Privacy Policy

1. General
1.1
At Nativy your personal information is handled very carefully, so we have prepared this privacy policy to explain how we collect, use, and share it with third parties.

1.2
We handle your personal information in a confidential and responsible way and any processing of your personal information takes place in compliance with the General Data Protection Regulation („GDPR“) as well as the Austrian data protection act in its current form.

1.3
To prevent unauthorized access to your personal data and generally secure such data, we and our partners use encrypted transmission and encrypted storage. All safety measures are constantly revised and comply with the latest technological developments.

1.4
We may update our privacy policy to reflect changes to our information practices. If we do this and the changes are material, we will post a notice that we have made changes to this privacy policy on the Websites for at least 7 days after the changes are made, ask for your consent, and indicate the date these terms were last revised at the bottom of the privacy policy. Revisions to this privacy policy will become effective the earlier of (i) the end of that 7-day period or (ii) the first time you access or use the Services after any such changes.

2. About information we collect
When you register for, access, or use the Services, we process certain of your personal information (“Data” or “Information”).

2.1
If you visit our Website, we process only Data that your browser communicates to our servers. We collect the following Data, which is necessary for us in order to display the Website correctly and guarantee the necessary stability and safety:

IP address;
date and time stamp;
requested site;
access status/HTTP status code;
transmitted data volume;
site from which the request was sent;
browser;
operating system and interface; and
language and version of the browser software.

2.2
Depending on your registration, we process and save the following Data:

Email address
Gender (optional)
First name
Last name
Company (optional)
Currency
Time zone
For the invoice we need also this information:

Street
ZIP Code
City
Country

2.3
When you make purchases in the Services via Credit Card, we process but do not have access or save the following Data:

credit card information

2.4
When you use the Services, we process the following Data:

when you launch, signup to, login to, and logout of the Services;
when you purchase something in the Services
What you purchased

3. Use of Information
3.1
The processing of Data pursues the following purposes (“Purposes”):

providing the Services;
customer relations management (e.g. support);
marketing for our own products (newsletters, push messages);
research and development;
communicating with you about the Services;
ensuring safety and security; and
protecting our legitimate business interests and legal rights.

3.2
The lawfulness of processing (Art. 6 GDPR) stems from

the consent pursuant para. 1 subpara. a GDPR upon registration;
the necessity for the performance of contract fulfillment pursuant para 1 subpara. b GDPR, as your Data is needed for a satisfactory use of the Services; and/or
the necessity for the purposes of the legitimate interests pursued by the Company or by a third party.

4. Information we share
4.1
We transmit Data to third parties only if this is necessary for the Purposes, due to a request from a national authority, due to a court ruling, or if you have consented beforehand.

4.2
Your data is stored securely within the EU on Microsoft Azure servers in the Netherlands, and partially on Amazon AWS in Ireland.

5. Updating or deleting Information
5.1
We store your personal data as long as you are a registered user of our service. Where we retain information for service improvement and development during your membership, we take steps to eliminate information that directly identifies you and we only use the information to uncover collective insights about the user behavior, not to specifically analyze personal details.

5.2
If you delete your account, we only store Data that is legally necessary .

5.3
Data will be deleted if you (a) revoke your consent to the storage (b) Data is not needed to fulfill the user contract concerning the Services anymore, or (c) the storage is or becomes legally impermissible. A deletion request does not affect Data, if the storage is legally necessary, for example for accounting purposes, but this data will be also deleted after the time period set by law.

6. Rights
6.1
Please send a request via email to the Email Address or via mail to the postal address depicted in the legal notice on the Website to exercise the rights defined in Section 7.2 to 7.8,.

Please find here the current contact details https://www.nativy.com/contact/

6.2
You can revoke the consent for future data processing at any time. However, this does not affect the lawfulness of Data processing based on the consent before the revocation. Should the processing of Data be lawful due to another reason stated in 4.2, we may continue to process your Data on these grounds.

