Measure Killer Measure Killer
Legal

Privacy Policy

Privacy Policy for Brunner BI and Measure Killer

1. What is this Privacy Policy about?

In this Privacy Policy, we explain how we process personal data, particularly in the context of our business activities and the sale of Measure Killer software licenses, to the extent that such processing is not obvious and applicable data protection law requires disclosure. This Privacy Policy is for informational purposes and does not form part of any contract with you, even if a contract refers to this Privacy Policy.

If you have further questions about our data processing, please feel free to contact us (see Section 2).

2. Who is responsible for processing your data?

The following entity is the "controller" for the data processing described in this Privacy Policy, i.e., the entity primarily responsible under data protection law (also referred to as "we"):

Brunner BI GmbH

Baarerstrasse 52

6300 Zug

SWITZERLAND

If you have any questions regarding data protection, you can contact us at: gregor@brunner.bi

3. How do we process data in connection with our products and services?

When you use our products and services (collectively "services"), we process data to prepare and execute the relevant contract:

  • When we enter into a contract with you, e.g., for the sale of a Measure Killer Enterprise license, we process data from the pre-contractual phase, such as offers and details related to the conclusion of the contract (e.g., contract date and subject matter). During and after the contract term, we process information about the contract or use of services, payments, customer service interactions, claims, complaints, contract termination, and—if disputes arise in connection with the contract—related procedures.
  • If you order services online from us (e.g., on measurekiller.com), we process your contact details and order details. Payments are processed by our payment service provider Stripe (Stripe Payments Europe, Ltd., Dublin, Ireland); we receive confirmation of payment and limited payment information, but never your full card details.
  • If you fill in a form on our website — e.g., to request a quote, a trial license, or a demo, to contact us, to subscribe to update notifications, or to download the software — we process the details you provide (such as your name, email address, company, and, for quotes, billing and shipping address details) together with technical data collected at submission (IP address, browser information, and time of submission). We use the technical data also to prevent spam and abuse of our forms. Form submissions are transmitted via and initially processed on Microsoft Azure infrastructure and, depending on the purpose, stored in our CRM system (see Section 4).
  • When you activate or use a Measure Killer license, we process license and activation data (e.g., license key, assigned user, activation timestamps, IP address, and application version) to provide the software, validate licenses, and verify compliance with the applicable license agreement, such as the number of licensed users.
  • We also process the aforementioned data for statistical evaluations to support the improvement and development of products and business strategies. We may also use this data for personalized marketing purposes; further details can be found in Section 4.

For business partners that are companies, we process less personal data, as data protection law only applies to data of natural persons (i.e., individuals). However, we process data of contact persons with whom we communicate, e.g., name, contact details, professional information, and details from communications, as well as information about executives, as part of general information about the companies we work with.

You may provide us with data relating to other individuals (e.g., representatives, colleagues, family members, beneficial owners). We assume that this data is accurate and that you are authorized to provide it to us. We ask that you inform these individuals about our data processing (e.g., by referring them to this Privacy Policy).

We have no access to personal data processed within your Power BI or Fabric environment through the Measure Killer application (see Section 6).

4. How do we process data in connection with advertising?

We also process personal data to promote our services:

  • Newsletters: We send electronic information and newsletters that may include advertising for our offerings. We obtain your consent beforehand, except when promoting certain offerings to existing customers. In this context, in addition to your name and email address, we process information about which services you have used, whether you open our newsletters, and which links you click. We store your email address and other contact details you provide (e.g., name and company) in our customer relationship management (CRM) system, which is operated by our service provider Wix.com Ltd. (Tel Aviv, Israel), and which we also use to send our newsletters. Israel is recognized by both Switzerland and the European Commission as providing an adequate level of data protection. Our email service provider offers a function that primarily uses invisible image data loaded via an encoded link to transmit open and click information. You can avoid this tracking by configuring your email program accordingly (e.g., by disabling the automatic loading of image files).
  • Events: We may organize events. If you participate, we process registration data to organize and conduct the event and, if applicable, to contact you afterward. We may also take photos or recordings at the event, which we may share, e.g., on social media. We will inform you separately in such cases.
  • Promotional calls: We may call our customers and, in individual cases, potential customers, and process the relevant data about our conversation partners and, if applicable, related individuals at the contacted company.
  • Market research: We process data to improve services and develop new products, e.g., information about your purchases, your responses to newsletters, data from customer surveys or polls, social media, media monitoring services, or public sources.

5. How do we disclose data?

We may disclose personal data to various recipients in the course of our activities, including in particular:

  • Persons related to you, e.g., authorized representatives, guarantors, deputies, or family members, and, for contact persons of companies, employees and the company itself;
  • Intermediaries, if we work with intermediaries for our services and share information about you with them so they can contact you directly;
  • Authorities, agencies, and courts in connection with our legal obligations and procedures in which we are a party or third party;
  • Third parties, e.g., in connection with the acquisition or sale of assets by us;
  • Service providers, particularly providers of IT services (e.g., hosting), payment services, and administrative and consulting services. These service providers may process personal data to the extent necessary.

