Privacy Policy

As at: December 2020

1. General information – Who processes your data?

Goldbach neXT AG supports the subsidiaries of Goldbach Group Ltd (hereinafter collectively 'Goldbach') from the evaluation through to the implementation, training and maintenance of all digital advertising technologies. No matter if these are SSP or DSP, ad servers, order entry systems or reporting tools. Goldbach neXT AG is responsible for and develops the central data management, target group, user-centred, and cross-media product development and offers planning, scheduling, ad management and programmatic buying in the area of digital media channels as an internal service provider for all entities of Goldbach Group Ltd.

Goldbach neXT collects and processes data as a data processor on behalf of the Goldbach subsidiaries. Our clients have privacy policies in which they provide information on the legal basis and purposes of the data collection, data security and your options as a user. In this Privacy Policy, when we refer to the processing of your personal data, we mean any handling of your personal data on behalf of the Goldbach subsidiaries. This could include gathering, storing, administering, using, transferring, disclosing, as well as deleting your personal data.

Protection of personal data is of particular concern to Goldbach neXT. We believe that secure, protected and respectful procedures in dealing with user information are essential for the success of our company and the growth and viability of the Internet as a whole. We are a member of IAB Europe, the professional association of the European digital and interactive marketing industry (‘IAB’).

The Goldbach Group is a registered member of the IAB Transparency and Consent Framework 2.0 (Vendor ID 580) and adheres to the guidelines specified for the same. IAB TCF 2.0 is an industry standard that enables all digital market participants (publishers, advertisers, technology service providers, etc.) to inform end users about the processing of their personal data and to give them the option to consent or object to it. See Section 11 for further information.

We only process your personal data (hereinafter ‘data’) in accordance with and on the basis of the statutory provisions of Switzerland’s Bundesgesetz über den Datenschutz vom 19. Juni 1992, SR 231.1 (Federal Act on Data Protection of 19 June 1992, hereinafter ‘DSG’) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter ‘GDPR’).

2. When do we process your data?

We process your data whenever we are in contact with your end device. This may be the case if you

  • use a website or app marketed by Goldbach,
  • use the HbbTV and CTV features of your smart TV on a TV channel marketed by Goldbach; or
  • interact with a DOOH screen (digital billboard) marketed by Goldbach.
3. What data do we process?

The data we collect is not intended to identify you with your name, address, etc., as this is not necessary for the purpose of personalised advertising. On the contrary: The data collected about you (see below) is assigned to an identification number on your end device – i.e. your mobile phone, tablet, smart TV, etc. Therefore, the data collected is so-called pseudonymous data and as such cannot easily be attributed to a person.

The following information may be the subject of our data collection

  • Device IDs (device identifiers, IP addresses, hashed e-mail addresses)
  • Information about your use of the online platforms marketed by Goldbach (websites, mobile apps, CTV/HbbTV apps, DOOH screens)
  • Geolocation data (only with your consent)
  • Based on the information we collect about your use of the online platforms marketed by us, we create interest profiles. However, these are still assigned to a pseudonymous device ID.
  • The privacy settings configured by you (opt-in, opt-out) – so that we know which parts of your data we may process for which purposes and which we may not
4. For what purposes do we process your data?

The purposes for which your data is processed are determined by our clients (see Section 1). In addition to the primary purpose of delivering to your end device use-based advertising that is relevant to you, this also includes the following purposes:

  • Reporting to Goldbach advertising customers – We process data in order to demonstrate to Goldbach customers how advertising recipients have interacted with their advertising media (qualitatively and quantitatively).
  • Frequency capping – we process data so that you do not have to view the same advertisement too often
  • Combatting ad fraud – We process data to combat unfair activities of participants in the advertising industry
  • We also process data for market research purposes
5. With whom do we share the data?

We (Goldbach neXT) process your data as contractors of Goldbach – i.e. the Goldbach subsidiaries, which engage us to process your data for the purposes specified by them. The Goldbach subsidiaries are jointly responsible for the processing of data under data protection law. Therefore, they are the recipients of the data and have control of it.

In addition, we use sub-service providers to provide our services. Although they may have access to some of the data, they may only process it in accordance with our instructions. It is contractually stipulated that, inter alia, they may not under any circumstances process data they receive from us for their own purposes. More information on our sub-service providers can be found below in Clause 5.1.

Should another company acquire all or essentially all of the assets of our company due to consolidation, merger, acquisition of assets or other transactions, we retain the right to transfer to the purchasing party all data (including personal data) that is in our possession or administered by us.

Finally, it is possible that an advertising customer of the Goldbach subsidiaries will place additional tags on its advertising materials that enable it to collect data when these materials are delivered. However, this does not constitute a disclosure of data collected by Goldbach. The advertiser itself is responsible for this data-collecting operation. Moreover, Goldbach cannot affect the use of such tags, nor is Goldbach involved in the technically successful implementation of these tags. Should this happen, the advertising customer will be identified on the Consent Management Platform of the publisher whose website the advertisement is posted on, and you can object to this data collection. Goldbach works exclusively with advertisers that are registered in the IAB Transparency and Consent Framework.

5.1. Our sub-service providers

We use technical sub-service providers in performing our tasks. A list of our sub-service providers can be found here.

To the extent the companies listed in the above link process data on behalf of Goldbach neXT, each of them has concluded a data processor agreement with us. This type of agreement ensures that the provider processes the personal data transferred to it only in accordance with our instructions and not for its own purposes and that the provider takes appropriate technical and organisational measures to ensure your data is protected as required by law. Should a service provider be located in a country that does not guarantee an equivalent standard of data protection as Switzerland or the EU, we shall conclude additional agreements with them (e.g. EU standard contractual clauses) and require them to take further technical and organisational security measures (e.g. encrypted data transmission and storage or the duty to provide information in the event of disclosure of the data to the authorities). The detailed privacy policies of the providers can be found in the above link.

