We will ensure to only process and share your Personal Information in accordance with applicable data protection law, especially the EU General Data Protection Regulation (“GDPR“).
Personal Information is data which relate to a specific identifiable person.
Nonpersonal Information is data that does not relate to a specific person. We may combine personal and non-personal information, in which case we will treat this bundle of information as Personal Information for as long as it remains combined.
Service Partners are entities different to IdeasOnCanvas that provide services to IdeasOnCanvas, e.g. that contribute to the functioning and improvement of the MindNode apps, the website, and the “myMindNode” web service.
For traffic analysis we process the following information of website visitors:
To process this information we internally use Matomo, an open source web analytics platform. All Personal Information, including the IP address, is anonymized before storing. As we only use this data for statistical analysis and website improvement, we do not combine it with other data or information. This data is deleted after 6 months.
We process your data based on § 96 para. 3 TKG 2003 (Austrian Telecommunications Act) and our legitimate interest (Art. 6 para. 1 letter f GDPR) to ensure the operation, the security, and the optimised performance of our website.
As a website provider we have commissioned ZEIT Inc, 1046 Kearny Street, San Francisco, CA 94133, United States. The provider automatically collects and stores information that your browser automatically transmits in “server log files“. These include
Your data is processed based on § 96 para. 3 TKG 2003 (Austrian Telecommunications Act) and our legitimate interest (Art. 6 para. 1 letter f GDPR) and stored for 20 days, to ensure the operation, the security, and the optimised performance of our website.
At activation of the app, as a technical requirement to run the service, we sync an identifier between devices so you don’t have to register at each device for our app separately. Based on this information the app may show you pop-up notices with important information from time to time. In the course of this process we collect the following Personal Information:
To manage and verify your license across multiple platforms, we collect your App Store digital purchase receipts, combine it with a generated unique device identifier and a pseudonymized identifier that is stored inside your iCloud account. The purchase receipt contains information such as type of purchase, date of purchase or app version at time of purchase (no Personal Information or payment information is contained in the receipt).
At times we will ask you to provide diagnostic information or crash logs to help us
troubleshoot an issue or crash. When you submit a crash log, the crash log and any additional information you provide, is stored by our Service Partner Microsoft Inc, One Microsoft Way, Redmond, WA 98052-6399, United States.
If you decide to become a beta tester for our services, we store your email address to send you occasional beta newsletters. We also share your email address with Apple Inc. to add you to the TestFlight beta test program.
For app launch and licensing your data is processed in order to enter or fulfill our contractual obligations with you (Art. 6 para. 1 letter b GDPR). For diagnostic reports and beta testing your data is processed based on your consent (Art. 6 para. 1 letter a GDPR). We will only store Personal Information for as long as necessary for the specific purpose of processing. Crash logs are stored for 90 days.
At registration for myMindNode, we store the email address submitted to us. We may use it to send you important notifications regarding the service and its use and for support purposes. In addition, we connect your email address with the information we collected at activation of the app for support purposes (see Sec 4 above).
If a document is uploaded to myMindNode, the document you upload is assigned to an individual Web URL (an individual Website) which can be publicly accessed by anyone who knows the URL. We are not able to guarantee confidentiality of any information contained in these documents. Please consider carefully what you upload (e.g. Personal or Confidential Information) as this happens within your own legal responsibility. By uploading a document you confirm that you are entitled to make the information you upload to myMindNode web service publicly available and do not infringe the rights of others.
For the purpose of providing the Service we have commissioned Heroku Inc., The Landmark @ 1 Market St., Suite 300, San Francisco, CA 94105, United States and Amazon Web Services, Inc., 410 Terry Avenue North Seattle, WA 98109-5210, United States. The servers, on which we process and store this information, are located within the European Economic Area (EEA).
Your data is processed in order to enter or fulfill our contractual obligations with you (Art. 6 para. 1 letter b GDPR).
We generally do not store your Personal Information longer than absolutely necessary to provide the Service to you. At termination of the service agreement between us we will delete any Personal Information we collected from you without undue delay, unless further storage of such information is required for a valid purpose. Please be aware that an encrypted storage of your Personal Information in our back-up system might
be necessary for technical reasons for a period of 3 months from the termination of the Service.
For the purpose of enabling our services and providing technical support for our website, our apps and our web service we collect and store your email address, as well as any additional information that is included in the support requests. In order to properly deal with incoming support requests, we will use the submitted information (email address) to contact you in order to help you with your request.
