Privacy Policy

Introduction

Mi tincidunt elit, id quisque ligula ac diam, amet. Vel etiam suspendisse morbi eleifend faucibus eget vestibulum felis. Dictum quis montes, sit sit. Tellus aliquam enim urna, etiam. Mauris posuere vulputate arcu amet, vitae nisi, tellus tincidunt. At feugiat sapien varius id.

Eget quis mi enim, leo lacinia pharetra, semper. Eget in volutpat mollis at volutpat lectus velit, sed auctor. Porttitor fames arcu quis fusce augue enim. Quis at habitant diam at. Suscipit tristique risus, at donec. In turpis vel et quam imperdiet. Ipsum molestie aliquet sodales id est ac volutpat.

Elit nisi in eleifend sed nisi. Pulvinar at orci, proin imperdiet commodo consectetur convallis risus. Sed condimentum enim dignissim adipiscing faucibus consequat, urna. Viverra purus et erat auctor aliquam. Risus, volutpat vulputate posuere purus sit congue convallis aliquet. Arcu id augue ut feugiat donec porttitor neque. Mauris, neque ultricies eu vestibulum, bibendum quam lorem id. Dolor lacus, eget nunc lectus in tellus, pharetra, porttitor.

Lorem ipsum nibh viverra etLorem ipsum nibh viverra et

Lorem ipsum nibh viverra et

1. What is this Privacy Policy about?

NOOURI GmbH, headquartered in Zollikon ("NOOURI"), (hereinafter also "we", "us") collects and processes personal data relating to you or other persons (so-called "third parties"). We use the term "data" here synonymously with "personal data" or "personally identifiable information".

"Personal data" means data relating to identified or identifiable persons, and "processing" means any handling of personal data, e.g. collecting, storing, using, modifying, disclosing and deleting.

In this Privacy Policy, we describe what we do with your data when you use https://www.noouri.com, other websites of ours or our apps (hereinafter collectively referred to as "Website"), obtain or use our services or products, communicate with us in the context of contract processing, or otherwise interact with us, or are a shareholder or investor of ours. In addition, we may inform you separately about the processing of your data (e.g. in forms, terms and conditions or additional privacy policies).

If you provide us with data about other persons (e.g. family members), we assume that you are authorised to do so and that this data is correct, and that you have ensured that these persons have been informed of such disclosure, to the extent a legal obligation to inform applies (e.g. by making this Privacy Policy available to them in advance).

This Privacy Policy is aligned with the Swiss Data Protection Act ("DPA") with its associated ordinances and the requirements of the EU General Data Protection Regulation ("GDPR"). However, whether and to what extent these laws are applicable depends on the individual case.

‍

2. Who is responsible for processing your data?

The party responsible under data protection law for the data processing described in this Privacy Policy is:

NOOURI GmbH

Kesslerstrasse 19

CH-8702 Zollikon

Email: nathalie@seucure.noouri.com

‍

3. What data do we process?

We process various categories of personal data about you. The main categories are as follows:

Master data: These are the basic data (e.g. name, contact details), your relationship to the child (e.g. parent, grandparent, childcare worker), further information about you (e.g. how you are involved in the child's care) and your relationship with us (e.g. client, visitor, supplier or employee of such etc.), bank account details, date of birth, photos, copies of identity documents, client history, any powers of attorney, signing authorisations and declarations of consent, as well as information about third parties (e.g. contact persons, representatives).
Registration data: This is data that arises in the context of a registration with us (e.g. for apps, online courses, community areas) or that you provide to us (e.g. username, email, password), as well as data arising from competitions or when redeeming vouchers.
Contract data: This is data arising in connection with a contract concluded with us (e.g. a coaching package) or in the course of providing our services, such as details of the type of contract, date of conclusion, duration, contractual services, pre-contractual data, details required or used for processing (e.g. billing details or information for settlement with your health insurer), details of responses (e.g. complaints or satisfaction information), and financial data (e.g. information on creditworthiness, reminders and debt collection).
Health data: Due to the nature of our offering, we regularly process health data. This includes all information from which conclusions can be drawn about a person's physical or mental health condition (e.g. details of height, weight and developmental status, information on eating habits and behaviour (e.g. "Picky Eater"), known allergies, intolerances, existing illnesses, medication intake, or details about digestion and sleep patterns and reactions to food).
Communication data: This is data arising in connection with communication between us and with third parties (e.g. via contact form, email, phone, letter, chat, chatbot, community platforms or other communication means), such as the content of emails or letters, your contact details and metadata of communication, and possibly a copy of an identity document. This also includes image and audio recordings of (video) calls.
Technical data: This is data generated in the course of using our electronic offerings (e.g. website including apps), such as IP address, details of your device's operating system, the region and time of use. Technical data alone generally does not allow conclusions to be drawn about your identity. However, it can be linked with other data categories (e.g. registration data) and thus potentially with your person.
Usage behaviour and preference data: This is data about your behaviour and preferences, in particular with regard to your interactions with our website (including apps), e.g. recipes accessed, questions asked in a chatbot, blog articles clicked, reactions to electronic communications, navigation on the website, interactions with our social media profiles, participation in competitions or events etc.), possibly supplemented with information from third parties (including from publicly accessible sources). While this data allows conclusions to be drawn about your interests (e.g. interest in complementary feeding recipes), it primarily describes usage behaviour on our website and apps rather than directly providing health information; however, it can be linked with such information to suggest suitable content to you.
Application data: This is data that we process in connection with a job application to us, which is contained in your application documents (e.g. professional background, training and further education, references). We may also collect data from public sources, such as professional social networks, the internet or media.
Other data: This may include, among other things: data arising in connection with official or judicial proceedings (e.g. files, evidence etc.), data collected for health protection purposes (e.g. as part of protection concepts), photos, video or audio recordings that we make or receive from third parties and in which you are identifiable (e.g. at a cooking course or community events etc.), access data or rights (e.g. visitor lists), participation in events or campaigns (e.g. competitions and events), and when you use our infrastructure and systems.

‍

4. Where does the data come from?

From you: Much of the data mentioned in Section 3 is provided by you directly (e.g. in the course of communication with us, in connection with contracts or our services, through use of our website and other services etc.). You are generally not obliged to disclose your data, except in certain individual cases (e.g. legal obligations such as legally required identity verification or protection concepts). However, if you wish to enter into contracts with us or use our services, you must provide us with certain data (in particular master data, contract data, health data and registration data). When using our website and apps, the processing of technical data is unavoidable. If you wish to gain access to certain systems, you may need to provide us with registration data. However, with regard to usage behaviour and preference data, you generally have the option of objecting or not giving your consent.
From third parties: To the extent permitted, we may also obtain data from publicly accessible sources (e.g. debt enforcement registers, land registers, commercial registers, media or the internet including social media) or receive it from authorities and other third parties (e.g. persons in your environment, healthcare professionals, associations, contractual partners, job placement platforms, credit agencies, internet analysis services and other service providers). These include in particular: master data, contract data, health data and other data, but also all other data categories pursuant to Section 3, as well as data from correspondence and meetings with third parties. If you are acting on behalf of an employer, client or any other person who has a business relationship with us or otherwise interacts with us, they may also make data about you available to us.

