Your privacy is genuinely important to us. At corpusTU, we have a few fundamental principles:
- We don’t ask for personal information unless we truly need it,
- We don’t share your personal information with anyone except to comply with the law, develop our products, or protect your rights. We share aggregated answers and congested individual answers that do not enable personal identification,
- We don’t store personal information on our servers unless required for the on-going operation of our services,
- We aim to make it as simple as possible for you to understand your privacy rights and to control what information you share with us or with others through our Service.
Here is a brief description of your personal rights according to the GDPR (European Union):
Who Are We?
corpusTU AG (“corpusTU”), Am Dorfplatz 5, 6045 Meggen, Switzerland operates a website at www.piggybox.io (“Site”) and eventually a progressive web-based application called PiggyBox (“App”). Together, the Site and App, along with backend technology, serve to provide a one-stop source for:
- Receiving benefits from us or from our partner organizations in exchange for knowledge displayed regarding our or their products,
- Donating a part of the received benefits to other individuals or organizations,
- Transferring a part of the received benefits to other individuals or organizations.
What Information Does corpusTU Collect?
When you access our Site or our App, we may collect and store certain information about you, your Internet-connected devices, and the actions you take while using corpusTU.
- Personal Information you provide us with: We receive and store any information you enter on our Service or provide us with in any other way. For example, when you register on our Site or App, you provide us with: username and email, and optionally sex, age and country of residence. Additionally, when you use our Service you can provide us with, if you wish, information about your personal preferences as a consumer.
We also offer you to sign up for the Site or the App through your Facebook or Google account. If you select one of these options, you will be redirected to the Facebook Admin / Google LLC page, where you will be notified about the transmission of your data to corpusTU. You can view the Facebook and Google privacy policies by following these links: https://www.facebook.com/about/privacy and https://policies.google.com/privacy
- USA HIPAA-regulated Information: We do not collect or have access to any Personal or non-Personal Information that is protected under state or Federal HIPAA regulations. You should not enter or provide any HIPAA-regulated or health-related information to corpusTU, either directly to our employees, or through our Site, App, or Device. corpusTU is not regulated under the Health Insurance Portability & Accountability Act (HIPAA).
What Are the Purposes and the Grounds for the Processing?
We will use your Personal Information for the following purposes:
Provision of the Service
This general purpose may include the following:
- Creation and managing of your user profile at the Site or the App,
- Providing support, including answering your questions about the Service.
Processing your Information for these purposes is, in most cases, necessary for the conclusion and performance of a contract between you and corpusTU. Additionally, the implementation of these goals requires processing under applicable law, including tax and accounting legislation.
Improving Our Service
Our goal is to always provide you with the best experience you can get. That is why we can use your Personal and non-Personal Information for customizing the content you see, and communicating with you about different topics and new features of the Service. We may also draw upon the Personal Information in order to adapt the Service of our platform to your needs, to research the effectiveness of our Services, and to develop new tools for the platform.
We base these activities on our legitimate business interests by always ensuring that your fundamental rights and freedoms are unaffected.
We would like you to always be aware of the best offers for the products / services you are interested in. In this regard, we can send you all kinds of messages via e-mail / mobile push / web push channels that contain general and thematic information, information about similar products, information about offers and promotions, and other business communications such as market research and consumer opinion polls, and we can present personalized recommendations on the Site and App. In order to provide you with information of interest to you, we may use certain data about your user behaviour (for example, products that have been added to the list of desirable products) to create an account. We always guarantee that this processing is done in compliance with your rights and freedoms and that the decisions taken in connection with them do not have any legal consequences for you and do not substantially affect you in a similar way.
In most cases, we require your prior consent to send you marketing messages. You can change your mind and withdraw your consent at any time by (i) using the "Unsubscribe" link in the messages you receive from us or (ii) by sending an email to our support at support@corpusTU.io or using the contact details in the Site Notice.
In certain situations, we can base our marketing activities on our legitimate interest in promoting and developing our business. In any case, when we use your information about our legitimate interests, we take care and take the necessary measures to ensure that your fundamental rights and freedoms are not affected. However, you may at any time, using the remedies described above, discontinue the processing of your personal data for marketing purposes and we will respond to your request.
Protecting Our Legitimate Interests
There may be cases in which we use or transmit information to protect our rights and our commercial activities. These may include:
- Measures to protect the Site, the App and the users of the Service against cyber-attacks,
- Measures to prevent and detect attempts at fraud, including the transmission of information to competent public authorities,
- Measures to manage various other risks.
The main reason for these types of processing is our legitimate interest in protecting our business by making sure that we ensure that all the measures we undertake ensure a balance between our interests and your fundamental rights and freedoms. In addition, in some cases, our processing is based on legal provisions.
How Long Do We Keep Your Personal Information?
As a rule, we store your Personal Information while you have an account with the Site/the App. You may always ask us to delete certain information or to close your account and we will respond to this request by retaining certain information, even after the account is closed when the applicable law or legitimate interests impose it. You can exercise this right by sending an email to our support at support@corpusTU.io or using the contact details in the Site Notice.
How is My Personal Information Used and Shared?
- Employees, contractors, and affiliated organizations: corpusTU discloses Personal Information and non-Personal Information only to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process on corpusTU’s behalf or to provide services available at corpusTU’s websites, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country. By using corpusTU Site and App, you consent to the transfer of such information to them.
- Friends: You may connect your corpusTU profile to third-party services such as Google, Facebook and Twitter which may enable to post information about your usage of corpusTU to your selected audiences on those third-party services. corpusTU does not make your Personal or non-Personal Information viewable to those services unless you grant permission through those services. Individuals reading this information may use it or disclose it to other individuals or entities without our control and without your knowledge. We therefore urge you to think carefully about including any specific information you may deem private in comments or tips or other content (location or otherwise) that you create in the Service.
