1. General
1.1
At Nativy your personal information is handled very carefully, so we have prepared this privacy policy to explain how we collect, use, and share it with third parties.
1.2
We handle your personal information in a confidential and responsible way and any processing of your personal information takes place in compliance with the General Data Protection Regulation („GDPR“) as well as the Austrian data protection act in its current form.
1.3
To prevent unauthorized access to your personal data and generally secure such data, we and our partners use encrypted transmission and encrypted storage. All safety measures are constantly revised and comply with the latest technological developments.
1.4
We may update our privacy policy to reflect changes to our information practices. If we do this and the changes are material, we will post a notice that we have made changes to this privacy policy on the Websites for at least 7 days after the changes are made, ask for your consent, and indicate the date these terms were last revised at the bottom of the privacy policy. Revisions to this privacy policy will become effective the earlier of (i) the end of that 7-day period or (ii) the first time you access or use the Services after any such changes.
2. About information we collect
When you register for, access, or use the Services, we process certain of your personal information (“Data” or “Information”).
2.1
If you visit our Website, we process only Data that your browser communicates to our servers. We collect the following Data, which is necessary for us in order to display the Website correctly and guarantee the necessary stability and safety:
IP address;
date and time stamp;
requested site;
access status/HTTP status code;
transmitted data volume;
site from which the request was sent;
browser;
operating system and interface; and
language and version of the browser software.
2.2
Depending on your registration, we process and save the following Data:
Email address
Gender (optional)
First name
Last name
Company (optional)
Currency
Time zone
For the invoice we need also this information:
Street
ZIP Code
City
Country
2.3
When you make purchases in the Services via Credit Card, we process but do not have access or save the following Data:
credit card information
2.4
When you use the Services, we process the following Data:
when you launch, signup to, login to, and logout of the Services;
when you purchase something in the Services
What you purchased
3. Use of Information
3.1
The processing of Data pursues the following purposes (“Purposes”):
providing the Services;
customer relations management (e.g. support);
marketing for our own products (newsletters, push messages);
research and development;
communicating with you about the Services;
ensuring safety and security; and
protecting our legitimate business interests and legal rights.
3.2
The lawfulness of processing (Art. 6 GDPR) stems from
the consent pursuant para. 1 subpara. a GDPR upon registration;
the necessity for the performance of contract fulfillment pursuant para 1 subpara. b GDPR, as your Data is needed for a satisfactory use of the Services; and/or
the necessity for the purposes of the legitimate interests pursued by the Company or by a third party.
4. Information we share
4.1
We transmit Data to third parties only if this is necessary for the Purposes, due to a request from a national authority, due to a court ruling, or if you have consented beforehand.
4.2
Your data is stored securely within the EU on Microsoft Azure servers in the Netherlands, and partially on Amazon AWS in Ireland.
5. Updating or deleting Information
5.1
We store your personal data as long as you are a registered user of our service. Where we retain information for service improvement and development during your membership, we take steps to eliminate information that directly identifies you and we only use the information to uncover collective insights about the user behavior, not to specifically analyze personal details.
5.2
If you delete your account, we only store Data that is legally necessary .
5.3
Data will be deleted if you (a) revoke your consent to the storage (b) Data is not needed to fulfill the user contract concerning the Services anymore, or (c) the storage is or becomes legally impermissible. A deletion request does not affect Data, if the storage is legally necessary, for example for accounting purposes, but this data will be also deleted after the time period set by law.
6. Rights
6.1
Please send a request via email to the Email Address or via mail to the postal address depicted in the legal notice on the Website to exercise the rights defined in Section 7.2 to 7.8,.
Please find here the current contact details https://www.nativy.com/contact/
6.2
You can revoke the consent for future data processing at any time. However, this does not affect the lawfulness of Data processing based on the consent before the revocation. Should the processing of Data be lawful due to another reason stated in 4.2, we may continue to process your Data on these grounds.
6.3
You have the right to obtain (i) confirmation as to whether or not your Data is being processed by us and, if so, (ii) more specific information on the Data. The more specific information concerns, among others, processing purposes, categories of Data, potential recipients or the duration of storage.
You can download, change or delete all informations in your Nativy Account.
Clients click here: https://webapp.nativy.com/client/settings/gdpr
Translators click here: https://webapp.nativy.com/translator/settings/gdpr
6.4
You have the right to obtain from us the rectification of inaccurate Data concerning you. In case the Data processed by us is not correct, we will rectify these without undue delay and inform you of this rectification.
6.5
Should you decide you do not want us to process your data any further We will erase your Data immediately and inform you of this process. Should mandatory provisions of law prevent such erasure, we will inform you without undue delay thereof.
You can download, change or delete all informations in your Nativy Account.
