Data protection

Data protection

Thank you for visiting our website and for your interest in our company and our products. In doing so, we respect your privacy and ensure the protection of your personal data by processing your personal data in accordance with the content of this Privacy Policy and the applicable data protection laws.

You can visit our website without telling us who you are. In order to display our website, you are only required to provide the data transmitted by your browser to our server (see “Log files”). Further personal data is only stored if you voluntarily enter it on the website or use the corresponding functions, e.g. when entering data via our contact form or when creating a profile.

Ergoscreenings

If you would like to carry out an ergoscreening, you must first register on our website and create a profile. This requires you to enter your name, an e-mail address, the Ergofox ID of your ergoscreening device and a password. All of this information is mandatory information that we require to provide our service (Art. 6 para. 1 sentence 1 lit. b GDPR).

As part of the ergoscreening, data is collected via sensors, which allows conclusions to be drawn about your health. On the other hand, we process health data that you enter in a questionnaire before the measurement and in the feedback survey after the measurement. We may only process this particularly sensitive and protected health data in accordance with Art. 9 para. 1 GDPR with your express consent in accordance with Art. 9 para. 2 lit. a GDPR, which you can give when you register. Please note that without this consent to the processing of your health data, we cannot provide our services and cannot carry out the ergoscreening.

The measurement data is recorded using the 3D sensor of the Ergoscreening device. The integrated depth sensor detects distances in three-dimensional space and thus calculates a depth image of the measurement environment. The resulting depth image in the form of point data serves as the basis for our algorithms for recognizing sitting posture. Based on the depth data transmitted by the sensor, the built-in single-board computer calculates selected body points directly in the device in real time. These are sent to the ergofox server as encrypted 3D coordinates (x/y/z) via an integrated SIM card.

In connection with the performance of the ergoscreening, further data may also be collected which, although not a prerequisite for participation itself, may be helpful and may also have an effect on the evaluation and the further course of the screening - so-called optional data (Art. 6 para. 1 sentence 1 lit. a GDPR).

Ergogames

When participating in Ergogames, you control the game primarily through body movements, which are recorded by the camera on your end device. This data is processed locally on your device to control the Ergogame and is not saved.

If you participate in an Ergogame by a provided link, you have the option of entering a name after completing the game, which will be displayed in a ranking (number of points achieved in a high score) for you and all other participants who play the Ergogame under the same link (possibly the same company or institution that booked the Ergogame). Entering a name is optional and in this case is done with your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). However, you can also enter a pseudonym or make no entry. No further storage of personal data (such as evaluations or scores) or disclosure of this data to third parties takes place. On request, we will provide our contractual partner (who has booked the Ergogame) with statistics showing the number of participants. These statistics do not contain any personal data and do not allow any conclusions to be drawn about the participants.

If you book an Ergogames product yourself (e.g. as part of the City Hopper prevention course), you must first register on our website and create a profile. This requires the information marked with an asterisk as well as a password. All of this information is mandatory information that we require to provide and bill our services (Art. 6 para. 1 sentence 1 lit. b GDPR). In connection with the implementation of the ergogames, further data may also be collected (e.g. in questionnaires), which are not a prerequisite for participation itself, but which may be helpful and may also have an effect on the evaluation - so-called optional data (Art. 6 para. 1 sentence 1 lit. a GDPR). You can call up results and statistics on the ergogames you have completed via your profile.

Data security, data transfer and data deletion for ergoscreenings and ergogames

All our IT systems in which your personal data is stored and processed are protected by strict measures and are only accessible to a selected and additionally trained group of employees. We maintain up-to-date technical and organizational measures to ensure data security, in particular to protect your personal data from risks during data transfers and from unauthorized access by third parties. These are adapted to the current state of the art.

Your personal data will not be passed on to third parties unless

- overriding legal provisions provide for the transfer of data to recipients of public bodies

- we use processors in accordance with Art. 28 GDPR (e.g. for hosting an application) who have been carefully selected and commissioned by us

- the data is necessary for the establishment, exercise or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data;

- you have given your express consent for your data to be passed on to external bodies.

No other participants have access to the data stored in your profile without knowing your password. Please choose a sufficiently complex password and keep your password secret.

