What information is processed and how it is used
1. Automatic data collection via website access
When you access our website, certain data are automatically sent by your browser to us. Some of this data are stored solely for technical reasons and are not connected to the user or related to an individual. This data includes:
- Full IP Address
- Date and time of access
- Operating system name
- Browser and version
- URL that has been requested
- URL of the previously visited website
Such data are used for security reasons, error analysis and access logging. We delete this data listed above periodically.
2. Organization and account information
When an organization decides to use our service, the organization is asked to provide the following information:
- Name and type of the organization
- Full address
- URL of the organization’s website
- Email and phone number as contact information
- Payment information
- Name, email and password of the organizational account using our service
We will use your data only to fulfill our responsibilities out of the contract providing our service. The data storage and processing is therefore carried out in accordance with Article 6 (1) (b) GDPR.
We may use session cookies and persistent cookies, as described in more detail below, which is essential to provide basic website functionality. Cookies help to recognize you when visiting our website again without re-entering your credentials. You can avoid the persistent cookies by not checking the ‘Remember Me’ checkbox during the login.
All data that is sent to us while using our service through an organizational account are stored under the same account.
5. Social Media-Access-Tokens
To use all features of our service an organization has to connect our service to its organizational social media accounts. While doing so, the organization agrees to allowing us to store the so called social media tokens, provided by the official social media API’s (Application Programming Interfaces) once our service has been successfully connected. Our service uses such tokens to post content on the respective social media that has been stored on behalf of the organization. Through your organizational account you can disconnect our service and thereby invalidate such social media tokens at any time.
How Information is stored
We use state-of-the-art SQL database servers to store our data. All data are stored only in a dedicated datacenter (Interxion AUSTRIA) on our own servers operated by us. Sensitive data, like passwords or payment information, are stored only in encrypted form.
Technologies - Cookies
HTTP (Hypertext Transfer Protocol) cookies are small pieces of information that are stored by your browser on your computer’s hard drive so that the website can remember who you are whilst using our service.
We use session cookies to store certain information, like browser navigation, during your visit that helps us to improve your user experience while using our website. These session cookies are usually deleted by your browser once the session is closed.
Apart from session cookies, we use persistent cookies to store information from one session to the next. Such information includes your login information in order to recognize you again. Those persistent cookies have a limited duration of validity. After their expiration or whenever you delete those cookies you have to re-enter your login information.
We do not use third-party cookies on our website, such as the ones that are used for marketing or advertisement purposes.
Your browser may provide you the possibility to reject cookies. If you configure your browser settings so that cookies are not accepted you may encounter some difficulties and you may no longer be able to take full advantage of our service on our website.
Your rights - Data Access and Control
The General Data Protection Regulation grants you the following rights. If you decide to exercise one or more of these rights, please contact us by e-mail at: email@example.com and refer to the rights.
The Right to Information and Access
– we will gladly confirm whether we process personal data of you, what data it is and for what purpose it is processed.
The Right to Rectification
– in case that the data about you is inaccurate or out-of-date, please inform us, we will correct it accordingly.
The Right to Deletion (right to be forgotten)
– if you wish your personal data to be deleted, we will check your request and comply as far as legally possible. In any case you will be informed in detail about the result of your request.
The Right to Restriction of Processing
– if you wish to limit the use of your data, we will comply with your request as far as legally possible. In any case you will be informed in detail about the result of your request.
The Right to Object
– you have the right to object to the processing of your personal data. When you exercise this right, we will have to discontinue processing your personal data, unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
The Right to Avoid Automated Decision-Making
– you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly effects. There is no automated processing that yields to such decisions in our service.
Data security statement
We implement appropriate security measures related to data security that helps protecting your data against unauthorized access, unauthorized modification as well as deletion or disclosure such as:
- We protect your connection and data transfer to our website by state-of-the-art encrypted protocol (HTTPS)
- Your personal account password as well as payment information is immediately encrypted by an advanced encryption algorithm and stored only as such in our database system
- All data are stored in a dedicated data center (Interxion AUSTRIA) on our own servers operated only by us
- Physical access to our servers and therefore databases is strictly restricted by biometric access control
- We control our data security techniques and procedures on a regular basis and improve them in line with technical developments.
ASCG Synoptic-Systems GmbH
Last updated: initial version