Privacy Policy

This Privacy Policy forms an integral part of Trepup's (hereafter "Trepup", "we" or "us") policies which govern your access to and use of Trepup's products, including without limitation the use of the content on Trepup's website, products and services (collectively the "Products", each a "Product").

The use of our Products is also subject to the Terms of Use and other policies (collectively the "Policies"). By using our Products, you (hereafter "User" or "you") agree to use them in accordance with the Policies.

Please go through this Privacy Policy in detail, and contact us if you have any questions or require any clarifications.

Your privacy is important to Trepup. We strive to take reasonable care to protect the information we receive from you and to abide by applicable data and privacy protection laws and regulations. Trepup complies with the General Data Protection Regulation (EU) 2016/679 (thereafter the "GDPR"), which sets guidelines for the collection and processing of personal information from individuals. We have therefore established and created this Privacy Policy to inform you about the type of personal information we collect from you, how we use it and what options you have to limit our use of the personal data related to you ("Personal Data").

When you create your Trepup account ("User Account"), we will ask for your consent to allow us to collect, store, disclose, process, deal with or transfer such Personal Data in the manner and for the purposes mentioned in the Policies. You may withdraw your consent at any time (for further details, please refer to Section 7.1 of this Privacy Policy).

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at

Return to top

1. What type of Personal Data do we collect?

We collect Personal Data in two ways:

1.1 When you give it to us or give us permission to obtain it.

When you use or sign up for Trepup, you voluntarily give us certain Personal Data such as your name, email address and password. You can update this Personal Data anytime by logging in to your User Account.

You may also choose to give us permission to access your Personal Data in other services. For example, you may link your Facebook and Google account to Trepup, which allows us to obtain Personal Data from those accounts. The Personal Data we obtain from these services (e.g., your contact details) often depends on your settings or their privacy policies, so be sure to check them before you link other accounts. Providing any Personal Data to us via a social media platform is beyond our control and made at your own risk as such platforms are hosted by third parties.

1.2 We also get Personal Data when you use our services.

Whenever you use any website, mobile application or other Internet service, there is generally certain Personal Data that gets created and recorded automatically. The same applies when you use Trepup. Here are some of the types of Personal Data we collect:

(a) Log data: While using Trepup, our servers automatically record Personal Data, including Personal Data that your browser sends whenever you visit a website. This log data may include your IP address, browser type and settings, operating system, the referring web page, pages visited, location, search terms and cookie data.

(b) Cookie data: Depending on how you access Trepup, we may use "cookies" (a small text file sent by your computer each time you visit our website, unique to your User Account or browser) or similar technologies, such as web beacons or pixels, to record log data, analyze trends, gather demographic information or track navigation through our website. When we use cookies, we may use “session” cookies (that last until you close your browser) or “persistent” cookies (that last until you or your browser delete them). For example, we may use cookies to store your Trepup settings, so you do not have to set them up every time you visit Trepup. Some of the cookies we use are associated with your User Account (including Personal Data about you, such as the email address you gave us) and other cookies are not. You may disable or restrict cookies using your browser’s security settings, but that may impact your experience of using Trepup.

(c) Device information: In addition to log data, we may also collect information about the device on which you are using Trepup. The device information will include Personal Data such as type of device, operating system, device settings, unique device identifiers and crash data. This helps us make sure that our website displays and functions correctly on your device. Whether we collect some or all of this device information, including Personal Data, often depends on what type of device you are using and its settings. For example, different types of device information and Personal Data are available depending on whether you are using a Mac or a personal computer. To learn more about what device information and Personal Data your device makes available to us, please check the policies of your device manufacturer or software provider.

(d) Email information: By using our email marketing service (hereafter "Trepmail"), we may further receive access to the data you provide if you create an email newsletter and add a mailing distribution list ("Distribution List") with recipients (your "Contacts"). Such a Distribution List may be created by importing your Contacts (for further details, refer to Section 2 of the Anti-Spam Policy). The Distribution List is stored on a secure server of Trepup and only authorized employees have access to it. We will solely use and disclose the Personal Information provided in a Distribution List as set out in this Privacy Policy. We will only contact someone on the Distribution List if he or she directly gets in touch with us. We may further share the Distribution List, e.g., with anti-spam organizations, if we detect illegal or abusive behavior.

