Introduction

At ShopCircuit, operated by Pyango GmbH, we are committed to creating innovative e-commerce solutions while ensuring the protection of your personal data. This privacy policy explains how we collect, use, and share data about you:

  • Merchants who use ShopCircuit to operate their online businesses
  • Customers who shop at businesses operated on the ShopCircuit platform
  • Partners who develop apps for merchants or help merchants operate their ShopCircuit-based businesses
  • Website visitors who visit our websites or contact our support

At ShopCircuit, operated by Pyango GmbH, we are committed to creating innovative e-commerce solutions while ensuring the protection of your personal data. This privacy policy explains how we collect, use, and share data about you:

Our Values

Your Data Belongs to You

We carefully analyze what types of data we need for our services and limit data collection to what is actually necessary. Where possible, we delete or anonymize data when we no longer need it. Your data belongs to you, and we use it only for your benefit.

We Protect Your Data from Third Parties

When third parties request access to your personal data, we refuse to share it unless you give us permission or we are legally required to do so. When legally obligated to share data, we will inform you in advance, unless legally prohibited.

We Support Merchants with Their Privacy Obligations

We design our products and services to be easily and privacy-compliant to use. Additionally, we provide comprehensive documentation on important privacy topics.

Legal Basis for Data Processing

We process your data based on the following legal bases:

Contract Fulfillment

We process your data to fulfill contractual obligations (e.g., providing the ShopCircuit platform, billing for subscriptions).

Legitimate Interests

  • Fraud and risk prevention
  • Customer service and support
  • Product improvement and development
  • Providing analytics and reports
  • Marketing and communication
  • Testing new features

Consent

We process your data with your explicit consent, particularly for marketing communications and certain features. You can withdraw your consent at any time.

Legal Obligations

We process data to comply with legal requirements, such as tax and accounting regulations.

What Data We Collect

Depending on your use of ShopCircuit, we collect various categories of personal data:

Account Information

  • Name, email address, phone number
  • Company information (for merchants)
  • Login credentials and preferences

Payment Information

  • Credit card and bank account details
  • Billing addresses
  • Transaction history

Usage Data

  • Interactions with our platform
  • Pages visited and features used
  • Search terms and activities

Technical Data

  • IP addresses and device information
  • Browser type and version
  • Operating system and device characteristics

Communication Data

  • Support requests and correspondence
  • Feedback and reviews
  • Newsletter interactions

How We Use Your Data

We use your personal data for the following purposes:

Service Provision

  • Operating and maintaining the ShopCircuit platform
  • Processing transactions and payments
  • Customer service and technical support

Improving Our Services

  • Analyzing platform usage
  • Developing new features
  • Optimizing user experience

Communication

  • Sending important service updates
  • Marketing communications (with your consent)
  • Newsletters and product announcements

Security and Compliance

  • Fraud prevention and security measures
  • Compliance with legal requirements
  • Enforcement of our terms of service

Data Sharing

We only share your personal data in the following cases:

Service Providers

We work with trusted service providers who help us deliver our services:

  • Cloud hosting providers
  • Payment processors
  • Email service providers
  • Analytics and marketing tools

Business Partners

  • Partners who develop apps for our platform
  • Integration partners for extended functionality

Legal Requirements

  • When legally required
  • To protect our rights and interests
  • In response to government requests

Business Transactions

In case of mergers, acquisitions, or sales of business units, your data may be transferred to the relevant parties.

International Data Transfers

As a Swiss company, we work with partners and service providers worldwide. When transferring data outside Switzerland and the EEA, we ensure adequate protection measures:

  • Standard Contractual Clauses of the European Commission
  • Adequacy decisions of the EU Commission
  • Other appropriate safeguards

Your Rights

You have the following rights regarding your personal data:

Right to Access

You can request information about the personal data we process about you.

Right to Rectification

You can request correction of inaccurate or incomplete data.

Right to Erasure

You can request deletion of your personal data when:

  • The data is no longer needed for the original purposes
  • You withdraw your consent
  • The data has been processed unlawfully

Right to Restriction

You can request restriction of processing under certain circumstances.

Right to Data Portability

You have the right to receive your data in a structured, common format.

Right to Object

You can object to the processing of your data based on legitimate interests.

Right to Withdraw Consent

You can withdraw any consent given at any time. To exercise your rights, contact us using the contact details provided below.

Data Security

We implement comprehensive technical and organizational measures to protect your data:

Technical Protection Measures

  • Encryption of data during transmission and storage
  • Secure servers and network infrastructure
  • Regular security updates and patches

Organizational Measures

  • Training our employees on data protection
  • Restricting data access to authorized personnel
  • Regular security audits

Incident Response

In case of security breaches, we have procedures for quick response and notification of affected individuals and authorities.

Cookies and Tracking Technologies

We use cookies and similar technologies for:

Necessary Cookies

  • Login status and session management
  • Security features
  • Basic platform functionality

Analytics Cookies

  • Improving website performance
  • Understanding user interaction
  • Optimizing user experience

Marketing Cookies

  • Personalized advertising (with your consent)
  • Remarketing and conversion tracking

You can manage your cookie preferences in your browser settings or use our cookie settings.

Data Retention

We retain your personal data only as long as necessary to fulfill the purposes:

Active Users

As long as you actively use our services, we retain your account data.

Inactive Accounts

After prolonged inactivity, we may delete accounts and associated data.

Legal Retention Requirements

Certain data must be retained for specific periods due to legal requirements.

Merchant Data

Upon termination of a merchant account, we retain data for 2 years before beginning deletion.

Automated Decision-Making

We use machine learning and automated systems for:

  • Fraud prevention and security
  • Product recommendations
  • Personalizing user experience

For automated decisions with legal effects, you have the right to human review.

Protection of Minors

Our services are not directed at persons under 16 years of age. We do not knowingly collect personal data from minors without parental consent.

Changes to This Privacy Policy

We may update this privacy policy from time to time. For material changes, we will notify you via email or through our platform. The current version is always available on our website.

Contact

Data Controller:

Pyango GmbH Ahornweg 7, 5615 Fahrwangen Switzerland

Email: info

Data Protection Officer:

Email: info

EU Representative (for EU citizens):

Email: info

If you have questions about this privacy policy or wish to exercise your rights, please contact us using the contact details above. For complaints, you can also contact the relevant data protection supervisory authority:

Federal Data Protection and Information Commissioner (FDPIC)
www.edoeb.admin.ch

EU Citizens:
Your local data protection authority