of VE Vision Education GmbH
This document covers the procedures for the collection, storage, usage and disclosure of data. This policy governs how personal and non-personal data collected from our contractual partners (“users”) is handled during the provision of our services.
Third-party licence holders, such as employers, advocacy groups, trainers or similar third parties can acquire licenses as part of their own licence agreement in their own name at their own cost in order to receive access codes which can be used by users to unlock app functions and other products/services of the operator. A separate claim or obligation shall not accrue to the user from the relationship between third-party licence holder and operator.
- RECORDING AND USE OF INFORMATION
- If the user registers a user account, the operator will enter the following personal data and information for the purposes of identifying the user:
- User name, e-mail address, date of birth, sex, languages spoken, other personal information entered by Customer Services, the settings made and, where applicable, a profile image. Transaction data (when making purchases) and interactive user data (e.g. lesson progress) are also recorded. The operator processes this personal data and information for the following general purposes:
- To provide the offered services;
- To respond to questions and comments;
- To contact the user;
- For marketing and market research purposes provided that the user has separately agreed to the processing of his data for such purposes.
- For statistical purposes
- For optimal targeted support from parents, teachers, companies and trainers
- And as described on the data input screen where applicable.
- The operator receives and saves information about the end device and browser used, including IP address, cookie data, software and hardware properties and the pages and services called up by the user (“digital communication metadata”). The operator will use this information to customise content, improve his service, carry out research and create anonymised reports for internal purposes and for external customers, e.g. marketing clients. If the user consented to the processing of his data as per an extended consent in 2.4, the digital communication metadata will also be used to customise marketing methods.
- Due the conclusion of the contract the operator is entitled to transfer, store or process the personal data submitted by the user within the framework of the contract fulfillment, in fact by the operator himself or his employees and vicarious agents in the meaning of Art 1313a ABGB (Austrian Civil Code). The user must give his separate consent (“extended consent”) to the processing and use of personal data (e.g. For marketing purposes) beyond the above.
- RIGHTS OF USERS
- Agreements submitted to the operator as part of extended consent (2.4) concerning the recording, processing and use of personal data can be revoked by the user in full or in part. The same also applies to any later consent which goes beyond the above given for the recording or processing of the user’s personal data.
- In addition, the user can also ask for incorrect data to be corrected and data to be blocked or deleted if this data is not needed for performance of the contract between operator and user, if the operator has no overriding interests [in doing so], or when the operator is not prevented from saving data on account of a legal obligation. To do so, write to the operator enclosing a copy of one’s personal ID card or a legally acceptable photo ID.
VE Vision Education GmbH
Reisnerstraße 50/13A-1030 Vienna
- SAVING PERSONAL DATA
The operator only stores personal data on secure servers operated in safe facilities within the European Union which are equipped with the latest protection by firewalls. The data we collect may be transferred to and processed by employees who work for us or for one of our suppliers.
- GOOGLE ANALYTICS
- Given that the operator has opted for “IP anonymization”, the IP address will be shortened by Google within the member states of the European Union and in other states who have signed up to the agreement in the EEA.
- On behalf of the operator, Google will use the transmitted information to evaluate your use of our website to generate reports on website activities and to render other operator services relating to the use of the website and the Internet. The IP address sent as part of Google Analytics is not included with other Google data.
- The user can reject the recording of data when creating user profiles by preventing the recording and transfer of Website-related data to Google generated by the cookie and also prevent this data from being processed by Google. In order to do so, download and install the following browser add-on to deactivate Google Analytics:
The operator uses the Firebase SDK to better understand and optimise user behaviour in the apps. Firebase also uses other functions to improve usability and to analyse the reasons for app crashes.
The operator uses amplitude to better understand and optimise user behaviour on our website and in the web app. No personal data is processed. For further information, refer to amplitude’s data protection policy: https://amplitude.com/privacy
- The operator uses HockeyApp services in its mobile apps. The transfer and analysis of crash reports is used by HockeyApp during the development of the operator’s apps. A UUID is created to record user data and this is saved by HockeyApp. This UUID is not associated with any personal data, since such data is generally not saved.
