Wednesday, December 19, 2018 

Privacy Policy

Mameli @ AppStore

AmLand @ AppStore

NoVA @ AppStore

SVESt @ AppStore

eaGeier @ AppStore

Privacy Policy

This privacy policy describes which of your personal data and how it might be processed when you visit and use one of our websites.

Responsible

Dipl.-Ing. Dr. Martin Mandl
m2m server software gmbh
Hartmanngasse 16/36
1050 Wien
+43 699 19 22 66 32
office@m2m.at
www.m2m.at

Imprint

Types of Processed Data

  • inventory data, e.g. names, addresses, ...
  • contact information, e.g. e-mail, phone numbers, ...
  • content data, e.g. text input, photographs, videos, ...
  • usage data, e.g. visited websites and content, access times, ...
  • meta & communication data, e.g. device information, IP addresses, ...

Categories of Affected Persons

Visitors and users of our sites.

Purpose of Processing

  • to be able to provide our online services, their functions and contents
  • to answer contact requests and to communicate with users
  • as safety measures
  • to optimize our services, e.g. reach measurement
  • for marketing

Used terms

Personal data is any information which identifies or allows to identify a person - the data subject. e.g. a name, an ID, location data, a cookie or an IP-Address or any physical, physiological, genetic, mental, economic, cultural or social feature.

Processing is every handling of that data - manual or automatic.

Pseudonymisation means to process personal data that it no longer can identify a person.

Profiling evaluates personal data to gain special insights.

The responsible person decides on how to process personal data.

The processor processes personal data on behalf of the responsible person.

Relevant Legal Regulations

In accordance with Art. 13 GDPR, we inform you about the legal basis of our data processing. If the legal basis is not mentioned, the following applies: The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 GDPR, for contract fulfillment and the response to inquiries Art. 6 (1) lit. b GDPR, for legal obligations Art. 6 (1) lit. c GDPR, for legitimate interests Art. 6 (1) lit. f GDPR.

Safety Measures

In accordance with Art. 32 GDPR - under consideration of the state of art, implementation costs, nature, scope, circumstance and purpose as well as the likelihood and severity of the involved risk - we take appropriate technical measures to provide an appropriate level of protection.

This includes to ensure the confidentiality, integrity and availability by controlling the physical access, as well as strategies to ensure access, input, disclosure, backup, deletion, availability and separation. We consider privacy already during development of our software, selection of hardware according to ARt. 25 GDPR.

Collaboration with Processors and Third Parties

If we provide data to others or allow access to data to others, this is only on basis of legal obligations, to fulfill contractual obligations, for legitimate interests, of if you have explicitly expressed your prior consent.

We commission third parties as processors only on basis of contract processing contracts according to Art. 28 GDPR.

Processing in Third Countries

We process data outside the European Union or the European Economic Area or if this happens due to outsourced processors only under the special conditionsof Art. 44 seq. GDPR. That the processing is e.g. on the basis of specific guarantees, such as the officially recognized level of data protection (e.g. for the US through the Privacy Shield) or compliance with officially recognized special contractual obligations - standard contractual clauses.

Rights of Data Subjects

You have the right to ask for confirmation that data is being processed and for information about this data as well as for further information and a copy of the data according to Art. 15 GDPR.

You have the right to ask for completion and correction of your data according to Art. 16 GDPR.

You have the right to ask for deletion according to Art. 17 GDPR or for restricted processing according to Art. 18 GDPR.

You have the right to ask for your data or to provide it to third parties according to Art. 20 GDPR.

You have the right to file a complaint with the supervisory authorities according to Art. 77 GDPR.

Right of Withdrawal

You have the right to withdraw a granted consent according to Art. 7 (3) GDPR effecting future processing.

Right of Objection

You can object to future processing at any time according to Art. 21 GDPR. The objection may in particular be made against processing for direct marketing purposes.

Cookies

Cookies store information in the browser to survive various page visits. We use only session or transient cookies, which are deleted automatically after 30 minutes. Our cookies store only data for the login status and non personal data.

If users do not want cookies stored on their computer, they can disable the option in their browser settings. Saved cookies can also be deleted in the browser settings. The exclusion of cookies can lead to functional restrictions.

Deletion of Data

The processed data is deleted or limited according to Art. 17 and 18 GDPR. Unless explicitly stated, stored data is deleted as soon as no longer required. Data is processed only for the required purposes.

Due to Austrian legal regulations the storage is required for 7 years according to § 132 (1) BAO - accounting documents, invoices, accounts, vouchers, business papers, statement of income and expenses, etc. and for 10 years in case of documents relating to electronically supplied services provided to non-entrepreneurs in EU Member States and for which the Mini-One-Stop-Shop (MOSS) is used.

Business-Related Processing

We process

  • contract data, e.g. subject, term, customer category
  • Payment data, e.g. bank details, payment history

of our customers, prospects and business partners for the purpose of providing contractual services, customer care, marketing and market research.

Processor Services

As processor we process data of our clients as part of our contractual services which include software development, software and server maintenance, data analysis and consulting services. The actual processing depends on the client and is strictly on basis of contract processing contracts according to Art. 28 GDPR

External Payment Service Providers

We and/or our clients use external payment service providers for payment transactions - e.g. Paypal https://www.paypal.com/webapps/mpp/ua/privacy-full, Visa https://www.visa.de/datenschutz, Mastercard https://www.mastercard.de/de-de/datenschutz.html, American Express https://www.americanexpress.com/de/content/privacy-policy-statement.html, wirecard https://www.wirecard.at/datenschutz/, stripe https://stripe.com/at/privacy.

