Regarding the Services Readdle Inc., 795 Folsom Street, 1st Floor, San Francisco, CA 94107, USA (“Readdle”, “we”, “us” or “our”) is the data processor within the meaning of the General Data Protection Regulation (“GDPR”). Fluix account owners who willingly agree to subscribe and use Fluix as their document management solution are data controllers within the meaning of the General Data Protection Regulation (“GDPR”).
2. DATA WE COLLECT, PROCESS AND USE
2.1 In general, you can use the Services without providing any personal information such as e.g. your name, email address, postal address, telephone number, financial information (all such information concerning the personal or material circumstances of an identified or identifiable individual data subject together “Personal Data”). Therefore, if you do not provide us directly with Personal Data in another way or actively consent to the Use by us of certain Personal Data, we, in general, do not Use your data with the exception of the following:
2.1.1 Regarding the Website: your browser transfers certain data so that it can access the Website, namely:
- the IP address
- the date and time of the request
- the browser type
- the operating system
- the language and version of the browser software.
2.1.2 Regarding the App: certain data is transmitted by your mobile device, namely your IP address, the periods of time in which you use the App and the type of device you use (e.g. IPhone, IPad in order to give us the possibility to continuously improve the App.
The legal basis for the processing of the data described above in section 2.1.1 and 2.1.2 (to the extent such data is to be considered Personal Data) is Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests; regarding section 2.1.1 the legitimate interests to Use such data arises from the fact that without such data the Website cannot be accessed by our customers and/or other users; regarding section 2.1.2 the legitimate interests to Use such data is that we have an interest to continuously improve the App).
2.2 Besides the Use of Personal Data as described in section 2.1, we, in general, will Use the Personal Data provided by you only for the operation of the services provided to you on the Website and/or in the App and to fulfil our contractual obligations we might have towards you.
For example, we store data that you have provided to us with the purpose of (i) receiving further information from us with regard to the services offered by us (e.g. name, business address, business email address; we use such data to meet your respective information requests), (ii) registering an account with us (e.g. name, business email address; we use such data in order to register an account for you), and (iii) storing data (e.g. in the context of the Software as a Service (SaaS) services provided by us to you via the App) so that you can access such information via the App. In particular, if you use the App for scanning and uploading a document (containing Personal Data) we will store such document for you within in a cloud based online service (hosted by a third party hosting provider; cf. also section 4 below) so that you can access such documents whenever and where ever you want. Please note that all Personal Data will be processed only within EU member states (cf. also section 4 below).
The legal basis for the processing of the data described in this section 2.2 is Art. 6 (1) sentence 1 lit. b GDPR (fulfilment of contract and pre-contractual measures).
2.3 Only in cases in which you have given us prior consent we also use your Personal Data for other purposes but only to the extent needed in each specific case. The legal basis for the processing of the data described in this section 2.3 is Art. 6 (1) sentence 1 lit. a GDPR (consent).
2.4 We may disclose Personal Data to third parties where such disclosure is required by law (for example, upon request of a court or of law enforcement authorities). The legal basis for the processing of the data described in this section 2.4 is Art. 6 (1) sentence 1 lit. c GDPR (legal obligation).
2.5 We may also Use certain data as set forth in section 3 below.
3. COOKIES; USE OF (FURTHER ANALYZING) TOOLS
3.1 Cookies are stored on your computer when using the Website. Cookies are small text files that are stored on your hard disk of the computer with which you visit a website and which are allocated to your browser and through which certain information is submitted to the cookies user that sets the cookie (in this case us). Cookies serve to make the website offering more user-friendly and effective overall.
– Transient / Session cookies
– Persistent / Setting cookies
– Analysis cookies
Transient cookies are automatically deleted when you close your browser. This includes in particular the session cookies. These store a so-called session ID, which identify user session in the browser. Session cookies are deleted when you log out or close your browser.
Persistent cookies help the Website remember your information and settings when you visit them in the future. They are automatically deleted after a specified period, which may differ depending on the cookie.
3.2 The Website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help analyze how you use the Website. The information generated by the cookie about your use of the Website will normally be transmitted to and stored by Google on servers in the United States.
