Privacy Declaration

This Privacy Policy applies to Ergon Informatik AG. Should any contradictions arise between this Privacy Policy and any other contractual or business terms and conditions applicable to Ergon Informatik AG, the provisions of this Privacy Policy shall take precedence.

Data protection is a matter of trust and your trust is important to us. We respect your identity and your privacy. Equally, we wish to ensure that your personal data is protected and that your personal data are processed in compliance with the law.

In this Privacy Policy we inform you in detail about our data processing methods, and you decide whether you consent to the processing of your personal data.

This Privacy Policy covers both historical and future personal data. If you consent to the processing of your personal data we will process not only any personal data which we collect from you in the future in accordance with this Privacy Policy, but also any of your personal data which we have already saved.

When we refer to the processing of your personal data in this Privacy Policy, this means the collection, storage, administration, use, transmission, publication or erasure of your personal data.

We collect personal data in order to offer better services to our customers. What this entails:

  • Aligning our products and services to your needs.
  • Personalising communication so that you find products and services that meet your wishes and contain less advertising overall. This may include invitations to events, information on specialist subjects such as white papers, e-books and the like.
  • Simplification of processes so that you get where you want to go quicker.

1. How do we protect your personal data?

We have technical and organisational security processes in place to ensure the safety of your personal data, and to protect your session data and personal data against unauthorised or unlawful processing and/or accidental loss, alteration, publication or access. You should however be aware at all times that the transmission of information via the internet and other electronic means entails certain security risks, and that we cannot offer any guarantee for the security of information that is transmitted in this way.

2. For how long do we keep data?

We keep your personal data for as long as required or we deem appropriate under law, or for as long as necessary to fulfil the purposes for which they were collected. We erase your personal data when they are no longer required and, in any event, after the maximum statutory retention period has elapsed.

3. What rights do you have with regard to your personal data?

You are entitled to exercise your data protection rights at all times, to receive information about your stored personal data, to rectify and amend your personal data, to withdraw your consent to the processing of your personal data, and to demand the erasure of your personal data. Details of how to contact us are shown in Section 4. We reserve the right to correspond with you by electronic means (most notably by e-mail) in this regard.

4. How can you contact us?

If you wish to exercise your rights with regard to your personal data, or if you have any questions or concerns about the processing of your personal data, you can contact us as follows: We will endeavour to answer any questions or concerns you raise with us as quickly as possible.

5. Who is the owner of the data?

The owner of the personal data is Ergon Informatik AG.

6. When do we collect personal data?

We collect your personal data under the following circumstances:

  • if you buy our products or services
  • if you take part in our courses, seminars or training sessions
  • if you make use of our Customer Service
  • if you subscribe to a newsletter or other advertising about our products and services
  • if you take part in one of our satisfaction surveys
  • if you use or communicate with us or third parties via our webpages and/or social networks
  • if you communicate with us by telephone or e-mail
  • if you enter into contact with us at trade events. As a sponsor or partner of events or webinars, e-books and the like, we also receive your data from the respective event host or organiser and process the data ourselves. In this instance, agreements with the host or organiser apply.

7. What personal data do we collect?

7.1 Personal data

7.1.1 minimal

  • Name and surname
  • Title
  • Company address
  • Language preferences
  • E-mail address(es)

7.1.2 optional

  • Date of birth
  • Position and academic title
  • Home address
  • Telephone number(s)
  • Information about newsletters or other advertising to which you subscribe
  • Consent to invitations from Ergon: yes/no
  • Consent to news from Ergon: yes/no
  • Consent to news from Airlock: yes/no
  • Online customer account information such as from the Techzone (including opening date, user name, profile photos) or from tools provided by Ergon Informatik AG
  • Photos and video recordings of Ergon events

7.2 Customer activity data

  • Contract data (including contract date, contract type, contract content; contractual partner; contract term; contract value; claims asserted out of the contract)
  • Customer service information (complaints, support)
  • Session information with regard to visits made to our web pages and/or social networks (including duration and frequency of visits, language and country presets, information about your browser and computer operating system, internet protocol addresses, search terms and search results; reviews provided)
  • Communications by telephone or e-mail

8. For what purposes do we process personal data?

We process your personal data either in its entirety or in part for one or more of the following purposes:

8.1 Offering our products and services

  • to provide and sell our products and services
  • to handle orders and perform contracts
  • to organise and conduct training
  • to organise and provide customer services
  • to organise and conduct satisfaction surveys

8.2 Customer communication

  • to provide, administer and effect customer communication by post and for communication by electronic means
  • for business communication by post, telephone or e-mail

8.3 Special activities and occasions

  • to organise and stage functions and trade events

8.4 Analysing customer behaviour

  • to analyse and statistically evaluate past and current customer activity with regard to the use of services on our web pages or online platforms and/or social networks or the receipt of a newsletter