6. How do we collect your data?

Your data is collected in particular using cookie technology or, in the case of mobile and HbbTV apps, for example, via API interfaces. Cookies are placed on your device by us or our sub-service providers.

6.1. What are cookies?

Cookies are small text files that a browser places on the hard drive of the device used by a visitor to a website or app (hereinafter ‘user’), where they are stored for data collection purposes. When you as a user visit a website marketed by Goldbach, our systems or the automated systems of our service providers (e.g. ad servers, data management platforms) utilise cookies to collect usage data regarding your visit to this website and may use third-party cookies beyond the specific domain, as well. These text files may contain information that can be read again at a later date.

First-party cookies are cookies that are associated with a particular domain (e.g. a website). Only this domain can write information in the cookie and read it again at a later date. First-party cookies are primarily used to provide users with a better, faster browsing experience on a website, as, e.g. certain settings configured by the user are stored in the cookie and do not need to be entered every time the user re-visits the site.

Third-party cookies are cookies that originate from a domain other than that of the website. Third-party cookies are generally used by our technology service providers or advertising customers (see above). Since advertising customers ('advertisers') normally wish to run their advertising campaigns across multiple domains or websites, third-party cookies enable them to recognise users on different domains and to store information in the third-party cookie. Should a user visit a website, for instance, the service provider that supplies an advert will place a third-party cookie on the user’s computer. The cookie can be used to track user data such as site visits and duration. Should the user later visit another website which contains an advert from the same advertising network, the same cookie will be used even though it comes from a different website, as the third-party supplier is the same in this situation. This means that the advertising network can follow the user beyond the limits of the domain and deliver targeted advertising to them.

Depending on the type and purpose of the cookies, the length of time for which they remain on your end device may be limited to the duration of your visit to the website or may extend over up to 6 months.

6.2. Your handling of cookies

You can delete cookies at any time through the settings in your web browser. You can also change the settings of your web browser and block all cookies. However, because cookies are also used for the purpose of website functionality, blocking them from your web browser can restrict your usage of different websites.

With all operators of online platforms that participate in the IAB Transparency and Consent Framework (TCF), including the Goldbach website, you will find something called a Consent Management Platform. This is a control interface, usually in the form of a (cookie) banner, in which you can configure your privacy settings. Here you can view, allow or prohibit the use of (first-party and third-party) cookies for various purposes. All Framework participants, including Goldbach, will comply with your settings.

Please note that the storage of the privacy settings you have configured as described above may be based on cookie technology (this varies from one online portal operator to another). For users who use multiple computers or browsers, this means that cookies must be deactivated for each computer and browser. When users switch computers or delete cookies from their computers, they must repeat the deactivation process.

6.3. API interfaces

An API interface is a programming interface that allows one software application to communicate with another one. Specifically, this means that information about the use of, e.g. a mobile or HbbTV app via this type of interface may be received by our suppliers that process information on our behalf for the above-mentioned purposes.

As a rule, you can control the extent of data collection via the API interface within the app, similar to a Consent Management Platform on websites (see above).

7. How long do we retain data?

We retain your personal data for as long as we consider necessary or prudent for compliance with applicable legislation or as long as it is required for the purposes for which it was gathered. We delete your personal data as soon as it is no longer required and always upon expiry of the maximum retention period mandated by statutory provisions.

8. How do we protect your personal data?

Goldbach and our service providers have technical and organisational security procedures in place to ensure the security of your personal data and to protect your session data and personal data against unauthorised or unlawful processing and/or against unintended loss, alteration, publication or access.

9. You have control of the scope of the processing of your data and a right to trans-parency

The Goldbach Group is a registered member of the IAB Transparency and Consent Framework 2.0 (Vendor ID 580) and adheres to the guidelines specified for the same. IAB TCF 2.0 is an industry standard that enables all digital market participants (publishers, advertisers, technology service providers, etc.) to inform end users about the processing of their personal data and to give them the option to consent or object to it. With all operators of online platforms that participate in the Framework, you will find a Consent Management Platform. This is a control interface, usually in the form of a cookie or privacy centre, in which you can configure your privacy settings. If we process your data on behalf of the Goldbach companies, you will find us again on the Consent Management Platform of the websites, mobile and HbbTV apps, etc. marketed by Goldbach. Goldbach and all other Framework participants will comply with the settings you have configured there.

At your request, we will provide you free of charge with information concerning your personal data stored with us. As a rule, the information is provided electronically (via e-mail). Our contact details can be found at the end of this Privacy Policy.

10. Changes to this Privacy Policy

We reserve the right to make changes to this Privacy Policy by publishing an updated version on this site. The date on which the current Privacy Policy was published will always be displayed at the top of this page. Any changes to this Privacy Policy will be made in accordance with applicable (data protection) legislation.

11. Contact

Should you have questions, concerns or comments regarding the processing of your personal data or this Privacy Policy, please contact us by email or post at:

Goldbach neXT AG
Seestrasse 39
8700 Küsnacht
Switzerland
E-mail: [email protected]

If you contact us using a form on the website or by email, we will store the details you enter for the purposes of processing your query and in the event of follow-up questions, for a period of six months. We will not disclose this data without your consent.

Data Protection Officer:
Christian Rakowski
Goldbach neXT AG
Seestrasse 39
CH-8700 Küsnacht
Switzerland

[email protected]