Privacy statementWe protect your privacy

Privacy statement for mobile applications

Provider and responsible party

Abacus Research AG («Abacus»)
Abacus-Platz 1
9300 Wittenbach
Switzerland

E-mail address of the provider: datenschutz@abacus.ch

Collected data

The purpose of the application is to communicate with a hosted business software of the ERP manufacturer Abacus Research AG or to be used as stand-alone application.

The personal data that this application stores includes, depending on the area of use, the collection, sharing, changing or requesting of expenses, working hours, absences, services, travel expenses, employee data, wage data, addresses, real estate inspections and the like.

This data is only stored on the user’s device and, if the device is connected to Abacus Business Software, is transferred directly to the corresponding business software client of your employer or client according to its input purpose and processed there. This data will never be transmitted to Abacus or to a third party.

If documents such as supplier invoices, expense receipts, etc. should be automatically recognized and posted, it is possible that the receipt will be transmitted to a service operated by Abacus in the cloud in Switzerland, where the receipt is interpreted with the help of artificial intelligence, learned from the interpretation and enriched with the necessary information for automatic booking. The processed document is then returned to the user’s entry process. The document is not physically stored at any time. The user remains anonymous to the learning service.

The personal data processed independently by this application includes, in addition to the usage data described above:

  • Unique device identification for communication
  • Geographical positions
  • Technical protocols (see below)

Cookies, Google advertising ID or IDFA, etc. are not stored by Abacus. Whether third party components used for diagnostic purposes according to the user’s settings will store data in this way can be found in the “Technical Protocols” section.

If though use of this application by the user personal data is processed by third parties, the user is responsible for his or her own data.

As with his or her own personal data, it may only be used for the purposes for which this software was developed.

Type and location of data processing

Processing methods

The provider duly processes the user data and takes necessary, state-of-the-art security measures to prevent unauthorized access and unauthorized forwarding, modification or destruction of data.

The data is processed by means of computers or IT-based systems specifically for the stated purposes. It is important to ask the employer or client which other persons under his or her employment (personnel administration, accounting, legal department, compliance, system administrators) or external persons (providers of technical services, hosting providers, etc.) operate this application and therefore have access to the data.

Legal basis for processing

The user has voluntarily linked his or her application with the client of his or her employee or client to Abacus Business Software so that his or her expenses, working hours, absences, services, travel expenses, employee data, wage data, addresses, etc. can be automatically processed by him or her using this application.

If the application is stand-alone and not linked to a client, no data processing takes place (exception described under “Technical Protocols”).

Location

The data is processed exclusively in the client of the employer’s or client’s business software. The employer or client must be asked about which hoster is used in the country in which this client is hosted. If the centrally hosted software AbaNinja by Abacus is used, this client is located in Switzerland. The current hoster can be requested from Abacus.

It is in the nature of things that the data transfer from or to a country other than that of the user takes place when the user is abroad and communicates with the application.

Storage period

Personal data is processed and stored for as long as required by law or for the purpose for which it was collected. For further information, please contact your employer or client.

Processing purpose

Personal data is collected in order to directly process expenses, working hours, absences, services, travel expenses, employee data, wage data, addresses, etc. in the client of the employer’s or client’s business software.

Technical protocol

Personal data may be collected in addition to monitoring the infrastructure such as the devices, the network or the software.

With the setting «No diagnostic data»:

If this setting is active, no diagnostic data will be collected. As a result, the user may not be supported in the event of errors.

With the setting «Basic diagnostic data»:

The following services are used to improve performance, operation, maintenance, troubleshooting, and monitoring the behaviour of the software.

Crashlytics (Google Inc.)

Crashlytics is an application monitoring service provided by Google Inc. Personal data collected: Device identification, geographic location, and various types of data as described in the service’s privacy policy.

Processing location: United States – Privacy Policy.

Bugfender

Bugfender is a service that allows access to technical error logs (Error Logging) on the user’s device. The user is anonymized.

Processing location: Further information: www.bugfender.com

With the setting «Complete diagnostic data»:

If this service is active, the following services are used in addition to the basic diagnostic data:

Signature service

If documents entered by the user are digitally signed and provided with a time stamp, the following services are used:

Rights of the user

Since the data is processed exclusively in the business software of the employer or client of the user, which includes financial accounting, payroll accounting, HR, service and working time recording and the like, there are various legal and operational regulations for the storage of this data.

Requests to exercise user rights such as information on processing, data retention and its duration, objection to or restriction of processing, verification, corrections, deletions, etc. must therefore be answered by the employer or client.

It is technically up to the user to delete the link between the application and the client of his or her employer or customer on his or her device at any time and thus cease communication with the business software. The user is responsible for the internal consequences.

Further enquiries regarding the exercise of user rights can be addressed to Abacus free of charge via the contact details given above.

Further information

Legal action

The user’s personal data, insofar as they it is available to Abacus, may be requested by authorities for legal reasons, in particular in criminal or court proceedings. The user declares to be aware that Abacus may be obliged to disclose personal data in these and similar cases. Unless Abacus is expressly forbidden to do so, the user will be consulted and/or informed by Abacus.

“Do Not Track”

This application does not track the activities of the user in browsers.

Changes to this Privacy Policy

Abacus reserves the right to make changes to this Privacy Policy at any time. The user will be informed about this - as far as technically possible or legally permissible - by Abacus informing their users on this page and possibly about this application and/or - as far as technically and legally possible - by sending a message to the users via one of the user’s contact details available to Abacus.

Users are therefore advised to visit this page regularly and check the date of the last change indicated at the bottom of the page.

Insofar as changes affect the use of data based on the user’s consent, the provider will - if necessary - obtain a new consent.

Legal notice

This privacy statement has been prepared on the basis of the provisions of the Swiss Federal Act on Data Protection (DSG, 235.1), the EU Data Protection Basic Regulation (DSGVO) and the German Federal Data Protection Act (BDSG). It refers to this application.

Version 27. September 2018