headbits Privacy Notice

headbits Privacy Notice

headbits Privacy Notice

We,  headbits AG (hereinafter "we" or "headbits") are pleased about your interest in our company.

We take the protection of your personal data and their confidential treatment very seriously. The processing of your personal data takes place exclusively within the framework of the legal provisions of the data protection law of the European Union, in particular the General Data Protection Regulation (hereinafter "GDPR") and further applicable regulations.
With this privacy policy we inform you about the processing of your personal data on our website www.headbits.com (the “website”) and about your privacy rights.

1. Name and contact details of the controller as well as operational data protection officer

This data privacy statement shall apply to data processing activities by the following controller:
headbits AG
Oberdorfstrasse 8
8001 Zurich
Switzerland
email: privacy@headbits.com

The operational data protection officer can be reached as follows:
headbits AG
Data Protection Officer
Oberdorfstrasse 8
8001 Zurich
Switzerland
email: privacy@headbits.com

2. Subject matter of data protection
The subject matter of data protection is personal data". This means any information relating to an identified or identifiable natural person (‘data subject’). These include e.g. information such as name, postal address, e-mail address or telephone number.

Specific information on the personal data processed by us can be found below in detail in the data processing operations listed.

3. Collection and storage of personal data as well as the nature and purpose of their processing
  1.  When visiting the website
When calling our website, the browser used on your end device will automatically send information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your end and stored until automated erasure after 180 days:

  • Internet protocol address of the requesting computer
  • Date and time of the accessName and URL of the file retrieved
  • Website from which the access takes place (referrer URL)
  • Website that is called via our website
  • Browser used and, if applicable, the operating system of your computer and the name of your access provider

The data mentioned are processed by us for the following purposes:

  • Ensuring smooth establishment of the website’s connection
  • Ensuring comfortable use of our website
  • Evaluation of system safety and stability, as well as
  • Other administrative purposes


The legal basis for data processing activities shall be Article 6(1)(1)(f) GDPR. Our legitimate interests follow from the purposes listed above for data collection. In no case shall we use any collected data for the purpose of drawing conclusions about your person.
Furthermore, we use cookies and analysis services when you visit our website. More detailed explanations on this can be found in sections 5 and 6 of this data privacy statement.

  1. Subscribing to our Newsletter
If you have provided explicit consent in accordance with Article 6(1)(1)(a) of the GDPR, your email address will be used to periodically send you our newsletter. Simply providing your email address is adequate for receiving our newsletter.

Unsubscription is possible at any time e.g. using a link at the end of each newsletter. As an alternative, you may also send your unsubscription request to us at any time by email to: privacy@headbits.com. The only costs resulting from this are the transfer costs according to the basic rates of your telecommunications provider.

The personal data required for sending out the newsletter shall be erased as soon as they are no longer required for achieving the purpose of their collection and as far as no other legal authorisation basis applies for further processing. Your email address shall only therefore be stored for sending out the newsletter until you revoke your consent.

  1. Email contact
Should you have any inquiries, you can reach us using the provided email address. Any personal data conveyed within the email will be retained for the purpose of communication. This data processing, concerning contact purposes, aligns with Article 6(1)(f) of the GDPR. In instances where the contact pertains to the initiation or fulfillment of a contract, Article 6(1)(b) of the GDPR serves as an additional legal basis for processing. Any personal data collected during this interaction will be deleted upon the resolution or fulfillment of your request.

4. Passing on data
We shall only pass on your personal data to third parties (recipients) if we are entitled to do so under the provisions of data protection law. Below we inform you about the circumstances in which this may be the case: 
We can pass on your personal data to third parties (recipients), if:

  • You have explicitly given consent to such for one or more specific purposes (Article 6(1)(1)(a) GDPR);
  • Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Article 6(1)(1)(b) GDPR);
  • Processing is necessary for compliance with a legal obligation to which the we are subject (Article 6(1)(1)(c) GDPR);
  • Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data (Article 6(1)(1)(f) GDPR).


We engage with various trusted service providers to support our operations and offer services on our website, including but not limited to Google, Mailchimp, Tally, and Capsule. These service providers act as processors and may access or process personal data on our behalf. We ensure that any information shared with these service providers is limited to what is necessary for them to perform their specific functions in accordance with our instructions. We have taken measures to enter into contractual agreements that bind these service providers to maintain the confidentiality and security of the personal data shared and to use it solely for the purposes outlined in our Privacy Policy. Moreover, we diligently select our service providers based on their reliability, security measures, and their commitment to data protection standards, ensuring that they adhere to applicable data protection regulations.

