Privacy policy

Effective date: June 3, 2021

Astrivis Ltd and/or Astrivis Technologies Ltd, both companies with registered office at, Giessereistrasse 18, 8005 Zurich, Switzerland (hereinafter referred to as “Astrivis”, “us”, “we”, or “our”) operates the AstriCloud Service (hereinafter referred to as “Service”), consisting of the website (incl. subdomains linked thereto), the communication modules with smartphone applications that use the Astrivis 3D scanning software, and other IT infrastructure (e.g. servers) to store various data (hereinafter referred to collectively as the “Platform”). This page informs our webusers and customers of the Service (hereinafter referred to as “you” and “your”) of our policies regarding the collection, use, and disclosure of Personal Data when you use our Platform and/or Service and the choices you have associated with your data.


By using the Platform and/or Service, you agree to the collection and use of information in accordance with this policy and the applicable data protection laws. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from

1. General

We adhere to data protection law. All Personal Data collected during registration on, or during use of, our Platform and/or Service, which are protected either by the Swiss Federal Act on Data Protection (hereinafter “FADP”) or the European General Data Protection Regulation (hereinafter “GDPR”), will be used exclusively for fulfilling our Service to you; unless, in particular pursuant to this Privacy Policy, you have consented to further use of your Personal Data or the applicable law permits such further use. Our employees are obliged to treat your Personal Data confidentially.


As we process most Personal Data electronically, we have taken appropriate IT organisational and technical measures (e.g., IT security) to ensure that your Personal Data is protected. We also regularly educate our employees in data protection and information security.

2. What Information Do We Collect?

We collect several different types of information for specific purposes to provide, maintain and improve the Platform and our Service to you.


Input fields on the Platform that are absolutely necessary for the provision of our Service to you are marked accordingly during registration. The disclosure of Personal Data in non-marked input fields of our Platform is voluntary. You can inform us at any time that you no longer wish us to process your Personal Data you provided voluntarily (cf. section 9, Your Rights).

2.1 Personal Data

While using our Platform and/or Service, we may ask you to provide us with certain personally identifiable information that can be used to identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:


  • your master data (e.g. name, postal address, email address, etc., as the case may be);
  • data about the Service obtained, payment transaction data, online preferences, and your feedback;
  • data about your financial standing in order to protect ourselves against payment defaults;

2.2 Usage Data

We collect usage data, e.g. your computer’s Internet Protocol address (i.e., IP address), browser type, browser version, the pages of our Platform that you visit, from which website you linked to our Platform, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data (hereinafter referred to collectively as the “Usage Data”).


  • Usage Data may qualify as Personal Data, e.g. your IP address.

2.3 User Data

The Platform and Service allows you to create, upload, and share 3D models of scanned objects. For this purpose the following data is needed to provide the Service to you (hereinafter referred to as “User Data”):


  • The 3D model captured by you.
  • The 2D images which were used to create the 3D model.
  • The GPS coordinates to geo-reference the 3D model. This data is optional and needs to be enabled by you on the Platform.
  • The name of the device, which is used to retrieve the correct camera calibration.


User Data may qualify as Personal Data, depending on what you scan.

2.4 Cookies & Tracking Data

We collect cookies. Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a webserver and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Platform and/or Service. Examples of cookies we use:


  • Session cookies. We use session cookies to operate our Service. Session cookies are deleted after closing your Internet browser.
  • Preference Cookies. We use preference cookies to remember your preferences and various settings. Preference cookies are permanent.
  • Security cookies. We use security cookies for security purposes. Security cookies are permanent.


Cookies and Tracking Data may qualify as Personal Data.

2.5 Children’s Privacy

Our Service does not address anyone under the age of 18 (“Children”). We do not knowingly collect Personal Data from Children. If you are a parent or guardian and you are aware that your Children and/or Children for which you are responsible have provided us with Personal Data and/or User Data, please contact us. If we become aware that we have collected Personal Data and/or User Data from Children without verification of parental consent, we take appropriate actions to remove that information from our Platform.

