Privacy policy

Last status: 24.09.2022

1. Introduction

The protection of your personal data is of particular concern to us. Consequently, we treat your personal data in accordance with the applicable legal provisions on the protection, lawful handling and confidentiality of personal data, in particular in accordance with the Data Protection Act (hereinafter "DPA") and the General Data Protection Regulation (hereinafter "GDPR"). From the following information you can see how we process your personal data when you use our website ( www.sproof.io ) (hereinafter "website").
This privacy policy applies to the website www.sproof.io . The web application sign.sproof.io is technically separate and there is no automated data exchange between the pages.

2. Name and contact details of the responsible person

The sproof GmbH (hereinafter "sproof") is responsible for the data processing.

sproof GmbH
Schlossallee 7/1
A-5412 Puch near Hallein
privacy@sproof.io

3. Data processing

In the provision of our services, in particular our website and the offers made available on our website, we process personal data of users of our website as well as of users who use our online offer. The specific data processing operations are shown below:

3.1 Data processing website use

The following personal data is automatically processed when you visit our website:

• Log data;
• IP address;
• Type and version of your web browser;
• Data about your terminal device (device ID);
• Date and time of your visit to our website or sub-pages;
• Website from which you reach our website (referrer URL).
  The purpose of the processing is to provide you with the offers on our website, to ensure security for the IT infrastructure used, to carry out marketing and analyses for advertising purposes and to enable informational use of our website.
  The log data is generally stored for 30 days. In the event of a security-relevant event, the data is stored until the event is resolved.
  The legal basis for the processing of your personal data is our legitimate interest pursuant to Article 6 para 1 lit f DSGVO. Our legitimate interest is to design our website in a user-friendly manner and to continuously improve it, to provide you with the content you have accessed, to ensure the security of our IT infrastructure (in particular for the purpose of defending against attacks, detecting, eliminating and documenting malfunctions) and to manage the cookie consents granted.
  The provision of your data is not mandatory; however, without the provision it is not possible for us to provide you with the accessed content.
  You can find more details on cookies under point 3.6.

3.2 Data processing Contact request

It is possible to contact us directly by e-mail. In this form of contact, we only process the data that you provide to us in the e-mail. If you contact us via our contact form, you can enter your name and e-mail address as well as other personal data (depending on your entries). The data will be shared with our IT service provider (Atlassian. Pty Ltd, Level 6, 341 George Street, Sydney NSW 2000, Australia), which is based in a third country.
The data processing with Atlassian is based on so-called Standard Contractual Clauses (SCC) pursuant to Art 46 (2) and (3) DSGVO, which are based on an implementing decision of the EU Commission. More information on the SCC used by Atlassian can be found at: https://community.atlassian.com/t5/Trust-Security-articles/New-Atlassian-Standard-Contractual-Clauses-SCC/ba-p/1846231 .
The purpose of the processing is to enable you to contact us directly via our website or by email. We process the data you provide only for further communication with you. The personal data will not be processed in any other way.
The legal basis for the processing of your personal data is our legitimate interest pursuant to Article 6 para 1 lit f DSGVO as well as the processing for the performance of a contract or for the implementation of pre-contractual measures pursuant to Article 6 para 1 lit b DSGVO. Our legitimate interest is to make our website user-friendly, to enable you to contact us easily and transparently, and to ensure that we respond to your requests.

3.3 Data processing applicant management.

The following personal data is processed by us when you apply for a job with us:

• Name data;
• Address data;
• contact data;
• other applicant data.
  We do not pass on your data to third parties.
  The data processing serves the purpose of handling the application procedure and the registration with the competent authorities, if a recruitment takes place.
  In principle, personal data is processed by us for a period of 6 months after completion of the application process. Processing beyond this period will only be carried out if you consent to the keeping of records. The legal basis for the processing of your personal data is the fulfillment of pre-contractual measures pursuant to Article 6 para 1 lit b DSGVO and the fulfillment of legal obligations pursuant to Article 6 para 1 lit c DSGVO. In the case of record keeping, the processing is based on your express consent pursuant to Article 6 (1) (a) DSGVO.
  You can revoke your consent to record keeping at any time by sending an e-mail to privacy@sproof.io . The personal data provided to us by you will be processed by us until you revoke your consent. After revocation, this data will be irrevocably deleted by us. However, we would like to point out that all processing carried out until the revocation remains lawful.
  The provision of your data is necessary to process the application.