5. Cookies
We value your privacy and strive to provide you with a personalized and user-friendly experience on our website. To enhance your browsing experience, we use cookies and similar technologies. By continuing to browse our site, you agree to the use of these technologies as described below. The data processed by cookies are required for the purpose of maintaining our legitimate interests and those of third parties according to Article 6(1)(1)(f) GDPR.


You have the option to manage your cookie preferences. Below are the different types of cookies used on our website:

  • Essential Cookies: These cookies are necessary for the proper functioning of our website and cannot be disabled in our systems. They are usually set in response to actions made by you, such as setting your privacy preferences, logging in, or filling forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then.
  • Functional Cookies: These cookies enable enhanced functionality and personalization, such as remembering choices you make and providing more tailored features. You can opt-out of these cookies by adjusting your browser settings or by using our cookie preference tool.
  • Analytics and Performance Cookies: We use these cookies to understand how visitors interact with our website, analyze usage patterns, and improve our services. You can choose to disable these cookies without impacting your experience on our site.


Whilst most browsers accept cookies automatically, you may, however, configure your browser so that no cookies will be stored on your computer or that you will always be informed before a new cookie is set up. Complete deactivation of cookies may, however, render you unable to use all functions of our website.

6. Analysis tools
The tracking measures listed below and used by us are performed based on Article 6(1)(1)(f) GDPR. With the tracking measures used, we want to ensure demand-oriented design and continuous optimisation of our website. On the other hand, we use tracking measures in order to statistically record use of our website and to evaluate it for the purpose of optimising our offer to you. These interests are to be viewed as justified within the meaning of the above rule.
The respective purposes of the data processing activities and data categories can be taken from the corresponding tracking tool in this section.

Google Analytics
For the purpose of demand-oriented design and continuous optimisation of our websites, we use Google Analytics, a web analysis service of Google Inc. (https://about.google/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter: “Google”). In this context, pseudonymised user profiles are compiled and cookies are used (see section 5). The information generated by the cookie regarding your use of this website, such as

  • browser type/version,
  • operating system used,
  • referrer URL (the website visited before),
  • host name of the accessing computer (internet protocol address),
  • time of the server query,


are transferred to servers of Google in the USA and stored there within the context of the agreement on contract data processing that we have entered into with Google. The information is used in order to evaluate use of the website in order to compile reports on the website activities and in order to provide further services connected to use of the website and use of the internet for the purpose of market research and demand-oriented design of these internet websites. This information may also be transferred to third parties if this is required by law or as long as third parties process these personal data based on a contract. In no case will your internet protocol address be combined with any other data from Google. The internet protocol addresses are rendered anonymous so that they cannot be assigned (IP masking). Sessions and campaigns shall be ended after the end of a specific period of time. By default, sessions shall be ended after 30 minutes without any activity, and campaigns after six months. The time limit for campaigns may be up to two years.
You may prevent installation of the cookies by making the corresponding settings in your browser software; however, note that you may be unable to fully use all functions of the website in such a case.

You may furthermore prevent recording of the data generated by the cookie and referring to your use of the website (including your internet protocol address) and processing of these personal data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpag...).
As an alternative to the browser add-on, in particular for browsers on mobile end devices, you can prevent recording by Google Analytics by clicking this link [program using Java-Script code]. An opt-out cookie is set that will prevent the future recording of your personal data when visiting this website. The opt-out cookie will only be valid for this browser and only for our website; it is stored on your device. If you delete the cookies in this browser, you need to set the opt-out cookie again.
For more information on data protection related to Google Analytics, see the Google Analytics Help (https://support.google.com/ana...).

7. Plug-ins
On our website, we use plug-ins of:
Tally: we use Tally to book meetings, deploy surveys and collect information on our website. By providing information you will have to consent to our privacy policy. All data is stored securely via Tally servers and is not shared or viewed by any third party services. View Tally privacy policy here.

