Privacy policy for app.syssy.net

April 2022

Privacy Policy / Information Obligation

It is particularly important to us to protect your data, which is why we comply with the applicable data protection regulations, in particular the GDPR and the DSG, when processing your personal data (e.g. master data). These data protection regulations for the web application https://app.syssy.net/ supplement the "General information obligation/data protection regulations" in the currently valid version. You can access the "General Information Obligation/Privacy Policy" at: https://www.syssy.net/datenschutz.

Below you will find more information about the data processing we carry out:

1. Responsible (iSd Art 4 Z7 DSGVO)

SYSSY Online GmbH, Am Grünen Hang 24, 4040 Linz,
office@syssy.net

Since we are not legally obliged, we have not appointed a data protection officer or no data protection officer at the data protection authority.

2. Rights of data subjects/right of objection and revocation/right of appeal

2.1. You have the following rights towards us with regard to your personal data:

  • Right to information (Article 15 GDPR),
  • Right to rectification (Article 16 GDPR) or erasure (Article 17 GDPR),
  • Restriction of processing (Article 18 GDPR),
  • Right to data portability (Article 20 GDPR),
  • Right to object to processing (Article 21 GDPR).

Right to object: If the processing of your personal data is based on a balance of interests (Art 6 Para 1 lit f GDPR: legitimate interests), you have the right to object to the processing at any time for reasons that arise from your particular situation. If you exercise your right to object, we ask you to explain to us your reasons why we should not process your personal data as we have done. We examine the situation and either stop or adjust the data processing or show you our compelling reasons worthy of protection and continue the data processing. We continue data processing even if it serves to assert, exercise or defend legal claims.

You can object to data processing for the purposes of direct advertising and data analysis at any time. In this case, we will stop processing the data.

Right of withdrawal: If you have given us your consent to the processing of your personal data, you can also withdraw your consent at any time. Your revocation does not affect the legality of the data processing that has taken place up to the revocation.

In order to exercise the above rights, you must inform us personally or in writing:

SYSSY Online GmbH, Am Grünen Hang 24, 4040 Linz
office@syssy.net

 

Please note that we can only provide you with information if you can identify yourself.

2.2. If you believe that the data processing violates applicable data protection law or that we violate your data protection rights, you also have the right to lodge a complaint with the supervisory authority in the member state of your habitual residence, your place of work or the place of the alleged violation.

If you want to lodge your complaint with the supervisory authority in Austria, please address it to:

Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Wien

 

3. Information about the processing of your personal data

3.1. Website visit

  • Purpose: If our website is only used for informational purposes (no registration and no transmission of other information), personal data is collected, which is transmitted from your browser to our server. This is technically necessary in order to be able to display our website to you and to ensure the stability and security of the website.
  • Legal basis: legitimate interest (Art 6 Para 1 lit f GDPR), § 165 Para 3 TKG 2021
  • The following data is processed: IP address, date and time of the request, time zone difference to GMT, content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, requesting website, browser, operating system and interface, language and version of the browser software
  • Storage period: As long as you use our website.
  • Recipients/recipient categories: processors within the meaning of Art 4 Z8 GDPR

3.2. Electronic contact requests via the web application

  • Purpose: Processing of contact requests via e-mail or the web application
  • Legal basis: Fulfillment of a contract, necessary to carry out pre-contractual measures (Art 6 Para 1 lit b GDPR), legitimate interest (Art 6 Para 1 lit f GDPR), § 165 Para 3 TKG 2021
  • The following data is processed: master data, content data of the request
  • Duration of storage: Until the request is answered. If there are statutory retention requirements, processing will be restricted until then.
  • Recipients/recipient categories: processors within the meaning of Art 4 Z8 GDPR

3.3. Cookies/Web Analysis Service

  • Purpose: Improvement of the range of services, website and direct advertising
  • Legal basis: Consent (Article 6 Paragraph 1 lit a GDPR), performance of a contract, required to carry out pre-contractual measures (Article 6 Paragraph 1 lit b GDPR), legitimate interest, in particular to improve our own services for the benefit of users (Article 6 Paragraph 1 lit f GDPR), Section 165 (3) TKG 2021
  • The following data is processed: IP address
  • Duration of storage: see list of cookies
  • Recipients/recipient categories: company of the analysis service, service company

Type of cookie

Name/Description

Shortname

Storage Duration

Provider of Cookies

Technical cookies

Required to display PHP applications on the website

PHPSESSIONID

During the website visit

Syssy

Functional cookies

Visitor recognition to coordinate session histories

rxVisitor

During the website visit

Dynatrace

Functional cookies

Cache of context-related information (e.g. registered user) so that no new registration is required when the page is updated

dtSa

During the website visit

Dynatrace

Functional cookies

Timestamp for automatic logout when timed out

rxvt

During the website visit

Dynatrace

Functional cookies

Required to identify the correct endpoints for beacon transmission; contains the session ID for the correlation.

