one Digital Service (“one”) and the surprize rewards programme (“surprize”) are provided by Viseca Payment Services SA (“Viseca”) to holders (“Users”) of credit and prepaid cards (“Payment Cards”).
These Terms and Conditions consist of the following sections and govern the rights and obligations between “one” Users and Viseca:
C. Conditions for visiting “one” websites
In addition to these provisions, the following terms and conditions apply to Users:
- Terms and Conditions for the use of Payment Cards of the Payment Card issuer, which are available on the website of the Payment Card issuer with further information on eligible card products;
- Terms and Conditions for participation in Viseca’s surprize rewards programme, which are available at www.viseca-payment.ch/en/legal-provisions.
1. Range of functions of “one”
“one” includes functions for managing the Payment Card and provides an overview of transactions. The range of functions is being continuously expanded. The current range of functions of “one” is shown in the current web and app version and includes, among other things:
- User account to manage personal data;
- Overview of transactions and Payment Card registrations;
- Display and activation of electronic invoices;
- Confirmation of online transactions, e.g. via 3-D Secure;
- Push messages, SMS services;
- Blocking of Payment Cards and replacing cards and PINs;
- Registration of the Payment Card for mobile payment solutions;
- Display and redemption of surprize points;
- Transaction categorisation and expenditure control;
- Contact form and customer service.
2. Registration, use and further development of “one”
Use of "one" requires personal registration. "one" is available via the "one" web portal (“Web”) one-digitalservice.ch and the "one" Mobile Application (“App”). New or enhanced functions are provided to Users on an ongoing basis by means of updates. Viseca will inform the User in an appropriate manner about product and functional modifications. If Users reject new or updated terms and conditions concerning the use of “one” as part of further developments and the introduction of new features, individual features may not be used or may no longer be fully used on the Web or App.
3. Effect of confirmations
Each confirmation made via the App or by entering an SMS code will be deemed to be an action by the User.
4. Availability, Blocking and Changes
Viseca may at any time interrupt, restrict, discontinue or replace the option of using “one” in whole or in part without prior notice for good cause. In particular, Viseca has the right to block Users' access to “one” temporarily or permanently (e.g. if improper use is suspected).
5. User’s duties of care
The duties of care in connection with the use of devices (e.g. mobile phones, tablets, etc.) for the use of “one” include keeping the devices used secure at all times. Users must treat and protect them with reasonable care and comply with the following duties of care in connection with the devices used:
- Changes to the telephone number or e-mail address in order to communicate with “one” must be made via the “one” Web or App;
- Users must set a password that is not easily identifiable. The password must not be recorded or saved in unsecured form;
- A screen lock must be activated for mobile devices and security measures must be taken to prevent unauthorised access;
- Antivirus and internet security programs must be installed and kept up to date on the User's mobile devices and laptop/computer;
- The “one” App may only be downloaded from official stores (e.g. Apple Store and Google Play Store);
- Updates to the App must be installed immediately;
- In the event of the loss of a Mobile Device, the SIM card or the device or the User account must be blocked or reset and, if necessary, the data deleted;
- The App must be deleted prior to a sale or other permanent transfer of the device to a third party;
- Interventions in the operating system must be avoided.
6. Users' reporting obligations
The following events must be reported to Viseca immediately by telephone on Tel. +41 58 958 69 11 (24h), via “one” or the Viseca website. In addition, corresponding adjustments, such as blocking Payment Cards, must be made independently:
- Confirmation requests that are not related to an online payment, login or contact with Viseca
- Any other suspicion that confirmation requests in the App or the SMS code do not originate from Viseca
- Suspicion of misuse of personal data, passwords, devices, web or app
7. Risks and losses
In the event that users incur any losses as a result of the subscription, modification or termination of “one”, they are deemed at the Users' own risk. Viseca disclaims all liability. “one” can be accessed via the Internet. Viseca cannot guarantee that access is possible at all times or without interruption. Liability for losses in connection with the use of Payment Cards is governed by the Payment Card issuer's terms and conditions governing the use of Payment Cards.
