Privacy Policy

Privacy policy
Information obligations pursuant to Article 13

1. introduction

C02P GmbH is a Saas provider and is currently active in the following business areas:

  • Software As A Service Provider

C02P respects the privacy of its users and has created this Privacy Policy as a sign of its commitment to protecting your privacy. We will collect, store and process data about you in the course of our activities. The use and disclosure of your data by us, as well as your choices in relation to these processes, are described in this Privacy Policy. We ask you to read this document carefully before using our services. If you have any questions about this Privacy Policy, please email us at [email protected].

2. responsible person

is the controller within the meaning of the General Data Protection Regulation ("GDPR"):

C02P GmbH
Keßlergasse 2
2700 Wiener Neustadt
AUSTRIA

+43 5 7674 5000
[email protected]
http://www.c02p.com

3. personal data

3.1 Personal data means any information relating to an identified or identifiable natural person (so-called "data subject").

3.2 As part of our website, we collect personal data both when you use our website (cookies & Google Analytics) and when you make inquiries and contact customers.

3.3 Each time you access our website, your browser transmits data to our web server. This data is transmitted for technical reasons to
and is only collected and processed for statistical or technical purposes, e.g. to ensure the smooth running of our service operations. The following data is collected:

  • IP address (anonymized)
  • Dates and times of access to the website
  • Location
  • Browser type and version & window size
  • Request (file name of the requested file)
  • Operating system used
  • Referrer URL
  • Language

In addition, cookies and server log files are collected and processed when you access our website, depending on your browser settings. You can find more information on this under point 4.

3.4 The following data is stored for business processing (business initiation and conclusion including accounting):

  • Name + title if applicable
  • Gender
  • E-mail address
  • Company
  • Company address
  • Job title
  • Phone number
  • Country
  • VAT number
  • Company register number

3.5 The following data is collected for business fulfillment/technical implementation:

  • Name + title if applicable
  • E-mail address
  • Phone number
  • Profile picture
  • Country code
  • Language
  • User ID of the sender
  • User ID of the recipient
  • Credit card details
  • Bank name
  • Interface data

3.6 When you contact our support team, we collect and process your data in order to process your request. The following data is collected:

  • Name
  • E-mail address
  • Telephone number
  • Request date (day/month/year, time)
  • Search term
  • Subject of the request
  • IP address

4. cookies and server log files

4.1 In order to optimize the use of our services for you, we collect data through the use of cookies. Cookies are small text files that are stored on your browser or device. They are used in different ways, e.g. to analyse the behaviour of users on a website or to personalize services based on a user's preferences.

4.2 We use Google Analytics to be able to use search queries on our website for marketing purposes.

4.3 Our website uses Hotjar to collect information about the behavior of our users and their end devices (e.g. IP address in anonymized form, device type, browser type, preferred language, etc.).
Hotjar stores this information in a pseudonymized user profile. The information is not used to identify individual users. You can object to the storage of the user profile and the information about your visit to our website and the setting of Hotjar tracking cookies. You can find more information on this at this link and in Hotjar's privacy policy
at https://www.hotjar.com/legal/policies/privacy.
services to which we have created a link on our website may use their own cookies when you interact with links, plug-ins and other references provided by us. We have no control over these cookies and refer you to the privacy policies of these third parties for more information. Most web browsers offer the option of deactivating cookies. Alternatively, we would like to draw your attention to the following tools for changing your personal cookie application:

https://tools.google.com/dlpage/gaoptout?hl=de
https://disconnect.me/

These tools are provided by third-party providers.

5. social media plug-ins

5.1 We have integrated links and plug-ins from external providers such as Facebook, Google, YouTube, Twitter, LinkedIn, Instagram and Vimeo on our website. Such services may use their own cookies or tracking pixels to collect information about users who interact with their websites via links.

How we use the Facebook Platform and which data we use:

  1. Facebook Login in the C02P Web Application
    • Facebook User ID, profile image and email address are used to create a C02P user
  2. Getting public page data of white-label app customers
    • We fetch the public page feed (Text, Image(s), Url, CreatedDate, ...) to display it within the white label app
    • We get the public page data (name, profile image) to display the page feed within the white label app
    • This data is cached by the C02P backend and provided via an API to the apps, apps don't directly access the Facebook APIs
  1. We fetch users public page data and posts for displaying them within the C02P apps.
    • Data is again cached by backend and not directly accessed by apps
  2. Therefore we use the Basic Display API (so user has to setup connection with his page within our business web application)

