preloader
Contact us About us

Privacy Policy

1. Introduction

We, NETWORK COLLABORATION AG, registration no. _______, whose registered address is at _______ (“ ”, “we”, “us”, or “our”), declare ourselves responsible for processing any personal data we collect via our online website https://smartcore.pro. Separate agreements regulate the processing of personal data within the framework of the individual contractual relationship with _______.

We are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information in compliance with Swiss data protection laws, including the Swiss Federal Act on Data Protection (FADP) and, where applicable, the EU General Data Protection Regulation (GDPR).

2. Information We Collect

Please read this privacy notice carefully. It will help you understand how we use the information you provide. By using our website https://smartcore.pro, you consent to our Privacy Policy and agree to its terms.

Personal Information Provided by You: We collect the personal information you voluntarily provide when you register on the website www.smartcore.pro, or express an interest in obtaining information about us or our Products and Services, when you participate in activities on the Website or contact us.

The personal information we collect depends on the context of your interactions with us and the Website, your choices, and the products and features you use. The personal information we collect may include:

  • Personal Identification Data: Name, date of birth, nationality, usernames, passwords, contact preferences, contact details and identification documents.
  • Email addresses, phone numbers, and postal addresses.
  • Financial Information: Bank account details, billing addresses, account passwords, transaction history, and payment card details (Full PAN, CVV, exp. date, First Name, Last Name, card address, SAD) and other similar information.
  • Technical Data: IP address, device information, browser type, and operating system.
  • Usage Data: Information about how you use our services.
  • Compliance Data: Information required for anti-money laundering (AML) and Know Your Customer (KYC) compliance.

All personal information you provide must be true, complete, and accurate, and you must notify us of any changes to such personal information.

3. How We Use Your Data

We collect your information, in most cases, based on your intention to avail of a particular service or product from us or to make a payment transaction using our platform. We process your information with your consent or with the need to perform a contract that we may have with you.

We may collect or process your personal data for the following purposes:

  • To provide, maintain, improve and protect our products and services.
  • To improve and personalize our products and services.
  • To comply with legal and regulatory requirements, including AML and KYC obligations.
  • To process transactions and payments securely and manage your account.
  • To prevent fraud, unauthorized transactions, and security breaches.
  • To respond to your inquiries and customer support requests.
  • To communicate with you regarding updates, promotions, or service-related matters.
  • To send promotional emails or newsletters (with your consent).
  • To monitor website usage and improve user experience.
  • To comply with legal obligations and resolve disputes.
  • To enforce our terms, conditions, and policies for business purposes, to comply with legal and regulatory requirements, or in connection with our contract.

4. Legal Basis for Processing

We comply with the legal provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (DPO), and other data protection provisions insofar as they apply to data processing carried out by us, such as the GDPR.

This Privacy Policy and all matters arising out of or relating to it shall be governed by and construed in accordance with the substantial laws of Switzerland.

  • Consent: When you provide consent for specific purposes.
  • Contractual Necessity: To fulfil contractual obligations.
  • Legal Obligation: To comply with legal and regulatory requirements.
  • Legitimate Interests: To improve services, enhance security, and protect business interests.

5. Data Sharing and Disclosure

We do not sell, rent, trade, or otherwise transfer your personal information to outside parties. However, we may share your data with:

  • Financial institutions.
  • Fraud prevention and risk management service providers.
  • Legal and regulatory authorities.
  • Law enforcement agencies when required by law.
  • New owners in the event of a merger or acquisition.
  • Affiliates and partners (with consent).

6. Data Security and Retention

Data Retention

We will retain your personal data for as long as necessary to fulfil the purposes outlined in this privacy policy, comply with legal obligations, resolve disputes, and enforce our agreements. We implement appropriate organizational, technical and administrative measures to protect the personal data covered by this statement from unauthorized access, destruction, loss, alteration or misuse.  Unfortunately, no data transmission or storage system is entirely secure.      

We may continue to retain your personal information to comply with our legal and regulatory obligations, to enable fraud monitoring, detection, and loss prevention activities, and to comply with our tax, accounting, and financial reporting obligations. This includes where such retention is required by our contractual arrangements with our financial partners (and where your payment methods require data retention).     If we retain your personal information, we will do so by any statute of limitations and record-keeping obligations imposed by applicable law. No purpose in this notice will require us to keep your personal information for longer than the period users have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it. Suppose this is impossible (for example, because your personal data has been stored in backup archives). In that case, we will securely store it and isolate it from any further processing until deletion is possible.

Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These measures include:

  • Encryption and Regular Audits:

1. Our users trust with their sensitive data and rely on us to be good custodians of their customer’s data. As a payments infrastructure company, our security posture continually evolves to meet the rigorous standards of the global financial industry. Uses best-in-class security practices to maintain a high level of security. PCI DSS certified. A PCI-certified auditor evaluated and certified us to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. This audit includes both Card Data Vault (CDV) and the secure software development of our integration code. We provide our users with features to automate some aspects of PCI compliance. The CTO is responsible for reviewing the current document at least once every 12 months to ensure its relevance to business and risk environment and compliance with PCI DSS.

2. The security of your data is important to us. When you visit our website, we use the widespread SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed display of the key or lock symbol in the lower status bar of your browser.

     For secure connections, we mandate using HTTPS and HSTS for all services using TLS (SSL), including our public website and the dashboard. We regularly audit the details of our implementation, including the certificates we serve, the certificate authorities we use, and the cyphers we support. We use HSTS to ensure browsers interact with NetCo only over HTTPS. is also on the HSTS preloaded lists for all modern major browsers.

All server-to-sever communication is encrypted using mutual transport layer security (mTLS), and has dedicated PGP keys for users to encrypt communications with or verify signed messages they receive from . Our systems automatically block requests made using older, less secure versions of TLS, requiring at least TLS 1.2.

