Privacy policy for the sproof.io website

1. introduction

The protection of your personal data is of particular concern to us. Consequently, we treat your personal data in accordance with the applicable legal provisions on the protection, lawful handling and confidentiality of personal data, in particular in accordance with the Data Protection Act (hereinafter "DSG") and the General Data Protection Regulation (hereinafter "GDPR"). From the following information you can see how we process your personal data when you use our website ( www.sproof.io ) (hereinafter "website"). This privacy policy applies to the website www.sproof.io . The web application sign.sproof.io is technically separate and there is no automated data exchange between the pages.

2. name and contact details of the controller

sproof GmbH (hereinafter "sproof") is responsible for data processing.

sproof GmbH
Urstein Süd 19/2
A-5412 Puch bei Hallein
privacy@sproof.io

3. data processing

In providing our services, in particular our website and the offers made available on our website, we process personal data of users of our website as well as of users who use our online offer. The specific data processing operations are shown below:

3.1 Data processing website use

The following personal data is processed automatically when you visit our website:

• Log data;
• IP address;
• Type and version of your web browser;
• Data about your end device (device ID);
• Date and time of accessing our website or sub-pages;
• Website from which you access our website (referrer URL).

The processing serves to provide you with the offers on our website, to ensure the security of the IT infrastructure used, to carry out marketing and analyses for advertising purposes and to enable informational use of our website. The log data is generally stored for 30 days. In the event of a security-related incident, the data is stored until the incident is resolved. The legal basis for the processing of your personal data is our legitimate interest in accordance with Article 6(1)(f) GDPR. Our legitimate interest is to make our website user-friendly and to continuously improve it, to provide you with the content accessed, to ensure the security of our IT infrastructure (in particular to defend against attacks, detect, eliminate and document malfunctions) and to manage the cookie consents granted. The provision of your data is not mandatory; however, without the provision it is not possible for us to provide you with the content accessed. You can find more information on cookies under point 3.6.

3.2 Data processing contact request

It is possible to contact us directly by e-mail. In this form of contact, we only process the data that you provide to us in the e-mail. If you contact us via our contact form, you can enter your name and e-mail address as well as other personal data (depending on your entries). The data will be passed on to our IT service provider (Atlassian. Pty Ltd, Level 6, 341 George Street, Sydney NSW 2000, Australia), which is based in a third country. The basis of the data processing with Atlassian are so-called Standard Contractual Clauses (SCC) according to Art 46 para 2 and 3 GDPR, which are based on an implementing decision of the EU Commission. More information on the SCC used by Atlassian can be found at: Atlassian Trust Security Articles . The purpose of the processing is to enable you to contact us directly via our website or by email. We process the data you provide only for further communication with you. The personal data will not be processed in any other way. The legal basis for the processing of your personal data is our legitimate interest pursuant to Article 6(1)(f) of the GDPR and the processing for the performance of a contract or for the performance of pre-contractual measures pursuant to Article 6(1)(b) of the GDPR. Our legitimate interest is to make our website user-friendly, to enable you to contact us easily and transparently, and to ensure that we respond to your requests.

3.3 Data processing for applicant management

We process the following personal data when you apply to us:

• Name data;
• Address data;
• contact details;
• other applicant data.

We do not pass on your data to third parties. The data processing serves to handle the application process and to register with the relevant authorities if you are hired. We generally process the personal data for a period of 6 months after the application process has been completed. Processing beyond this period will only be carried out if you consent to the data being kept on record. The legal basis for the processing of your personal data is the fulfillment of pre-contractual measures pursuant to Article 6 (1) (b) GDPR and the fulfillment of legal obligations pursuant to Article 6 (1) (c) GDPR. In the case of record-keeping, processing is based on your express consent in accordance with Article 6(1)(a) GDPR. You can revoke your consent to record-keeping at any time by sending an email to privacy@sproof.io. The personal data you provide to us will be processed by us until you withdraw your consent. After revocation, this data will be irrevocably deleted by us. However, we would like to point out that all processing carried out until the revocation remains lawful. The provision of your data is necessary in order to process the application.

3.4 Newsletter data processing

• Name data;
• e-mail address.

