Preface

As a service provider in the field of electronics and medical device technology, SteadySense GmbH (hereafter also abbreviated to ‘SteadySense’) takes the protection of your personal data very seriously. We collect and process personal data only to the extent described here and in accordance with the regulations of the GDPR. The following notice describes how we provide this protection, what data is collected for what purpose and how it is processed.

Responsible person and contact details

If you have any questions regarding the processing of your personal data, please contact us:

SteadySense GmbH
Kärntner Strasse 518
8054 Seiersberg-Pirka
Austria
Tel: +43660 8850100

gdpr@steadysense.at
www.steadysense.at

Personal Data

SteadySense processes personal data that is collected or transmitted by business partners in the context of a business relationship. The following categories of personal data are - depending on the service - the subject-matter of the processing:

  • Inventory data (for example, names, addresses).
  • Contact details (e.g. e-mail, telephone numbers).
  • Content data (e.g. text input, photographs, videos).
  • Usage data (e.g. websites visited, interest in content, access times).
  • Meta/communication data (e.g. device information, IP addresses).
  • Health details (e.g. Cycle length, weight,…)

Purpose and Legality

SteadySense processes personal data to provide services related to medical device technology. The following legal principles can be taken into consideration:

Fulfilment of contractual obligations and pre-contractual measures pursuant to Article 6 paragraph 1 (b) of the GDPR

In order to provide our contractual or pre-contractual services to our business partners, the processing of personal data is necessary. If you do not wish to provide us with this data, it may be impossible to conclude the contract or execute the order or pre-contractual services. An existing contract can no longer be executed under these circumstances and may have to be terminated. Please refer to the individual contracts for the scope and specific purpose of data processing. If you have registered as a test person, this is only so you can be contacted for future tests. Your data will be deleted after 24 months.

Protection of legitimate interests pursuant to Article 6, paragraph 1 (f) DSGVO

There is a legitimate interest in data processing by us or by third parties in the following cases:

  • Newsletter distribution
  • Processing an order

Consent according to Article 6, para 1 (a) GDPR

If the processing of personal data goes beyond contractual or legal obligations and a legitimate interest, SteadySense will seek the consent of business partners, for example for the distribution of our newsletter. In the event of consent, the data will be processed exclusively for the stated purpose. Consent given can be revoked at any time. The revocation can be given both in writing and orally: gdpr@steadysense.at.

Recipients

The recipients of the personal data are employees of SteadySense, who process them according to the purpose of use and the legal framework. Depending on the purpose of the processing, SteadySense will pass on data to contract processors (especially newsletter service providers, online payment processing service provider and logistics partners), if we need to do so in order to fulfil the relevant task. SteadySense is committed to compliance with data protection regulations when selecting its contract processors and has entered into agreements with the contract processors to ensure that personal data is processed confidentially and carefully. The collected data will not be sold or passed on to uninvolved third parties. Depending on the contract, the data may have to be forwarded to third parties.

Storage Time

We will only keep your data for as long as is necessary for the fulfilment of the contractual, pre-contractual or legal obligations and is permissible under the applicable law. Personal data, which you provide when contacting us, will be stored after responding to your question until further notice. Among other things, SteadySense is subject to the following legal storage obligations:

  • Business Code (UGB Austria)
  • Federal Fiscal Code (BAO Austria)
  • General Civil Code (ABGB Austria)

Affected Rights

You have a right to information about processed personal data, its amendment, deletion and restrictions on processing by SteadySense, unless legal or contractual provisions conflict with these rights. In addition, you have the right of appeal to the supervisory authority:

Austrian Data Protection Authority
Wickenburggasse 8-10
1080 Vienna
Austria
dsb@dsb.gv.at

Website - Personal data

In the course of your visit to our website, we will potentially process the following personal data:

  • Date and time the website was accessed
  • Your IP address
  • Name and version of your Web browser
  • The website (URL) that you visited before you visited our website
  • Certain cookies (see next point)

Online-Shop/In-App-Shop - Personal data

To enable us to process and complete your order in our Online-Shop/In-App-Shop, we require your complete and correct name, address, and payment details as well as your e-mail address. We need your e-mail address in order to confirm the receipt of your order.

