Send us an email
[email protected]
Call us
+41 43 434 65 91

edoobox is DSG and DSGVO compliant

Data protection is very important to us

With edoobox, you choose a booking system that meets the requirements of both the EU's General Data Protection Regulation (GDPR) and Switzerland's Data Protection Act (DPA).

edoobox is GDPR compliant
Section Divider

What is GDPR?

The General Data Protection Regulation (GDPR) is a regulation of the European Union. It serves to harmonize personal data by private companies and public bodies in the EU.

The GDPR pursues the following objectives:

  • Protection of individuals with regard to the processing of personal data in the EU and the free movement of such data within the European internal market
  • Protection of fundamental rights and freedoms of natural persons, specifically protection of personal data
  • To ensure that the free flow of personal data within the EU is neither restricted nor prohibited for reasons connected with the protection of individuals with regard to the processing of personal data

Link to Regulation (EU) 2016/679

What is DSG?

The Federal Data Protection Act (FADP) is a law designed to protect consumers' personal data. It will become effective through the Data Protection Ordinance (DPA) on September 1, 2023.

Link to the Federal Law on Data Protection BBI 2020 7639

Do I have to be DSG / DSGVO compliant and do I have advantages?

As soon as you process personal data of a natural person from the EU, you must use a GDPR compliant booking system. This is based on Regulation (EU) 2016/679.

As soon as you process personal data from a natural person from Switzerland, you must use a DSG compliant booking system. This is based on the Federal Law BBI 2020 7639.

This results in the following benefits for you:

  • Your customers have control over their data and can have it cleansed
  • Your customers consent to the processing of the data
  • You improve your customer service
  • You increase your trust and improve your reputation

Is edoobox DSG / DSGVO compliant?

Yes, edoobox is DSGVO compliant. How do you have to proceed?

Cooperation with third party providers
edoobox cooperates with various third party providers. All third party providers with whom edoobox processes personal data are DSGVO compliant. The necessary agreements have been signed.

Hosting edoobox Booking System (app1.edoobox.com)
edoobox (APP1) is hosted on the servers of Nine Internet Solutions AG in Zurich (Switzerland). Nine can demonstrably guarantee end-to-end information security according to ISO 27001:2013 and is ISO 9001 (quality management) certified.

Hosting edoobox booking system (app2.edoobox.com)
edoobox (APP2) is hosted on Google Cloud (europe-west6) servers in Zurich (Switzerland). To protect the security and confidentiality of your data, Google Cloud meets strict privacy standards. Google Cloud is certified with the following certificates (ISO/IEC 27001 / ISO/IEC 27017 / ISO/IEC 27018 / AICPA SOC / SOC 1 / FISC (Japan) / FedRAMP).

What do I need to do to make my edoobox account privacy compliant?

As soon as you choose an edoobox subscription after the trial period, you will be asked to digitally sign the Order Data Processing Agreement.

Proceed as follows:

  • In the edoobox settings, select the paragraph "Privacy policy" on the button "Edit statement".
  • Click on the button "Sign order data processing contract".
  • You will receive an email with a link to the contract, which you can sign online
  • Sign the contract on the last page
  • The signed contract will be sent to you by e-mail
  • Select the data processing contract for your target group

We recommend that you review your privacy policy / data protection statement and your terms and conditions (T&Cs) and adjust them if necessary (in the edoobox settings, in the Legal texts box).

What services does edoobox provide to help you comply with the GDPR?

edoobox has extended the following functions for you, so that we as a contractor and you as a client can meet the requirements of the General Data Protection Regulation.

What does edoobox do?

  • Access control: Only authorized administrators, users and applications have access to the edoobox resources.
  • Multi-Factor Authentication (MFA)
  • Authentication of API requests
  • Tracking and logging of accesses
  • Regular compliance review and security analysis
  • Filtering and tracking HTTP access to applications
  • Encrypted data
  • Modern framework with high security standard
  • EU: We have clearly regulated in the commissioned data processing contract in accordance with Art. 28 (3) DSGVO which tasks lie with us, as the contractor, and which tasks lie with you, as the client.
  • CH: We have clearly defined in the DSG-CH order data processing contract which tasks lie with us, as the contractor, and which tasks lie with you, as the client.


What functions are available to you?

  • Access control: Only administrators, super-admins and managers authorized by you have access to their edoobox account.
  • Authentication of API requests
  • Download all personal data from edoobox at any time
  • Editing and deleting customer data
  • Control of customer data via the personalized user fields
  • Customize all designs in the Design Manager and view information related to personal data
  • Create your own privacy policy / data protection statement (in the edoobox settings, in the Legal texts box)
  • Bookers must (optionally) accept your privacy policy aligned with the DSG/DSGVO
  • Bookers must (optionally) accept your terms and conditions (T&C) aligned with the DSG/DSGVO

What are the subcontracting relationships at edoobox?

Hosting of the edoobox booking system (app1.edoobox.com)
Nine Internet Solutions AG, 8047 Zurich, Switzerland
Cloudflare, Cloudflare Germany GmbH, Munich

Hosting of the edoobox booking system (app2.edoobox.com)
Google Cloud Zurich (europe-west6)

Hosting of the edoobox.com website
Amazon Europe Core S.à r.l., L-2338 Luxembourg, Luxembourg

Subcontracting relationships for the edoobox.com website
Online Chat and edoobox Support *1 - Zendesk, Dublin, Ireland
Cookie Consent Tool *1 - Cookie-script.com, Lithuania
Website translation *1 - Weglot, Paris, France
Website design *1 - Webflow, San Francisco, USA

Communication (SMS, email, letter or phone)
Email sent via Mailjet *1/2 - Mailjet SAS, 75012 Paris, France
Letter sent via pingen.com *1/2 - Pingen GmbH, 8005 Zurich, Switzerland
SMS dispatch via Twillio *1/2 - Twilio Germany GmbH, 80337 Munich, Germany
Realtime notifications via Pusher *1/2 - Pusher Inc, London EC2A 4R, England *1/2
ADV Contract signing via Signable *2 - Signable, Bristol BS1 3PR, England
Tiny.cloud Editor in edoobox *1 - tiny, Palo Alto, USA

Advertising and cookies:
Display activation, Analytcis/TagManager, Social Widget, Google Maps integration Google *1/2 - Google Ireland Limited, Dublin 4, Ireland
Display activation or Social Widget integration from Facebook *1/2 - Facebook Germany, 20355 Hamburg, Germany
Display activation via Bing *1/2 - Microsoft Corporation, Dublin 18, Ireland

API:
Interface connection to Zapier *1 - Zapier Inc. , Sunnycale, CA 94086, USA
Interface GenderAPI *1 - Gender API, 81825 Munich, Germany

*1 If you use this function in edoobox
*2 Used internally by edoobox team

Support
Products
Top 5 Industries
A Product From
Etzensperger Informatik AG
[email protected]DE +49 69 365057597CH +41 43 434 65 91AT +43 1 2056367101

Office hours
Monday - Friday,
9am-12pm and 1pm-5pm
Copyright ©edoobox. All rights reserved.