Privacy and Data Protection Policy
At Vereign we respect your personal data. Naturally, our data protection practice complies with applicable law including but not limited to the General Data Protection Regulations (GDPR) of the European Union.
This privacy policy informs you of our privacy practices at https://community.vereign.com (“ Vereign Community ”).
I. Name and Contact Details of the Controller
Vereign AG
Kolinplatz 10,
6300 Zug, Switzerland
Email: contact@vereign.com
For questions with regard to this data protection policy or other concerns in this subject area, you may contact our data protection team directly via: dataprotection@vereign.com.
II. General Information on Data Processing
1. Corporate Principles and Commitment
As a matter of principle, we collect and use personal data as much as necessary to provide our services requested by you (see Art. 6 para. 1 Lit. b GDPR). An exception applies where a contractual basis is not apparent and therefore the processing of personal data can only be authorised via your explicit consent (see Art. 6 para. 1 Lit. a GDPR). In such a situation we will explain to you the exact purposes and consequences of the concerned data processing and of course you may at any time retrieve your consent given to us. In no event will we sell your personal data to any third party for any business or political agenda.
2. Data erasure and storage period
Your personal data will be erased, as soon as the purpose of storing the data ceases to apply. However, please note there may be explicit legal obligations or at least recognised interests of our company in line with EU GDPR, to keep your personal data stored (or at least recoverable) for a certain retention period, even after the original purpose of storing your data ceases to apply (see Art. 6 para. 1 Lit. c GDPR). In such a case, the data will be erased if a storage period stipulated by the aforementioned rules expires.
III. Collection and Processing of Personal Data on this Website
The collection and processing of your personal data on this website is limited to the extent necessary to fulfil the apparent purpose of this website. As further outlined in no. 1 and 2 below this website shall offer an information platform including the opportunity to ask any question you might have with regard to any of our projects and engage in related discussions. For us, this purpose, includes our aspiration, to gain a better understanding of questions and needs of people and parties interested in our projects. In order to provide you and other interested parties with this open forum, we need to technically maintain this website; for related details please see no. 3 and 4 below.
1. Providing a Publicly Accessible Platform for Q&A
Please note, first and foremost this website shall give you the opportunity to engage with our team members in discussions and provide you with answers you are searching for with regard to our projects. Consequently, any of your questions or contributions will be accessible for other interested parties and participants as well as to our team members.
In case you would like to engage in a private and confidential conversation with us, please reach out per email to: contact@vereign.com.
2. Collection and Usage of our Personal Login Data
In order to protect our Vereign Community, and its purpose outlined above, from automated posts of bots or other nonrelated content, we ask you to provide your email address (never shown publically), a username you create (which will be shown in connection with your questions or contributions in the community forum), a password, and optionally your actual name. Consequently, whether you want to interact with other members of our forum pseudonymously or under your genuine name, remains your free choice. You may also choose to visit our site without registering, but in this case you will not be able to participate in discussions or ask your own questions.
In case you choose to post comments in the Vereign Community, please be aware that other users of the Vereign Community will see your user name and the content of your comments and posts, and may interact with you in response to your comments.
We will use login information provided by you, including but not limited to your email address, exclusively for the purposes of granting you access to our Vereign Community. In particular, you will receive an email, in order to verify your email address, by means of a unique hyperlink. Furthermore, you may receive from time to time additional emails, regarding your usage of the Vereign Community (e.g. in case you require to set a new password).
The email address you have provided may also be used to send you information, notifications or to keep you informed about new questions and answers in the Vereign Community or new responses to your queries. At any time you may change your email and notification settings by modifying your account preferences respectively.
After you have chosen to provide us with your login details (including but not limited to your email address) you may at any time object to any further usage of your login details for the purposes outlined in this policy. In order to exercise such a right to object future usage, please just write us an email to dataprotection@vereign.com and we will delete your user account including your email address from our server and systems without undue delay. However, please note any of your submitted questions and contributions will remain on Vereign Community in an anonymised form.
3. IP-Addresses and Webserver Log Files
In order to allow for the requested website of our Vereign Community to be displayed in your browser, we need to temporarily store and process your IP address. The legal basis for this temporal storage of personal data is Art. 6 para. 1 Lit. f of the GDPR.
Also, every time our internet pages are accessed, information transmitted from your browser is automatically saved in anonymised webserver log files. This information includes:
-
the exact pages you accessed in our URL(s)
-
date and time of your request
-
the name of your provider,
-
your browser type,
-
your operating system,
-
your anonymised IP address
We will use this non-personal data exclusively to safeguard the functionality of the website. Such log files are highly relevant for optimising our Vereign Community and to safeguard the security of our information technology systems.
