Privacy Policy

1. General

The Threema Work Management Cockpit (hereinafter “Threema Work Cockpit”) is a web-based software-as-a-service application for “Business Customers” for the management of “Threema Work,” the business software of Threema GmbH (hereinafter “Threema”).

Aside from the Threema Work Cockpit, Threema Work comprises additional applications, namely the “Threema Work App” for mobile devices of “Work Users” and the services “Threema Broadcast” and “Threema Gateway.

The management of Threema Broadcast is carried out by “Administrators” appointed by the Business Customer.

In contrast to the Threema Work App, which is used for one-to-one communication between Work Users, Threema Broadcast is a web-based software-as-a-service application for one-to-many communication via groups, feeds, and distribution lists. Threema Broadcast can communicate with Work Users and users of the consumer version of the “Threema App” (hereinafter collectively “Users”).

From a data protection perspective, the key difference between the Threema Work App and Threema Broadcast is that the end-to-end encryption of messages sent between two Work Users in the Threema Work App makes it impossible for Threema to gain knowledge of message contents. Threema Broadcast, on the other hand, is hosted on the Threema Servers and forms the end point for messages sent by a Work User to a “Broadcast ID.” Message contents are temporarily decrypted upon receipt but then stored on the Threema Servers exclusively in encrypted form until their deletion. Until deletion, the Business Customer and, if necessary, authorized employees of Threema may have access to the stored message contents.

A. Scope of Application

This Privacy Policy applies to all data processing activities that take place while using Threema Broadcast in its latest version and are related to personal data, namely:

A. Calling up Threema Broadcast;
B. Setting up the Customer Account;
C. Managing Administrators;
D. Generating and Accepting Quotations for Broadcast Licenses;
E. Invoicing Broadcast Licenses;
F. Sending Messages From a Broadcast ID;
G. Tracking Outgoing Messages;
H. Saving Incoming Messages (“Save Chat History” Setting);
I. Setting up Groups and Distribution Lists;
J. Using Feeds;
K. Misuse Protection (hCaptcha).

In principle, this Privacy Policy does not apply to the Threema Work App for mobile devices, the Threema Work Cockpit, and Threema Gateway; the three aforementioned applications have their separate privacy policies regarding the processing of personal data. This Privacy Policy for Threema Broadcast is exclusively referring to the three aforementioned applications if particular uses of Threema Broadcast have an effect on personal data in these applications.

Threema as the data controller is a limited liability company under Swiss law with its registered office in Pfäffikon SZ (municipality of Freienbach), Switzerland, and business identification number (hereinafter “UID”) CHE-221.440.104.

When Business Customers use Threema Broadcast, personal data is, unless stated otherwise in this Privacy Policy, processed and, if necessary, stored exclusively on Threema’s own servers in two data centers of an “ISO 27001”-certified colocation partner located in Zurich, Switzerland (hereinafter “Threema Servers”).

As a company with its registered office in Switzerland, Threema and the data processing it carries out are subject to Swiss data protection law (Federal Act on Data Protection of September 25, 2020, SR 235.1; hereinafter “FADP”). For data subjects residing in the territory of the EU or the EEA (marked with “for EU/EEA”), European data protection law (Regulation (EU) 2016/679 of April 27, 2016, General Data Protection Regulation; hereinafter “GDPR”) may additionally apply.

Personal data pursuant to Art. 5 lit. a FADP [for EU/EEA: Art. 4 No. 1 GDPR] is information that relates to an identified or identifiable natural person.

B. Controller

Threema GmbH
Churerstrasse 82
8808 Pfäffikon SZ
Switzerland

UID: CHE-221.440.104

C. Data Protection Officer

Threema GmbH
Data Protection Officer
Churerstrasse 82
8808 Pfäffikon SZ
Switzerland

Email: privacy at threema dot ch

D. Representative in the EU (Art. 27 GDPR)

ACC Datenschutz UG
Messestrasse 6
94036 Passau
Germany

E. Swiss Supervisory Authority

Federal Data Protection and Information Commissioner (FDPIC)
Feldweg 1
3003 Bern
Switzerland

Telephone: +41 58 462 43 95
Contact form of the FDPIC: Link

2. Processing Activities

Depending on how a Business Customer uses Threema Broadcast, Threema processes different categories of personal data for different purposes, based on different legal bases and with different storage periods, if any personal data is stored at all.