(e) Web beacons: We include web beacons on our website and in the emails we send. Web beacons allow us to monitor behavior by collecting information such as who is reading a web page or email, when and from which computer. They can also be used to see if an email was read or forwarded to someone else, or if a web page was copied to another website. This helps us to improve our Products for our users and to measure the performance of Trepmail. We use such collected data from web beacons to generate reports concerning the performance of your email newsletters and the actions of your Contacts. When we send you an email, reports are also available to us, so that we can gather and verify that information.

(f) FTF links: If one of your Contacts uses the FTF ("Forward to a Friend") link in an email newsletter you send, your email content may be shared with individuals that are not on your Distribution List. We do not keep records of your Contacts' or their friend's email address, and do not add anyone to any Distribution List as a result of the FTF if a Contact forwards an email to a friend. Users only see the total amount of times their Contacts forwarded their email newsletter and cannot access the email addresses that were used to share or receive the forwarded content.

(g) Other sources: In order to develop our products, we may search through the Internet to receive further information concerning you or your Contacts, such as IP addresses, demographic information, location, email address, name and use of social media websites.

We do not have any direct relationship with your Contacts or other individuals you provide us Personal Data with by using Trepmail. Therefore, it is your sole responsibility to obtain the explicit consent of your Contacts for us to collect and process information in accordance with applicable laws and regulations. Trepup takes no responsibility and assumes no liability for any unlawful use of Trepmail. If a Contact no longer wishes to be contacted, he or she can directly unsubscribe from the User Distribution List or ask the User to update or delete him or her from the Distribution List.

Return to top

2. How do we use the Personal Data we collect and on what basis?

We use the Personal Data we collect to provide our services to you and make them more effective, develop new products and services, and protect Trepup and our users. For example, we may compare how different Trepup pages perform using a random sample of users, which helps us understand which page is better.

We also analyze the Personal Data we collect to provide you customized content, including:

(a) Suggesting businesses that you may like to follow. For example, if you have indicated that you are interested in women’s fashion or have visited web pages about top brands that have Trepup features, we may suggest apparel, fashion and luxury-related businesses that we think you may like to follow.

(b) Suggesting services or tools that you may be interested in.

We may also use the Personal Data we collect to:

(a) Send you updates about activities on Trepup, email newsletters, promotional materials and other information that may be of interest to you. For example, depending on your notification settings, we may send you periodic updates that include topics you may like. You will always have an option to stop getting these updates or unsubscribe from getting any email newsletters or other notifications by updating your settings or by following the procedures we may provide.

(b) Help your friends find you on Trepup. For example, if you sign up using your Facebook account, we may help your Facebook friends find your User Account when they first sign up for Trepup. We may also allow people to search for your User Account on Trepup using your email address.

(c) Respond to your questions or comments.

(d) Send you emails, invoices and further notifications concerning billing and collecting money as a result of using our Products.

(e) Send you system notifications such as version updates, warnings or changes in our Policies.

(f) Communicate with you in any other context, including, but not limited to, providing customer support, meeting legal requirements or enforcing compliance with the Policies.

We process Personal Data for these purposes on the following basis:

(a) To perform the contract that we have entered into with or to carry out precontractual measures that occur as part of your request.

(b) For the establishment, exercise or defense of legal claims or proceedings.

(c) In order to comply with legal and regulatory obligations.

(d) For legitimate interests including the interests set out above.

(e) Based on consent.

The Personal Data we collect may be "personally identifiable" (i.e., it can be used to specifically identify you as a unique person) or "non-personally identifiable" (i.e., it cannot be used to specifically identify you or only in combination with other pieces of information). We use both types of data and combinations of both types. We may use, transfer or store Personal Data wherever Trepup does business, including countries outside your own and with third parties on their servers on our behalf, but always in accordance with this Privacy Policy or other applicable laws or regulations.

Return to top

3. What options do you have about your Personal Data?

Our aim is to give you simple options so you can exercise control over your Personal Data. If you have a User Account, many of the options you have on Trepup are built directly into the Products or your settings.

3.1 Scope of your Personal Data

For example, you can:

(a) Change or remove Personal Data on your profile at any time.

(b) Link or unlink your User Account from an account on another service (e.g., Facebook and Google).

You may also have options available to you through the device or software you use to access Trepup. For example, the browser you use may provide you with the ability to control cookies or other types of local data storage. To learn more about your options, please check the policies for Personal Data provided by the device manufacturer or software provider.

3.2 Deactivation or deletion of your User Account

You can deactivate your Trepup account at any time by visiting your settings and selecting "Deactivate account". After deactivating your Trepup account, you can always request to reactivate or to delete your Trepup account. If you want to delete your Trepup account, including your Personal Data, please select "Delete account" in your settings. We will delete your Personal Data from our systems within a maximum period of 180 days unless we are obliged to retain archived copies of your Personal Data as required by law or for legitimate business purposes, including helping address fraud and spam (for further details, refer to Section 7.3 of this Privacy Policy). Please note that the deletion of your Trepup account and of your Personal Data cannot be revoked.

You should be aware that some of the Personal Data that may have been shared on third-party websites may still continue to be available as we do not have control over these websites. Your Personal Data may also appear in online searches. Other Personal Data that you have shared with others, or that other users have copied, may also remain visible. You should only share Personal Data with people that you trust because they will be able to save it or reshare it with others, including when they sync the Personal Data to a device.

3.3 Further rights to your Personal Data

You may further amend your preferences concerning your Personal Data rights as specified in Section 7 of this Privacy Policy.

Return to top

4. How do we share your Personal Data?

Depending on your usage of our Products, your Personal Data may be visible to others. For example, when you create your profile on Trepup, anyone can view it and access your Personal Data.

In addition, if you are following a business, such business may communicate with you using Trepmail and send you publications, alerts, updates, invitations and other information by email. If required by law, we will ask for consent first, before activating Trepmail.

Other limited instances where we may share your Personal Data are:

(a) When you give us your consent. If you sign up for or log in to Trepup with other services (e.g., Facebook and Google), or publish your activity on Trepup to them, then you agree to share Personal Data with such services. For example, you can choose to publish your posts to Facebook.

(b) In order to comply with a law, regulation or legal request; to protect the safety, rights or property of the public, any business or person, or Trepup; or to detect, prevent or otherwise address fraud, security or technical issues.

(c) If Trepup were to engage in a merger, acquisition, reorganization, bankruptcy, dissolution or similar transaction or proceeding that involves the transfer of the Personal Data described in this Privacy Policy.

(d) Trepup does not disclose, nor does it sell, your Personal Data to third parties.

Return to top

5. How do we protect your Personal Data?

In order to protect your Personal Data in line with the applicable data and privacy protection laws and regulations, we have implemented all appropriate technical and organizational measures as required under the GDPR.

5.1 Technical measures

We use industry-leading technology to keep your Personal Data safe. Here are some steps we take to protect your Personal Data:

We automatically encrypt your confidential Personal Data in transit from your computer to ours using Secure Sockets Layer protocol (SSL) with an encryption key length of 128-bits (the highest level commercially available). Before you even sign up for or log in to our website, our server checks that you are using a browser that uses SSL 3.0 or higher.

Once you provide us your Personal Data, it resides on a server that is heavily guarded both physically and electronically. Trepup servers sit behind an electronic firewall and are not directly connected to the Internet, so your private Personal Data is available only to authorized computers.

To enhance security, we use process automation to analyze account activity for fraudulent or anomalous behavior, limit use of our website in response to signs of abuse, remove inappropriate content or links to illegal content, and suspend or disable accounts for any security violations.

5.2 Organizational measures

We maintain records of Personal Data and on processing activities for as long as required by law. We will notify the relevant supervisory authority within 72 hours after becoming aware of a Personal Data breach where it is likely to result in a risk to the rights and freedoms of individuals.

