Icon-icon-clyde-white-rgb X-twitter

Privacy Policy

Contents

1. About us

This privacy policy (“Privacy Policy“) explains how Token Flow Insights SA, Esplanade de Pont-Rouge 9A, 1212 Grand-Lancy, Lancy, Switzerland (“TFI“) processes and protects your personal data when you use a website operated by TFI (as listed below) and TFI’s products and services provided via a TFI website, or any other page or subdomain operated by TFI, as well as any other site, marketplace or application that may be used to access TFI’s products or services (together, “Websites“). TFI is the controller for the data processing described below.

Websites operated by TFI are the following, including any subdomains or subpages:

Unless otherwise defined in this Privacy Policy or in our Terms of Service, the definitions used in this Privacy Policy have the same meaning as in the Swiss Federal Act on Data Protection or the EU General Data Protection Regulation.

For the EU, we have appointed an EU representative in accordance with Article 27 of the GDPR. If you are visiting us from one of EU member state countries or UK, you can also contact Prighter, our representative: 

  • Electronically via the compliance landing page on Prighter’s website
  • by mail to: 
    • Schellinggasse 3/10, 1010 Vienna, Austria (for EU visitors); or 
    • 20 Mortlake Mortlake High Street, London, SW14 8JN, UNITED KINGDOM (for UK visitors)

The websites operated by TFI may use cookies to collect information to improve their functioning or TFI’s Services. For more information regarding TFI’s use of cookies, please consult our Cookie Policy.

2. Personal data we collect

We may collect or receive personal information for a number of purposes connected with our business operations when you use our Websites or our Services. This may include the following:

  • Personal details (incl. username)
  • Contact details
  • Login details
  • User information and usage data
  • Customer Generated Content
  • Payment details
  • Recruitment details
  • Client requests

3. How we collects personal data

We collect information about our users when they use our Website or our services, including taking certain actions within it:

Directly

  • When you access, use, or otherwise interact with the Services.
  • When you correspond with TFI by electronic means.
  • When you sign up to receive TFI’s newsletter and other marketing materials.
  • When you create an account or otherwise submit your data to TFI.

Indirectly

  • From public sources, such as public directories.
  • From third parties which make our Services available, such as marketplaces and other Distribution channels.
  • From third parties, such as social media plugins and analytics, third-party cookies.

4. Legal basis and Purposes

The legal basis for collecting and using the personal data described in this Privacy Policy depends on the personal data TFI collects and the specific purposes for which the data was collected.

Contract. To perform TFI’s contractual obligations or take steps linked to a contract with you. In particular:

  • To provide the Services and manage your account.
  • To recruit.

Consent. TFI may rely on your freely given consent at the time you provided your personal data. In particular:

  • To provide you with news, special offers, newsletters, and general information about goods and services that TFI offers.
  • To promote TFI’s services.
  • To place cookies and similar tools on your browser.

Legitimate interests. TFI may rely on legitimate and/or vital interests based on TFI’s evaluation that the processing is fair and reasonable. In particular:

  • To maintain and improve our Websites and services.
  • To develop new services.

Public interest. To meet regulatory and public interest obligations. In particular:

  • To comply with applicable regulations and legislation.
  • For the legal enforcement of claims and rights.

5. Newsletter

We may send newsletters and other notifications by email and through other communication channels. We may have newsletters and other notifications sent by third parties or send them with the help of third parties.

In principle, you must expressly consent to the use of your e-mail address and other contact addresses, unless the use is permitted for other legal reasons. We use “double opt-in” for any consent in the case of e-mails, i.e. you will receive an e-mail with a web link that you must click to confirm, so that no misuse by unauthorized third parties can take place. We may log such consents including Internet Protocol (IP) address, date and time.

Newsletters and other notifications may contain web links or tracking pixels that record whether an individual newsletter or notification has been opened and which web links were clicked (performance measurement). Such web links and tracking pixels record the use of newsletters and other notifications. We need this statistical recording of usage, including success and reach measurement, in order to be able to offer newsletters and other notifications effectively and in a user-friendly manner, as well as permanently, securely and reliably, based on the reading habits of the recipients.