6.3
You have the right to obtain (i) confirmation as to whether or not your Data is being processed by us and, if so, (ii) more specific information on the Data. The more specific information concerns, among others, processing purposes, categories of Data, potential recipients or the duration of storage.

You can download, change or delete all informations in your Nativy Account.

Clients click here: https://webapp.nativy.com/client/settings/gdpr

Translators click here: https://webapp.nativy.com/translator/settings/gdpr

6.4
You have the right to obtain from us the rectification of inaccurate Data concerning you. In case the Data processed by us is not correct, we will rectify these without undue delay and inform you of this rectification.

6.5
Should you decide you do not want us to process your data any further We will erase your Data immediately and inform you of this process. Should mandatory provisions of law prevent such erasure, we will inform you without undue delay thereof.

You can download, change or delete all informations in your Nativy Account.

Clients click here: https://webapp.nativy.com/client/settings/gdpr

Translators click here: https://webapp.nativy.com/translator/settings/gdpr

6.6
You have the right to obtain from us a restriction of processing of your Data in the following cases:

You make an inquiry pursuant para. 7.4, if you so request;
you are of the opinion, that the processing of your Data is unlawful, but are opposed to an erasure of Data;
you still require the Data for the establishment, exercise or defense of legal claims; or
you have objected to the processing pursuant para. 7.8.

6.7
You have the right to (i) receive your Data in a structured, commonly used and machine-readable format and (ii) transmit those Data to another controller without hindrance from us. You can download all informations in your Nativy Account.

Clients click here: https://webapp.nativy.com/client/settings/gdpr

Translators click here: https://webapp.nativy.com/translator/settings/gdpr

6.8
You have the right to object at any time to the processing of Data based on our legitimate interests, including profiling and direct marketing purposes.

6.9
You have the right to lodge a complaint with a supervisory authority if you think that the processing of Data infringes applicable law, especially the GDPR.

7. Cookies
7.1
The Websites may use cookies, small text files that are placed on your computer, smartphone and/or stored by the browser. If the respective server of our Website is again accessed by you, your browser sends the afore received cookie back to the server. The server can evaluate the information received in this manner in various ways. Cookies can, for example, be used in order to manage advertisements on the Website or to facilitate navigation on a webpage.

7.2
You can disable the cookies by entering the corresponding settings in your browser software (e.g. in Internet Explorer, Mozilla Firefox, Opera, or Safari). However, in this case you may jeopardize the use of the complete range of functions on the Websites.

8. Analytics
8.1 Google Tagmanager
If you give your consent, we will process your personal data in cooperation with the service Google Tag Manager, Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA, as joint controllers for the purpose of initiating, controlling and maintaining of further services on our website. In this case the service mentioned above shall be operated by Google Tag Manager. Failure to give consent therefore has exactly the effect described for the service listed above. You can revoke your consent by changing the settings at Privacy settings.

We enable Google Tag Manager the collection of connection data and data of your web browser. This data will be used by Google to advancing their service.

The legal basis of processing is your consent according to Article 6 (1) (a) GDPR. The Google group transfers your personal data to the USA. The legal basis for data transfer to the USA is your consent in accordance with Art. 49 Para. 1 a in conjunction with Art. 6 Para. 1 a GDPR. Before you gave your consent, you were informed that the USA does not have a data protection level that complies with EU standards. In particular, US intelligence agencies can access your data without being informed about it and without you being able to take legal action against it. For this reason, the European Court of Justice ruled in a judgment that the previous adequacy decision (Privacy Shield) was invalid.