When you visit our website, your browser connects directly to the servers of plug-in providers and the content of the plug-in can be generated directly by your browser and integrated on our website. Plug-in providers are therefore able to track your visit and your activities on our website and link them to your profile on the website of this plug-in provider. All information about interactions, such as comments or the use of "like buttons", can be transmitted directly to the websites of the plug-in providers and stored by the corresponding plug-in provider. You can prevent such transmission and storage of your data by logging out of your respective profiles with plug-in providers before using the plug-in. Further information on the purpose and scope of data use and processing by plug-in providers on our
website can be found in the privacy policies of the respective providers:

https://www.facebook.com/policy.php
http://www.google.com/policies/privacy/
https://www.google.com/+/policy/pagesterm.html
https://twitter.com/privacy?lang=en
https://www.linkedin.com/legal/privacy-policy
https://play.google.com/about/play-terms.html
https://www.apple.com/legal/internetservices/itunes/nz/terms.html
https://chatra.io/privacypolicy/

6. legal basis for data processing

We only collect, process and use your personal data if there is a legal basis within the meaning of the GDPR.

6.1 Legitimate interest - Art 6 para 1 lit f GDPR

Insofar as the processing of personal data is necessary to safeguard a
legitimate interest of our company or a third party
, Art. 6 para. 1 lit. f GDPR serves as the legal basis. Our legitimate
interest lies in particular in the following

  • to carry out a smooth business transaction process
  • to be able to guarantee the proper fulfillment of the contract
  • ensure the operation and administration of the website;
  • direct marketing measures;
  • to ensure network and data security, but only to the extent that our legitimate interest is consistent with applicable law and with the rights and freedoms of our users;
  • to provide the best possible support

&nbsp

6.2 Consent - Art 6 para 1 lit a GDPR

The processing of data that you send to us for comments or feedback or business cards that are exchanged in the course of trade fairs, conferences, on-site visits, etc. is based on your consent. The scope and purposes of the processing depend on the underlying declaration of consent. You can revoke your consent at any time with effect for the future by sending an e-mail to [email protected] informing us of your revocation.

6.3 Contractual obligations - Art 6 para 1 lit b GDPR

The processing of your data collected in the course of initiating and concluding business transactions and for invoicing purposes is carried out for the purpose of fulfilling the contract.

6.4 Legal obligations - Art 6 para 1 lit c GDPR

Insofar as we are legally obliged to process personal data for
, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

7. transmission of data to third parties

7.1 Due to the current complexity of certain data processing procedures, it has become essential for us to provide certain services with the assistance of third parties. To this end, we use external service providers, e.g. for web hosting and our IT systems, to whom your data is made available for this purpose.

7.2 The server on which the hosting service is based is provided by Amazon Web Services.

7.3 We use the services of FastBill GmbH to create invoices. You can find more information in FastBill's privacy policy at https://www.fastbill.com/datenschutz. We use BMD Systemhaus for the further posting of these invoices.

7.4 Our central CRM tool is Pipeliner CRM. All the data we need for further business development is stored here.

7.5 For the payment process, we transmit your data to Stripe Inc. For more information, please refer to Stripe's privacy policy at https://stripe.com/at/privacy.

7.6 The potential recipient of your personal data may be located outside the European Union or
may process your personal data there. The level of data protection in other countries may not be the same as in Austria. However, we only transfer your personal data to countries for which the EU Commission
has decided that they have an adequate level of data protection or we take measures to ensure that all
recipients have an adequate level of data protection.

7.7 Under certain circumstances, we may be required by law to disclose your data to, for example, supervisory authorities and law enforcement agencies. However, this will only be done to the extent necessary to prevent and/or detect fraud and other criminal offenses or to ensure network and data security.

8. storage of the data

The data will be processed as long as this is necessary to fulfill our contractual or legal obligations and to defend against any liability claims or until you revoke your consent. We ensure that your personal data is treated in accordance with this privacy policy for the entire period.

9. your data protection rights

9.1 As a data subject, you have the right to information about your stored personal data, its origin and recipients and the purpose of data processing at any time. You also have the right to correct and transfer your data and, if applicable, to object to, restrict the processing of or delete processed data.

9.2 Your request for information, deletion, correction, objection and/or data transfer can be addressed to the contact person listed in point 10 of this declaration.

9.3 If you are of the opinion that the processing of your personal data by us violates the applicable data protection law or your data protection claims have been violated in any other way, you have the option of complaining to the competent supervisory authority. In Austria, the data protection authority is responsible for this.

10. contact details for data protection inquiries

If you have any questions about the processing of your data or wish to exercise your (information) rights, please contact:

11. changes to the privacy policy

We reserve the right to amend this privacy policy if necessary, for example due to technical developments or legal changes, or to update it in connection with the offer of new services or products. The updated privacy policy will always be published on our website. Please check the relevant page regularly.

Scroll to top