Privacy Policy

1. Person responsible

The person responsible for data protection is

If you have any questions about the processing of your data or comments on this Privacy Policy, please feel free to contact us as follows:

by email to: [email protected]

2. WHAT DATA WE PROCESS ABOUT YOU AND WHAT WE USE IT FOR

We only process data that is necessary for offering and providing our services or that you have voluntarily provided to us. You are not obliged to provide your personal data. However, if you do not provide us with your data, we may not be able to provide our services or process of your request.

We only process your data for the following purposes:

2.1 DATA PROCESSING OF VISITORS TO OUR WEBSITE

When you use our website heyrise.com (hereinafter “website”), we collect the access data in the so-called web server log files. The following data will be collected from you:

• IP address
• Date and time of visit
• Location
• Device and browser type and version
• Operating system
• Language settings
• Referrer URL
• Your internet service provider
• Name of the website or files accessed as well as the duration of the website visit
• Amount of data transferred
• Notification of successful access

The collection of this data is necessary to maintain the online service and the security of our website. In addition, the data is used for statistical evaluation and to improve our website offering and make it more user-friendly. Furthermore, it is used to find and correct errors more quickly, to monitor server capacities and to log security breaches.

The legal basis for this is our overriding legitimate interest in the purposes just described.

2.2. Hosting and CND - Content Delivery Network

We use the “Cloudflare” service provided by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA. (hereinafter referred to as “Cloudflare”).

Cloudflare offers a content delivery network with DNS that is available worldwide. As a result, the information transfer that occurs between your browser and our website is technically routed via Cloudflare’s network. This enables Cloudflare to analyze data transactions between your browser and our website and to work as a filter between our servers and potentially malicious data traffic from the Internet. In this context, Cloudflare may also use technologies deployed to recognize Internet users, which shall, however, only be used for the herein described purpose.

The use of Cloudflare is based on our legitimate interest in a provision of our website offerings that is as error free and secure as possible (Art. 6 Sect. 1 lit. f GDPR).

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: cloudflare.com/privacypolicy/  .

For more information on Cloudflare’s security precautions and data privacy policies, please follow this link: cloudflare.com/privacypolicy/  .

2.3 USE OF COOKIES

Cookies are not used on our website

2.4 Web Analytics

This website uses the open-source web analysis service Matomo. The information recorded by Matomo about the use of this website will be stored on Matomo Cloud servers within Europe. Prior to archiving, the IP address will first be anonymized. We are not using cookies to re-identify users. Thus data is processed without any personal reference.

Through Matomo, we are able to collect and analyze data on the use of our website by website visitors. This enables us to find out, for instance, when which page views occurred and from which region they came. In addition, we collect various log files (e.g. referrer, browser, and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks).

The legal basis for this is our overriding legitimate interest in the purposes just described.

2.5 LINK TO THIRD PARTY PROVIDERS

Our website may contain links to other websites over which we have no control. We therefore assume no liability for their content or the correctness of the information provided there. The respective provider of the linked website is solely responsible for this. However, when linking to third-party providers, we ensure that we select them carefully and check them at regular intervals.

2.6 DATA PROCESSING OF INTERESTED PARTIES

If you contact us via the contact form on our website, by email, by phone, in person or via our social media channels, we will use your personal data (name, email and your request or the associated documents) for the purpose of processing your request. The data you provide will be used for the purposes of

• Establishing contact,
• Processing and answering inquiries,
• Providing information about our products and services and
• Concluding a contractual relationship.

The processing of your personal data when you contact us is based on your consent, (pre)contractual obligations or on the basis of legitimate interests.

2.7 NEWSLETTER

We send notifications, newsletters, emails and other electronic notifications (hereinafter “newsletters”) only with your consent. Registration for our newsletter is generally carried out using a so-called double opt-in procedure. That means that you will receive an email requesting confirmation of your registration. This confirmation is necessary so that nobody can register with a third-party email address. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements.

On the basis of your consent to receive our newsletter, we will use your voluntarily provided personal data (name, email address, company and position) for the dispatch of newsletters, invitations to our events and other information material about our services by email. You can revoke this consent at any time with effect for the future (eg. by email to [email protected]).

The provision of your data is necessary for receiving our newsletter. If you do not want to provide your data, we cannot send you any newsletters.

