Snapsite's logo

Privacy Policy

In this privacy policy (this “Privacy Policy”), BoMA Idea SA (hereinafter, “we” or “us” or “our”), explain how we collect and otherwise process personal data when you use our Platform (hereinafter “the Platform”).

The term “personal data” or “data” refers to all information that relates to a specific or identifiable person.

The terms used are not gender-specific.

This privacy policy is based, in particular, on the EU’s General Data Protection Regulation (GDPR). Although the GDPR is a regulation of the European Union, it is of significant relevance to us. The Swiss Federal Act on Data Protection (FADP) is heavily influenced by EU law, and companies outside the European Union and the European Economic Area must comply with the GDPR under certain circumstances.

Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Federal Government (Data Protection Act, DSG) and in accordance with GDPR, every person is entitled to protection of their privacy and to protection against misuse of their personal data. We comply with these terms. Personal data will be kept strictly confidential and will not be sold or passed on to third parties. The details can be found in the following explanations.

If you provide us with the personal data of other persons (for example data of work colleagues), please make sure that these persons are aware of this Privacy Policy and only share their data with us if you are allowed to do so and if this personal data is correct.

You can find our complete contact details at the end of this Privacy Policy.

1. Collection and Processing of Personal Data

We primarily process the personal data that we receive from our customers in the course of our business relationship with them and other persons involved in it, or that we collect from their users in the operation of our website(s), apps, and other applications.

Every time a user accesses our Platform, the internet browser used on your device (computer, laptop, tablet, smartphone, etc.) automatically sends information to the server of our Platform. This information is temporarily stored in a so-called logfile (log file) on the server side.

As a company, we also process the data that you provide to us or transmit to us through other means, such as mail, email, telephone, within the framework of a business transaction, or through personal contact. Our data processing includes activities such as collection, storage, transmission, deletion, and any other processing of your data. Only data that is necessary and proportionate for the intended purpose is processed. We process your data for the purposes that we have specified or that you have requested. Data processing for purposes other than those intended will only occur after informing you and to the extent that such a change of purpose is lawful.

The following data will be collected without your intervention and stored until automated deletion:

  • if necessary, IP address of the requesting computer, as well as device ID or individual device identifier and device type,
  • name of the retrieved file and amount of data transferred, as well as date and time of retrieval,
  • requesting domain (origin of your request, from which you came to our website(s)),
  • description of the type of internet browser used and, if applicable, the operating system of your terminal and the name of your access provider,
  • location information, including location data from your mobile device. Please note that on most mobile devices, you can control or disable the use of location services in the mobile device's settings menu.

Our legitimate interest in accordance Art. 6 para. 1 sentence 1 lit. f GDPR for the collection of data is based on the following purposes:

  • ensuring a smooth connection setup and comfortable use of the website,
  • evaluation of system security and stability as well
  • for further administrative purposes.
  • in no case we use the collected data for the purpose of drawing conclusions about you.

When concluding any contractual relationship of any kind on our website, we ask you for the following personal data:

Data that personally identifies you, such as your natural name and e-mail address

other personal data which we are legally obliged or authorized to collect and process and which we need for your authentication, identification or verification of the data we collect.

The mentioned data will be processed to process the contractual relationship. The processing of data is based on Art. 6 para. 1 lit. b GDPR. The retention period is limited to the purpose of the contract and, if available, statutory and contractual retention requirements.

2. Transfer of personal data

A transfer of your data to third parties for purposes other than those listed below does not take place. We only pass on your data to third parties if:

  • You have given your express consent to this (Art. 6 (1) (1) (a) GDPR),
  • this is necessary for the settlement of contractual relationships with you (Art. 6 (1) (b) GDPR),
  • there is a legal obligation to pass it on (Art. 6 (1) (c) GDPR),
  • disclosure is required for asserting, exercising or defending legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data (Article 6 (1) (1) (f) GDPR).

In these cases, however, the amount of data transmitted is limited to the minimum required. Our privacy policy is consistent with applicable data protection laws and the data is processed only in the European Union. A transfer to third countries does not take place and is not intended.