2.6 Aggregate Information

We also create statistical, aggregated data relating to you our other users from the Platform and the Service for analytical purposes (hereinafter referred to as “Aggregate Information”). Aggregate Information is derived from data pursuant to section 2 (What Information Do We Collect?) but in its aggregated form it does not duplicate or reveal any personally identifiable information. This data may be used to understand our customer base and to further develop and improve our Platform and/or Service (e.g. algorithms).

3. Use of Data

strivis uses the collected data for various purposes:

3.1 Personal Data

We process your Personal Data:


  • To provide, maintain, and improve the Platform and/or Service;
  • To communicate with you and third parties;
  • To notify you about changes to our Platform and/or Service;
  • To allow you to participate in interactive features of our Platform and/or Service when you choose to do so;
  • To provide customer care and support;
  • To monitor the usage of the Platform and/or Service;
  • To detect, prevent and address technical issues;
  • For billing purposes; and
  • For market research and marketing (e.g. contact you by postal or e-mail).


We might also add industry information and interests to your master data in our database.

3.2 Usage Data

Usage Data serves to correctly display and optimize our Platform and/or Service, to protect our Platform against attacks or other infringements, and to personalize your user experience.

3.3 User Data

We collect and temporarily store User Data in order to provide the Service to you. 3D models and the corresponding images are stored on our Platform for the purpose to make them accessible to you. The User Data may also be used for the purpose of improving the 3D models by reprocessing the User Data on the servers, and to further develop and improve the Platform and/or Service.

3.4 Cookies & Tracking Data

We use cookies and similar tracking technologies to track the activity on our Platform and process certain information.

4. Transfer to Third Parties and Abroad

Within the purpose agreed herein, we may have Personal Data processed by our group entities or third parties. Such third parties are marketing and market research companies, companies that operate and/or maintain our information technology (outsourcing partners), other service providers (e.g. financial service providers), debt collection companies, or attorneys and government bodies. If we commission group companies or third parties with the processing of data pursuant to section 2 (What Information Do We Collect?), the third party will be selected carefully and must take appropriate security measures to guarantee the confidentiality and security of such data.


We or the third parties may process the data pursuant to section 2 (What Information Do We Collect?) outside of Switzerland, i.e. in EU or non-EU countries. We represent that the third parties will only use such data according to the law and exclusively in the interest of Astrivis. These necessary contractual guarantees provided by the third parties are based on the standards of the European Commission (also recognised in Switzerland). You have the right to inspect the guarantees in these contracts (or parts thereof).


We have engaged the following third parties as sub-processors:


  • Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;
  • YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA;
  • Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany

5. Security of Data and Retention

The security of your Personal Data is important to us. Please remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.


We only process your Personal Data until the purpose, for which it was collected, is fulfilled, or as required by law.


If you have opened an account with us, we will store your Personal Data, e.g. the master data you provided, for an unlimited period of time. However, you can request the deletion of your account at any time (cf. section 9, Your Rights). We will delete your master data, unless we are required otherwise by applicable law.


If you placed an order without opening an account, your master data will be deleted after the expiry of the services or warranty period (as applicable), unless we are required otherwise by applicable law. This deletion can take place immediately or in the context of periodically executed deletion runs.


To refuse further business contact with a data subject due to misuse, payment default, or other legitimate reasons, we may store Personal Data for five years, or ten years in case of recurrence.

6. Analytics

Astrivis uses the collected data for various purposes:

6.1 Data

6.1 We may use third-party service providers to monitor and analyze the use of our Platform and Service. Data processed by analytical services are transmitted anonymously to servers of the commissioned third parties abroad, including the USA.

6.2 Google Analytics

Google Analytics is a web analytics service offered by Google Inc., USA that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google Inc. may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt-out of having made your activity on the Platform available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: Google Privacy & Terms.