A. Calling Up Threema Broadcast

Processing

When Threema Broadcast as web-based software is called up, information, including personal data, is automatically sent to the Threema Servers by the browser on the end device of the data subject and stored in a log file.

Categories of Processed Personal Data

When Threema Broadcast is called up, the following personal data is processed on the Threema Servers and stored in log files:

  • IP address.

Purpose

The aforementioned personal data is processed by Threema for the following purposes:

  • Delivery of Threema Broadcast in the browser of the data subject.

Legal Basis

The processing and storage of IP addresses is technically necessary and based on the overriding private interest (delivery of Threema Broadcast in the browser; contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

The processing of the IP address is technically necessary to deliver Threema Broadcast in the browser of the data subject and to enable the Business Customer or its Administrators to use it as contractually agreed.

Storage Period

The log file with the data subject’s IP address created when Threema Broadcast is called up is stored on the Threema Servers for 10 days, counting from the creation date of the log file, and then automatically deleted.

B. Setting up the Customer Account

Processing

In order to access and use Threema Broadcast as a Business Customer, the Business Customer must set up a “Customer Account.

The email address of a Business Customer used to create the Customer Account must be verified in order to activate the Customer Account and thus access Threema Broadcast.

In addition, a Business Customer is assigned a randomly generated ten-digit alphanumeric “Customer Number” when creating a Customer Account.

Categories of Processed Personal Data

To create a Customer Account, the following personal data is processed and stored on the Threema Servers:

  • Customer Number;
  • Email address of the Business Customer.

To protect Threema Broadcast from misuse when setting up a Customer Account, Threema uses a captcha from the hCaptcha service (see Section 2.K.).

Purpose

The aforementioned personal data is processed by Threema for the following purposes:

  • Use of Threema Broadcast by the Business Customer (contract performance).

Legal Basis

The processing of personal data for the creation of the Customer Account is based on the overriding private interest (use of Threema Broadcast by the Business Customer; contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

The processing of the Business Customer’s personal data is necessary to enable the Business Customer to use Threema Broadcast as contractually agreed.

Storage Period

The personal data stored to set up the Customer Account will be stored on the Threema Servers until revocation, i.e., until deletion of the Customer Account by the Business Customer in Threema Broadcast, and then deleted after 14 days.

Note: Threema is subject to a statutory retention obligation of 10 years in connection with accounting records and accounting vouchers, including any personal data. In addition, Threema reserves the right to retain all data and documents required for the reconstruction of the contractual relationship with a Business Customer, including any personal data, for the duration of the ordinary period of limitation of 10 years.

Use of Threema Broadcast as Part of a Threema Work Subscription

If a Business Customer does not use Threema Broadcast separately but as part of a Threema Work subscription, the information under Section 2.B. of the privacy policy for the Threema Work Cockpit applies.

C. Managing Administrators

Processing

To use Threema Broadcast, a Business Customer needs to register at least one Administrator per Customer Account. This Administrator does not necessarily have to be the Business Customer themself. Subsequently, additional Administrators may be registered and managed in Threema Broadcast.

The email address of an Administrator used for registration must be verified by the Administrator concerned in order to activate it for Threema Broadcast.

Categories of Processed Personal Data

For the registration and management of Administrators, the following personal data is processed and stored on the Threema Servers:

  • Email address of the Administrator;
  • Username of the Administrator.

To protect Threema Broadcast from misuse when registering Administrators, Threema uses a captcha from the hCaptcha service (see Section 2.K.).

Purpose

The aforementioned personal data is processed by Threema for the following purposes:

  • Use of the contractually agreed functions of Threema Broadcast by the Business Customer (contract performance).