The recipients of data are not only located in Switzerland. This particularly applies to certain service providers (especially IT service providers). These providers and their subcontractors are located both within Switzerland and the EU/EEA (e.g., Austria) and in other countries worldwide. We may also transfer data to authorities or other entities abroad if legally required or, e.g., in connection with a company sale or legal proceedings. Not all of these countries have adequate data protection. We address lower levels of protection through appropriate contracts, particularly the Standard Contractual Clauses of the European Commission. In certain cases, we may transfer data without such contracts in accordance with data protection requirements, e.g., if you have consented to the disclosure or if it is necessary for contract performance, the establishment, exercise, or enforcement of legal claims, or for overriding public interests.

6. How do we process data in connection with our website?

What data is collected when using our website?

The explanations in this Section 6 refer to our website. The Measure Killer desktop application works differently: all analysis of your Power BI or Fabric environment is performed locally on your machine or your organization's infrastructure, and the analysis results never leave it. We have no access to the content of your semantic models, reports, or tenant metadata. The application contacts our servers only to validate license keys and to check for software updates; in doing so, we process technical connection data such as the IP address, application version, and the license key used (see Section 3).

When you use our website, certain data is automatically collected for technical reasons and temporarily stored in log files (log data), including:

  • The IP address of your device;
  • Information about your internet service provider and operating system;
  • The referring URL;
  • Browser details;
  • Date and time of access;
  • Content accessed during the visit.

Our website does not set cookies. For this reason, we also do not display a cookie consent banner — there is nothing to consent to. We store certain functional settings locally in your browser (e.g., your currency selection) using local storage; this data remains on your device, is not transmitted to us, and is not used to identify or track you. You can delete locally stored data at any time via your browser settings.

We use log data to enable the use of our website, ensure system security and stability, optimize our website, and for statistical purposes.

How do we use web analytics and embedded content?

For web analytics, we use a self-hosted instance of the open-source software Umami, which runs on our own infrastructure. Umami does not use cookies and does not create cross-site profiles; visitors are counted using anonymized identifiers, and no analytics data is transmitted to third parties.

Our website embeds videos from YouTube (Google Ireland Ltd., Dublin, Ireland) in privacy-enhanced mode ("youtube-nocookie.com"). When you play a video, YouTube collects data about you as described in Google's privacy policy.

How do we process data via social media?

We operate profiles on social networks and other platforms (e.g., our LinkedIn page, the Measure Killer Subreddit, and our YouTube channel). When you communicate with us or comment on or share content there, we collect information that we primarily use for communication, marketing purposes, and statistical evaluations. Please note that the platform provider also collects and uses data (e.g., on user behavior), potentially combined with other data it holds.

7. Are there other processing activities?

Yes, many processes are not possible without processing personal data, including common and even unavoidable internal procedures:

  • Communication: When we communicate with you (e.g., via customer service calls or on a social media platform), we process information about the content, type, time, and place of communication.
  • Compliance with legal requirements: We may disclose data to authorities as part of legal obligations or permissions and to comply with internal regulations.
  • Job applications: If you apply for a position with us, we process the data provided in the application process and, if applicable, additional data from public sources, such as professional social media.
  • Prevention: We process data to prevent criminal activities and other violations, e.g., in the context of fraud prevention or internal investigations.
  • Legal proceedings: If we are involved in legal proceedings (e.g., court or administrative proceedings), we process data about parties involved, such as witnesses or informants, and may disclose data to such parties, courts, or authorities, including abroad.
  • IT security: We process data for monitoring, controlling, analyzing, securing, and auditing our IT infrastructure, as well as for backups and data archiving.
  • Competition: We process data about our competitors and the general market environment. This may include data about key individuals, such as names, contact details, roles, or public statements.
  • Transactions: When we sell or acquire claims, other assets, business units, or companies, we process data to the extent necessary to prepare and execute such transactions.
  • Other purposes: We process data as necessary for additional purposes, such as training and education, administration (e.g., contract management, accounting), enforcing or defending claims, evaluating and improving internal processes, and creating anonymous statistics and analyses.

8. How long do we process personal data?

We process your personal data for as long as necessary for the purpose of processing (for contracts, typically for the duration of the contractual relationship), as long as we have a legitimate interest in storing it (e.g., to enforce legal claims, for archiving, or to ensure IT security), and as long as data is subject to legal retention obligations (e.g., a ten-year retention period applies to certain data). After these periods, we delete or anonymize your personal data.

9. How do we protect your data?

We take appropriate technical and organizational measures to ensure a level of security for your personal data that is proportionate to the respective risk. However, we cannot guarantee absolute data security; certain residual risks cannot be entirely eliminated.

10. What are your rights?

Under the conditions and within the scope of applicable data protection law, you have certain rights to request information about your personal data or to influence our processing of it:

  • Access: You can request information about whether we process personal data about you, and if so, which data, along with further details about our data processing.
  • Rectification and restriction: You can correct inaccurate personal data and complete incomplete data.
  • Deletion and objection: You can request the deletion of personal data and object to the processing of your data with effect for the future.
  • Data portability: You can receive the personal data you provided to us in a structured, commonly used, and machine-readable format, provided the processing is based on your consent or is necessary for contract performance.
  • Withdrawal of consent: If we process data based on your consent, you can withdraw your consent at any time. The withdrawal applies only to future processing, and we reserve the right to continue processing data on another legal basis if consent is withdrawn.

To exercise any of these rights, please contact us (see Section 2). We will generally need to verify your identity.