Privacy Policy

Who we are and what this Privacy Policy covers

This Privacy Policy explains how personal data is processed in connection with:

  • our websites and online publications, including www.ttn.ch and www.keybot.com;
  • our related services and platforms, including the TTN Translation Management System (TTN TMS) and Keybot (together: the “Services”).

This Privacy Policy does not apply to websites or services of other providers that may be linked from our websites. Those providers are responsible for their own data processing and privacy notices.

Controller and contact

Unless otherwise stated in a contract or service-specific notice, the controller for the processing described in this Privacy Policy is:

Extran Ltd. • TTN Translation Network
18, bd des Philosophes
1205 Geneva
Switzerland

Data Protection Office (contact for privacy requests):
E-mail: ttn@ttn.ch

Keybot is operated within the TTN/Extran group. Depending on the specific service and contractual setup, Extran Lt. and/or Keybot LLC may be involved in processing. For any privacy request, you can contact us via ttn@ttn.ch and we will route your request appropriately.

Definitions

Personal data means any information relating to an identified or identifiable natural person. Processing means any operation performed on personal data, such as collection, storage, use, disclosure, archiving, or deletion.

We process personal data in accordance with applicable data protection laws, including the Swiss Federal Act on Data Protection (FADP/DSG) and, where applicable, the EU General Data Protection Regulation (GDPR).

Who we process data about

We may process personal data relating to:

  • visitors to our websites and online publications;
  • customers and their authorised users (e.g., employees who use TTN TMS);
  • translators, proofreaders and other linguistic resources (in-house or external);
  • prospects and business contacts; and
  • persons whose data may be contained in content submitted for translation (e.g., names or contact details inside documents).

Categories of personal data we process

Depending on how you use our Services, we may process the following categories:

  • Website and device data
    IP address, date and time of access, accessed pages, referrer URL, browser type and version, device type, operating system, language settings, and similar technical information (server log data).
  • Cookie and tracking data
    Cookie identifiers, consent choices, preference settings, and analytics/marketing signals where enabled.
  • Communication data
    Information you provide via contact forms, chat, e-mail, phone, or other channels, including the content of messages and associated metadata.
  • Account and authentication data (TTN TMS / Keybot)
    Name, business contact details, organisation and role, user ID, access rights, authentication information (e.g., password hashes, multi-factor authentication configuration), and user settings.
  • Translation and terminology content
    Files and content uploaded for translation, revision, proofreading, localisation or related processing; translation outputs; translation memories (TMs), termbases (TBs), glossaries and other linguistic resources. These resources can contain personal data if the underlying content contains personal data.
  • Vendor and resource data (translators / proofreaders)
    Profile information (e.g., name, contact details, language pairs, qualifications, specialisations), availability, performance indicators and quality metrics, and contractual or compliance information (e.g., NDA status). Where configured, certain profile information may be made accessible to customer users for transparency and quality assurance.
  • Billing and contractual data
    Invoices, billing references, contractual records, and related documentation.
  • Security and compliance data
    Access logs, audit trails, user activity logs, and other event data used to secure the Services and demonstrate compliance.

We process personal data for the following purposes and based on the following legal grounds (depending on the case and applicable law):

  • Providing and operating our Services (websites, TTN TMS, Keybot)
    This includes account creation, authentication, order handling, translation workflows, delivery, and support. Legal basis: performance of a contract, pre-contractual steps, and/or legitimate interests (secure and efficient service operation).
  • Communication and customer support
    Responding to enquiries, handling requests, providing operational notifications, and documenting service interactions. Legal basis: performance of a contract, pre-contractual steps, and/or legitimate interests.
  • Quality management and continuous improvement
    Improving the Services, workflow optimisation, training, troubleshooting, and quality assurance. We operate a certified Quality Management System (ISO 9001) and certified translation service processes (ISO 17100), which may require documented processes, review, and traceability. Legal basis: performance of a contract and/or legitimate interests.
  • Information security and access control
    Protecting systems and data, preventing misuse, ensuring confidentiality, integrity and availability, and investigating incidents. We operate an Information Security Management System certified to ISO/IEC 27001. Legal basis: legitimate interests and/or legal obligations.
  • Marketing and relationship management
    Informing business contacts about news, services and events, where permitted. You can opt out at any time. Legal basis: consent where required and/or legitimate interests (particularly for B2B communication), subject to applicable law.
  • Analytics, performance measurement and optimisation
    Understanding usage and improving user experience via analytics tools (e.g., Google Analytics) and UX tools (e.g., Hotjar), subject to cookie settings and consent where required. Legal basis: consent (where required) and/or legitimate interests.
  • Compliance, legal claims and statutory obligations
    Complying with legal obligations, enforcing contracts, and defending or asserting legal claims. Legal basis: legal obligations and/or legitimate interests.

TTN TMS and Keybot: processing of customer translation content

When customers use TTN TMS and Keybot, personal data may be processed as part of translation content (e.g., names, contact details, HR data, medical content, legal case files). The roles under data protection law depend on the context:

  • Processing on behalf of customers (processor role)
    For most translation projects, we process content and related personal data on behalf of our customer under a contract. In this scenario, the customer is typically the controller and remains responsible for determining the purposes and legal basis for processing the content. We process the data in line with the customer’s instructions and contractual requirements, including confidentiality obligations.
  • Our own purposes (controller role)
    We act as controller for processing related to operating our websites, managing business relationships, vendor management, compliance, information security, and similar internal purposes.