You can unsubscribe from newsletters and other notifications at any time and thereby object in particular to the aforementioned collection of usage. You can do so by contacting us directly or following the link included in the footer of each newsletter we send you.

6. Data retention

TFI retains personal data for so long as it is needed for the purposes for which it was collected or in line with legal and regulatory requirements or contractual arrangements.

7. Service providers

TFI may employ third-party companies and individuals (“Service Providers“) to facilitate the operation of the Services, assist TFI in analyzing how the Services are used, or perform related services, such as payment, and delivery of IT infrastructure services. These third parties have access to your personal data only and insofar as necessary to perform these tasks on our behalf.

Type(s) of service providers who might access your personal data:

  • Accounting, audit and insurance firms
  • Banks and financial services providers
  • Billing and payment service providers
  • Marketing, social media, questionnaire and mailing providers
  • Candidate management and job recruitment firms
  • Functional services providers, such as e-mail and cloud service providers and cloud databases
  • Signing and documentation tools
  • Monitoring, analytics, and tracking tools
  • Authentication and sign-in tools

8. Data transfers

The Company and/or the Service Providers may transfer your personal data to and process it in the following countries:

  • EU/EEA
  • UK
  • USA

We may use service providers who are partly located in so-called third countries (outside the European Union or the European Economic Area or Switzerland) or process personal data there, i.e. countries whose level of data protection does not correspond to that of the EU or Switzerland.

Such safeguards may include:

  • the transfer to countries that have been deemed to provide an adequate level of protection according to lists of countries published by the Federal Data Protection and Information Commissioner, as well as to countries where there is an adequacy decisions by the European Commission in place
  • applying standard data protection model clauses, binding corporate rules or other standard contractual obligations that provide appropriate data protection.

9. Data disclosure

TFI may disclose your personal data in the good faith belief that such action is necessary:
  • To comply with a legal obligation (i.e., if required by law or in response to valid requests by public authorities, such as a court or government agency);
  • To protect the security of the Services and defend our rights or property;
  • To prevent or investigate possible wrongdoing in connection with TFI;
  • To defend TFI against legal liability.

10. Data security

TFI takes reasonable technical and organizational security measures deemed appropriate to protect your stored data against manipulation, loss, or unauthorized third-party access. TFI’s security measures are continually adapted to technological developments.

TFI also takes internal data privacy very seriously. TFI’s employees and the Service Providers are required to maintain secrecy and comply with applicable data protection legislation. In addition, they are granted access to personal data only insofar as this is necessary for them to carry out their respective tasks or mandate.

The security of your personal data is important to TFI but remember that no method of transmission over the Internet or electronic storage is 100% secure. While TFI strives to use commercially acceptable means to protect your personal data, it cannot guarantee its absolute security. TFI recommends using antivirus software, a firewall, and other similar software to safeguard your system.

