This statement is intended for all visitors to our website, our customers and our partners, and applies whenever we receive data about you. Regardless of whether you have become a customer, or if there is a contract between us, this statement is intended to make transparent to you how we handle data.
1. Responsible Entity
The legally responsible entity for all issues related to data is listed on our website under Imprint. There you can find the contact details for the named company managers and data protection officer. You can also contact the data protection officer by e-mail at privacy@steadyHQ.com.
2. Purpose of Storage
Steady is a platform through which you can purchase subscriptions or memberships to various publications ("Steady Publications").
When you create a user account with us, or enter into a contract with us as a customer, we create a customer account in our system. This includes your provided personal information, order information, and - if applicable - your billing data. We store and process this data as we could otherwise not fulfill our contract with you.
When you sign up for a subscription or membership of a specific Steady Publication, we will pass on your customer information to the appropriate Steady Publication, which stores and processes it in order to fulfill the contract.
Your computer sends us your IP address when you use our website. Depending on your usage options and settings, we store small text files ("cookies") on your hard drive. We do this so that our website works optimally for you. It functions as a type of short-term memory for your browser.
Many Steady Publications embed some Steady code on their own website to perform functions, such as displaying a paywall or verifying that you have an active account. This is done as it would otherwise not be possible to fulfill the contract with you. If you use a Steady Publication website that contains Steady code, your computer will send us your IP address, and - depending on your usage options and settings - we will store small text files ("cookies") on your hard drive. We create these files so that Steady Publisher services will work optimally for you, such as showing articles behind a paywall.
Additionally, we create text files on our system that may contain the following information about you: browser type and version, operating system, website URL, the name of your computer and time of use ("logfiles"). These logfiles cannot be assigned to specific individual. We do not combine these data with cookies or IP addresses. However, we reserve the right to evaluate this data retrospectively in individual cases if we have concrete indications of unlawful use. The logfiles help us understand what kinds of computers use our web pages, as well as usage volume. This allows us to optimize our website structure, servers and database systems.
3. Disclosure of Data to Third Parties
We do not process your data entirely ourselves, but also use programs and services from other companies ("tools"). We may occasionally change the tools used if it is necessary for legal, technical or financial reasons.
Currently we use the following tools for the administration and provision of data, in particular to handle IP addresses, cookies and logfiles:
- Amazon S3 (storage space)
- Autopilot (contact information, group e-mails based on how users use Steady)
- Braintree (processing of payments)
- Chargebee (management of subscriptions, payments and billing)
- Datev (administration of master data and accounting)
- Deutsche Telekom (internal and external calls)
- Facebook (communication with users)
- FullStory (find an analyze bugs and opimize user experience)
- GoCardless (processing of payments)
- Google Analytics (website visitor measurement)
- Google Drive (communication within the company, creation and storage of documents)
- Google GSuite (contact information, e-mail, calendar)
- Google Tag Manager (website usage and communication campaigns)
- Imgix (picture delivery)
- Intercom (chat window service for online customer care on our website)
- Mailchimp (contact information, group e-mails)
- Makandra (website operation, server space)
- PayPal (processing of payments)
- Personio (HR- and Recruiting-Service)
- Pipedrive (customer service and sales)
- Mailjet (e-mail delivery)
- Sentry (error tracking)
- Skype (internal and external video calls)
- Slack (communication within the company)
- Slim FAQ (customer support information on our website)
- Trello (communication within the company)
- Twitter (communication with users)
- zoom (internal and external video calls)
Data is forwarded to providers or storage locations in Germany, in countries within the European Union, and countries outside the European Union.
4. Deletion Deadlines
We retain your data until the end of the contract, or until the legal retention periods have expired. These are proscribed in the German Commercial Code (Handelsgesetzbuch), Paragraph § 257, which regulates the storage of business documents.
5. Information Rights
You have the legal right at any time to request information about the data stored by us. If, despite our efforts to be accurate and up-to-date, we hold false information about you, we will correct it as soon as possible at your request. If processing is based on your consent, you can withdraw your consent for further processing at any time.
6. Supervisory Authority
If you feel that we are failing to comply with our obligation to provide you with information, you have the right to complain to a supervisory authority (for example, the data protection officer of a federal state in Germany).
You are not obligated to transmit your data to us. You can therefore refuse the storage of your IP address. For the conclusion and the execution of contracts between us, however, the processing of your data to the extent described above is necessary. If you revoke your consent to data processing, it will be impossible for us to perform our contractual obligations, whereas you will not be relieved of your contractual duties. (For this reason, you can not revoke the storage of your customer data in the above-mentioned management systems until the termination of our contractual relationship).
8. Change of Purpose
If we intend to process your data for a purpose other than that for which you gave it to us, we will provide you with specific information about this other purpose, and the reason for our intention, before further processing occurs. You can revoke the consent for further processing at any time.
Date: May 2018