Data Privacy The Radicant Business Services AG

Scope

This Data Protection Notice (the “Notice”) explains how radicant business services ag (“RBS”), as the data controller, collects, uses, and processes personal data when users (“User”, or collectively the “Users”) access our website (“RBS Website”) and/or use our web and mobile applications (“RBS Web/Mobile App”) or related services, offers, marketing information, or events (the “Services”).

This Notice does not apply to personal data collected by third-party websites or applications that users may access via links provided on the RBS Website. In such cases, the privacy policies of the respective third parties apply.

RBS process personal data in accordance with the Swiss Federal Act on Data Protection (FADP), the EU General Data Protection Regulation (GDPR), and this Notice.

By accessing the RBS Website, RBS Web/ Mobile App, or registering for RBS Services, the user confirms that they have read and understood the Notice.

Personal Data

Personal Data is any information relating to an identified or identifiable natural person. This includes data that directly identifies users, as well as information that allows RBS to indirectly identify a user based on additional data (e.g., email address, customer number, phone number).

Data Collected by RBS

 Information Provided by the User

RBS only collects the information necessary to provide its services. This data is provided by the user when they register, request product updates, use a feature, participate in an activity, or contact RBS. The exact data collected depends on the context, the user’s choices, and the features used.

Examples of data collected by RBS include:
· Identity and contact data: First and last name, birth name, ID/passport number, nationality, gender, phone number, email address, current and previous addresses; if relevant, commercial register numbers, professional licenses, business affiliations, and partners.
· Login data: Access credentials created by the user.
· Phone and email interactions: If a support call is recorded (with user’s consent), RBS collects audio data or a written transcript, along with metadata such as call number, time, and duration.
· Accounting data: Invoices, receipts, ledger postings, VAT amounts that are uploaded to or created in the RBS SaaS solution

Automatically collected Data

When users browse the RBS Website or use the RBS Website/ Mobile App, certain device‑ and usage‑related information is gathered automatically. This data do not directly identify the user but helps RBS maintain service security, diagnose errors, and generate usage statistics.

Technical & usage data (Web and App):
· IP address and approximate country/region information
· Browser type, version, language, time‑zone, referring URL
· Operating system and device model/name
· Pages or screens viewed, session length, clicks and scroll behaviour
· Cookie or mobile SDK identifiers

Online Data:
· Logs and tools collected by RBS include IP addresses, device IDs/advertising IDs, and anonymized geolocation tokens used by analytics tools.

Data Collected in the RBS Web/Mobile App:
· Geolocation (optional): If the user enable location services, the RBS Web/Mobile App may determine the user’s approximate location to support location-based features (e.g., local tax rates). The user can revoke this permission at any time in their device settings.
· Device‑Feature Access (optional): The RBS Web/Mobile App may request access to the camera, photo gallery, or contacts when the user utilizes features that require them (e.g., scanning an invoice). The user decides whether to grant or deny each permission.
· Mobile‑Device Metadata: Device ID, operating system version, manufacturer, push‑token, crash logs.
· Push‑notification token: A randomly generated identifier used by iOS/Android to deliver in‑app alerts. These can be disabled at any time in system settings.

All automatically collected data is stored only as long as necessary for security monitoring, service continuity and aggregated analytics. It is then deleted or anonymized.

Data Categories and Processing Purpos

RBS only processes personal data lawfully, in good faith and only if this is necessary for:
‍
(i) the operation, improvement, and content/services of the RBS Website and RBS Web/Mobile App;
(ii) the conclusion and fulfillment of contracts and agreements with users;
(iii) RBS’s legal obligations.

RBS collects personal data provided by users during registration for RBS Services and RBS Web/Mobile App and process this data to provide the agreed-upon services, or to contact the user upon request or inform them about our products, services, and updates. This data processing is based on the user’s consent, unless it is not feasible to obtain prior consent and the processing is legally permissible.

Additional personal data collection depends on the context of the user’s interactions with RBS and the services used, including the user’s choices and the features/products they access.

The data processing may involve the following categories of data and recipients:

Technical Data

When the RBS Website or our RBS Web/Mobile App is used, RBS collects and processes personal data such as the IP address and other non-personal information. These do not directly reveal the user's identity and may include information such as the files requested by the user (e.g., visited website), referring URLs, date and time, browser type used by the user, operating system, the name and other characteristics of the device used, such as language settings and the country from which the user accesses the website.

RBS uses this data to ensure the security of its systems and for general business purposes such as statistics and reporting. RBS may also use this data to optimize the user experience.

