Company: MySecure Space GmbH
Address: Fahngasse 6/2/20B, 1220 Vienna, Austria
Company Registration Nr.: FN458546 h
VAT Number (AT): ATU71685223
Tel (Europe): +43 (680) 112 4334 (only for business purposes – NOT for support)
Tel (USA): +1 (614) 733 8777 (only for business purposes – NOT for support)
E-Mail: support [at] MySecure.Space
Company Type: GmbH
How do we process your personal data?
We store and use your personal information only to process your orders and to communicate with you. If you subscribe to our customer newsletter, we will also use your email address to send you our product updates and company news. We also store and process information provided by job applicants as part of the application process.
What categories of data do we collect?
Each time you visit our website, your IP address and other information is stored in an anonymized form. If you register an account with us, your contact details will be stored. If you order products from us, your address and payment information will also be stored. According to Austrian law we have to keep your invoices up to 7 years in order to be able to send them to the tax authorities at any time.
We have not implemented any trackers in our infrastructure. In addition, we have tried our best not to use services that contain trackers, such as Google analytics. However, in some cases we have no choice but to use third party solutions. For example, we have used Youtube services on some of our pages. In such cases, we display a warning on the relevant pages before loading Youtube content.
In particular, we save the following data from you:
When you register an account on our system, we collect and process certain personal information from you as your registration data. For example, we need your name, address, telephone number, payment information and email address to process your order. If you pay by credit card, we do not collect or store any payment information such as credit card numbers or verification codes. You provide this information only to the relevant payment service provider (in our case Stripe.com). One exception for credit card payments is the so-called pseudo card number: in order to save you from having to enter your credit card details every time you make a payment, a pseudo card number is stored for your account. The dummy card number is only used to pay for products on our website that you order using your account. A dummy card number is not the same as your credit card number. We will delete all of your registration information either: within 24 months, when you delete your user account with us, or when the statutory retention period has expired. You can delete your account with us by contacting us through our ticketing system and submitting a deletion request. The legal basis for this data processing is Art. 6 (1) lit. b GDPR. In addition to all these measures, we encrypt all payment information collected in our database.
If you subscribe to our newsletter or request to receive automated messages from MySecure.Space, we will also store your email address. We delete your email address when you delete your account or unsubscribe from our newsletter. The legal basis for this data processing is Art. 6 (1) lit. a or Art. 6 (1) lit. b GDPR.
Server log files
When you visit our websites, we automatically collect certain information.This includes your IP address, browser type and version, time, date, and the website from which you linked to our site. Your IP address is stored anonymously. You can then no longer be identified.The legal basis for this data processing is Art. 6 (1) lit. f GDPR.
Who we forward your data to
We do not work with any advertising companies including Google, Facebook, Apple, Microsoft and the like. Your information will not be shared with any third parties under any circumstances. Some of our external service providers, such as our data centers and server administrators, may have access to your information while they help us provide our services. However, in 99% of cases, your information is fully encrypted and anonymized. As an Austrian company, we have to comply with Austrian and European law, which means that we have to provide the information requested by the authorities in the event of legal proceedings.
In particular, this may occur in the following cases:
When we register a domain for you, we provide the necessary information to the appropriate registrar.
Payments and anti-fraud system:
MaxMind’s General Data Protection Regulation (GDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), MaxMind has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:
- by using EDPO’s online request form: https://edpo.com/gdpr-data-request/
- by writing to EDPO at Block 1, Blanchardstown Corporate Park, Ballycoolin Rd, Dublin D15 AKK1
MaxMind’s UK General Data Protection Regulation (GDPR) – UK Representative
Pursuant to Article 27 of the UK GDPR, MaxMind has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
- by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/
- by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom
IMPORTANT: You can change your privacy preferences regarding MaxMind services here.
Stripe, Inc. (Credit and debit card payments)
Debt collection agency
If you as a customer fail to pay your invoices on time, your necessary data are passed on to an external debt collection agency.
