Datenschutzerklärung

Scope and Contact

The following privacy policy applies to signteq GmbH as the operator of the site (hereinafter "signteq", "we", "us").

Responsible for the collection, processing and use of your personal data within the meaning of the GDPR is signteq GmbH, Gumpendorfer Straße 36/46, 1060 Vienna.

If you have questions about data protection, please contact [email protected] or write to us at our company headquarters: Gumpendorfer Straße 36/46, 1060 Vienna.

1. Handling of Data Protection

We attach great importance to data protection, as the protection of your personal data is a particular concern to us. We therefore process your data exclusively on the basis of legal provisions, in particular the General Data Protection Regulation ("GDPR"), the Austrian Data Protection Act ("DSG") and the Telecommunications Act ("TKG").

We see our data protection awareness as a feature that also distinguishes us within our industry. When selecting service providers and cooperation partners, we always pay attention to their data protection compliance. Furthermore, we process data that we collect directly from our users largely in Austria or Germany, and in any case exclusively within the European Union. The data protection of our users is our highest priority, which is why we never sell your data to third parties.

Before we inform you in detail about our data processing, you will find below some basic terms of data protection and our general approach to these topics:

Personal data means data by which a natural person can be identified. Therefore, all data that allows conclusions about you as a person are personal data (in addition to your name, for example, your email or your billing address).

Personal data also includes pseudonymized data, where conclusions are only possible by using additional data sets (such as your IP address or your community name in our forum).

Purpose limitation is the central basic principle of data protection. This means that your data may only be processed for a specific purpose. Furthermore, they may only be processed for as long as this purpose exists. Thus, data processing is only possible to a limited extent both in terms of its basis and its duration.

Data protection law is based on a prohibition principle: The processing of personal data is fundamentally prohibited. Processing is only lawful if a permission requirement applies. Several legal bases can be considered for this: The legal bases that are most commonly used in practice are contract fulfillment, consent and legitimate interest.

Contract fulfillment: If the processing of your data is a prerequisite for the fulfillment of a concluded contract, we must be able to process this data. This is the case, for example, with our subscription contracts and our contracts for forum use.

Legitimate interest: Data protection law weighs different interests. It can happen that sometimes our legitimate interests outweigh your interest in protecting your data. The most common legitimate interests in practice are: data security, abuse prevention, data transmission within the corporate group for internal administrative purposes, freedom of opinion and information, enforcement of legal claims and generally also advertising measures.

Consent: If there is no other legal basis for data processing, but we would still like to process your data, we ask for your consent beforehand. This is particularly the case with our sales activities (newsletters, telephone marketing). Consent is only valid if it is given voluntarily and with full knowledge of the facts. That is why it is a particular concern of ours to inform you comprehensively when collecting data.

2. Processing Activities of Our Customer Data

A. signteq.io Website

Data categories: When you use our website, we typically process your IP address, name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. All this data is transmitted to us by your web browser when you visit our website.

Purposes: In addition to the processing activities mentioned in the cookie policy, we carry out the following data processing on our website. The processing mentioned is based on our legitimate interest in data security as a legal basis.

• Authorization processes
• Logging of system usage
• Evaluation of server logs for problem analysis

Recipients: The data is also processed by our IT service providers in accordance with their commitment to our contract.

Duration of data processing: On our website, we carry out different data processing with different processing durations, about which we inform you in detail in our cookie policy.

B. Contact

When you contact us (e.g. by phone or email), we process your name, your email address/phone number and the content of your message to us in order to process your inquiry and provide you with the desired information.

Data categories: Your name, your company and your contact details.

Purposes: We process your data to fulfill our (pre-)contractual obligations.

C. Registration

When you register with signteq, we process the personal data you provide (email address, name, address, company data, payment information, etc.).

Personal data that you store yourself in your signteq account can be changed and deleted there yourself or you can have the entire account deleted.

Purposes: We carry out the following processing activities. The processing mentioned is based on contract fulfillment as a legal basis.

• Customer management
• Correspondence
• Customer service
• Complaint processing
• Accounting

3. Smart Ident & Identification Services

Usually, you will get to know Smart Ident when registering for a service with one of our customers. We provide identity verification services for a wide variety of companies, especially where strict legal frameworks apply.

3.1. Verification Services

The processing of your data by Smart Ident in connection with identity verification takes place on behalf of a Smart Ident customer, at whose request the verification is carried out ("Partner").

The processing of your data takes place exclusively for the purpose of verifying your identity, your declaration, your data, your age or other information requested by the partner and confirming it to the respective partner.

3.2. Special Case Qualified Electronic Signature (QES)

Our partners use Smart Ident as a local registration authority for qualified signatures to carry out verifications or digital signatures using QES. QES is an alternative to a handwritten signature at the highest security level and is regulated in the eIDAS Regulation (Regulation (EU) No 910/2014).

4. Your Rights

You generally have the following rights:

• Information: You have the right to request information from us about how your data is used, and you can request a copy of your data processed by us.
• Deletion: You have the right to request the deletion of your data, provided that it is not still being processed on the basis of another legal basis.
• Correction: You have the right to request the correction of your data. This also includes the completion of incomplete personal data.
• Data portability: You have the right to receive from us the data that you have provided to us in a structured, common, machine-readable format.
• Withdrawal of your consent: If we process your data on the basis of your consent, you can withdraw this consent at any time.
• Objection to processing: If we process your data on the basis of legitimate interests, you can object to the processing at any time.

Please direct your data protection inquiries to [email protected].

You have the right to complain to the competent supervisory authority. If you believe that the processing of your data violates data protection law or your data protection rights have been violated, the data protection authority is available to you at www.dsb.gv.at.

5. Cookies

The website uses "cookies" (small text files) that are stored on the user's computer, smartphone and/or browser. When the user accesses the corresponding server of our website again, the user's browser sends the previously received cookie back to the server.

Please read our cookie policy for more information.

6. Changes to this Privacy Policy

If we change or supplement this privacy policy, we will publish these changes directly in our services/pages. If the changes are of significant importance to you, particularly with regard to your right to data protection, you will be asked to confirm them.