Information pursuant to Articles 13 and 14 of the Basic Data Protection Regulation ("GDPR")
1. Personal data
1.1. We, RateBoard GmbH, take data protection very seriously. We would like therefore to inform you of how we handle your data and what rights you are entitled to. The basis for this are both the Austrian and European data protection regulations.
1.2. Personal data refer to all information relating to an identified or identifiable natural person (the "affected person"). Examples include name, address, email address, phone number, date of birth, age, gender, and social security number. There are also special categories of personal data (“sensitive data”). The GDPR understands such as health data or data in connection with criminal proceedings.
1.3. If you wish to use our services or visit our website, we must process some personal data. In doing so, we process data that you provide to us, data that arise from the business relationship, or data that we collect from third parties.
2. Person responsible
The responsibility for the data processing in the sense of the GDPR lies with
Tel.: +43 664 456 7803
3. Collecting and processing of personal data
3.1 When you use RateBoard, we will process personal information from you. These include your:
- Contact data
3.2 For technical reasons, your browser transmits certain data to our web server every time you access our website. These data are collected exclusively for statistical and technical purposes, for example to ensure the smooth running of our service operation. The following data are collected:
- IP address
- Date and time of access
- Username and password
3.3 Additional personal data are collected only if you provide them yourself. On our website, such disclosure is possible if you subscribe to a newsletter or contact us via our contact form data.
a) If you register for our newsletter via our website, the following data are collected:
- First name
- Last name
- Email address
b) If you use our contact form, the following data are collected:
- Email address
- Telephone number
c) If you register for one of our events via our website, the following data are collected:
- Email address
- Telephone number
4. Legal basis of data processing
4.1 Contractual obligations – Art 6 para 1 lit b of the GDPR We process your personal information to provide you with our services in connection with our product "RateBoard". The purposes of the data processing are based on our general terms and conditions of business.If you want to test RateBoard as a demo, we use those data that you transmit to us to fulfill (pre-)contractual obligations.
4.2 Legal obligations – Art 6 para 1 lit c of the GDPRThe processing of personal data may be legally required by RateBoard’s obligation under law to do so. Examples of this are:
- Tax obligations
4.3 Consent – Art 6 para 1 lit a of the GDPRIn the case of data that we process based on your consent, the scope and purpose of the processing are based on your underlying declaration of consent. You can revoke your consent with future effect at any time. For the sending of our newsletter, which we send based on your consent, Art 6 para 1 lit a of the GDPR serves as the legal basis.
4.4 Legitimate interest – Art 6 para 1 lit f of the GDPRIf the processing of personal data is necessary to safeguard the legitimate interests of our company or a third party, then Article 6 para. 1 lit f of the GDPR serves as the legal basis.
A legitimate interest exists in particular:
- To ensure the operation and management of our website
- To be able to respond to your contact via our contact form
- To carry out direct marketing activities
- To ensure network and data security
- For the technical support of our users
5. Cookies and server log files
5.3 First-Party Cookies requiring approval on this website: Cookies, which according to a legal definition are not strictly required to be able to use the website, perform important tasks nonetheless. Without these cookies, features that allow comfortable browsing on our website, such as the saving of a language you have selected, are no longer available and must therefore be queried again on each page.
5.6. As an AdWords customer, we use Google conversion tracking. This is an analytical service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If you access our website via a Google ad, Google Adwords will set a cookie on your terminal ("conversion cookie"). This cookie will lose its validity after 30 days. It does not serve for personal identification. If you visit certain pages and the cookie has not yet expired, we and Google will be able to tell that someone clicked on the ad and consequently was redirected to our page. Each Google Adwords customer receives a different cookie. As a result, cookies cannot be tracked using the website of an Adwords advertiser. The information obtained using the conversion cookie information is used to create conversion statistics for Adwords customers, who have decided in favor of conversion tracking. Adwords customers can determine the total number of users who have clicked on their ad and been redirected to the page that uses a conversion tracking tag. However, they receive no information that could personally identify users. Should you not wish to participate in the tracking process, you can also reject the required placement of a cookie — by using your browser setting that generally disables the automatic placement of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies originating from the domain "googleadservices.com".
5.7 Our website also uses conversion tracking from Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). When you access our website through a Bing ad, Microsoft Bing Ads sets a cookie on your terminal. As a result, Microsoft Bing and we can recognize that someone clicked on an ad and consequently was redirected to our website. We only see the total number of users who clicked on a Bing ad and were then redirected. Personal information about the identity of the user is not provided. Should you not wish to participate in the tracking process, you can also reject the required placement of a cookie via your browser setting that generally disables the automatic placement of cookies.
5.8 We use the "Website Custom Audiences" retargeting tool of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, on our website. In the event that you have a Facebook user account and this is identifiable to the tool based on existing Facebook cookies, this tool generates a non-personal checksum, which is transmitted to Facebook for analysis and marketing purposes. We also encrypt your email address and send it in encrypted form to Facebook. Through the recognition of cookies and the transmission of encrypted information, Facebook can provide you with targeted product recommendations as personalized advertising banners on Facebook. You may object to the use of Facebook Website Custom Audiences at https://www.facebook.com/ads/website_custom_audiences/.
