Privacy Policy

DSENT AG operates the website and the digital marketplace www.go.token- and is responsible for collecting, processing, and using your personal data in compliance with the applicable data protection law (hereinafter referred to as the “Users” and/or “You”).

Your trust is important to us, which is why we take the protection of data seriously and ensure appro- priate security. We observe the statutory provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (OFADP), the Telecommunications Act (TCA) and other applicable data protection provisions of Swiss and international law, in particular where applicable EU law.

In this privacy policy, we inform you about what personal data we collect from you and for what pur- poses we use it.

If you have any questions regarding data protection, you can get in touch with us at or at our address.


Gotthardstrasse 26

6300 Zug


Data Processing in connection with our website

When you visit our website, our servers temporarily store each access in a log file. The following technical data is collected without your intervention and stored by us, as in principle with every con- nection to a web server:

- the IP address of the requesting computer,

- the operating system of your computer,

- the browser you are using (type, version, and language),

- name of the IP address range,

- the date and time of the server request,

- the web page from which access was made (referrer URL), possibly with the search terms used,

- the status code (for example, error message, debug information),

- the browser used (type, version and language), and the transmission protocol used.

The collection and processing of these data are carried out for the purpose of enabling the use of our website (establishing a connection), ensuring system security and stability over the long term and optimising our internet presence as well as for internal statistical purposes. It is within our legitimate interest to process such data to offer you a well-functioning website.

The IP address will also be used together with the other data in the event of attacks on the network infrastructure or other unauthorised or abusive use of the website to identify offenders in connection with civil or criminal proceedings. The processing of this data is in our legitimate interest to track your visit to our website and to improve the website accordingly.

We will store your access data for up to one year after our business relationship is no longer active.

2. What data do we collect when you create an account with us?

You can create an account on our website, through which you can easily make use of our technology and related services. For this we need the following necessary information:

- first name,

- last name,

- email address,

- country of residence, and

- date of birth

We use these data as well as additional information voluntarily provided by you only in order to offer our services to you in the best possible way. The processing of this data is, therefore, necessary for the performance of pre-contractual and contractual measures.

We will store these data for up to one year after our business relationship is no longer active.

3. What data do we collect when you create an account with us?

To provide our services to you, we need information about you. For this we need the following necessary information:

- first name,

- last name,

- email address,

- country of residence

- date of birth, and

- additional identification information.

We use these data as well as additional information voluntarily provided by you only in order to offer our services to you in the best possible way. The processing of this data is, therefore, necessary for the performance of pre-contractual and contractual measures

We cooperate with Intrum AG, Eschenstrasse 12, 8603 Schwerzenbach, Switzerland, to comply with our identification obligations.

Furthermore, to send you confirmations and similar messages related to our services (e.g., payment confirmation, invoices, receipts), we use software and the services from Mailjet GmbH (“Mailjet”). Mailjet has its main seat at 4 rue Jules Lefebvre, 75009 Paris, France.

We will store these data for up to one year after our business relationship is no longer active.

4. What data do we collect when you use our contact form?

- first name,

- last name,

- email address, and

- your message

We only use these data as well as any additional information voluntarily provided by you (e.g. com- pany name, area of interest, project, ticket name) in order to answer your contact enquiry in the best possible and personalised way. The processing of this data is therefore in our legitimate interest.

We will store these data for up to one year after our business relationship is no longer active.

5. What are cookies? Do we need cookies?

Cookies help in many ways to make your visit to our website easier, more enjoyable and more meaningful. Cookies are information files that your web browser automatically saves on your computer's hard drive when you visit our website. In particular, we use the following temporary and persistent cookies:

- technically necessary cookies,

- performance Cookies,

- functional cookies, and

- marketing cookies.

We use these cookies, for example, when including a form on the website, so that you do not have to repeat the entry when calling up another subpage. Cookies may also be used to identify you as a registered user after you register on the website, without you having to log in again when you visit another page.

Most Internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer, or a message always appears when you receive a new cookie.

Disabling cookies may prevent you from using all features of our website.

6. Do we use tracking tools?

We use the web analysis service of Heap Inc. (hereinafter referred to as “Heap”), a Delaware (USA) corporation. Heap is a company duly incorporated and organized under the laws of United States of America, having its registered address at 225 Bush St. 2nd Floor, San Francisco, CA 94104.

Heap is a user behavioural analytics product and service that allows us to collect and analyse data about how you are interacting with our services. Heap does this by collecting data on what you are doing, including but not limited to what webpages you visit, what you click on, where you are located, what browser or platform you are using, and many other forms of behavioural or personal data. In addition to the data listed in section 1, we may receive the following information:

- navigation path of a visitor to the website,

- time spent on the website or a subpage,

- the subpage on which the website is left,

- the country, region or city from which access is made,

- the device (type, version, colour depth, resolution, width and height of the browser window), and

- if you are a recurring or new visitor.

The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to the use of the website and the internet for purposes of market research and need-based design of this website. In addition, this information may be transferred to third parties if this is required by law or if third parties process this data on our behalf.

Storage and exchange of data with third parties

7. Where do we store our data?

We store the data collected according to this privacy policy with Exoscale, Allmendstrasse 13, 8102 Oberengstringen, Switzerland. Exoscale is a company of Akenes SA, which has its registered seat at Boulevard de Grancs 19A, 1006 Lausanne, Switzerland.