The personal data stored for your profile, including the measurement data from ergoscreenings or statistics at Ergogames, will be anonymized 12 months after your profile has been created so that individual details about personal or factual circumstances can no longer be assigned to a specific or identifiable natural person. The data relating to the contractual relationship will be deleted once the statutory retention obligations have expired. You have the option of having your profile deleted at any time. To do so, please contact us using the contact details provided under “Responsible parties”.

Contact

You can enter your personal data on our website in order to contact us. All data fields are mandatory. This data will be used and stored with your consent exclusively for the purpose of processing your message (Art. 6 para. 1 sentence 1 lit. a GDPR). It will not be used for other purposes or passed on to third parties unless you expressly agree to this (consent).

Cookies

Cookies are very small text files used by websites, which your browser stores on your end device and can send certain information to us or, if applicable, to a third party. Transient cookies are automatically deleted when you close your browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your device to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. In contrast to transient cookies, deletion does not occur automatically when the browser is closed. However, you can also delete cookies at any time in the security settings of your browser.

Cookies that are absolutely necessary to provide a service expressly requested by the user (“necessary cookies”) are processed within the scope of our legitimate interest in providing and operating the website on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR and §25 para. 2 TTDSG. The following necessary cookies are set when you visit our website

name                           description                     duration of storage

sessionid                     session                             2 weeks

flysess                         session                            12 months

csrftoken                Cross Site Request               12 months

                               Forgery protection

In addition, other information is stored or accessed on your end device that is not absolutely necessary to provide a service expressly requested by the user. The storage or access only takes place if you give your consent (Art. 6 para. 1 sentence 1 lit. a GDPR and §25 para. 1 TTDSG). Details on the type of information, purpose of processing, storage period of the information and possible recipients of the data can be found later in this privacy policy.

You can set your browser so that it generally does not accept cookies or so that only certain cookies are stored or not stored. You can revoke any consent you may have given to the processing of data using cookies at any time by deleting the relevant cookies directly via your browser settings. You can find out more about this in your browser's help system. If your browser rejects all cookies, it is possible that not all functions of this website can be used.

Fanpages

In order to provide customers, partners or other interested parties with up-to-date information and to get in touch with them, we operate so-called “fan pages” on the following social networks in addition to our own website: LinkedIn.

Data processing is carried out by the provider of the social media platform. Data processing outside the European Union cannot be ruled out. The provider of the platform may provide us with aggregated usage data, but we do not have access to personal data if you only visit the fan page.

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. In the case of consent in the form of an opt-in (“tick the box”, “activate button”) or any other form of obtaining consent, the legal basis is Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time without giving reasons to the person to whom it was given, with effect for the future.

As the data processing is carried out by the provider of the platform, we recommend that you contact the respective provider of the platform to exercise your rights of access, rectification, erasure, data portability and objection when visiting our fan page. If necessary, we will of course support you in exercising your rights.

In addition, cookies may be placed on your end device. The purposes and legal basis for the use of cookies can be found under “Cookies” in this privacy policy or in the privacy policies of the platform provider.

Further information can be found under the following links:

- LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland; http://www.linkedin.com/legal/privacy-policy.

Logfiles

Each time you access our website, we collect the following information about your end device: the IP address of your end device, the request from your browser and the time of this request. In addition, the status and the amount of data transferred as part of this request are recorded, as well as product and version information about the browser used and the operating system of your device. We also record the website from which our site was accessed. The IP address of your device is only stored for the duration of your use of the website and then immediately deleted or anonymized by shortening it. The other data is stored for a limited period of time. We use this data for the operation of our website, in particular to detect and eliminate errors on the website, to determine the utilization of the website and to make adjustments or improvements (legal basis: Art. 6 para. 1 sentence 1 lit. f GDPR).

Matomo

This website uses the web analysis service Matomo to analyze and regularly improve the use of our website. We have a legitimate interest in using the statistics obtained to improve our website and make it more interesting for you as a user. We use Matomo without cookies for this purpose. The legal basis for the use of Matomo is Art. 6 para. 1 sentence 1 lit. f GDPR.

You can prevent the use of Matomo by clicking on the following link to set an opt-out cookie: