This privacy notice describes how and why we collect, store, use, and/or share your information when you use our services, such as when you:

- Visit our website at https://wyrd.io, or any website of ours that links to this privacy notice
- Engage with us in other related ways, including any sales, marketing, or events

Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our services. If you have any questions or concerns, please contact us at privacy@wyrd.io.

‍

TABLE OF CONTENTS
‍
1. WHAT INFORMATION DO WE COLLECT?
2. HOW DO WE PROCESS YOUR INFORMATION?
3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
4. HOW LONG DO WE KEEP YOUR INFORMATION?
5. HOW DO WE KEEP YOUR INFORMATION SAFE?
6. MARKETING COMMUNICATIONS
7. DO WE COLLECT INFORMATION FROM MINORS?
8. DO WE ENGAGE WITH THRID PARTIES?
9. HOW TO EXERCISE YOUR PRIVACY RIGHTS?
10. DO WE MAKE UPDATES TO THIS NOTICE?
11. HOW CAN YOU CONTACT US?
‍

1. WHAT INFORMATION DO WE COLLECT?
‍
This section provides details about our various processing activities, including the purpose behind them and the legal basis for each.

1.1 Site Visitor's Usage and statistics information
Our services uses Plausible Analytics for analysing and improving our website. We chose Plausible Analytics because it is a privacy-focused company and platform that avoids personally identifiable information in favour of anonymous aggregate data. No cookies are used and no personal data is collected.

Instead, the information collected include:
- the pages you visited (URL),
- browser information,
- operating system information,
- device information, and
- location area information, uses the IP address to look up the locaiton, but does not track anything more granular than the city level, and the IP address of the visitor is discarded and not stored in the database or logs. For more information, see the Plausible Data Policy‍
‍
1.2 Platform User Information
To provide our services to you, we perform the following information that you provides us as a data processor:
- Name
- Work Email Address
- Company Name

On a volutary bases, the platform users may provide additional optional information, such as a
- Profile image,
- Job title or Role
- Language Preference

To generate reports and insights, each user provides personal information to Wyrd Assessments (such as flourishing, strengths, values, etc.). While this data is used to create individual reports, it is also anonymised and aggregated at the team or organizational level, ensuring that individual details remain confidential and undisclosed. The user may, however, decide implicitely to share individual reports with other users or even users outside the team.  
‍
1.3 Site Visitors' Contact Information
To subscribe to our services on the website (e.g. newsletter, webinars, demos, events, etc.), you may provide contact information by filling in online forms or using our chatbot. Such information depend on the service but typically include:

- Name
- Work Email Address
- Phone Number
- Company Name
- Job Title

We may enrich your contact information with personal data from other sources, such as third-party business data providers and publicly accessible sources (e.g., social media platforms). This may include mailing addresses, job titles, email addresses, and social media profiles. This helps us maintain accurate records, identify potential customers, personalise ads, suggest relevant products or services, and tailor our communications. The collection of your data by these third parties is subject to their own privacy policies.
We rely on our legitimate interest in delivering the services you subscribed to and sending personalised marketing messages. We retain this data until you unsubscribe or there is no longer a legitimate interest in processing it
‍
1.4 Billing Information
For billing, we may collect and use the following additional data if the contractual party is a person:

- Name of Customer
- Credit Card Information
- Billing Address

We do not collect or store any credit card information ourselves but use payment service provider to process the billing process instead.
‍

2. HOW DO WE PROCESS YOUR INFORMATION?
Under our service agreements, including the General Terms and Conditions (GTC) and the Data Processing Agreement (DPA), we act as a Processor, handling personal data of platform users on behalf of our customers as specified in the DPA. The customer decides who can access their Platform environment and is mainly responsible for user data processing.
In some cases, we act as a Controller, managing data when we decide the purpose and methods of processing. For these activities, any data requests from users are handled directly by us.


3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?
We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e. legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfil our contractual obligations, to protect your rights, or to fulfil our legitimate business interests.
‍
If you are located in the EU or UK:
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:

- Consent: We may process your information if you have given us permission to use your personal information for a specific purpose. You can withdraw your consent at any time.
- Performance of a contract: We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our services or at your request prior to entering into a contract with you.
- Legal obligations: We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
‍

4. HOW LONG DO WE KEEP YOUR INFORMATION?
‍We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). Additionally, you can reach out to us (privacy@wyrd.io) at any time to request deletion of your Personal Data.
‍
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
‍
‍
5. HOW DO WE KEEP YOUR INFORMATION SAFE?
Customer data, including personal information, is hosted on secure servers, either in Europe or the USA. Several data transfers and data storage are encrypted by default. In general, we prefer data storage in Europe under high data protection regulation and standart. Additionally, we may also process personal data at our office location in Switzerland.


6. MARKETING COMMUNICATIONS
If you’re a site visitor or a platform user, we may send you marketing materials we think you’ll find useful. We rely on our legitimate interest in promoting our services and enhancing your user experience. This could include product updates, webinars, and newsletters. You may opt out of any communication at any time via the unsubscribe link in each email. We do not share your personal data with third parties for their own marketing purposes.
‍
‍
7. DO WE COLLECT INFORMATION FROM MINORS?
Our Platform is designed for business use and is not intended for individuals under sixteen. We do not knowingly collect information from anyone under that age, and if we discover that we have, we promptly delete it.

‍
8. DO WE ENGAGE WITH THIRD PARTIES?
We work with trusted third-party vendors to deliver certain services on our Platform. Customers can review our current sub-processors, including details of processing activities, in our DPA. This list may change, and any updates will be communicated to customers per the DPA terms.
‍
Additionally, we use other third-party vendors to enhance your experience on our site, support internal operations, and assist our marketing and sales teams. These vendors may access and process some personal data as needed for their services.
Before partnering with any third-party vendor, we ensure they comply with data protection laws and meet security and confidentiality standards equivalent to ours.
‍
‍
9. HOW TO EXERCISE YOUR PRIVACY RIGHTS?
‍
Under applicable data protection laws, you may have the following rights regarding your personal data:
- Access and request copies of your data
- Correct any inaccuracies
- Request deletion of your data
- Restrict data processing
- Request data transfer
- Object to data processing

To exercise your rights or file a complaint about our data processing, please contact us at privacy@wyrd.io.
To unsubscribe from communications (e.g., newsletters), use the “unsubscribe” link in our emails.
Platform users can exercise these rights via the platform settings or by contacting the relevant controller (e.g., your employer). If we receive a request about data we process as a processor, we’ll forward it to the appropriate controller as required by GDPR.
‍
Note: Limiting or objecting to some data processing may affect your experience on the Platform or prevent access to certain features.


10. DO WE MAKE UPDATES TO THIS NOTICE?
We may update this privacy notice from time to time. The updated version will be indicated by an updated 'Revised' date. If we make material changes to this privacy notice, we may notify you prior to the change by email. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

‍
11. HOW CAN YOU CONTACT US?
If you have questions or comments about this notice, you may email us at privacy@wyrd.io or contact us by post at:

wyrd AG
Zwinglistrasse 3
9000 St. Gallen
Switzerland