8. Rights of the data subject
You have the right:

  • to demand information in accordance with Article 15 GDPR regarding the processing of your personal data by us. In particular, you may request information on the purposes of the processing, the categories of personal data, the categories of recipient to whom your data have been or are disclosed, the envisaged storage period, the existence of the right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the source of your data to the extent that these were not collected at our site, and the existence of automated decision-making, including profiling and any meaningful information on its details;
  • in accordance with Article 16 GDPR, obtain the rectification of any inaccurate personal data stored by us or completion of such data without undue delay;
  • in accordance with Article 17 GDPR, obtain the erasure of your personal data stored by us, to the extent that processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • in accordance with Article 18 GDPR, obtain the restriction of processing of your personal data, to the extent that the accuracy of the data is contested by you, processing is unlawful, but you oppose erasure and we no longer need the personal data, but you still require them for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Article 21 GDPR;
  • in accordance with Article 20 GDPR, demand to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to demand transmission to another controller;
  • in accordance with Article 7(3) GDPR, to withdraw your consent once given to us towards us at any time. This has the consequence that we may no longer continue the data processing activities that were based on this consent in future and
  • in accordance with Article 77 GDPR, lodge a complaint with a supervisory authority. Usually, you may contact the supervisory authority at your habitual residence or place of work or our registered office for this. A list of the EU data protection authorities is available by clicking this link: http://ec.europa.eu/newsroom/a....


If you have any inquiries regarding the processing of your personal data or wish to exercise your rights as a data subject, including but not limited to requesting access to your data, correcting inaccuracies, or raising concerns about how we handle your information, please contact us at privacy@headbits.com. We are committed to addressing your concerns and ensuring the protection of your data.

9. Right to object
As far as your personal data are processed based on legitimate interests in accordance with Article 6(1)(1)(f) GDPR, you have the right to object to processing of your personal data in accordance with Article 21 GDPR, to the extent that there are grounds relating to your particular situation or the objection is targeted against direct marketing. In the latter case, you have a general right to object that will be implemented by us without any indication of a particular situation.

If you want to exercise your withdrawal right or right to object, simply send us an email to privacy@headbits.com

10. Further information
In accordance with Art. 13 para. 2 lit. e GDPR we would like to inform you about the following:
The provision of personal data is neither a statutory nor contractual requirement, nor a requirement necessary to enter into a contract. You are not obliged to provide personal data. There are no consequences resulting from failure to provide such data.
In accordance with Art. 13 para. 2 lit. f GDPR we would like to inform you that we do not process your personal data for the purpose of automated decision-making.

11. Data security
Within the website visit, we use the common SSL procedure (Secure Socket Layer) in conjunction with the respective highest encryption level your browser supports. This usually is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether an individual website of our internet offer is transmitted encrypted or not is evident by the closed display of the key or lock symbol in the lower status bar of your browser.
Apart from this, we use appropriate technical and organisational security measures in order to protect your data from accidental or wilful manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures will be improved continually according to the technological developments.


12. Topicality and changes of this data privacy statement
This data privacy statement is currently valid as of December 2023.

We are committed to ensuring transparency and keeping you informed about how we handle your personal data. Our Privacy Policy may be updated periodically to reflect changes in our practices, legal requirements, or advancements in technology. We encourage you to review this Privacy Policy regularly to stay informed about how we collect, use, and protect your information. Further development of our website and offers through it or changed statutory or authority specifications may require changes to this data privacy statement. You may call and print the respective current data privacy statement at any time on the website.
We,  headbits AG (hereinafter "we" or "headbits") are pleased about your interest in our company.

We take the protection of your personal data and their confidential treatment very seriously. The processing of your personal data takes place exclusively within the framework of the legal provisions of the data protection law of the European Union, in particular the General Data Protection Regulation (hereinafter "GDPR") and further applicable regulations.
With this privacy policy we inform you about the processing of your personal data on our website www.headbits.com (the “website”) and about your privacy rights.

1. Name and contact details of the controller as well as operational data protection officer

This data privacy statement shall apply to data processing activities by the following controller:
headbits AG
Oberdorfstrasse 8
8001 Zurich
Switzerland
email: privacy@headbits.com

The operational data protection officer can be reached as follows:
headbits AG
Data Protection Officer
Oberdorfstrasse 8
8001 Zurich
Switzerland
email: privacy@headbits.com

2. Subject matter of data protection
The subject matter of data protection is personal data". This means any information relating to an identified or identifiable natural person (‘data subject’). These include e.g. information such as name, postal address, e-mail address or telephone number.

Specific information on the personal data processed by us can be found below in detail in the data processing operations listed.

