Privacy Policy

This website was created and published by Datatrans Ltd with its registered office in Switzerland, Kreuzbühlstrasse 26,8008 Zurich, registered in the Commercial Register of the Canton of Zurich under the number CHE-100.847.043. Accordingly, we are responsible for the collection, processing and use of your personal data in accordance with the law. We are committed to the responsible handling of your personal data. We therefore consider it a matter of course to comply with the legal requirements of the Swiss Federal Data Protection Act (FDPA), the Ordinance on the Federal Data Protection Act (OFDPA) and the General Data Protection Regulation of the European Union (GDPR). In the following we would like to inform you how we treat your personal data. Please note that the following information may be checked and changed from time to time. We therefore recommend that you consult this Privacy Policy on a regular basis.

Scope and purpose of the collection, processing and use of personal data

When you visit our website

When you visit our website, our servers temporarilystore each access in a log file. The following data is collected and stored,without any action on your part, until it is automatically deleted after twelvemonths at the latest:

This data is collected and processed for the purpose of allowing the use of our website (establishing a connection),ensuring system security and stability in the long term and allowing ourInternet offering to be optimized, as well as for internal statistical purposes. The aforementioned information is not linked to or stored with personal data. Only in the event of an attack on the website’s network infrastructure or in case of a suspicion of unauthorized or abusive use of the website, the IP address will be evaluated for clarification and defence purposesand, if necessary, used for identification purposes in criminal proceedings and for civil and criminal proceedings against the users concerned. The purposes described above, constitute our legitimate interest in data processing withinthe meaning of Art. 6 para. 1 lit. f GDPR.

When using the contact form

If you contact us using the contact form on thewebsite, we collect the following information from you:

The fields marked with a * are mandatory. We use this data to answer your questions or provide the services you require and, if necessary, to contact you by telephone. The telephone number is never used for marketing purposes. The processing of your contact request is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. You can object to this data processing at any time (contact details see below).

When signing up for the PCI Proxy Dashboard

You can sign up on the PCI Proxy Dashboard for a 30-day free trial account. You must provide the following information when registering:

The e-mail address and all other personal data you provide in connection with the trial account will be used solely to provide you with the PCI proxy test environment and related functionalities. At the end of the trial period, we will contact you to learn more about your experience with our service. The processing of your personal data is required for the performance of a contract pursuant to Art. 6 Abs. 1 lit. b GDPR. You can object to this data processingat any time (contact details see below).

When using the chat function

On the website we offer a chat function. Users canuse the chat mask to contact us and ask questions about website functions andproducts. You are responsible for the messages or content you transmit to usvia the chat function. We recommend that you do not submit sensitiveinformation via the chat function. Apart fromthe IP address, Personal data is onlycollected if you voluntarily provide us with your personal data in the chat. Itis therefore up to you to decide what information you provide us with. In orderto answer your chat questions, we may request additional information from you,such as your e-mail address, telephone number, etc. We will only collect thosepersonal data from you that are necessary to answer your questions or toprovide the services you require. In connection with the chat function we workwith the service Chatlio of GATESHARE LLC DBA CHATLIO, 1329 N 47TH ST #31231,SEATTLE, WA 98103, USA. Information on the handling of user datacan be found in the corresponding privacy policy.

The Chatlio service is also connected to the Slackservice, which is why corresponding chat data is also forwarded to SlackTechnologies, 155 5th Street, 6th Floor, San Francisco, CA 94103, USA. Ourlegitimate interest in the sense of Art. 6 para. 1 lit. f GDPR consists of theprocessing of your chat request or message. You can object to this dataprocessing at any time (contact details see below).

Disclosure of data to third parties

We will only pass on your personal data if you have given your express consent, if there is a legal obligation to do so, or if itis necessary for the enforcement of our rights, in particular to assert claims arising out of the contractual relationship. In addition, we will pass on your data to third parties as far as it is necessary for the use of the website and the execution of the contract, namely the provision of the services you require and the analysis of your user behaviour. The use of the data forwarded for this purpose by third parties is strictly limited to the stated purposes.

The operation of the PCI Proxy website and the servers are hosted by Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103 in the USA. We have concluded a Data Processing Agreement with Webflow pursuant to Art. 28DSGVO and in connection with the revised EU standard contract clauses datedJune 4, 2021. Further information about Webflow’s privacy policy can be found here.

Transmission of personal data abroad

We are entitled to pass your data on to third-party companies abroad if this is necessary in connection with the processing of your queries, the provision of services or marketing campaigns. These third-party companies are obliged to protect the privacy of users to the same extent as the provider itself. If the standard of data protection in a country is deemed tobe unacceptable by Swiss standards or in respect of the EU General Data Protection Regulation, we shall use a contract to ensure that your personal data is protected at all times in accordance with Swiss legislation and the EU General Data Protection Regulation.


Among other things, cookies help us to make your visit to our website easier, more pleasant and more meaningful. Cookies are information files that your web browser automatically stores on your computer’s hard drive when you visit our website. Cookies neither damage the hard disk ofyour computer nor do they transmit your personal data to us.

