Privacy Policy

This Privacy Policy shall apply to the Fluix application accessible from mobile devices and from a web browser (the “App”), the Fluix admin portal accessible from the web (the “Admin Portal”) and the use of  the Fluix website in general (the “Website”; App, Admin Portal and Website together the “Services”).

1. GENERAL

Regarding the Services Readdle Inc., 795 Folsom Street, 1st Floor, San Francisco, CA 94107, USA (“Readdle”, “we”, “us” or “our”) is the data processor within the meaning of the General Data Protection Regulation (“GDPR”). Fluix account owners who willingly agree to subscribe and use Fluix as their document management solution are data controllers within the meaning of the General Data Protection Regulation (“GDPR”).

This privacy policy shall inform you on how we collect, process and use (“Use”) personal data in connection with the Services.

2. DATA WE COLLECT, PROCESS AND USE

2.1 In general, you can use the Services without providing any personal information such as e.g. your name, email address, postal address, telephone number, financial information (all such information concerning the personal or material circumstances of an identified or identifiable individual data subject together “Personal Data”). Therefore, if you do not provide us directly with Personal Data in another way or actively consent to the Use by us of certain Personal Data, we, in general, do not Use your data with the exception of the following:

2.1.1 Regarding the Website: your browser transfers certain data so that it can access the Website, namely:

2.1.2 Regarding the App: certain data is transmitted by your mobile device, namely your IP address, the periods of time in which you use the App and the type of device you use (e.g. IPhone, IPad in order to give us the possibility to continuously improve the App.

The legal basis for the processing of the data described above in section 2.1.1 and 2.1.2 (to the extent such data is to be considered Personal Data) is Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests; regarding section 2.1.1 the legitimate interests to Use such data arises from the fact that without such data the Website cannot be accessed by our customers and/or other users; regarding section 2.1.2 the legitimate interests to Use such data is that we have an interest to continuously improve the App).

2.2 Besides the Use of Personal Data as described in section 2.1, we, in general, will Use the Personal Data provided by you only for the operation of the services provided to you on the Website and/or in the App and to fulfil our contractual obligations we might have towards you.

For example, we store data that you have provided to us with the purpose of (i) receiving further information from us with regard to the services offered by us (e.g. name, business address, business email address; we use such data to meet your respective information requests), (ii) registering an account with us (e.g. name, business email address; we use such data in order to register an account for you), and (iii) storing data (e.g. in the context of the Software as a Service (SaaS) services provided by us to you via the App) so that you can access such information via the App. In particular, if you use the App for scanning and uploading a document (containing Personal Data) we will store such document for you within in a cloud based online service (hosted by a third party hosting provider; cf. also section 4 below) so that you can access such documents whenever and where ever you want. Please note that all Personal Data will be processed only within EU member states (cf. also section 4 below).   

The legal basis for the processing of the data described in this section 2.2 is Art. 6 (1) sentence 1 lit. b GDPR (fulfilment of contract and pre-contractual measures).

2.3 Only in cases in which you have given us prior consent we also use your Personal Data for other purposes but only to the extent needed in each specific case. The legal basis for the processing of the data described in this section 2.3 is Art. 6 (1) sentence 1 lit. a GDPR (consent).

2.4 We may disclose Personal Data to third parties where such disclosure is required by law (for example, upon request of a court or of law enforcement authorities). The legal basis for the processing of the data described in this section 2.4 is Art. 6 (1) sentence 1 lit. c GDPR (legal obligation).

2.5 We may also Use certain data as set forth in section 3 below.

3. COOKIES; USE OF (FURTHER ANALYZING) TOOLS

3.1 Cookies are stored on your computer when using the Website. Cookies are small text files that are stored on your hard disk of the computer with which you visit a website and which are allocated to your browser and through which certain information is submitted to the cookies user that sets the cookie (in this case us). Cookies serve to make the website offering more user-friendly and effective overall.

The Website uses cookies to the following extent:

– Transient / Session cookies

– Persistent / Setting cookies

– Analysis cookies

Transient cookies are automatically deleted when you close your browser. This includes in particular the session cookies. These store a so-called session ID, which identify user session in the browser. Session cookies are deleted when you log out or close your browser.

Persistent cookies help the Website remember your information and settings when you visit them in the future. They are automatically deleted after a specified period, which may differ depending on the cookie.

We also use cookies on our website which enable an analysis of the user’s surfing behavior. 

You can configure your browser settings according to your wishes and, for example, restrict the use of cookies or refuse them altogether. However, we would like to point out that you may not be able to use all the functions of the Website in this case.

3.2 The Website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help analyze how you use the Website. The information generated by the cookie about your use of the Website will normally be transmitted to and stored by Google on servers in the United States.