3. Collection and storage of personal data as well as the nature and purpose of their processing
  1.  When visiting the website
When calling our website, the browser used on your end device will automatically send information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your end and stored until automated erasure after 180 days:

  • Internet protocol address of the requesting computer
  • Date and time of the accessName and URL of the file retrieved
  • Website from which the access takes place (referrer URL)
  • Website that is called via our website
  • Browser used and, if applicable, the operating system of your computer and the name of your access provider

The data mentioned are processed by us for the following purposes:

  • Ensuring smooth establishment of the website’s connection
  • Ensuring comfortable use of our website
  • Evaluation of system safety and stability, as well as
  • Other administrative purposes


The legal basis for data processing activities shall be Article 6(1)(1)(f) GDPR. Our legitimate interests follow from the purposes listed above for data collection. In no case shall we use any collected data for the purpose of drawing conclusions about your person.
Furthermore, we use cookies and analysis services when you visit our website. More detailed explanations on this can be found in sections 5 and 6 of this data privacy statement.

  1. Subscribing to our Newsletter
If you have provided explicit consent in accordance with Article 6(1)(1)(a) of the GDPR, your email address will be used to periodically send you our newsletter. Simply providing your email address is adequate for receiving our newsletter.

Unsubscription is possible at any time e.g. using a link at the end of each newsletter. As an alternative, you may also send your unsubscription request to us at any time by email to: privacy@headbits.com. The only costs resulting from this are the transfer costs according to the basic rates of your telecommunications provider.

The personal data required for sending out the newsletter shall be erased as soon as they are no longer required for achieving the purpose of their collection and as far as no other legal authorisation basis applies for further processing. Your email address shall only therefore be stored for sending out the newsletter until you revoke your consent.

  1. Email contact
Should you have any inquiries, you can reach us using the provided email address. Any personal data conveyed within the email will be retained for the purpose of communication. This data processing, concerning contact purposes, aligns with Article 6(1)(f) of the GDPR. In instances where the contact pertains to the initiation or fulfillment of a contract, Article 6(1)(b) of the GDPR serves as an additional legal basis for processing. Any personal data collected during this interaction will be deleted upon the resolution or fulfillment of your request.

4. Passing on data
We shall only pass on your personal data to third parties (recipients) if we are entitled to do so under the provisions of data protection law. Below we inform you about the circumstances in which this may be the case: 
We can pass on your personal data to third parties (recipients), if:

  • You have explicitly given consent to such for one or more specific purposes (Article 6(1)(1)(a) GDPR);
  • Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Article 6(1)(1)(b) GDPR);
  • Processing is necessary for compliance with a legal obligation to which the we are subject (Article 6(1)(1)(c) GDPR);
  • Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data (Article 6(1)(1)(f) GDPR).


We engage with various trusted service providers to support our operations and offer services on our website, including but not limited to Google, Mailchimp, Tally, and Capsule. These service providers act as processors and may access or process personal data on our behalf. We ensure that any information shared with these service providers is limited to what is necessary for them to perform their specific functions in accordance with our instructions. We have taken measures to enter into contractual agreements that bind these service providers to maintain the confidentiality and security of the personal data shared and to use it solely for the purposes outlined in our Privacy Policy. Moreover, we diligently select our service providers based on their reliability, security measures, and their commitment to data protection standards, ensuring that they adhere to applicable data protection regulations.

5. Cookies
We value your privacy and strive to provide you with a personalized and user-friendly experience on our website. To enhance your browsing experience, we use cookies and similar technologies. By continuing to browse our site, you agree to the use of these technologies as described below. The data processed by cookies are required for the purpose of maintaining our legitimate interests and those of third parties according to Article 6(1)(1)(f) GDPR.


You have the option to manage your cookie preferences. Below are the different types of cookies used on our website:

  • Essential Cookies: These cookies are necessary for the proper functioning of our website and cannot be disabled in our systems. They are usually set in response to actions made by you, such as setting your privacy preferences, logging in, or filling forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then.
  • Functional Cookies: These cookies enable enhanced functionality and personalization, such as remembering choices you make and providing more tailored features. You can opt-out of these cookies by adjusting your browser settings or by using our cookie preference tool.
  • Analytics and Performance Cookies: We use these cookies to understand how visitors interact with our website, analyze usage patterns, and improve our services. You can choose to disable these cookies without impacting your experience on our site.


Whilst most browsers accept cookies automatically, you may, however, configure your browser so that no cookies will be stored on your computer or that you will always be informed before a new cookie is set up. Complete deactivation of cookies may, however, render you unable to use all functions of our website.