3. Purpose of Data Processing and Legal Grounds

We use the personal data we collect primarily to enter into and perform our agreements with our users, so in particular in the context of the following activity:

We provide a Platform (“the Platform”) which enables individuals working for all type of companies to capture photographs on construction sites. These photographs are automatically archived in the cloud, organized by construction sites, using the location of the phone that takes the photo.

Our data processing includes, for example, the collection, storage, transmission, deletion, and any other processing of your data for the purpose of providing each user with photographs of the progress of construction sites.

We also process your and other person's data, to the extent permitted and as we deem appropriate, for the following purposes, in which we (and sometimes also third parties) have a legitimate interest:

  • offering and further developing our products, services and websites, apps, and other platforms on which we are present;
  • testing and optimizing procedures for analyzing needs to address customers directly, as well as collecting personal data from publicly available sources for customer acquisition;
  • advertising and marketing, unless you have objected to the use of your data (if we send you advertisements as an existing customer of ours, you can object to this at any time; we will then place you on a blocking list against further advertising mailings);
  • assertion of legal claims and defense in connection with legal disputes and official proceedings;
  • prevention and investigation of criminal offenses and other misconduct (for example, conducting internal investigations, data analysis to combat fraud);
  • ensuring that our operations, in particular IT, our websites, apps, and other platforms, are running properly.

4. Affected rights

On request, we will be pleased to inform you whether and which clearly personal data about you are stored (Article 15 GDPR), in particular the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed or will , the planned storage period, the right of rectification, deletion, limitation of processing or opposition, the existence of a right of appeal, the origin of their data, if they were not collected from us, as well as the existence of automated decision-making including profiling.

You also have the right to correct any incorrectly collected personal data or to complete incomplete data collected (Art. 16 GDPR). Furthermore, you have the right to demand that we restrict the processing of your data, provided that the legal conditions for doing so are met (Art. 18 GDPR). You have the right to receive the personal data relating to you in a structured, common and machine-readable format or to request the transfer to another person responsible (Art. 20 GDPR). In addition, you are entitled to the so-called “right to be forgotten”. You can request the deletion of your personal data from us, provided that the legal prerequisites exist (Art. 17 GDPR). Regardless of this, your personal data will be automatically deleted by us if the purpose of the data collection has been omitted or the data processing has been unlawful.

In accordance with article 7 (3) GDPR, you have the right to revoke your once given consent to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future.

You also have the right to object to the processing of your personal data at any time, provided that a right of objection is provided for by law. In the case of an effective revocation, your personal data will also be automatically deleted by us (Article 21 GDPR). If you would like to exercise your right of revocation or objection, it is sufficient to send an e-mail to the e-mail address listed at the end of this privacy policy. In case of violations of the data protection regulations you have according to Art. 77 GDPR the possibility to file a complaint with a supervisory authority.

5. Cookies / Tracking and Other Techniques Regarding the Use of Our Platform

We typically use “cookies” and similar techniques on our Platform, which allow for the identification of your browser or device.

A cookie is a small text file that is sent to your computer and automatically saved by the web browser on your computer or mobile device when you visit our website(s) or install our app. If you revisit our website or use our app, we may recognize you, even if we do not know your identity. Besides cookies that are only used during a session and deleted after you visit the website (“session cookies”), we may use cookies to save user configurations and other information for a certain period (for example, two years) (“permanent cookies”). Notwithstanding the foregoing, you may configure your browser settings in a way that rejects cookies, only saves them for one session, or deletes them prematurely. Most browsers are preset to accept cookies. We use permanent cookies to save user configuration (for example, language, automated log-in), to understand how you use our services and content, and to show you customized offers and advertisements (which may also happen on websites of other companies; should your identity be known to us, such companies will not learn your identity from us; they will only know that the same user is visiting their website has previously visited a certain website). Certain cookies are sent to you from us, others from business partners with whom we collaborate. If you block cookies, certain functions (for example, language settings, shopping basket, and ordering processes) may be no longer available to you.

