privacy policy

Data Protection Declaration of RockLogic GmbH, Leitzersbrunnerfeld 24, 2003 Leitzersbrunn, AUSTRIA (“Rocklogic”; “We”) concerning the website stereum.net, the Stereum Ethereum Node Setup and the Stereum Monitor smartphone application.

We have written this Privacy Policy (version 25 October 2021) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data in short) we, Rocklogic GmbH, as controller – and the processors commissioned by us (e. g. provider) – process, which refers to any operation or set of operations performed on personal data, such as, but not excluded to, recording, organization, storage, alteration, and transmission of personal data

The terms used are to be understood as gender-neutral.

In short: we provide you with comprehensive information about the data we process about you.

Privacy statements usually sound very technical and use legal terms. However, this privacy policy is intended to describe the most important things as simply and transparently as possible. Technical terms are explained in a reader-friendly way, links to further information are provided and graphics are used as far as this is conducive to transparency. We hereby inform you in clear and simple language that we only process personal data in the course of our business activities if there is a corresponding legal basis. This is certainly not possible if one makes as concise, unclear and legal-technical statements as possible, as they are often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps there is some information that you didn’t know before.

If you still have any questions, please contact the responsible authority mentioned below or in the imprint, follow the available links and see further information on third-party sites. Our contact details can of course also be found in the imprint.

 

1. Rights under the General Data Protection Regulation 

According to Article 13 of the GDPR, you have the following rights to ensure fair and transparent processing of data:

  • According to Article 15 of the GDPR, you have a right to information as to whether we process your data. If this is the case, you have the right to receive a copy of the data and to receive the following information:
    • the purpose for which we carry out the processing;
    • the categories, i. e. the types of data processed;
    • who receives the data and, if the data are transferred to third countries, how security can be guaranteed;
    • how long the data will be stored;
    • the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
    • you can complain to a supervisory authority (see links to these authorities below);
    • the origin of the data, if we did not collect it from you;
    • whether profiling is carried out, i. e. whether data is automatically evaluated in order to arrive at a personal profile of you.
  • According to Article 16 of the GDPR, you have a right to have the data corrected, which means that we have to correct data if you find errors.
  • According to Article 17 of the GDPR, you have the right of erasure (“right to be forgotten”), which specifically means that you can request the erasure of your data.
  • According to Article 18 of the GDPR, you have the right to restrict processing, which means that we may only store the data and no longer use it.
  • According to Article 19 of the GDPR, you have the right to data portability, which means that we will provide you with your data in a common format upon request.
  • According to Article 21 of the GDPR, you have a right to object, which entails a change of processing after enforcement.
  • If the processing of your data is based on Articel 6 para. 1 lit. e  (public interest, exercise of official authority) or Article 6 para. 1 bed. f (legitimate interest), you may object to the processing. We will then check as soon as possible whether we can legally comply with this objection.
  • If data is used for direct marketing purposes, you can object to this type of data processing at any time. We may no longer use your data for direct marketing.
  • If data is used to conduct profiling, you can object to this type of data processing at any time. We may no longer use your data for profiling.
  • Under Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (e. g. profiling).

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the data protection authority whose website you can find at https://www. dsb. gv. at/ and for Germany, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). In any other case you can also contact the European Data Protection Borad https://edpb.europa.eu/edpb_en.

In short: You have rights – do not hesitate to contact RockLogic GmbH or the responsible authority listed above!

 

2. Processing of Data

2.1 stereum.net

We, RockLogic GmbH, collect on the basis of our legitimate Interest (see Art. 6 para. 1 lit. f. GDPR) data about accesses to the website and store these as “server log files” on the server of the website. The following data are logged:

  • Website visited

  • Time at the time of access

  • Amount of data sent in bytes

  • Source/reference from which you came to the page

  • Browser used

  • Operating system used

  • IP address used

You can visit this website without providing any personal details.  For the improvement of our online offer, however, we store (without personal reference) your access data to this website. This access data includes, for example, your requested file or the name of your Internet provider. Through the anonymisation of the data it is not possible to draw conclusions about your person.