6. Analysis tools
The tracking measures listed below and used by us are performed based on Article 6(1)(1)(f) GDPR. With the tracking measures used, we want to ensure demand-oriented design and continuous optimisation of our website. On the other hand, we use tracking measures in order to statistically record use of our website and to evaluate it for the purpose of optimising our offer to you. These interests are to be viewed as justified within the meaning of the above rule.
The respective purposes of the data processing activities and data categories can be taken from the corresponding tracking tool in this section.

Google Analytics
For the purpose of demand-oriented design and continuous optimisation of our websites, we use Google Analytics, a web analysis service of Google Inc. (https://about.google/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter: “Google”). In this context, pseudonymised user profiles are compiled and cookies are used (see section 5). The information generated by the cookie regarding your use of this website, such as

  • browser type/version,
  • operating system used,
  • referrer URL (the website visited before),
  • host name of the accessing computer (internet protocol address),
  • time of the server query,


are transferred to servers of Google in the USA and stored there within the context of the agreement on contract data processing that we have entered into with Google. The information is used in order to evaluate use of the website in order to compile reports on the website activities and in order to provide further services connected to use of the website and use of the internet for the purpose of market research and demand-oriented design of these internet websites. This information may also be transferred to third parties if this is required by law or as long as third parties process these personal data based on a contract. In no case will your internet protocol address be combined with any other data from Google. The internet protocol addresses are rendered anonymous so that they cannot be assigned (IP masking). Sessions and campaigns shall be ended after the end of a specific period of time. By default, sessions shall be ended after 30 minutes without any activity, and campaigns after six months. The time limit for campaigns may be up to two years.
You may prevent installation of the cookies by making the corresponding settings in your browser software; however, note that you may be unable to fully use all functions of the website in such a case.

You may furthermore prevent recording of the data generated by the cookie and referring to your use of the website (including your internet protocol address) and processing of these personal data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpag...).
As an alternative to the browser add-on, in particular for browsers on mobile end devices, you can prevent recording by Google Analytics by clicking this link [program using Java-Script code]. An opt-out cookie is set that will prevent the future recording of your personal data when visiting this website. The opt-out cookie will only be valid for this browser and only for our website; it is stored on your device. If you delete the cookies in this browser, you need to set the opt-out cookie again.
For more information on data protection related to Google Analytics, see the Google Analytics Help (https://support.google.com/ana...).

7. Plug-ins
On our website, we use plug-ins of:
Tally: we use Tally to book meetings, deploy surveys and collect information on our website. By providing information you will have to consent to our privacy policy. All data is stored securely via Tally servers and is not shared or viewed by any third party services. View Tally privacy policy here.

8. Rights of the data subject
You have the right:

  • to demand information in accordance with Article 15 GDPR regarding the processing of your personal data by us. In particular, you may request information on the purposes of the processing, the categories of personal data, the categories of recipient to whom your data have been or are disclosed, the envisaged storage period, the existence of the right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the source of your data to the extent that these were not collected at our site, and the existence of automated decision-making, including profiling and any meaningful information on its details;
  • in accordance with Article 16 GDPR, obtain the rectification of any inaccurate personal data stored by us or completion of such data without undue delay;
  • in accordance with Article 17 GDPR, obtain the erasure of your personal data stored by us, to the extent that processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • in accordance with Article 18 GDPR, obtain the restriction of processing of your personal data, to the extent that the accuracy of the data is contested by you, processing is unlawful, but you oppose erasure and we no longer need the personal data, but you still require them for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Article 21 GDPR;
  • in accordance with Article 20 GDPR, demand to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to demand transmission to another controller;
  • in accordance with Article 7(3) GDPR, to withdraw your consent once given to us towards us at any time. This has the consequence that we may no longer continue the data processing activities that were based on this consent in future and
  • in accordance with Article 77 GDPR, lodge a complaint with a supervisory authority. Usually, you may contact the supervisory authority at your habitual residence or place of work or our registered office for this. A list of the EU data protection authorities is available by clicking this link: http://ec.europa.eu/newsroom/a....


If you have any inquiries regarding the processing of your personal data or wish to exercise your rights as a data subject, including but not limited to requesting access to your data, correcting inaccuracies, or raising concerns about how we handle your information, please contact us at privacy@headbits.com. We are committed to addressing your concerns and ensuring the protection of your data.

9. Right to object
As far as your personal data are processed based on legitimate interests in accordance with Article 6(1)(1)(f) GDPR, you have the right to object to processing of your personal data in accordance with Article 21 GDPR, to the extent that there are grounds relating to your particular situation or the objection is targeted against direct marketing. In the latter case, you have a general right to object that will be implemented by us without any indication of a particular situation.

