or facilitate payments for services.
• Track and share the progress of deliveries inside the supply-chain.
• Enable features that allow users to share information with other people, such product recommendations, or reviews.
• Enable features to personalize users’ Authena accounts, such as creating bookmarks for favorite products, and to enable quick access to product libraries.
• Perform internal operations necessary to provide our services, including to troubleshoot software bugs and operational problems; to conduct data analysis, testing, and research; and to monitor and analyze usage and activity trends.
(ii) Safety and security. We use personal data to help maintain the safety, security, and integrity of our services and users. This includes:
• Using device, location, profile, usage, and other data to prevent, detect, and combat fraud or unsafe activities.
• Using user ratings and feedback to encourage compliance with the highest standards for secured products and detecting products with low ratings.
(iii) Customer support. Authena uses the information we collect to provide customer support, including to:
• Direct questions to the appropriate customer support person
• Investigate and address user concerns
• Monitor and improve our customer support responses and processes
(iv) Research and development. We may use the data we collect for testing, research, analysis, product development, and machine learning to improve the user experience. This helps us to improve and enhance the safety and security of our services, improve our ability to prevent fraud, and develop new features and products. (v) Enabling communications between users, or Client and users. For example, a user can contact directly a Client requesting certain information of an Authena secured product.
(vi) Marketing. Authena may use the data we collect to personalize the marketing communications (including advertisements) that we send, including based on user location, past use of Authena’s services, and user preferences and settings.
(vii) Non-marketing communications. Authena may use the data we collect to generate and provide users with receipts; inform them of changes to our terms, services, or policies; or send other communications that aren’t for the purpose of marketing the services or products of Authena or its partners.
(viii) Legal proceedings and requirements. We may use the personal data we collect to investigate or address claims or disputes relating to use of Authena’s services, or as otherwise allowed by applicable law, or as requested by regulators, government entities, and official inquiries.
Authena will retain your personal data as long as necessary to fulfill with the purposes for which they were collected and, as well, for longer terms when permitted or required in accordance to applicable laws.
3. COOKIES AND THIRD-PARTY TECHNOLOGIES
• Authenticating users
• Remembering user preferences and settings
• Determining the popularity of content
• Delivering and measuring the effectiveness of advertising campaigns
• Analyzing site traffic and trends, and generally understanding the online behaviors and interests of people who interact with our services
4. INFORMATION WE SHARE
The personal data we collect can be shared with third parties on the following ways.
• The personal data we collect through the Apps can be shared with third parties as described in this Privacy Notice. We will share personal data with service suppliers that provide us services and in accordance with our instructions and for the purposes detailed in this Privacy Policies. We do not authorize suppliers to reveal or disclose your personal data unless in those cases that the disclosure is strictly necessary for the provision of the services on our behalf, or to comply with legal obligations.
• We will also share your personal data with companies that belongs to our corporate group, that work under our same processes and internal policies, either controlled, controlling companies or Authena’ affiliates, to comply with our internal rules, prevent frauds, manage risks and facilitate the management of Authena’ services and products.
• Authena understands the importance of maintaining the confidentiality and security of all the data that may be collected. Consequently, Authena is committed to subscribing the necessary agreements to guarantee the confidentiality and security of the personal data. Authena and those who intervene in any phase of the processing of personal data are obliged to professional secrecy with respect to said data.
• Moreover, we may share your personal data (i) if we are obliged to do so by law or in the context of a legal procedure, (ii) to security entities and forces or any other public officials when they legally request the data, (iii) to our legal and accountant advisors, (iv) when we consider that such disclosure is necessary to prevent physical damages or economic loses to Authena or third parties, or (v) in the context of an internal or external investigation for fraudulent or illegal activities, or that are presumed to be fraudulent or illegal, with public or private authorities, security forces, and third parties that provide us with assistance in the investigation, including but not limited to legal advisors and investigators. Likewise, you authorize us to transfer your personal data in case of the selling or transmission of the whole or part of our assets (including cases of restructuration, dissolution or liquidation).
