Skip to content
News Next edoobox course on September 16, 2026 Register now
Loading...
System Status Loading...
  • APP1 Environment: Loading...
  • APP2 Environment: Loading...
  • Customer support: Loading...
  • Website: Loading...
  • WordPress Plugin: Loading...
Login

Umgebung wählen

APP1 Version 1 APP2 Version 1
edoobox

Administration & Organization

Course Manager Centrally plan courses, dates, teams, and statuses. Participant CRM View participants, bookings, balances, and history in one place. Task Planner Schedule internal tasks and time-scheduled emails. Resources Efficiently allocate rooms, locations, materials, and personnel.

Marketing & Growth

Promotions Manager Strategically implement discounts, coupons, and promotions. Email Automation Automatically send confirmations, reminders, and follow-ups. Website Integration Embed bookings on websites, WordPress sites, and landing pages. Global Reach (AI) Manage multilingual bookings and communication.

Finance & Controlling

Payment Hub Centrally manage payment methods, statuses, and payment logic. Invoicing Generate invoices, QR invoices, and exports from transactions. Invoicing and Collections Keep track of outstanding payments and follow up in an organized manner. Reporting Better analyze bookings, occupancy, and revenue.

Technology & Security

REST API V2 Develop custom integrations and data flows. Webhooks Send events from bookings to downstream systems. Design Manager Develop booking flows using our own brand and process design. Integrate tools Connect Zoom, Teams, Mailchimp, WordPress, Zapier, and tracking tools. Security Concept Manage roles, permissions, SSO, and secure access. Data Protection Incorporate the DSG/GDPR, hosting, consent, and legal texts.

Easily manage bookings, participants, and offerings.

Whether it's continuing education, events, associations, or internal training—edoobox creates clear processes from the initial call for proposals to recurring bookings.
Education Providers Easily plan, publish, and manage courses, seminars, and continuing education programs. Associations & Organizations Centrally organize member courses, events, and both internal and external registrations. Event & Experience Providers Offer workshops, tours, and experiences professionally with a clear booking process. Corporate Training Clearly organize internal training sessions, participants, and reporting for HR and L&D. Academies & Institutions Bringing together multiple locations, programs, and teams under a centralized structure.
News Prices

Documentations

Helpful guides for the current version of edoobox.
Current Version V2 Step-by-step instructions, setup guides, and background information on the current app version.
Courses
Free trial
Menu
Menu

Administration & Organization

Course Manager CRM Participants Task Planner Resources

Marketing & Growth

Promotions Manager Email Automation Website Integration Global Reach (AI)

Finance & Controlling

Payment Hub Billing Billing and Collections Reporting

Technology & Security

REST API V2 Webhooks design manager Integrate Tools Security Plan Privacy Policy

Industries

Educational ProvidersAssociations & OrganizationsEvent & Activity ProvidersCorporate TrainingAcademies & Institutions

More

News Prices Courses Documentation for the current version of edoobox
Free trial
Legal Information

Privacy Policy

Information on the processing of personal data for the website, platform, communications, and operations of Etzensperger Informatik AG.

Visualization of the Data Protection Section in edoobox

Status

27.03.2026

Version 2.0

German (Switzerland) version

Data Controller

Etzensperger Informatik AG

24 Kirchweg

CH-3366 Bettenhausen

CHE-107.413.131

Scope of Application

Website and Online Services

SaaS Accounts

Support, Sales, and Marketing

Job Applications and Employment

Rights of Affected Individuals

Information

Correction

Deletion

Portability and Contradiction

Current Version

This Privacy Policy describes the processing of personal data by edoobox in the context of its website, platform, communications, and operations.

Data Controller Cookies & Tracking Recipients & Transfers Data Subject Rights Changes

As of: March 27, 2026 Version: 2.0

Note on the language version: This German version is the legally binding and authoritative version. Any English translations are provided for informational purposes only; in the event of any discrepancies, the German version shall prevail.

This Privacy Policy explains how Etzensperger Informatik AG (“we,” “us”) processes personal data when you: (a) use our website(s) and online services, (b) create or manage a customer account (SaaS account), (c) enter data about a customer on our platform as an end user or participant, (d) communicate with us (support, sales, marketing), (e) apply for a job with us or are employed by us.

In particular, we comply with the Swiss Data Protection Act (DSG) and—where applicable—the EU General Data Protection Regulation (GDPR).