Google Ads conversion tracking
We use the online advertising program "Google Ads" on our website and, in this context, conversion tracking (evaluation of visits). Google Conversion Tracking is an analysis service provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). If you click on an ad placed by Google, a conversion tracking cookie will be placed on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. As a result, there is no way that cookies can be tracked through Ads advertisers' websites. The information obtained using the conversion cookie is used to generate conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified. The processing takes place on the basis of Article 6 (1) lit. f GDPR from the legitimate interest in targeted advertising and the analysis of the effect and efficiency of this advertising.
You have the right to object to the processing of your personal data based on Art. 6 (1) f GDPR at any time for reasons that arise from your particular situation.
You can prevent the storage of cookies by selecting the appropriate technical settings in your browser software. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. You will then not be included in the conversion tracking statistics. You can also deactivate personalized advertising for you in the settings for advertising on Google. You can find instructions on how to do this here.
In addition, you can deactivate the use of cookies by third parties by calling up the deactivation page of the network advertising initiative (Network Advertising Initiative) at www.networkadvertising.org and implementing the additional information provided there on opting out.
Further information and Google's data protection declaration can be found here.

8.2 Mailchimp
We use Mailchimp for general newsletters, for marketing purposes, as well as announcements about new features and services. We upload in Mailchimp only very few information, like email address, first name and last name.

You can opt out for our newsletters at the end of each newsletter or also before hand in your Nativy Account:

Clients click here: https://webapp.nativy.com/client/settings/gdpr

Translators click here: https://webapp.nativy.com/translator/settings/gdpr

9. Contact
9.1
We are acting as the controller for the data processing within the meaning of the GDPR.

Please contact us here:

https://www.nativy.com/contact/

9.2
To understand more about the privacy policy, access your personal information, ask questions about our privacy practices, or issue a complaint, please contact our data protection officer within the meaning of the GDPR at office@nativy.com.

10. Privacy Compliance
It is very important to us that all users, i.e. employees, contractors (translators), and clients comply
with this policy. To help ensure proper understanding of the same, Nativy will send out informative
newsletters annually to all stakeholders. Translator compliance is monitored through their actions
on the platform and through the newsletter system. Employees also undergo privacy trainings and
workshops to ensure compliance.

11. Audit History
This policy has undergone internal audits and auditing by a licensed and qualified attorney. Last
audit was conducted in June 2019. It was found that Nativy is compliant with GDPR policies and
that the reduction in collection of translator data further reduces Nativy’s GDPR obligations.

12. Privacy Officer (Datenschutzbeauftragter):
Thomas Eder, Head of Project Management

13. Anti Fraud Team
Anti-Frau Team Lead: Thomas Eder, Head of Project Management

Members: Alexander Brischar and Sophie Wais, Project Managers

14. Privacy Training
All employees must attend annual privacy information workshops. Last training in workshop-format
was held in May 2019.

Important information regarding the GDPR

The new Regulation (EU) 2016/679 of the European Parliament, the General Data Protection Regulation (GDPR), came into effect on the 25th of May 2018. The GDPR applies to all organisations that control or process personal data, which is why Nativy GmbH is also preparing for full compliance with the GDPR. This involves the following steps:

We have amended the General Terms & Conditions for clients and translators to ensure that every order is awarded under GDPR compliant conditions. See here for full details.
In order to minimise inconvenience to our clients and translators, you can read and confirm the newly amended General Terms & Conditions online the next time you log in. We will also be happy to send you a pdf file for your records.
We already keep records of data processing activities pursuant to Article 30 (1) of the EU General Data Protection Regulation (GDPR).
We have deleted all unnecessary data, and these can no longer be entered. For example, clients and translators used to have the option of entering their date of birth in the settings. This option no longer exists, and we have deleted all dates of birth.
From mid May 2018 under the “Data Protection” tab in the Settings section of your profile, you can choose whether your picture and/or your first name is visible in the translator-client chat. It is of course much easier (and more human) for translators and clients to communicate with each other, if all parties have a name and a face to associate with the person on the other end.
Under the “Data Protection” tab of the Settings section of your profile, you can also request a report detailing all the personal data that you have provided us with, and the data that we have saved about you and that can be accessed by us.
As in the past, we will send out only a very few newsletters, every 2 to 3 months. You can unsubscribe at the bottom of every newsletter or under the “Data Protection” tab of the Settings section of your profile.

If you have any questions, please contact the Nativy team via info@nativy.com. We will be happy to answer any questions!