RockLogic GmbH will protect processed data adequately against unauthorized access (of third parties) in accordance with the provisions of the legal framework of Austria as well as the European Union. We will only process data which are essential to provide Our services. Measures are taken with regard to (i) the quantity of data collected, (ii) the extent of data processing, (iii) the storage time as well as (iv) the accessibility of data. Data will not be used or stored by other means than set out in this Data Protection Declaration and are made accessible only to a restricted and necessary number of persons. All employees of RockLogic have been informed about applicable data protection provisions as well as data security measures and are bound to our privacy practices. Our web presence and other systems are adequately protected by a variety of security mechanisms. We do not transfer any personal data to third parties without prior explicit consent of the data subject.

2.2 Stereum Ethereum Node Setup

The Stereum Ethereum Node Setup doesn’t normally send to our services or save any data on our services.  For purpose of fast synching your setup to the Ethereum blockchain your Stereum Ethereum Node Setup connects with our Stereum.cloud website to download the state of the blockchain.

2.3 Stereum Monitor (Smarthphone Application)

For the purpose of pushing notifications out to your Stereum Monitor app we are processing data from your node through our servers. The processed data is completely encrypted when it is reaching our servers, temporary saved on them and deleted, when being send out to your, via QR Code connected, Stereum Monitor app.

3. Communication

If you contact us and communicate by phone, e-mail or online form, personal data may be processed.

The data will be processed for the processing and processing of your query and the related business process. The data is stored for the same period or as long as it is prescribed by law.

Persons concerned

All those who seek contact with us via the communication channels provided by us are affected by the aforementioned processes.

Telephone

When you call us, the call data is stored pseudonymously on the respective terminal device and at the telecommunications provider used. In addition, data such as name and telephone number can be sent by e-mail and stored for the purpose of answering the enquiry. The data will be deleted as soon as the business case has been terminated and permitted by law.

E-mail

If you communicate with us by e-mail, data may be stored on the respective end device (computer, laptop, smartphone, . . . ) and data may be stored on the e-mail server. The data will be deleted as soon as the business case has been terminated and permitted by law.

Legal basis

The processing of data is based on the following legal bases:

  • Art. 6 para. 1 lit. a GDPR (consent): You give us your consent to store your data and to continue to use it for purposes related to the business case;
  • Art. 6 para. 1 lit. b GDPR (contract): there is a need for the performance of a contract with you or a processor such as the telephone provider or we must process the data for pre-contractual activities such as preparing an offer;
  • Art. 6 para. 1 lit. f GDPR (Legitimate Interests): We want to conduct customer enquiries and business communication in a professional setting. For this purpose, certain technical facilities such as e-mail programs, exchange servers and mobile operators are necessary in order to be able to operate the communication efficiently.

 

4. Legal basis

In the following data protection declaration, we provide you with transparent information on the legal principles and regulations, i. e. the legal basis of the General Data Protection Regulation, which enable us to process personal data.

As regards EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. This EU General Data Protection Regulation is of course available online at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex%3A32016R0679.

  • Consent (Article 6 (1) (a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of your entered data of a contact form.
  • Contract (Article 6 (1) (b) GDPR): In order to fulfil a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a sales contract with you, we need personal information in advance.
  • Legal obligation (Article 6 (1) (c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
  • Legitimate interests (Article 6 (1) (f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website / application & mobile app securely and economically efficiently. This processing is therefore a legitimate interest.

Other conditions such as the taking of recordings in the public interest and the exercise of official authority as well as the protection of vital interests do not generally apply to us. Where such a legal basis is relevant, it shall be indicated in the appropriate place.

In addition to the EU regulation, Austrian national laws also apply:

  • In Austria, this is the Federal Act for the Protection of Individuals with regard to the Processing of Personal Data (Datenschutzgesetz), short DSG.