‍

5. For what purposes do we process your data?

Communication: In order to communicate with you (e.g. to answer enquiries, in the context of consultation and contract processing), we need to process data (in particular communication data, master data and health data (for example, information about your child's eating habits or known intolerances that you share with us), and in connection with services you use, also registration data, for example in apps or online courses). This may also include image and audio recordings of (video) calls, e.g. for quality assurance purposes. In the event of an audio or video recording, we will inform you separately, and you are free to tell us if you do not wish to be recorded or to end the communication. If we need or wish to verify your identity, we will collect additional data (e.g. a copy of an identity document).
Entering into, managing and processing contracts: In connection with entering into and processing contracts with our clients, suppliers, subcontractors or other contractual partners (e.g. project partners), we process related personal data. For this purpose we also process data to check creditworthiness, to open and manage the client relationship, for consultation, client care and the provision and enforcement of contractual services (which also includes involving third parties, such as payment service providers for processing course fees, IT providers for operating our platforms and apps, advertising service providers or credit agencies, who may in turn provide us with data). This also includes enforcing claims arising from contracts (debt collection, legal proceedings etc.), bookkeeping, termination of contracts and public communication.
Marketing purposes and relationship management: For marketing purposes and relationship management, we process data, e.g. to send personalised advertising (e.g. by post, email, via app, on other electronic channels or by phone about seasonal recipes or information on new courses) about our products, services and other news, and those of third parties (e.g. product partners), to our clients, other contractual partners and other interested parties, in connection with free services (e.g. invitations, vouchers etc.) or as part of individual marketing campaigns (e.g. events, competitions etc.). You may object to such contacts at any time or refuse or withdraw consent to being contacted for advertising purposes by notifying us. With your consent, we can target our online advertising on the internet more specifically to you. This also includes interaction with existing clients and their contacts, which may be personalised based on usage behaviour and preference data.
Market research, improvement of our services and operations, and product development: In order to continuously improve our products and services (including our website, apps and online courses) and to respond quickly to changing needs, we analyse, for example, how you navigate through our website, how you interact with our social media profiles, or which services and products are used by which groups of people and in what way, and how new products and services can be designed. This provides us with insights into market acceptance of existing offerings and the market potential of new products and services. For this purpose we process in particular master data, usage behaviour and preference data, but also communication data and information from client surveys, polls and studies, and other information from media, social media, the internet and other public sources.
Operation of our website: In order to operate our website and apps securely and stably, we also process personal data (in particular technical data). For further information see Section 12.
Registration, security purposes and technical and physical access controls: In order to use certain offerings and services (e.g. login areas of our apps, the member area of the community or protected course content), you must register (directly with us or via our external login service providers); for this purpose we process the data provided during the respective registration. We also collect further personal data about you during your use of our offerings and services. We continuously review and improve the appropriate security of our IT and other infrastructure. We therefore process data, e.g. for monitoring, controls, analyses and testing of our networks and IT infrastructures, for system and error checks, for documentation purposes and in the context of backup copies.
Compliance with laws, directives and recommendations of authorities and internal regulations: In the context of legal compliance, we may process personal data (e.g. implementation of health and safety concepts, anti-money laundering, tax obligations). Particularly in the healthcare sector, we may be obliged to process data in connection with quality assurance, fulfilment of requirements of certification bodies (e.g. EMR) or in the context of supervisory proceedings. Furthermore, data processing may take place during internal and external investigations (e.g. by a law enforcement or supervisory authority or a mandated private entity).
Risk management and corporate governance: In the context of risk management (e.g. to protect against tortious activities) and corporate governance, including our operational organisation (e.g. resource planning) and business development (e.g. buying and selling business units or companies), we may process personal data.
Job applications: If you apply for a position with us, we collect and process the relevant data for the purpose of reviewing the application, conducting the application process and, for successful applicants, preparing and concluding a corresponding contract.
Other purposes: These other purposes include, for example, training and education purposes, administrative purposes (e.g. managing master data or accounting), protecting our rights and evaluating and improving internal processes.

The processing of your data by us is based, depending on the situation and processing purpose, on the following legal bases:

Contract: To the extent we process data for entering into and processing contracts that we conclude or have concluded for you or with you or your employer, client or other persons you act for, this is also the legal basis on which we process your data.
Legal obligations: We may also process your data based on applicable statutory, regulatory and professional rules that we are required to comply with.
Legitimate interest: We may process your data based on our legitimate interest or a legitimate interest of a third party. This applies in particular with regard to achieving the purposes and objectives mentioned in Section 5 and implementing related measures.
Consent: Where we ask for your consent to process data about you, this is the legal basis on which we process data about you. We will inform you of the purpose of the processing. You may withdraw consent at any time by written notice (by post or, where nothing else is indicated or agreed, by email) to us with effect for the future.
Other legal bases: In specific cases, we may also process data based on other legal bases. Where this is the case, we will inform you in the individual case.