Access to translation content is restricted to authorised persons who need access for the service delivery (e.g., assigned translators/proofreaders and project staff) and is controlled via role-based permissions and access controls.

Keybot “Web-to-TM” and web content processing

Keybot may be used to create translation memories and bilingual corpora by aligning multilingual content from websites and repositories, for example to reuse previously published translations and ensure consistency.

Depending on the project, this may include processing:

  • customer-provided websites or repositories that customers authorise us to process; and/or
  • publicly accessible web content, where lawful and appropriate.

If such content contains personal data, it will be processed only for the purpose of creating and maintaining translation resources and enabling consistent translations. Customers remain responsible for ensuring that they have the necessary rights and permissions for any non-public content they request us to process.

Use of AI and machine translation (MT) providers

TTN TMS may use automation, AI-assisted functions and machine translation to support project setup, terminology management, quality checks, and translation suggestions. Depending on customer configuration, project type, and security requirements, these features may operate:

  • within TTN’s controlled infrastructure (e.g., on-premises or secure online workflows); and/or
  • via selected third-party providers (e.g., MT providers or AI services) to which limited text segments or terminology data may be transmitted for processing.

Where third-party AI/MT services are used, we apply appropriate contractual safeguards and technical measures, and we support configuration options designed to meet confidentiality and data-residency requirements (including options that avoid external cloud processing in high-security scenarios). Where available and configured, anonymisation/pseudonymisation may be applied so that external services process only anonymised text.

We do not use fully automated decision-making that produces legal effects concerning individuals. Human oversight remains part of our service delivery and quality assurance.

Website cookies, analytics and third-party services

  • Cookies and consent management
    We use cookies and similar technologies. You can manage cookie settings and withdraw consent via our cookie preference/consent mechanism and via your browser settings. Some functions may not work without certain cookies.
  • Server logs
    We process log data to operate and secure our websites and to prevent abuse. We may review logs retrospectively if there are indications of unlawful or improper use.
  • Embedded third-party content
    Our websites may embed third-party content (e.g., maps, fonts, videos). When such content loads, the third party may receive your IP address and related technical data. Where required, such services are activated only after your consent.
  • Google services
    We may use Google Analytics and Google Tag Manager to understand website use and improve our offer. We may also use Google Ads (including conversion tracking) and remarketing services. These services may set cookies and process data that may be transferred to Google entities, potentially including transfers outside Switzerland/EEA, depending on configuration and your consent settings.
  • Hotjar
    We may use Hotjar to better understand user interactions (e.g., clicks, scrolling behaviour) and improve usability. Hotjar may process device and usage data and generate anonymised or pseudonymised usage profiles, depending on configuration.
  • Social media plugins
    Our websites may include social media integrations. When activated, the providers may receive technical data (including IP address) and may link it with your social media account if you are logged in.

Data sharing and recipients

We may share personal data with:

  • IT and hosting providers and other processors supporting the operation of our Services;
  • analytics, marketing and communication service providers where enabled;
  • providers integrated into TTN TMS where required for the service (e.g., CAT/TM/terminology platforms and selected AI/MT providers), subject to configuration;
  • authorised customer users (e.g., where translator profile access is enabled as part of TTN TMS transparency and quality control); and
  • public authorities or courts where required by law or necessary to protect our rights.

We share only the data necessary for the relevant purpose and apply appropriate contractual and technical safeguards.

International data transfers

Some service providers may process data outside Switzerland and/or the EEA (e.g., in the United States). Where required, we implement appropriate safeguards such as standard contractual clauses, additional security measures, and transfer impact assessments. Where appropriate, customers may choose configurations designed to keep content within Switzerland or a specified region.

Information security and certifications

We take technical and organisational measures to protect personal data and customer content, including: encryption in transit (e.g., TLS), access controls, role-based permissions, multi-factor authentication options, monitoring and logging, audit trails, and backup/replication strategies. TTN TMS is designed for high availability, system mirroring and failover, and strong protection against unauthorised access and data leakage in secure workflows.

We maintain certified management systems and processes, including ISO/IEC 27001 (Information Security), ISO 9001 (Quality Management), and ISO 17100 (Translation Services).

Data retention

We retain personal data only as long as necessary for the purposes described above, or as required by law or contract. Retention periods depend on the type of data and the service context, for example:

  • website log data: retained for operational and security purposes for a limited period;
  • TTN TMS project records and archives: retained according to contractual requirements and customer settings;
  • translation memories and termbases: retained to provide consistency and re-use for future projects, typically customer-specific, unless deletion is requested and contractually feasible;
  • billing and accounting records: retained for statutory periods.

When data is no longer required, it is deleted or anonymised as part of regular data management.

Your rights

Subject to applicable law and certain limitations, you may have the right to: access, rectification, deletion, restriction, data portability, objection, and withdrawal of consent (where processing is based on consent). To exercise your rights, contact us at ttn@ttn.ch.

If you believe we are processing your personal data unlawfully, you may also lodge a complaint with the competent supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC).

Updates to this Privacy Policy

We may update this Privacy Policy from time to time. The version published on our websites is the currently applicable version.