Privacy

1. Introduction

The protection of your personal data is of particular concern to us. Consequently, we treat your personal data in accordance with the applicable legal provisions on the protection, lawful handling and confidentiality of personal data, in particular in accordance with the Data Protection Act (hereinafter "DSG") and the General Data Protection Regulation (hereinafter "GDPR"). From the following information you can see how we process your personal data when you use our website ( www.sproof.io ) (hereinafter "website"). This privacy policy applies to the website www.sproof.io . The web application sign.sproof.io is technically separate and there is no automated data exchange between the pages.

2. Name and contact details of the person responsible.

sproof GmbH (hereinafter "sproof") is responsible for data processing.

sproof GmbH
Urstein Süd 19/2
A-5412 Puch bei Hallein
privacy@sproof.io

3. Data processing

In providing our services, in particular our website and the offers made available on our website, we process personal data of users of our website as well as of users who use our online offer. The specific data processing operations are shown below:

3.1 Data processing website use

The following personal data is automatically processed when you visit our website:

• Log data;
• IP address;
• Type and version of your web browser;
• Data about your terminal device (device ID);
• Date and time of your visit to our website or sub-pages;
• Website from which you accessed our website (referrer URL). The processing is used to provide you with the offers on our website, to ensure security for the IT infrastructure used, to carry out marketing and analyses for advertising purposes, and to enable informational use of our website. The log data is generally stored for 30 days. In the event of a security-relevant event, the data is stored until the event is resolved. The legal basis for processing your personal data is our legitimate interest pursuant to Article 6 para 1 lit f GDPR. Our legitimate interest is to design and continuously improve our website in a user-friendly manner, to provide you with the content you have accessed, to ensure the security of our IT infrastructure (in particular for the purpose of defending against attacks, detecting, eliminating and documenting malfunctions) and to manage the cookie consents granted. The provision of your data is not mandatory; however, without the provision it is not possible for us to provide you with the content you have accessed. You can find more details on cookies under point 3.6.

3.2 Data processing contact request

It is possible to contact us directly by e-mail. In this form of contact, we only process the data that you provide to us in the e-mail. If you contact us via our contact form, you can enter your name and e-mail address as well as other personal data (depending on your entries). The data will be passed on to our IT service provider (Atlassian. Pty Ltd, Level 6, 341 George Street, Sydney NSW 2000, Australia), which is based in a third country. The basis of the data processing with Atlassian are so-called Standard Contractual Clauses (SCC) according to Art 46 para 2 and 3 GDPR, which are based on an implementing decision of the EU Commission. More information on the SCC used by Atlassian can be found at: Atlassian Trust Security Articles . The purpose of the processing is to enable you to contact us directly via our website or by email. We process the data you provide only for further communication with you. The personal data will not be processed in any other way. The legal basis for the processing of your personal data is our legitimate interest pursuant to Article 6(1)(f) of the GDPR and the processing for the performance of a contract or for the performance of pre-contractual measures pursuant to Article 6(1)(b) of the GDPR. Our legitimate interest is to make our website user-friendly, to enable you to contact us easily and transparently, and to ensure that we respond to your requests.

3.3 Data processing applicant management

The following personal data is processed by us when you apply for a job with us:

• Name data;
• address data;
• contact data;
• other applicant data. We do not pass on your data to third parties. Data processing is used to handle the application process and to register with the relevant authorities if recruitment takes place. Personal data is generally processed by us for a period of 6 months after completion of the application process. Processing beyond this period will only be carried out if you consent to the keeping of records. The legal basis for the processing of your personal data is the fulfillment of pre-contractual measures pursuant to Article 6 para 1 lit b GDPR and the fulfillment of legal obligations pursuant to Article 6 para 1 lit c GDPR. In the case of record keeping, the processing is based on your express consent pursuant to Article 6 (1) (a) of the GDPR. You can revoke your consent to record keeping at any time by sending an e-mail to privacy@sproof.io. The personal data provided to us by you will be processed by us until you revoke your consent. After revocation, this data will be irrevocably deleted by us. However, we would like to point out that all processing carried out until revocation remains lawful. The provision of your data is necessary in order to process the application.

3.4 Data processing newsletter

• Name data;
• E-mail address. The data will be passed on to our IT service provider (order processor), which is based in EU. The legal basis for the processing of your personal data is your express consent pursuant to Article 6 para 1 lit a GDPR. We use a double opt-in procedure for our newsletter registration. You enter your name and email address on our website and receive a confirmation email to reconfirm the registration. This is to prevent an unauthorized third party from misusing your email address. You can cancel your newsletter subscription at any time by emailing privacy@sproof.io. Unsubscribing from the newsletter is also possible in each newsletter by clicking on the link contained. The personal data you provide us with will be processed by us until you revoke your consent. After revocation, this data will be irrevocably deleted by us. However, we would like to point out that all processing carried out until revocation remains lawful. The provision of your data is not mandatory; however, without the provision it is not possible for us to send you a newsletter.

3.5 Data processing social media plugins

We have neither integrated social media plugins nor social media buttons on our website.

