femSense privacy policy (DSGVO)

Foreword

As a service provider and manufacturer in the field of electronics and medical device technology, SteadySense GmbH (hereinafter referred to as "SteadySense") takes the protection of your personal data very seriously. We only collect and process personal data to the extent described here and in accordance with the principles of the GDPR. The following notice describes how we guarantee this protection, which data is collected for which purpose and how it is processed.

1. person responsible and contact details

If you have any questions about the processing of your personal data, please contact us:

SteadySense GmbH
Carinthian street 518
8054 Seiersberg-Pirka
Austria
Tel: +43 316 232004

You can reach us by e-mail at the following address

gdpr@steadysense.at
www.steadysense.at

2. personal data

SteadySense processes personal data that is collected or transmitted by business partners (including customers, suppliers and other persons who are in a business relationship with SteadySense or who initiate such a relationship) as part of a business relationship. Depending on the contract, the following categories of personal data are subject to processing:

  • Inventory data (e.g. names, addresses).
  • Contact details (e.g. e-mail, telephone numbers).
  • Content data (e.g. text entries, photographs, videos).
  • Usage data (e.g. websites visited, interest in content, access times).
  • Meta/communication data (e.g. device information, IP addresses).
  • Health data and body measurement data (e.g. cycle length, weight, ...)
3. purpose and legality

SteadySense processes personal data for the provision of services relating to medical device technology. The following legal bases come into consideration:

3.1 Fulfilment of contractual obligations and pre-contractual measures pursuant to Art 6 para 1 lit b GDPR

The processing of personal data is necessary in order to provide our contractual or pre-contractual services to our business partners. If you do not wish to provide us with the data, the conclusion of the contract or the fulfilment of the contract or pre-contractual service may be impossible under certain circumstances. An existing contract can no longer be executed under these circumstances and may have to be cancelled. Please refer to the individual contracts for the scope and specific purpose of data processing. If you have registered as a test person, this is done exclusively to contact you for future tests. In this case, your data will be deleted after 24 months.

3.2 Safeguarding legitimate interests in accordance with Art 6 para 1 lit f GDPR

SteadySense processes your data in the ordinary course of business of the company (e.g. accounting, controlling) on the basis of the legitimate interest in proper and efficient business management as well as for process and business optimisation.)

3.3 Consent pursuant to Art 6 para 1 lit a GDPR

If the processing of personal data goes beyond contractual or legal obligations as well as a legitimate interest, SteadySense obtains the consent of the business partners, for example for sending our newsletter. If consent is given, the data will be processed exclusively for the stated purpose. Any consent given can be revoked at any time. The revocation can be given both in writing and verbally: e.g. to gdpr@steadysense.at.

3.4 Further justification in the context of legal obligation

Fulfilment of legal obligations according to Art 6 para 1 lit v GDPR

Legal obligations may require the processing of personal data. At SteadySense, these obligations result from the Austrian Distance and Off-Premises Transactions Act (FAGG), the Austrian Commercial Code (UGB) and/or the Austrian Federal Fiscal Code (BAO), among others.

4th receiver

The recipients of the personal data are SteadySense employees (e.g. IT support, support, marketing, logistics, accounting) who process it in accordance with the purpose of use and the legal basis.

Depending on the purpose of the processing, SteadySense passes on data to processors commissioned by it (in particular newsletter service providers, service providers for online payment processing and logistics partners), insofar as we need this to fulfil the respective task. SteadySense pays attention to compliance with data protection regulations when selecting its processors. Agreements have been made with the processors to ensure that personal data is processed confidentially and carefully. The data collected is not sold or passed on to uninvolved third parties without justification. Depending on the contract concluded, it may be necessary to forward the data to third parties.

5. storage period

We will only store your data for as long as is necessary for processing on the basis of the respective purpose and the respective legal basis and as permitted by the applicable law. Your personal data that you provide to us when contacting us will be stored for as long as is necessary to respond to the respective enquiry. SteadySense is subject to the following statutory retention obligations, among others:

  • Austrian Commercial Code (UGB)
  • Federal Fiscal Code (BAO)
  • General Civil Code (ABGB)
6. rights of data subjects

You are entitled to the following rights:

  • Information in accordance with Art 15 GDPR
  • Rectification pursuant to Art 16 GDPR
  • Erasure in accordance with Art 17 GDPR
  • Restriction pursuant to Art 18 GDPR
  • Data portability pursuant to Art. 20 GDPR and
  • Objection pursuant to Art 21 GDPR

If your personal data is processed on the basis of your consent, you have the right to withdraw this consent at any time with immediate effect. The lawfulness of the processing of your personal data until the revocation is not affected by the revocation.

You also have the right to lodge a complaint with the supervisory authority:

Austrian Data Protection Authority
Wickenburggasse 8-10
1080 Vienna
Austria
dsb@dsb.gv.at

7. website - personal data

When you visit our website, we potentially process the following personal data:

  • Date and time the website was accessed
  • Your IP address
  • Name and version of your web browser
  • the website (URL) you visited before accessing our website
  • certain cookies
8. online shop/in app shop - personal data

To enable us to process and fulfil your order in our online shop/app shop, we collect your complete and correct name, address and payment details as well as your email address as part of the order process. We need your e-mail address to be able to confirm receipt of your order.