The NetCo.pro domain, including the Dashboard and API subdomains, is on the top domains list for Chrome, providing extra protection against homoglyph attacks. This makes it harder to create fake pages that look like https://netco.swiss in Chrome.

  • Monitoring and protecting information from leaks:

We proactively scan the internet for our merchants’ API keys. If we find a compromised key, we take appropriate action, advising the user to roll their API key. We use the GitHub Token Scanner to alert us when a user’s API keys have been leaked on GitHub. If we find external phishing pages that might catch our users, we work proactively with our vendors to take those down and report them to Google Safe Browsing.

Our security teams regularly test our infrastructure, scanning for vulnerabilities, conducting penetration tests, and conducting red team exercises. We hire industry-leading security companies to perform third-party scans of our systems and immediately address their findings. Our servers are frequently and automatically replaced to maintain their health and discard stale connections or resources. Server operating systems are upgraded well in advance of their security end-of-life (EOL) date.

We have several dedicated security teams specialising in different security areas, including infrastructure, operations, privacy, users, and applications. Security experts are available 24/7 through on-call rotations. We’re focused on constantly raising the bar on best practices to minimise cybersecurity risks.

  • Access Controls:

NetCo takes a zero-trust approach to employee access management. Employees are authenticated leveraging SSO, two-factor authentication (2FA) using a hardware-based token, and mTLS through a cryptographic certificate on NetCo-issued machines. After connecting to the network, sensitive internal systems and those outside the scope of the employee’s standard work require additional access permissions. We have a comprehensive process for listing permitted software on employee laptops, preventing the installation of non-approved applications.

We monitor audit logs to detect abnormalities, investigate intrusions and suspicious activity, and monitor changes to sensitive files in our code base. All of NetCo’s code undergoes multi-party review and automated testing. Code changes are recorded in an immutable, tamper-evident log. We constantly collect information about NetCo-issued laptops to monitor for malicious processes, connections to fraudulent domains, and intruder activity.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by NetCo employees or third parties (need-to-know access). Our security measures are continuously improved in line with technological developments.

We require every NetCo employee to complete security education annually and provide secure software development training to NetCo engineers. We also run internal phishing campaigns to test everyone at NetCo's ability to recognise phishing attempts and flag them for the appropriate security team.

7. Your Rights

Under Swiss data protection law and, where applicable, the GDPR, you have certain choices regarding our collection, use and disclosure of your personal information:

a. Your data protection rights.

  • Access: you have the right to know whether NetCo AG processes personal data associated with you and, if so, to request access to that personal data and obtain a copy;
  • Rectification: you have the right to request NetCo AG to correct and update inaccurate, incomplete or out-of-date personal data;
  • Erasure: the right to request that We delete your personal data in certain lawful circumstances, such as when the data is no longer necessary for the purposes it was collected or if you withdraw your consent;
  • Restriction: request limitation of your personal data processing under certain conditions (for example, while processing another request you have made, such as a request to rectify your personal data, or if the processing is unlawful, or if you need the data for legal claims.);
  • Objection: Object to processing based on legitimate interests.
  • Data Portability: Request transfer of your data to another service provider in a structured, commonly used, and machine-readable format, where technically feasible;
  • Withdraw Consent: Withdraw consent where processing is based on consent. It will not affect the lawfulness of processing based on consent before its withdrawal.

b. Unsubscribe from electronic communications with us.

If you no longer wish to receive marketing-related emails from us, you may unsubscribe by clicking on the unsubscribe link included in those emails. Please note that we reserve the right to communicate with you about the services you use (such as support and important legal notices) even if you opt out of receiving marketing-related emails from us.

To exercise your rights, please contact our DPO at info@netco.swiss. We will respond to your request within one month, as required by the GDPR. In certain circumstances, we may extend this period by an additional two months, in which case you will be notified.

8. International Data Transfers

NetCo AG is located in Switzerland. If you are accessing our services from outside this country or the European Economic Area (EEA), please be aware that your personal data may be transferred to, stored, and processed in a different country where privacy laws may differ from those in your jurisdiction.

In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities (such as law enforcement or security authorities).

When we transfer your data outside the EEA, we ensure that appropriate safeguards are in place, such as:

  • Standard Contractual Clauses: Implementing standard contractual clauses approved by the Swiss Federal Data Protection and Information Commissioner (FDPIC) or the European Commission to ensure data protection.
  • Binding Corporate Rules: Applying binding corporate rules for intragroup data transfers.
  • Adequacy Decisions: Transferring data to countries that have been deemed to provide an adequate level of data protection by the European Commission.
  • Explicit Consent: Obtaining your explicit consent for specific transfers where no other legal basis is available.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance user experience on our website and analyze service usage.

Cookies are small text files stored on your device that help us recognize you and remember your preferences. The types of cookies we use include:

  • Essential Cookies: Necessary for the functioning of our website and services, enabling secure login and core functionality.
  • Performance Cookies: Collect information about how you use our website, allowing us to improve its performance and your user experience.
  • Functionality Cookies: Remember your preferences and settings, personalizing your experience.
  • Targeting Cookies: Track your browsing habits to deliver relevant advertisements and measure marketing effectiveness.

By continuing to use our site, you consent to our use of cookies. You can change your consent at any time by clicking “Delete and Revoke”. If you choose not to accept cookies, your experience may be affected. You can manage cookie preferences via your browser settings.

10. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technological advancements. We will notify you of significant updates by posting the revised version on our website www.smartcore.pro. The updated policy will include an effective date and a summary of changes.

By using our services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and transfer of your personal data as described herein. Thank you for trusting https://smartcore.pro with your information.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

NETWORK COLLABORATION AG