8. How long will my data be kept?

We only store personal data for as long as is necessary for the above-described uses and further processing in the context of our legitimate interest. Contract data is stored by us for a longer period of time, as this is prescribed by statutory obligations. Obligations to store data may arise out of ac- counting law, civil law and tax law. According to these laws, business communication, concluded contracts and accounting vouchers must be stored for up to 10 years.

9. Will my data be disclosed to other third parties?

We only disclose your personal data to other third parties if you have expressly consented, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular, to enforce claims arising from the contractual relationship. In addition, we disclose your data to third parties insofar as this is necessary for the use of the website and the execution of contracts (also outside the website). Furthermore, we may disclose your data for our client relationship management, and compliance including AML and KYC matters.

In this context, we may disclose data to:

- HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA,

- Stripe Inc., Grand Canal Street Lower 1, Grand Canal Dock, Dublin, D02 H210, Ireland,

- Issuers of the platform,

- Skribble AG, Förrlibuckstrasse 190, 8005 Zurich, Switzerland,

- Intrum AG, Eschenstrasse 12, 8603 Schwerzenbach, Switzerland,

- Mailjet GmbH, 4 rue Jules Lefebvre, 75009 Paris, France.

- Dun and Bradstreet Schweiz AG, Grossmattstrasse 9, 8902 Urdorf, Switzerland, and

- Capital Management Partner AG, Parkring 59, 8002 Zurich, Switzerland.

These third parties are instructed by us on how they may process the data. For this reason, we have concluded a contract with each of these third parties. Also, they only process the data within Europe.

10. Do we transfer personal data abroad?

We are entitled to transfer your personal data to third parties (contracted service providers) abroad for the purpose of the data processing described in this privacy policy. These are bound to protect data to the same extent as we are. If the level of data protection in a country does not correspond to that in Switzerland or in Europe, we will contractually ensure that the protection of your personal data corresponds to that in Switzerland or Europe at all times. In addition, we may conduct impact assess- ments and implement resulting technical and organisational measures to ensure an adequate level of data protection.

11. Is the same protection provided when data is transferred to the USA?

For the sake of completeness, for users residing or domiciled in Switzerland, we would like to point out that in the USA there are surveillance measures by US authorities that generally allow them to get access to all personal data that has been transferred from Switzerland to the USA. This is done without differentiation, limitation or exception based on the objective pursued and without any objec- tive criterion that would allow limiting the access to the data and subsequent use thereof by US au- thorities to very specific, strictly limited purposes that could justify the interference associated both with access to and use of such data. In addition, we would like to point out that in the USA there are no legal remedies available for the persons concerned from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective legal protection against general access rights of US authorities. We explicitly draw your attention to this legal and factual situation in order to enable an informed decision to consent to the use of your data. We would like to point out that, from the point of view of the European Union and the Federal Data Protection and Information Commissioner in Switzerland, the USA does not have an adequate level of data protection, partly due to the issues mentioned in this section. Insofar as we have explained in this privacy policy that recipients of data (such as Heap or HubSpot) are based in the USA, we will ensure that your data is protected at an appropriate level by our service providers, through contractual arrangements with these companies as well as adequate technical and organizational measures.

Anything else you need to know?

12. You have a right of access, rectification, deletion and limitation of the pro- cessing as well as of data transferability

You have a right to request information about the personal data that we store about you. In addition, you have a right to correct incorrect data and a right to request deletion of your personal data, insofar as there is no legal obligation to retain such data and no legal basis for further processing the existing data. Furthermore, you have the right to have your objection recorded if neither the accuracy nor the inaccuracy of the personal data can be determined.

You also have a right to request the data that you have provided to us (right to data portability). Upon request, we will transfer your data to a third party of your choice. You have a right to receive the data in a common file format.

You can contact us for the aforementioned purposes via the e-mail address [email protected]. In order to process your requests, we may request proof of your identity.

In many countries, you also have the right to file a complaint with the relevant data protection authority if you have concerns about how we process your data.

These rights depend on the applicable data protection legislation and may be either more limited or more comprehensive.

13. Is your data safe with us?

We use suitable technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third par- ties. Our security measures are continuously improved in line with technological developments.

You should always treat your access data confidentially, especially if you share your computer, tablet or smartphone with others.

14. Can you complain about us?

You have the right to complain to a data protection supervisory authority at any time.

15. Which law do we apply? And where does the law apply?

This privacy policy and the contracts concluded on the basis of or in connection with this policy are subject to Swiss law, unless the law of another country is mandatory. The place of jurisdiction shall be the registered office of DSENT AG, unless another place of jurisdiction is mandatory.

16. Can this policy be amended?

Should individual parts of this privacy policy be invalid, this shall not affect the validity of the rest of the privacy policy. The invalid part of this privacy policy shall be replaced in such a way that it comes as close as possible to the economically intended purpose of the invalid part.

Due to the further development of our website and offers or changes to the statutory requirements, it may become necessary to amend this privacy policy. The most current privacy policy is published on our website.

17. Questions about data protection? Please, contact us!

This privacy policy was last modified on 29 June 2022. If you have any questions or comments about our legal notices or data protection, please contact us at [email protected].