At eProfiler Solutions AG ("eProfiler," "we," "us," or "our"), we are committed to protecting your privacy and handling your personal data with transparency and care. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, use our bioelectronic sensing platforms and services, or interact with us.
This Privacy Policy is designed to comply with:
The General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679
The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
The Swiss Federal Act on Data Protection (FADP)
Other applicable data protection laws
By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.
Data Controller:
eProfiler Solutions AG
[Company Address]
Switzerland
Data Protection Officer (DPO):
Email: privacy@eprofiler.com
If you have any questions about this Privacy Policy or our data practices, please contact our DPO using the details above.
We collect and process the following categories of personal data:
Full name
Job title and organization
Professional contact information (email address, phone number, postal address)
Account login credentials (username, encrypted password)
IP address and device identifiers
Browser type, version, and language
Operating system and platform
Time zone setting and location data
Pages visited and navigation patterns
Referral source and exit pages
Date and time of visits
Device information (hardware model, unique device identifiers)
Research institution affiliation
Scientific research data (where applicable and with consent)
Equipment usage logs and performance data
Calibration and maintenance records
Study protocols and experimental parameters (anonymized where possible)
Correspondence records (emails, chat logs, support tickets)
Meeting notes and call recordings (with prior notice)
Feedback and survey responses
Marketing preferences and consent records
Billing address and payment information (processed via secure third-party processors)
Purchase history and service usage records
Contract and agreement details
We do not generally collect special categories of personal data as defined under GDPR Article 9 (such as health data, biometric data, or genetic data). However, if our bioelectronic research services involve processing such data on your behalf, we will only do so:
With your explicit consent
Under a valid data processing agreement
With appropriate technical and organizational safeguards in place
Our Services are not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at privacy@eprofiler.com.
We collect personal data directly from you when you:
Create an account or register for our Services
Fill out forms on our Website
Subscribe to newsletters or marketing communications
Contact our support or sales teams
Participate in surveys, research studies, or events
Submit feedback or request information
We automatically collect certain data through:
Cookies and similar technologies (see our Cookies Policy for details)
Server logs recording your interactions with our Website
Analytics tools (e.g., Google Analytics) tracking usage patterns
Device information transmitted by your browser or device
We may receive personal data from:
Your employer or research institution (with proper authorization)
Business partners and distributors
Publicly available sources (professional directories, scientific publications)
Referral programs
Under the GDPR, we process your personal data based on the following legal grounds:
| Purpose | Legal Basis | | --- | --- | | Providing our Services and fulfilling contracts | Performance of a contract (Article 6(1)(b)) | | Complying with legal obligations | Legal obligation (Article 6(1)(c)) | | Marketing communications (with consent) | Consent (Article 6(1)(a)) | | Improving our Services and Website | Legitimate interests (Article 6(1)(f)) | | Fraud prevention and security | Legitimate interests (Article 6(1)(f)) | | Research and development (anonymized data) | Legitimate interests (Article 6(1)(f)) |
Our legitimate interests include:
Maintaining and improving the quality of our Services
Ensuring network and information security
Conducting scientific research to advance bioelectronic technology
Marketing our products to existing customers
Where we rely on consent, you have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
We use your personal data for the following purposes:
Service Provision:
Creating and managing your account
Providing access to our bioelectronic sensing platforms and tools
Processing transactions and delivering purchased services
Providing customer and technical support
Sending service-related notifications and updates
Research and Development:
Improving our bioelectronic technologies and algorithms
Conducting scientific research and data analysis (with anonymization)
Developing new products and features
Quality assurance and testing
Communication:
Responding to inquiries and support requests
Sending administrative information
Providing information about products, services, and events (with consent)
Conducting customer satisfaction surveys
Security and Compliance:
Protecting against fraud, unauthorized access, and security threats
Complying with legal and regulatory obligations
Enforcing our Terms and Conditions
Establishing, exercising, or defending legal claims
With your consent (where required by law), we may use your contact information to send you:
Newsletters and industry updates
Information about new products, features, or services
Invitations to webinars, conferences, and events
Scientific publications and research findings
You can opt-out of marketing communications at any time by:
Clicking the "unsubscribe" link in our emails
Updating your preferences in your account settings
Contacting us at privacy@eprofiler.com
We may share your personal data with:
Service Providers and Processors:
Cloud hosting providers (e.g., AWS, Azure)
Customer relationship management platforms
Payment processors
Analytics providers
Email and communication service providers
IT support and maintenance providers
All processors are bound by data processing agreements requiring them to process data only on our instructions and maintain appropriate security measures.
Professional Advisers:
Legal counsel
Accountants and auditors
Insurance providers
Consultants
Business Partners:
Authorized distributors and resellers
Research collaboration partners (with appropriate agreements)
Scientific institutions (for joint research projects)
Legal and Regulatory Authorities:
Courts, tribunals, and regulatory bodies
Law enforcement agencies (when legally required)
Government authorities (for compliance with applicable laws)
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of company assets, your personal data may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal data.
We do not sell your personal data to third parties for monetary consideration. Under the CCPA, certain transfers may be considered "sales" or "sharing" for cross-context behavioral advertising. We do not engage in such practices without your consent.
As a Swiss company with global operations, your personal data may be transferred to and processed in countries outside your jurisdiction, including:
Switzerland (our headquarters)
European Economic Area (EEA) countries
United States (for cloud hosting and service providers)
Other countries where our service providers operate
When transferring personal data outside the EEA or Switzerland, we ensure appropriate safeguards are in place:
For EU/EEA data:
Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions (for countries recognized as providing adequate protection)
Binding Corporate Rules (where applicable)
For Swiss data:
Swiss Federal Act on Data Protection requirements
Adequacy assessments for recipient countries
You can request a copy of the safeguards we use for international transfers by contacting us at privacy@eprofiler.com.
