Datenschutz

1. Introduction

1.1.  This privacy policy ("Privacy Policy") sets out the rules regarding the collection, transmission, storage and processing of any information that directly, indirectly, or in connection with other information allows for the identification or identifiability of a natural person ("Personal Data" or "Data") by the seedback website at www.seedback.at, any successor website, and the services available on that website or any successor website ("Services").
1.2.  References in this Policy to "you" are to any customer for the Services and any individual user of the Services (and "your" should be construed accordingly); and references in this Policy to "us" are to Sekoerber GmbH, Austria, 1070 Wien, Lerchenfelder Straße 81/25, Companies Register Number: 437958g (and "we" and "our" should be construed accordingly).

2. Basic Principles

We collect, transmit, store, process and use your Personal Data exclusively:

(a)  to enable you to use the Services;

(b)  in compliance with the data protection laws of Austria and the data protection regulations of the European Union; and

(c)  in accordance with this Privacy Policy and within the scope of the statutory authorization.

 
3. Categories of Data Subjects

We collect, transmit, store, process and use Personal Data of the following categories of natural person to whom such Data refers ("Data Subjects"):

(a)  Customer: the person who/which bought an account at the seedback platform with the right to access and use the Services, made available by us to the Data Subjects as a service via the internet.

(b)  Admins, the persons who manage an account.

(c)  Session Leaders, the persons who start and define feedback sessions and invite

Attendees and are invited by the Admins.

(d)  Attendees, the persons who actively use the seedback tool and who are invited by the Session Leaders.

 

4. Data Collection and Processing

4.1. In the course of registration, the provision of the Services or account management, we collect

the following Personal Data for each group of Data Subject:

(a) Customer

  • Firm name/Name of natural person

  • E-Mail address and phone number of main contact person (particularly the Master

    Administrator)

  • Company register no.

  • Company seat

(b) Admin

  • Name

  • E-Mail address and phone number

  • Function

  • Assignment of Session Leader accounts

(c) Session Leader

  • Name

  • E-Mail address and phone number

  • Function

  • Number and frequency of initiated feedback sessions

  • Will have access to Data of Attendees

(d) Attendees

  • Name

  • E-Mail address

  • Information if a feedback session was completed or not

  • Until report is generated, answers of such User. Upon generation of the report no individual answers are stored.

  • If Attendee is subject of a session the minimum number, the maximum number and the average number of the evaluation will be stored and accessible for the Session Leader who invited the Attendee.

4.2. The Data transmitted by you to us with your consent will be used and stored exclusively for the following purposes:

(a) To provide the Services;
(b) To enhance and improve the Services, for example by analysing usage;

(c) To process payments under or in connection with the agreement between us and the Customer;

(d) To respond to requests and inquiries by the Customer, the Master Administrator, the Administrator or the Users, if any;

(e) To comply with applicable law(s) (for example, to comply with a search warrant, subpoena or court order) or to carry out professional ethics/conduct investigations;

(f) From time to time we may provide statistics about the usage levels of the Services and other related information to reputable third parties, but these statistics will not include information which will allow any of the persons concerned to be identified.

4.3.  By registering, you agree that we may use your Data for these purposes.

4.4.  The consent is voluntary and can be revoked at any time for the future. The revocation of consent to data processing leads to the deletion of the user account and excludes the further use of the Services.

4.5.  Furthermore, we reserve the right to use your Data if it is necessary to prevent an abusive use of the Services, in particular use in violation of the Acceptable Use Policy or the terms and conditions agreed between us and the Customer.

4.6.  The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated.

5. Data Transfer

5.1. We will not sell or rent Personal Data to third parties.

5.2.  We will not transfer Personal Data to third parties for other purposes than as set forth below.

5.3.  In connection with the data processing processes, to the extent permitted by law, Personal Data may be made available to service providers consulted by us for a specific purpose, e.g. to provide technical services for the www.seedback.at website. In such cases, we will ensure that the confidentiality interest in Personal Data worthy of protection is maintained to the same extent as in the data processing carried out by us. The updated list of these parties may be requested from us at any time.

5.4.  Currently, the Personal Data will be disclosed to Hetzner Online GmbH as hosting provider for the secure storage and transmission of Personal Data. Hetzner Online GmbH is subject to a set of terms consistent with the data protection laws of Austria and the European Union and the privacy rules set forth herein.

5.5.  We are further entitled or obliged to pass on Personal Data to the competent courts or authorities to the extent necessary for asserting legal claims or defending our legal position, but also the legal claims and legal positions of third parties in the event of suspected infringements, such as copyright infringements. We will also transfer Personal Data to official bodies, in particular law enforcement and supervisory authorities, if there is a corresponding legal, judicial or official obligation to do so.

5.6.  We take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.

6. The Rights of Data Subjects

6.1. Data Subjects may exercise certain rights regarding their Data processed by us. In particular,

Data Subjects have the right to do the following:

(a)  Withdraw their consent at any time. Data Subjects have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.

(b)  Object to processing of their Data. Data Subjects have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent or in order to comply with applicable laws.

(c)  Access their Data. Data Subjects have the right to learn if Data is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.

(d)  Verify and seek rectification. Data Subjects have the right to verify the accuracy of their Data and ask for it to be updated or corrected.

(e)  Restrict the processing of their Data. Data Subjects have the right, under certain circumstances, to restrict the processing of their Data. In this case, we will not process their Data for any purpose other than storing it.

(f)  Have their Data deleted or otherwise removed. Data Subjects have the right, under certain circumstances, to obtain the erasure of their Data from us.

(g)  Receive their Data and have it transferred to another controller. Data Subjects have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the Data Subject's consent, on a contract which the Data Subjects is part of or on pre-contractual obligations thereof.

(h)  Lodge a complaint. Data Subjects have the right to bring a claim before their competent data protection authority.

7. How to Exercise these Rights

Any requests to exercise user rights can be directed to us:
via mail to Sekoerber GmbH, Austria, 1070 Wien, Lerchenfelder Straße 81/25, or.

by E-mail to office@seedback.at.

 

8. Retention time

8.1. Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

8.2. Therefore:

Execution Version 19 April 2021

(a)  Personal Data collected for purposes related to the performance of a contract between us and a Data Subject shall be retained until such contract has been fully performed.

(b)  Personal Data collected for the purposes of our legitimate interests shall be retained as long as needed to fulfill such purposes. Data Subjects may find specific information regarding the legitimate interests pursued by us within the relevant sections of this Privacy Policy or by contacting us.

8.3.  We may be allowed to retain Personal Data for a longer period whenever the Data Subject has given consent to such processing, as long as such consent is not withdrawn. Furthermore, we may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

8.4.  Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period