distantHere Privacy Policy
1. About this Privacy Policy
distantHere GmbH (”distantHere” or “we”) appreciates the trust you have put in us by using our services. We assure you that privacy and data security have an enormously high priority for us. Furthermore, it is very important to us that you feel safe during your visit to our website and while using our services.
As soon as you make use of our products and/or services, you entrust us with the processing of your personal data.
Therefore, in this Privacy Policy, we want to transparently inform you which personal data we collect from you, how we process it and to whom we might forward it in detail as well as inform you which precautions we take to protect your personal data, which rights you have in relation to your personal data and to whom you can turn for data protection concerns.
Please note that the terms used in this Privacy Policy, such as “Processing” or “Controller” are used in the same scope as described in the GDPR.
2. About distantHere
Your data is processed by distantHere GmbH, Hauptstrasse 81, 2504 Sooss, Austria. distantHere provides a data sharing platform (“Platform”) which allows our users to safely upload and download content, whereby its primary use is to give our users the possibility to leave behind video and/or audio recordings, pictures and documents for their loved ones.
3. Applicability
This Privacy Policy applies to all persons who use our services, the website, the apps or interacts otherwise with us (“user” or “you”).
Cookies: For data processing in connection with cookies and similar technologies, please also check our cookie policy.
Please note that minors, meaning people under the ages of 16, are allowed to use our services only with consent of their legal guardian. Equally, we are only allowed to process the personal data of minors with the consent of their legal guardian.
4. Controller
distatHere will solely use the personal data provided by you in compliance with the applicable data protection requirements, this Privacy Policy and your consent.
distantHere is a controller and/or joint controller in the meaning of Art 4 para 7 GDPR and therefore responsible for the processing of personal data in connection with the services provided.
If you have any questions in connection with the processing of your personal data and the exercising of your rights under GDPR, you can contact our privacy team: info@distantHere.com.
5. Data categories and sources:
We process the personal data that we receive from you within the scope of the business relationship and usage of our Platform. Furthermore, we might process data we have received from credit agencies, debtor directories, business analysis providers (e.g. CRIF GmbH, KSV 1870 Holding AG, Dow Jones News GmbH, Factiva Limited, Sift Science Inc.) and from publicly accessible sources (e.g. commercial register, register of associations, land register, media, sanctions lists).
When using our services or interacting with us, the following personal data might be processed:
-
Contact data: when creating a new user account or communicating with us, we might process for example: name, address, telephone number, email, date of birth, photo for the account, etc.
-
Photo, video and audio and other uploaded data: The photographs, video and audio data or any other data you upload to the Platform may contain personal data. Please note that we process such data only in accordance with you instructions and/or to the extent this is necessary for the provision of our services and maintain our business relationship.
-
Log data: during activities on the website, we might process for example: IP-address, computer or mobile device information, frequency, time, operating system, browser type, device type, unique device identification number, identification cookies, optionally form data, crash reports, performance data, third-party cookies, etc.
-
Company details: if you use a business account we might process for example: commercial register reports, data of or concerning beneficial owners, records or additional information on recent, past or planned business activities, other data necessary to determine/validate the structure, the beneficial ownership or any power of attorney of the company, etc.
-
Support requests: if you contact our support, we might process for example: personal data provided to the support team when you submit a request to our support team or any other member of the our team.
-
Marketing data: if you visit our website or social media sites (such as LinkedIn), we might process statistical and marketing data for example: number of visitors, frequency, clicks, time, places, target groups, data from cookies and similar technologies (Pixels etc.), consumer’s behaviour, interests and preferences, data about market research and target groups surveys, etc.; we refer to our Cookie Policy for more information.
-
Financial data: over the course of our business relationship we might process for example: bank details (IBAN, BIC), payment service provider information, payment details etc.
6. Purpose and legal basis for using personal data
All processing is performed in accordance with the GDPR and the Austrian Data Protection Act (DSG). We process your personal data based on at least one of the legal bases listed below. If we were to ask for the provision of any other personal data not described above, then such data and the purpose and legal basis for the collection and processing will be communicated to you at the point of collecting the personal data.