8. Intellectual Property Rights and Licensing
For the use of the App, Viseca grants Users a non-exclusive, non-transferable, perpetual, revocable and royalty-free license to download the App, install it on a device in the User’s permanent possession and use it in accordance with the intended functions.The complete or partial reproduction, transmission in electronic or other form, modification, linking or use for public or commercial purposes of “one” Web and App is prohibited without the prior written consent of Viseca. All property rights remain with Viseca.All rights (in particular copyrights and trademark rights) to software, text, images, videos, names, logos and other data and information that are accessible via “one” or become accessible over time belong exclusively to Viseca or the corresponding partners and third parties (e.g. Mastercard, Visa).
9. Termination and applicable law
Users may terminate the contractual relationship for “one” at any time without notice by notifying Viseca in writing or by deleting the App.Upon termination of the Payment Card contract with the Payment Card issuer, subscription to "one” shall also automatically terminate. In the event of misuse or breach of these Terms and Conditions, Viseca reserves the right to exclude Users from the use of “one.”Viseca may transfer the "one" contractual relationship, individual claims or obligations arising therefrom, to third parties in Switzerland and abroad at any time. Data may be made available to these third parties in this context and where necessary.The legal relationship between Users and Viseca is governed by Swiss law. The place of performance, jurisdiction and, for users domiciled abroad, the place of debt enforcement shall be Zurich.
1. Who is responsible for the processing of the data?
Viseca, Hagenholzstrasse 56, 8050 Zurich, is responsible for the processing of the data. Information may be obtained by telephone (+41 58 958 69 11), email (email@example.com) or in writing (Viseca Payment Services SA, Data Protection, Hagenholzstrasse 56, 8050 Zurich).Viseca is not responsible for data processing by Users based on the contractual relationship with the Payment Card issuer. In this regard, Viseca refers to the terms and conditions of the Payment Card issuer.
2. Data collected
2.1 What data is disclosed by the user?
When registering and logging in to “one” and in the course of managing their User account, Users may be requested to provide Viseca, among other things, with their home address, date of birth, email address, mobile phone number, card number and activation code.
2.2 What data are collected automatically?
- Data relating to the use of mobile devices, such as e.g. manufacturer, device type, operating system with version number, device ID and IP address;
- Data concerning the use of computers and browsers and for access to the Internet, such as device type, operating system and IP address;
- Data concerning the settings requested by the User, such as storage of the user name or login;
- Data relating to visits and manner of usage of the website, such as e.g. data relating to the estimation of aggregate traffic and usage figures, data exchange volume, identifying content that may be of particular interest to Users, as well as the general improvement, further development and availability of “one”;
- Data generated when using the App, such as manner of usage, updates or device information.
2.3 What information is collected when registering with “one”?
- Information about Users and the Payment Card registered in "one" that is stored in the user account;
- Information about the activation of 3-D Secure for the Payment Card registered in “one”, including the corresponding confirmations in the App or the entering of an SMS code when using it;
2.4 What data are collected at the merchant's location (Point of Sale)?
- Merchant and location data (when using 3-D Secure), such as merchant name, location, country and sector;
- Automated periodic Google query to specify the merchant's location;
2.5 What information is collected when using Mobile Payment?
- Information on the use of Mobile Payment, such as activating or deactivating Payment Cards and further use of the Payment Card for Mobile Payment;
- Information about the amount (such as e.g. currency) and further information when using the card with Mobile Payment, such as e.g. time of the transaction and type of verification.
2.6 What information is collected when using 3-D Secure?
- Information about the merchant, the transaction and the processing thereof as well as confirmation of the transaction with 3-D Secure;
- Information related to the devices used for the transaction and confirmation;
- Information related to access to the Internet or mobile network, such as IP address and name of the access provider.
With regard to the use of Mobile Payment and 3-D Secure, Viseca refers to the terms and conditions of the Payment Card issuer.