Legal Basis

The processing of personal data for the registration and management of Administrators is based on the overriding private interest (use of Threema Broadcast by the Business Customer; contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

The processing of the Administrator’s personal data is necessary to enable the Business Customer to use Threema Broadcast as contractually agreed.

Storage Period

The personal data stored for the management of Administrators will be stored on the Threema Servers until revocation, i.e., until the personal data of an Administrator is changed or deleted in Threema Broadcast, and then deleted after 14 days.

If the Broadcast License of a Business Customer becomes inactive (see Section 2.B.), the personal data of the Administrator concerned will not be deleted but only deactivated for the time being. If the Business Customer reactivates Threema Broadcast by purchasing new Broadcast Licenses, deactivated email addresses of Administrators will be reactivated automatically.

In case of deletion of the Customer Account by the Business Customer (see Section 2.B.), the personal data stored for the management of Administrators will be deleted after 14 days.

Use of Threema Broadcast as Part of a Threema Work Subscription

If a Business Customer does not use Threema Broadcast separately but as part of a Threema Work subscription, the information under Section 2.B. of the privacy policy for the Threema Work Cockpit applies.

D. Generating and Accepting Quotations for Broadcast Licenses

Processing

A Business Customer may use Threema Broadcast to create quotations for Broadcast Licenses at any time. A Broadcast License consists of a Broadcast ID and the maximum number of Users with whom the Broadcast ID can communicate.

Threema Broadcast automatically creates a quotation based on the information provided by the Business Customer. The price of the quotation is fixed for 30 days, calculated from the time of creation.

If such a quotation is accepted by the Business Customer within the deadline, an invoice is automatically created and sent to the Administrators registered by the Business Customer (see Section 2.E.).

Categories of Processed Personal Data

To create and accept quotations, the following personal data is processed and stored on the Threema Servers:

  • Company;
  • Address;
  • Email addresses of Administrators.

To protect Threema Broadcast from misuse when creating quotations, Threema uses a captcha from the hCaptcha service (see Section 2.K.).

Purpose

The aforementioned personal data is processed by Threema for the following purposes:

  • Creation of quotations and their processing in case of acceptance (contract performance).

Legal Basis

The processing and storage of personal data when creating and accepting quotations by Business Customers is based on the overriding private interest (contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

This data processing is necessary to perform contracts with Business Customers for Broadcast Licenses to use Threema Broadcast.

Storage Period

The company and address of a Business Customer concerned will be stored until the deletion of their Customer Account, and then immediately deleted, subject to retention rights and obligations (see Section 2.B.).

If a Business Customer does not accept a quotation within the period of 30 days, calculated from the date of creation, the processing of their personal data within the scope of this quotation is automatically terminated. The Administrators of the Business Customer will be automatically informed about the deletion of the quotation.

The storage period of the email addresses of Administrators is set out under Section 2.C. hereinabove.

Use of Threema Broadcast as Part of a Threema Work Subscription

If a Business Customer does not use Threema Broadcast separately but as part of a Threema Work subscription, the information under Section 2.G. of the privacy policy for the Threema Work Cockpit applies.

E. Invoicing Broadcast Licenses

Processing

As soon as a Business Customer has accepted a quotation (see Section 2.D.), the data stored for their Customer Account, including personal data, are processed on the Threema Servers for billing.

In addition to the acceptance of quotations (purchase of Broadcast Licenses), the renewal of existing Broadcast Licenses also triggers invoicing the Business Customer.

Categories of Processed Personal Data

To invoice Broadcast Licenses, the following personal data is processed on the Threema Servers:

  • Customer Number;
  • Company (optional);
  • Address (optional);
  • Email addresses of Administrators.

Purpose

The aforementioned personal data is processed by Threema for the following purposes:

  • Invoicing for Broadcast Licenses (contract performance).

