Privacy Policy

Personal Data

All information relating to an identified or identifiable natural person ("data subject"). A natural person is considered identifiable if they can be directly or indirectly identified, particularly by reference to an identifier such as a name, identification number, location data, online identifier, or by reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

Processing

Any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, combination, restriction, erasure, or destruction.

Controller

Refers to a natural or legal person, public authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data. If the purposes and means of processing are prescribed in accordance with EU law or the law of Member States, the controller or certain criteria for its nomination may be provided for in accordance with EU law or the law of Member States.

Recipient

Refers to a natural or legal person, public authority, agency, or another body to which personal data can be disclosed, whether a third party or not. Authorities may obtain personal data in the context of a particular investigation in accordance with EU law or the law of Member States but are not considered recipients. The processing of these data by the designated authorities is carried out in accordance with the applicable data protection regulations and in accordance with the purposes of the processing.

Third Party

This is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

Relevant Area: Google Calendar Integration

The Etisia application uses integration with Google Calendar to synchronize calendar events. When you connect your Google account with our application, you permit us to access your calendar data in accordance with the approved permissions. This data may include event titles, descriptions, event times, and other relevant information, which we use solely to inform customers about their appointments or events and to update the calendar in case of changes or cancellations.

We obtain your consent to access this data when you connect your Google account. You can revoke this consent at any time in our application's settings or by disconnecting your Google account. Your data is stored in a secure environment and is accessible only to authorized persons. We use the latest security standards and technologies to ensure the protection of your data. We do not share your data with third parties unless it is necessary to provide our services or required by law.

The use and transfer of information received from Google APIs to the Etisia application and other applications will comply with the Google API Services User Data Policy, including the Limited Use requirements.

We are committed to transparency in the processing of your personal data. You have the right to access, correct, delete, and restrict the processing of your data related to your Google account. You also have the right to information about how your data is used and for what purposes. If you wish to exercise any of these rights or have questions regarding privacy and data protection, please contact us at [email protected].

Relevant Area: Visiting the Website

When you access the etisia.com website, so-called access data is collected, including the IP address, and stored in a log file. The log file also stores the name of the website you requested, the retrieved file, date and time of access, amount of data transferred, notification of successful retrieval, browser type and version, operating system, the so-called referrer URL (previously visited page), as well as the provider making the request. However, based on this data, you cannot be identified.

When you visit our website, cookies are also stored on your end device (laptop, tablet, smartphone, or personal computer).

To provide users with a seamless connection and comfortable use of our website, we collect log file data, including the IP address. The log file is used for analysis to evaluate system security and stability, as well as for administrative purposes. Cookies also help us make our services and website more user-friendly by helping us determine whether you have, for example, already visited a page on our website. Using the cookie identifier, we also receive information about user behavior on our website and search queries that lead you to our site, so we can tailor our offerings to users' interests for future visits.

Log files, including the IP address, serve only to optimize the technology and configuration of our website and the security of our systems (e.g., in the context of a system intrusion or security incident). When accessing our website, it is not possible to obtain any personal data from the log files, including the IP address. Personal reference only occurs when you log into your customer user account at the same time. In this case, we can link your IP address directly to you. Using the cookie identifier, we find out, for example, whether and to what extent you have already visited our websites, whether you have already registered with us under a certain identification mark, and when you returned to this identification mark.

Relevant Area: Website Visit, Web Analytics

Personal Data: IP address, cookie identifier

Description and purpose of data processing: We use so-called tracking tools and web analytics tools on our website. This involves collecting access data to our website and evaluating the behavior of our visitors to optimize our offerings.

With these tools, it is possible to investigate where visitors come from, how they accessed our website, which areas of the website are more frequently visited, and how often and for how long certain subpages and categories are viewed. We can also determine which search terms and websites the user entered and assess how many users visit our pages overall and which information or offers are most in demand. The goal is to use this acquired knowledge to help design our offerings and website in a user-friendly way.

