one Privacy Policy and Terms of Use for one.viseca.ch

The following Privacy Policy explains how Viseca Card Services SA (or "we") processes your personal data (or "data") as a controller. Processing means any handling of personal data, in particular the procurement, storage, use, disclosure or erasure of data. You can obtain information on data protection and data processing by phone at +41 58 958 84 00, via e-mail (privacy@viseca.ch) or in writing (Viseca Card Services SA, Data Protection, Hagenholzstrasse 56, 8050 Zurich).

Cardholders (or "holders") expressly consent to the data processing referred to in this Privacy Statement when registering. Information regarding further data processing in connection with the card relationship can be found in Viseca's Privacy Policy and Terms of Use. Please also note the global privacy statements and your enforcement rights as a third-party beneficiary of Mastercard® and Visa.

This Policy may need to be adapted for a variety of reasons, for example as a result of the further development of our products and services or the implementation of new technologies. We therefore recommend that you check this Policy regularly on our website to keep abreast of any changes. Last update of this Policy: February 2020

one Privacy Statement

Through the one.viseca.ch website or the one application (or "one app" or "App"), the surprize bonus programme or in connection with the name of an intermediary bank or business as well as corporate cards, we provide a variety of online services related to the use of the cards we issue (collectively "one digital services") under the designation "one". The provision of these services requires us to process holder data. This Privacy Statement provides holders with detailed and transparent information about data processing in relation to the use of one digital services.

2.1 Which holder data are disclosed?

When registering for one digital services, logging in and managing the user account, the holder may be asked to provide his or her e-mail address, date of birth, mobile phone number, card number and activation code.
 

2.2 Which data are collected automatically?

  • Data concerning the use of the holder's mobile devices, such as the manufacturer, device type, operating system and version number, device ID and IP address;
  • Data concerning the use of computers and browsers and for access to the Internet, such as device type, operating system and IP address;
  • Data concerning the use of the user account, such as number of logins with date and time, changes in the user account, acceptance of the Terms of Use of one digital services and the Privacy Statement;
  • Data regarding the holder's desired settings, such as storage of the username or login;
  • Data concerning visits and user behaviour on the website, as well as
  • Data generated when using the app, such as updates or device information about user behaviour, e.g. in the app or via SMS code.
 

2.3 What information is collected on one when you register and activate the services?

  • Information about the holder and his/her cards registered for one and stored in the user account;
  • The information that 3-D Secure is used for the registered cards by a confirmation in the app or by entering an SMS code;
  • Delivery address and mobile phone number.
 

2.4 What information is collected when using Mobile Payment?

  • Information on the use of Mobile Payment, such as activating or deactivating cards and using cards for Mobile Payment;
  • Information regarding the amount of the transaction;
  • Information on the use of the card, time of the transaction and type of verification;
Where a third-party Mobile Payment solution is used, the third-party provider may also collect and process personal data of the holder. Depending on the product, this includes e.g. name, card number and, where necessary, transaction data. For this purpose, the third-party provider's terms of use and privacy policy must be observed.
 

2.5 What information is collected when using 3-D Secure?

  • Information about the merchant, the transaction and its processing as well as confirmation of the transaction with 3-D Secure;
  • Information related to the devices used for the transaction and confirmation;
  • Information related to access to the Internet or mobile network, such as IP address and name of the access provider.
 

2.6 What data are collected when the map section of the merchant's location is displayed?

  • Location data of merchants established in Switzerland;
  • Location data, such as merchant name, city/town, country and industry;
  • Automated periodic Google query to specify the merchant's location;

3.1 Providing the services and processing the card agreement;

  • Enabling registration, login and use on one digital services by the holder;
  • Establishing a secure connection between one digital services and the holder's mobile device;
  • Transmitting confirmation requests, e.g. for confirmation of online payments via one digital services, by push notification or via SMS code to the holder;
  • Transmitting information about confirmations made to us;
  • Authentication of the holder when performing actions. The app or mobile device used is clearly assigned to the holder when registering on one. We can thus ensure that the confirmation was made in the registered app or with the registered mobile device;
  • Communicating with the holder and transmitting information related to the card relationship or card use, such as information about new invoices, fraud warnings or enquiries about unusual transactions via one digital services and the mobile device, etc.;
  • Receiving notifications from the holder;
  • Displaying transactions and invoices;
  • Processing the card agreement with the holder and the transactions made with the card. Please refer to Viseca's Privacy Policy and Use Terms.
 