‍

6. What applies to profiling and automated individual decisions?

‍

6.1 How do we carry out profiling?

"Profiling" refers to a process in which personal data is processed automatically to analyse personal aspects or make predictions (e.g. to analyse a person's personal interests, preferences and tendencies or to predict likely behaviour). We carry out profiling, for example, in connection with orders on our website (e.g. to determine which other products might be of interest to you based on your purchases). For this purpose we use in particular usage behaviour and preference data, technical data, communication data (e.g. your reaction to advertising and other communications) and in certain cases health data. Profiling helps us to continuously improve our offerings and better tailor them to your individual needs, to plan our business activities, to determine the likelihood that a transaction is fraudulent, and to better support you through our customer service.

‍

6.2 Do we use automated individual decisions?

"Automated individual decisions" are decisions made fully automatically, i.e. without significant human involvement, and which have legal consequences for the data subjects or significantly affect them in other ways. If we make automated individual decisions, we will inform you separately. In such cases, however, you always also have the option of having the automated individual decision reviewed by a person if you disagree with it.

‍

7. To whom do we disclose your data?

In connection with our contracts, website, services and products, our legal obligations or otherwise to protect our legitimate interests and the other purposes listed in Section 5, we also transfer your personal data to third parties, in particular to the following categories of recipients:

Service providers: We work with service providers domestically and abroad (third parties) who process data about you (i) on our behalf, (ii) jointly responsible with us, or (iii) data they have received from us, on their own responsibility (e.g. IT providers, shipping companies, advertising service providers, cleaning companies, security companies, banks, insurance companies, debt collection agencies, credit agencies, address checkers, consulting companies or lawyers). This may also include health data. As key service providers we use in particular: KompleSana for our practice management software; Proton Drive for storing and backing up our data; Threema for encrypted communication with you; Calenso for online appointment booking and managing registrations; Brevo for sending newsletters and other electronic communications; n8n for automating data flows between our various software applications.
Contractual partners, including clients: This refers first to clients and other contractual partners of ours, where a transfer of your data arises from the contract. This may also include health data.
Authorities: We may disclose personal data to offices, courts and other authorities domestically and abroad if we are legally obliged or entitled to do so or if it appears necessary to protect our interests.
Other persons: This refers to other cases where the involvement of third parties arises from the purposes set out in Section 5.

‍

8. Is your personal data transferred abroad?

We mainly process and store personal data in Switzerland and the European Economic Area (EEA). However, in individual cases we may also transfer personal data to service providers and other recipients (see Section 7) located outside this area or who process personal data outside this area, in principle in any country in the world.

If a recipient is located in a country without adequate statutory data protection, we contractually require the recipient to comply with applicable data protection law (for this purpose we use the revised standard contractual clauses of the European Commission, available at: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj), unless they are already subject to a legally recognised framework ensuring data protection and we cannot rely on an exception.

Please also note that data exchanged via the internet is frequently routed through third countries. Your data may therefore be transferred abroad even if the sender and recipient are in the same country.

‍

9. How long do we process your data?

We process your data for as long as our processing purposes, legal retention obligations and our legitimate interests in processing for documentation and evidence purposes require, or as long as storage is technically necessary (e.g. in the case of backups or document management systems). Where no legal or contractual obligations prevent this, we delete or anonymise your data upon expiry of the storage or processing period in the normal course of business.

Where no specific legal retention requirements exist in individual cases, we generally process personal data for the duration of the business relationship or contractual term and thereafter, depending on the applicable legal basis, for a further five, ten or in certain cases more years (e.g. where data is relevant for evidential purposes in connection with applicable statutory limitation periods of up to 20 years from a specific event).

‍

10. How do we protect your data?

We take appropriate security measures to maintain the confidentiality, integrity and availability of your personal data, to protect it against unauthorised or unlawful processing and to counteract the risks of loss, unintentional alteration, unwanted disclosure or unauthorised access. However, security risks cannot be entirely excluded; a certain residual risk is unavoidable.

‍

11. What rights do you have?

Applicable data protection law grants you, under certain circumstances, the right to object to the processing of your data, in particular for direct marketing purposes, profiling carried out for direct advertising, and other legitimate interests in processing.

