In this Privacy Notice, we, RIVR Technologies AG (“RIVR”), explain how we collect and process your personal data. This is not necessarily an exhaustive description. We may inform you about additional data processing activities, e.g., in general terms and conditions, forms and notices.
This Privacy Notice is aligned with the requirements of the Swiss Federal Act on Data Protection (“FADP”). However, whether and to what extent this law is applicable depends on the individual case. In some cases, we may receive your personal data directly from enterprise customers to whom we provide enterprise-level services as a “processor" or “service provider” under a services contract. When acting in this capacity, this Privacy Policy does not apply; instead, the privacy policy of the applicable enterprise customer governs; for questions or concerns regarding how an enterprise customer processes your personal data, please contact them directly.
The “controller” of data processing as described in this Privacy Notice (i.e., the responsible person) is RIVR Technologies AG, Affolternstrasse 42, 8050 Zurich, Switzerland.
You can send your data protection-related questions and/or requests to the following address: dpo[@]rivr.ai
The categories of personal data we collect include business contact information (such as name, employer, job title, and work contact details); information related to our business relationship with you or the organization you represent; professional information from public sources or third parties; and security or compliance-related data, where necessary for the purposes described in this Privacy Notice.
If our robots unintentionally record personal data (e.g., through their navigation cameras), we will promptly delete or anonymize this data.
We primarily process personal data that we receive in the course of initiating or carrying out a business relationship with you or your employer or others represented by you, or that we collect from you as a user of our website and, where applicable, apps and other applications. This Privacy Notice also applies to our job applicants (see Section 11).
If you provide us with personal data of other persons (e.g., work colleagues), please make sure that these persons are aware of this Privacy Notice and only share their personal data with us if you are allowed to do so and if this data is correct.
Please note that our web server automatically logs every visit to our website in a temporary log file. User-specific data (e.g., information about your browser and your IP address) as well as technical data (e.g., name and URL of the referring website) are logged for the purpose of establishing the connection and optimizing the website visit, for which purpose “cookies” may be used (Section 5).
To the extent permitted, we obtain certain personal data from publicly accessible sources (e.g., debt collection register, land register, commercial register, press, internet) or we obtain such information from public authorities or other third parties (e.g., business partners).
Apart from the personal data that you disclose to us directly (Sections 2.1 and 2.2), the categories of personal data that we receive about you from third parties include, but are not limited to, information
We are committed to the processing principles and therefore endeavor to collect and process only the personal data that we need to achieve the purposes set out in Section 3.
We process your personal data primarily for the purpose of reviewing, concluding and fulfilling contracts with you or other persons who represent you (e.g., your employer), in particular in connection with the manufacture, distribution and trade of actively suspended wheeled vehicles for logistics and monitoring, and the provision of services in the field of technological system solutions for these applications and related research and development work as well as the purchase of products and services from our suppliers and service providers. We also process personal data to review applications and to perform employment contracts if and insofar as this is necessary to assess the suitability of the applicant or to perform an employment contract. Your personal data may also be processed in order for RIVR to comply with legal and regulatory obligations in Switzerland and abroad.
In addition, we may process personal data about you and other persons, to the extent permitted and as we deem appropriate, in particular for the following purposes in which we (and, as the case may be, third parties) have a legitimate interest:
Within the scope of the applicability of the FADP, we are generally not required to have a justification or legal basis for the processing of your personal data. If we are required to have a legal basis due to the applicability of the GDPR, we generally base the respective processing on one of the following legal bases, which usually also corresponds to the purpose according to Section 3.1:
If we do not ask for your consent for processing, we base the processing of your personal data on the fact that the processing is necessary for the conclusion and/or fulfilment of a contract with you (or the entity you represent, e.g., your employer) (Art. 6 para. 1 lit. b GDPR) or that we (or third parties) have a legitimate interest in pursuing the purposes mentioned in Section 3.1 (Art. 6 para. 1 lit. f GDPR).
Our legitimate interests include, but are not limited to, the marketing of our products and services, the interest in better understanding our markets and the ability to manage and develop our business and operations safely and efficiently. We may also process your data on the basis of other legal bases, e.g., in the event of a legal obligation (Art. 6 para. 1 lit. c GDPR).
If you have given us your consent to process your personal data for specific purposes, we will process your personal data within the scope of and based on this consent (Art. 6 para. 1 let. a GDPR), unless we have another legal basis and require one. You can revoke any consent you have given at any time with effect for the future by sending an email to dpo[@]rivr.ai.
We may use cookies, pixel tags, and other technologies (“Technologies”) to automatically collect personal data such as domain name, browser type, device type, browser settings (e.g. language preferences), session ID, IP address, authentication data and visit time (time stamp) as well as other metadata on our website.
The following cookies are used on our website:
The use of these Technologies occurs on the basis our legitimate interest (Art. 6 para. 1 lit. f GDPR) or, to the extent required by applicable laws, on the basis of your consent (Art. 6 para. 1 lit. a GDPR). In the latter case, you may revoke your consent at any time.
