Privacy Policy
1. General Information
We, the companies of Mövenpick Holding AG – FutureLog Segment (hereinafter: ‘FutureLog,’ ‘we’ or ‘us’), provide a website at www.futurelog.com containing information about our products and services as well as current job advertisements. It is possible to contact us via a contact form, but it is also possible to interact with us via other channels, e.g. via social media or as part of (pre-)contractual relationships.
In this Privacy Policy, we explain how we collect and process your personal data. Personal data is all data that can be associated with you personally, e.g. name, address, email addresses, user behaviour.
This Privacy Policy has been compiled on the basis of Regulation (EU) 2016/679 (GDPR) and the nFADP (Switzerland), taking into account the data protection laws applicable locally at the registered office of our companies. For the sake of simplicity, we refer to the provisions of the GDPR in some places. If the processing of your personal data takes place outside the scope of the GDPR, these references are not valid.
This Privacy Policy is not an exhaustive description. Other privacy policies, such as the privacy policy for our employees, or general terms and conditions, contracts and similar documents, may govern specific matters.
2. Name and contact details of the controller/data protection officer
We are responsible for the processing of your personal data. For the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection legislation, the controller for the processing of your personal data is the FutureLog company that processes your personal data through its services or communication with you and decides on the purposes and means of this data processing. These may be the following FutureLog companies:
| Mövenpick Holding AG – FutureLog Segment, Oberneuhofstrasse 12, 6340 Baar, Switzerland team.fl(at)futurelog.com |
| FutureLog AG, Oberneuhofstrasse 12, 6340 Baar, Switzerland team.fl(at)futurelog.com |
FutureLog Europe GmbH, Data protection officer: Marc Stolz |
| FutureLog France SAS, 54 Avenue Hoche, Paris 75008, France team.fl(at)futurelog.com |
| FutureLog Middle East FZ – LLC, Shatha Tower, Floor 30 – Office 3011, Dubai Media City, PO box: 502817 Dubai, United Arab Emirates team.mea(at)futurelog.com |
| FutureLog Asia Pacific Ltd, 399 Interchange 21 Building, 20th Floor – Suite 2014, Sukhumvit Road, North Klongtoey – Wattana, Bangkok 10110, Thailand team.asia(at)futurelog.com |
| FutureLog Singapore Pte Ltd, 20 Cecil Street, Level 14-01 (Suite 1419), Singapore 049705, Singapore team.asia(at)futurelog.com |
| FutureLog Oceania, Suite 7.05, 31 Market Street, Sydney NSW 2000, Australia team.oceania(at)futurelog.com |
You are welcome to use the above contact details of the respective FutureLog company for any queries.
3. Collection and storage of personal data, nature and purpose of processing
We process your personal data independently or, where applicable, via third parties for the following purposes:
- to ensure the secure and stable operation of our website;
- to contact you;
- to fulfil or improve our service offering;
- for reach measurement, collection of impact KPIs and for marketing purposes;
- for the conclusion and performance of the contract.
More specifically:
3.1 When visiting our website
If you have accepted the use of cookies via the cookie banner (see section 4 of this Privacy Policy), information is automatically sent to our website’s server by the browser used on your device when you access our website. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until it is automatically deleted:
- name of the file retrieved;
- date and time of retrieval;
- volume of data transferred;
- notification of whether the retrieval was successful;
- description of the type of web browser used;
- operating system used;
- the page previously visited;
- provider;
- your IP address.
The aforementioned data is processed by us for the following purposes:
- ensuring a smooth connection to the website;
- ensuring convenient use of our website;
- analysis, further development, reach measurement, impact KPIs and marketing purposes;
- evaluating system security and stability; and
- other administrative purposes.
We process this data on the basis of your consent (Art. 6(1a) GDPR, where the GDPR applies) with regard to the data collection purposes listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about you personally.
3.2 When using the contact form
On our website, you can contact us via a form in order to share questions and concerns of any kind with us. You will need to enter your name, contact details (email, phone number, company and country) and a message so that we can answer your question and provide you with the correct information. Mandatory fields are marked as such. The subsequent processing of your personal data is based on the legal basis of your consent (Art. 6(1a) GDPR, where the GDPR applies).
3.3 When we provide our services
We also process your data within the scope of our contractual agreements. This includes master data (e.g. customer master data, such as names or addresses), contact data (e.g. email addresses, telephone numbers), content data (e.g. text entries, etc.), contract data (e.g. subject of the contract, term), payment data (e.g. bank details, payment history), usage data and metadata (e.g. in the context of evaluating and measuring the success of marketing measures). Data subjects include our customers, suppliers and service providers, interested parties and their customers, users, website visitors or employees and third parties. The purpose of processing is the provision of contractual services, billing and our customer service. The legal grounds for processing are Art. 6(1b) GDPR (pre-contractual measure/contractual performance) and Art. 6(1f) GDPR (legitimate interest), where the GDPR applies. Data is only disclosed to external parties if necessary as part of an order and we are entitled to do so.