As our transactional email service provider we have commissioned Mailjet SAS, 13- 13 bis, rue de l’Aubrac – 75012 Paris, France to whom we disclose the information needed to send out transactional emails to you. As our email server provider we have commissioned domainfactory GmbH, Oskar-Messter-Str. 33, 85737 Ismaning, Deutschland who forwards incoming emails to our HelpDesk. As a helpdesk provider we have commissioned Teamwork.com, Ltd., Blackpool Retail Park, Blackpool, Cork, T23 F902, Ireland to whom we disclose the information contained in support request including your email address. Your data is processed within the EEA.
Your data is processed in order to enter or fulfill our contractual obligations with you (Art. 6 para. 1 letter b GDPR). Transactional emails will be stored for 13 months after the corresponding transaction. Support emails will usually be stored for a maximum of 2 years.
If you would like to receive our newsletter, we require an email address. We will use it to verify that you are the owner of the email address provided and that you agree to receive our newsletter. We use this address exclusively to send you our newsletter.
We use the double opt-in procedure to ensure that newsletters are sent in a consent manner. After registration, the user receives a confirmation email to confirm. The address is only actively included in the distribution list if the registration is confirmed. You can revoke this consent at any time via the unsubscribe link that is part of every email.
As a newsletter software provider we have commissioned Mailjet SAS, 13-13 bis, rue de l’Aubrac – 75012 Paris, France to whom we disclose the information needed to send out the newsletter.
Your data will be processed based on your consent (Art. 6 para 1 letter a GDPR) and deleted as soon as you unsubscribe to our newsletter.
Every service partner we engage with is either located in the EEA or participates in the EU-U.S. Privacy Shield.
We do not knowingly collect Personal Information from children under the age of 16. In case we learn that we have collected Personal Information of a child under the age of 16, we will delete that information as quickly as possible.
We process Personal Information of our suppliers and business partners either to take steps prior to entering into a contract or to fulfil our contractual obligations (Art. 6 para. 1 letter b GDPR) or to fulfil our legal obligations (Art. 6 para. 1 letter c GDPR).
Personal Information is processed, first and foremost, for the purpose of concluding, maintaining, and completing our contracts regarding goods and services.
To achieve these desired objectives, it may be necessary to disclose Personal Information to the following recipients in certain cases. If you do not provide us with your data, we cannot enter into a business relationship with you.
We will only store your data for as long as it is required for the purposes for which we collected it.
For reasons relating to tax law, we store contracts and other documents and relevant correspondence pertaining to our contractual relationship for a period of 10 years.
If you apply for a job at our company we process your Personal Information either to take steps prior to entering into a contract (conclusion of an employment agreement, Art. 6 para. 1 letter b GDPR), on the basis of your explicit consent (Art. 6 para. 1 letter a GDPR) if we would like to keep your application on file for future consideration, and to fulfil our legal obligations (registering you as an employee in the social security system, Art. 6 para. 1 letter c GDPR).
Your Personal Information processed for the purpose of completing the application process and registering you in the social security system when we hire you. If you do not provide us with your data, we cannot process your application.
To achieve these desired objectives, it may be necessary to disclose your data to the following recipients in certain cases:
We will only store your Personal Information for as long as it is required for the purposes for which we collected it.
We would furthermore like to inform you that you have the right, at all times, to request information concerning which of your data is processed by us (see Art. 15 GDPR for details), the right to have your data corrected or deleted (see Art. 16 GDPR for details), the right to restrict the processing of your data (see Art. 18 GDPR for details), the right to object to the processing of your data (see Art. 21 GDPR for details), and the right to data portability (see Art. 20 GDPR for details).
If we process your data on the basis of your consent, you have the right to withdraw your consent at any time by sending a request via email to firstname.lastname@example.org or via mail to IdeasOnCanvas GmbH, Zieglergasse 6/1/6/11, A-1070 Vienna. Your withdrawal of consent will not affect the lawfulness of the data processing that was conducted prior to the withdrawal (Art. 7 para. 3 GDPR).
If, contrary to expectations and despite our obligation to process your data lawfully, your right to the lawful processing of your data is violated, please inform us of your concerns by post or email (see contact information below) so that we can resolve the issue. You also have the right, however, to file a complaint with the Austrian Data Protection Authority or with another data protection supervisory authority in the EU, particularly in the country in which you reside or work. If you have additional questions regarding the processing of your data, please feel free to contact us directly, either by email at email@example.com or via mail to IdeasOnCanvas GmbH, Zieglergasse 6/1/6/11, A-1070 Vienna.
Phone: 01 9244583
VAT ID ATU66934838
Registration Number.: FN 372333z, Handelsgericht Wien
Authority according to ECG: Magistratisches Bezirksamt für den 6./7. Bezirk Member of the Chamber of Commerce Vienna
Last updated: December 17, 2019