1. Data Controller and Contact Information

The entity responsible for data processing within the meaning of the DSG and—where applicable—the controller within the meaning of the GDPR is:

Etzensperger Informatik AG Kirchweg 24 CH-3366 Bettenhausen Switzerland Email: support@edoobox.com Phone: +41 43 434 65 91 Commercial Register/VAT ID: CHE-107.413.131

2. Data Protection Contact / Data Protection Advisor / Data Protection Officer (DPO)

For data protection inquiries, please contact us at: Data Protection Contact: support@edoobox.com Etzensperger Informatik AG Kirchweg 24 CH-3366 Bettenhausen Switzerland

Note: If we are required by applicable law to appoint a data protection officer, or if we appoint one voluntarily, that person can be reached using the contact information provided above.

3. Role Model in SaaS (Customer Data vs. Data About Our Own Business Operations)

3.1 Customer Data (“Customer Content”) – We as the Data Processor

When using our SaaS platform, our customers may enter personal data of end users/participants (e.g., participation data, booking/event data) into the platform. To the extent that we process this customer data on behalf of and in accordance with the customer’s instructions, the following applies:

  • Customer = Data Controller,
  • we = data processor.

In such cases, we govern the processing of the order in a separate data processing agreement (AVV/DPA) with the customer.

3.2 Our Own Business Data – We as the Data Controller

We also process personal data for our own purposes, such as account administration, contracts/billing, security, product improvement, marketing (where permitted), and compliance. We are the data controller for these processing activities.

4. Categories of Personal Data

Depending on the context, we focus in particular on the following categories:

A) Account and Contract Information

  • Last Name, First Name, Company/Organization, Role/Position
  • Login/identification data (e.g., username), password hash
  • Contact Information (Email, Phone, Address)
  • Contract and Plan/Subscription Information, Scope of License

B) Billing and Payment Information

  • Billing Address, VAT Information
  • Payment status, transaction, and reference data (no complete card/bank details, provided the payment provider processes this directly)

C) Usage and Device Data

  • Usage data within the platform (e.g., feature usage, click paths in the app)
  • Device/browser data, operating system, app version
  • IP address, timestamp, approximate location data (derived), language/time zone

D) Communication and Support Data

  • Support requests, email/chat content, attachments
  • Call Notes, Tickets, Status and History

E) Logs, Security Data, and Metadata

  • System and access logs (e.g., login attempts, admin actions)
  • Audit logs, error/crash reports
  • Backups/Restore Points (including data copies)

F) Marketing and Event Data

  • Newsletter Opt-In/Opt-Out, Consent Status
  • Campaign parameters (e.g., UTM), lead information

G) Applicant and Employee Data

  • Application materials, communication content, HR administration (separate note possible)

5. Purposes of Processing and Legal Bases

We process personal data in accordance with the principles of purpose limitation, proportionality, and data minimization. We destroy or anonymize data as soon as it is no longer necessary for the intended purpose (subject to statutory retention requirements and legitimate archiving interests).

To the extent that the GDPR applies, we base our processing activities in particular on the following legal grounds:

  • Performance of a Contract/Pre-Contractual Measures (Art. 6(1)(b) GDPR),
  • Legal obligation (Art. 6(1)(c) of the GDPR),
  • Legitimate interests (Art. 6(1)(f) of the GDPR),
  • Consent (Art. 6(1)(a) of the GDPR) – e.g., for newsletters/marketing or non-essential cookies, where required,
  • In exceptional cases: protection of vital interests or a public task (Art. 6(1)(d) and (e) of the GDPR).

Main purposes:

5.1 Operation of the SaaS Platform and Provision of Features

  • Account Creation, Login, Permissions, Feature Deployment
  • Support, Incident Management, Further Development, Quality Assurance

5.2 Contract, Billing, Administration

  • Contract conclusion/management, invoicing, payment, collections
  • Financial Accounting, Record Keeping, Internal Administration

5.3 Security and Prevention of Abuse

  • IT security, access controls, logging, fraud/abuse detection
  • Enforcement of Terms and Conditions, Protection of Rights, Legal Claims

5.4 Communication

  • Service Notices (e.g., safety-related notices, system status)
  • Support Communications
  • Marketing communications only when permitted or with consent

5.5 Website Operation and Cookies

We use necessary cookies/technologies to ensure the technical functionality of our website and platform. For non-necessary cookies/technologies (e.g., audience measurement, marketing, social media), we use a consent management system—where required by applicable law. You can revoke or adjust your consent at any time via the cookie settings in the footer of our website.

6. Recipients, Service Providers, and Subcontractors

We will only disclose personal data if it is necessary for the purposes stated, if we are required to do so, or if you have given your consent.