4. Cookies
As you may already know, “cookies” are text files stored on your computer that help to increase the ease of use, efficency and safety of our internet service. We use cookies in our Vereign Community, only to the extent as necessary to provide you with a smooth user experience. The legal basis for this temporal storage of personal data is again Art. 6 para. 1 Lit. f of the GDPR.
We do not conduct any web analytics. In particular, we have choosen not to track our community members with Google Analytics.
Primarily we use so called session cookies only. Such session cookes are temporary cookie files, which are erased when you close your browser. In the cookies we use, we store:
| Name | Essential | Expires | Description |
|---|---|---|---|
| Y | Session | Used during account creation | |
| destination_url | Y | Session | Used during login to redirect to the requested page |
| sso_destination_url | Y | Session | Used during SSO login to redirect to the requested page |
| fsl | Y | Session | Full screen login client setting |
| theme_key | Y | Forever | Client theme personalization. Only used when “Make this my default theme on all my devices” unselected. |
| cn | Y | Forever | Client cleared notifications. |
| _bypass_cache | Y | Session | Used with ‘fsl’ for full screen login |
| _t | Y | 1440 hours | User authentication token cookie. SiteSetting.maximum_session_age.hours.from_now |
| _forum_session | Y | Session | Session cookie |
| dosp | Y | next page view | Temoporary cookie that informs client denial of service protection is in place. |
IV. Data Processors
The recording, processing and use of personal data of Vereign Community is primarily carried out by us as well as our subsidiary Vereign Labs Ltd. (a Bulgarian company, having its registered office address at 152 “Sixth September” street, 3rd floor, office 3.6 В, Plovdiv 4000, Bulgaria).
However, for specific tasks we also have contracted external service providers. Any of such external providers just as our subsidiary is processing your personal data on our behalf and all these parties remain contractually and legally bound to this privacy policy and any applicable law, including but not limited to EU GDPR.
V. Rights of the data subject
If your personal data is processed by us, then you are a “data subject” within the meaning of the GDPR. You have the following rights vis-à-vis us as the data controller:
-
Right of access: You may request information about your data processed by us, in particular about the purposes of processing, the category of personal data, the categories of recipients to whom the data have been or will be disclosed by us, the envisioned period of storage, the existence of a right of rectification, erasure, restriction of processing or objection to it, the existence of a right to lodge a complaint, where your data are collected from (if these are not collected by us), and the existence of automated decision-making, including profiling.
-
Right to rectification: You have the right to demand without undue delay the rectification of inaccurate personal data stored by us as well as to have incomplete personal data stored by us completed.
-
Right to erasure: You have the right to demand that personal data stored by us be erased as long as the processing of this data is not necessary to fulfil a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims. Please also note, any of your submitted questions and contributions will remain on Vereign Community in an anonymised form, even after we have fulfilled your request.
-
Right to block data: You have the right to demand that your personal data be blocked. Data that is blocked will not be deleted from our databases, but they will not be processed as long as the block is in effect.
-
Right to data portability: You have the right to receive your personal data in a structured, commonly used and machine-readable format or to demand that it be transmitted to another controller.
-
Right to object: Consent given to process your personal data can be revoked at any time. As a result of this, we will no longer be permitted to continue processing data based on this consent in the future.
-
Right to lodge a complaint: You have the right to lodge a complaint with any competent supervisory authority.
In order to exercise your rights as a data subject, please contact our Data Protection Team (dataprotection@vereign.com) or send an email or postal mail to our contact details as indicated under clause I above.
In case you exercise your rights in accordance with the GDPR towards us, we will not charge any fees. However, a reasonable fee may be charged if your inquiry is demonstrably abusive improper or if you make a repeated inquiry without relevant justification.
We may need to collect information on you that will enable us to clearly identify you as a data subject. In doing so, we will endeavour not to complicate or even hinder your request. Rather, we want to make sure that none of your personal data falls into the hands of unauthorised persons.
VI. Miscellaneous
1. Security
We have implemented extensive security provisions and measures to protect personal data stored by us from unauthorised access, misuse, altering, misappropriation, destruction and loss.
However, in case you choose to communicate with us via an insufficiently encrypted communication channel, we would like to point out that such insufficiently encrypted data transfer via the internet cannot provide any guarantee that access to your data by third parties is averted. Complete protection of your data during unencrypted transfer from your system to our server is not possible in technical terms.
2. Hyperlinks
Our webpage may contain hyperlinks, which will lead you to internet sites from other companies. This Data Privacy Statement does not apply to these linked internet sites belonging to other companies.
3. Amendment of this Data Privacy Statement
It may be necessary to adapt our data protection statement to changing framework conditions of a technical, factual or legal nature. The data privacy statement published on our pages is kept up to date.
As of: October 2018