Phonemos User Guide

Privacy policy

Purpose of this document

When using our website, your personal data will be processed by us as the person responsible for data processing and stored for the period necessary to fulfill the specified purposes and legal obligations. In the following, we will inform you which data is involved, how it is processed and what rights you have in this regard.

According to Article 4 No. 1 of the General Data Protection Regulation (GDPR), personal data is any information relating to an identified or identifiable natural person.

1 Contact details

Name and contact details of the person responsible for processing and the company data protection officer. This data protection information applies to data processing on the websites www.phonemos.com, doc.phonemos.com and apps.phonemos.com by the person responsible:

linkyard AG Junkerngasse 39, 3011 Bern, Switzerland

(hereinafter "linkyard") E-mail: info@linkyard.ch

Telephone: +41 31 508 7620

Linkyard's company data protection officer is available at the above address, to HD. Data Protection Department, or available at support@linkyard.ch

2 Collection and storage of personal data

Collection and storage of personal data as well as type and purpose and their use.

2.1 When you visit the website

You can visit the websites www.phonemos.com, doc.phonemos.com and apps.phonemos.com without having to reveal any information about your identity. The browser used on your device simply automatically sends information to the server of our website (e.g. date and time of access, name and URL of the retrieved file, browser type and version, website from which access is made (referrer URL)).

This also includes the IP address of your requesting device. This is temporarily stored in a so-called log file and automatically deleted after 2 weeks:

The IP address is processed for technical and administrative purposes of establishing and maintaining a connection, in order to ensure the security and functionality of our website and to be able to track any illegal attacks on it if necessary.

The legal basis for processing the IP address is Art. 6 (1) (f) GDPR. Our legitimate interest results from the mentioned security interest and the need for a trouble-free provision of our website.

We cannot draw any direct conclusions about your identity from processing the IP address in the log file.

We also use cookies and analysis services when you visit our website. You can find more detailed explanations of this under sections 4 and 5 of this privacy policy.

2.2 When requesting contact

You can contact us by telephone, e-mail or chatbot at any time using the contact information provided on our website about the products and services offered by us. To operate the chatbot on our website, we use the services of Continually Ltd.

If personal data is collected when you contact us, we use this information to answer your request and provide you with an offer tailored to your needs.

Data processing is carried out at your request and is required in accordance with Article 6 (1) (b) GDPR for the purposes mentioned above for the fulfilment of the contract and pre-contractual measures. In addition, data processing when requesting test access is based on our legitimate interests in accordance with Art. 6 (1) (f) GDPR. These also result from the above-mentioned purposes.

Your personal data collected by us for the request for an offer will be stored for a period of 10 years within the framework of our legal retention periods and then deleted.

2.3 When applying for a vacancy

In the "Jobs" section, you have the option to apply for open positions or send us an unsolicited application.

We need your application documents to determine who sent the application and to be able to answer and process it.

Data processing is carried out at your request and only insofar as it is necessary in the context of answering the application and establishing the employment relationship in accordance with Article 88 (1) GDPR in conjunction with Section 26 (1) BDSG n.F., to carry out pre-contractual measures in accordance with Article 6 (1) (b) GDPR or to protect our legitimate interests in accordance with Article 6 (1) (f) GDPR.

Applications that have not been considered will be deleted after 6 months at the latest, unless you have consented to longer storage in accordance with Art. 6 (1) (a) GDPR.

2.4 When signing up for status messages

We regularly publish reports on current problems under the status.linkyard.ch subdomain in order to keep our customers informed at all times. This applies, for example, to failed services or performance restrictions.

You can subscribe to notifications as an email message or text message on a mobile phone. To do this, you must enter either an e-mail address or a mobile phone number and then sign up for the messaging service. By doing so, you consent to receive corresponding messages and to the use of the e-mail address or mobile phone number provided for this purpose in accordance with Art. 6 (1) (a) GDPR.

You can withdraw your consent at any time with effect for the future. To do so, please use the unsubscribe link contained in the e-mail messages or send us an email support@linkyard.ch.

After unsubscribing from email or SMS notifications, your data will be automatically deleted and you will not receive any further messages.

2.5 When using our service desk

We receive fault reports and inquiries under the subdomain servicedesk.linkyard.ch. This requires prior registration by entering your own valid email address. A registration link is then sent to the email address entered, which can be used to complete the registration after providing a name and choosing a password. The data provided is stored in a user profile.

Using the user profile, we can assign your reports to you and process them accordingly at a later date and, if necessary, you and we can track the processing of your reports and inquiries. We also use the email address to contact you if necessary, for example if you have any questions. You will also automatically receive email notifications about the processing status of your message/request.