To facilitate your control over the processing of your personal data, you also have the following rights in connection with our data processing, depending on applicable data protection law:

The right to request information from us as to whether and what data we process about you;
The right to have us correct data if it is inaccurate;
The right to request the deletion of data;
The right to request that we provide certain personal data in a common electronic format or transfer it to another responsible party;
The right to withdraw consent, to the extent our processing is based on your consent;
The right to receive further information necessary for the exercise of these rights upon request;
The right to state your position in the case of automated individual decisions (Section 6.2) and to request that the decision be reviewed by a natural person.

If you wish to exercise the above rights against us, please contact us in writing, in person, or by email where not otherwise indicated or agreed; our contact details can be found in Section 2. To exclude misuse, we must identify you (e.g. with a copy of an identity document, to the extent this is not possible by less intrusive means).

You also have these rights against other entities that collaborate with us on their own responsibility. Please contact them directly if you wish to exercise rights in connection with their processing. Information about our key cooperation partners and service providers can be found in Section 7.

Please note that these rights are subject to conditions, exceptions or limitations under applicable data protection law (e.g. to protect third parties or trade secrets). We will inform you accordingly where this is the case.

If you are not satisfied with our handling of your rights or with our data protection practices, please let us know. In particular, if you are in the EEA, the United Kingdom or Switzerland, you also have the right to lodge a complaint with the data protection supervisory authority of your country. A list of EEA authorities can be found at: https://edpb.europa.eu/about-edpb/board/members_de. The UK supervisory authority can be reached at: https://ico.org.uk/global/contact-us/. You may also contact the Swiss Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch/edoeb/de/home/der-edoeb/kontakt/adresse.html.

‍

12. Do we use online tracking, online advertising techniques and similar methods?

On our website (including apps, newsletters and other digital offerings), we use various techniques (e.g. cookies, fingerprinting, tracking pixels and similar techniques) with which we and third parties engaged by us can recognise you during your use and, under certain circumstances, track you across multiple visits.

We use our own tools as well as services from third-party providers, in particular to improve the functionality or content of our website (e.g. integration of videos or maps), compile statistics and place advertising. This enables us and authorised third parties to provide you with a personalised web experience (e.g. personalised advertising, interactions on social media pages etc.).

‍

12.1 What are cookies and similar technologies?

A cookie is a small text file with an identifier (a string of letters and numbers) transmitted between the server and your system. This enables us and the third-party providers we engage or cooperate with to recognise visitors to our website and track them across multiple visits and across different websites. Cookies enable the identification of a specific device or browser and do not necessarily contain information that personally identifies a user. However, personal data that we or third-party providers engaged by us store about you (e.g. if you have a user account with us or these providers) can be linked with information stored in and derived from cookies and thus potentially with your person.

In addition to cookies, there are other similar technologies such as pixel tags, fingerprints and social media plug-ins. Pixel tags are small, normally invisible images or program code loaded from a server that provide the server operator with certain information (e.g. access to a webpage). Fingerprints consist of information collected during your visit to the website about the configuration of your device or browser, enabling your device to be distinguished from others. Social media plug-ins are small software components that establish a connection between your visit to our website and a third-party social media platform.

‍

12.2 What types of cookies and similar technologies do we use?

To manage your consents, we use a consent management tool from CookieYes. The cookies and similar technologies we use on our websites serve the following purposes:

Necessary cookies: Some cookies are essential for the use of the website and its functions. These cookies ensure the fundamental functionality of the website, e.g. the ability to navigate from page to page without items in the shopping basket disappearing. They also ensure that you remain connected to the website. These cookies have an expiry time of up to 12 months.
Performance and analytics cookies: Performance and analytics cookies collect information about how our website is used and enable us to carry out analyses of website usage, e.g. which pages are most frequently accessed and how visitors navigate on our website. These cookies are used to make website visits easier and faster and to generally improve the user experience. For this purpose we use third-party analytics services. In particular, we use Google Analytics (Google Ireland Ltd.) to analyse the use of our website, as well as marketing technologies such as Meta Pixel (Meta Platforms Ireland Ltd.) to measure and optimise the effectiveness of our online advertising. Before using such cookies, we ask for your consent, which you can withdraw at any time with future effect. The storage duration of the cookies used varies by category and can be up to 24 months.