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
| Data Category | Retention Period | | --- | --- | | Account and contact data | Duration of account + 3 years after closure | | Transaction records | 10 years (legal requirement) | | Communication records | 3 years from last contact | | Website logs and analytics | 26 months | | Marketing consent records | Duration of consent + 2 years | | Scientific research data | As specified in research agreements |
Retention periods may be extended where necessary to:
Comply with legal, accounting, or reporting requirements
Establish, exercise, or defend legal claims
Maintain scientific research integrity and reproducibility
Protect against fraud or security threats
When personal data is no longer required, we securely delete or anonymize it in accordance with our data retention policies.
Depending on your location, you have the following rights regarding your personal data:
Right to Access (Article 15):
You have the right to request a copy of the personal data we hold about you and information about how we process it.
Right to Rectification (Article 16):
You have the right to request correction of inaccurate or incomplete personal data.
Right to Erasure / "Right to be Forgotten" (Article 17):
You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
Right to Restrict Processing (Article 18):
You have the right to request that we limit the processing of your personal data in certain circumstances.
Right to Data Portability (Article 20):
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
Right to Object (Article 21):
You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent (Article 7):
Where we rely on consent, you have the right to withdraw consent at any time.
Right to Lodge a Complaint (Article 77):
You have the right to complain to a data protection authority if you believe we have violated your rights.
If you are a California resident, you have the following rights:
Right to Know:
You have the right to request disclosure of:
Categories of personal information we collect
Categories of sources from which personal information is collected
Business or commercial purposes for collecting personal information
Categories of third parties with whom we share personal information
Specific pieces of personal information we hold about you
Right to Delete:
You have the right to request deletion of your personal information, subject to certain exceptions.
Right to Correct:
You have the right to request correction of inaccurate personal information.
Right to Opt-Out of Sale/Sharing:
While we do not sell personal information, you have the right to opt-out of any future sale or sharing for cross-context behavioral advertising.
Right to Limit Use of Sensitive Personal Information:
You have the right to limit our use and disclosure of sensitive personal information.
Right to Non-Discrimination:
We will not discriminate against you for exercising your privacy rights.
To exercise any of your rights, please contact us:
Email: privacy@eprofiler.com
Postal Address: [Company Address], Switzerland
We will respond to your request within:
GDPR: 30 days (extendable to 60 days for complex requests)
CCPA: 45 days (extendable by 45 days with notice)
To protect your privacy, we will verify your identity before processing your request. We may request:
Government-issued identification
Account credentials
Other information to confirm your identity
You may designate an authorized agent to make requests on your behalf. The agent must provide written authorization signed by you.
| Category (Cal. Civ. Code § 1798.140) | Collected? | Source | Purpose | | --- | --- | --- | --- | | Identifiers (A) | Yes | Direct, automated | Service provision, communication | | Personal records (B) | Yes | Direct | Contract fulfillment | | Protected characteristics (C) | No | - | - | | Commercial information (D) | Yes | Direct | Transaction processing | | Biometric information (E) | No | - | - | | Internet activity (F) | Yes | Automated | Analytics, security | | Geolocation data (G) | Limited | Automated | Security, localization | | Audio/visual data (H) | Limited | Direct | Support calls (with notice) | | Professional information (I) | Yes | Direct, third parties | Service provision | | Non-public education (J) | No | - | - | | Inferences (K) | Yes | Automated | Service improvement |
We disclose personal information to the following categories of service providers for business purposes:
Cloud storage providers
Analytics providers
Customer support platforms
Payment processors
Marketing platforms
We do not currently offer financial incentive programs that require the collection of personal information.
We implement appropriate technical and organizational measures to protect your personal data, including:
Technical Measures:
Encryption in transit (TLS 1.3) and at rest (AES-256)
Multi-factor authentication for systems access
Regular security assessments and penetration testing
Intrusion detection and prevention systems
Secure development practices
Regular security patching and updates
Organizational Measures:
Role-based access controls
Employee training on data protection
Confidentiality agreements with staff and contractors
Incident response procedures
Business continuity and disaster recovery plans
In the event of a personal data breach, we will:
Notify the relevant supervisory authority within 72 hours (GDPR)
Notify affected individuals without undue delay when the breach poses a high risk
Cooperate fully with regulatory investigations
While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
For detailed information about the cookies and similar technologies we use, including:
Types of cookies
Purposes of cookies
Cookie duration
How to manage cookie preferences
Please see our Cookies Policy.
We do not currently engage in automated decision-making or profiling that produces legal effects or similarly significant effects on individuals.
If we implement such processing in the future, we will:
Provide meaningful information about the logic involved
Explain the significance and envisaged consequences
Implement appropriate safeguards
Obtain explicit consent where required
We may update this Privacy Policy from time to time to reflect:
Changes in our data practices
Changes in applicable laws and regulations
New products or services
Security enhancements
We will notify you of material changes by:
Posting the updated Privacy Policy on our Website
Updating the "Last Updated" date at the top of this page
Sending an email notification (for registered users)
For significant changes, we will provide at least 30 days' notice before the changes take effect.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Data Protection Officer:
Email: privacy@eprofiler.com
Address: [Company Address], Switzerland
General Inquiries:
Email: info@eprofiler.com
Phone: [Phone Number]
If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with a data protection authority:
For EU/EEA residents:
Contact the supervisory authority in your country of residence or place of work.
For Swiss residents:
Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1
CH-3003 Bern
Switzerland
Website: https://www.edoeb.admin.ch
For UK residents:
Information Commissioner's Office (ICO)
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
United Kingdom