Data Protection Regulation
Preface
As a service provider in the field of electronics and medical device technology, SteadySense GmbH (hereafter also abbreviated to ‘SteadySense’) takes the protection of your personal data very seriously. We collect and process personal data only to the extent described here and in accordance with the regulations of the GDPR. The following notice describes how we provide this protection, what data is collected for what purpose and how it is processed.
Responsible person and contact details
If you have any questions regarding the processing of your personal data, please contact us:
SteadySense GmbH
Kärntner Strasse 518
8054 Seiersberg-Pirka
Austria
Tel: +43316 232004
gdpr@steadysense.at
www.steadysense.at
Personal Data
SteadySense processes personal data that is collected or transmitted by business partners in the context of a business relationship. The following categories of personal data are - depending on the service - the subject-matter of the processing:
- Inventory data (for example, names, addresses).
- Contact details (e.g. e-mail, telephone numbers).
- Content data (e.g. text input, photographs, videos).
- Usage data (e.g. websites visited, interest in content, access times).
- Meta/communication data (e.g. device information, IP addresses).
- Health details (e.g. Temperature data)
Purpose and Legality
SteadySense processes personal data to provide services related to medical device technology. The following legal principles can be taken into consideration:
Fulfilment of contractual obligations and pre-contractual measures pursuant to Article 6 paragraph 1 (b) of the GDPR
In order to provide our contractual or pre-contractual services to our business partners, the processing of personal data is necessary. If you do not wish to provide us with this data, it may be impossible to conclude the contract or execute the order or pre-contractual services. An existing contract can no longer be executed under these circumstances and may have to be terminated. Please refer to the individual contracts for the scope and specific purpose of data processing. If you have registered as a test person, this is only so you can be contacted for future tests. Your data will be deleted after 24 months.
Protection of legitimate interests pursuant to Article 6, paragraph 1 (f) DSGVO
There is a legitimate interest in data processing by us or by third parties in the following cases:
- Newsletter distribution
- Processing an order
Consent according to Article 6, para 1 (a) GDPR
If the processing of personal data goes beyond contractual or legal obligations and a legitimate interest, SteadySense will seek the consent of business partners, for example for the distribution of our newsletter. In the event of consent, the data will be processed exclusively for the stated purpose. Consent given can be revoked at any time. The revocation can be given both in writing and orally: gdpr@steadysense.at.
Recipients
The recipients of the personal data are employees of SteadySense, who process them according to the purpose of use and the legal framework. Depending on the purpose of the processing, SteadySense will pass on data to contract processors (especially newsletter service providers, online payment processing service provider and logistics partners), if we need to do so in order to fulfil the relevant task. SteadySense is committed to compliance with data protection regulations when selecting its contract processors and has entered into agreements with the contract processors to ensure that personal data is processed confidentially and carefully. The collected data will not be sold or passed on to uninvolved third parties. Depending on the contract, the data may have to be forwarded to third parties.
Storage Time
We will only keep your data for as long as is necessary for the fulfilment of the contractual, pre-contractual or legal obligations and is permissible under the applicable law. Personal data, which you provide when contacting us, will be stored after responding to your question until further notice. Among other things, SteadySense is subject to the following legal storage obligations:
- Business Code (UGB Austria)
- Federal Fiscal Code (BAO Austria)
- General Civil Code (ABGB Austria)
Affected Rights
You have a right to information about processed personal data, its amendment, deletion and restrictions on processing by SteadySense, unless legal or contractual provisions conflict with these rights. In addition, you have the right of appeal to the supervisory authority:
Austrian Data Protection Authority
Wickenburggasse 8-10
1080 Vienna
Austria
dsb@dsb.gv.at
Website - Personal data
In the course of your visit to our website, we will potentially process the following personal data:
- Date and time the website was accessed
- Your IP address
- Name and version of your Web browser
- The website (URL) that you visited before you visited our website
- Certain cookies (see next point)
Online-Shop/In-App-Shop - Personal data
To enable us to process and complete your order in our Online-Shop/In-App-Shop, we require your complete and correct name, address, and payment details as well as your e-mail address. We need your e-mail address in order to confirm the receipt of your order.
Use of cookies
Our website uses so-called cookies. These are small text files that are stored on your mobile device by the browser. They’re not doing any damage. We use cookies to make our website user-friendly. Some cookies remain stored on your device until you delete them. They enable us to recognize your browser the next time you visit us. If you do not wish this, you can set your browser so that it informs you about the setting of cookies and you only allow this in individual cases. When cookies are deactivated, the functionality of our website may be limited.
Google Analytics
Our website uses features of the web analysis service Google Analytics from the ’ Google ’ company:
Google Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043
United States
Google Analytics collects the number of users and the usage behaviour on our website. Cookies are used for this, they enable the analysis of the use of the website by our users. The information generated in this way is transferred to the provider’s servers in the USA and stored there. We have entered into a corresponding contract with the provider for the purposes of assignment-related data processing. If you do not want your usage behaviour to be recorded on our website, you can prevent this by setting your browser so that no cookies are stored. You can prevent the installation and storage of cookies by setting your browser software accordingly and by downloading and installing the browser plugin which is available free of charge.
We also use the Google Firebase Service to analyze any app crashes.
Mailchimp
Newsletter distribution is managed by ‘Mailchimp’
The Rocket Science Group
LLC, 512 Means Street Suite 404
Atlanta, GA 30318
United States
‘The Rocket Science Group’ guarantees, by certification in accordance with the ‘EU- US Privacy Shield’, available at privacy-shield, that the data protection regulations of the EU are also observed when processing data in the USA. Further data protection information from ‘The Rocket Science Group’ can be found at: Mailchimp
When you register for our newsletter, your registration data, namely your e-mail address and IP address, are processed and stored by ‘The Rocket Science Group’. In addition, ‘The Rocket Science Group’ uses so-called ‘Web Beacons’ to evaluate whether and when you have read our newsletter and whether you have followed any further links.
As part of our social media marketing and advertising campaign SteadySense will use and create Facebook Events. These include:
App installation
App launch
Registration
Method of use
Patch ordered
The SteadyTemp app and website use tracking tools to track the performance of our services, this is necessary to better understand how you use our products, and to see what improvements we need to make to offer a better service.
Legal basis and purpose of data processing
We process the personal data collected on this website on the legal basis of our legitimate interest pursuant to Article 6, paragraph 1 (f) of the, GDPR, which is to achieve the following objectives: To provide, develop and improve this website, compile usage statistics, detect, prevent and investigate attacks on this website.
Storage Period
We store your personal data for a period of 24 months. A longer storage would only be necessary, in order to investigate attacks on our website.
Confidentiality
All SteadySense employees are required to maintain secrecy about any information disclosed by you in the context of their employment or business.
Data Security
Data security is very important to us. SteadySense has taken all necessary technical and organizational measures to ensure the security of data processing and to protect personal data from access by unauthorized third parties. SteadySense’s IT infrastructure complies with current security requirements and is checked regularly.
The SteadyTemp system uses a variety of cryptographic methods for security purposes and to protect the transmission of confidential content, such as temperature data.
The HTTP connection between the app and the backend server is encrypted using the TLS method. The server is located in Europe and is hosted by SteadySense.
SteadySense does not store any payment-related data and archives health data and body measurement data only anonymously.