6.1. Based on your consent (Art 6 para 1 lit a GDPR):
If you have given us your consent to process your personal data, processing will only take place in accordance with the defined purposes and to the extent agreed in the declaration of consent. You can withdraw your consent at any time without giving reasons and with future effect. Note that the withdrawal of the consent does not affect the lawfulness of processing based on consent before its withdrawal.
The following processing of personal data is done with your consent:
-
direct marketing and advertising (e.g. user satisfaction surveys, newsletters etc.);
-
website analysis and tracking for advertising purposes;
-
Audio, video and photo data you upload to the Platform containing your personal data;
6.2. For the performance of contractual obligations (Art 6 para 1 lit b GDPR):
We process you personal data for the performance of our contractual obligations to you or in order to take steps at your request prior to entering into a contract. The following data processing operations, for example, are covered by such contractual obligations:
-
general performance of our services, all tasks necessary for the operation, performance and administration of our Platform;
-
account management;
-
User service and support requests
-
analysis and improvement of the Platform's quality and the general user experience;
-
data security and IT-security on our website and safeguarding our network;
6.3. For compliance with legal obligations (Art 6 para 1 lit c GDPR):
Processing of personal data might also be necessary for complying with various legal obligations. for example:
-
contract management, accounting and invoicing;
-
monitoring for prevention of fraud, misuse (e.g. for illegal purposes);
-
providing information to criminal authorities in the context of criminal proceedings or to prosecution in accordance with official orders;
6.4. To protect legitimate interests (Art 6 para 1 lit f GDPR):
In certain situations data processing might take place beyond the performance of the contract in order to maintain our legitimate interests or the legitimate interests of a third party like e.g.:
-
prevention of fraud, misuse (e.g. for illegal purposes);
-
identification and examination of potentially defective or suspicious business cases and accesses to our Platform;
-
data transmission within the distantHere for internal administrative purposes;
-
account management and handling general user requests and inquiries;
-
measures for protecting our users and partners, as well as safeguarding network and information security; also measures to protect our employees, users and our property e.g. through video surveillance (erasing cycle 72 h) and from external data centres and service providers;
-
processing inquiries from authorities, lawyers, collection agencies in the course of legal prosecution and enforcement of legal claims in the context of legal proceedings;
-
market research, business management and continuing development of services and products;
-
processing statistical data, performance data and market research data;
-
processing user preferences (e.g. language, region) via cookies on our website (see also our Cookie Policy);
-
direct marketing and advertising (e.g. performance of marketing strategies, targeting of users, dispatch of vouchers, advertisement);
-
use of audio, video and photo data from public spaces (e.g. public events, fairs, etc.) for marketing and other representation purposes on our social media channels or our Platform;
-
process and quality management measures.
6.5. Special categories of personal data
Please note that given the nature of our services we might need to process the data you upload to the Platform. This will mainly (but not exclusively) consist of saving the data and transferring the data in accordance with your instructions and our contractual and legal obligations.
Such uploaded data might contain special category personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
We will process such data only in accordance with Article 9 Para 2 GDPR, mainly by you giving us consent to do so.
7. Recipients of personal data
We transfer your personal data only to the extent described below or within the scope of an instruction at the time the data is collected from you. Personal data that we collect concerning you will neither be sold by us nor otherwise disclosed to third parties.
7.1. Data transfer within the distantHere
Within distantHere offices or employees will receive your personal data who need it to fulfil the contractual and legal obligations and legitimate interests.
7.2. Data transfer to processors
To a limited extent, we also transmit personal information to processors who perform services for us such as IT services (Wix.com Inc.). Processors may only use or disclose this data to the extent necessary to perform services for us or to comply with legal rules. We contractually oblige these processors to ensure the confidentiality and security of your personal data that they process on our behalf.
7.3. Data transfer to public bodies and institutions
We might also transfer your personal data (i) if we are required to do so by law or in the context of legal proceedings, (ii) if we believe that disclosure is necessary to prevent damages or financial loss, or (iii) in connection with an investigation into suspected or actual fraudulent or illegal activities.