2.8 DATA PROCESSING BY CUSTOMERS AND PARTNERS

We only collect such personal data which is necessary for the implementation and processing of our contractually guaranteed service or that you have provided to us voluntarily. In addition, we will process your contact details (i.e. name, telephone number, email address and company) as well as our correspondence (by telephone and email) in order to optimize our contact management (Client Relationship Management, “CRM”). We use HubSpot as our CRM tool. Of course, you can object to us processing your data at any time. Please note, however, that failure to provide or incomplete provision of your personal data, which is necessary for the implementation and processing of our services, may lead to the rejection of the order.

We therefore process your personal data to take pre-contractual measures and/or to fulfil our contractual obligations within the framework of an existing contractual relationship.

We will also use your contact details to send you information about our range of services and invitations to events by email or post. You can object to this processing of your data for direct marketing purposes at any time. The processing of your personal data for the purpose of direct marketing is not necessary for the processing of our contractual relationship. For other forms of direct marketing, we will only process your data if you have given your express consent to the processing of your data.

In addition, we process your personal data if there is another legal basis in accordance with the GDPR; this in compliance with data protection and civil law provisions.

2.9 DATA PROCESSING OF APPLICANTS

We process your personal data collected as part of the application process. This data is either made available by you (for example by sending your application documents [e.g. cover letter and CV] by email) or collected by us (for example by taking notes during the job interview). We only process data related to your application and the advertised position. These include

• General data about you (name, address, contact details),
• Information about your professional qualifications,
• Your school and professional education, as well as
• Other data that you transmit to us, when applicable, in connection with your application.

You are not obliged to provide us with your personal data. If you do not do this, however, we will not be able to carry out the application process with you.

With your application, you give your express consent that the application documents you have submitted will be sent to all departments or persons within our company responsible for personnel decisions and external personnel consultants. We only transmit data that is necessary for the selection of personnel and subsequently for recruitment and fulfilment of our obligations associated with this.

If there is an employment relationship between you and us, we will process the data already received from you for the purposes of the employment relationship.

The legal basis for the processing of your personal data is our overriding legitimate interest in being able to carry out an efficient application process and on the basis of the need to take pre-contractual measures.

3. DURATION OF STORAGE

We only store your personal data for as long as we need it to fulfil the above-mentioned purposes and our contractual or legal obligations. If we no longer need your personal data, we will delete it or make it anonymous so that you can no longer be identified.

Personal data from the application process will be stored for six months from the time an unsuccessful application process is completed. It is possible to store the data for up to eighteen months, provided you consent to the longer retention period.

4. PROTECTING YOUR DATA

We do our best to ensure the protection of your personal data. We therefore comply with the provisions of the GDPR in order to ensure the confidentiality and security of your personal data and take appropriate technical and organizational security measures.

5. TRANSFER OF YOUR PERSONAL DATA

We will not pass on your personal data to third parties unless it is necessary to fulfill our obligations or if it is legally or officially mandatory.

However, your data might be processed by our contract processors. These processors are, in particular, providers of marketing tools, IT service providers, providers of other tools and software solutions, IT maintenance services and other providers of similar services. All of our contract processors process your data only on our behalf and on the basis of our instructions for the purposes set out above.

Some of the recipients of your data may be located outside the EU (in so-called third countries) or process your data there. However, we only transfer your data to recipients in countries for which the EU Commission has decided by means of an adequacy decision that they have an adequate level of data protection or that have otherwise committed to complying with an adequate level of data protection (in particular by concluding standard data protection clauses).

6. YOUR RIGHTS

The GDPR grants you numerous rights: You have the right to information about the personal data we process about you. You also have the right to have incorrect data corrected and your data deleted. Furthermore, you have a right to limit the processing of your data and a right to receive the information you provide in a structured, consistent and machine-readable format.

You can also revoke your consent to the processing of personal data with effect for the future at any time if the processing is based on your consent. Please send your objection by email or post to the contact addresses listed below.

You can also lodge a complaint with the Austrian Data Protection Authority at any time.

7. CONTACTING US

If you have any questions regarding the processing of your personal data, you can exercise your rights with us as follows:

BY LETTER TO: HEYRISE Group GmbH, Bahnhofplatz 1, A-4600 Wels
BY EMAIL TO: [email protected]

Version: August 2022