Deactivating cookies via the Cookie Banner may prevent you from using the full range of features and functions of our portal such assubmitting contact forms or easily chatting with us.

We currently embed services from third party websites to provide extra functionality. Third-party cookies are cookies created by a website other than the one you are currently visiting.

We use Cookiebot services that are provided by CybotA/S, Havnegade 39, 1058 Kopenhagen, Denmark. Cookiebot allows us to place acookie banner on our website to inform you about the use of cookies and torequest your consent to the use of cookies. In association with the use ofthese functions, both personal and non-personal data will be provided to andprocessed by Cybot pursuant to their Privacy Policy.

Google Analytics

For the purposes of needs-based design and thecontinuous optimization of our pages, we use the web analysis service GoogleAnalytics. In this respect, pseudonymized user profiles are created and smalltext files (‘cookies’) stored on your computer and used. Information generatedby the cookie about your use of this website, such as:

is sent to servers of Google Inc., a copany of the holding company Alphabet Inc., in the US and stored there. As part of this, before this data is sent within the member states of the European Union or other states that are party to the agreement on the European Economic Area and Switzerland, the IP address is truncated through this website’s IP anonymisation (‘anonymizeIP’). The anonymised IP address transmitted by your browser in the context of Google Analytics is not consolidated with other data from Google. The entire IP address is sent to a Google server in the US and truncated there only in exceptional cases. In these case, we ensure by contractual means that Google Inc. observes a sufficient level of privacy protection.


In connection with Google Analytics, the Datatrans website uses the Leadfeeder service being provided by Leadfeeder, Mikonkatu 17 C, 00100 Helsinki, Finland. Leadfeeder enriches the data from Google Analytics. The data that is collected and used by Leadfeeder to link the IP-addresses that have visited our website with information that can be found in the Internet associated with these IP-addresses. Due to the truncation of the visitors’ IP addresses, we cannot link a visitor to a particular person. A reference to a person can only be guessed by manually reviewing the linked company information (Leadfeeder Privacy Policy).

Processing of customer data

We collect information about our customers. In particular, we record the contact details of the contact persons at these customers. The customer data is either stored on paper or in digital form in the HubSpot CRM, a CRM service from HubSpot Inc., USA. HubSpot is a US company with a subsidiary in Ireland (HubSpot, 2nd Floor, 30 North Wall Quay, Dublin 1, Ireland). HubSpot participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework. More information can be found in the terms of service and the privacy policies of Hubspot Inc., accordingly under http://www.hubspot.com/terms-of-service and http://www.hubspot.com/privacy-policy.

The data stored in the HubSpot CRM system is generally used to manage the customer relationship, for the customer history, for lead management for billing of operational services, for automated customer information, for alerting customers in the event of technical problems or necessary technical adjustments, and in some cases also for inviting customers to technical occasions or events. The legal basis for the processing of your data for these purposes lies in the fulfilment of a contract according to Art. 6 para. 1 lit. b GDPR.


We use MailChimp to inform our clients aboutour services and technical issues. MailChimp is a service provided by TheRocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA.The data being required for emailing will be sent to a server operated by TheRocket Science Group in the United States. Further information about the dataprotection offered by MailChimp can be found at: https://mailchimp.com/legal/privacy/


Our billing process is integrated with Zuora anduses the automated, recurring billing and invoicing feature. It is aPCI-compliant service, so all payment method information are stored neither byZuora nor by Datatrans. The relevant privacy statements and contact details ofZuora can be found on the web site here.

Right to information, deletion and correction

You have the right to obtain information on the personal data that we store about you on request free of charge. In addition, you have the right to correct inaccurate data and the right to delete your personal data, as long as there is no legal retention duty or act of permission that allows us to process such data. You also have the right to demand the release of the data you have given us (right to data portability). On request, we will also forward the data to a third party of your choice. You have the right to receive the data in a common file format. For the aforementioned purposes, you can contact us via the e-mail address support@datatrans.ch. We may, at our discretion, require proof of identity to process your request. Apart from that you have the right to complain to a data protection authority at any time.

Data retention

We only store personal information for as long as it is necessary

Contract data is kept longer by us, as this isrequired by statutory storage requirements. Retention requirements that obligeus to keep data arise from accounting and tax regulations. According to these regulations, business communications, closed contracts and accounting documents must be kept for up to 10 years. As far as we no longer need this data to carry out the services for you, the data will be blocked. This means that the data may then only be used for accounting and for tax purposes.

Data security

We take reasonable technical and organisational security measures that we deem appropriate in order to protect your stored data from being manipulated, fully or partially lost, or accessed by unauthorised third parties. Our security measures are adapted continually in line with technological developments. We also take internal data privacy very seriously. Our employees and the service providers commissioned by us are obliged to maintain secrecy and comply with the provisions of data protection law. In addition, they are granted access to personal data only insofar as this is necessary.


If you have any questions about data protection on our website, would like to receive information or request the deletion of your data, please contact us by sending an e-mail to support@datatrans.ch. Please send your request by letter to the following address: Datatrans AG, Kreuzbühlstrasse 26, 8008 Zürich
Data protection officer: Patrick Horisberger (Date: November 2021)