5. Security of data processing

We have implemented both technical and organizational measures to protect personal data. Where possible, we encrypt or pseudonymise personal data. In doing so, we make it as difficult as possible for third parties to infer personal information from our data.

6. Third Party Providers 

As far as the Website contains external links, we hereby indicate that these third-party
websites are not subject to the influence and control of Rocklogic GmbH. We disclaim all liability for
losses or obligations related to the use of these third-party websites. We are not responsible
for the contents, availability, correctness, or accuracy of these websites, nor for their
offerings, links, or advertisements

 

6.1 YOUTUBE

What is YouTube?

We have included YouTube videos on our website. This allows us to present you with interesting videos directly on our website. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94 066, USA. When you visit a page on our website that has embedded a YouTube video, your browser automatically connects to the YouTube or Google servers. Different data are transmitted (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in Europe.

On YouTube, users can view, rate, comment and upload videos free of charge. Over the past few years, YouTube has become one of the most important social media channels in the world. To enable us to view videos on our website, YouTube provides a code snippet that we have built into our website.

In the following, we want to explain in more detail what data is being processed, why we have included YouTube videos and how you can manage or delete your data.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors. We strive to provide you with the best possible user experience on our website. And of course, interesting videos must not be missing. With the help of our embedded videos, we provide you with other useful content in addition to our texts and pictures. In addition, our website is easier to find on the Google search engine because of the embedded videos. Even if we place ads on Google Ads, Google – thanks to the data we collect – can only show those ads to people who are interested in our offers.

What data is stored by YouTube?

As soon as you visit one of our pages that has a YouTube video built in, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually use cookies to associate your interactions on our website with your profile. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution, or your Internet provider. Other information may include contact details, reviews, sharing content via social media, or adding to your favorites on YouTube.

If you are not signed in to a Google account or YouTube account, Google stores data with a unique identifier associated with your device, browser, or app. For example, your preferred language setting is maintained. However, many interaction data cannot be saved because fewer cookies are used.

The following list shows cookies that have been set in a test in the browser. On the one hand, we show cookies that are set without a registered YouTube account. On the other hand, we show cookies that are set with a logged-in account. The list cannot claim to be complete, because the user data always depends on the interactions on YouTube.

name: YSC
value: b9-CV6ojI5Y211149166-1
purpose: This cookie registers a unique ID to store statistics of the video viewed.
expiry: after the end of the meeting

name: PREF
value: f1=50000000
purpose: This cookie also registers your unique ID. Google receives statistics about how you use YouTube videos on our website via PREF.
expiry: after 8 months

name: GPS
value: 1
purpose: This cookie registers your unique ID on mobile devices to track the GPS location
expiry: after 30 minutes

name: VISITOR_INFO1_LIVE
value: 95Chz8bagyU
purpose: This cookie tries to estimate the bandwidth of the user on our websites (with built-in YouTube video).
expiry: after 8 months

Other cookies that are set when you are logged in with your YouTube account:

name:  APISID
value: zILlvClZSkqGsSwI/AU1aZI6HY7211149166-
purpose: This cookie is used to create a profile about your interests. The data is used for personalized advertisements.
expiry: after 2 years

name: CONSENT
value: YES+AT.de+20150628-20-0
purpose: The cookie stores the status of a user’s consent to the use of different Google services. CONSENT also serves security to verify users and protect user data from unauthorized attacks.
expiry: after 19 years

name: HSID
value: AcRwpgUik9Dveht0I
purpose: This cookie is used to create a profile about your interests. This data helps to display personalized advertising
expiry: after 2 years

name:  LOGIN_INFO
value: AFmmF2swRQIhALl6aL…
purpose: This cookie stores information about your login data.
expiry: after 2 years

name: SAPISID
value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile about your interests.
expiry: after 2 years

name: SID
value: oQfNKjAsI211149166-
purpose: This cookie stores your Google Account ID and your last log-in time in digitally signed and encrypted form.
expiry: after 2 years

name: SIDCC
value: AN0-TYuqub2JOcDTyL
purpose: This cookie stores information about how you use the website and which advertisements you may have seen before visiting our site.
expiry: after 3 months

How long and where is the data stored?

