Information regarding ART 13, 14 GDPR

We take the protection of your personal and company-related data very seriously and work hard to make sure our services are safe for you to use. We are committed to complying with statutory data protection requirements. This data protection policy describes the type of data that we collect from you, how and for what we use it, and how we protect it.

Table of Contents

1. Area of Applicability
2. What data do we record?
3. Cookies and Web Tracking
4. Conversion measurement with Facebook pixel
5. Sharing
6. Use of data
7. Data security and forwarding
8. Your data protection rights and contact details

1. Area of Applicability

This policy applies to the website available at http://www.lyconet.com. Please take into consideration that this refers to other websites, including those of other countries for which different data protection rules apply.

Responsible under data protection law

Lyconet Austria GmbH

Kolingasse 12/8

1090 Wien

Austria

E-Mail: international@lyconet.com

Data protection officer

Peter Oskar Miller

HXS GmbH

Ungargasse 37

1060 Vienna, Austria

data.protection@lyconet.com

In the course of further website development to improve our services, it may occur that supplements to this Data Protection Declaration are necessary. In this case, we will inform you in advance and obtain your separate consent if needed.

2. What data do we record?

“Personal data” and “company-related data” about you that we process includes any information about material or personal circumstances that we obtain from you in the course of your operation as a Lyconet Marketer, and that can be attributed to you directly or indirectly (e.g. via your membership number). This includes your membership ID, your full name, title, gender, date of birth, postal address, address coordinates (longitude and latitude), telephone number(s), fax number, email address, bank details and, in the course of any Cashback World membership, data produced about your buying habits (date of purchase, place of purchase, time of purchase, amount of purchase, currency, shopping cart, sector, type of purchase – online/offline, from SME, from Key Account, with voucher, with Cashback card).

3. Cookies and Web Tracking

Our websites use things called cookies, which are small text files that are stored on your computer, and can be accessed again when you revisit our website. Cookies enable you to register for our services and help us to personalise the website for you.

You can also use some parts of our website without needing to register or log in. Even if you don’t log in to the website, we will still record certain information automatically so that we can collate data on how our website is used and how efficient it is in a bid to adjust it to our users’ needs. We will therefore collect and process information on your IP address, the time and length of your visit, the number of visits you make, which forms you use, your search settings, your display settings and your favourite settings on our website. Different cookies are stored for different lengths of time. The majority of the cookies we use are automatically deleted when you leave our website (the so-called “session-cookies”). We log access to our website and downloads of files from the website. The cookies on our websites are used exclusively for information purposes and are processed by
mWS myWorld Solutions AG, Grazbachgasse 87-93, 8010 Graz, Austria on behalf of Lyconet International AG, for the purpose of analysing the data collected.

We use JavaScript to track your user behaviour on our website to be able to tailor our web services to the needs of our users. We determine your browser type, location, time and duration of your use, URL and page name, as well as the referring website. You can refuse the collection of this data by deactivating JavaScript directly from your web browser.

We also use the following tools:

Google Analytics

This is a web analytics tool from Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043 USA, herein after referred to as “Google”, to log your online activity on our website, to find out how many users visit us and to record the number of times they access each page. This process is anonymous. Google Analytics’ cookies (gat_UA-102544931-1: Google Analytics Universal Tracking, _ga: Google Analytics Universal Tracking, __gid: Google Analytics Universal Tracking) – including the Google Analytics Tool “Anonymous IP Address” and usage data – are typically sent to a Google server in the United States and stored there. For further information, please refer to https://support.google.com/analytics/answer/6004245?hl=de. To stop your data from being logged, please visit Google Analytics at https://tools.google.com/dlpage/gaoptout?hl=de.

Piwik Open Analytics Platform

We use this tool to log your online activity on our website and to find out how many users visit us and record the number of times they access each page. This process is anonymous. The cookies are stored on your computer. For more information, please visit https://piwik.org/faq/.

Google AdWords

This is used to record website visits for advertising purposes (re-marketing) on Google and in the Display Network. When you visit the site, your browser saves cookies (IDE: Google AdWords Cookie) which make it possible to recognise you as a visitor when you visit other websites belonging to Google’s advertising network. On these pages, visitors can then be presented with advertisements that refer to the content previously viewed on other websites that use Google’s re-marketing feature. You can reject Google AdWords’ tracking at http://www.google.com/settings/ads.

Conversion Tracking by Google AdWords

This is how we create conversion statistics that measure the effectiveness of our online advertising campaigns. The conversion tracking cookie (IDE: Google AdWords Cookie) is set when a user clicks on an ad served by Google. According to Google’s privacy policy, no personally identifiable information or company information is processed. If you do not want to be tracked, you can disable the Google Conversion tracking cookie through your Internet browser’s internet settings.