Requests may be subject to a fee. If you do not yet have a support contract with linkyard, we will let you know before answering the request and provide you with a corresponding offer.

Data processing is carried out at your request and is required in accordance with Article 6 (1) (b) GDPR for the above-mentioned purposes for the fulfilment of the contract for using the service desk and pre-contractual measures for this purpose. In addition, data processing as part of generating a user profile is based on our legitimate interests in accordance with Art. 6 (1) (f) GDPR in order to process and serve you and your concerns in the best possible way.

The service desk is operated using Jira Service Management Data Center, which is hosted and operated entirely by linkyard on our own infrastructure. Personal data submitted through the service desk is therefore processed exclusively within linkyard's own systems and does not involve any transfer to Atlassian or other third-party processors in connection with service desk operations.

Your personal data collected by us for the request and its processing will be stored for a period of up to 10 years within the framework of our legal retention periods and then deleted. Your user profile remains valid until you request its deletion and is then deleted after 3 years at the end of the year. It is then only possible to use the service desk after registration again.

2.6 Outbound B2B sales prospecting

To identify potential business customers for our Phonemos software platform, linkyard processes professional contact data of employees at organisations in regulated industries (banking, insurance, cantonal government, defence, critical infrastructure). This activity is carried out using Apollo.io, a sales intelligence platform operated by Apollo Technologies Inc. (San Francisco, USA).

The categories of personal data processed are limited to: first name, last name, job title, company name, and professional (business) email address. No special categories of personal data are processed, and no personal email addresses are used.

The data is sourced from Apollo.io's database, which is built from publicly available professional sources. Apollo.io notifies individuals in the EU and Switzerland when their data is added to the database and provides an opt-out mechanism via its Privacy Center at https://www.apollo.io/privacy-policy.

The legal basis for this processing is our legitimate interest in promoting our services to relevant professional decision-makers in accordance with Art. 6 (1) (f) GDPR and Art. 31 (1) nDSG. A Legitimate Interest Assessment (LIA) has been completed and is available internally. The processing is limited to the professional context and to data subjects who can reasonably expect to be contacted in relation to their professional role.

Every prospecting email sent by linkyard includes: our identity and contact details, the legal basis relied upon, an easy and free-of-charge right to object, and a link to this privacy policy. You can object to receiving further prospecting communications from us at any time by replying to the email or by sending a request to support@linkyard.ch. Opt-out requests are honoured within 24 hours and result in permanent suppression.

Professional contact data used for prospecting is deleted from our systems 12 months after the last interaction where no commercial relationship has been established. Suppression records are retained indefinitely to prevent re-contacting.

Data transfers to Apollo Technologies Inc. in the USA are governed by a Data Processing Agreement incorporating EU Standard Contractual Clauses (SCCs) and a Swiss FADP addendum recognising the Swiss Federal Data Protection and Information Commissioner (FDPIC) as the competent supervisory authority.

3 Transfer of data

3.1 Web hosting

To provide this website, we use the web hosting service Webflow, Inc., (39811th Street, 2nd Floor, San Francisco, CA 94103, hereinafter referred to as "Webflow").

Offering a website requires the use of a web hosting service. We use Webflow in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate economic interest in making our offer available on this website. In connection with hosting, Webflow processes personal data on our behalf that is generated when using the website.

When using Webflow's services, it cannot be ruled out that personal data is transferred to a Webflow server in the USA and stored there. Webflow complies with the data protection regulations of the EU-US Privacy Shield and the Swiss-US Privacy Shield.

3.2 More

In addition, the transfer of personal data may only be considered if

  • you have given your express consent to this in accordance with Article 6 (1) (a) GDPR;

  • in accordance with Art. 6 (1) (b) GDPR, this is necessary to fulfill a contract with you or pre-contractual measures (for example when passing on to software manufacturers for the purpose of resolving licenses or when transferring payment data to payment service providers or credit institutions in order to carry out a payment transaction);

  • There is a legal obligation to transfer data in accordance with Article 6 (1) (c) GDPR.

Recipients may use the transferred data exclusively for the stated purposes.

4 Cookies

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device and do not contain viruses, Trojans or other malware.

Information relating to the specific device used is stored in the cookie. However, this does not mean that we are immediately aware of your identity as a result.

On the one hand, the use of cookies serves to make the use of our website more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website.

In addition, we also use temporary cookies to optimize usability, which are stored on your device for a specific period of time. If you visit our site again to use our services, it will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you (see section 5). These cookies enable us to automatically recognize that you have already visited our site when you visit our site again. These cookies are automatically deleted after a defined period of time.