7.4. Data transfer to other third parties
Joint Controllership: If we act together with other parties as joint controller, we provide those parties with personal data if applicable and based on at least one of the legal bases listed above under Point 6. In case of a joint controllership, we transmit your personal data only based on a sufficient agreement with our partners (Art 26 GDPR).
Other third parties: Part of our services is to transfer your data (including personal data) to a designated third-party. This is done with your consent or the purpose of performing a contract.
7.5. International data transfer
Your personal data may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the country in which you are located, whose data protection laws might be of a lower standard than those in the European Union. However, we will in all circumstances safeguard personal data as set out in this Privacy Policy.
If we process personal data in a third country (outside the European Union (EU) or the European Economic Area [EEA]) or if this occurs in the context of the use of third-party services or disclosure and/or transfer of personal data to third parties, we shall only transfer personal data to the performance of our (pre)contractual obligations, based on your consent, a legal obligation or our legitimate interests. Subject to legal or contractual authorisations, we process or have personal data processed in a third country only where the conditions of Art 44 et seq GDPR are met. This means, for example, that processing and the transfer is carried out based on special safeguards, such as the adherence to a code of conduct or certification mechanism together with binding and enforceable commitments from the recipient in the third country to apply the appropriate safeguards to protect the data or compliance with officially recognised special contractual obligations published by the European Commission (known as “Standard Contractual Clauses”).
Please contact info@distantHere.com if you need further information regarding the international data transfer.
8. Social Media presence
General: distantHere maintains a social media presence on different platforms (see below). When you access such social media platforms, the general terms and conditions, as well as the privacy policies of these operators, additionally apply.
As part of the technical process of different social media platforms (e.g. Google, Facebook, Twitter, etc.), these platforms will know when you click on content or a website you are visiting, if you are logged in to your social media account at the same time. Such information is collected by social media platforms and assigned to your social media accounts, regardless of whether you click on content of this platform or not. By logging out from your accounts, you can prevent such companies from associating the information collected with your accounts. The activities of those companies are not controlled by us and therefore, we do not assume any liability for damages that you may incur through the use of your data by these companies.
Controller: distantHere can only process personal data of social media users if they communicate directly with distantHere via such platforms in which case, we are also responsible for the processing of personal data gathered thereby.
For a detailed explanation of the respective processing and the possibilities of objection (opt-out) by providers of social media networks, we refer to the respective privacy policies of the providers (see below).
Our social media pages and channels and links to their privacy policies:
LinkedIn Privacy Policy
https://www.linkedin.com/legal/privacy-policy
9. Newsletter
In our email newsletter, we inform you about our services and products. If you would like to receive our newsletter, you have to subscribe with your email address. We send newsletters and other electronic notifications only with your expressly consent if you’ve subscribed for it (double opt-in) or which is recorded during registration for a distantHere account, or where there is a legal basis to do so (e.g. Art. 107 para 3 of the Austrian Telecommunications Act [TKG]).
You may unsubscribe from our newsletter, e.g. by withdrawing your consent, at any time. You can unsubscribe when you are logged into your account and furthermore you will find a link to unsubscribe at the end of each notification.
10. Retention and deletion periods
We retain your personal data, were necessary, for the duration of the entire business relationship, and in principal 1 year after termination of the business relationship. We retain your data for a longer period, only if necessary to comply with statutory retention and documentation obligations, to defend legal claims or with your explicit consent.
The retention period proscribed by law, we have to follow are: the Austrian Enterprise Code (UGB) and the Federal Tax Code (BAO) 7 years, in accordance with the Equal Treatment Act (GIBG) half a year, and in certain cases between 3 and 30 years according to the Austrian General Civil Code (ABGB) e.g. if data is required as evidence for legal disputes or for as long as there are other legitimate interests in retention.
Unless expressly stated in this Privacy Policy, personal data processed by us shall be erased as soon as they are no longer required for their intended purpose and the erasure does not conflict with any statutory retention obligations.
11. Data subject rights
You have the following rights in accordance with the GDPR
Right of access: You have the right to request confirmation from us as to whether we are processing personal data concerning you. Where personal data concerning you is being processed, you have the right, to receive information from us within a reasonable time regarding the personal data stored about you and to receive a copy of the personal data concerning you which is undergoing processing.