Use of cookies

Our website uses so-called cookies. These are small text files that are stored on your mobile device by the browser. They’re not doing any damage. We use cookies to make our website user-friendly. Some cookies remain stored on your device until you delete them. They enable us to recognize your browser the next time you visit us. If you do not wish this, you can set your browser so that it informs you about the setting of cookies and you only allow this in individual cases. When cookies are deactivated, the functionality of our website may be limited.

Google Analytics

Our website uses features of the web analysis service Google Analytics from the ’ Google ’ company:

Google Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043
United States

Google Analytics collects the number of users and the usage behaviour on our website. Cookies are used for this, they enable the analysis of the use of the website by our users. The information generated in this way is transferred to the provider’s servers in the USA and stored there. We have entered into a corresponding contract with the provider for the purposes of assignment-related data processing. If you do not want your usage behaviour to be recorded on our website, you can prevent this by setting your browser so that no cookies are stored. You can prevent the installation and storage of cookies by setting your browser software accordingly and by downloading and installing the browser plugin which is available free of charge.

We also use the Google Firebase Service to analyze any app crashes.

Mailchimp

Newsletter distribution is managed by ‘Mailchimp’

The Rocket Science Group
LLC, 512 Means Street Suite 404
Atlanta, GA 30318
United States

‘The Rocket Science Group’ guarantees, by certification in accordance with the ‘EU- US Privacy Shield’, available at privacy-shield, that the data protection regulations of the EU are also observed when processing data in the USA. Further data protection information from ‘The Rocket Science Group’ can be found at: Mailchimp

When you register for our newsletter, your registration data, namely your e-mail address and IP address, are processed and stored by ‘The Rocket Science Group’. In addition, ‘The Rocket Science Group’ uses so-called ‘Web Beacons’ to evaluate whether and when you have read our newsletter and whether you have followed any further links.

Facebook

As part of our social media marketing and advertising campaign SteadySense will use and create Facebook Events. These include:

App installation
App launch
Registration
Method of use Kinderwunsch or Cycletracker
Patch ordered

The femSense app and website use tracking tools to track the performance of our services, this ist necessary to better understand how you use our products, and to see what improvements we need to make to offer a better service.

Apple Health iOS

You can choose whether and to what extent your personal data is shared between the femSense app and Apple Health. Permission can be granted or revoked in the Apple Health settings at any time. With your permission femSense may interact with the Health app on your iOS device. This may include a transfer of your personal data to Apple servers located outside the European Union

SteadySense may not use or disclose to third parties data gathered in the health, fitness, and medical research context—including from the Clinical Health Records API, HealthKit API, Motion and Fitness, MovementDisorderAPIs, or health-related human subject research—for advertising, marketing, or other use-based data mining purposes other than improving health management, or for the purpose of health research, and then only with permission.

SteadySense may not use information gained through the use of the HealthKit framework for advertising or similar services.

SteadySense may not disclose any information gained through HealthKit to a third party without express permission from the user. Even with permission, SteadySense can only share information to a third party if they are also providing a health or fitness service to the user.

SteadySense may not sell information gained through HealthKit to advertising platforms, data brokers, or information resellers.

If the user consents, SteadySense may share his or her HealthKit data with a third party for medical research but must clearly disclose to the user how the app will use their HealthKit data.

SteadySense values your privacy and does not sell personal data to third parties.

Legal basis and purpose of data processing

We process the personal data collected on this website on the legal basis of our legitimate interest pursuant to Article 6, paragraph 1 (f) of the, GDPR, which is to achieve the following objectives: To provide, develop and improve this website, compile usage statistics, detect, prevent and investigate attacks on this website.

Storage Period

We store your personal data for a period of 24 months. A longer storage would only be necessary, in order to investigate attacks on our website.

Confidentiality

All SteadySense employees are required to maintain secrecy about any information disclosed by you in the context of their employment or business.

Data Security

Data security is very important to us. SteadySense has taken all necessary technical and organizational measures to ensure the security of data processing and to protect personal data from access by unauthorized third parties. SteadySense’s IT infrastructure complies with current security requirements and is checked regularly.

The femSense system uses a variety of cryptographic methods for security purposes and to protect the transmission of confidential content, such as temperature data and cycle data.

The HTTP connection between the app and the backend server is encrypted using the TLS method. The server is located in Europe and is hosted by SteadySense.

SteadySense does not store any payment-related data and archives health data and body measurement data only anonymously.