The data processed through cookies is required for the stated purposes to protect our legitimate interests and those of third parties in accordance with Article 6 (1) (f) GDPR.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or that a message always appears before a new cookie is created. However, completely disabling cookies may mean that you cannot use all features of our website.

5 Web analysis

The tracking measures listed below and used by us are carried out on the basis of Article 6 (1) (f) GDPR.

With the tracking measures we use, we want to ensure that our website is designed and continuously optimized. We use tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you.

5.1 Plausible Analytics

On our website, we use Plausible Analytics, a privacy-friendly web analytics service provided by Plausible Insights OÜ (Västriku tn 2, 50403, Tartu, Estonia; hereinafter "Plausible"). Plausible is open-source software built and hosted entirely within the European Union.

Plausible does not use cookies, does not collect personal data, and does not create persistent identifiers or cross-site tracking profiles. The information collected is limited to: page URL, referrer URL, browser type, operating system, device type, and country of origin (derived from a non-persistent, daily-rotated hash of the IP address — the IP address itself is never stored or transmitted). No information is collected that would allow us to identify individual visitors.

Because Plausible does not process personal data and does not use cookies or other persistent tracking mechanisms, no cookie consent banner is required for this analytics tool. The data collected stays within EU-owned infrastructure and is not shared with advertisers or other third parties.

The legal basis for the use of Plausible Analytics is Art. 6 (1) (f) GDPR (legitimate interest in understanding website usage to improve our offering). Given the cookieless and anonymised nature of the data collected, the processing has negligible impact on the privacy of website visitors.

Further information on Plausible's data policy can be found at https://plausible.io/data-policy.

6 Email marketing

During the process of subscribing to our newsletter, your email address and first name will be saved by us. We use this data exclusively for the purpose of sending the newsletter. For this purpose, we use the SendGrid service (Denver, Colorado, USA). SendGrid is a subsidiary of Twilio (San Francisco, California, USA). Due to the use of SendGrid's services, the possibility of transmitting personal data to a SendGrid server in the USA cannot be ruled out. The storage of personal data in the mentioned servers is also within the realm of possibility and cannot therefore be ruled out with certainty. Twilio complies with data protection standards in accordance with the EU GDPR and complies with the data protection regulations of the EU-US Privacy Shield and the Swiss-US Privacy Shield.

7 Rights of data subjects

You have the right to:

  • in accordance with Article 7 (3) GDPR, to withdraw your consent to us at any time. As a result, we are no longer allowed to continue data processing based on this consent in the future;

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can provide information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right of correction, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of their data, unless they were collected by us, as well as the existence of automated decision-making, including profiling and, if applicable, meaningful information about request their details;

  • in accordance with Article 16 GDPR, to immediately request the correction of incorrect or completed personal data stored by us;

  • to request the deletion of your personal data stored by us in accordance with Article 17 GDPR, unless processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

  • to request the restriction of the processing of your personal data in accordance with Article 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to processing in accordance with Article 21 GDPR;

  • in accordance with Article 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible and

  • to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or place of work or our company headquarters.

8 Information about the right to object (Art. 21 GDPR)

For reasons arising from your particular situation, you have the right to object at any time to the processing of personal data concerning you based on Article 6 (1) (f) GDPR (data processing based on a balance of interests); this also applies to profiling based on this provision under Article 4 No. 4 GDPR.

If you file an objection, we will no longer process your personal data unless we can prove compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If your objection is directed against the processing of data for the purpose of direct marketing, we will immediately stop processing. In this case, it is not necessary to specify a particular situation. This also applies to profiling, insofar as it is associated with such direct advertising.

If you would like to exercise your right of objection, simply send an e-mail to support@linkyard.ch.

9 Data security

All data transmitted by you personally is transmitted in encrypted form using the generally accepted and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard that is also used in online banking, for example. You can recognize a secure TLS connection, among other things, by the appended s to http (i.e. https://..) in the address bar of your browser or by the lock icon at the bottom of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are constantly being improved in line with technological developments.

10 Data protection representation

Supervisory authorities and data subjects must contact us directly for inquiries in connection with the General Data Protection Regulation. The company data protection officer is happy to provide you with information and inquiries at support@linkyard.ch.

As secondary data protection representative in accordance with Article 27 GDPR in the European Economic Area (EEA) including the European Union (EU) and Principality of Liechtenstein, we have appointed:

VGS Data Protection Partner GmbH Am Kaiserkai 69 20457 Hamburg Germany

11 Timeliness and amendment of this privacy policy

This privacy policy is currently valid and was last updated in June 2026.

As a result of the development of the website or due to changes in legal or regulatory requirements, it may be necessary to change this privacy policy.