If you want to exercise your withdrawal right or right to object, simply send us an email to privacy@headbits.com

10. Further information
In accordance with Art. 13 para. 2 lit. e GDPR we would like to inform you about the following:
The provision of personal data is neither a statutory nor contractual requirement, nor a requirement necessary to enter into a contract. You are not obliged to provide personal data. There are no consequences resulting from failure to provide such data.
In accordance with Art. 13 para. 2 lit. f GDPR we would like to inform you that we do not process your personal data for the purpose of automated decision-making.

11. Data security
Within the website visit, we use the common SSL procedure (Secure Socket Layer) in conjunction with the respective highest encryption level your browser supports. This usually is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether an individual website of our internet offer is transmitted encrypted or not is evident by the closed display of the key or lock symbol in the lower status bar of your browser.
Apart from this, we use appropriate technical and organisational security measures in order to protect your data from accidental or wilful manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures will be improved continually according to the technological developments.


12. Topicality and changes of this data privacy statement
This data privacy statement is currently valid as of December 2023.

We are committed to ensuring transparency and keeping you informed about how we handle your personal data. Our Privacy Policy may be updated periodically to reflect changes in our practices, legal requirements, or advancements in technology. We encourage you to review this Privacy Policy regularly to stay informed about how we collect, use, and protect your information. Further development of our website and offers through it or changed statutory or authority specifications may require changes to this data privacy statement. You may call and print the respective current data privacy statement at any time on the website.
We,  headbits AG (hereinafter "we" or "headbits") are pleased about your interest in our company.

We take the protection of your personal data and their confidential treatment very seriously. The processing of your personal data takes place exclusively within the framework of the legal provisions of the data protection law of the European Union, in particular the General Data Protection Regulation (hereinafter "GDPR") and further applicable regulations.
With this privacy policy we inform you about the processing of your personal data on our website www.headbits.com (the “website”) and about your privacy rights.

1. Name and contact details of the controller as well as operational data protection officer

This data privacy statement shall apply to data processing activities by the following controller:
headbits AG
Oberdorfstrasse 8
8001 Zurich
Switzerland
email: privacy@headbits.com

The operational data protection officer can be reached as follows:
headbits AG
Data Protection Officer
Oberdorfstrasse 8
8001 Zurich
Switzerland
email: privacy@headbits.com

2. Subject matter of data protection
The subject matter of data protection is personal data". This means any information relating to an identified or identifiable natural person (‘data subject’). These include e.g. information such as name, postal address, e-mail address or telephone number.

Specific information on the personal data processed by us can be found below in detail in the data processing operations listed.

3. Collection and storage of personal data as well as the nature and purpose of their processing
  1.  When visiting the website
When calling our website, the browser used on your end device will automatically send information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your end and stored until automated erasure after 180 days:

  • Internet protocol address of the requesting computer
  • Date and time of the accessName and URL of the file retrieved
  • Website from which the access takes place (referrer URL)
  • Website that is called via our website
  • Browser used and, if applicable, the operating system of your computer and the name of your access provider

The data mentioned are processed by us for the following purposes:

  • Ensuring smooth establishment of the website’s connection
  • Ensuring comfortable use of our website
  • Evaluation of system safety and stability, as well as
  • Other administrative purposes


The legal basis for data processing activities shall be Article 6(1)(1)(f) GDPR. Our legitimate interests follow from the purposes listed above for data collection. In no case shall we use any collected data for the purpose of drawing conclusions about your person.
Furthermore, we use cookies and analysis services when you visit our website. More detailed explanations on this can be found in sections 5 and 6 of this data privacy statement.

  1. Subscribing to our Newsletter
If you have provided explicit consent in accordance with Article 6(1)(1)(a) of the GDPR, your email address will be used to periodically send you our newsletter. Simply providing your email address is adequate for receiving our newsletter.

Unsubscription is possible at any time e.g. using a link at the end of each newsletter. As an alternative, you may also send your unsubscription request to us at any time by email to: privacy@headbits.com. The only costs resulting from this are the transfer costs according to the basic rates of your telecommunications provider.

The personal data required for sending out the newsletter shall be erased as soon as they are no longer required for achieving the purpose of their collection and as far as no other legal authorisation basis applies for further processing. Your email address shall only therefore be stored for sending out the newsletter until you revoke your consent.