Amongst the data processed by the payment service providers are inventory data, e.g. the name and the address, bank data, such as Account numbers or credit card numbers, passwords, TANs and checksums as well as contract, summary and recipient-related information. The information is required to complete the transactions. However, the data entered will only be processed and stored by the payment service providers. We do not receive any account or credit card information, but only information with confirmation or negative disclosure of the payment. The data may be transmitted by the payment service providers to credit reporting agencies. This transmission aims at the identity and credit check. For this we refer to the terms and privacy policy of payment service providers.

For the payment transactions, the terms and conditions and the privacy notices of the respective payment service providers, which are available within the respective websites, or transaction applications apply. Also refer to these for further information and assertion of rights of withdrawal, information and other data subjects.

Participation in Affiliate Affiliate Programs

We use the following partners to cross finance some of our services and might/will share data with them:

Amazon Partner

Our sites may contain links to products or services from Amazon.com, Inc. – 2021 Seventh Ave Seattle, Washington 98121, USA.

Amazon participates in the EU-US Privacy Shield framework and guaranties to uphold the privacy regulations of the GDPR. For more information see https://www.amazon.com/gp/help/customer/display.html/ref=hp_left_v4_sib?ie=UTF8&nodeId=202135380.

Amazon uses cookies to identify the origin of an order. This way Amazon will know that you have clicked on a partner link from this site and if you have ordered that product.

More information about the privacy policy of Amazon is available at https://www.amazon.com/gp/help/customer/display.html?nodeId=468496

iTunes Affiliate

Our sites may contain links to products or services from iTunes / Apple Inc. 1 Infinite Loop, Cupertino, California 95014, USA.

Apple uses cookies to identify the origin of an order. This way Apple will know that you have clicked on a partner link from this site and if you have ordered that product.

More information about the privacy policy of Apple is available at https://www.apple.com/legal/privacy/en-ww/.

Google Adsense

Our sites may contain advertisements provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.

Google participates in the EU-US Privacy Shield framework and guaranties to uphold the privacy regulations of the GDPR. For more information see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

We use the service AdSense, which allows ads to appear on our sites and reward us for their display or when you follow the link. Usage data, e.g. the click and your IP address, is processed, whereby the IP address is shortened and pseudonymised.

We use AdSense with personalized ads. In doing so, Google draws conclusions about the interests based on the websites you have visited or used apps. Advertisers use this information to align their campaigns with these interests, which benefits users and advertisers alike. For Google, ads are personalized when collected or known data determines or influences ad selection. These include past searches, activities, site visits, apps, demographics, and location information. Specifically, this includes demographic targeting, interest category targeting, remarketing, and targeting to customer comparison lists and audience lists uploaded to DoubleClick Bid Manager or Campaign Manager.

More information about the privacy policy of Google is available at https://policies.google.com/technologies/ads.

Contact

When contacting us by mail, eMail, contact form, telefone or social media the information of the user is stored according to Art. 6 (1) lit. b GDPR.

The communication is deleted when no longer required. We check the necessity every year. Legal archiving obligations apply.

Newsletter

By subscribing to our newsletter, you agree to the receipt and the following procedures.

We send newsletters, emails and other electronic notifications with advertising information only with the consent of the recipient or a legal permission.

Registration for our newsletters uses double-opt-in. That After registration, you will receive an email asking to confirm your registration. This is logged to prove the registration process due to the legal requirements.

To subscribe to the newsletter, it is sufficient to provide your e-mail address. we ask for a name solely to address you personally in the newsletter

The dispatch of newsletters and the associated performance measurement are based on a consent according to Art. 6 (1) lit. a, Art. 7 GDPR and § 107 (2) TKG.

You may terminate the receipt of our newsletters at any time. A link to cancel the newsletter can be found at the end of each newsletter. We may save the submitted email addresses for up to three years based on our legitimate interests before we delete them to provide prior consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for cancellation is possible at any time, provided that at the same time the former existence of a consent is confirmed.

The newsletters contain a pixel-sized file that is retrieved from our server when opening the newsletter. This call collects technical information, such as information about the browser and your system, as well as your IP address and time of retrieval.

The evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Hosting and eMail

We, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to our sites on the basis of our legitimate interests according to Art. 6 (1) lit. f and Art. 28 GDPR.

Collection of Access Data and Log Files

We, or our hosting provider, collect on the basis of our legitimate interests according to Art. 6 (1) lit. f GDPR data on every access to our servers. The access data includes name of the retrieved service / web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user's operating system, the previously visited page, the IP address and the requesting provider.

Logfile information is stored for security purposes to investigate abusive or fraudulent activities for a maximum of 30 days and then deleted. Data whose further retention is required for evidential purposes shall be exempted from the cancellation until final clarification of the incident.

Google Analytics

Based on our legitimate interests according to Art. 6 (1) lit. f GDPR - e.g. analysis, optimization and economic operation - we use Google Analytics provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.

Google participates in the EU-US Privacy Shield framework and guaranties to uphold the privacy regulations of the GDPR. For more information see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

Google uses this information on our behalf to evaluate the use of our sites, to compile reports on the activities. In this case, pseudonymous usage profiles of the users are created from the processed data.

We only use Google Analytics with activated IP anonymization. This means that the IP address of the users will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.

The IP address submitted by the user's browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly. Users may also prevent the collection of data and the processing of such data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

More information about the privacy policy of Google is available at https://policies.google.com/technologies/ads.

Google Fonts

Some of our sites use fonts provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.

Google participates in the EU-US Privacy Shield framework and guaranties to uphold the privacy regulations of the GDPR. For more information see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

The usage of Google Fonts does not use any authentication and will not provide Cookies to Google. Should you have an account with Google, your account ID might be transmitted to Google. Google logs the usage of the accessed files. Moue information is available at https://developers.google.com/fonts/faq.

More information about the privacy policy of Google is available at https://policies.google.com/technologies/ads.