Data protection provisions about the website sproof.com

1. Introduction

The protection of your personal data is of particular concern to us. Consequently, we treat your personal data in accordance with the applicable legal provisions for the protection, lawful handling and confidentiality of personal data, in particular in accordance with the Data Protection Act (hereinafter “DPA”) and the General Data Protection Regulation (hereinafter “GDPR”). The following information explains how we process your personal data when you use our website ( www.sproof.com ) (hereinafter referred to as the “website”).
This privacy policy applies to the website  www.sproof.com . The web application sign.sproof.com is technically separate and there is no automated data exchange between the pages.

2. Name and contact details of the controller

sproof GmbH (hereinafter “sproof”) is responsible for data processing.

sproof GmbH
Urstein Süd 19/2
A-5412 Puch bei Hallein
privacy@sproof.com

3. Data processing

In providing our services, in particular our website and the offers made available on our website, we process personal data of users of our website as well as of users who use our online offer. The specific data processing methods are presented below:

3.1. Data processing Website use

The following personal data is automatically processed when you visit our website:

• Log;
• IP address;
• Type and version of your web browser;
• Data about your device (device ID);
• Date and time of access to our website or the sub-pages;
• Website from which you access our website (referrer URL).

The processing serves to provide you with the offers on our website, to ensure the security of the IT infrastructure used, to carry out marketing and analyses for advertising purposes and to enable informational use of our website.
The log data is generally stored for 30 days. In the event of a safety-relevant event, the data is stored until the incident has been clarified.
The legal basis for the processing of your personal data is our legitimate interest in accordance with Article 6 (1) (f) GDPR. Our legitimate interest is to make our website user-friendly and to continuously improve it, to provide you with the content you access, to ensure the security of our IT infrastructure (in particular for the purpose of defending against attacks, detecting, eliminating and documenting faults) and to manage the cookie consents granted.
The provision of your data is not mandatory; however, without the provision it is not possible for us to provide you with the accessed content.
You can find more information about cookies under point 3.6.

3.2 Data processing contact request

It is possible to contact us directly by e-mail. In this form of contact, we only process the data that you provide to us in the e-mail. If you contact us via our contact form, you can enter your name and e-mail address as well as other personal data (depending on your input). The data will be passed on to our IT service provider (Atlassian. Pty Ltd, Level 6, 341 George Street, Sydney NSW 2000, Australia), which is based in a third country.
The basis for data processing with Atlassian are so-called Standard Contractual Clauses (SCC) pursuant to Art 46 (2) and (3) GDPR, which are based on an implementing decision of the EU Commission. Further information on the SCCs used by Atlassian can be found at  Atlassian Trust Security Articles .
The purpose of the processing is to enable you to contact us directly via our website or by e-mail. We process the data provided by you only for further communication with you. The personal data will not be processed in any other way.
The legal basis for the processing of your personal data is our legitimate interest pursuant to Article 6(1)(f) GDPR and the processing for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6(1)(b) GDPR. Our legitimate interest is to make our website user-friendly, to enable you to contact us easily and transparently and to ensure that we can respond to your concerns.

3.3 Data processing applicant management

The following personal data is processed by us when you apply for a job with us:

• Name data;
• Address data;
• Contact details;
• further applicant data.

We do not pass on your data to third parties.
Data processing is used to handle the application process and to register with the relevant authorities if you are hired.
We generally process personal data for a period of 6 months after completion of the application process. Processing beyond this period will only be carried out if you consent to the data being kept on record. The legal basis for the processing of your personal data is the fulfillment of pre-contractual measures pursuant to Article 6 (1) (b) GDPR and the fulfillment of legal obligations pursuant to Article 6 (1) (c) GDPR. In the case of record-keeping, processing is based on your express consent in accordance with Article 6(1)(a) GDPR.
You can revoke your consent to record-keeping at any time by sending an email to privacy@sproof.com. The personal data you provide to us will be processed by us until you withdraw your consent. After revocation, this data will be irrevocably deleted by us. However, we would like to point out that all processing carried out until revocation remains lawful.
The provision of your data is necessary in order to process the application.

