Updated: February 7th, 2025
Thank you for your interest in this Privacy Policy! At bimroom we are committed to protecting and respecting your privacy when you use our platform at www.bimroom.com and our Services.
In principle, we will only use your personal data in accordance with applicable data protection laws, in particular Switzerland's Data Protection Act (“FADP”), the General Data Protection Regulation
(“GDPR”), and only as described in this privacy policy.
What is Personal Data?
Personal data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not personal data. This includes, for example, the number of users of a website.
Responsible for data processing Responsible for data processing is:
bimform AG
Werkstrasse 25
8404 Winterthur
Switzerland
Web: www.bimroom.com and www.bimform.ch
E-Mail: info@bimform.ch
In the course of our business and platform operations, we process data. This also includes disclosure by transmission to third parties and, where applicable, to so-called third countries outside Switzerland and the EEA. Where we transfer data outside Switzerland or EEA, we have highlighted this accordingly below.
All personal data that we obtain from you via the platform will be processed for the purposes described in more detail below. This is done within the framework of the respective legal regulations mentioned above or with your consent. In particular, only when data processing is permitted and if:
● you have given your consent,
● the data is necessary for the fulfilment of a contract / pre-contractual measures,
● the data is necessary for the fulfilment of a legal obligation or
● the data is necessary to protect the legitimate interests of our company, provided that your interests are not overridden.
Binroom processes and stores your personal data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.
To provide our platform, we use the services of Azure (Microsoft) who process the below-mentioned data and all data to be processed in connection with the operation of our platform on our behalf. The legal basis for the data processing is our legitimate interest in providing our platform.
We also collect data on every access to our platform. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident is finally clarified. The legal basis for the data processing is our legitimate interest in providing an appealing platform.
We use so-called cookies on our web site. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy. The legal basis for the use of cookies is your consent as well as our legitimate interest.
We also use the Content Management System (CMS) of Azure to publish and maintain the created and edited Content and texts on our platform and to provide the forms used. This means that all content and texts submitted to us by users for publication is transferred to Azure. In addition to texts, this also includes, for example your data in our forms. This service transmits data to the USA. The legal basis for this processing is our legitimate interest.
We also use the content delivery network (CDN) of Azure. A content delivery network (CDN) refers to a geographically distributed group of servers which work together to provide fast delivery of Internet content and to protect from common malicious attacks, such as Distributed Denial of Service (DDOS) attacks. This represents a legitimate interest.
For our web development services we use Wix of the Israeli company Wix.com Ltd,. The data may be stored on different servers that are distributed around the world. Wix always stores data until it is no longer required for the service provided. We have not yet been able to find out more details about the duration of data storage. The legal basis for the data processing is our legitimate interest.
On our platform we use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses "cookies", which are text files placed on your computer, to help the platform analyze how users use the site. The information generated by the cookie about the use of this platform by the users is usually send to a Google server in the USA. The legal basis for the data processing is your consent. For further information, please refer to our Cookie Policy.
We use Application Insights, a web analytics service provided by Microsoft on the basis of our legitimate interests. Application Insights places a cookie in your browser to help the platform analyze how users use the site. The information generated by the cookie about your use of our platform will be transmitted to and stored by Microsoft on servers in the United States. For further information, please refer to our Cookie Policy.
When you contact us through our platform or use our services, some data is collected and processed by us or on our behalf by our selected third-party providers.
If you contact us, we process the following data from you for the purpose of processing and handling your request: first name, last name, e-mail address, and, if applicable, other information if you have provided it, and your message. The legal basis for the data processing is our obligation to fulfill the contract and/or to fulfill our pre-contractual obligations and/or our overriding legitimate interest in processing your request.
For optimal customer support, we use first name, last name, e-mail address, and the data related to your contract with us. Your data may be stored on our platform and or our customer relationship management system ("CRM system") provided by Azure. This data processing is based on our legitimate interest in providing our customer service.
We process your first name, last name, e-mail address, and the data related to your contract with us data to handle the contractual relationship between you and us. The legal basis for the data processing is the fulfillment of our contractual obligations and, in individual cases, the fulfillment of our legal obligations.
