Status
27.03.2026
Version 2.0
German (Switzerland) version
Information on the processing of personal data for the website, platform, communications, and operations of Etzensperger Informatik AG.

Status
27.03.2026
Version 2.0
German (Switzerland) version
Data Controller
Etzensperger Informatik AG
24 Kirchweg
CH-3366 Bettenhausen
CHE-107.413.131
Scope of Application
Website and Online Services
SaaS Accounts
Support, Sales, and Marketing
Job Applications and Employment
Rights of Affected Individuals
Information
Correction
Deletion
Portability and Contradiction
Current Version
This Privacy Policy describes the processing of personal data by edoobox in the context of its website, platform, communications, and operations.
As of: March 27, 2026 Version: 2.0
Note on the language version: This German version is the legally binding and authoritative version. Any English translations are provided for informational purposes only; in the event of any discrepancies, the German version shall prevail.
This Privacy Policy explains how Etzensperger Informatik AG (“we,” “us”) processes personal data when you: (a) use our website(s) and online services, (b) create or manage a customer account (SaaS account), (c) enter data about a customer on our platform as an end user or participant, (d) communicate with us (support, sales, marketing), (e) apply for a job with us or are employed by us.
In particular, we comply with the Swiss Data Protection Act (DSG) and—where applicable—the EU General Data Protection Regulation (GDPR).
The entity responsible for data processing within the meaning of the DSG and—where applicable—the controller within the meaning of the GDPR is:
Etzensperger Informatik AG Kirchweg 24 CH-3366 Bettenhausen Switzerland Email: support@edoobox.com Phone: +41 43 434 65 91 Commercial Register/VAT ID: CHE-107.413.131
For data protection inquiries, please contact us at: Data Protection Contact: support@edoobox.com Etzensperger Informatik AG Kirchweg 24 CH-3366 Bettenhausen Switzerland
Note: If we are required by applicable law to appoint a data protection officer, or if we appoint one voluntarily, that person can be reached using the contact information provided above.
When using our SaaS platform, our customers may enter personal data of end users/participants (e.g., participation data, booking/event data) into the platform. To the extent that we process this customer data on behalf of and in accordance with the customer’s instructions, the following applies:
In such cases, we govern the processing of the order in a separate data processing agreement (AVV/DPA) with the customer.
We also process personal data for our own purposes, such as account administration, contracts/billing, security, product improvement, marketing (where permitted), and compliance. We are the data controller for these processing activities.
Depending on the context, we focus in particular on the following categories:
A) Account and Contract Information
B) Billing and Payment Information
C) Usage and Device Data
D) Communication and Support Data
E) Logs, Security Data, and Metadata
F) Marketing and Event Data
G) Applicant and Employee Data
We process personal data in accordance with the principles of purpose limitation, proportionality, and data minimization. We destroy or anonymize data as soon as it is no longer necessary for the intended purpose (subject to statutory retention requirements and legitimate archiving interests).
To the extent that the GDPR applies, we base our processing activities in particular on the following legal grounds:
Main purposes:
We use necessary cookies/technologies to ensure the technical functionality of our website and platform. For non-necessary cookies/technologies (e.g., audience measurement, marketing, social media), we use a consent management system—where required by applicable law. You can revoke or adjust your consent at any time via the cookie settings in the footer of our website.
We will only disclose personal data if it is necessary for the purposes stated, if we are required to do so, or if you have given your consent.
Recipient categories may include:
Subprocessors: You can find a current list of our subprocessors, including their purpose, location, data categories, and legal basis for data transfers, at: https://www.edoobox.com/de/dsg-dsgvo-konform
Core platform data is generally stored and processed primarily in Switzerland. Depending on the service provider used, processing may also take place within the EU/EEA or in other countries. If we or our service providers process personal data outside of Switzerland or outside the EEA, we ensure that an adequate level of data protection is guaranteed, in particular by:
We define retention periods based on the “need-to-know/need-to-keep” principle.
We implement appropriate technical and organizational measures (TOM) based on an assessment of the risk, in particular:
Note: Absolute security cannot be guaranteed.
Depending on the circumstances and legal restrictions, you have, in particular:
Depending on the circumstances, they have—in particular:
Please direct inquiries to: support@edoobox.com We may request appropriate proof of identity.
An important SaaS role principle:
If we use automated individual decision-making that produces legal effects concerning you or significantly affects you, we will inform you of this. You have the right to express your point of view and to request a review by a natural person, to the extent provided for by applicable law. Currently, we generally do not use automated individual decision-making that produces legal effects on data subjects or similarly significantly affects them.
We have processes in place to detect, investigate, remedy, and document data security breaches. To the extent required by law, we report relevant data security breaches to the competent supervisory authority and notify the affected individuals.
When processing orders, we notify our customers without undue delay if we detect a data breach that affects customer data.
If you apply for a position with us or are employed by us, we process personal data for the purposes of the application process or employment relationship, as well as for administrative purposes, payroll and social security, compliance, and IT security. We provide a separate HR privacy notice upon request or as part of the application process.
Our services are generally intended for businesses and adults. Individuals under the age of 16 should not use our services without the consent of a parent or legal guardian, to the extent required by applicable law.
We may update this Privacy Policy, for example, in the event of changes in the law or product updates. The current version is published at /datenschutzerklaerung. We will provide appropriate notice of any material changes.
This Privacy Policy describes data processing to the best of our knowledge. We do not guarantee that external services (e.g., third-party websites, linked providers) will function the same way at all times or that their content will remain unchanged. We reserve the right to apply statutory liability provisions.