8.5 Customised and personalised direct marketing

  • to avoid unnecessary advertising based on findings from the analysis of customer behaviour in relation to direct marketing
  • to send advertising by post, telephone or e-mail
  • to adjust our offers and advertising on our web pages or on our channels on internet platforms and/or social networks

8.6 Enabling subscription to a free e-mail newsletter

  • With your consent we use your e-mail address to send you our newsletter. By consenting to receive the e-mail newsletter you also agree that Ergon Informatik AG may from time to time use your e-mail address to send you further information such as event invitations or details of new products.
  • You may withdraw your consent to the commercial use of your e-mail address at any time. Should you wish to do so, a link to unsubscribe from the newsletter is contained in the footer of every e-mail.

8.7 Data protection for registered members on our portals and in our forums

So that you can participate in Ergon Informatik AG’s Techzone portal and the associated forums, we store personal data as shown in Section 7. This allows us to carry out authentication, assign content to users, and to send you news about Airlock. Your data are not shared with other users or third parties. We only use your data within the scope of the relevant data protection provisions (Federal Data Protection Act, the Telemedia Services Act and/or the EU General Data Protection Regulation).

9. With whom do we share your personal data?

Within Ergon Informatik AG, employees have access to your personal data.

We may also share your data with third parties outside Ergon Informatik AG in order to avail of technical or organisational services that we require to fulfil the specified purposes or pursue our business activity. Our service providers are contractually obliged to process the personal data exclusively on our behalf and in accordance with our instructions. We also require our service providers to take technical and organisational measures to ensure the protection of personal data. If the service providers are based in countries where the applicable laws do not offer a similar protection of personal data as under Swiss law, we will ensure by contractual means that the respective service providers comply with the statutory requirements as set out in Section 8.7.

We may also share your personal data if we deem it necessary to comply with applicable laws and regulations, in the event of court proceedings, at the request of the competent courts of law and authorities or to meet any other legal obligations, in order to protect and defend our rights and/or our property.

10. Cookies

Our web pages use what are known as “cookies”. Cookies are small files that are stored on your computer or mobile device when you visit one of our web pages. We would also like to inform you in detail about our use of cookies.

10.1 What do we use cookies for?

The cookies we use firstly serve to guarantee the functions of our web pages. We moreover use cookies to adapt our online services to your customer wishes and to give you the most comfortable browsing experience possible. We also use cookies to optimise our advertising. By using cookies, we can present you with advertising and/or special products and services that, based on your usage of our web pages, may be of particular interest to you. Our aim here is to make our internet services as attractive to you as possible, and to present you with advertising that corresponds with your areas of interest.

10.2 What cookies do we use?

Most of the cookies we use are automatically deleted from your computer or mobile device once you end a browser session (“session cookies”). We use session cookies, for instance, to store your country and language preferences across various pages visited during a single session.

We also use temporary and/or permanent cookies. These cookies remain on your computer or mobile device after you have ended a session. When you visit one of our web pages at some later date, the input and settings you prefer are automatically recognised. Depending on the type of cookie, these temporary and/or permanent cookies are stored on your computer or mobile device for a period of between one month and ten years, and will be automatically deactivated once the programmed period has elapsed. Their purpose is to make our web pages more user-friendly, faster and more secure.

10.3 What data is stored in the cookies?

The cookies we use do not store any personal data. This means that the cookies we use cannot be associated with a specific individual. When a cookie is activated, it is allocated an identification number.

10.4 How can you prevent the storage of cookies?

Most web browsers automatically accept cookies. You can however set your browser so that no cookies are accepted, or so that you are asked before a cookie from a web page you are visiting is accepted. You can also delete cookies from your computer or mobile device by choosing the corresponding browser function. If you decide not to accept our cookies or those of our partner companies, you will not be able to see certain information on our web pages, and you will not be able to use some functions that are designed to improve the quality of your visit.

11. Mobile Apps

If you download and use the Airlock 2FA mobile application published by Ergon Informatik via an App Store, then Futurae as a third party provider (Data Processor) on behalf of Ergon Informatik (Data Controller) processes unique installation identifiers, IP addresses, user names (such as e-mail addresses or contract numbers), transaction information for confirmation, device information (such as mobile operating system, mobile device model) and metadata of authentication and transaction confirmation events (such as timestamps of these events). 

The app also records anonymized sensor data (such as Wi-Fi and Bluetooth scan results) if the signal-based zero touch authentication method is used.

The Data Processor processes all data exclusively for the use of authentication and transaction confirmation.

If the sound-based Zero-Touch authentication function is used, the app records the audio data from the microphone of the device on which the app is running. This audio data is processed locally by the app's authentication function and is not transmitted to any other systems.

