Data protection declaration.

Effective July 1, 2020

In this data protection declaration, we tell you how and for what purpose we collect, process and use your personal data. This data protection declaration is based on the European data protection regulation (GDPR).

This data protection declaration may be adapted over time, in particular if we modify our data processing or if new legal provisions become applicable.

1. Person responsible for data processing

For data processing according to this data protection declaration, it is PowerMeals SA, company having its registered office located at place de Longemalle 1, 1204 Geneva, Switzerland (hereinafter “we” or “PowerMeals”).

If you have any questions regarding this data protection declaration or the processing of your personal data, please do not hesitate to contact us:

PowerMeals SA,
place de Longemalle 1,
CH 1204 Geneva
– +41 (0) 22.789.60.60

2. Scope of application

Our data processing primarily concerns our customers, but also other people whose personal data we process. This data protection declaration applies to the activity deployed on our website https://powermeals.ch and in our electronic applications (hereinafter: platforms). This data protection declaration applies to the processing of personal data already collected and those that will be collected in the future.

This privacy statement does not apply if another company is responsible for processing certain data. Another company may, for example, be responsible, alone or with us, for the processing of certain data when you visit our social media presentations (e.g. Facebook Fanpages) or if you interact with plugins integrated into our websites (e.g. . the secure online payment platform Stripe), when you visit a third party website to which we have established a link, or when we transmit personal data to third parties such as the authorities. In these cases, please consult the privacy statement of the company concerned, which you can usually find on its website.

3. Definition

Data protection law regulates the processing of personal data. This also applies to this data protection declaration. “Personal data” is all data that can be associated with a natural or legal person. The term “processing” refers to all of the handling of your personal data.

4. Processing and use of personal data

We use personal data to facilitate business relationships with our customers, to comply with our financial regulatory and other legal obligations, and to serve our legitimate business interests. We also use this personal knowledge to process payments and provide payment related services to our customers.

4.1 Use for legitimate commercial purposes

– Contractual and pre-contractual commercial relations. We use personal data in order to establish commercial relations with potential customers, and to fulfill our contractual obligations within the framework of contracts concluded with our customers. The activities we carry out in this context include:
o the creation and management of customer accounts and identifiers for these accounts, including the evaluation of applications to start or expand the use of our services;
o when purchasing goods and using the services, when taking out a subscription and when concluding orders and contracts, for deliveries and invoicing;
o accounting, auditing and billing activities; and
o processing payments with Stripe, communications concerning these payments and the associated customer service.

– Compliance with laws and regulations. We use personal data to verify the identity of our customers in order to fulfill our obligations to monitor, prevent and detect fraud, to comply with the laws related to the identification and reporting of illegal and illicit activities (fight against money laundering and rules relating to “the obligation to know your client” or “KYC”, for example), and to fulfill our financial reporting obligations.
– Legitimate commercial interests. The processing of your personal data is guided by our legitimate business interests. The following list identifies business interests that we consider to be legitimate. In order to define the content of this list, we have weighed our interests against the legitimate interests and rights of the individuals whose personal data we process. Our interests are:
o Ensure the follow-up and traceability of our products with customers placing orders on our platforms;
o monitor, detect and prevent fraud and unauthorized payments;
o reduce financial losses, guard against complaints, reduce liability or other damages suffered by customers;
o respond to requests, send memos and provide customer service;
o promote, analyze, modify and improve our products, systems and tools, and develop new products and services;
o manage, operate and improve the performance of our platforms by learning about their performance and optimizing our digital assets;
o analyze and promote our products and services;
o perform global analyzes and develop a commercial intelligence in order to continue and protect our activity, make informed decisions and generate performance reports on our activity;
o share personal data with third party providers who provide services on our behalf and business partners who help us to continue and improve our business;
o ensuring network and information security across PowerMeals and our services; and

4.2 Use for marketing and event communication purposes

We may send you email marketing communications about PowerMeals products and services, invite you to participate in events or surveys, or communicate with you for business purposes, provided you have obtained your consent in accordance with Swiss law. When we collect your business contact information through our participation in a trade show or other event, we may use this information to communicate with you about this event, to send you the information you requested about our products, and our services and, with your permission, to include you in our marketing campaigns.

4.3 Use for online advertising targeting purposes

When you consult our platforms, we, but also certain third parties, collect information concerning your online activities over time and on different sites, in order to offer you advertisements on products and services corresponding to your areas of interest (this type of advertising is called “advertising targeting”). These third parties may place or identify a unique cookie or any other technology on your browser (including through the use of invisible pixels or pixel tags). When required by law, we will obtain your consent before we process your information for advertising targeting.

Because we participate in various ad networks, you may see our advertisements displayed on third party websites or mobile applications. These advertising networks allow us to distribute our messages in a targeted manner based on several factors, including demographic data, supposed interests of users as well as the browsing context (for example, the date and time you have accessed our Sites, the pages viewed and the links you have clicked on). This technology also helps us to assess the relevance of our marketing efforts and to determine if you have seen one of our advertisements.

We work with Google AdWords, Doubleclick, AdRoll and other ad networks. If you want to know how not to receive or see targeted advertising from companies that are members of the Network Advertising Initiative network, visit the Network Advertising Initiative and Digital Advertising Alliance. To opt out of these types of ads, you can download the AppChoices app. By opting out of ad targeting, you may see advertisements that you are not interested in or that do not concern you. As there are currently no standards for recognizing Do Not Track (DNT) signals in a browser, we are unable to take this into account.