In case IP-anonymization is activated on the Website, your IP address will be truncated within the area of member states of the European Union or within other contracting states to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Google server in the USA and truncated there. Google will use this information on behalf of Readdle for the purpose of evaluating your use of the Website, compiling reports on Website activity and providing other services for Readdle relating to website activity and internet usage.

The IP address that your browser transfers within the scope of Google Analytics will not be associated with any other data held by Google.

You may refuse the use of cookies by selecting the appropriate settings in your browser, however please note that if you do so you may not be able to use all functions of the Website. You can also opt-out from the storage by Google of the data that is created by the cookie and is related to the use of the Website (including your IP address) and the processing of such data by Google by downloading and installing the Google Analytics opt-out Browser add-on available under https://tools.google.com/dlpage/gaoptout?hl=en.

As an alternative to the browser add-on or within browsers on mobile devices, you can click this link in order to opt-out from being tracked by Google Analytics within this Website in the future (this opt-out option applies only for the browser in which you set it and with regard to the Website). In this case an opt-out cookie is put on your device. In case you delete your cookies, you will have to use the aforementioned link again.

For further information on Google Analytics please refer to: http://www.google.com/analytics/terms/, https://support.google.com/analytics/answer/6004245?hl=en and https://policies.google.com/privacy?hl=en&gl=en

3.3 We also track your activity on our Website in order to collect information via a web analytics service of HubSpot, Inc., 25 First Street, 2nd Floor Cambridge, MA 02141United States, called HubSpot Marketing Hub (https://legal.hubspot.com/privacy-policy). We use HubSpot to: 1. Track and Respond to inbound customer / prospect requests for information and to identify which prospects have contacted us over time requesting information. 2. Manage delivery of product information in response to inquiries and 3. Maintain a record of all communications with prospects / customers so that we provide requested information in a timely fashion. 4. For those prospects who are opted in to receive product updates, we send updated information about Fluix on a semi-regular basis.

3.4 We further use a third-party tool of Amplitude, Inc, 501 2nd Street, San Francisco, CA 94107, called Amplitude (see https://amplitude.com/privacy) to collect and analyze how you use the App. Amplitude is an analytic software tool, which helps us improve our Service by better understanding the user’s behavior. You can opt-out from being subject to this tool by sending an email to dpo@readdle.com (Readdle Data Protection Officer).

3.5 If you decide to deactivate (some of) the cookies and tools described above, please note that certain features and functionalities of the Services might not work or might not be accessible to you.

3.6 The legal basis for the processing of the data described in this section 3 (to the extent such data is to be considered Personal Data) is Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests; the legitimate interests to Use such data is that we use and analyze the respective data to improve our Services, such as by gaining a better understanding of your interests and requirements regarding our Services and to help personalize your user experience).

4. TECHNICAL IMPLEMENTATION OF THE SERVICES BY SUBCONTRACTORS

We partly use service providers who process Personal Data on behalf of us to operate the technical platform for the Services (for example, the documents that you scan and upload via the App are hosted by a third party hosting provider (whereas the respective servers are exclusively situated in EU member states)). These service providers process the data exclusively according to our instructions (order processing). The legal basis for the data processing described in this section 4 is Art. 6 (1) sentence 1 lit. b GDPR (performance of contract and pre-contractual measures) and Art. 28 GDPR (order processing).

5. DURATION OF STORAGE OF PERSONAL DATA

Unless no shorter storage period is indicated in this privacy policy, we, in general, store Personal Data as long (i) as required for the provision of the Services to you, and/or (ii) as it is necessary with regard to the contractual relationship with you, thereafter only if and to the extent that we are obliged to do so by mandatory statutory retention obligations. If we no longer require the respective Personal Data for the purposes described above, such Personal Data will only be stored during the respective legal retention period and not processed for other purposes.

6. YOUR RIGHTS

You have the right to request information from us at any time about your Personal Data stored by us. If the legal requirements are met, you also have rights vis-à-vis us to request from us access to and rectification or erasure or restriction of processing concerning your Personal Data or to object the processing of your Personal Data as well as the right to receive your Personal Data provided to us in a structured, established and machine-readable format from us (you can transfer this data to other parties or have it transferred; data portability).

If you have given your consent to the use of personal data, you can revoke such consent at any time (for the future).

If you believe that the processing of your Personal Data by us is in breach of the applicable data protection laws, you can issue a complaint with the competent supervisory authority for data protection.

7. CONTACT

You can contact us (e.g. if you have any questions about data protection regarding Readdle (including regarding the assertion of your rights further explained in section 6 above)), for example, via the address indicated above in section 1 or via the following emails: support@fluix.io or dpo@readdle.com (Readdle Data Protection Officer).

8. KEEPING YOUR PERSONAL DATA SECURE

We have taken extensive technical and operational precautions to protect the Personal Data retained by us against unauthorized access and misuse. Our security procedures are revised regularly and adapted to reflect technological progress.