Data is transferred to third countries in adherence to the legally regulated admissibility requirements. We will not transfer your data to a third country if it does serve the purpose of performing our contract with you; we have no consent from you; the transfer is not necessary to assert, exercise or defend legal claims; and there are no other exceptions. We will only transfer your data to a third country if there is an adequacy decision in accordance with Art. 45 GDPR or appropriate safeguards in accordance with Art. 46 GDPR. Once such adequacy decision (regarding an adequate level of protection) is the “Privacy Shield” for the USA. For transfers to a company certified under the Privacy Shield, the data privacy level is considered essentially as adequate within the meaning of Art. 45 GDPR. However, we usually do not rely on the Privacy Shield, but rather create appropriate privacy guarantees and complete the EU standard data privacy clauses issued by the European Commission with the receiving party. Together these actions establish appropriate safeguards in accordance with Art. 46 GDPR and provide an adequate level of protection.
Other categories of recipients
State authorities and courts
Where do we process your data?
We only process your data on our own servers and services located in data centres in Austria, Germany and Finland.
Cookies and the right to object to direct advertising
1) the US site http://www.aboutads.info/choices/
2) the EU site http://www.youronlinechoices.com/.
Furthermore, you can deactivate cookies from being stored on your computer or device by changing your browser settings. However, if you do this, it will likely lead to problems when you try to use MySecure Space GmbH websites, interfaces, and features on the interfaces.
Social media data
We have included warning messages before loading the Youtube files on the page and the Youtube videos will only be available when you click on the respective area.
Online presence on social media
We maintain online presence on social networks and platforms in order to communicate with our customers, interested parties, and users and to inform them about our services. We use Facebook, Twitter, and Instagram, among others. When visiting each of these platforms, you as a user agree to the terms and conditions and the data processing guidelines of the corresponding operator.
Unless stated otherwise in our data privacy notice, we process user data if users communicate with us on these social networks and platforms, e.g. publish posts on our pages or send us messages.
We at MySecure.Space process users’ data only when it is in the customer’s legitimate interest for us to do so in accordance with Art. 6, (1) lit. b GDPR. As a company, we have a legal right to obtain general customer information to use in customer accounts. We also use customers’ data for communication purposes. If any of the providers below request users for consent for processing their data, the legal basis for data processing is Art. 6 para. 1 lit. a. GDPR.
For detailed information about the data processing operations of the providers below, as well as their opt-out options, please check the links that we have listed below.
Provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland, Joint Data Processing Agreement Data privacy agreement: https://www.facebook.com/about/privacy/ Opt-out: https://www.facebook.com/settings?tab=ads. Facebook has committed itself to adhering to EU data protection laws in compliance with the Privacy Shield Framework: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
Provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Data protection policy: https://twitter.com/de/privacy Opt-out: https://twitter.com/personalization Twitter has committed itself to adhering to EU data protection laws in compliance with the Privacy Shield Framework: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
Provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA Data protection policy & opt-out: http://instagram.com/about/legal/privacy/.
Google Universal Analytics
Although analytics is one of the most important parts of our business, we have not integrated (and DO NOT USE) Google’s analytics service due to Google’s weak privacy practices.
Chat Support System
The chat support system we use is an open source project called “ChatWoot”. To respect the privacy of our users and to comply with the GDPR, we host ChatWoot on our own servers in Germany. Therefore, your data is not transferred outside our network.
Your rights as a “data subject”
You have the right to information about your personal data that we process. If you do not make requests for information in writing, please bear in mind that we might ask you to provide proof that you who you claim to be. Furthermore, you have a right to rectification or deletion or restriction of processing, as it is applicable to you under the law. Furthermore, in accordance with legal requirements, you have the right to object to us processing your data. You also have the right of data portability.
Right to lodge a complaint
You have the right to lodge a complaint about the processing of your personal data by us to a supervisory authority for data protection.
Voluntary nature of data provision
There is no statutory obligation for you to provide your data to MySecure Space GmbH. However, you cannot use some of our services if you do not provide your data to us. Your decision to provide us with your personal data is completely voluntary.
To protect the privacy of our customers, we are NOT using Google Maps service in our services.
We are not in the business of selling data. Therefore, we do not and will not contract with any third party to track you as a customer by placing external trackers on our website or services.