3. What is the data used for and how is it processed?
The data specified in Section 2 shall be used or processed as follows:
3.1 Provision of "one" Services
- Enabling registration, login and use on “one”;
- Authentication of Users when performing actions. The App and/or mobile devices used are clearly assigned to the Users when registering with “one”. In this way, Viseca can ensure that the confirmation actions are carried out in the App or with the registered mobile devices;
- Communication with users and transmission of information in connection with fraud warnings and fraud monitoring, on behalf of the Payment Card issuer and as operator of “one” (e.g. provision of invoices) via “one” and the mobile device;
- Receipt of messages from Users, e.g. via the contact form;
- Display of transactions and invoices on behalf of the Payment Card issuer;
- Transmitting of confirmation requests, e.g. for confirmation of online payments by push notification or SMS code;
- Processing of the “one” contractual relationship;
- Establishing a secure connection between “one” and Users' mobile devices;
- Operation of the surprize rewards shop and point accounting;
- Operation of 3-D Secure web transactions;
For data processing in connection with the Payment Card contract and the use of the Payment Card, Viseca refers to the terms and conditions of the Payment Card issuer.
3.2 Mobile Payment
- Checking to verify that a Payment Card is eligible for Mobile Payment;
- Activating, deactivating and updating Payment Cards for Mobile Payment;
- Prevention of misuse of registered Payment Cards;
For data processing in connection with the use of Mobile Payment Solutions, in particular concerning data processing by third-party providers and the relationship between users and the third-party provider, Viseca refers to the terms and conditions of the Payment Card issuer.
3.3 surprize bonus programme
- Viseca is authorised to use the data processed in connection with surprize for marketing purposes and to create and analyse customer, consumption and preference profiles;
- Profiling the data enables Viseca to offer surprize rewards to Users who may be interested in these. Information about such products and services is provided to participants via individual communication channels (e.g. post, e-mail, SMS or the "one" digital service);
- Users may withdraw consent to processing for marketing purposes in relation to surprize rewards in connection with the surprize construction programme at any time by notifying Viseca.
- Forwarding data from “one” (such as e.g. user behaviour) to the Payment Card issuer and processing the data for its own purposes;
- Creation of individual customer, consumption and preference profiles that enable products and services to be developed and offered to users on behalf of the Payment Card issuer;
- Transmission of information via “one” concerning existing or new products and services of the Payment Card issuer to the User.
For data processing in connection with marketing campaigns, Viseca refers to the terms and conditions of the Payment Card issuer.
3.5 Further processing purposes
- Furnishing proof of actions and defending against claims lodged against Viseca;
- Complying with statutory and regulatory requirements;
4. Who processes and receives user data?
4.1 Persons at Viseca
4.2 Service providers
4.3 Payment card issuer
Users have understood and expressly agree that Viseca, as the operator of “one”, may create customer, consumption and preference profiles on “one” User behaviour and pass them on to the Payment Card issuer. This includes e.g. individual and statistical usage data, authorisation data as well as evaluation and analysis of transactions. Viseca may also forward User data to the Payment Card issuer for business purposes (e.g. risk and marketing purposes as well as combating fraud). This enables the Payment Card issuer to combine data from “one” with its own data and further process it for its own purposes.
4.4 Third Parties
Third parties are persons or companies that process User data for their own purposes. Third parties are not contracted service providers of Viseca.Viseca generally does not disclose any data to third parties for their own purposes in connection with “one.” This applies in particular to transaction data or customer, consumption and preference profiles. This principle does not apply to the disclosure of “one” usage data that is expressly requested or instructed by Users.By official order or pursuant to statutory obligations, Viseca forwards data to government agencies such as law enforcement or regulatory authorities.
4.5 Electronic data transmission
User data may be transmitted electronically to third parties in Switzerland and abroad even without the involvement of Viseca. In particular, when using the App and/or mobile devices, manufacturers of devices or software (such as Apple or Google) may receive data.These third parties may process and also disclose these data in accordance with their own terms and conditions of use or privacy notices. This may result in these third parties being able to infer that there is a relationship between users, Viseca and the Payment Card issuer.SMS messages are subject to the applicable legislation on the surveillance of telecommunications and are stored on mobile phones. This may enable third parties to obtain the information in question.