If the website was accessed via a search engine, RBS collects the search term used to find the requested webpage on the RBS Website. This data may be used to improve the search experience.

Tracking Technologies

When users visit the website, RBS collects and processes personal data such as IP addresses and user behaviour information through the use of cookies or similar tracking technologies (e.g., web beacons and pixels). This data does not directly reveal users' identities and may include information such as requested files (e.g., visited web pages), referring URLs, date and time, the search term used to find the requested page on the RBS website, the plugins used, browser type, and operating system. RBS uses this data to provide the basic functionality of the website and may also use it to optimize the user experience.

Third parties with whom RBS maintains marketing relationships may also collect personal data, such as IP addresses and user behavior information, through the use of plugins. When users interact with these plugins, the relevant information is transmitted directly from their browser to the third-party system and stored there. Third-party components may also use cookies.

Customer Data

To provide RBS services, including the performance of contracts related to the use of the RBS Web/Mobile App, personal data (e.g., first and last name, country of residence, date of birth, nationality, email address, phone number, address, and identity verification documents) is collected, processed, and stored.

RBS may use personal data for marketing purposes and for future contact to inform users about additional services and features.

Sensitive Data

Client Services / Customer Success

When a user contacts the RBS customer service team by phone or email, personal data such as phone number, name, contract number, product type, language, phone number, the reason for the inquiry (e.g., orders, clarifications, information requests, reservations, negotiations), and other details may be collected and processed regardless of the communication method used.

The exchange between the user and RBS may be recorded and stored for regulatory purposes, quality assurance, and to better assist with future inquiries.

Legal Basis and Purpose of Data Processing

RBS processes personal data only for the purposes set out below:
‍
· Consent: We may process data when a user has given explicit consent for a specific purpose.
‍
· Legitimate interests: RBS may process data where it is necessary to achieve legitimate business interests.
‍
· Performance of a contract: If RBS has entered into a contract with a user, personal data may be processed to perform the terms of our contract.
‍
· Legal obligations: RBS may disclose information if required to do so by law to comply with applicable legal obligations, regulatory requirements, legal processes, court orders, or legal proceedings (e.g., in response to a court order, including compliance with national security or law enforcement requirements).
‍
· Vendors, consultants and other third-party service providers: RBS may share information with third-party vendors, service providers, contractors, or agents who perform services for RBS or on RBS's behalf and require access to such information to do so. Examples include: payment processing, data analysis, email delivery, hosting services, customer service, and marketing efforts.

RBS may allow selected third parties to use tracking technologies in the services or apps, enabling them to collect data about how users interact with the services or apps over time. This information may be used to analyse and track data, determine the popularity of certain content, and better understand online activity. Unless otherwise stated in this Notice, RBS does not share, sell, rent, or trade any user information with third parties for their promotional purposes.
‍
· Business Transfers: RBS may share or transfer information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of its business to another company.
‍
· Affiliated companies: RBS may share information with its affiliates, in which case RBS will require them to comply with this Notice. Affiliates include subsidiaries, joint venture partners, or other companies that RBS controls or that are under common control with RBS.
‍
· Business partners: RBS may share information with business partners to offer certain products, services, or promotions.

Push Notifications

Users may receive push notifications within the RBS Web/Mobile App while logged in, using the app, or even when the device is locked or in sleep mode. RBS uses push notifications to provide information and alerts related to the use of the RBS Web/Mobile App.

The sending of push notifications is outside RBS’s control and is linked to the push notification service of the respective mobile operating system (OSPNS). Push notifications can be disabled in the device settings.

Changes To Personal Data
RBS is obliged to keep user’s personal data correct and up to date. If a user's personal data changes, the user is required to inform RBS without delay.

Tools and Services Available
‍
Newsletter
‍
If a user registers for the newsletter using their email address, news, offers, and promotional campaigns will be sent electronically.

The newsletter can be unsubscribed from at any time by clicking the "Unsubscribe" button at the end of the email.

Feedback form
‍
If a user sends an email or uses an integrated feedback and contact form, we process personal data for the purpose of handling the inquiry and improving our services.

Users should refrain from submitting sensitive information via the feedback and contact forms available on the RBS website. RBS cannot guarantee theconfidentiality of information transmitted over public networks or third-party providers, even if encryption is enabled. For sensitive customer inquiries, RBS recommends contacting them by phone or email.

If a user uses the email addresses or contact forms published on the RBS website, RBS is explicitly authorized to respond using the same method to the sender’s address.

Google Analytics and AdSense

‍RBS uses Google Analytics, a web analytics service provided by Google, which allows the analysis of user behaviour. RBS also uses Google AdSense, which tracks user behaviour to serve personalized ads.