- The following technical data is collected as a part of crash reports: Timestamp, country, operating system, app version, device type. No personal data is sent to HockeyApp. HockeyApp is a service from Microsoft. For legal information, see: https://azure.microsoft.com/de-de/support/legal/ The data protection policy can be viewed here: https://www.microsoft.com/de-de/privacystatement/OnlineServices/Default.aspx
- In the apps, the operator uses the Software Development Kit (SDK) from Facebook. The Facebook SDK is released and managed by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. This SDK allows the operator to understand which advertising campaign has prompted Facebook users to download the apps.
- For this purpose, the operator sends to Facebook the app ID, the app version, and the information that the app has started.. Individual user activities (events) can be analysed within the app in order to more precisely define the target group for advertising campaigns. The operator does not send any other information to Facebook. The operator only receives an aggregated evaluation of app user behaviour from Facebook. The operator has no influence on how the information from the app events is processed by Facebook. More information about the Facebook SDK is available here:
- SOCIAL BOOKMARKS
- On the website the operator uses social bookmarks (Facebook, Google). This allows the user to share articles from the site on his own social media profile.
- To share the content, the user needs to have an existing Facebook or Google profile. The operator has integrated the social media bookmarks on the websites as a link to the services only. When the user clicks the graphic he is sent to the site of the provider where he can enter his information. The purpose and scope of data collection and further processing and use of data by providers and related rights and configuration options for protecting the user’s personal data can be found in the providers’ privacy policies.
Facebook privacy information: https://www.facebook.com/policy
Google privacy information: http://www.google.de/policies/privacy
- DISCLOSING PERSONAL DATA
- The operator will not send personal data to third parties except in cases where the user has given his extended consent (2.4) and under the following circumstances:
- To meet legal requirements on the submission of data, to fulfil a court order or legal process, to justify or assert legal rights or as a defence against legal claims;
- If the operator believes the forwarding of data is required in order to examine or prevent illegal activities, suspected fraud, situations with a potential threat to the physical safety of persons or infringements of the operator’s terms and conditions of use, or to take measures against users, or in such cases where required by law.
- If the user makes use of an operator’s service that is chargeable to third-parties (such as employers, educational institutes, advocacy groups, trainers or other similar third parties) as a beneficiary (such as student, pupil or employee), we shall transmit upon third-party’s request the following personal data so they can track the use of the charged service:
- User-name and name / surname
- Number of points / learning progress
- Telephone Number
- Game outcome
Caution: All personal data published online can be recorded and used by other people. If users disclose personal data online and this data is then publicly accessible, the user may receive spam from third parties which are not in any relationship with the operator.
- ADVERTISING BY THIRD PARTIES
Based on 2.4, the operator shows adverts which are based directly on personal data. Marketing firms assume under certain circumstances that people who interact with targeted advertising, who view such adverts or who meet certain target group criteria.
- CONFIDENTIALITY AND SECURITY
- The operator limits access to personal data to employees of his own company, employees working for affiliated companies, and to external service providers who need to view such data based on the reasonable consideration of the operator in order to deliver products or service or to perform their work. The operator has physical, digital and process- technical safety devices which meet the privacy requirements. All that said, it is not possible to provide 100% protection of data sent online. The operator thus cannot assure or guarantee the safety of data sent by the user to the operator. In particular, access to the service and the use of the same is at his own risk alone. It is also part of the user’s responsibility to restrict access to the end device and to ensure that the same is free of any kind of malware which could track data such as email addresses and payment data entered in the service.
The payment of paid services is handled by the operator through secure payment providers in order to ensure the security of the payments according to the general industry standard.
- WEBSITES OF THIRD PARTIES
- CONTACTING THE OPERATOR
- Email email@example.com to receive a copy of personal data sent by the website. Use the same email to request the operator update, change or remove your personal data.
Last updated: November 17, 2017