Return to top

6. How can you protect your Personal Data?

We do our best to keep your Personal Data safe, but we cannot guarantee that your Personal Data will be 100% safe. We however request that you cooperate with us in protecting your Personal Data and comply with the following personal security measures:

(a) Do not give third parties access to your computer or other devices when you access Trepup.

(b) Keep your access code and passwords for your computer or other devices, as well as your Trepup password, confidential.

(c) Permanently update your antivirus software when requested by your antivirus software provider.

(d) Do not send any confidential information by using our Products. When you use Trepmail, your email newsletter bounces from one server to another as it crosses the Internet. In the course of this process, server administrators can review what you have sent.

You agree that the security measures adopted by us are reasonable to protect your Personal Data. We disclaim any liability as a result of any breach of security or unintended loss or disclosure of Personal Data in relation to your Personal Data.

We can only keep your Personal Data up-to-date and accurate to the extent you provide us with the necessary information. It is your responsibility to notify us of any changes in your Personal Data.

Return to top

7. Your rights concerning your Personal Data

7.1 Your consent

At any time, you may give or withdraw your consent to us processing your Personal Data in the manner and for the purposes mentioned in the Policies. We will ask for your consent when you create your User Account and in other cases if required by law. You may withdraw or limit your consent at any time by changing your settings or by directly contacting us. Please note that even after you have chosen to withdraw your consent, we may be able to continue to process your Personal Data to the extent required or permitted by law.

You may also object to any processing of your Personal Data. Please inform us about the reason of your objection, and we will review whether and to which extent we will restrict or stop the future processing of your Personal Data in accordance with applicable law. We will inform you accordingly, if we decide to lift a restriction or objection to processing.

7.2 Information about and access to your Personal Data

You are always entitled to request confirmation or information about whether, where and for what purpose your Personal Data is being processed, and you may access your Personal Data without limitations. If you require, we will provide you with a copy of your Personal Data in a commonly used electronic format, free of charge. You may reuse your Personal Data also for your own purposes across other services.

If you become aware that your Personal Data is incomplete or inaccurate, you can rectify or change it at any time in your settings. Please be aware that it is your responsibility to keep your Personal Data complete and up to date.

7.3 Deletion of your Personal Data

Your Personal Data is stored with us for as long as your User Account is active or if required by law. During the deactivation of your User Account, we will keep your Personal Data stored in our system. If you choose to delete your User Account or request us to delete your Personal Data (for further details please refer to Section 3.2 of this Privacy Policy), we will delete your Personal Data within a maximum period of 180 days unless retention obligations apply. We will retain your Personal Data, for example, for the exercise or defense of legal claims, to comply with legal obligations or to perform requests of official authorities or for archiving purposes in the public interest.

7.4 Breach notification

We will inform you immediately if a data security incident occurs, which is likely to result in a high risk to your rights and freedoms. If due to certain data security incidents Article 33 of the GDPR requires notification of a data protection supervisory authority, we will inform the competent authority within 72 hours about the incident.

Return to top

8. Transfer of Personal Data outside the European Union

We will only transfer your Personal Data outside the European Union in compliance with applicable data and privacy protection laws and regulations. Such transfers may be made with your prior informed consent or where an adequate level of protection is ensured, or in other circumstances making the transfer necessary, such as in terms of the performance of a contract made in your interest, for important reasons of public interest or for the defense, exercise or establishment of legal claims.

Return to top

9. How are changes to this Privacy Policy made?

We may update this Privacy Policy from time to time, and if we do, we will post any changes on this page. If we believe that a revision is material, we may notify you. We further reserve the right to determine the most appropriate manner of providing notifications to you, and you agree to receive notices electronically if we so choose. You are advised to review this Privacy Policy periodically. Your continued access or use of Trepup once a revision becomes effective will mean that you accept the revised policy and agree to be bound by such policy. If you do not agree to the revised policy, please stop using our Products. If you have questions about this Privacy Policy, you can contact us online or by mail at:

Attn: Privacy Operations AG
Dorfstrasse 16
CH-6341 Baar, Switzerland

Last updated: 27 October 2019

Log In to Trepup Log In Sign Up