Interest in data processing: By statistically analyzing user profiles, we can derive information about the operation and success of our website, such as how often information pages for certain product groups are accessed and how many visitors clicked on a particular offer. Using tracking tools, we can better target our offers to our customers, visitors, and interested parties.

Recipient and data processor: The following providers of tracking tools and web analytics tools process access data on our behalf for user analysis and statistical processing:

• Google Analytics: Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. More information at google.com/policies/
• Optimizely: Optimizely, Inc., 631 Howard Street, Suite 100, San Francisco, California 94105, USA. More information at https://www.optimizely.com/privacy/
• Hotjar: Hotjar Ltd, Level 2, St Julian's Business Centre, 3 Elia Zammit Street, St Julian's STJ 1000, Malta. More information at https://www.hotjar.com/legal/policies/privacy
• Freshworks: Freshworks Inc., 1250 Bayhill Drive, Suite 315, San Bruno, California 94066, USA. More information at https://www.freshworks.com/privacy/

Relevant Area: Website Visit, Advertising

Personal Data: IP address, cookie identifier, order identifier.

Description and purpose of data processing: The website uses so-called advertising tracking tools. With the help of these advertising tracking tools, we can display or arrange the display of individual advertisements on our websites, which are selected (automatically) based on visitor preferences. Technically, advertising tracking is usually carried out via advertising identification tags through which cookies, among others, are used by advertising network providers to create user profiles and display ads based on cookie profiles when the website is accessed. By using tracking pixels on various websites, advertising partners store cookies on the user's end device the first time the user visits the advertising partner's website. Through such remarketing offers, the user can be "followed" across the internet and shown particularly attractive offers (in principle). In many cases, tracking is carried out via so-called browser fingerprints, which use information such as individual screen resolution settings, color depth, time zone, and installed plugins to recognize users and user groups.

Interest in data processing: With the help of advertising tracking tools, we can better target our offers to our customers, visitors, and interested parties. Advertising tracking tools and related advertising campaigns also allow us or third parties to generate profit through advertisements. Additionally, user behavior helps us determine which areas of our websites are potentially particularly interesting to visitors so that we can selectively display advertisements. Ads are displayed according to the thematic orientation of the website and related user search behavior. As a result, advertising tracking tools can determine where visitors come from and which areas of the website were visited, how often, and for how long subpages and categories were viewed. Common advertising methods include retargeting and remarketing campaigns, in which users can be re-addressed at other times and places on the internet, for example, by advertising potentially interesting products from websites the user previously visited.

Recipients of the aforementioned data: The following providers of web analytics tools process access data on our behalf for user behavior analysis and customized advertising:

• Google Analytics: Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. More information at https://www.google.com/privacy/ads
• Facebook: Facebook, Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA. More information at https://www.facebook.com/about/privacy

Relevant Area: Subscription to Cloud Service

Personal Data: Email address, title, first and last name, recipient's address, billing address, payment information (excluding credit card details!), login data (in case of registered customers), IP address, cookie identifier.

Description and purpose of data processing: We process data within the framework of the initial order or, if you are an existing customer, to provide you with your customer user account on the etisia.com platform, located at the web address etisia.com. If you have created a customer user account, we will need your login data to verify your account. In addition to the initial purpose, all data is used for marketing campaigns, whereby the user agrees upon registration on the portal to receive marketing messages from Evicity, Inc.

Recipient and data processor: We share your data with the recipient exclusively based on contracts relating to order processing and only to the extent necessary to fulfill the contractual provisions of the service (e.g., in the case of payment). Upon invoice payment, we perform a credit inquiry before approving your order. For this purpose, the specified data is transmitted to specifically designated service providers to provide them with information about your payment history and credit information based on a mathematical-statistical assessment procedure. This processing is carried out solely based on your separate consent (Article 6(1)(a) of the General Data Protection Regulation).

Depending on your chosen payment method, your payment data is transferred to the appropriate payment service provider. Responsibility for your payment data lies with the payment service provider. Information, especially about the responsible bodies of payment service providers, contact information for the payment service provider's data protection officer, and categories of personal data that the payment service provider will process can be found at https://stripe.com.