6. Duration of the Retention of Personal Data

We process and retain your data for as long as it is necessary for the fulfillment of our contractual and legal obligations or otherwise the purposes pursued with the processing, i.e., for example, for the duration of the entire business relationship (from the initiation, processing to the termination of an agreement) and beyond that under the statutory retention and documentation obligations. In this context, we may retain personal data for the period during which claims may be asserted against our company and to the extent that we are otherwise required to do so by law or legitimate business interests so require (for example, for evidence and documentation purposes). As soon as your data is no longer required for the above-mentioned purposes, it will be deleted or anonymized as a matter of principle and to the extent possible. For operational data (for example, system records, and logs), shorter retention periods of twelve months or less generally apply.

We use cookies to statistically record and evaluate the use of our website and to optimize our offer for you. These cookies allow us to automatically recognize when you visit our website again that you have already been with us. These cookies are automatically deleted after a defined time. The data processed by cookies are for the purposes mentioned in order to safeguard our legitimate interests as well as third parties according to Art. 6 para. 1 sentence 1 lit. f GDPR required. Most browsers accept cookies automatically. If you do not want us to recognize information about your computer, please set your Internet browser to delete cookies from your computer hard drive, block all cookies, or warn you before a cookie is stored. You can find out how to delete or block cookies in the Help and Support section of your Internet browser. There you will find instructions for searching the file or directory where cookies are stored. Please note in any case that the complete deactivation of cookies may mean that you cannot use all functions of our website.

7. Data Security

We take appropriate technical and organizational security measures to protect your data from unauthorized access and misuse.

We already take the protection of personal data into account during the design or choice of hardware, software, or processes using appropriate technical and organizational measures. Furthermore, we ensure data protection-friendly default settings.

8. Obligation to Provide Personal Data

In the course of our business relationship, you must provide those personal data that are necessary for the start and performance of a business relationship and the fulfillment of the associated contractual obligations (you generally do not have a statutory obligation to provide us with data). Without this data, we will generally not be able to enter into or perform an agreement with you (or the entity or person you represent). Also, our websites cannot be used if certain traffic-securing information (such as IP address) is not disclosed.

9. Your Rights

Following and as far as provided by applicable law (as is the case where the GDPR is applicable), you have the following rights:

  • the right to request information from us as to whether and what data we process about you;
  • the right to have us correct data if it is inaccurate;
  • the right to request that we delete data;
  • the right to request that we provide certain personal data in a commonly used electronic format or transfer it to another controller;
  • the right to withdraw consent, insofar as our processing is based on your consent;
  • the right to obtain, on request, further information necessary for the exercise of these rights.

Please note, however, that we reserve the right to assert the restrictions provided for by law on our part, for example, if we are required to retain or process certain data, have an overriding interest in doing so (to the extent that we are entitled to rely on this) or if we need it for the assertion of claims. If you incur costs, we will inform you in advance. We have already informed you about the possibility of withdrawing your consent in Section 3. Please note that exercising these rights may conflict with contractual arrangements and may have consequences such as early termination of the agreement or costs. We will inform you in advance if this is not already specified in the agreement.

The exercise of such rights usually requires that you prove your identity (for example, using a copy of your identity card, where your identity is otherwise not clear or cannot be verified). To exercise your rights, you may contact us at the address provided in Section 11.

Every data subject also has the right to enforce their claims in court or to file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

10. Amendments to this Privacy Policy

We may amend this Privacy Policy at any time without prior notice. The current version published on our website shall apply. If this Privacy Policy is part of an agreement with you, we will notify you by e-mail or other appropriate means in case of an amendment.

11. Controller and Data Protection Officer

BoMA Idea SA, c/o Matteo Bosco, Via Loreto 12, 6900 Lugano, is responsible for the data processing that we describe here unless otherwise specified in individual instances. If you have data privacy concerns, you can reach us by email at support@snapsite.xyz or by post to BoMA Idea SA, c/o Matteo Bosco, Via Loreto 12, 6900 Lugano.

You can also contact the Office of the Federal Data Protection and Information Commissioner FDPIC, Feldeggweg 1, CH-3003 Berne

Version effective as of 08 February 2024, Lugano