3.2 Mobile Payment

  • For the decision on the acceptance of the Mobile Payment card;
  • To activate, deactivate and update cards for Mobile Payment;
  • In order to prevent abuse of the additional cards;
  • To communicate with any third-party provider of a Mobile Payment solution within the framework of the one GTCs and the terms and conditions of use and the privacy policy of the respective provider which shall apply in the relationship between the holder and the third-party provider.
 

3.3 Marketing

  • To connect this data with data already available to us (including data from third sources);
  • To create individual customer, consumer and preference profiles that enable us to develop and offer products and services for the holder;
  • To transmit information about existing or new products and services of Viseca, other companies of the Aduno Group and third parties (promotional material) to the holder;
  • For processing by the third-party provider in accordance with its own terms and conditions of use and privacy policy.
 

3.4 Further processing purposes

  • Calculating business-related credit and market risks;
  • Improving security when using services, e.g. by reducing the risk of fraudulent transactions or abuse of devices or means of identification, such as phishing or hacking;
  • Proving actions and defending against claims lodged against us;
  • Improving Viseca's general services and one digital services;
  • Fulfilling statutory and regulatory requirements;
  • Processing by the third-party provider for its own purposes in accordance with its own terms and conditions of use and/or privacy policy.

4.1 Disclosure to third parties or data collection by third parties

Third parties are persons or companies that process data for their own purposes. No third parties are contracted service providers of Viseca. In terms of cards to which Viseca's General Terms and Conditions and the General Terms and Conditions for Business and Corporate Cards apply, Viseca does not, subject to the following provisions, generally disclose any data – in particular, transaction data – to third parties for their own purposes unless the holder has consented to or requested or initiated such disclosure. In particular, without the separate and express consent of the holder, Viseca does not disclose to third parties any individual customer, consumer or preference profiles created by it.

In terms of cards to which the General Terms and Conditions for Payment Cards apply (debit, credit or prepaid cards or combined cards with credit and debit functions or prepaid and debit functions), Viseca delivers customer and card data, as well as cumulative turnover figures and transaction data, to the intermediary banks in accordance with Section 7.2 of these Terms and Conditions.
 

4.2 Other categories of third parties to whom data are disclosed

  • Data (including transaction data) of the additional cardholder may be disclosed to the primary cardholder;
  • Data of the holder of a business card may be disclosed to the company;
  • Persons authorised by the holder;
  • Viseca discloses customer data, card data and cumulative sales figures concerning primary, additional and business cardholders to an intermediary bank;
  • By official order or pursuant to statutory obligations, Viseca forwards data to government agencies such as law enforcement or regulatory authorities.

 

4.3 Transfer of holder data to third parties through the use of Mobile Payment

  • During the payment process, the card and transaction data necessary for processing the transaction are transferred over the servers of the card organisations. Further information concerning the processing of data during the processing of transactions can be found in Viseca's Privacy Policy and Terms of Use.
  • When using Mobile Payment through a third-party provider, the third-party provider collects and processes data in accordance with its own terms and conditions of use and privacy policy.

 

4.4 Electronic data transmission

When data are transferred electronically, data pertaining to the holder (including the additional cardholder) may be transmitted to third parties (in Switzerland and abroad) even without the assistance of Viseca.

In particular, when using the App and/or mobile devices, manufacturers of devices or software (such as Apple or Google) may receive personal data. These companies may process and disclose the data in accordance with their own terms and conditions of use or privacy policies. This may enable these third parties to infer the existence of a relationship between the holder and Viseca. SMS are subject to the applicable legislation on the surveillance of telecommunications and are stored on mobile phones. This may enable third parties to obtain the information in question.

The transmission of information between Viseca and the App and/or mobile devices of the holder (but not the transmission of SMS) is encrypted. However, this communication with the holder occurs through the public communication networks. These data are generally accessible to third parties and may be lost or intercepted by unauthorised third parties during transmission. It therefore cannot be ruled out that third parties, despite all security measures taken, can gain access to the communication with the holder when one is used. Furthermore, when data are transmitted over the Internet, they may be transmitted via third-party countries that do not necessarily offer the same level of data protection as Switzerland even if the holder is in Switzerland.

Data security also depends on the holder's involvement. The holder must therefore use the options available to him or her to protect his or her devices and data. The minimum duties of care and reporting are laid down in the section one Terms of Use. Appropriate security measures increase safety and further reduce the risks associated with the use of one.