We delete your data after legal warranty obligations and comparable duties have expired. The need to retain the data is reviewed at irregular intervals. If legal archiving obligations apply, deletion takes place after their expiry.
3.4 Personal interaction in a business context
Your personal data may also be processed if you provide us with such data as part of a personal interaction at your own request (e.g. during a trade fair visit, etc.). Where the GDPR applies, processing is based on Art. 6(1a) GDPR (consent) and Art. 6(1f) GDPR (legitimate interest). The processing of personal data can be revoked at any time.
3.5 Social media buttons
Plugins from the social network LinkedIn, operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter referred to as ‘LinkedIn’), are integrated into this website. You can recognise LinkedIn plugins by their LinkedIn logo. When you visit this website, the plugin establishes a direct connection between your browser and the LinkedIn server. LinkedIn thus receives the information that you have visited this website with your IP address. We would like to point out that we, as the provider of this website, have no knowledge of the content of the data transmitted or its use by LinkedIn. Details of data collection (purpose, scope, further processing, use) as well as your rights and settings options can be found in LinkedIn’s privacy policy. LinkedIn makes this information available via the following URL:
http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv
4. Cookies
If you give us your consent via the cookie banner, we typically use ‘cookies’ and similar technologies on our website that can be used to identify your browser or device.
A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our website. This enables us to recognise you when you re-visit this website, even if we do not know who you are. In addition to cookies that are only used during a session and are deleted after your visit to the website (‘session cookies’), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years; ‘permanent cookies’). However, you can adjust your browser’s settings such that it rejects cookies, stores them only for one session or otherwise deletes them prematurely.
In general, we distinguish between two types of cookies:
4.1 Essential cookies
Essential cookies are used in some areas of our website. These file elements enable your computer to be identified as a technical unit during your visit to this website so that you can use our services. However, you usually have the option of setting your internet browser so that you are informed about the occurrence of cookies, so that you can permit or exclude them, or so that you can delete existing cookies. Please use your browser’s help function to find out how to change these settings. You can also manage the cookies used on our website at any time via our cookie banner. Do note that certain elements of our website may not work if you have deactivated the use of technically essential cookies. Cookies do not allow a server to read private data from your computer or data stored by another server. They do not cause any damage to your computer and do not contain any viruses. Where the GDPR applies, we base our use of technically essential cookies on Art. 6(1f) GDPR: the processing takes place to enable the functioning of our website and is therefore necessary to protect our legitimate interests.
4.2 Non-essential cookies
Non-essential cookies are also used, e.g. to understand how you use our services, to evaluate and improve the performance of our website, to offer you improved functionality and personalisation during your visit, etc. This kind of cookie is only used if you have previously given your consent (pursuant to Art. 6(1a) GDPR, where the GDPR applies) via our cookie banner.
Some of the cookies used by our website are set by us, while others are set by third parties on our behalf.
Information on individual cookies, their purpose, their duration of use and the possibility of data transfer to a third country can be found in the table below. Third countries within the meaning of the notice in the cookie consent tool are any country outside the European Union and the United Kingdom, with the exception of Switzerland.