Google Analytics places a cookie in the browser for the duration of a session and for 30 minutes after the session ends. This enables RBS to analyse website usage and deliver personalized ad campaigns that may last between six months and two years. Under no circumstances will Google link personal data with its own data for other purposes. Anonymized personal data, including the IP address, is transmitted to a server in the United States and may be shared with subcontractors, unless the user opts out of data processing by rejecting the cookie. In that case, not all functions of the RBS website may be fully available.

Google AdSense also places a cookie in the browser that collects information about the websites visited by the user and their interactions with ads.

More information about user’s privacy rights when using the RBS website with Google Analytics and Google AdSense can be found at:

https://policies.google.com/privacy

Facebook Pixel
‍
RBS uses Facebook Pixel on the RBS websites, a tracking technology provided by Meta Platforms which tracks user behaviour to serve personalized ads.

Facebook Pixel places a cookie in user’s browser which collects information about the websites the user visited and user’s interaction with UI elements and ads.

For more information on user’s right to privacy when using our website with the Facebook Pixel please refer to:
‍
https://www.facebook.com/privacy/policies/cookies/

Hubspot

RBS various Hubspot services on our websites which allow us to track user behavior for statistical and marketing purposes.

Hubspot places various cookies in user’s browser by default which collect information about the websites the user visited and user’s interaction with UI elements and ads.

For more information on user’s right to privacy when using our website with Hubspot please refer to:

https://legal.hubspot.com/privacy-policyIntercom
‍
Intercom
‍
The RBS website uses the Intercom plugin for embedding its customer support widget and chatbot to the RBS Website.

Intercom places various cookies in user’s browser by default which collect information about user’s interaction with UI elements on the RBS website.

If the user interacts with the chatbot, the information provided (e.g. name, email) is collected and processed by Intercom to provide customer service.

For more information on user’s right to privacy when using the RBS website with the Intercom plugin please refer to:
‍
https://www.intercom.com/legal/privacyYouTube
‍
Youtube
‍
The RBS website uses YouTube, a Google plugin, to embed its video-sharing service.
When a user accesses an RBS website page with an embedded video, the IP address and visited pages are transmitted to Google and transferred to a server in the USA (RBS uses the plugin’s “enhanced privacy mode” option). If the user is logged into their YouTube account, data about their use of the RBS website is shared via Google’s DoubleClick network to create or expand an existing profile. Users can prevent this by logging out of their account. When a user clicks on the embedded video, additional cookies are placed that collect and share further data about plugin use to analyse video usage and optimize the user experience. No personal data is shared unless the above functions are used.

More information about data protection when using the RBS website with the YouTube plugin is available at:

https://policies.google.com/privacy
‍
Social Plugins / Logins

The RBS website and RBS web/mobile app use social plugins/logins embedded as UI elements (e.g., buttons, login fields) linking to services such as Google, Apple, Microsoft, Facebook, Instagram, LinkedIn, and X (formerly Twitter). No personal data is shared unless the function is actively used.

More information about data protection when using the RBS website with social plugins/logins can be found in the respective privacy policies of those providers.

Third parties

‍RBS is entitled to share information with affiliated companies and business partners to offer certain products, services, or promotions, and in connection with or during negotiations for a merger, sale of company assets, financing, or acquisition of all or part of the company by another entity.

To deliver its services, RBS may share or disclose personal data with third-party providers, subcontractors, and agents (collectively “Third Parties”) in Switzerland, the EU/EEA, or non-EU countries, who perform services for or on behalf of RBS and need access to such information for that purpose.

Examples include (but are not limited to): payment processing, document printing and dispatch, cloud platforms, backup and hosting services, or other support functions including customer service and marketing activities.
These third parties are contractually obligated to use personal data solely in connection with the services they provide to RBS. They are bound by contracts offering the same level of protection as outlined in this policy and other applicable regulations.

They must also take appropriate security and confidentiality measures and process personal data only according to RBS instructions. These obligations must also be passed on to their own subcontractors.
If services are exceptionally outsourced to a provider outside the EU/EEA, RBS will disclose this in accordance with applicable legal requirements where necessary.

Unless otherwise stated in this policy, RBS does not share, sell, rent, or trade user information with other third parties for advertising purposes. However, RBS may allow selected third-party providers to use tracking technologies in their services, enabling them to collect data on how users interact with those services over time.

For more information about how personal data is processed by third parties, please refer to the privacy policies of the respective third-party providers.Data Protection Risks
‍