• We will share your information and data as part of any process of fusion, acquisition or sell of assets of Authena, as well as in case of an unexpected insolvency situation, suspension of payments or bankruptcy in which the data must be transferred as one of Authena’ assets.
5. TRANSFER OF PERSONAL DATA
The personal data collected may be assigned or transferred to third parties for the compliance of the purposes and in the way established in this Privacy Notice, and for the maintenance or compliance of the relationship between you and Authena.
Your personal data collected through the Apps can be transferred to countries or jurisdictions that may not have the same legislation on data protection and, therefore, offer less protection, which you understand and consent. When we transfer your personal data to other countries, we will protect them in the way described in this Privacy Notice, implementing safeguards that guarantee an adequate level of protection of the personal data that are transferred.
6. SECURITY OF YOUR PERSONAL DATA
The data collected will be keep confidential and safe. Authena will only use the data for the purposes and in the way informed in this Privacy Notice. Authena complies with the legislation on the protection of personal data and in particular with General Data Protection Regulation 2016/679 and its complementary regulations (herein after, the “Personal Data Protection Legislation”). In order to guarantee the security of the personal data you provide to Authena the same criterias and degree of diligence that Authena apply to the safeguard of its own information, will apply.
Particularly, we adopt administrative, technical, logical and physical security measures designed to protect the personal data that you provide us with or the we collect, from its destruction, loss, alteration, access, communication or accidental, illegal or non-authorized use, to the end of preventing the unauthorized access, maintaining the data accuracy and ensuring the correct use of the personal data that you provide or we collect. In this sense, Authena has set certain physical, electronical, administrative means and security procedures to safeguard and ensure the personal data we collect online. We safeguard your personal data in accordance to our security standards and proceedings established and we constantly evaluate new technologies to protect that information. Authena states that its internal process of databases complies with the legal obligations on security and confidentiality imposed by the Personal Data Protection Legislation.
However, you acknowledge that the existing technical means that provide security are not unbreachable, and that even when reasonable security measures are taken, it is possible to suffer manipulations, destruction and/or loss of information. Finally, if you believe that your interaction with us is no longer safe (for example, if you believe that the security of an account you have with us is at risk), immediately notify us of the problem using the communication channels in section 10 “Contact Information”.
7. DATA PROTECTION RIGHTS, AND CHOICES OF THE USER
Authena would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
· The right to access – You have the right to request Authena for copies of your personal data. We may charge you a small fee for this service.
· The right to rectification – You have the right to request that Authena correct any information you believe is inaccurate. You also have the right to request Authena to complete the information you believe is incomplete.
· The right to erasure – You have the right to request that Authena erase your personal data, under certain conditions.
· The right to restrict processing – You have the right to request that Our Company restrict the processing of your personal data, under certain conditions.
· The right to object to processing – You have the right to object to Authena’s processing of your personal data, under certain conditions.
· The right to data portability – You have the right to request that Authena transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact:
· Direct action: https://authena.io/personal-data-removal-request/
· Email us at: firstname.lastname@example.org
· Call us at: +41 44 562 43 74
· Or write to us: Chamerstrasse 172, 6300 Zug, Switzerland
Authena presumes, and you guarantee that, the veracity of all the information that is provided by you. Consequently, Authena does not verify, nor assumes the obligation of verifying the veracity, validity, sufficiency, legality and authenticity of the data that you provide. You always assume the responsibility of maintaining such information updated.
8. LINKS TO WEBSITES
The Apps may contain links to websites for your convenience and information. Those websites may be operated by companies that are not related to us (even Clients websites). Usually, the linked websites have their own privacy policies and statements, which you should read when visiting those websites. We do not accept any responsibility for the content of other websites different than ours, nor with regards to their use, or its privacy practices.
9. UPDATES OF THIS PRIVACY NOTICE
Authena keeps its Privacy Notice under regular review and places any updates on this web page. This Privacy Notice was last updated on 2 December 2020.
10. CONTACT INFORMATION
In case you wish to contact us to update your data or exercise your rights, or if you have any doubts with regards to the scope of this notice and/or any inquiry regarding the privacy and/or security of the information provided by Authena, you may contact us directly through the email address email@example.com.