Details on our third-party providers and advertising partners can be found in the cookie settings, which can be accessed at any time via the permanently visible cookie icon on our website. There you also have the option to activate or deactivate certain categories of cookies and to adjust or withdraw your consent at any time.

Some of the third-party providers we use may be located outside Switzerland. For information on data transfers abroad, please refer to Section 8.

If you consent to the use of cookies, you accept that your data may be transferred to a country that does not provide an adequate level of data protection, and you accept the risk that your data in the recipient's country may be subject to access by foreign authorities that do not comply with adequate data protection provisions. You may withdraw your consent to cookies at any time as explained in Section 12.3.

The specific types of cookies used on our website, the purposes they serve and their expiry dates are described in the following table:

Provider	Cookie	Purpose	Category	Storage Duration
CookieYes	cookieyes-consent	Stores users' cookie consent preferences	Necessary	12 months
Cloudflare	_cfuvid	Ensures website security and stability	Necessary	Session
Google Ireland Ltd.	_ga / ga*	Analysis of website usage (visitor and session statistics)	Analytics	Up to 13 months
Meta Platforms Ireland Ltd.	_fbp	Measuring and optimising online advertising	Marketing	Approx. 3 months

‍

An up-to-date overview of the cookies used, along with their purposes and storage duration, is provided in the cookie consent banner or in the consent management tool.

‍

12.3 How can I control the use of cookies and similar technologies?

You can manage your preferences regarding the use of cookies and similar technologies at any time via the cookie settings, accessible through the permanently visible cookie icon on our website.

Browsers can automatically accept or reject cookies, but allow you to change these settings. You can also deactivate or delete cookies you have previously accepted. Please note that all settings will be lost if you delete all cookies, including the setting that you do not wish to accept cookies, since this in turn requires an opt-out cookie to have been set. Settings must be made separately for each browser you use. For information on how to manage cookies in your browser, please refer to your browser's help menu.

If you choose to reject cookies and similar technologies, you can still use our website, although your access to some features and areas may be restricted.

‍

13. What data do we process on our social media pages?

We may operate pages and other online presences on social networks and other third-party platforms ("fan pages", "channels", "profiles" etc.) and process the data described in Section 3 and below about you there. We receive this data from you and the platforms when you interact with us via our online presence (e.g. when you communicate with us, comment on our content or visit our presence). At the same time, the platform providers may analyse your use of our online presences and process this data together with other data they hold about you.

We currently use the following platforms:

LinkedIn: We operate the page https://www.linkedin.com/company/noouri/. The responsible party for operating the platform for users from Europe is LinkedIn Ireland Unlimited Company, Dublin, Ireland. The Privacy Policy is available at www.linkedin.com/legal/privacy-policy. Your data is partly transferred to the USA.
Facebook: We operate the page https://www.facebook.com/profile.php?id=61586242544945. The responsible party for operating the platform for users from Europe is Meta Platforms Ireland Limited, Dublin, Ireland. Their privacy notices are available at www.facebook.com/privacy/policy. Your data in connection with the use of this platform is partly transferred to the USA.
Instagram: We operate the profile https://www.instagram.com/noouri_nutrition/. The responsible party for operating the platform for users from Europe is Meta Platforms Ireland Limited, Dublin, Ireland. The Privacy Policy is available at https://privacycenter.instagram.com/policy. Your data is partly transferred to the USA.
TikTok: We operate the account https://www.tiktok.com/@noouri_nutrition. The responsible parties for operating the platform for users from Europe are TikTok Technology Limited, Dublin, Ireland and TikTok Information Technologies UK Limited, London, United Kingdom. Your data in connection with the use of this platform is partly transferred to the USA, China and other countries. The Privacy Policy is available at: https://www.tiktok.com/legal/page/eea/privacy-policy/de.

‍

14. Can this Privacy Policy be amended?

This Privacy Policy does not form part of any contract with you. We may amend this Privacy Policy at any time. The version published on this website is the current version.

About us Services Blog Contact

FACEBOOK TikTok LinkedIn INSTAGRAM