11. Your rights

You have the below data protection rights. To exercise these rights, you may contact the below address or send an e-mail to: privacy@tokenflow.live. Please note that we may ask you to verify your identity before responding to such requests.
  • Right of access: You have a right to request a copy of your personal data, which TFI will provide to you in an electronic form.
  • Right to amendment: You have the right to ask TFI to correct records if you believe they contain incorrect or incomplete information about you.
  • Right to withdraw consent: If you have provided your consent to the processing of your personal data, you have the right to withdraw your consent. This includes cases where you wish to opt-out from marketing communications. Once TFI has received notification that you have withdrawn your consent, TFI will no longer process your information for the purpose(s) to which you initially consented unless there is another legal basis for processing. To stop receiving emails from TFI, please click on the ‘unsubscribe’ link in the email you received or contact TFI at privacy@tokenflow.live.
  • Right to erasure: You have the right to request that TFI deletes your personal data when it is no longer necessary for the purposes for which it was collected or when it was unlawfully processed.
  • Right to restriction of processing: You have the right to request the restriction of processing of your personal data where you believe it to be inaccurate, unlawful, or where TFI no longer needs to process it for the initial purpose, but where TFI is not able to delete it due to a legal obligation or because you do not want us to delete it.
  • Right to portability: You have the right to request that TFI transmits your personal data to another data controller in a standard format such as Excel, where this is data which you have provided to TFI and where TFI is processing it on the legal basis of your consent or to perform contractual obligations.
  • Right to object to processing: Where the legal basis for processing of your personal data is TFI’s legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. TFI will abide by your request unless it has a compelling legal basis for the processing which overrides your interests or if TFI needs to continue to process the personal data for the exercise or defence of a legal claim.
  • Right to lodge a complaint with a supervisory authority: You have the right to appeal to a data protection supervisory authority if you believe that the processing of your personal data violates data protection law. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch/edoeb/en/home.html). In Austria, the seat of our EU representative, the competent data protection authority is the competent data protection authority is the Österreichische Datenschutzbehörde (http://www.dsb.gv.at). You can exercise this right, for example, before a supervisory authority in the Member State of your residence, your place of work or the place of the alleged infringement.

12. Links to third-party apps and sites

TFI’s Services may contain links to websites or apps not operated by TFI. If you click a third-party link, you will be directed to that third party’s site or app. TFI has no control over and assumes no responsibility for the content, security, cookies, privacy policies or practices of any third-party sites or services. We maintain online presences on social networks to, among other things, communicate with customers and prospective customers and to provide information about our products and services. If you have an account on the same network, it is possible that your information and media made available there may be seen by us, for example, when we access your profile. In addition, the social network may allow us to contact you. The content communication via the social network and the processing of the content data is thereby subject to the responsibility of the social network. As soon as we transfer personal data into our own system, we are responsible for this independently. This is then done in order to carry out pre-contractual measures and to fulfil a contract. For the legal basis of the data processing carried out by the social networks under their own responsibility, please refer to their data protection declarations. Below is a list of social networks on which we operate an online presence:

13. Google meet

We use Google Meet to conduct online meetings. Google Meet is a software which is offered to persons from Switzerland and the European Economic Area by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland. The legal basis for the processing of data to conduct meetings via Google Meet is our legitimate interest in the effective and simple conduct of online meetings, discussion rounds and presentations. Also, we conduct this data processing on a contractual basis insofar as the meetings are held within the framework of existing contractual relationships with you. We are not responsible for any further data processing on the Google Meet product website, where the desktop software can be downloaded and the web app can be used.

During a meeting, the data processed includes participants’ identification (e.g. name, display name, picture, email address, phone number, voice, image, user ID and other information provided by the user), preferences and settings (e.g. audio and video settings, screen sharing settings), device information (e.g. information about speakers, microphone, camera, OS version, hard disk ID, PC name, MAC address, IP address), content generated in Google Meet Meetings (e.g. audio, video, in-meeting messages as well as related context, such as invitation details and meeting name) and participants’ interaction with Google Meet (e.g. time when participant join/leaves the meeting, as well as the duration of their stay in the call).

You can deactivate the transmission via microphone and camera at any time via the corresponding settings. We only record meetings or log text data with your consent and prior notification.

For more information, please see Google’s privacy policy.

14. Changes to this Privacy Policy

TFI may update the Privacy Policy from time to time. TFI, therefore, encourages you to review this Privacy Policy periodically for any changes. 

Changes to this Privacy Policy are effective when they are posted on this page.

15. Contact

If you have any questions about this Privacy Policy, do not hesitate to get in touch with us at:

Token Flow Insights SA
Esplanade de Pont-Rouge 9A
1212 Grand-Lancy, Lancy
Switzerland
privacy@tokenflow.live

Token Flow Insights SA, Esplanade de Pont-Rouge 9A, 1212 Grand-Lancy
Version 4.0, December 2025