12. How do we use log files?

Every time you visit our web pages, your browser sends us technical usage data which is stored in protocol files – known as log files. They contain the following usage data: Date and time that you visited our web page; name of the web page visited; the IP address of your computer or mobile device; the address of the web page from which you came to our web page; data volume transferred; your browser name and version.

Analysis of the log files helps us to further improve our online service and make it more user-friendly; to identify and remedy errors faster; and to provide server capacity as needed.

13. How do we use web analysis tools?

So that we can continuously improve and optimise our online services, we use what are known as tracking technologies. Web analysis tools provide us with statistics and charts that give us information about how our web pages are being used. To this end, data on the use of a given web page are transmitted to the server being used for this purpose. Depending on the provider of a web analysis tool, this server may be located abroad. For the most frequently used web analysis tool, Google Analytics, these data are transmitted together with abbreviated IP addresses, which prevents the identification of individual devices. Google complies with the data protection provisions of the Swiss-U.S. Privacy Shield Framework and has registered with the US Department of Trade for the Swiss-U.S. Privacy Shield (information about the Swiss-U.S. Privacy Shield is available at

The IP address transmitted from your browser for the purposes of Google Analytics is not combined with other data from Google. Google only shares these data with third parties where required by law or for the purpose of contract data processing.

Where other web analysis tools are used within Ergon Informatik AG, the process of data collection is in principle the same.

You can prevent the collection of data generated by cookies and your website usage (incl. your IP address) by Google and the processing of these data by Google by downloading and installing the browser plug-in available by clicking on the following link: ( More information about Google Analytics and data protection is available at or

We use the Google reCaptcha service to determine whether a person or computer makes a particular entry in our contact or newsletter form. Google uses the following information to determine whether you are a human being or a computer: IP address of the terminal device used, the website that you visit on our site and on which the captcha is embedded, the date and duration of the visit, the identification data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks for which you must identify images. The legal basis for the data processing described is Art. 6 Para. 1 lit. f Basic Data Protection Regulation. There is a legitimate interest on our part in this data processing to ensure the security of our website and to protect us from automated entries (attacks).

14. How do we use social plug-ins?

Our web pages use social plug-ins such as those from Facebook, Twitter, LinkedIn, Xing or Google+. Plugins are marked with the logos of their providers. Some examples include “Like” buttons, the Google+ button or the Twitter button. The buttons are embedded in our website via the AddThis service (

When you retrieve any of our web pages that contain this kind of plug-in, your browser will create a direct link with the provider’s computers. The content of the plug-in is transmitted by the provider’s side directly to your browser, and integrated by the browser directly into the web page. By integrating the plug-in, the provider receives the information that you have visited our web page. If you are logged in with the provider at the same time, the provider can associate your visit with your profile. If you interact with the plug-ins – if, for example, you use the “Like” button or leave a comment – the corresponding information is sent directly from your browser to the provider where it is stored. Interaction is recorded by AddThis for the purposes of analysis.

If you do not want the provider to collect data about you via our web pages, you must log out of the provider’s account before your visit our website. Even when you are logged out, providers gather anonymised data via social plug-ins and will place a cookie on your device. If you log in to your provider’s account at some later date, these data can be associated with your profile.

For details about the purpose and scope of data collection and the further processing of your data by the provider, about your rights in this regard, and the settings you can use to protect your privacy, please refer to the providers’ Privacy Policies:

If you do not want the providers to collect data from you via these cookies, you can select “Block third party cookies” in your browser settings. Then, even when content from other providers is embedded, your browser will no longer send cookies to the server. You should be aware that by choosing to block cookies you may no longer be able to use other functions of our web pages.

15. No liability for third-party websites or services

In designing and operating our services, we work with various partners (within the scope of Bookmarks, for example) who in turn offer websites and online services. These may also be accessible via links on our website. Ergon Informatik AG is in no way responsible for the use of these third-party services.

The privacy policies of those third parties will then apply. As a rule, these partners have their own privacy policies and/or data protection guidelines.

We accept no responsibility or liability for those policies and guidelines that are not related to our services.

Information for you

-Our whitepaper-

IT-security solutions

Digitalisation is presenting businesses with new challenges which go far beyond information technology. This primarily relates to an aspect which is becoming increasingly important: IT security.

Read our whitepaper to find out how IT-Security will become the pioneer of degitalization.

Request free of charge

Accelerate digitisation

To stay technically viable in this digital transformation, you must increasingly switch to hybrid cloud environments. This requires new security approaches as well as coordinated identity and access management.

Find out more in our whitepaper in collaboration with Deloitte, eperi and SHE.

Request free of charge

OWASP Top 10 for API Security

OWASP has created a new Top10 list for API Security. The top 10 listed reflect a broad consensus on what the most important API security issues are at the moment.

In our whitepaper you will learn how our Airlock API addresses the OWASP Top 10.

Request free of charge