Legal Basis

The processing of personal data for invoicing is based on the overriding private interest (contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

This data processing is necessary to perform contracts with Business Customers for Broadcast Licenses to use Threema Broadcast.

Storage Period

The Customer Number, company, and address of a Business Customer concerned will be stored until the deletion of their Customer Account, and then deleted after 14 days, subject to retention rights and obligations (see Section 2.B.).

If a Business Customer does not pay an invoice based on a quotation within the applicable payment period, the processing of their personal data within the scope of this invoice is automatically terminated. The Administrators of the Business Customer will be automatically informed about the deletion of the invoice.

If the invoice is issued as part of the renewal of existing Broadcast Licenses, the personal data of the Business Customer will be further processed by Threema for the purpose of reminders and enforcement of the claim. If a Broadcast License is terminated by a Business Customer prior to its (in principle automatic) renewal, no more personal data will be processed for the creation of new invoices within the scope of the terminated Broadcast License.

The storage period of the email addresses of Administrators is set out under Section 2.C. hereinabove.

Use of Threema Broadcast as Part of a Threema Work Subscription

If a Business Customer does not use Threema Broadcast separately but as part of a Threema Work subscription, the information under Section 2.H. of the privacy policy for the Threema Work Cockpit applies.

F. Sending Messages From a Broadcast ID

Processing

Administrators can send messages with Threema Broadcast to Users via groups, distribution lists, and feeds.

All message contents (text messages and media files) and a voluntarily and optionally set nickname of the Broadcast ID are encrypted using a secure end-to-end encryption process. The voluntarily and optionally set profile picture of a Broadcast ID is only transport-encrypted.

Note: Threema Broadcast is hosted on the Threema Servers and forms one of the two end points of the encryption for messages sent by a Broadcast ID, which is why message contents are temporarily processed in unencrypted form and then stored in encrypted form on the Threema Servers.

Categories of Processed Personal Data

When sending messages from a Broadcast ID, the following personal data is processed and stored on the Threema Servers:

  • Message contents (temporarily unencrypted).

Purpose

The aforementioned personal data is processed by Threema for the following purposes:

  • Use of the contractually agreed functions of Threema Broadcast by the Business Customer (contract performance).

Legal Basis

The processing of personal data for sending messages from a Broadcast ID is based on the overriding private interest (contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

The processing of personal data is necessary to enable Business Customers to use Threema Broadcast as contractually agreed.

Storage Period

The messages sent by a Broadcast ID are stored on the Threema Servers for a maximum of 180 days, calculated from the moment of sending, or earlier until revocation, i.e., until deletion by an Administrator of Threema Broadcast, and then immediately deleted.

In case of deletion of the Customer Account by the Business Customer, the stored outgoing messages of a Broadcast ID will be immediately deleted.

G. Tracking Outgoing Messages

Processing

In Threema Broadcast, administrators have the option to activate the tracking of outgoing messages of a Broadcast ID.

The purpose of this function is to allow Administrators to track if an outgoing message of a Broadcast ID was sent, delivered to its recipient, read by the recipient, and, if applicable, confirmed or rejected. In each case, only the last of these events is visible.

Note: The use of the function for tracking outgoing messages of a Broadcast ID is completely optional; the Business Customer or their Administrators decide to activate this function and to thereby track the usage behavior of recipients.

Categories of Processed Personal Data

When using the function for tracking outgoing messages of a Broadcast ID, the following personal data is processed and stored on the Threema:

  • Status of outgoing messages.

Purpose

The aforementioned personal data is processed by Threema for the following purposes:

  • Use of the contractually agreed functions of Threema Broadcast by the Business Customer (contract performance).

Legal Basis

The processing of personal data in the context of using the function for tracking outgoing messages of a Broadcast ID by Administrators is based on the overriding private interest (contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

The processing of personal data is necessary to enable Business Customers to use Threema Broadcast as contractually agreed.

Storage Period

The status of an outgoing message is linked to the corresponding message and deleted together with it (see Section 2.F.).