5.9 The newsletter is sent via "MailChimp", a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The email addresses of our newsletter recipients as well as their other data described in the context of these notes are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, MailChimp can use this data along with its own information to optimize or improve its own services, e.g., to technically optimize the sending and presentation of the newsletter or for business purposes to determine from which countries the recipients originate. However, the service does not use the recipient data of our newsletter to contact recipients directly, nor does it forward the information to third parties. We trust the reliability as well as the IT and data security of MailChimp. MailChimp is certified under the US-EU data protection agreement “Privacy Shield” and consequently obligates itself to comply with EU data protection regulations. We have also concluded a “Data Processing Agreement” with MailChimp. This is a contract in which Google undertakes to protect our users' data, to process it on our behalf in accordance with our data protection regulations and, in particular, not to pass it on to third parties. You can view MailChimp's data protection policy here. The newsletters contain a “web beacon”, i.e., a pixel-sized file, which is retrieved when the newsletter is opened from the MailChimp server. During the retrieval, technical information such as information about your browser and operating system as well as your IP address and the time of the retrieval are collected. This information is used for technical improvement of the service, as technical data or target group data can be analyzed according to reading behavior, download locations (identifiable through IP addresses), or download times. Statistical data collection also includes an analysis of whether the newsletters are opened, when the newsletters are opened, and which links are clicked. Although this information technically enables the tracking of individual newsletter recipients, we and MailChimp are not interested in observing the behavior of individual users. Data analysis is used to recognize patterns in the reading behavior of users, and to adapt contents accordingly or to send different content, according to the interests of our users. In some cases we direct the newsletter recipients to the web pages of MailChimp. For example, our newsletters contain a link with which the newsletter recipients can view the newsletters online (e.g., if there are display problems in the email program).You can cancel your subscription to our newsletter at any time, i.e., revoke your consent. Your consent to the newsletter's sending via MailChimp and to the statistical analyses expires at the same time. A separate cancellation of either the sending via MailChimp or the statistical evaluation is unfortunately not possible. You will find an unsubscribe link at the end of each newsletter.
5.10 If you delete all your cookies at a later date, the opt-out process will have to be repeated; the same applies if you visit this website from other computers. If your security settings are too high and the cookie is blocked, we will not be able to process your opt-out request. You will be notified in this case and should repeat the opt-out process with lower security settings.
5.11 To optimize our website in terms of system performance, usability and providing useful information about our services, the website provider automatically collects and stores information in server log files, which your browser automatically transmits to us. This includes your Internet protocol address (IP address), browser and language setting, operating system, referrer URL, your Internet service provider and the date/time. These data are not combined with personal data from other sources. We reserve the right to retrospectively examine this log data if we learn of concrete evidence of illegal activity.
6. Web analysis and social media
6.2 If you use the social media plug-ins of Facebook Inc., Google Inc. or Twitter Inc., your IP address and cookies are sent to the respective companies. In addition, the respective social media service receives the information that you have visited our website. If you are actively logged into your social media account at the time of access, these data are assigned to your user account. For further information, please refer to the data protection declaration of the respective company, whereby we take no responsibility for the completeness and accuracy of this information:
- Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA Data protection notice of Twitter
- Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Data Protection Notice of Google (YouTube and Google+)
7. Transfer of data to third parties
7.1 Due to the current complexity of certain data processing processes, it has become essential for us to provide certain services with the assistance of third parties. All contracted processors, who are provided with personal information, have a contractual obligation to treat it confidentially and are authorized to process your data only as part of their service provision.
7.2 The transmission of the relevant data in each individual case is based on the statutory provisions and contractual agreement with the following:
- IT service providers
- Payment service providers
8. Transfer of data to third countries
The potential recipient of your personal data might be located outside the European Union or processes your personal data there. The level of data protection in other countries may not correspond to that of Austria. However, RateBoard transmits your personal data only to countries that the EU Commission has decided have an appropriate level of data protection. Alternatively, we will take steps to ensure that all recipients have an adequate level of data protection, for which we conclude standard contractual clauses (2010/87/EC and/or 2004/915/EC).
9. Data storage
Your data will be kept for as long as necessary for the purposes for which it was collected. We may be required by law, however, to retain certain information for a specified time. We will ensure that your personal information is treated for the entire period in accordance with this data protection declaration.
10. Your data protection rights
10.1 As an affected person, you have the right at all times to gain knowledge of the data stored concerning your person, the origin and the recipient of the data, and the purpose of the data processing. You also have a right to rectification, transfer of data and, if applicable, to objection, limitation of processing, or deletion of inaccurate or inadmissibly processed data.
10.2 Your request for information, deletion, correction, objection and/or data transmission may be directed to our contact person, whose contact details are given in number 10.
10.3 If you believe that the processing of your data by RateBoard violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the responsible regulatory agency. In Austria, this is the Data Protection Department.
11. Contact person
If you have questions about the processing of your data or want to exercise your (information) rights, please contact:
+43 664 4567803
12. Changes to this Data Protection Declaration
We reserve the right to amend this data protection declaration as necessary, for example due to technical developments or legal changes, or to update it in connection with the offer of new services or products. The updated data protection declaration will be published on our website. Please check the relevant page regularly.