Right to rectification: You have the right to request the rectification of inaccurate personal data concerning you.
Right to erasure: You have the right to request the erasure of your personal data, where one of the following grounds applies and if no further processing is required:
-
the personal data is no longer necessary in relation to the purposes for which they were collected;
-
you withdraw your consent on which the processing was based and where there is no other legal basis or overriding legitimate interest for the processing;
-
the personal data have been unlawfully processed; or
-
erasure of the personal data is required for compliance with a legal obligation under European Union or Member State law to which the Controller is subject.
Requests for the erasure of personal data must include the respective ground (Art 17 para 1 GDPR).
Right to restriction of processing: You have the right to request from us the restriction of processing where one of the following conditions applies:
-
you contest the accuracy of the personal data (the restriction shall be put in place for a period which enables us to verify the accuracy of the personal data);
-
the processing of your personal data was unlawful, and you oppose the erasure of your personal data and request instead the restriction of their use;
-
We no longer requires your personal data for the purposes of the processing, but you require them for the assertion, exercise or defence of legal claims; or
-
You have objected to processing of your personal data and it has not yet been determined whether our legitimate grounds override your own.
Right to data portability: You have the right to receive the personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format. You shall also have the right to request that we transfer these data directly to another controller, designated by you, where this is technically feasible and does not adversely affect the rights and freedoms of others. The right to data portability may only be exercised where the basis of the processing is either your consent or a (pre)contractual necessity, and where the processing is carried out by automated means.
Right to object: You have the right to object to the processing of your personal data at any time if the processing is based on our legitimate interests. If you have objected to processing, we shall no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or unless the processing is for the assertion, exercise or defence of legal claims. The objection does not affect the lawfulness of processing your personal data based on legitimate interests before your withdrawal.
Contact: To exercise one of the above-mentioned rights you can send an email to info@distantHere.com or a letter to Hauptstrasse 81, 2504 Sooss, Austria. Please note that for such requests we require further identification data from you (e.g. Passport, ID card, etc), in order to ensure that your personal data is only shared with you.
12. Objection Advertisement:
How can I object to the processing of my data for advertising purposes?
You can also object to any use of your personal data for advertising purposes. Please contact us via email info@distantHere.com if you want to generally object to the processing of your data for advertising purposes. The objection does not affect the lawfulness of processing your personal data based on legitimate interests before your withdrawal.
You also have the possibility to directly opt-out from tracking and the setting of cookies for advertisement purposes. Furthermore, you may unsubscribe from our newsletter by using the unsubscribe link at the bottom of the newsletter email.
13. Automated decision-making
We does not use personal data for automated decision-making including profiling within the meaning of Art 22 GDPR (e.g. decisions producing legal effects concerning data subjects, or otherwise significantly affecting them, based solely on automated processing of personal data, including profiling).
​
14. Declaration of consent:
By checking the respective box as a part of the registration process or in case of an update after the login into your account, you expressly confirm that you have read the Privacy Policy and that you agree to the data processing as described therein.
By checking the respective separate box for news and updates per email (newsletter) you expressly consent that you agree to receive electronic communication as described above in point 9.
You have the right to withdraw your consent at any time to to info@distantHere.com or a letter to Hauptstrasse 81, 2504 Sooss, Austria. Please keep in mind that we might not be able to provide all our services to you anymore, if you withdraw your consent. The withdrawal of your consent does not affect the lawfulness of processing your personal data based on consent before your withdrawal.
15. Supervisory authority
You have the right to file a complaint to the competent supervisory authority, if you think your rights have been violated under the GDPR. In Austria, this is the Data Protection Authority (Datenschutzbehörde).
16. Changes to this Privacy Policy
We may make changes to this Privacy Policy from time to time without notification.
​
17. NO GUARANTEES
While this Privacy Policy states our standards for maintenance of personal data and we will make efforts to meet them, we are not in a position to guarantee these standards. There may be factors beyond our control that may result in disclosure of data. As a consequence, we disclaim any warranties or representations relating to maintenance or nondisclosure of personal data.