Recipient categories may include:

  • Hosting/Cloud Providers (Operations, Storage, Backups, Monitoring)
  • Communications service providers (email, text messaging, telephone)
  • Payment Service Providers (Payment Processing, Invoicing/Subscription Management)
  • Analytics, performance, and security service providers (e.g., error tracking, APM, CDN/WAF)
  • CRM/Support Systems (Ticketing, Chat, Knowledge Base)
  • Professional consultants (legal advice, auditing), banks/debt collection, as needed
  • Government agencies/courts, as required by law

Subprocessors: You can find a current list of our subprocessors, including their purpose, location, data categories, and legal basis for data transfers, at: https://www.edoobox.com/de/dsg-dsgvo-konform

7. Data Processing Abroad / Cross-Border Transfers

Core platform data is generally stored and processed primarily in Switzerland. Depending on the service provider used, processing may also take place within the EU/EEA or in other countries. If we or our service providers process personal data outside of Switzerland or outside the EEA, we ensure that an adequate level of data protection is guaranteed, in particular by:

  • Adequacy Decisions (Switzerland: Countries/Organizations with Adequate Protection; EU: Adequacy Decisions),
  • Standard Contractual Clauses (SCCs) and additional measures, as necessary,
  • Applicable data privacy frameworks (e.g., the Swiss-U.S. DPF or the EU-U.S. DPF), provided they are applicable and the recipient is certified accordingly,
  • or other guarantees provided for by law/exceptional grounds for disclosure.

8. Retention, Deletion, and Offboarding

We define retention periods based on the “need-to-know/need-to-keep” principle.

8.1 Guidelines

  • Account/Customer Data: Term of the contract + a reasonable transition period for migration and contract fulfillment
  • Support tickets: for as long as necessary for support, traceability, and compliance
  • Security/Access Logs: in accordance with our security and compliance requirements
  • Backups: On a rolling basis according to our rolling backup cycle (deletion with a delay is possible)
  • Marketing lead data: until revoked/opted out or the purpose no longer applies
  • Accounting and billing records: in accordance with statutory retention requirements (generally up to 10 years), where applicable

8.2 Customer Onboarding/Offboarding

  • During the term of the contract: Processing for the purpose of providing services.
  • After termination/expiration of the contract: (i) Return/export of customer data as needed, (ii) account deactivation, (iii) deletion/anonymization after the retention periods have expired, except for data copies in backups until they are overwritten.
  • Upon request, we can review the possibility of deleting customer data earlier, provided that no legal obligations or overriding interests prevent it.

9. Data Security (Technical and Organizational Measures)

We implement appropriate technical and organizational measures (TOM) based on an assessment of the risk, in particular:

Note: Absolute security cannot be guaranteed.

  • Encryption during transmission (TLS) and—where appropriate—during storage (encryption at rest)
  • Role and Permission Models (Least Privilege), Isolation of Environments
  • Multi-factor authentication for administrator accounts and access to sensitive internal systems, where technically feasible
  • Logging/Auditing of Security-Related Actions
  • Regular Patches/Updates, Vulnerability Management
  • Backups, Recovery, and Emergency Plans
  • Employee Training/Obligations (Confidentiality)

10. Rights of Data Subjects

10.1 Rights Under the Swiss Data Protection Act (DSG)

Depending on the circumstances and legal restrictions, you have, in particular:

  • Right of access, including information on the purpose, retention period/criteria, recipients, and automated individual decision-making,
  • Right to correct inaccurate data,
  • Right to erasure/destruction, to the extent permitted,
  • Right to data disclosure/transfer (portability) subject to the statutory requirements,
  • Rights related to automated individual decision-making (see section 11).

10.2 Rights Under the GDPR (to the extent applicable)

Depending on the circumstances, they have—in particular:

  • Access, Correction, Deletion, Restriction of Processing,
  • Data portability,
  • Objection to processing based on legitimate interests,
  • Withdrawal of consent with future effect,
  • Right to file a complaint with a supervisory authority.

10.3 Exercising Rights

Please direct inquiries to: support@edoobox.com We may request appropriate proof of identity.

An important SaaS role principle:

  • In the case of “Customer Content,” which is managed by our customers as data controllers, we may not be authorized to directly modify or delete data. In such cases, we will forward requests from data subjects—to the extent permitted—to the respective customer or inform you how you can contact the customer directly.