  • Information about your personal data and how we process it, as well as a copy of the same;
  • Rectification of inaccurate or incomplete personal data;
  • Erasure of your personal data;
  • Restriction of the processing of your data;
  • Lodging a complaint against the form of the processing of your personal data with the competent authority;
  • Objection to or revocation of your consent to the processing of your personal data;
Even if you revoke your consent, we may continue to process your personal data to the extent we are legally required to do so.
We store your data for as long as this is necessary for the purpose for which they were collected. We also store personal data if we have a legitimate interest in their storage, e.g. if we need the data in order to enforce or defend against claims in order to ensure IT security or if the limitation periods expire. Finally, we store your data in order to comply with our statutory and regulatory obligations.

Terms of Use for one Digital Services and Visits to our Websites

Please read the following Terms of Use carefully. By accessing the one website and the one App (hereinafter "one digital services") of Viseca Card Services SA (hereinafter "Viseca"), you consent to these Terms of Use and approve their content. Any special agreements concerning individual services or products of Viseca shall apply in addition to these Terms of Use. However, where inconsistencies arise, the special agreements shall take precedence.

The surprize bonus program (hereinafter "surprize") is integrated into one digital services. Thus, unless otherwise expressly provided, the present Terms and Conditions of Use shall likewise apply to surprize. These Terms and Conditions of Use may be amended or updated at any time without notice. Any such changes or updates shall be published immediately. 

one digital services is intended for holders of credit and/or prepaid cards issued by Viseca (hereinafter "cardholders"). The secure area of one digital services can only be accessed after the cardholder has registered and has entered his or her personal user name and password or fingerprint. surprize is intended for holders of credit and/or prepaid cards issued by Viseca and entitling the holders to participate in surprize (hereinafter "Participants").

Unless otherwise provided, the entire content of one digital Services, such as copyrights, trademarks and other rights, is wholly and exclusively the property of Viseca. Visa, Mastercard and the names and logos of our service and distribution partners are also registered and protected trademarks owned by these third parties.

Unless otherwise stated, all surprize elements, such as copyright, trademark and other rights, are likewise wholly and exclusively the property of Viseca. These elements are freely usable for browsing purposes only. surprize is a registered trademark of Viseca and is protected as such.

No part of one digital services is designed to grant a license or right to use any image, registered mark or logo. Saving or printing individual pages and/or sections of the website is permitted, provided that neither the copyright notices nor other legally protected designations are removed. Downloading or copying the website or parts thereof does not transfer any rights over software or other elements existing on one digital services. Any reproduction in whole or in part, transmission in electronic or other form, modification, linking or use of one digital services for public or commercial purposes is prohibited without Viseca's prior written consent. All ownership rights shall remain with Viseca. Viseca reserves all rights concerning all elements on the website.

The information published on one digital services does not constitute an offer or a recommendation to make transactions, buy or sell a (financial) product or carry out other legal transactions, with the exception of the rewards and offers published in connection with surprize for Participants. The information published on one digital services is purely informative, except for the information regarding the rewards and offers mentioned above. Third-party products and services presented on one digital services may not be acquired by residents of certain countries. Viseca is merely a broker of the third-party offers contained on the website. If problems arise in contractual relationships between the holder and the third party, or if the holder suffers any loss, he or she must turn to the third party. Viseca shall not be liable for any losses arising from contractual relationships with third parties.

Although Viseca makes every effort to ensure that the information contained on one digital services is correct at the time of its publication, neither Viseca nor its contractual partners (particularly surprize Partners and/or reward suppliers) can explicitly or implicitly assure or guarantee the accuracy, reliability, currency or completeness of the information. Viseca assumes no responsibility and makes no representation that the functions on one digital services are available continuously or that the relevant server is free of viruses or other harmful components.

Viseca accepts no liability (even in the case of negligence) for any type of direct or indirect damage or losses resulting from access to one digital services, the use thereof or the impossibility to access or use the same, contact with Viseca over the Internet or e-mail, or from the linking with other websites of third parties or access to links to websites of third parties. Viseca further rejects any and all liability for manipulation of the Internet user's IT system by unauthorised parties.

