Daily Control Now™ Privacy policy

Protecting personal data is a priority for us at SGR Compliance SA, as Data Controller.

We want to ensure that you are informed about our policy regarding the processing of personal data we collect through our App Daily Control Now™ (“App”).

This Privacy Policy contains information on what personal data we collect, what we do with it, and your rights.

If you require further information or have any questions about our Daily Control Now™ Privacy Policy, please do not hesitate to contact us at the following address: privacy@sgrcompliance.com.

SGR reserves the right to amend this Privacy Policy partly or fully, or to update its content (e.g., as a result of changes in applicable laws, legal requirements, technologies). Any amendment or update to this Privacy Policy will be available on this page. Please check this page regularly to keep up to date.

What data we process

When you log into your account, we process:

  • user’s account information (e.g., username, password, email address, and the company you are linked to).

Without this information, it may not be possible to provide access to the App at all.

We also collect certain information automatically, such us:

  • device’s attributes (e.g., the operating system name and version, language);
  • device’s interactions (e.g., dates and times your device accesses our servers, technical diagnostic data).

For specific functionalities, we may request specific permissions to access device utilities (e.g., camera for reading and scanning documents, photo gallery and near-field connection for uploading interactions).

We will seek your prior consent before accessing these utilities. However, if you choose not to grant such permissions, we may not be able to provide some App’s functionalities properly or at all.

We also process the personal data you provide to conduct searches within Daily Control™ services through the App and to read and scan the documents you submit. The processing of such personal data is limited to the purposes of the App. Any further processing is carried out only if explicitly requested as part of other SGR services connected to the App and in compliance with the terms and privacy requirements provided for those services.

How we use personal data

The way we use your information is designed to provide you with a secure and efficient experience within our App Daily Control Now™. Below, you will find the specific purposes for which we process the information collected.

App distribution and performance

We use the information you provide within the App to deliver our App, fulfil its purposes, and meet our contractual obligations, whether directly with you or with the company you are affiliated with.

App security and reliability

We employ your data to implement security patches and respond to error reports to protect your privacy and enhances the overall integrity and reliability of our App.

Communications and updates notification

We may use your email address to send important notifications about updates, changes to our terms and policies, or other relevant information concerning our App, services, and activities.

Regulatory and contractual compliance

We process the information to verify accounts and run automated processes designed to detect and prevent unauthorised access, protect against fraud, misuse, intellectual property infringements, violations of terms of use, resolve disputes, and enforce agreements.

App development and user experience improvement

We analyse data to better understand our customers’ needs, which guide us in refining software developments, updating features, supporting troubleshooting efforts and ensuring optimal performance of our App.

Basis for the processing of personal data

Depending on the purpose of the processing activity, the legal basis for the processing of personal data within the App will be one of the following:

  • necessary to fulfil our contractual obligations either directly with you or with the company you are affiliated with (e.g., providing access to our App, its functionalities and other connected services);
  • necessary for the legitimate interests of SGR, and does not unduly affect the interests or fundamental rights and freedoms of others (e.g., detecting and preventing unauthorised access to and misuse of the App, enhancing overall integrity and reliability of the App and services, sending relevant communications, resolving disputes, enforcing agreements);
  • necessary for compliance with legal obligations (e.g., responding to requests from public authorities, complying with applicable law, or adhering to legal processes);
  • we have obtained prior explicit consent (e.g., when we ask for your consent to access specific device’s features such as camera and photo gallery).

How we protect personal data

We use generally accepted technical and operational security standards to protect the personal data processed within the App.

The terms and privacy requirements provided for the SGR services connected to the app provide additional details about our technical and organisational security measures.

Who we share personal data with

For the purposes and pursuant to the legal bases described above, we may share personal data processed within the App with:

  • SGR’s internal department to ensure the proper distribution of our App and effective communication with you;
  • service providers who assist us with auxiliary services for the App and connected services;
  • the company you are affiliated with if we are providing our App and designated services to you as part of a company’s subscription;
  • public authorities to comply with legal requirements, meet law enforcement requests or in case of disputes.

Retention period

We will only retain personal data as long as necessary to fulfil the purpose(s) for which they were collected or to comply with legal, regulatory, or internal policy requirements, whichever is longer.

In general,

  • we retain personal data only for as long as necessary to fulfil our legal and contractual obligations and to demonstrate legal and contractual compliance; in this case, we will not retain your data for more than 10 years;
  • when we have obtained your explicit consent for specific permissions, we will retain the relevant information in accordance with your consent.

We do not store the personal data you provide to conduct searches within Daily Control™ services through the App or the personal data related to the read and scanned documents you submit unless explicitly requested as part of other services connected to the App. For these designated services, details regarding data retention are specified in the related terms and privacy requirements.

Transfer of data abroad

The personal data we collect within the App will be processed in Switzerland and other countries with legislation that guarantees an adequate level of data protection or, in the absence of such legislation, based on appropriate safeguards (e.g., standard contractual clauses adopted by the European Commission, binding corporate rules, and certifications).

Exercising your rights

To exercise your rights, please contact us at privacy@sgrcompliance.com.

As a data subject, you have the right to access and obtain a copy of your personal data as processed by SGR and to request the correction and erasure of your personal data.

You are also entitled to object to the processing of your personal data based on grounds relating to your particular situation, to request the restriction of the processing, and to withdraw your consent at any time if you previously provided it.

We will process such requests in accordance with applicable data protection laws. However, please note that the rights listed above are not absolute and may not always apply; exemptions could be applicable depending on the situation.

In response to a request, we will ask you to verify your identity and provide information that helps us better understand your request.

If we do not comply with your request, we will explain why.

We are committed to respecting your personal data. However, if you believe that the processing of your personal data is being carried out in violation of applicable data protection laws, you have the right to lodge a complaint with the Federal Data Protection and Information Commissioner or file a legal action in Lugano Court.

(June 2024)