3.4 Data processing newsletter

• Name data;
• E-mail address.

The data will be forwarded to our IT service provider (processor), which is based in the EU.
The legal basis for the processing of your personal data is your express consent in accordance with Article 6(1)(a) GDPR. We use a double opt-in procedure for our newsletter registration. You enter your name and email address on our website and receive a confirmation email to reconfirm your registration. This is to prevent an unauthorized third party from misusing your email address.
You can cancel your newsletter subscription at any time by sending an email to privacy@sproof.com. You can also unsubscribe from the newsletter by clicking on the link provided in every newsletter. The personal data you provide to us will be processed by us until you withdraw your consent. Once you have withdrawn your consent, we will irrevocably delete this data. However, we would like to point out that all processing carried out until the revocation remains lawful.
The provision of your data is not mandatory; however, without the provision it is not possible for us to send you a newsletter.

3.5. Data processing of social media plugins

We have not integrated social media plugins or social media buttons on our website.

3.6. Data processing cookies

We use cookies on our website to provide our services. Cookies are small text files containing information that are stored on your device when you visit our website.
For better use, it is advantageous if cookies are stored temporarily, which is why you will be asked for your consent when you first visit the website. However, you are not obliged to give this consent and can also use the website without consent, albeit to a limited extent under certain circumstances. Consent-free cookies (so-called strictly necessary cookies), the purpose of which is to enable the transmission of a message over an electronic communications network, as well as cookies that are strictly necessary to provide our services, are also processed by us without your consent.

You can revoke the consent given to us for the use of cookies at any time without giving reasons here. However, we would like to point out that all processing/transfers carried out up to the revocation remain lawful.

3.7 Data processing eTracker

The provider of this website uses the services of etracker GmbH from Hamburg, Germany ( www.etracker.com ) to analyze usage data. We do not use cookies for web analysis by default. If we use analysis and optimization cookies, we will obtain your explicit consent separately in advance. If this is the case and you give your consent, cookies are used to enable a statistical analysis of the reach of this website, to measure the success of our online marketing measures and test procedures, e.g. to test and optimize different versions of our online offering or its components. Cookies are small text files that are stored by the Internet browser on the user’s end device. etracker cookies do not contain any information that enables a user to be identified.

The data generated with etracker is processed and stored by etracker on behalf of the provider of this website exclusively in Germany and is therefore subject to the strict German and European data protection laws and standards. etracker has been independently audited, certified and awarded the data protection seal of approval in this respect.  ePrivacyseal awarded.

Data processing is carried out on the basis of the legal provisions of Art. 6 (1) (f) (legitimate interest) of the General Data Protection Regulation (GDPR). Our concern within the meaning of the GDPR (legitimate interest) is the optimisation of our online offer and our website. Since the privacy of our visitors is important to us, the data that may allow a reference to a single person, such as the IP address, login or device identifiers, will be anonymized or pseudonymized as soon as possible. It will not be used, merged with other data or passed on to third parties.

You can object to the data processing described above at any time by clicking on the button below. The objection has no negative consequences.
Further information on data protection at etracker can be found at  here .

Deactivate eTracker

3.8 Data processing SalesViewer® technology:

On this website, data is collected and stored for marketing, market research and optimisation purposes using the SalesViewer® technology of SalesViewer® GmbH on the basis of the legitimate interests of the website operator (Art. 6 para. 1 lit. f GDPR).

For this purpose, a JavaScript-based code is used, which is used to collect company-related data and the corresponding use. The data collected with this technology is encrypted via a non-recalculable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to personally identify the visitor to this website.

The data stored within the framework of Salesviewer will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

You can object to the collection and storage of data at any time with effect for the future by clicking on this link salesviewer.com/opt-out to prevent SalesViewer® from collecting data on this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click on this link again.

3.9. Use of the LinkedIn Insight Tag

On our website we use the “LinkedIn Insight Tag” of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”).

Purpose of data processing: The LinkedIn Insight Tag is a JavaScript code that we have implemented on our website. This tool enables us to analyze and optimize marketing activities on the LinkedIn platform.