Use of cookies
9. google analytics

Our website uses functions of the web analysis service Google Analytics from the company "Google":

Google Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043
United States

Google Analytics collects the number of users and user behaviour on our website. Cookies are used for this purpose; they enable us to analyse the use of the website by our users. The information generated in this way is transferred to the provider's servers in the USA and stored there. We have concluded a corresponding contract with the provider for order data processing. If you do not want your usage behaviour on our website to be recorded, you can prevent this by setting up your browser so that no cookies are stored. You can prevent the installation and storage of cookies by setting your browser software accordingly by downloading and installing the free Browser plugin download and install.

We also use the Google Firebase service to analyse any app crashes.

10. mailchimp

To send our newsletter, we use the "Mailchimp" service provided by

The Rocket Science Group
LLC, 512 Means Street Suite 404
Atlanta, GA 30318
United States

The Rocket Science Group guarantees that it is certified in accordance with the EU-US Privacy Shield, which can be viewed at: privacy-shield

that the data protection requirements of the EU are also complied with when processing data in the USA. Further data protection information of "The Rocket Science Group" can be found at: Mailchimp

If you register for our newsletter, your registration data, namely your e-mail address and IP address, will be processed and stored by "The Rocket Science Group". In addition, "The RocketScience Group" uses so-called "web beacons" to analyse whether and when you have read our newsletter and whether you have followed any further links. You can revoke your consent to receive the newsletter at any time.

11 Facebook

As part of our social media marketing and advertising campaign strategy, SteadySense utilises the following Facebook events:

App installation
App launch
Registration
Selection of the fertility or cycle tracker function
Patch order

The femSense app and the website use analysis tools to optimise the performance of the service and to increase the benefits for the user.

12 Apple Health iOS

You can choose whether and to what extent your personal data is shared between the femSense app and Apple Health. Authorisation can be granted or revoked at any time in the Apple Health settings. With your permission, femSense can interact with the Health app on your iOS device. This may involve transferring your personal data to Apple servers outside the European Union.

SteadySense may not use data collected in connection with health, fitness and medical research for advertising purposes or share it with third parties. This includes the API for clinical health records, the HealthKit API, motion and fitness, movement disorder APIs or health-related research on human subjects - for marketing or other usage-based data mining purposes, except to improve health management or for the purpose of health research and then only with permission.

SteadySense does not use information for advertising obtained through the use of the HealthKit framework or similar services.

SteadySense may not share any information obtained through HealthKit with third parties without the express permission of the user. Even with permission, SteadySense can only share information with third parties if they also provide a health or fitness service to the user.

SteadySense may not sell information obtained via HealthKit to advertising platforms, data brokers or information traders.

If the user agrees, SteadySense may share their HealthKit data with third parties for medical research, but must clearly communicate to the user how the app will use their HealthKit data.

SteadySense values your privacy and does not sell personal data to third parties.

13 Sensitive data

Sensitive data (e.g. cycle data) that can be entered into the femSense app and assigned to a user is stored for internal analysis purposes and to monitor the functionality of the femSense app. This confidential data is not passed on to third parties.

14. usage data

Usage data is generated in the femSense app in the event of a customer enquiry and is only stored for internal analysis purposes and to monitor the functionality of the femSense app. This usage data is not passed on to third parties.

15. system diagnostics

In the event of a crash of the femSense app, crash reports are transmitted anonymously for internal analysis purposes and to monitor the performance of the femSense app and are not passed on to third parties.

16. deletion of the femSense account

If you wish to delete your femSense account, please use the "Contact Support" function in the femSense app menu and notify us that you wish to delete your account. Your account will be deleted by us within 2 working days.

17. confidentiality

All SteadySense employees are bound to secrecy with regard to information entrusted or disclosed to them in the course of their work.

18. data security

Data security is very important to us. SteadySense has taken all necessary technical and organisational measures to ensure the security of data processing and to process personal data in such a way that it is protected against access by unauthorised third parties. SteadySense's IT infrastructure complies with current security requirements and is regularly reviewed.

The femSense system uses various cryptographic procedures for security reasons and to protect the transmission of confidential content, such as temperature data and cycle data.

The HTTP connection between the APP and the backend server is encrypted using the TLS method. The server is located in Europe and is hosted by SteadySense.

SteadySense does not store any payment-related data and only archives health data and body measurement data in anonymised form.

SUPPORT

Mon-Thu: 08:00 - 15:00
Fri: 08:00 - 12:00 CET
support@femsense.com

Lets get in touch

and subscribe to our Newsletter

SOCIAL NETWORKS

10% DISCOUNT
ONLY FOR A SHORT TIME

Become part of the femSense family and:

  • Enjoy exclusive offers
  • Exciting insights from our experts
  • Learn about your cycle and fertility