Salesforce Marketing Cloud

This is how we record your behaviour on our website to be able to optimise our offer. This way, we find out how many users visit us and record the number of times they access each page. All analysed data is anonymous and is used in automatic processes to improve our offers using predictive intelligence. The behaviour of registered Members on our websites is recorded to improve the user experience and identify relevant content. Salesforce’s Cookies are typically sent to a Salesforce server in the US and stored there.

Microsoft Application Insights

Application Insights is a service from Microsoft that enables us to monitor and improve the performance and usability of the Website. The service stores and analyzes anonymized telemetry data (Number of pageviews, page load times, exceptions encountered and tracing of AJAX dependencies). The cookies (-ai_user, ai_session) are usually transmitted to a Microsoft server in the USA and stored there.

Hotjar

We collect non-personal information, including standard internet log information and details of your behavioural patterns when you visit our website. This is done to enable us to provide you with a better user experience, to identify preferences, to diagnose technical problems, to analyse trends and to improve our website.

The following information may be collected related to your device and browser: device’s IP address (captured and stored in an anonymized form), device screen resolution, device type (unique device identifiers), operating system, and browser type, geographic location (country only), and preferred language used to display our website. The following information is collected related to your user interaction: mouse events (movements, location and clicks), keypresses.

For a sampling of visitors, Hotjar also records information which is collected from our website: referring URL and domain, pages visited, geographic location (country only), preferred language used to display our website, date and time when the website pages were accessed.

You may opt-out from having Hotjar collect your information when visiting our website at any time by visiting the Opt-out page https://www.hotjar.com/opt-out and clicking ‘Disable Hotjar’.

In addition to the cookies described in the analysis tools used, the following additional cookies are used:

Please note that most internet browsers are set to accept cookies by default. You can change the settings in your browser so that certain cookies are rejected or so that you are asked if you would like to accept new cookies. You will find instructions on how to do this under the “Help” function in the menu bar on most browsers. These instructions will normally tell you how to delete existing cookies as well.

Please note that you may not be able to use all the features and services on our websites if you do not accept any or all cookies.

By using our website, or, if necessary, by consent, which we obtain separately, you agree that the above cookies and tools may be used.

4. Conversion measurement with the Facebook pixel

We use the “Facebook-Pixel” by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) (fr: Facebook Cookie for Opt-Out identification) within it’s website with your consent. This is a cookie; a small text file that is stored on your computer which can be retrieved. It can be used to track users’ actions after they have viewed or clicked on a Facebook ad. This enables us to track the effectiveness of Facebook advertising for statistical and market research purposes. The data collected in this way is anonymous for us, so it does not provide any inference as to the identity of the users. However, the Facebook data is stored and processed so that a connection to the respective user profile can be made, and Facebook can use the data for its own advertising purposes, according to the Facebook Data Usage Guideline (https://www.facebook.com/about/privacy/). You can enable Facebook and its partners to place advertising on and outside of Facebook. A cookie for these purposes can also be stored on your computer. By using the website, you agree to the use of the visitor action pixel.

5. Sharing

On the website are integrated share buttons of the social networks Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, XING, which is operated by the XING AG, Dammtorstraße 30, 20354 Hamburg, Germany, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, and Facebook, 1601 South California Avenue, Palo Alto, CA 94304, United States,. There is also an integrated share button for e-mails. These share buttons can be recognised by their logos.

All share buttons are set up according to data protection. A direct connection is only established between your browser and the server of the operator of the respective social network once you click on the website’s respective share button (and only then). According to the operators of the social networks mentioned, no personal or company-related data is collected from the social networks unless you click on the respective share button if you are not logged in to these social networks. This data, including the IP address, is only collected and processed for logged-in Members. If you do not wish to have a record of your visit to our website allocated to your social network account, please log out of the user account of the respective social network.

At this point, we point out that as a provider of the website, we obtain no knowledge of the content of the transmitted data or how the social networks use it. For more information on the use of social networks, see the respective social network’s privacy policy.

6. Use of data

We use your personal and company-related data exclusively in compliance with legal requirements. The personal and company-related data which you provide to us during your registration as a Lyconet Marketer and in the course of your participation in the Lyconet Marketing Program, is recorded and processed exclusively within the framework of our contractual obligations (Art 6 Sec 1 lit b GDPR). Unless you provide us with this data, we are unable to conclude a contract with you. In addition, we use your data if there is a legal obligation (Art. 6 Sec 1 lit c GDPR). In addition, we use your personal or company-related data only in cases and to the extent to which you give us your specific consent (Art. 6 Sec 1 lit a GDPR).