5. Are data disclosed to other recipients?
The transmission of information between Viseca and the App and/or mobile devices of the Users is encrypted, with the exception of SMS messages sent.However, communication with Users takes place via public communication networks. These data are generally accessible to third parties and may be lost or intercepted by unauthorised third parties during transmission. It therefore cannot be ruled out that third parties, despite all security measures taken, may gain access to the communication with the Cardholder when "one" is used.When using the Internet, data may also be transmitted via third countries if users are located in Switzerland. Such third countries may not offer the same level of data protection as Switzerland.
6. When is data transferred abroad?
7. Does profiling take place?
Viseca may process “one” User Data in order to create profiles, e.g. for analyses, evaluations and decisions. Such processing is used by Viseca in particular for risk management purposes, the further development of “one” and to ensure information and data security.
8. How long does Viseca store the data and when does Viseca erase it?
Viseca stores data only for as long as necessary for the purpose for which it was collected. In addition, Viseca stores data if there is a legitimate interest in storage, e.g. if Viseca requires data in order to enforce or defend against claims in order to ensure IT security or if limitation periods apply. Finally, Viseca stores data in order to comply with regulatory and statutory obligations.If Users stop using “one” for two years, Viseca will assume that the App has been deleted. In this case, Viseca will delete all data that does not have to be retained based on statutory retention obligations or contractual obligations.Data for which there is no statutory basis for processing or retention may be anonymised and further processed by Viseca. Data that must be retained longer due to statutory retention obligations are excluded from erasure or anonymisation.
9. How does Viseca protect the data in “one”?
By using state-of-the-art security software, Viseca’s IT infrastructure meets international security standards. In addition, Viseca takes additional security measures for accessing User accounts over the internet as well as technical and organisational measures to protect the data against loss, unauthorised access or misuse.Irrespective of the measures taken, when using the Internet as a means of transmission via a computer, smartphone or other end device, it cannot be ruled out that third parties may gain access to Users' data.All liability whatsoever for direct or indirect losses arising in connection with the use of “one” is fully disclaimed by Viseca. This includes damage caused by viruses and targeted hacker attacks.
10. What rights do Users have in connection with their data?
Provided that the requirements of applicable law are met, users have the following rights to request the following:
- information about Viseca’s own data as to how Viseca processes it, as well as copies thereof;
- rectification of inaccurate or incomplete data;
- erasure of Users' own data;
- restriction of the data processing of the User's own data;
- Lodging a complaint against the form of the data processing with a competent data protection authority;
- Withdrawal of consent to data processing previously given; however, even in the event of such withdrawal, the data may continue to be processed by Viseca to the extent permitted by law.
11. Is data portability possible?
Viseca does not currently offer any specific measures for data portability.
12. How are business communications handled?
By using “one”, Users expressly agree that Viseca may contact them via the registered and verified email address for business communication.
C. Terms and Conditions for visiting “one” websites
By accessing the “one” websites, Users and visitors consent to these Terms and Conditions of Use and consent to the contents thereof.
These Terms and Conditions of Use are intended for the public, visitors to the “one” websites and Users of “one”. Access to the protected area of “one” is only possible after prior registration and by entering the User's personal user name, password or fingerprint.
2. Which legal notices should be observed?
The information published on the “one” websites does not constitute a recommendation to carry out transactions, other legal transactions, nor does it constitute an offer. Third-party products and services presented on the websites may in some cases not be acquired by residents of certain countries. Viseca is only an intermediary of offers from third parties. If problems arise in contractual relations between Users and third parties or if Users suffer damages, the Users must pursue their remedies with the third party. Viseca shall not be liable for any losses arising from the cardholder's contractual relationships with third parties.