Users can create a user account. As part of the registration process, doing so users provide Username, Name, E-mail, Occupation, Country, Company (optional) during the registration process. The data provided will be used for the purposes of using the account and providing and/or purchasing the offerings. Users may be informed by e-mail about information relevant to the offer or registration, such as changes to the scope of the offer or technical circumstances. If users have terminated their user account, their data with regard to the user account will be deleted, subject to their retention is necessary for commercial or tax reasons. It is the responsibility of the users to save their data in the event of termination before the end of the contract.
In the context of the use of our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user's protection against misuse and other unauthorized use.
We process the data of our clients and registered users, in order to be able to provide our contractual services as well as to ensure the security of our services and to be able to develop it further. The required information is identified as such in the context of the download, order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information.
Unless otherwise specified the purposes of processing are contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioral marketing, profiling.
The legal basis for the data processing is the fulfillment of our contractual obligations and, in individual cases, the fulfillment of our legal obligations as well as your Consent.
To make a purchase, you may need to provide a valid payment method (e.g., credit or debit card). Your payment information will be collected and processed by our authorised payment vendor Stripe. We do not directly collect or store credit or debit card numbers ourselves in the ordinary course of processing transactions. Accordingly, the data is processed on the basis of our contractual relationship.
If you register for our newsletter, we will regularly send you information about our offers. The only data required or sending the newsletter is your e-mail address and your full name is optional. We use the so-called double opt-in procedure for sending the newsletter. This means that we will only send you an e-mail newsletter once you have expressly confirmed that you consent to receiving newsletters. By activating the confirmation link, you give us your consent.
You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the responsible person named at the beginning. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list immediately. The newsletter is sent via the France based company SendinBlue,
We only store personal data for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 10 years, irrespective of the processing purposes.
We will not disclose or otherwise distribute your personal data to third parties unless this:
● is necessary for the performance of our services,
● you have consented to the disclosure,
● or the disclosure of data is permitted by relevant legal provisions.
However, we are entitled to outsource the processing of your personal data in whole or in part to external service providers acting as processors within the framework of the FADP and GDPR. External service providers support us, for example, in the technical operation and support of the platform, data management, the provision and performance of services, marketing, as well as the implementation and fulfilment of reporting obligations.
The service providers commissioned by us however will process your data exclusively in accordance with our instructions and we remain in accordance with the FADP and GDPR responsible for the protection of your data. Doing so we always make sure that service providers commissioned by us are carefully selected, follow strict contractual regulations, technical and organizational measures, and additional controls by us.
We may also disclose Personal Data to third parties if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfil our legitimate interests.
Automated decision-making
Automated decision-making including profiling does not take place at Binroom.
Insofar as you have also given us your separate consent to process your data for consulting, marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.
These rights are standardized in the FADP and GDPR. These include:
● the right to information,
● the right to rectification,
● the right to erasure,
● the right to restriction of data processing,
● the right to data portability,
● the right to object to data processing,
● the right to revoke any consent you have given, and
● the right to lodge a complaint with the competent supervisory authority.
Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject.
We encourage you to contact us if you have any information requests, requests for information or objections about data processing or concerns. However, you also have the right to file a complaint with your local supervisory authority. However, we would appreciate it if you would contact us with your concern before turning to a supervisory authority.
State-of-the-art internet technologies are used to ensure the security of your data. During the online enquiry process, your details are secured with SSL encryption. For secure storage of your data, the systems are protected by firewalls that prevent unauthorized access from outside. In addition, technical and organizational security measures are used to protect the personal data you have provided against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons.
If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.
Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.
Our services are aimed at people aged 18 and over. We will not knowingly collect, use or disclose personal information from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact.
We maintain online presences within social networks and platforms (Instagram, Facebook, Twitter and LinkedIn) in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g., write posts on our online presences or send us messages.
We kindly ask you to regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the information processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.
If you have any concerns about a possible compromise of your privacy or misuse of your personal information on our part, or any other questions or comments, you can contact us.
Who should I contact for more information?
If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us.
This Privacy Policy was last updated on Thursday, 06th of July 2022