11. Automated Individual Decision-Making and Profiling

If we use automated individual decision-making that produces legal effects concerning you or significantly affects you, we will inform you of this. You have the right to express your point of view and to request a review by a natural person, to the extent provided for by applicable law. Currently, we generally do not use automated individual decision-making that produces legal effects on data subjects or similarly significantly affects them.

12. Reporting Data Breaches

We have processes in place to detect, investigate, remedy, and document data security breaches. To the extent required by law, we report relevant data security breaches to the competent supervisory authority and notify the affected individuals.

When processing orders, we notify our customers without undue delay if we detect a data breach that affects customer data.

13. Job Applications and Employee Data

If you apply for a position with us or are employed by us, we process personal data for the purposes of the application process or employment relationship, as well as for administrative purposes, payroll and social security, compliance, and IT security. We provide a separate HR privacy notice upon request or as part of the application process.

14. Minors

Our services are generally intended for businesses and adults. Individuals under the age of 16 should not use our services without the consent of a parent or legal guardian, to the extent required by applicable law.

15. Compliance, Audits, and Contracts

  • We maintain—to the extent required by law or deemed organizationally appropriate—a record of processing activities and document security measures as well as relevant incidents. We provide customer-specific documentation, security questionnaires, inspections, or audits following prior consultation and, unless required by law or triggered by an event caused by us, for a separate fee.
  • When necessary, we enter into a data processing agreement (DPA) with our customers.
  • We enter into appropriate contracts with subcontractors, including TOM and—if necessary—transfer instruments (e.g., SCC).

16. Changes to This Privacy Policy

We may update this Privacy Policy, for example, in the event of changes in the law or product updates. The current version is published at /datenschutzerklaerung. We will provide appropriate notice of any material changes.

17. Disclaimer / Limitation of Liability (to the extent permitted)

This Privacy Policy describes data processing to the best of our knowledge. We do not guarantee that external services (e.g., third-party websites, linked providers) will function the same way at all times or that their content will remain unchanged. We reserve the right to apply statutory liability provisions.

The Next Step with edoobox

Manage bookings, participants, and your entire operation centrally, automatically, and with significantly less manual effort.

Get started with your team in just a few minutes and create your quotes directly in edoobox.

Try it for free Demo or Course
edoobox

Check-in, ticket scanning, and attendance tracking right on-site: With the edoobox Entry app, you can keep track of admissions and attendees on the go at all times.

Support

Contact About edoobox Experiences with edoobox Frequently Asked Questions DSG/GDPR Compliance

Product

Course Manager CRM Participants Task Planner Resources Promotions Manager Email Automation
Website Integration
Website Integration Global Reach (AI) Payment Hub Invoicing Billing Reporting REST API V2 Webhooks Design Manager Integrate Tools Security Policy Privacy Policy

Industries

Educational Providers Associations & Organizations Event & Activity Providers Corporate Training / Companies Academies / Larger Institutions

Legal Information

Legal Notice Privacy Policy Terms and Conditions Accessibility
Contact

We're available to answer any questions you may have about edoobox, your demo, or day-to-day operations.

Office Hours

Monday–Friday 9 a.m.–12 p.m. and 1 p.m.–5 p.m.

support@edoobox.com
CH +41 43 434 65 91 DE +49 69 365057597 AT +43 1 2056367101
Contact

We're available to answer any questions you may have about edoobox, your demo, or day-to-day operations.

Office Hours

Monday–Friday 9 a.m.–12 p.m. and 1 p.m.–5 p.m.

support@edoobox.com
CH +41 43 434 65 91 DE +49 69 365057597 AT +43 1 2056367101
Other platforms

Documentation, status updates, plugins, and community channels directly from the original ecosystem.

Docs V2 Status System WordPress Plugin Facebook X Instagram LinkedIn YouTube
▾
Swiss Made Software

© 2026 Etzensperger Informatik AG. Made with precision in Switzerland.

Cookies & Privacy

Verlässlich im Betrieb, Analyse und Marketing nur mit Zustimmung. Cookies bestätigen.

Wir verwenden Cookies, damit edoobox stabil, sicher und komfortabel funktioniert. Analyse- und Marketing-Tracking aktivieren wir erst nach Ihrem Opt-in. Ihre Wahl können Sie jederzeit anpassen. Notwendige Cookies sind aktiv. Analyse & Marketing nutzen wir nur mit Ihrer Zustimmung.

Required

Für Sicherheit, Navigation, Formulare und den technischen Betrieb der Website. Für Sicherheit und Betrieb der Website.

Always Active
Privacy Policy