Although Viseca makes every effort to ensure that the information contained on the "one" websites is correct at the time of its publication, neither Viseca nor its contractual partners can explicitly or implicitly assure or guarantee the accuracy, reliability, currency or completeness of the information.
Viseca assumes no responsibility and makes no representation that the functions are available continuously or that the "one" websites or the relevant server is free of viruses or other harmful components.
Viseca disclaims liability for direct or indirect, direct or indirect, direct or indirect damages and losses of any kind that may arise for the following reasons, even in the event of negligence:
- from accessing the “one” websites;
- from the inability to access or use the “one” websites;
- from linking or accessing links to other websites of third parties;
- as a result of unauthorised persons' manipulation of the internet User’s IT systems;
- contact with Viseca via the internet or email.
“one” websites are not intended for use by persons subject to any jurisdiction that prohibits or otherwise restricts the access or distribution, publication, provision or use of the information contained on them. Persons subject to such restrictions are not permitted to access "one" websites and they are requested to refrain from accessing them.
1. What are cookies and similar technologies?
Cookies are small files that are transferred to end devices and stored there when a website is visited. A cookie contains information about the origin of the website and how long it remains stored on a device. Some cookies are deleted after the end of the browser session ("session cookies"). Other cookies remain on the end device (permanent cookies). If Users or visitors visit "one" websites again, Viseca may record the new visit even if Viseca does not know the identity of the visitor or User. Cookies may also collect data and information about User behaviour on “one” websites.
- Technically necessary cookies are necessary for the technical operation of the websites and enable security-related functionalities as well as making them user friendly.
- Cookies for advertising purposes may record your visit to the websites via the links and content clicked on. Viseca uses such information to tailor "one" websites and the advertising displayed to the interests of visitors. For this purpose, Viseca may also disclose this information to third parties who process this information on behalf of Viseca service providers.
If Users or visitors do not wish to allow cookies or wish to disable cookies, the functionality of the “one” websites may be restricted.Generally, web browsers accept cookies automatically, but offer options to block or delete them. Instructions on how to manage cookies on web browsers are usually found under the help functions or in the user manual of the mobile end device. Information on this can be found, for example, on the following pages:
- Google Chrome: www.support.google.com
- Firefox: www.support.mozilla.org
- Microsoft Edge: www.support.microsoft.com
- Internet Explorer: www.support.microsoft.com
- Safari: www.support.apple.com
4. How is User data stored?
The IP data of the connection holders are stored by the website operator when visiting the “one” websites. Data such as the visitor’s name and address or other personal data may also be collected.Viseca collects, uses and processes data that are necessary for the performance of the contract or in the context of initiating a business or for which Viseca has obtained consent. Once consent has been given, a User or visitor may revoke it prospectively at any time. Data communicated to Viseca via the “one” websites are only stored until the purpose has been fulfilled or statutory retention periods so require.
5. Which third-party cookies are used?
|cookietest||one-digitalervice.ch||Necessary||Determines whether the visitor has accepted the consent.||1 year|
|CookieConsent||one-digitalervice.ch||Necessary||Saves the user’s consent status for the current domain.||1 year|
|collect||google-analytics.com||Statistics||Used to send device data and visitor behaviour. Allows the visitor to be tracked across multiple devices.||24 hours|
|_ga||one-digitalervice.ch||Statistics||Registers a unique ID that is used to generate statistical data about how the visitor uses the website.||2 years|
|_gid||one-digitalervice.ch||Statistics||Registers a unique ID that is used to generate statistical data regarding the visitor’s use of the website.||24 hours|
|_dc_gtm_UA-#||one-digitalervice.ch||Statistics||Used by Google Tag Manager to control the loading of the Google Analytics script tag.||24 hours|
|ads/ga-hearing||google.com||Marketing||Is used by Google AdWords to re-activate visitors whose online behaviour on other websites suggests interest.||24 hours|
|AL_SESS-S||one-digitalervice.ch||Necessary||Processing registration sessions.||24 hours|