Clients click here: https://webapp.nativy.com/client/settings/gdpr
Translators click here: https://webapp.nativy.com/translator/settings/gdpr
6.6
You have the right to obtain from us a restriction of processing of your Data in the following cases:
You make an inquiry pursuant para. 7.4, if you so request;
you are of the opinion, that the processing of your Data is unlawful, but are opposed to an erasure of Data;
you still require the Data for the establishment, exercise or defense of legal claims; or
you have objected to the processing pursuant para. 7.8.
6.7
You have the right to (i) receive your Data in a structured, commonly used and machine-readable format and (ii) transmit those Data to another controller without hindrance from us. You can download all informations in your Nativy Account.
Clients click here: https://webapp.nativy.com/client/settings/gdpr
Translators click here: https://webapp.nativy.com/translator/settings/gdpr
6.8
You have the right to object at any time to the processing of Data based on our legitimate interests, including profiling and direct marketing purposes.
6.9
You have the right to lodge a complaint with a supervisory authority if you think that the processing of Data infringes applicable law, especially the GDPR.
7. Cookies
7.1
The Websites may use cookies, small text files that are placed on your computer, smartphone and/or stored by the browser. If the respective server of our Website is again accessed by you, your browser sends the afore received cookie back to the server. The server can evaluate the information received in this manner in various ways. Cookies can, for example, be used in order to manage advertisements on the Website or to facilitate navigation on a webpage.
7.2
You can disable the cookies by entering the corresponding settings in your browser software (e.g. in Internet Explorer, Mozilla Firefox, Opera, or Safari). However, in this case you may jeopardize the use of the complete range of functions on the Websites.
8. Analytics
8.1 Google Tagmanager
If you give your consent, we will process your personal data in cooperation with the service Google Tag Manager, Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA, as joint controllers for the purpose of initiating, controlling and maintaining of further services on our website. In this case the service mentioned above shall be operated by Google Tag Manager. Failure to give consent therefore has exactly the effect described for the service listed above. You can revoke your consent by changing the settings at Privacy settings.
We enable Google Tag Manager the collection of connection data and data of your web browser. This data will be used by Google to advancing their service.
The legal basis of processing is your consent according to Article 6 (1) (a) GDPR. The Google group transfers your personal data to the USA. The legal basis for data transfer to the USA is your consent in accordance with Art. 49 Para. 1 a in conjunction with Art. 6 Para. 1 a GDPR. Before you gave your consent, you were informed that the USA does not have a data protection level that complies with EU standards. In particular, US intelligence agencies can access your data without being informed about it and without you being able to take legal action against it. For this reason, the European Court of Justice ruled in a judgment that the previous adequacy decision (Privacy Shield) was invalid.
8.2 Mailchimp
We use Mailchimp for general newsletters, for marketing purposes, as well as announcements about new features and services. We upload in Mailchimp only very few information, like email address, first name and last name.
You can opt out for our newsletters at the end of each newsletter or also before hand in your Nativy Account:
Clients click here: https://webapp.nativy.com/client/settings/gdpr
Translators click here: https://webapp.nativy.com/translator/settings/gdpr
9. Contact
9.1
We are acting as the controller for the data processing within the meaning of the GDPR.
Please contact us here:
https://www.nativy.com/contact/
9.2
To understand more about the privacy policy, access your personal information, ask questions about our privacy practices, or issue a complaint, please contact our data protection officer within the meaning of the GDPR at office@nativy.com.
10. Privacy Compliance
It is very important to us that all users, i.e. employees, contractors (translators), and clients comply
with this policy. To help ensure proper understanding of the same, Nativy will send out informative
newsletters annually to all stakeholders. Translator compliance is monitored through their actions
on the platform and through the newsletter system. Employees also undergo privacy trainings and
workshops to ensure compliance.
11. Audit History
This policy has undergone internal audits and auditing by a licensed and qualified attorney. Last
audit was conducted in June 2019. It was found that Nativy is compliant with GDPR policies and
that the reduction in collection of translator data further reduces Nativy’s GDPR obligations.
12. Privacy Officer (Datenschutzbeauftragter):
Thomas Eder, Head of Project Management
13. Anti Fraud Team
Anti-Frau Team Lead: Thomas Eder, Head of Project Management
Members: Alexander Brischar and Sophie Wais, Project Managers
14. Privacy Training
All employees must attend annual privacy information workshops. Last training in workshop-format
was held in May 2019.
Important information regarding the GDPR
The new Regulation (EU) 2016/679 of the European Parliament, the General Data Protection Regulation (GDPR), came into effect on the 25th of May 2018. The GDPR applies to all organisations that control or process personal data, which is why Nativy GmbH is also preparing for full compliance with the GDPR. This involves the following steps:
If you have any questions, please contact the Nativy team via info@nativy.com. We will be happy to answer any questions!