The data will be passed on to our IT service provider (processor), which is based in the EU. The legal basis for the processing of your personal data is your express consent in accordance with Article 6(1)(a) GDPR. We use a double opt-in procedure for our newsletter registration. You enter your name and email address on our website and receive a confirmation email to reconfirm your registration. This is to prevent an unauthorized third party from misusing your email address. You can cancel your newsletter subscription at any time by sending an email to privacy@sproof.io. You can also unsubscribe from the newsletter by clicking on the link provided in every newsletter. The personal data you provide to us will be processed by us until you withdraw your consent. Once you have withdrawn your consent, we will irrevocably delete this data. However, we would like to point out that all processing carried out until the revocation remains lawful. The provision of your data is not obligatory; however, without the provision it is not possible for us to send you a newsletter.

3.5 Data processing social media plugins

We have neither integrated social media plugins nor social media buttons on our website.

3.6 Data processing cookies

We use cookies on our website to provide our services. Cookies are small text files with information that are stored on your end device when you visit our website. For better use, it is advantageous if cookies are stored temporarily, which is why you are asked for your consent when you first access the website. However, you are not obliged to give this consent and can also use the website without consent, albeit with restrictions under certain circumstances. Cookies that do not require consent (so-called strictly necessary cookies), the purpose of which is to enable the transmission of a message via an electronic communications network, as well as cookies that are absolutely necessary to provide our services, are also processed by us without your consent.

You can revoke your consent to the use of cookies at any time without giving reasons here. However, we would like to point out that all processing/transmission carried out until the revocation remains lawful.

3.7 Data processing eTracker

The provider of this website uses services of etracker GmbH from Hamburg, Germany (www.etracker.com) to analyze usage data. We do not use cookies for web analysis by default. Insofar as we use analysis and optimization cookies, we obtain your explicit consent separately in advance. If this is the case and you consent, cookies are used to enable statistical coverage analysis of this website, measurement of the success of our online marketing measures, and test procedures, for example, to test and optimize different versions of our online offering or its components. Cookies are small text files that are stored by the Internet browser on the user's terminal device. etracker cookies do not contain any information that enables identification of a user.

The data generated by etracker is processed and stored by etracker on behalf of the provider of this website exclusively in Germany and is therefore subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this regard and awarded the ePrivacyseal data protection seal of approval.

Data processing is carried out on the basis of the legal provisions of Art. 6 Para. 1 lit. f (legitimate interest) of the German Data Protection Regulation (GDPR). Our concern in terms of the GDPR (legitimate interest) is the optimization of our online offer and our web presence. Since the privacy of our visitors is important to us, the data that may allow a reference to an individual person, such as the IP address, login or device identifiers, are anonymized or pseudonymized as soon as possible. No other use, combination with other data or transfer to third parties will take place.

You can object to the aforementioned data processing at any time by clicking on the button below. The objection has no adverse consequences. Further information on data protection at etracker can be found here .

3.8 Data processing SalesViewer® technology:

On this website, the SalesViewer® technology of SalesViewer® GmbH is used to collect and store data for marketing, market research and optimization purposes on the basis of legitimate interests of the website operator (Art. 6 para.1 lit.f GDPR).

For this purpose, a javascript-based code is used to collect company-related data and the corresponding usage. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymized and is not used to personally identify the visitor to this website.

The data stored as part of Salesviewer will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

You can object to the collection and storage of data at any time with effect for the future by clicking on this link salesviewer.com/opt-out to prevent the collection by SalesViewer® within this website in the future. This will place an opt-out cookie for this website on your device. If you delete your cookies in this browser, you must click this link again.

5 Automated decision-making / profiling

No automated decision-making, including profiling, takes place.

6 Your rights as a data subject

We would also like to draw your attention to the following rights to which you are entitled as a data subject:

• Right of access by the controller to personal data concerning you in accordance with Article 15 GDPR
• Right to rectification in accordance with Article 16 GDPR
• Right to erasure in accordance with Article 17 GDPR
• Right to restriction of processing pursuant to Article 18 GDPR
• Right to data portability pursuant to Article 20 GDPR
• Right to object to processing pursuant to Article 21 GDPR
• Right to withdraw consent in accordance with Article 7 (3) GDPR

Furthermore, you also have the right to lodge a complaint with the competent supervisory authority (in Austria, the data protection authority based in Vienna). In this regard, we refer you to the website of the Austrian Data Protection Authority available at dsb.gv.at . However, you can also contact us directly with any complaints at the following email address: privacy@sproof.io.

7. status

It may be necessary to update this privacy policy due to technical developments and new legal requirements. We will inform you of this in advance.