H. Saving Incoming Messages (“Save Chat History” Setting)

Processing

Broadcast IDs may create groups and invite Users to such groups. In such groups, the setting “Save Chat History” is available to Administrators.

Groups of a Broadcast ID in which the “Save Chat History” setting has been activated are marked with a cloud emoji (☁️), which is technically mandatory and prefixed to the name of the group of the Broadcast ID when the setting is activated. In addition, members of such a group automatically receive a warning in the form of a system message before activation (or deactivation) of the setting.

If this setting is activated, all encrypted messages sent to the group of a Broadcast ID are temporarily decrypted upon receipt by the Broadcast ID on the Threema Servers and stored in encrypted form afterwards.

Note: The use of the “Save Chat History” setting is completely optional; the Business Customer or their Administrators decide to activate this setting.

Categories of Processed Personal Data

Upon receipt of a message by a Broadcast ID, the following personal data are processed and, with activated “Save Chat History” setting, stored on the Threema Servers:

  • Message content (temporarily unencrypted).

Purpose

The abovementioned personal data is processed by Threema for the following purposes:

  • Use of the contractually agreed functions of Threema Broadcast by the Business Customer (contract performance).

Legal Basis

The processing of temporarily decrypted message contents and their storage in encrypted form regarding groups with activated “Save Chat History” setting of a Broadcast ID is based on the overriding private interest (contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

This data processing is necessary to enable Business Customers to use Threema Broadcast as contractually agreed.

Storage Period

The temporarily decrypted message content is stored on the Threema Servers in encrypted form for the following durations, calculated from receipt by the Broadcast ID, and then automatically deleted:

  • Text messages: 180 days;
  • Polls: Votes in polls from a Broadcast ID for a maximum of 180 days, calculated from the date the Broadcast ID sent the poll.

Note: Media files are never stored on the Threema Servers but only the information that a User has sent a media file.

I. Setting up Groups and Distribution Lists

Processing

In Threema Broadcast, administrators have the option to create groups and distributions lists and invite or add Users to them.

To invite or add a User to a group or a distribution list, Administrators need the Threema ID of the corresponding User. Afterwards, Administrators may manually add additional information to the Threema ID in Threema Broadcast to later identify the User behind the Threema ID.

Note: Adding additional information to a Threema ID in Threema Broadcast is completely optional; the Business Customer or their Administrators decide if and what information they want to add in Threema Broadcast.

Categories of Processed Personal Data

To set up groups and distribution lists with a Broadcast ID, the following personal data is processed and stored on the Threema Servers:

  • Threema ID;
  • First name (optional);
  • Last name (optional);
  • Nickname (optional).

Purpose

The aforementioned personal data is processed by Threema for the following purposes:

  • Use of the contractually agreed functions of Threema Broadcast (contract performance).

Legal Basis

The processing of personal data for setting up groups and distributions lists of a Broadcast ID and their use is based on the overriding private interest (contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

The processing of personal data is necessary to enable Business Customers to use Threema Broadcast as contractually agreed.

Storage Period

The processing of personal data in the context of setting up groups and distribution lists of a Broadcast ID is carried out until revocation, i.e., until change or deletion of personal data or until deletion of the corresponding groups or distribution list by an Administrator.

If a Business Customer’s Broadcast License with which groups and/or distribution lists were created becomes inactive, these groups and/or distribution lists will not be deleted but only deactivated. If the Business Customer reactivates Threema Broadcast by purchasing new Broadcast Licenses, deactivated groups and/or distribution lists will be automatically reactivated.

Use of Threema Broadcast as Part of a Threema Work Subscription

If a Business Customer does not use Threema Broadcast separately but as part of a Threema Work subscription, the storage periods for Threema IDs are set out under Section 2.K. of the privacy policy for the Threema Work Cockpit.

J. Using Feeds

Processing

In Threema Broadcast, administrators have the option to create feeds, to which Users may subscribe.