dtPC

During the website visit

Dynatrace

Functional cookies

Measures server latency for performance monitoring.

dtLatC

During the website visit

Dynatrace

 

Technical cookies are strictly necessary for the operation and proper functioning of the website. Function cookies increase, for example, the speed of the loading process or the automatic language settings when visiting the website. The functional cookies used on this website are necessary for the services requested by the user. Analysis cookies provide us with information about the use of our website. Advertising and marketing cookies help us to connect to social media networks, such as YouTube, or to place advertisements.

3.4. Customer management, accounting, logistics and bookkeeping

  • Purpose: Processing of personal data in the context of any business relationship with customers and delivery companies in the context of exercising a trade, including systematic recording of all business transactions relating to income and expenses.
  • Legal basis: Consent (Art 6 Para 1 lit a GDPR), performance of a contract, necessary to carry out pre-contractual measures (Art 6 Para 1 lit b GDPR), fulfillment of a legal obligation (Art 6 Para 1 lit c GDPR), legitimate interest, esp Defense, exercise and assertion of legal claims (Art 6 Para 1 lit f GDPR), express consent (Art 9 Para 2 lit a GDPR).
  • Duration of storage: Until the end of the business relationship or until the end of the guarantee, warranty, statute of limitations and legal retention periods (esp. BAO) applicable to the person placing the order; in addition, until the end of any legal disputes in which the data is required as evidence.
  • Recipients/recipient categories: Tax office, courts and authorities, delivery companies, collection companies for debt collection, banks dealing with the payment to the person concerned or to third parties, people who belong to the legal, tax and payroll accounting professional groups.

The provision of your personal data is necessary to fulfill the contract or to carry out pre-contractual measures. Without this data we cannot conclude a contract with you.

3.4.1 User Account Management

A user account must be created to use the SYSSY web application. To do this, users must register with an email address and password and then receive a profile account.

  • Purpose: Management of the created user profile. The SYSSY online tool is a website application in which various functions for organizing, managing and monitoring websites can be used.
  • Legal basis: Consent (Article 6 (1) (a) GDPR), performance of a contract, necessary to carry out pre-contractual measures (Article 6 (1) (b) GDPR), legitimate interest, in particular defense, exercise and assertion of legal claims (Article 6 (1) f GDPR)
  • The following data is processed: master data of the customer, data of the owners of the managed websites
  • Duration of storage: The data may be stored for up to seven years after the last contact with the client, unless there are longer contractual or statutory retention periods.
  • Recipients/recipient categories: processors within the meaning of Art 4 Z8 GDPR

3.5. Customer care and marketing for own purposes

  • Purpose: Processing of own or purchased customer and prospective customer data for the initiation of business regarding the own delivery or service offer as well as for the implementation of advertising measures; Customer Relationship Management.
  • Legal basis: Consent (Art 6 Para 1 lit a GDPR), performance of a contract, necessary to carry out pre-contractual measures (Art 6 Para 1 lit b GDPR), fulfillment of a legal obligation (Art 6 Para 1 lit c GDPR), legitimate interest, esp Defense, exercise and assertion of legal claims (Art 6 Para 1 lit f GDPR)
  • The following data is processed: master data
  • Duration of storage: The data may be stored for up to three years after the last contact with the contracting person, unless longer contractual or statutory retention periods exist.
  • Recipients/recipient categories: service company, analysis service company
3.5.1  Newsletter

To send our email newsletters, we use the service company CleverReach, the //CRASH Building, Schafjückenweg 2, 26180 Rastede, Germany.

  • Purpose: Sending information via e-mail about your own products and services, information about the products purchased
  • Legal basis: Consent (Art 6 Para 1 lit a GDPR), § 174 TKG 2021
  • The following data is processed for sending the newsletter via our website: master data, evaluations of click and opening behavior
  • Duration of storage: The data may be stored for up to three years after the last contact with the contracting person, unless longer contractual or statutory retention periods exist.

Recipients/recipient categories: CleverReach

 

4. Information about data transfers to third countries or to international organizations

The data processed by us will not be transmitted to recipients in third countries or international organizations.

 

5. Change management

The currently valid version of this data protection declaration is available on our website. If you have any questions about an earlier version, please get in touch with the contact person named in point 1. Responsible (iSd Art 4 Z7 DSGVO).

 

This project is funded by aws, with funds from the National Foundation for Research, Technology and Development.