  1. Email contact
Should you have any inquiries, you can reach us using the provided email address. Any personal data conveyed within the email will be retained for the purpose of communication. This data processing, concerning contact purposes, aligns with Article 6(1)(f) of the GDPR. In instances where the contact pertains to the initiation or fulfillment of a contract, Article 6(1)(b) of the GDPR serves as an additional legal basis for processing. Any personal data collected during this interaction will be deleted upon the resolution or fulfillment of your request.

4. Passing on data
We shall only pass on your personal data to third parties (recipients) if we are entitled to do so under the provisions of data protection law. Below we inform you about the circumstances in which this may be the case: 
We can pass on your personal data to third parties (recipients), if:

  • You have explicitly given consent to such for one or more specific purposes (Article 6(1)(1)(a) GDPR);
  • Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Article 6(1)(1)(b) GDPR);
  • Processing is necessary for compliance with a legal obligation to which the we are subject (Article 6(1)(1)(c) GDPR);
  • Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data (Article 6(1)(1)(f) GDPR).


We engage with various trusted service providers to support our operations and offer services on our website, including but not limited to Google, Mailchimp, Tally, and Capsule. These service providers act as processors and may access or process personal data on our behalf. We ensure that any information shared with these service providers is limited to what is necessary for them to perform their specific functions in accordance with our instructions. We have taken measures to enter into contractual agreements that bind these service providers to maintain the confidentiality and security of the personal data shared and to use it solely for the purposes outlined in our Privacy Policy. Moreover, we diligently select our service providers based on their reliability, security measures, and their commitment to data protection standards, ensuring that they adhere to applicable data protection regulations.

5. Cookies
We value your privacy and strive to provide you with a personalized and user-friendly experience on our website. To enhance your browsing experience, we use cookies and similar technologies. By continuing to browse our site, you agree to the use of these technologies as described below. The data processed by cookies are required for the purpose of maintaining our legitimate interests and those of third parties according to Article 6(1)(1)(f) GDPR.


You have the option to manage your cookie preferences. Below are the different types of cookies used on our website:

  • Essential Cookies: These cookies are necessary for the proper functioning of our website and cannot be disabled in our systems. They are usually set in response to actions made by you, such as setting your privacy preferences, logging in, or filling forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then.
  • Functional Cookies: These cookies enable enhanced functionality and personalization, such as remembering choices you make and providing more tailored features. You can opt-out of these cookies by adjusting your browser settings or by using our cookie preference tool.
  • Analytics and Performance Cookies: We use these cookies to understand how visitors interact with our website, analyze usage patterns, and improve our services. You can choose to disable these cookies without impacting your experience on our site.


Whilst most browsers accept cookies automatically, you may, however, configure your browser so that no cookies will be stored on your computer or that you will always be informed before a new cookie is set up. Complete deactivation of cookies may, however, render you unable to use all functions of our website.

6. Analysis tools
The tracking measures listed below and used by us are performed based on Article 6(1)(1)(f) GDPR. With the tracking measures used, we want to ensure demand-oriented design and continuous optimisation of our website. On the other hand, we use tracking measures in order to statistically record use of our website and to evaluate it for the purpose of optimising our offer to you. These interests are to be viewed as justified within the meaning of the above rule.
The respective purposes of the data processing activities and data categories can be taken from the corresponding tracking tool in this section.

Google Analytics
For the purpose of demand-oriented design and continuous optimisation of our websites, we use Google Analytics, a web analysis service of Google Inc. (https://about.google/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter: “Google”). In this context, pseudonymised user profiles are compiled and cookies are used (see section 5). The information generated by the cookie regarding your use of this website, such as

  • browser type/version,
  • operating system used,
  • referrer URL (the website visited before),
  • host name of the accessing computer (internet protocol address),
  • time of the server query,


are transferred to servers of Google in the USA and stored there within the context of the agreement on contract data processing that we have entered into with Google. The information is used in order to evaluate use of the website in order to compile reports on the website activities and in order to provide further services connected to use of the website and use of the internet for the purpose of market research and demand-oriented design of these internet websites. This information may also be transferred to third parties if this is required by law or as long as third parties process these personal data based on a contract. In no case will your internet protocol address be combined with any other data from Google. The internet protocol addresses are rendered anonymous so that they cannot be assigned (IP masking). Sessions and campaigns shall be ended after the end of a specific period of time. By default, sessions shall be ended after 30 minutes without any activity, and campaigns after six months. The time limit for campaigns may be up to two years.
You may prevent installation of the cookies by making the corresponding settings in your browser software; however, note that you may be unable to fully use all functions of the website in such a case.