| Name | Function (why it is saved) | Technically essential to use on our homepage | Storage period on your device | Data transfer to third country /appropriate guarantees |
|---|---|---|---|---|
| Wed Feb 19 2025 13:58:18<w:br/>GMT+0000 (Coordinated<w:br/>Universal Time) | Functional | Yes | Unlimited | |
| t3D | Functional | Yes | Unlimited | |
| tADe | Functional | Yes | Unlimited | |
| tADu | Functional | Yes | Unlimited | |
| tAE | Functional | Yes | Unlimited | |
| tC | Functional | Yes | Unlimited | |
| tMQ | Functional | Yes | Unlimited | |
| tPL | Functional | Yes | Unlimited | |
| tTDe | Functional | Yes | Unlimited | |
| tTDu | Functional | Yes | Unlimited | |
| tTE | Functional | Yes | Unlimited | |
| tTf | Functional | Yes | Unlimited | |
| tnsApp | Hosting | Unlimited | ||
| IDE | Programmatic advertising | No | 1 year, 25 days | EU adequacy decision (data privacy framework) |
| test_cookie | Programmatic advertising | No | 14 minutes, 7 seconds | EU adequacy decision (data privacy framework) |
| _ga | Registers a unique ID that is used to generate statistical information about how the visitor uses the website. | No | 1 year, 1 month | EU adequacy decision (data privacy framework) |
| _ga_CHXBKHWXCQ | Analytics | No | 1 year, 1 month | EU adequacy decision (data privacy framework) |
| _gcl_au | Used by Google AdSense to experiment with the advertising impact on websites that use its services. | No | 3 months, 1 day | EU adequacy decision (data privacy framework) |
| CookieConsent | Consent management | Yes | 11 months, 31 days | N/A |
| Name | Function (purpose) | Further information on the external service can be found via (provider’s website) | Data transfer to third country/appropriate guarantees | Information in Privacy Policy |
|---|---|---|---|---|
| Cloudflare | Web storage | cloudflare.com/en-gb/ | EU adequacy decision (data privacy framework) | No |
| Doubleclick | Programmatic advertising | doubleclick.net | EU adequacy decision (data privacy framework) | Yes |
| Google+ | Functional | google.com | EU adequacy decision (data privacy framework) | Yes |
| Google Ads conversion | Programmatic advertising | www.google.xxx/pagead | EU adequacy decision (data privacy framework) | Yes |
| Google Analytics | Analytics | support.google.com/analytics/topic/1008008 | EU adequacy decision (data privacy framework) | Yes |
| Google Tag Manager | Functional | tagmanager.google.com | EU adequacy decision (data privacy framework) | No |
| Cookiebot | Consent management | cookiebot.com | N/A | Yes |
5. Location of data processing
As a rule, your personal data is processed at the registered office of the FutureLog Group. If third parties are involved in the processing as auxiliaries (processors), for example for the processing of commercial and administrative services and in connection with IT services, you should expect processing to take place outside the FutureLog locations. This may be in Switzerland, the UK, the EU or third countries.
Tools from third parties based in third countries, such as the USA, may be integrated into our website or used in order to provide services. If these tools are active, your personal data may be passed on to the respective companies’ servers. However, the personal data processed is stored in a European cloud.
We review all auxiliaries from different perspectives (data protection, data security, IT, legal) and conclude appropriate data protection contracts, including the current EU standard contractual clauses, before we use the services of a third-party company.
You can contact the relevant controllers at any time (see section 2) if you would like to receive more detailed information.
6. Retention period and deletion
Personal data will be processed and stored for as long as required for the purpose for which it was collected. This means the following for your personal data:
- Personal data collected for the purpose of fulfilling a contract concluded between you and us is generally stored until the contract has been fully fulfilled. Legal retention obligations and post-contractual claims arising from the contract are taken into account in this.
- Personal data collected to safeguard our legitimate interests will be retained for as long as these legitimate interests exist.
- We also store personal data for a longer period of time if you have consented to such processing. The data will, of course, be deleted if consent is withdrawn.
The data processed by us will be deleted or its processing restricted after expiry of statutory retention periods and statutory retention rights and in accordance with statutory requirements. In the event of a restriction being imposed, the data will be made inaccessible and not processed for other purposes. This applies, for example, to data that must be retained for reasons under commercial or tax law.
7. Your rights
You may exercise certain rights in relation to your data that we process. In particular, you have the following rights:
- the right to request access to information from us as to whether and which data concerning you we process;
- the right to request that we provide certain personal data in a commonly used electronic format or transfer it to another controller;
- the right to request the rectification of your data if it is inaccurate;
- the right to request the deletion of data, provided there are no conflicting retention obligations and retention rights;
- the right to object: if the processing of your personal data is based on our legitimate interest, you can object to the use of your personal data. However, this only applies if you find yourself in such a special situation that your personal interest prevents us from using your personal data. Our overriding, overarching interests remain reserved here as well. Processing based on other grounds remains unaffected by the objection.
- the right to withdraw consent, insofar as our processing is based on your consent;
- the right, upon request, to receive further information necessary to exercise these rights;
- the right to lodge a complaint with the competent supervisory authority. These are:
- For Switzerland: Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern, Switzerland
www.edoeb.admin.ch/en/contact-2
- For data subjects falling within the scope of the GDPR: The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg, Lautenschlagerstrasse 20, 70173 Stuttgart, Germany
https://www.baden-wuerttemberg.datenschutz.de/kontakt-aufnehmen/
- For Switzerland: Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern, Switzerland
All requests to exercise your rights can be addressed to the controller directly (see contact details in section 2). Applications can be exercised free of charge. They will be processed by us as quickly as possible and within one month of receipt of your application at the latest.
8. Updating this Privacy Policy
It may be necessary to update this Privacy Policy from time to time. We therefore recommend that you read this Privacy Policy at regular intervals.
Last updated: March 2025