The data that YouTube receives and processes from you is stored on Google’s servers. Most of these servers are located in America. Visit https://www.google.com/about/datacenters/inside/locations/?hl=en  to see exactly where the Google data centers are located. Your data is distributed on the servers. This means that the data can be retrieved faster and better protected against manipulation.

Google stores the collected data for different lengths. Some data can be deleted at any time, some are automatically deleted after a limited period of time, and some are stored by Google for a longer period of time. Some data (such as items from “My Activity”, photos or documents, products) stored in your Google Account will remain stored until you delete it. Even if you’re not signed in to a Google account, you can delete some data associated with your device, browser, or app.

How can I delete my data or prevent data storage?

Basically, you can manually delete data in the Google Account. With the automatic deletion function of location and activity data introduced in 2019, information is stored for 3 or 18 months and then deleted depending on your decision.

Regardless of whether you have a Google account or not, you can configure your browser to delete or disable cookies from Google. Depending on which browser you use, this works in different ways. The following instructions show how to manage cookies in your browser:

If you do not want to have cookies, you can set your browser so that it always informs you when a cookie is to be set. This allows you to decide for each individual cookie whether you want to allow it or not. Since YouTube is a subsidiary of Google, there is a joint privacy statement. If you would like to learn more about the handling of your data, we recommend the privacy policy at https://policies.google.com/privacy?hl=en.

Legal basis

If you have consented to the processing and storage of your data using embedded YouTube elements, this consent shall be the legal basis for the data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. YouTube also uses cookies in your browser to store data. Therefore, we recommend that you read our privacy text about cookies carefully and review the privacy policy or cookie policy of the respective service provider.

YouTube Subscribe Button Privacy Policy

We have installed the YouTube Subscribe button on our website. You can usually recognize the button by the classic YouTube logo. The logo shows the words “Subscribe” or “YouTube” against a red background and the white “play symbol” on the left. The button can also be displayed in a different design.

Our YouTube channel always offers you interesting & eductional videos. With the built-in “Subscribe button” you can subscribe to our channel directly from our website and do not have to visit the YouTube website. We want to make access to our comprehensive content as easy as possible for you. Please note that this allows YouTube to store and process data about you.

If you see a built-in subscription button on our site, YouTube – according to Google – sets at least one cookie. This cookie stores your IP address and our URL. YouTube can also learn information about your browser, your approximate location and your default language. In our test, the following four cookies were set without being logged in to YouTube:

name:  YSC
value: b9-CV6ojI5211149166Y
purpose: This cookie registers a unique ID to store statistics of the video viewed.
expiry: after the end of the session

name: PREF
value:  f1=50000000
purpose: This cookie also registers your unique ID. Google receives statistics about how you use YouTube videos on our website via PREF.
expiry: after 8 months

name: GPS
value: 1
purpose: This cookie registers your unique ID on mobile devices to track the GPS location.
expiry: after 30 minutes

name:  VISITOR_INFO1_LIVE
value: 21114916695Chz8bagyU
purpose: This cookie tries to estimate the bandwidth of the user on our websites (with built-in YouTube video).
expiry: after 8 months

If you are logged in to your YouTube account, YouTube may use cookies to store many of your actions/interactions on our website and assign them to your YouTube account. For example, YouTube receives information about how long you browse our site, what type of browser you use, what screen resolution you prefer or what actions you perform.

YouTube uses this data to improve its own services and offers, and to provide analytics and statistics to advertisers (who use Google Ads).

7. Contact Details Regarding Data Protection Issues

In case you have any questions concerning Rocklogic’s Data Protection Declaration or if you would like
to exercise your rights, please send us a written request
outlining your desire to:

RockLogic GmbH
Leitzersbrunnerfeld 24
A-2003 Leitzersbrunn
Austria
E-mail: office@rocklogic.at

Scroll to top