We use the tag for the following purposes: (i) Conversion tracking: To understand how visitors who come to our website via a LinkedIn ad interact with it (e.g. whether they make a purchase or fill out a form).

(ii) Retargeting (target group targeting): To display relevant advertising to visitors to our website on LinkedIn (or on LinkedIn’s partner platforms) based on their browsing behavior on our website.

(iii) Website analytics: To obtain aggregated and anonymized insights into the demographic characteristics (e.g. industry, career level, company size) of our website visitors.

Data collected: If you visit our website and have consented to the use of the LinkedIn Insight Tag, LinkedIn will place a cookie (e.g. li_c) in your browser. The tag collects and transmits the following information to LinkedIn

URL and referrer URL, IP address (this is shortened or hashed by LinkedIn), device and browser properties (user agent), timestamp of the visit, events on the website (e.g. page views, conversion actions)

If you are a LinkedIn member, LinkedIn can assign this data to your personal user account. As the website operator, we do not receive any personal data about individual users from LinkedIn, but only aggregated, anonymized reports about our target groups and advertising performance.

Legal basis: The processing of your data using the LinkedIn Insight Tag (including the storage of cookies) takes place exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR (and, if applicable, in conjunction with § 25 para. 1 TTDSG).

Withdrawal of consent: You can withdraw your consent at any time with effect for the future. The easiest way to do this is via our consent management platform (cookie banner) [or: by clicking here: INSERT LINK TO COOKIE SETTINGS].

Alternatively, you can deactivate data collection by the LinkedIn Insight Tag by generally preventing the setting of cookies in your browser settings or by specifically blocking cookies from LinkedIn. LinkedIn members can control data collection directly in their LinkedIn account settings.

Storage period: LinkedIn anonymizes the data within 7 days according to its own information. The pseudonymized data is deleted within 180 days.

Data transfer to third countries (USA): LinkedIn processes data partly on servers in the USA (LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA). The USA is currently considered a third country under data protection law for which there is no adequacy decision by the EU Commission.

As a basis for data transfer to recipients in third countries (outside the European Union, Iceland, Liechtenstein, Norway), or data processing there, LinkedIn uses standard contractual clauses (SCCs) approved by the EU Commission in accordance with Art. 46 para. 2 lit. c GDPR. Through these clauses, LinkedIn undertakes to comply with a European level of data protection when processing your data, even if the data is stored or processed in the USA.

Joint controllership (joint responsibility): We are jointly responsible with LinkedIn Ireland Unlimited Company for the collection of data via the Insight Tag on our website and its transmission to LinkedIn (Art. 26 GDPR). We have concluded an agreement on joint responsibility for this. This agreement sets out the respective obligations of the parties. You can view the agreement here: https://legal.linkedin.com/pages-joint-controller-addendum

LinkedIn is solely responsible for the subsequent processing of the data by LinkedIn after transmission. Further information on data processing by LinkedIn can be found in LinkedIn’s privacy policy and in the information on the LinkedIn Insight Tag.

4. automated decision-making / profiling

There is no automated decision-making, including profiling.

5. your rights as a data subject

We would also like to draw your attention to the following rights to which you are entitled as a data subject:

• Right of access from the controller about the personal data concerning you in accordance with Article 15 GDPR
• Right to rectification in accordance with Article 16 GDPR
• Right to erasure according to Article 17 GDPR
• Right to restriction of processing pursuant to Article 18 GDPR
• Right to data portability according to Article 20 GDPR
• Right to object to processing in accordance with Article 21 GDPR
• Right to withdraw consent in accordance with Article 7 (3) GDPR

Furthermore, you also have the right to lodge a complaint with the competent supervisory authority (in Austria, the data protection authority based in Vienna). In this regard, we refer to the  dsb.gv.at website of the Austrian Data Protection Authority. However, you can also contact us directly at privacy@sproof.com if you have any complaints.

6. stand

An update of this privacy policy may be necessary due to technical developments and new legal requirements. We will inform you in advance.

These data protection provisions are available in different languages. In the event of ambiguities or questions of interpretation, only the German version of this Privacy Policy shall prevail.