5. Disclosure of personal data.

We do not sell or make your personal data available to marketing professionals or unaffiliated third parties. We share your personal data only with trusted entities, as set out below.
a. Intra-group communication. We share personal data with other group companies so that you can benefit from our services and for internal administrative management purposes.

b. Service providers. We share personal data with a limited number of our service providers. We work with various service providers to provide you with certain services on our behalf, including payment services, identity verification, web hosting, data analysis, information technology provision and others related infrastructure, customer service, email distribution and audit. These service providers may need to access personal data to provide these services to you. We authorize these service providers to use or disclose personal data only when it is necessary for the provision of services on our behalf or when required by law. We require these third party partners to formally agree to protect the security and confidentiality of the personal data they process on our behalf. The majority of our service providers are in the European Union or the United States of America.

vs. Commercial Partners. We share personal data with our third party business partners when necessary to enable us to provide our services to our customers.

d. Our customers and third parties to which our customers have given their agreement. We share personal data with customers when it is necessary to maintain a customer account and for the purposes of providing our services. We share data with parties to whom a client has granted direct sharing permission.

e. Business transactions. When we conclude or seek to conclude a transaction which modifies the structure of our company, as in the case of a restructuring, merger, sale, joint venture, transfer, transfer, change of control or any other alienation of our company , our capital or our actions, in whole or in part, we may share personal data with third parties in order to facilitate and execute the transaction.

f. Compliance and prevention of harm. We share personal data when we believe it is necessary: ​​(i) to comply with applicable law or applicable payment rules; (ii) to enforce our contractual rights; (iii) to protect the rights, privacy, security and property of PowerMeals or third parties or yours; and (iv) to satisfy requests which may come from a court, law enforcement agency, regulatory authority or any other public and governmental authority, which may include an authority located outside your country of residence

6. International data transfer

Personal data may be stored and processed in any country where we are active or where we work with service providers. We may transfer personal data about you in our possession to recipients located in countries other than the country where it was first collected, including the United States. These countries may have data protection rules different from those in force in your country. However, we will take steps to ensure that these transfers comply with applicable data protection laws and that your personal data remains protected in accordance with the standards described in this data protection statement. In certain circumstances, courts, law enforcement, regulatory or security authorities in these countries may have the right to access your Personal Data.

In this regard, we ensure that third parties located outside of Switzerland or the European Union comply with the laws in force in order to allow you to benefit from an adequate level of data protection when transferring your personal data. personnel to the United States by ensuring that these recipients are subject to the American Privacy Shield program.

7. Data protection

We strive to maintain a level of security adapted to the risk associated with the processing of personal data. Within the company, we take organizational, technical and administrative measures to prevent illicit access to your personal data, as well as their destruction, loss, alteration or hijacking. Only employees who need access to your personal data to carry out their professional tasks will have access to it. Unfortunately, there is no way to guarantee that any data storage or transmission system is 100% secure. If you have reason to believe that your interactions with us are no longer secure (for example, if you believe that the security of your account is compromised), please contact us immediately.

If you are a customer, we keep your personal data for the duration of the service contract which binds us to you. We keep your personal data after we stop providing services to you, even if you choose to close your account, to the extent necessary to comply with our legal and regulatory obligations and for fraud surveillance, prevention and detection purposes. We also keep your personal data in order to comply with our tax, accounting and financial obligations, when our contractual commitments to our financial partners require us to do so. When we store data, we do so in accordance with the limitation periods in force and the storage obligations prescribed by applicable law which for certain data in Switzerland is 10 years.

8. Your rights regarding the processing of personal data

You have the right to object to the processing of your data when we process your personal data on the basis of legitimate interest. You can also object at any time to the processing of data relating to direct advertising (e.g. advertising e-mails). If the required conditions are met and no legal exception applies, you also have the following rights:

– Right to information: you have the right to transparent, clear, comprehensible and exhaustive information on the way in which we process your personal data and on the rights which you benefit in this context. This is the aim pursued by this data protection declaration. Do not hesitate to contact us for any additional information.

– Right to communicate data concerning you: you have the right to request free information at any time on the entirety of the data saved with us which concerns you. You therefore have the possibility of checking which personal data concerning you we process. In isolated cases, the right to information may be restricted or excluded, particularly if there are doubts as to identity or if this is necessary for the protection of others.

– Right to rectification: you have the right to have inaccurate or incomplete personal data corrected or completed and to be informed of this rectification.

– Right to erasure: you have the right to demand the deletion of your personal data when they are no longer necessary for the purposes pursued, that you revoke your authorization or that you have opposed the processing, or when ‘they are treated unlawfully. In isolated cases, the right of erasure can be excluded, in particular when the processing is necessary for the exercise of freedom of expression or to assert legal rights.

– Right to restriction of processing: under certain conditions, you have the right to request that the processing of your personal data be limited. This could for example mean that personal data is no longer (until further notice) processed or that published personal data is (until further notice) deleted from a website.

– Right to data portability: you have the right to receive from us personal data that you have made available to us in a structured, customary and machine-readable format, insofar as the concrete processing of data is based on your authorization or is necessary for the performance of a contract, and that the processing takes place via automated processes.

– Right of revocation: to the extent that we process your personal data on the basis of an authorization, you have the right to revoke your authorization at any time. Revocation only applies in the future; processing activities based on your consent in the past will not become illegal as a result of your revocation.

Finally, you can lodge a complaint with a responsible supervisory authority concerning the type and method of processing of your personal data, if you consider that the processing of the data is contrary to the legislation in force. The competent supervisory authority in Switzerland is the Federal Data Protection and Transparency Officer (PFPDT) – https://www.edoeb.admin.ch/edoeb/fr/home.html.

9. Use by minors.

Our services are not intended for minors and we ask them not to submit personal data to us through our platforms.

10. Contact us

For any questions, please contact our data protection department, by phone on +41 (0) 22.789.60.60 or by email at .