If a User subscribes to a feed, their Threema ID is stored in Threema Broadcast for the delivery of messages of the corresponding feed. Afterwards, Administrators may manually add additional information to the Threema ID in Threema Broadcast to later identify the User behind the Threema ID.

Note: Adding additional information to a Threema ID in Threema Broadcast is completely optional; the Business Customer or their Administrators decide if and what information they want to add in Threema Broadcast.

Categories of Processed Personal Data

As part of the use of feeds in Threema Broadcast, the following personal data is processed and stored on the Threema Servers:

  • Threema ID;
  • First name (optional);
  • Last name (optional);
  • Nickname (optional).

Purpose

The aforementioned personal data is processed by Threema for the following purposes:

  • Use of the contractually agreed functions of Threema Broadcast (contract performance).

Legal Basis

The processing of personal data in the context of the use of feeds in Threema Broadcast is based on the overriding private interest (contract performance) of Threema; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

The processing of personal data is necessary to enable Business Customers to use Threema Broadcast as contractually agreed.

Storage Period

The processing of personal data in the context of the use of feeds in Threema Broadcast is carried out until revocation, i.e., until a Work User unsubscribes from a feed or deletes the personal data, or until an Administrator deletes the corresponding feed.

If a Business Customer’s Broadcast License with which groups and/or distribution lists were created becomes inactive, these groups and/or distribution lists will not be deleted but only deactivated. If the Business Customer reactivates Threema Broadcast by purchasing new Broadcast Licenses, deactivated feeds will be automatically reactivated.

Use of Threema Broadcast as Part of a Threema Work Subscription

If a Business Customer does not use Threema Broadcast separately but as part a Threema Work subscription, the storage periods for Threema IDs are set out under Section 2.K. of the privacy policy for the Threema Work Cockpit.

K. Misuse Protection (hCaptcha)

Processing

In order to prevent misuse through forms submitted by machines, Threema uses the captcha of the “hCaptcha” service for all forms and login screens used in Threema Broadcast.

hCaptcha is a service of Intuition Machines, Inc., 350 Alabama St, San Francisco, CA 94110, USA (hereinafter “Intuition Machines”). hCaptcha is “ISO 27001”-certified. More information on data protection at Intuition Machines can be found under this external link.

The USA as the registered office of Intuition Machines and the probable place of data processing of the hCaptcha service is not on the list of states under Annex 1 to the Ordinance on Data Protection of August 31, 2022 (“DPO”; SR 235.11); therefore, its legislation does not ensure adequate data protection; Art. 16 Sec. 1 FADP in connection with Art. 8 Sec. 1 DPO.

For this reason, personal data disclosed to Intuition Machines is converted to a one-way encrypted hash value on the Threema Servers before it is disclosed.

Note: No personal data is disclosed to Intuition Machines; identification of Administrators is thereby not possible.

Categories of Processed Personal Data

When solving a captcha, the following personal data is processed on the Threema Servers and disclosed to Intuition Machines in pseudonymized form:

  • IP address (one-way encrypted).

Purpose

The aforementioned personal data is processed by Threema and disclosed to Intuition Machines in pseudonymized form for the following purposes:

  • Information security.

Legal Basis

The processing of IP addresses on the Threema Servers and their disclosure to Intuition Machines in pseudonymized form is based on the overriding private interest (misuse protection) of Threema; Art. 13 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].

Necessity

This data processing is necessary to prevent misuse through forms in Threema Broadcast submitted by machines.

Storage Period

After their pseudonymization and their disclosure to Intuition Machines in pseudonymized form, the IP addresses of Business Customers or their Administrators are immediately deleted on the Threema Servers.

3. Disclosure of Data to Third Parties

Principally, Threema does not disclose to third parties any personal data that is transmitted by the Business Customer when using Threema Broadcast and that is then processed and stored on the Threema Servers.

Threema reserves the right to disclose personal data to third parties (e.g., lawyers) if it is necessary for the assertion, exercise, or defense of legal claims by Threema.

4. Collection of Data from Third Parties

Principally, Threema does not collect from third parties any personal data that is transmitted by the Business Customer when using Threema Broadcast and that is then processed and stored on the Threema Servers.

