Politica de Privacidade

1. Introduction

Radity GmbH ("we", "us", "our"), located at Holbeinstrasse 31, 8008 Zurich, Switzerland, operates the Zeitron platform (the "Service"). We are committed to protecting your personal data and respecting your privacy in accordance with the Swiss Federal Act on Data Protection (FADP), the European General Data Protection Regulation (GDPR), and other applicable data protection legislation.

This Privacy Policy explains what personal data we collect, why we collect it, how we use and store it, and what rights you have regarding your data. By using our Service, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller responsible for your personal data is:

3. Data We Collect

We collect and process the following categories of personal data:

3.1 Account Information

When you create an account, we collect your name, email address, company name, job title, and password. If you sign up through a third-party authentication provider (such as Google or Microsoft), we receive your name and email address from that provider.

3.2 Usage Data

We automatically collect information about how you interact with our Service, including pages visited, features used, timestamps, browser type, operating system, device type, and IP address. This data helps us improve the Service and diagnose technical issues.

3.3 Time Tracking and HR Data

When you use Zeitron's core features, we process time entries, leave requests, project assignments, department structures, and related workforce management data that you or your organization's administrators enter into the system.

3.4 Payment Information

If you subscribe to a paid plan, our payment processor collects your billing address and payment card details. We do not store full credit card numbers on our servers. We receive only a truncated card number, card type, and expiration date for record-keeping purposes.

3.5 Communication Data

When you contact us via email, the contact form, or in-app chat, we collect the content of your messages along with your name and email address so we can respond to your inquiry.

4. How We Use Your Data

We use your personal data for the following purposes:

• Service delivery: To provide, maintain, and improve the Zeitron platform and its features.
• Account management: To create and manage your user account, authenticate your identity, and process subscription payments.
• Communication: To respond to your support requests, send service-related notifications (such as maintenance windows or security alerts), and, with your consent, send marketing communications.
• Analytics and improvement: To analyze usage patterns, identify bugs, and improve the user experience.
• Legal compliance: To comply with applicable laws, regulations, and legal processes.
• Security: To detect, prevent, and address fraud, abuse, and security incidents.

5. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds under the GDPR:

• Contract performance (Art. 6(1)(b) GDPR): Processing necessary to provide the Service you have subscribed to.
• Legitimate interest (Art. 6(1)(f) GDPR): Processing necessary for our legitimate business interests, such as improving the Service, ensuring security, and conducting analytics, provided these interests do not override your rights.
• Consent (Art. 6(1)(a) GDPR): Where you have given explicit consent, such as for marketing emails. You may withdraw your consent at any time.
• Legal obligation (Art. 6(1)(c) GDPR): Processing necessary to comply with applicable legal requirements.

6. Data Storage and Retention

Your data is stored on servers located within the European Economic Area (EEA) and Switzerland. We use industry-standard encryption in transit (TLS 1.2+) and at rest (AES-256) to protect your data.

We retain your personal data for as long as your account is active or as needed to provide the Service. After account termination, we retain data for a maximum of 90 days to allow for account recovery, after which it is permanently deleted. Certain data may be retained longer where required by law (for example, financial records may be kept for up to 10 years under Swiss commercial law).

7. Cookies and Tracking Technologies

We use cookies and similar technologies on our website and within the Service:

• Essential cookies: Required for the Service to function (session management, authentication, security). These cannot be disabled.
• Analytics cookies: Help us understand how visitors use our website (e.g., Google Analytics). These are only set with your consent.
• Preference cookies: Remember your settings, such as language preference and theme selection.

You can manage your cookie preferences through our cookie consent banner or your browser settings. Disabling non-essential cookies will not affect the core functionality of the Service.

8. Third-Party Services

We share personal data with the following categories of third-party service providers, each bound by data processing agreements:

• Cloud hosting: Infrastructure providers that host our servers and databases within the EEA/Switzerland.
• Payment processing: Payment service providers that handle subscription billing securely.
• Analytics: Services that help us understand product usage and website traffic.
• Email delivery: Transactional email services for account notifications and communications.
• Customer support: Help desk and chat tools used to manage support inquiries.

We do not sell your personal data to third parties. We do not share your data with third parties for their own marketing purposes.

9. International Data Transfers

Where data is transferred outside the EEA or Switzerland, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission or reliance on an adequacy decision. We assess the data protection laws of recipient countries and implement supplementary measures where necessary.

10. Your Rights

Under the GDPR and Swiss data protection law, you have the following rights regarding your personal data:

• Right of access: You may request a copy of the personal data we hold about you.
• Right to rectification: You may request correction of inaccurate or incomplete data.
• Right to erasure ("right to be forgotten"): You may request deletion of your personal data, subject to legal retention obligations.
• Right to restriction of processing: You may request that we limit the processing of your data in certain circumstances.
• Right to data portability: You may request your data in a structured, commonly used, machine-readable format (such as JSON or CSV) and have it transmitted to another controller.
• Right to object: You may object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at privacy@zeitron.io. We will respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with a supervisory authority, including the Swiss Federal Data Protection and Information Commissioner (FDPIC).

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security audits, and employee training. While we strive to protect your data, no method of transmission or storage is 100% secure. We encourage you to use strong passwords and enable two-factor authentication on your account.

12. Children's Privacy

Our Service is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child under 16, we will take steps to delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by email. The "Last updated" date at the top of this page indicates when this policy was most recently revised.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us: