Privacy Policy

Data protection and security are important to BenLink AG (BenLink; we). This Privacy Policy describes how we collect and process your personal data (and certain technical data) when you visit benlink.com (Website), access and use our online services (Platform), such as the TechPortal (supplier portal), myBenLink (customer portal), BenLink Toolbox mobile app, or use our online training, certification, and associated services.

This privacy policy is aligned with both the Swiss Data Protection Act (DPA) and the European General Data Protection Regulation (GDPR). However, whether the GDPR applies to a specific processing operation depends on the individual case.

1. Collection and processing of personal data

1. Personal data we collect and process in order to respond to your inquiries

If you contact us by email or interact with registration or contact forms on the Website, we collect and process the information you provide to us. This will regularly include personal data (information that identifies you directly or indirectly) such as your name and business email address, the country where you work, information on the company you work for or represent, and your role at that company.

2. Data we collect and process in order to make the Website and the Platform available

You may visit the Website and obtain information about BenLink, the Platform and our services without telling us who you are. As with any connection to a web server, the server on which we make available the Website and the Platform or provide further services automatically logs and stores certain technical data and stores it for a short time. This includes the IP address and operating system of your device, the date and time of use and the type of browser you use to access the Website or the Platform. This is necessary for the optimal and secure provision of the Website and the Platform.

3. Personal data we collect and process in order to allow access to and use of the Platform

We collect and process the following types of personal data in order to allow access to and use of the Platform:

• Registration on behalf of a business partner: You need to register prior to accessing and using the Platform on behalf of a business partner of BenLink. This will regularly include your name, (business) email address, (business) telephone number, and your role at the company you work for or represent.
• Access and use of the Platform on behalf of a business partner: We will collect and process the information you provide to us if you access and use the Platform on behalf of a business partner. In addition to the information provided at registration, this will include the contents of communication with us and your business relevant actions on the Platform (e.g., when you order our services, invite technicians, reset your password, etc.).
• Registration as technician: The access and use of the Platform as a technician require prior registration by the technician. In the registration process, we will ask you to provide personal data such as your name, business email address, business telephone number, the name and address of the company you work for, and your role at that company. In addition, we will ask you for your work knowledge, your certifications and licences, your educational and work experience, language proficiency, and shirt size.
• Access and use of the Platform as technician: If you access and use the Platform as technician and interact with service job information on the Platform, we will collect and process the information you thereby provide. In addition to information provided at registration, we process information we receive from our business partners once you have completed service jobs for them, in particular, feedback on the type and quality of your work, or information we receive from your employer. If you participate in online trainings or certifications, we collect and process information on your training, answers given at tests, courses taken as well as test results, and your training status.

4. Web Analytics

We use Matomo Analytics Cloud, a privacy-friendly web analytics service provided by InnoCraft (InnoCraft, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand, Matomo cloud privacy policy) ("Matomo"). Matomo uses cookies to collect the information that is required to evaluate your use of this Website in order to create reports on the use of the Website and to provide other services that support our analysis and improvement of the use of the Website. This data is not shared with anyone outside of BenLink.

2. Note on our use of cookies

We use cookies and similar technologies on the Website to provide you with the best possible user experience, to help us improve the Website and to provide certain features such as embedded videos (Youtube) or geographical maps (Google maps) through third-party services. Cookies are text files that are downloaded to your computer or mobile device when you visit a website or use an app. You can manage these cookies on our online services through our third-party cookie managing service Cookie-first.

3. Purposes and legal basis

We collect and process your personal data to inform you about our range of services and to provide our services to you or to the company or organization you work for or represent. This includes the following purposes:

• Making the Website available
• Responding to your inquiries
• Providing the Platform and related services
• Providing training and certification services

BenLink has a legitimate interest in the processing of your personal data in accordance with the purposes pursued. The data processing is usually also necessary for us to perform our contractual obligations to you or to your company or organization.

We also process your personal data (and certain non-identifiable technical data) for the following purposes. We have a legitimate interest in processing your personal data in accordance with these purposes:

• Analysis and improvement of the use of the Website and Platform
• Sending you information about new developments at BenLink or new services or offers (you may at any time opt-out of receiving such information in the future)
• Protection against misuse of our Website or Platform
• Compliance with legal obligations
• Enforcement of legal claims

The legal basis for the processing of personal data described in this Privacy Policy is therefore primarily our legitimate interest (or the legitimate interest of your employer or our other business partners) in pursuing the purposes described, our legitimate interest in performing our contractual obligations to your company or organization, or the necessity to perform our contractual obligations to you. In addition, we carry out some data processing in order to comply with our legal obligations (e.g., records keeping obligations).

We may separately ask you for your consent to process your personal data for specific purposes. If you give us your consent, we will process your personal data only to the extent based on this consent as there is no other suitable or above-mentioned legal basis for this and only insofar as we need a legal basis or justification for the corresponding data processing. You have the right to revoke any consent you have given. The revocation has no effect on the legality of data processing that has already taken place.

4. Data security

We take appropriate technical and organizational measures to protect the integrity, confidentiality and contractual availability of the personal data processed. In particular, we implement access controls, use firewalls to protect servers, encrypt certain data and implement procedures for regular review, assessment and evaluation of the effectiveness of the measures in accordance with our risk assessment.

5. Duration of data processing

We store your personal data only to the extent and for as long as it is necessary to fulfill the purposes described in this Privacy Policy, we have a legitimate interest in storing it, or we are required to do so by law.

6. With whom we share your personal data

Where necessary in order to make available the Website and the Platform, or to provide training or additional services, or to pursue the legitimate interests described herein, we share your personal data with the following categories of recipients:

• The company you work for as a technician, planner/coordinator, supervisor, administrator
• The companies for whom you perform certain service jobs as a technician, supervisor
• External service providers
• If necessary, suppliers or further business partners with whom we may need to coordinate the processing of your inquiries
• If necessary, public authorities and courts.

Such recipients are usually based in Switzerland, or in an EU or EEA member state and other European countries where the developers, administrators, or users of our Platform are based. In addition, we use service partners that process your personal data (or certain technical data) in the United States, in India, and developers in the Ukraine. In relation to such recipients in the those latter countries , we have put in place suitable guarantees in accordance with the applicable legal provisions on the international transfer of personal data.

7. Your rights with regard to your personal data

You have the following rights as regards our processing of personal data that relates to you:

• The right to obtain information on the processing of your personal data
• The right to obtain a copy of your personal data
• The right to correct your personal data
• The right to delete your personal data
• The right to object to the processing of your personal data.

Please note, however, that your rights are subject to exceptions or derogations. Where legally permitted to do so, we may refuse your request to exercise these rights. Specifically, we may need to further process and retain your personal data to perform a contract with you or your company or organization, to comply with legal obligations or to protect our own legitimate interests. However, you have a right to lodge a complaint with a competent supervisory authority.

8. Controller / How to contact us

BenLink AG, Gupfenstrasse 5, 9240 Uzwil, Switzerland, and the local BenLink entity of your region (if any), is the controller in relation to the processing of personal data described in this Privacy Policy.

If you have any questions about data protection at BenLink or would like to exercise your rights under applicable data protection law, you may contact us at privacy@benlink.com

Our representative in the EU is: ecoprotec GmbH, Pamplonastrasse 19, 33406 Paderborn, Germany. You may contact the EU representative at email info@ecoprotec.de.

9. Amendments of this Privacy Policy

We may amend this Privacy Policy at any time. The current version published on the Website applies.

Last updated: August 31, 2023 (Version 4.0)