When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally, such as your name, contact details or IP address.
We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
Below, we provide a simple overview of what happens to your personal data when you visit this website. We explain what data we collect and what we use it for. We also explain how and for what purpose this is done.
The responsible body for data processing on this website is:
DID Daten-Intermediär-Dienste FlexCo
Treustraße 52
1200 Vienna
Email: office@intermediary.at
Telephone: +43 677 617 53 112
When you visit our website, we collect the following data:
Your data is collected when you provide it to us. This may include, for example, data that you enter in a contact form. Other data is collected automatically or with your consent when you visit the website by our IT systems. This is primarily technical data (e.g., internet browser, operating system or time of page view).
If you contact us by e-mail or telephone, we will process the personal data transmitted in this context exclusively for the purpose of processing your enquiry. Legal basis: Art. 6 para. 1 lit. b or f GDPR.
We process personal data for the following purposes:
Your data is processed on the basis of the following legal grounds:
Our website uses so-called ‘cookies’. Cookies are small data packets and do not cause any damage to your device. We only use cookies that are technically necessary. These cookies are required to provide session management (e.g. login status) and security functions (e.g. protection against CSRF attacks). No cookies are used for analysis, tracking or advertising purposes.
Cookies cannot read or change any other data on your device and are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser automatically deletes them.
Cookies may originate from us (first-party cookies) or from third-party companies (third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).
Cookies have various functions. Numerous cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function). Other cookies can be used to evaluate user behaviour or for advertising purposes (functional cookies).
You can block or delete cookies (except for those that are necessary). You will find instructions on how to do this in your browser's help section. Please note that this may restrict your use of the website.
We use the following cookies:
| Cookie name | Purpose | Duration | Stored information |
|---|---|---|---|
| _dc_base_session | session management | for the duration of the login | identification of the user |
If you use a qualified electronic signature when using our services, we will validate it. When using the validation service, the following data is processed:
We collect your data automatically during the electronic verification of your signature.
Data processing during the validation of qualified electronic signatures is carried out in order to check the validity of qualified electronic signatures, to enable you to register and use our service, and to assert, exercise or defend legal claims.
Your data is processed on the basis of the following legal grounds:
You have the option of voluntarily registering with us via the Sphereon Wallet. The Sphereon Wallet is a so-called ‘Self-Sovereign Identity (SSI)’ system. Your personal data is stored exclusively locally on your mobile device. Sphereon does not operate a central server on which your identity data would be processed by default. Your data will only be transmitted to us if you actively and expressly provide it to us via the wallet.
We only process personal data that you provide to us via the Sphereon Wallet during registration. This may include, in particular:
Data is collected exclusively when you actively transmit it to us via the Sphereon Wallet or provide it to us in the course of communication.
We process the personal data transmitted in order to verify your digital identity, to receive your verifiable credentials provided via the wallet, and to enable you to register and use our service.
Your data is processed on the following legal bases:
Your personal data transmitted during registration via the Sphereon Wallet will only be processed within our company. It will only be passed on to third parties if this is necessary to fulfil legal obligations or if we have a corresponding legal basis for doing so. Sphereon does not receive any personal data from us that you provide to us during registration. Sphereon processes your data exclusively locally on your device and only within the scope of providing the wallet service on its own responsibility.
We work with various external parties in the course of our business activities. This sometimes requires the transfer of personal data to these external parties. We only pass on personal data to external parties if this is necessary for the fulfilment of a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in passing on the data in accordance with Art. 6 (1) lit. f GDPR, or if another legal basis permits the transfer of data. When using processors, we only pass on our customers' personal data on the basis of a valid contract for processing. In the case of joint processing, a contract for joint processing is concluded.
When processing payments, data is processed directly by the payment service provider.
Personal data is not transferred to recipients in third countries (countries outside the European Union – EU or the European Economic Area – EEA) or to international organisations.
We do not carry out automated decision-making or profiling.
Unless a more specific storage period is specified in this privacy policy, we store your personal data until the purpose for data processing has been fulfilled or as long as required by law. Longer storage only takes place until the end of relevant limitation periods, statutory retention periods or any legal disputes, as well as when consent is given for further processing. You can revoke this consent at any time without giving reasons.
We protect your personal data through appropriate organisational and technical measures. For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. These precautions relate in particular to protection against unauthorised, unlawful or accidental access, processing, loss, use and manipulation.
You have the following rights in relation to the processing of your personal data:
We reserve the right to amend this privacy policy in order to adapt it to changes in the legal situation or to changes in our services.