5. Data Security

In addition to using state-of-the-art encryption methods, Threema takes all necessary technical and organizational measures to prevent unauthorized access and misuse of data in Threema Broadcast. The security measures are continuously improved in line with technological developments.

6. Control Options

In addition to the legal claims of data protection law (see Section 7), Threema grants data subjects (Business Customers and Administrators) the following control options over their personal data:

Deletion of All Stored Personal Data of a Customer Account (for Business Customers)

Business Customers may delete all personal data processed and stored within the scope of the Customer Account at any time by deleting their Customer Account.

This is subject to Threema’s retention rights and obligations (see Section 2.B.).

Rectification, Completion, and Deletion of Personal Data and Termination of Processing (for Administrators)

Administrators may rectify or complete personal data in Threema Broadcast at any time, terminate their processing, or delete them if they are stored, namely:

  • Company and address data;
  • Personal data of Administrators;
  • Old, inactive Threema IDs of Users;
  • Information about Users in groups, distribution lists and feeds;
  • Stored messages.

7. Rights of Data Subjects

Data subjects whose personal data is processed within the scope of using Threema Broadcast can assert various claims under data protection law against Threema.

If Threema processes personal data on behalf of a Business Customer, i.e., as a processor, claims of data subjects under data protection law must be primarily asserted against the Business Customer as the controller of the data processing. Threema will support the Business Customer in the fulfilment of claims under data protection law by data subjects.

In order to fulfil these claims, Threema may have to process personal data of data subjects. In particular, Threema must be able to identify the data subject in order to ensure that the data subject rights are not exercised by anyone other than the data subject and that no personal data is unlawfully disclosed to third parties.

Depending on the applicable law, data subjects may exercise the following rights in relation to personal data against Threema:

Right to Information

Art. 25 and 26 FADP [for EU/EEA: Art. 15 GDPR]

A data subject has the right to request information about their personal data processed by Threema.

Right to Correction or Completion

Art. 32 Sec. 2 FADP [for EU/EEA: Art. 16 GDPR]

A data subject has the right to request that Threema corrects inaccurate or completes incomplete personal data without undue delay.

Right to Deletion

Art. 32 Sec. 2 FADP [for EU/EEA: Art. 17 GDPR]

A data subject has the right to request that Threema deletes their personal data without undue delay.

Right to Withdrawal of Consent

only for data processing based on consent; Art. 30 Sec. 2 FADP [for EU/EEA: Art. 7 Sec. 3 GDPR]

A data subject has the right to withdraw their consent to the processing of their personal data by Threema. This has the consequence that Threema may no longer continue the data processing based on this consent. The processing of the User’s personal data by Threema up to this point in time on the basis of the User’s consent remains lawful.

Right to Objection

only for data processing based on legitimate interests; Art. 30 Sec. 2 FADP [for EU/EEA: Art. 21 GDPR]

A data subject has the right to object to the processing of their personal data by Threema where such personal data is processed based on Threema’s overriding private interests; Art. 31 DSG [for EU/EEA: Art. 6 Sec. 1 lit. f GDPR].

Right to Blocking

Art. 32 FADP [for EU/EEA: Art. 18 GDPR]

For the protection of their personality, a data subject has the right to request that Threema blocks the processing of their personal data.

Right to Data Transfer

Art. 28 and 29 FADP [for EU/EEA: Art. 20 GDPR] [only for data processing based on consent or a contract and with the aid of automated procedures]

A data subject has the right to receive the personal data they have provided to Threema in a structured, commonly used, and machine-readable format, provided that:

  • the processing is based on consent or on a contract; and
  • the processing is carried out with the aid of automated procedures.

8. Timeliness and Amendment of this Privacy Policy

Threema reserves the right to amend this Privacy Policy from time to time in order to comply with changed legal requirements or to implement new features in the Privacy Policy. The current Privacy Policy is always linked in Threema Broadcast.