You may furthermore prevent recording of the data generated by the cookie and referring to your use of the website (including your internet protocol address) and processing of these personal data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpag...).
As an alternative to the browser add-on, in particular for browsers on mobile end devices, you can prevent recording by Google Analytics by clicking this link [program using Java-Script code]. An opt-out cookie is set that will prevent the future recording of your personal data when visiting this website. The opt-out cookie will only be valid for this browser and only for our website; it is stored on your device. If you delete the cookies in this browser, you need to set the opt-out cookie again.
For more information on data protection related to Google Analytics, see the Google Analytics Help (https://support.google.com/ana...).

7. Plug-ins
On our website, we use plug-ins of:
Tally: we use Tally to book meetings, deploy surveys and collect information on our website. By providing information you will have to consent to our privacy policy. All data is stored securely via Tally servers and is not shared or viewed by any third party services. View Tally privacy policy here.

8. Rights of the data subject
You have the right:

  • to demand information in accordance with Article 15 GDPR regarding the processing of your personal data by us. In particular, you may request information on the purposes of the processing, the categories of personal data, the categories of recipient to whom your data have been or are disclosed, the envisaged storage period, the existence of the right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the source of your data to the extent that these were not collected at our site, and the existence of automated decision-making, including profiling and any meaningful information on its details;
  • in accordance with Article 16 GDPR, obtain the rectification of any inaccurate personal data stored by us or completion of such data without undue delay;
  • in accordance with Article 17 GDPR, obtain the erasure of your personal data stored by us, to the extent that processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • in accordance with Article 18 GDPR, obtain the restriction of processing of your personal data, to the extent that the accuracy of the data is contested by you, processing is unlawful, but you oppose erasure and we no longer need the personal data, but you still require them for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Article 21 GDPR;
  • in accordance with Article 20 GDPR, demand to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to demand transmission to another controller;
  • in accordance with Article 7(3) GDPR, to withdraw your consent once given to us towards us at any time. This has the consequence that we may no longer continue the data processing activities that were based on this consent in future and
  • in accordance with Article 77 GDPR, lodge a complaint with a supervisory authority. Usually, you may contact the supervisory authority at your habitual residence or place of work or our registered office for this. A list of the EU data protection authorities is available by clicking this link: http://ec.europa.eu/newsroom/a....


If you have any inquiries regarding the processing of your personal data or wish to exercise your rights as a data subject, including but not limited to requesting access to your data, correcting inaccuracies, or raising concerns about how we handle your information, please contact us at privacy@headbits.com. We are committed to addressing your concerns and ensuring the protection of your data.

9. Right to object
As far as your personal data are processed based on legitimate interests in accordance with Article 6(1)(1)(f) GDPR, you have the right to object to processing of your personal data in accordance with Article 21 GDPR, to the extent that there are grounds relating to your particular situation or the objection is targeted against direct marketing. In the latter case, you have a general right to object that will be implemented by us without any indication of a particular situation.

If you want to exercise your withdrawal right or right to object, simply send us an email to privacy@headbits.com

10. Further information
In accordance with Art. 13 para. 2 lit. e GDPR we would like to inform you about the following:
The provision of personal data is neither a statutory nor contractual requirement, nor a requirement necessary to enter into a contract. You are not obliged to provide personal data. There are no consequences resulting from failure to provide such data.
In accordance with Art. 13 para. 2 lit. f GDPR we would like to inform you that we do not process your personal data for the purpose of automated decision-making.

11. Data security
Within the website visit, we use the common SSL procedure (Secure Socket Layer) in conjunction with the respective highest encryption level your browser supports. This usually is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether an individual website of our internet offer is transmitted encrypted or not is evident by the closed display of the key or lock symbol in the lower status bar of your browser.
Apart from this, we use appropriate technical and organisational security measures in order to protect your data from accidental or wilful manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures will be improved continually according to the technological developments.


12. Topicality and changes of this data privacy statement
This data privacy statement is currently valid as of December 2023.

We are committed to ensuring transparency and keeping you informed about how we handle your personal data. Our Privacy Policy may be updated periodically to reflect changes in our practices, legal requirements, or advancements in technology. We encourage you to review this Privacy Policy regularly to stay informed about how we collect, use, and protect your information. Further development of our website and offers through it or changed statutory or authority specifications may require changes to this data privacy statement. You may call and print the respective current data privacy statement at any time on the website.