- Partner organizations: One of the key purposes of corpusTU is to help partner organizations learn about which perks and discounts are most valuable and most popular and for them to provide additional relevant information about available benefits to you, to their members, and to prospective members. To that end, corpusTU may share Personal Information and non-Personal Information as aggregated data and congested individual answers that do not enable personal identification with partner organizations of which you may or may not be a member of. Examples of this data include alerts received, alerts converted into transactions, search terms, types of perks redeemed, and feedback provided on individual perks.
- Publicly available Information: corpusTU does not share any Personal Information or non-Personal Information with the general public.
Other than to the recipients described above, corpusTU discloses Personal Information and non-Personal Information only in response to a subpoena, court order or other governmental request, or when corpusTU believes in good faith that disclosure is reasonably necessary to protect the property or rights of corpusTU, third parties or the public at large.
We store your Personal Information on servers located in the territory of Ireland. Should any information be transferred to a territory outside of the European Union we shall make sure that we comply with all GDPR requirements and you will be notified of such transfer.
If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users.
What Are Your Rights?
The General Data Protection Regulation (GDPR) recognizes a number of rights in relation to your personal data.
What follows is a brief description of your rights according to the GDPR (European Union). To exercise your rights, you can contact us by sending an email to our support at support@corpusTU.io or using the contact details in the Site Notice.
Please consider the following if you wish to exercise these rights:
- Identity. We are seriously treating the confidentiality of all records containing personal data. For this reason, we ask that you send us your requests regarding these records using your email address listed in your account. Otherwise, we reserve the right to verify your identity by requesting additional information to confirm your identity.
- Fees. We will not charge a fee for the exercise of any rights with respect to your personal data except when your request for access to information is unreasonably, repeatedly or superfluously repeated, in which case we will charge a reasonable amount. We will inform you of any applicable fees before considering your request.
- Response time. We plan to respond to all valid requests within one month unless the request is particularly complex or if you have made more requests, in which case we will respond within a maximum of two months. We'll let you know if we'll need more than a month. We may ask you to tell us exactly what you want or what you worry about. This will help us to act more quickly and shorten the time to respond to your request.
- Third-party rights. We will not need to respond to a request if it affects the rights and freedoms of other data subjects in a negative way.
You have the right to complain to the local supervisory personal data protection authority about the processing of your Personal Information. Without prejudice to your right to contact the supervisor at any time, please contact us in advance and we promise that we will do our utmost to resolve your issues by mutual agreement.
1. What Are Cookies?
“Cookies” are text-only pieces of information that a website transfers to an individual’s hard drive or other website-browsing equipment for record-keeping purposes. Cookies allow the Site/App to remember important information that will make your use of the Site/App more convenient. A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a randomly generated unique number or other value. Certain cookies will be used on the Site/App regardless of whether you are logged in to your account or not.
Cookies are not the only types of technology that enable this functionality, we also use other, similar types of technologies. See below for more information and examples.
Functional. We use these cookies to monitor the performance of our Site/App and to enhance your browsing experience.
Essential. We use browser cookies that are necessary for the Site/App to work as intended. For example, we store your website data collection preferences so we can honour them when you return to our Site/App. You can disable these cookies in your browser/device settings but if you do the Site/App may not work as intended.
Marketing & Analytics. To understand user behaviour in order to provide you with a more relevant browsing experience or personalize the content on our Site/App. For example, we collect information about which pages you visit to help us present more relevant information.
3. Other Technologies We Use
We use App local storage for the following purposes:
- For authentication, to track a user’s session so he/she will not have to log in whenever he/she comes back to the App or goes through pages;
- For versioning, to compare user's last saved versions on a device with the version on corpusTU server, and update the user's App if necessary;
- For QR campaigns, to check if a user is already registered and determine if they can participate in QR campaign before they log in;
- For "Add to Home screen" prompt, to check if the install prompt has been offered.
We use Site local storage to remember the language preferences of the users and preload some of the Site elements for better experience (mostly images and CSS).
4. Third Party Services
5. How to Manage Your Cookies Preferences
The law states that we can store cookies on your device if they are strictly necessary for the operation of this Site/App. For all other types of cookies, we need your permission.
The users can manage the preferences for Cookies directly from within their own browser and prevent – for example – third parties from installing cookies.
Through browser preferences, it is also possible to delete Cookies installed in the past, including the cookies that may have saved the initial consent for the installation of cookies by this website.
Users can, for example, find information about how to manage cookies in the most commonly used browsers at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Internet Explorer.
Notwithstanding the above, corpusTU informs that users may follow the instructions provided on the subsequently linked initiatives by the EDAA (EU), the Network Advertising Initiative (US) and the Digital Advertising Alliance (US), DAAC (Canada), or other similar services. Such initiatives allow the users to select their tracking preferences for most of the advertising tools. corpusTU thus recommends that the users make use of these resources in addition to the information provided in this document.
If corpusTU, or substantially all of its assets, were acquired, or in the unlikely event that corpusTU goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of corpusTU may continue to use your personal information as set forth in this policy.
Third Party Sites
This policy only addresses our activities from our servers.
Other sites, including those sites that are accessible from our Site, may have their own policies and practices, which we do not control.
Security, Illegal and Legal Access
corpusTU takes all measures reasonably necessary to protect against unauthorized access, use, alteration or destruction of Personal and non-Personal Information.
However, we cannot always guarantee the security of the information collected, despite our best efforts to maintain the security of such information. Although we use industry-standard methods to protect your personal information from unauthorized access, third parties may gain access to the database by evading our security measures. We assume no liability for any disclosure of information collected arising from the acts of third parties or other events, acts or omissions outside of our control.