Cookie Policy

Regarding the website www.OneDock.app valid as of 15.10.2019

This page informs you of our policy regarding the collection, use, and disclosure of personal data when you use our the website “www.OneDock.app” (hereinafter “Software”) and the choices you have associated with that data.

Cookies Data

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our service.

Cookie we use:

Name

First party, third party

Purpose of data processing

Storage duration

Type

Login cookie

First party

Identify the user if they are logged in to the system

48 hour

Session Cookie

Facebook Ads

3'rd party

Optimize campaigns based on user behavior

28 days

Preference Cookie

Google Ads

3rd party

Optimize campaigns based on user behavior

30 days

Preference Cookie

LinkedIn

3rd Party

Optimize campaigns based on user behavior

30 days

Preference Cookie

Hotjar

3'rd party

analyze user behavior on website

12 months

Preference Cookie

We use anonymized Google Analytics (3rd party) and Webtrekk (3rd party) preference cookies which do not contain personal data.

Your rights:

Data protection officer of ITSH:

National Authority for Data Protection and Freedom of Information

The court:


APPENDIX to privacy notice

Details concerning the rights of data subjects

For the purposes of this information sheet (and of GDPR), ’data subject’ shall mean a natural person who has been identified by reference to specific personal data, or who can be identified, directly or indirectly; ’personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Article 4. of GDPR and Section 3. of InfoAct).

Rights of the data subject according to Chapter III. of the GDPR

You can read the explanation of the rights below:

The controller shall provide information on action taken on a request under Articles 15 to 22 to the data subject without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. The controller shall inform the data subject of any such extension within one month of receipt of the request, together with the reasons for the delay. Where the data subject makes the request by electronic form means, the information shall be provided by electronic means where possible, unless otherwise requested by the data subject. (Article 12.3 of GDPR)

4.    Notification obligation regarding rectification or erasure of personal data or restriction of processing (Article 19 of GDPR)
The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with GDPR Article 16, Article 17(1) and Article 18, to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The controller shall inform the data subject about those recipients if the data subject requests it.

5.    Right to data portability (Article 20 of GDPR)
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
   (a) the processing is based on consent or on a contract; and
   (b) the processing is carried out by automated means.
In exercising his or her right to data portability, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
The exercise of this right shall be without prejudice to the right to be forgotten.

6.    Right to object ( Article 21 of GDPR)
The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

7.    Automated individual decision-making, including profiling (Article 22 of GDPR)
The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
This provision shall not apply if the decision:
   (a) is necessary for entering into, or performance of, a contract between the data subject and a data controller;
   (b) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests; or
   (c) is based on the data subject's explicit consent.
In this case, he data controller shall implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

8.    Legal remedy – alternative possibilities

8.1.    Data protection officer (Article 24 of InfoAct, Article 39 of GDPR)
The data protection officer has to monitor compliance with GDPR, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits (Article 39 of GDPR)

8.2.    Investigation of the National Authority for Data Protection and Freedom of Information (Article 52-58 of InfoAc), 57., 77. Article of GDPR
Any person shall have the right to notify the Authority and request an investigation alleging an infringement relating to his or her personal data or concerning the exercise of the rights of access to public information or information of public interest, or if there is imminent danger of such infringement.
The Authority may refuse the notification without examination thereof as to merits if the infringement alleged in the notification is considered minor, or the notification is anonymous. You can find further reasons for rejection in Section 53. of the InfoAct.

8.3.    Right to an effective judicial remedy against a controller or processor (Section 22. Of InfoAct. Article 79 of GDPR )
Without prejudice to any available administrative or non-judicial remedy, including the right to lodge a complaint with a supervisory, each data subject has the right to an effective judicial remedy where he or she considers that his or her rights under GDPR have been infringed as a result of the processing of his or her personal data in non-compliance with GDPR.
Proceedings against a controller or a processor shall be brought before the courts of the Member State where the controller or processor has an establishment. Alternatively, such proceedings may be brought before the courts of the Member State where the data subject has his or her habitual residence, unless the controller or processor is a public authority of a Member State acting in the exercise of its public powers.