3.4. Data processing newsletter

The following personal data is processed by us for the purpose of sending newsletters electronically on a regular basis:

• Name data;
• E-mail address.
  The data will be passed on to our IT service provider (order processor), which is based in EU.
  The legal basis for the processing of your personal data is your express consent pursuant to Article 6 para 1 lit a DSGVO. We use a double opt-in procedure for our newsletter registration. You enter your name and email address on our website and receive a confirmation email to reconfirm the registration. This is to prevent an unauthorized third party from misusing your email address.
  You can cancel your newsletter subscription at any time by sending an email to privacy@sproof.io . Unsubscribing from the newsletter is also possible in each newsletter by clicking on the link contained. The personal data you provide us with will be processed by us until you revoke your consent. After revocation, this data will be irrevocably deleted by us. However, we would like to point out that all processing carried out until revocation remains lawful.
  The provision of your data is not mandatory; however, without the provision it is not possible for us to send you a newsletter.

3.5. Data processing social media plugins

We have neither integrated social media plugins nor social media buttons on our website.

3.6. Data processing cookies

We use cookies on our website to provide our services. Cookies are small text files containing information that are stored on your terminal device when you visit our website.
For better use, it is advantageous to store cookies temporarily, which is why you will be asked for your consent when you first visit the website. However, you are not obliged to give this consent and you can also use the website without consent - albeit in a restricted manner under certain circumstances. Cookies that do not require your consent (so-called unconditional cookies), the purpose of which is to enable the transmission of a message via an electronic communications network, as well as cookies that are absolutely necessary to provide our services, are also processed by us without your consent.
A basic distinction must be made between the following types of cookies:

Consent-free and consent-requiring cookies.
Consent-free cookies are those cookies that we need to provide the applications and functions at all (so-called operationally necessary cookies). These cookies are generally only stored until you close your browser. All other cookies are cookies that require consent.

First- and Third-Party-Cookies
First-party cookies are cookies that are set and accessed by us or our contracted processors. Third-party cookies are cookies that are set and retrieved by other controllers. Consequently, a distinction must be made here as to where a cookie originates.

Session and persistent cookies
Session cookies are cookies that are automatically deleted when you close the browser and persistent cookies are those cookies that remain stored on your computer/end device for a certain period of time after you close the browser.
We only use cookies that require consent if you have previously consented to their processing at our cookie notice (cookie banner). The cookie banner is displayed when you call up our website, where you can select the cookies you want and consent to their processing.
The following cookies are used on our website:

ph_opt_in_out_phc*
sproof GmbH
This cookie stores your consent for ph_phc*.
It expires after one week.
Optional

ph_phc_*
sproof Ltd.
This cookie records performance data and visitor behavior on the website.
It expires after one year.
Optional

You can revoke the consent given to us for the use of cookies at any time without giving reasons here. However, we would like to point out that all processing/transfers carried out until the revocation remain lawful.

4. Automated decision making / profiling.

No automated decision-making, including profiling, takes place.

5. Your rights as a data subject

We would also like to inform you of the following rights that you have as a data subject:

• Right of access by the controller to the personal data concerning you pursuant to Article 15 DSGVO.
• Right to rectification pursuant to Article 16 DSGVO
• Right to erasure pursuant to Article 17 DSGVO
• Right to restriction of processing pursuant to Article 18 DSGVO
• Right to data portability pursuant to Article 20 GDPR
• Right to object to processing pursuant to Article 21 GDPR
• Right to withdraw consent pursuant to Article 7(3) DSGVO

Furthermore, you also have the right to lodge a complaint with the competent supervisory authority (in Austria, the data protection authority based in Vienna). In this regard, we refer you to the website of the Austrian data protection authority, which can be accessed under the link www.dsb.gv.at . However, if you have any complaints, you are also welcome to contact us directly at the e-mail address privacy@sproof.io .

6. Status

An update of this privacy policy may be necessary due to technical advancements and new legal requirements. We will inform you in this regard in advance. The German version alone shall be authoritative.