7. Inclusion of Third Party Elements

Our Platform may contain content from and links to other websites and third party providers, such as, YouTube, or social media button from platforms such as Facebook or Twitter. This content enables you to enjoy content from those platforms within our Service or simply to share our content on the relevant social media networks.


When you use our Platform, if such content is displayed as part of the Service, a connection to the servers of the third party provider is automatically established. Personal Data and/or Usage Data about your access to our Platform, in particular your IP address, will be transmitted to this third party provider. Therefore, if you have signed in to that third party’s account at the time you visit our Platform (for example, with a Facebook or Google account), that third party may detect that you accessed our Platform and use our Service. You authorise us to share this information with the third party provider that hosts your account.


If you click on a third party link, you will be directed to that third party’s website. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

8. Legal Bases of Processing

The legal justification, upon which we base our processing of Personal Data, is stipulated in article 13(2)(a) FADP (processing directly related to the conclusion, or the settlement, of a contract; corresponding to article 6(1)(b) GDPR; and article 13(1) FADP (consent of the data subject or obligation to process by law) corresponding to article 6(1)(a) GDPR.


We reserve the right to store the first name and surname, postal address, and e-mail address of a data subject pursuant to article 13(1) FADP (corresponding to article 6(1)(f) GDPR) if, based on misuse, non-payment or similar legitimate reasons, we refuse to conclude any future contracts with data subjects.


Furthermore, group entities may also process Personal Data pursuant to article 13(1) FADP (corresponding to article 6(1)(f) GDPR).

9. Your Rights

Upon request, we will inform the data subject about and – if so – which Personal Data we process about him or her (right of confirmation, right of access).


At your request:


  • we will cease processing Personal Data, in part or in full (right to withdraw your consent to the processing of Personal Data for one or more specific purposes; right to erasure (right “to be forgotten”)). Your request to be forgotten will also be communicated to third parties to whom we have previously forwarded your Personal Data.
  • we will correct the relevant Personal Data (right to rectification);
  • we will restrict the processing of the relevant Personal Data (right to restriction of processing); in this case we will only store or use your Personal Data to protect our own legal claims or the third party rights;
  • you will receive the relevant Personal Data in a structured, commonly used and machine-readable format (right to data portability).

To request any of the rights described in this section, for example if you no longer wish to receive our e-mail newsletters or if you wish to delete your account, please use the appropriate function on our Platform, or contact our data protection officer or an employee as described in section 11 (Contact Us).


If we do not comply with your request, we will inform you of the reasons for our non-compliance. For example, we may legally refuse to delete your Personal Data if we still need it to fulfil the purpose, for which it was originally provided (for example if we continue providing our services to you), if the processing is based on mandatory law (for example mandatory accounting regulations), or if we have a predominant interest of our own (for example in the case of a lawsuit against the data subject).


If we assert a predominant interest in the processing of Personal Data, you have nevertheless the right to object to the processing; provided, however, that your individual situation compares differently to that of other data subjects (right to object). This could be the case, for example, if you are a person of public interest, or if processing increases the risk of you being harmed by third parties.


If you disagree with our response to your request, you have the right to file a complaint with a competent supervisory authority, for example, in your country of residence or at the registered seat of Astrivis (right to appeal).

10. General Terms

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on our Platform. We will let you know via email and/or a prominent notice on our Platform, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. If you disagree with the changes, you are not permitted to access the Platform and/or receive the Service.


If any provision of this Privacy Policy is held to be invalid, illegal or unenforceable, the validity, legality and enforceability of the remaining provisions will in no way be affected or impaired as long as the intent can be preserved.


This Privacy Policy and any agreements concluded based on, or in connection with, this Privacy Policy, as the case may be, are governed by Swiss law, unless the applicable law of another country applies mandatorily. The place of jurisdiction is the registered seat of Astrivis, unless a different place of jurisdiction applies mandatorily.

11. Contact Us

If you have any questions about this Privacy Policy, please contact our data protection officer by email at legal@localhost.

Contact Us