We use your personal data to communicate with you, in order to verify your identity, to provide you with your personal Login area on our website, to handle your inquiries and orders, and to provide you with our services. Furthermore, we use your data to determine the compensations due to you as a result of your participation in the Lyconet Marketing Program and to allocate them to you.

If you have given us your separate consent, we will also use your data, in the scope of the given consent, to provide you with, for example, offers and promotions from our Loyalty Merchants. You can revoke this consent at any time, whereby the revocation makes the further processing for the future inadmissible.

We store your personal and company-related data as long as there is a business relationship with you and, furthermore if there are legally standardized longer retention periods or if we need the data in the context of an official procedure.

7. Data security and forwarding

In order to protect your data, we use, among other things, encryption for data transmission (SSL encryption), firewalls, hacker defence programmes and other state-of-the-art security devices. When communicating via e-mail, the security of the data can only be guaranteed by us according to the latest state of the art technology.

The use of your personal and company-related data will be handled by Lyconet International AG as your contractual partner and as the responsible entitiy for the processing of your data. Lyconet International AG uses mWS myWorld Solutions AG as service provider for the processing. Your personal data and company-related data can, however, be transferred / delivered to other service providers, as well as to other companies within the myWorld Group, Lyconet Group and Lyoness Group.

To carry out our services, communicate with you and manage our online presence we use the services of certain service providers. We assure you that we carefully select these service providers to ensure legal and secure data processing. In addition, we have obligated the service providers to use your personal data and company-related data only according to our instructions and according to the Data Protection Acts of Austria and the Data Protection Acts of the European Union. Further use of the data by these service providers is prohibited.

In addition, we will pass on your personal data and company-related data to the Lyconet Group, insofar as this is necessary for the purpose of carring out the Lyconet Marketing Program, recording orders, calculating compensations according to the Lyconet compensation plan, ensuring the necessary data security measures are taken. The LyconetGroup companies are also obligated only to use your personal data and company-related data for the sole purpose for which it was given, as provided for in the Data Protection Acts of Austria and the European Union. In particular, the affected services are as follows: contact via electronic messages (e.g. e-mail, SMS or push notifications), by fax, by telephone or by letter for information about Loyalty Merchant products and promotions, identification of promotions which are of interest to you, conducting satisfaction surveys, operating hotlines, and processing transactions. We will transmit your necessary personal data to the Loyalty Merchant if and as far as it is necessary to be able to provide a concrete service for you or if you give us your explicit consent. The Loyalty Merchants are obliged only to use your personal data and company-related data for the sole purpose for which it was given, as provided for in the Data Protection Acts of Austria and the European Union.

Lyconet Group is an international corporation. Our business activities, management structure and our technical infrastructure transcend national borders. We can therefore send your personal data and company-related data to other Lyconet companies abroad, as far as this is necessary to carry out the Lyconet Marketing Program, to record the orders you have made as well as the resulting Compensations. A transfer of your personal or company-related data to the Member States of the European Economic Area, to Switzerland and to other countries with adequate level of data protection requires no further consent. If, however, your personal and company-related data is transferred to any country other than those mentioned above, we will inform you and of course comply with the applicable data protection regulations, provide you with appropriate guarantees and ensure the enforcement of your rights and remedies.

We will not pass on your personal data and company data to any persons other than the above-mentioned Loyalty Merchants, service providers and Lyconetcompanies, unless you have given us your consent or if there is a legal obligation to do so.

8. Your data protection rights and contact infromation

You have the right to obtain information about the personal or company-related data that we process about you and may request their correction, deletion or restriction of processing. You also have the right of objection and the right to data portability (Which means you have the right to receive the data in a structured, common and machine-readable format).

If you believe that the processing of your personal or company-related data violates the EU General Data Protection Regulation, you have the right to lodge a complaint with a Data Protection Authority or a supervisory authority of another EU Member State.

If the use of your personal or company-related data on this website is based on your consent, you have the right to revoke your consent for the processing of this data for the future at any time without having to provide any reasons.  By withdrawing your approval, your data may no longer be used. Please inform us in writing of your wish to withdraw approval (by post or e-mail) using the following address’:

Lyconet Austria GmbH

Kolingasse 12/8

1090 Wien

Austria

E-Mail: international@lyconet.com

Please also use this contact information for any questions regarding the use of your data as well as for information about the enforcement of your data protection rights.