If the cardholder can show that a third party has unlawfully interfered with network and/or telecommunications operators' equipment or the infrastructure used by the cardholder, Viseca will cover the charges, provided that the cardholder objects to the improper use in a timely manner, has complied with his or her duties of care as specified in these Terms of Use and with all other terms of Viseca and that he or she is not otherwise at fault.

one digital services is not intended for distribution or use by persons subject to any jurisdiction that prohibits or otherwise restricts access to one digital services or the distribution, publication, provision or use of the information contained thereon. Access is not permitted for persons subject to such restrictions, and they are requested to refrain from accessing one digital services.

Viseca makes data protection a priority. Personal data are treated with absolute confidentiality. Viseca also makes explicit reference to the following individual legal provisions:

Please note that data transmitted via an open network, such as the Internet or an e-mail service, can be viewed by anyone. Viseca cannot guarantee the confidentiality of notices or documents transmitted via such open networks. If you disclose personal data through an open network, please be aware that third parties may access this information and thus may collect and use it without your consent. Under certain circumstances, third parties may thus make inferences regarding your existing or future card agreement with Viseca. Even if the sender and recipient live in the same country, data transmission via such networks is often carried out via third countries, including countries that may not offer the same level of data protection as your country of residence.

To ensure the best possible protection of data protection on the Internet, all confidential and personal data transferred between your browser and Viseca's web server are encrypted exclusively using a worldwide standard of security for browsers (currently TLS with 2048-bit encryption). Furthermore, you are hereby expressly notified of the danger of viruses and the possibility of targeted hacking attacks. For the purpose of combating viruses, you are advised to use only current browser versions, install and regularly update your antivirus software and to refrain from opening e-mails of unknown origin or unexpected e-mail attachments.

When you visit one digital services, Viseca automatically collects IP addresses and user data. The purpose of this information is to determine the visitor's user behaviour and the duration of the visit. Whenever e-mails are sent by Viseca, information concerning the receipt of the e-mails and the user's behaviour is recorded in one digital services. This information is intended to review and improve e-mail delivery.

To estimate total visitor numbers and total data-exchange volumes, to identify pages of one digital services that are of interest to visitors, to improve the one digital services generally and to create customer profiles, cookies technology may be used. For more information, please refer to the Cookie Policy section.

Cookie Policy

We use the term "cookie" to refer to cookies and other similar technologies covered by electronic communications.

Protecting your personal data is of particular interest to us. Therefore, we process your data exclusively on the basis of applicable law. The following information is intended to inform you about the most important aspects of the processing of your personal data collected when you use our websites, social media channels, mobile app or other web applications. In addition, we make reference to security measures that serve to ensure the confidentiality of the transmitted data and to protect your privacy.

This Cookie Policy applies to all websites and mobile applications for which Viseca is responsible. It describes the purpose and use of the information collected by Viseca through the use of cookies.

Our websites may contain links to third-party websites. These websites are not subject to this Cookie Policy. We are not responsible for their content or their handling of personal data. We recommend that you read the privacy policy and the terms of use of the respective website providers.

You can avoid cookies and similar technologies at any time by adjusting the settings in your browser accordingly. Further details and information can be found in Section 4 of this Cookie Policy.

Cookies are small files that are transmitted to your end device (e.g. your computer or smartphone) and stored there when you visit a website. A cookie contains information about the origin of the website and how long the cookie will last (i.e. how long it will be stored on your device). Some cookies are deleted after the end of the browser session ("session cookies"). Other cookies remain on your device ("permanent cookies"). If you access this website again, we can record your new visit even if we do not know your identity. Cookies may also collect information about your user behaviour.
We use cookies and similar technologies for operating our websites, for statistical purposes, to improve our websites' user-friendliness and for advertising and marketing purposes. You can find a list of cookies used by us and similar third-party technologies along with details on their respective functionality in Section 10 of this Cookie Policy.
  • Technically necessary cookies are necessary for the technical operation of our websites and enable security-related functionalities.
  • Analysis and performance cookies are used to improve our websites and to place offers. For this purpose, we utilise cookies to collect data about statistics and analyses about the use of our websites. This allows us to determine the number of visitors and the impact of our websites and to optimize their content accordingly.
  • Cookies for improving user-friendliness are intended to facilitate the operation of the websites. This allows you to use the same product search based on a previous product search when you visit our websites again. Cookies can also be used to speed up your future activities and experiences on our websites. For example, they are used to save your preferences for future visits.
  • Cookies for advertising purposes may record your visit to our websites, as well as the links you click on. We use such information to tailor our websites and advertisements to your interests. We may also disclose this information for this purpose to third parties who process this information on our behalf.
The use of cookies is based on our legitimate interest in providing user-friendly and attractive websites, displaying advertising to you and ensuring compliance with the agreement.
If you opt to disallow or disable cookies, this may restrict the functionality of our website. If you do not want cookies, you can set up your browser so that it informs you about the setting of cookies and you allow this to happen only on a case-by-case basis. In addition, you can configure your web browser to automatically disable cookies. Please note that most browsers offer various ways to protect your privacy. Most web browsers automatically accept cookies but offer the option of blocking or deleting them. The instructions for managing cookies on your browser are usually found under the "Help" feature of the browser or in your mobile device's user manual. Information about this can be found on the following pages, for example:

We would like to point out that the IP data of the subscriber are stored by the website operator when you use cookies by visiting our website. It may also be possible to collect personal data such as the name and address of the website visitor.

We collect, use and process personal data that are necessary for the fulfilment of the contract or in the context of the initiation of business or for which you have given us your express consent. Once you have declared your consent, you may revoke it prospectively at any time. Personal data that have been communicated to us via our websites are stored only until the purpose has been met or for the retention period required by law.

The data will not be disclosed to third parties. Personal data will only be used for the purpose indicated on the relevant page of our website on which your data has been collected. By using state-of-the-art security software, our IT infrastructure meets international security standards. In addition, in terms of access to accounts via the Internet, we have taken additional, comprehensive security measures and technical and organisational measures to protect your personal data from loss, unauthorised access or misuse according to the current state of the art.

Regardless of the measures taken to protect your personal data, data protection and confidentiality in connection with data processing may be limited by universally accessible media. Because of the way in which the Internet is designed, it cannot be ruled out that third parties will gain access to your data when you use the Internet as a means of transmission with a computer, smartphone or other device. For further details, please refer to our one Terms of Use. Any liability for direct and indirect losses arising in connection with the use of our websites and the digital services or their contents is rejected in its entirety.

Some of the cookies we normally use are listed below. This list is not exhaustive but is intended to clarify the main reasons why we normally use cookies. When you visit one of our websites, we may use the following cookies and similar technologies. This list also includes cookies and similar technologies of third-party providers. You can always access the privacy statements of the providers via the links provided and disable cookies and similar technologies.
 
Solution & Purpose Provider Link
AL_SESS-S
Leistungscookie
ISPIN AG
Grindelstrasse 6, 8303 Bassersdorf
Switzerland
Privacy Statement
Disable
CookieConsentBulkTicket
Performance-Cookie
Cybot
Havnegade 39, 1058 Copenhagen
Denmark
Privacy Statement
Disable
CookieConsentBulkSetting
Performance-Cookie
Cybot
Havnegade 39, 1058 Copenhagen
Denmark
Privacy Statement
Disable
 
If you decide not to accept our cookies or the cookies and tools of our partner companies, you will not be able to see certain information on our websites and will not be able to use some of their features.

Social Media Plugins

Features [plugins] from third-party providers or social media platforms are integrated on the one website. These plugins enable you to share content within the social networks mentioned above. Whenever the one digital services are accessed, the buttons are disabled by default. This means that unless you specify otherwise, no data will be transferred to the relevant third-party providers. After the buttons have been activated, the plugins will automatically transfer data to the third-party providers concerned. If you are simultaneously logged into the network of the relevant third party when you visit the website, the visit to one digital services may be assigned to your network account. Viseca does not have any influence on this type of data transfer to social networks.
Please refer to the privacy statement of the relevant social network in order to ascertain the purpose and scope of data collection and the further processing and usage of data by the relevant social networks, along with the related rights and settings that can be used in order to protect your privacy:
Solution & Purpose Provider Link
Facebook Facebook Inc.
1601 S. California Ave, Palo Alto,
CA 94303, USA
Privacy Statement
Plugins
Google+ Google Inc.
1600 Amphitheatre Parkway,
Mountain View, CA 94043, USA
Privacy Statement
Twitter Twitter Inc.
795 Folsom St., Suite 600, San
Francisco, CA 94107, USA
Privacy Statement
If you want to prevent Google, Facebook or Twitter from assigning the data collected through our advertising presence to your personal profile on the respective social networks, you must log out of the corresponding social network before visiting our website. You can also completely prevent the loading the plugins with special add-ons for your browser, such as "NoScript" (https://noscript.net/) or "Ghostery" (https://www.ghostery.com/).