3.6 Data processing cookies

We use cookies on our website to provide our services. Cookies are small text files containing information that are stored on your terminal device when you visit our website. For better use, it is advantageous if cookies are stored temporarily, which is why you are asked for your consent when you first visit the website. However, you are not obliged to give this consent and you can also use the website without consent - albeit in a restricted manner under certain circumstances. Consent-free cookies (so-called unconditional cookies), the purpose of which is to enable the execution of the transmission of a message via an electronic communication network, as well as cookies that are absolutely necessary to provide our services, are also processed by us without your consent. A basic distinction must be made between the following types of cookies:

Consent-free cookiesand cookies requiring consent
Consent-free cookies are those cookies that we need in order to provide the applications and functions at all (so-called operationally necessary cookies). These cookies are generally only stored until you close your browser. All other cookies are cookies that require your consent.

First- and Third-Party Cookies
First-party cookies are cookies that are set and retrieved by us or our contracted processors. Third-party cookies are cookies that are set and retrieved by other controllers. Consequently, a distinction must be made here as to where a cookie originates.

Session and Persistent Cookies
Session cookies are cookies that are automatically deleted when you close the browser and persistent cookies are those cookies that remain stored on your computer/end device for a certain period of time after you close the browser. We only use cookies that require your consent if you have previously consented to their processing at our cookie notice (cookie banner). The cookie banner is displayed when you call up our website, where you can select the cookies you want and consent to their processing. The following cookies are used on our website:

ph_opt_in_out_phc*
sproof GmbH
This cookie stores your consent for ph_phc*
It expires after one week
Optional

ph_phc*
sproof GmbH
This cookie records performance data and visitor behavior on the website.
It expires after one year.
Optional

_et_coid
sproof GmbH
User recognition with eTracker
Optional

et_oi_v2
sproof GmbH
Used for a possible opt-in, if data processing by eTracker should only take place after consent.
Optional

isSdEnabled
sproof GmbH
Detection via eTracker whether the scroll depth is measured for the visitor.
Optional

et_allow_cookies
sproof GmbH
Indicates that etracker cookies may be set. Will be deleted upon revocation.
Optional

__clnds
sproof GmbH
Set when booking an appointment via meet.sproof.io.
Necessary

__Secure-next-auth.callback.url
sproof GmbH Set when booking an appointment via meet.sproof.io.
Required

__Secure-next-auth.csrf-token
sproof GmbH Set when booking an appointment via meet.sproof.io.
Required

You can revoke the consent given to us for the use of cookies at any time without giving reasons here. However, we would like to point out that all processing/transfers carried out until the revocation remain lawful.

3.7 Data processing eTracker

The provider of this website uses services of etracker GmbH from Hamburg, Germany (www.etracker.com) to analyze usage data. We do not use cookies for web analysis by default. Insofar as we use analysis and optimization cookies, we obtain your explicit consent separately in advance. If this is the case and you consent, cookies are used to enable statistical coverage analysis of this website, measurement of the success of our online marketing measures, and test procedures, for example, to test and optimize different versions of our online offering or its components. Cookies are small text files that are stored by the Internet browser on the user's terminal device. etracker cookies do not contain any information that enables identification of a user.

The data generated by etracker is processed and stored by etracker on behalf of the provider of this website exclusively in Germany and is therefore subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this regard and awarded the ePrivacyseal data protection seal of approval.

Data processing is carried out on the basis of the legal provisions of Art. 6 Para. 1 lit. f (legitimate interest) of the German Data Protection Regulation (GDPR). Our concern in terms of the GDPR (legitimate interest) is the optimization of our online offer and our web presence. Since the privacy of our visitors is important to us, the data that may allow a reference to an individual person, such as the IP address, login or device identifiers, are anonymized or pseudonymized as soon as possible. No other use, combination with other data or transfer to third parties will take place.

You can object to the aforementioned data processing at any time by clicking on the button below. The objection has no adverse consequences. Further information on data protection at etracker can be found here .

3.8 Data processing SalesViewer® technology:

On this website, the SalesViewer® technology of SalesViewer® GmbH is used to collect and store data for marketing, market research and optimization purposes on the basis of legitimate interests of the website operator (Art. 6 para.1 lit.f GDPR).

For this purpose, a javascript-based code is used to collect company-related data and the corresponding usage. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymized and is not used to personally identify the visitor to this website.

The data stored as part of Salesviewer will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

You can object to the collection and storage of data at any time with effect for the future by clicking on this link salesviewer.com/opt-out to prevent the collection by SalesViewer® within this website in the future. This will place an opt-out cookie for this website on your device. If you delete your cookies in this browser, you must click this link again.

4. Automated decision making / profiling

No automated decision making, including profiling, takes place.

5. Your rights as a data subject

We would also like to draw your attention to the following rights to which you are entitled as a data subject:

• Right of access by the controller to the personal data concerning you pursuant to Article 15 GDPR.
• Right to rectification pursuant to Article 16 GDPR
• Right to erasure pursuant to Article 17 GDPR
• Right to restriction of processing pursuant to Article 18 GDPR
• Right to data portability pursuant to Article 20 GDPR
• Right to object to processing pursuant to Article 21 GDPR
• Right to withdraw consent pursuant to Article 7(3) GDPR.

Furthermore, you also have the right to lodge a complaint with the competent supervisory authority (in Austria, the data protection authority based in Vienna). In this regard, we refer to the website of the Austrian data protection authority, which can be accessed under the link dsb.gv.at . However, you are also welcome to contact us directly with complaints at the e-mail address privacy@sproof.io.

6. Status

An update of this privacy policy may be necessary due to technical developments and new legal requirements. We will inform you in advance in this regard.