You can change your browser settings to block cookies or to alert you when cookies are being sent to your device. Previously installed cookies can also be deleted in the browser settings, including cookies that may have stored the consent for the installation of cookies by this website. Regarding cookies installed by third parties, you can manage your preferences and revoke your consent by clicking on the relevant opt-out link (if available), following the instructions specified in the third party's privacy policy or by contacting the third party.
Please note that if you decide to disable certain cookies, you may not be able to access certain functions of our website.
We may disclose your personal data to third parties in the course of our business activities and in pursuit of the purposes described in Section 3. These third parties process your data either on our behalf and according to our instructions (“processors”) or on their own responsibility. These third parties include the following:
together “recipients”.
The recipients pursuant to Section 6 are generally located in Switzerland but may also be located abroad. Your data may be transferred to countries in the EEA and to the USA, where some of the service providers we use are located.
If a recipient is located in a country without adequate statutory data protection such as the USA, we contractually oblige the recipient to comply with the applicable data protection laws (one of the safeguards we may use to support such transfer is the revised Standard Contractual Clauses of the European Commission, which are available here. Including a Swiss annex to comply with the FADP, unless the recipient is already subject to a legally recognized set of rules to ensure data protection and we cannot rely on an exception. Such an exception may exist in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the conclusion or execution of the contract requires such disclosure, if you have expressly consented to the disclosure or if it concerns data that you have made generally accessible and whose processing you have not objected to.
We process and retain your personal data as long as it is necessary for the fulfilment of our contractual obligations and compliance with legal obligations or other purposes pursued with the processing (Section 3.1), for example, for the duration of the entire business relationship (i.e. from the initiation, during the performance of the contract until to its termination) and beyond that in accordance with the statutory retention and documentation obligations. It is possible that personal data will be retained for the time during which claims can be asserted against our company or if other legitimate business interests require this (e.g., for evidence and documentation purposes). As soon as the purposes and/or laws no longer require it, your data will be deleted or made anonymous. For technical data collected via our website (e.g., system protocols, logs), shorter retention periods of twelve months or less generally apply.
We take appropriate technical and organizational measures to protect your data from loss and unauthorized access and misuse. These include employee training, IT and network security solutions, access controls and restrictions, pseudonymization of personal data (e.g., when disclosing personal data to service providers), and regular checks.
In general, we do not carry out automated individual decision-making, i.e., decisions that are based exclusively on automated processing (without human influence) and that are associated with a legal consequence for you (e.g., refusal to conclude a contract) or which significantly affect you in any other way. Should we exceptionally make such decisions, you will be informed in advance.
When you apply for one of our open positions, we collect the information that you provide in connection with your job application. This includes but is not limited to business and personal contact information, professional credentials and skills, educational and work history, and other information that may be included in a resume or that you may provide during the interview process. This may also include demographic or diversity information that you voluntarily provide. We may also conduct background checks and receive related information. We also collect personal data from other sources where relevant for your application, such as employment research firms, recruiters, identity verification services, and information that you make publicly available on websites or social media platforms (for example, LinkedIn).
Throughout the recruitment process, we may supplement your personal data in connection with the assessment of your application. For example, we may record the views of those considering your application about your suitability for the role for which you have applied and retain interview notes. If you accept an offer from us, your personal data will be incorporated into and used as part of your employee record.
We use applicants' information to facilitate our recruitment activities, process employment applications and personalize candidate communication, including evaluating candidates and monitoring recruitment statistics. We also use successful applicants' information to administer the employment relationship. We may also use and disclose applicants' information to improve our processes and for the compliance and protection purposes described above.
To the extent provided for by applicable data protection law, you have the right to access, rectify and erase of your personal data, the right to restrict data processing as well as the right to object to processing, in particular for direct marketing purposes, and other legitimate interests in processing as well as the right to receive certain personal data for the purpose of transmission to another controller. Please note that we reserve the right to assert the restrictions provided for by law, for example if we are obliged to store or process certain data, have an overriding interest or need the data to assert claims. We have already informed you about the possibility of withdrawing your consent in Section 4. Please note that exercising your rights may contradict our contractual agreements and this may have consequences such as premature termination of a possible contract.
The exercise of such rights usually requires that you clearly prove your identity by providing us with a copy of your ID. To exercise your rights, you can contact us at the address indicated in Section 1.
As a data subject, you also have the right to enforce your claims in court or to file a complaint with the competent data protection authority. The competent data protection authority is the Federal Data Protection and Information Commissioner.
We do not target our services to children under 18 years of age. If we learn that we have collected personal data through our websites or services from a child under 18 without the consent of the child’s parent or guardian as required by law, we will delete it.
We may amend this Privacy Notice at any time without prior notice. The current version published on our website shall apply. If we make any material changes to this Privacy Notice you will be notified by appropriate means such as email or a pop-up.
Version valid from 4 March, 2026.