In case IP-anonymization is activated on the Website, your IP address will be truncated within the area of member states of the European Union or within other contracting states to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Google server in the USA and truncated there. Google will use this information on behalf of Readdle for the purpose of evaluating your use of the Website, compiling reports on Website activity and providing other services for Readdle relating to website activity and internet usage.
The IP address that your browser transfers within the scope of Google Analytics will not be associated with any other data held by Google.
As an alternative to the browser add-on or within browsers on mobile devices, you can click this link in order to opt-out from being tracked by Google Analytics within this Website in the future (this opt-out option applies only for the browser in which you set it and with regard to the Website). In this case an opt-out cookie is put on your device. In case you delete your cookies, you will have to use the aforementioned link again.
For further information on Google Analytics please refer to: http://www.google.com/analytics/terms/, https://support.google.com/analytics/answer/6004245?hl=en and https://policies.google.com/privacy?hl=en&gl=en
3.3 We also track your activity on our Website in order to collect information via a web analytics service of HubSpot, Inc., 25 First Street, 2nd Floor Cambridge, MA 02141United States, called HubSpot Marketing Hub (https://legal.hubspot.com/privacy-policy). We use HubSpot to: 1. Track and Respond to inbound customer / prospect requests for information and to identify which prospects have contacted us over time requesting information. 2. Manage delivery of product information in response to inquiries and 3. Maintain a record of all communications with prospects / customers so that we provide requested information in a timely fashion. 4. For those prospects who are opted in to receive product updates, we send updated information about Fluix on a semi-regular basis.
3.4 We further use a third-party tool of Amplitude, Inc, 501 2nd Street, San Francisco, CA 94107, called Amplitude (see https://amplitude.com/privacy) to collect and analyze how you use the App. Amplitude is an analytic software tool, which helps us improve our Service by better understanding the user’s behavior. You can opt-out from being subject to this tool by sending an email to firstname.lastname@example.org (Readdle Data Protection Officer).
3.5 If you decide to deactivate (some of) the cookies and tools described above, please note that certain features and functionalities of the Services might not work or might not be accessible to you.
3.6 The legal basis for the processing of the data described in this section 3 (to the extent such data is to be considered Personal Data) is Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests; the legitimate interests to Use such data is that we use and analyze the respective data to improve our Services, such as by gaining a better understanding of your interests and requirements regarding our Services and to help personalize your user experience).
4. TECHNICAL IMPLEMENTATION OF THE SERVICES BY SUBCONTRACTORS
We partly use service providers who process Personal Data on behalf of us to operate the technical platform for the Services (for example, the documents that you scan and upload via the App are hosted by a third party hosting provider (whereas the respective servers are exclusively situated in EU member states)). These service providers process the data exclusively according to our instructions (order processing). The legal basis for the data processing described in this section 4 is Art. 6 (1) sentence 1 lit. b GDPR (performance of contract and pre-contractual measures) and Art. 28 GDPR (order processing).
5. DURATION OF STORAGE OF PERSONAL DATA
6. YOUR RIGHTS
You have the right to request information from us at any time about your Personal Data stored by us. If the legal requirements are met, you also have rights vis-à-vis us to request from us access to and rectification or erasure or restriction of processing concerning your Personal Data or to object the processing of your Personal Data as well as the right to receive your Personal Data provided to us in a structured, established and machine-readable format from us (you can transfer this data to other parties or have it transferred; data portability).
If you have given your consent to the use of personal data, you can revoke such consent at any time (for the future).
If you believe that the processing of your Personal Data by us is in breach of the applicable data protection laws, you can issue a complaint with the competent supervisory authority for data protection.
You can contact us (e.g. if you have any questions about data protection regarding Readdle (including regarding the assertion of your rights further explained in section 6 above)), for example, via the address indicated above in section 1 or via the following emails: email@example.com or firstname.lastname@example.org (Readdle Data Protection Officer).
8. KEEPING YOUR PERSONAL DATA SECURE
We have taken extensive technical and operational precautions to protect the Personal Data retained by us against unauthorized access and misuse. Our security procedures are revised regularly and adapted to reflect technological progress.