We are pleased to welcome you as an Interactive Paper user. We store certain data so that our products and services function flawlessly and a great user experience is possible. With the following privacy policy, we would like to give you an insight into what data we collect, for what purposes this data is collected and what choices you have as a user.
What is Interactive Paper?
At Interactive Paper GmbH, we're redefining the communication landscape by seamlessly blending the digital and analog worlds. Our pioneering product, Interactive Paper, leverages cutting-edge technologies like NFC and QR Codes to create a unique interactive experience. When you engage with these technologies, such as scanning a QR code or using NFC to access a link on your mobile device, this policy becomes applicable. Interactive Paper GmbH not only facilitates innovative campaign design and content creation but also provides detailed data reports to comprehensively analyse user engagement. Our commitment is to bridge the gap between tactile and digital, offering an unparalleled user experience.
Privacy Policy
To further enhance the privacy and security of our users' data, we have ceased all data processing activities outside the European Union. We have implemented our own data tracking system, which operates exclusively within EU borders. This ensures that all data processing activities are in full compliance with the EU General Data Protection Regulation (GDPR), providing an added level of data protection and peace of mind for our users. Our commitment to data security and privacy is paramount, and we continuously work to align our practices with the highest standards set by the GDPR.
When you access mobile websites, including ours, certain data is automatically generated and stored. This occurs when you visit our site and involves our web server recording information such as the website's URL, your browser type and version, the operating system you're using, the URL of the site you visited prior (Referrer URL), the hostname and IP address of your accessing device, and the date and time of your visit. This data is compiled in web server log files.
These log files are retained for two weeks before being automatically deleted. While we do not actively share this data, it may be accessed in cases of legal investigations or unauthorised activities. Our collection and processing of this data are based on Article 6(1)(f) of the GDPR, which allows us to process data where it is necessary for the purposes of our legitimate interests, in this case, ensuring the seamless and secure operation of our website.
Your rights under DSGVO
In accordance with the provisions of the Data Protection Ordinance (DSGVO) and the Austrian Data Protection Act (DSG), you have the following rights in principle:
Right to correction (Article 16 GDPR)
Right to cancellation ("Right to be forgotten") (Article 17 of the GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to be notified - Duty to provide information in connection with the correction or erasure of personal data or limitation of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right of objection (Article 21 GDPR)
Right not to be subjected to a decision based solely on automated processing - including profiling - (Article 22 of the GDPR)
If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority, which in Austria is the data protection authority whose website you can find at https://www.dsb.gv.at/ .
Secure Data Transmission
For the secure transfer of data over the internet, our website employs HTTPS, in line with the GDPR's mandate for data protection through technology design (Article 25(1) GDPR). This security measure is reinforced through the use of TLS (Transport Layer Security), a robust encryption protocol that safeguards the confidentiality of data as it travels across the internet. The presence of a small lock icon in the upper left corner of your browser, along with the use of the 'https://' prefix in our web address, are indicators of this secure data transmission method.
Sub-processor
To ensure the highest standards of security and performance for our services, we rely on reputable subprocessors to assist us in delivering our offerings. Our key partners include Hetzner Online GmbH (Germany), a leading provider of server hosting services, ensuring secure data processing and storage in high-security data centers in Germany that comply with European data protection regulations, and DigitalOcean, LLC (Frankfurt, Germany), which provides hosting and infrastructure services exclusively within Germany (DigitalOcean Data Center) to process and store data securely. Additionally, Grunewald GmbH & Oliver Homrich e.K. (Germany) are responsible for processing address data for postal dispatch, while Artisan Colour (United States) handles address data processing and postal dispatch within the U.S.. We ensure that all our subprocessors strictly comply with data protection regulations, including the General Data Protection Regulation (GDPR), and have comprehensive Data Processing Agreements (DPAs) in place to safeguard the integrity and confidentiality of your data. None of our subprocessors, including Hetzner and DigitalOcean, have direct access to your personal data or process it for their own purposes, as their services are used strictly under contractual obligations ensuring full compliance with data protection laws.
Cookies in general
Our website utilises an HTTP cookie to store specific information relevant to each user. A cookie is essentially a small packet of data exchanged between your web browser and our web server. While it appears as random data to the browser and server, it is crucial for the web application to function effectively.
We strictly use a single first-party cookie, aligning with legal requirements. This cookie serves both an essential and an analytical purpose: it is necessary for the fundamental operation of our website, and — when you actively consent to statistics tracking — it also enables the collection of anonymised usage data to enhance the user-friendliness of our mobile websites and to gather data on consumer and user behavior, which we then analyse and share with our clients.
The cookie remains on your device for one year unless you manually delete it. Its purpose is to enable our website to recognise your browser during subsequent visits via an anonymised session ID.
Managing Cookies and Your Preferences
Understanding and managing the cookies saved in your browser is crucial for maintaining control over your personal data. Each browser offers different methods for viewing, managing, and deleting cookies. Below are guides for some commonly used browsers:
Google Chrome: To view, enable, disable, or delete cookies in Chrome, go to Settings > Privacy and security > Cookies and other site data. You can choose to block third-party cookies, clear cookies when you close the browser, or block cookies entirely.
Mozilla Firefox: In Firefox, you can manage cookie settings by going to Options > Privacy & Security. Under the 'Cookies and Site Data' section, you have options to clear cookies, set exceptions for specific websites, and choose how cookies are handled.
Apple Safari: Safari users can manage cookies by going to Safari > Preferences > Privacy. Here, you can choose to block all cookies, see which websites have stored cookies, and remove individual or all cookies.
Microsoft Edge: In Edge, cookies can be managed by navigating to Settings > Site permissions > Cookies and site data. Here, you can allow or block cookies, set specific rules for sites, and clear cookies.
Impact of Disabling Cookies
Please be aware that setting up your browser to block or alert you about cookies may affect your browsing experience. Some website features and services may not function properly without cookies. For instance, you might not be able to log in to certain sites, or preferences saved on websites might be lost.We recommend that you review your cookie settings periodically to ensure they align with your privacy preferences and browsing needs.
Purpose: This cookie stores an anonymised session ID (UUID) to identify returning visitors across multiple page views. It does not contain any personally identifiable information. The cookie is essential for the basic functionality of the web application and enables anonymous usage analytics.
When you actively consent to "Cookies for statistics" in the cookie preferences, the following additional data is collected in connection with the webtool_user cookie: the number of page visits and visit frequency, the duration of each visit, click behavior and user interactions, browser language, device type, brand and model, as well as operating system and browser family.
This data is linked to the anonymised session ID and is used exclusively for analytical purposes to improve the user experience. If you decline statistics tracking in the cookie preferences, this data will not be collected.
Layer 1: this is only seen, when Layer 1 is activated.
Click Behavior and Web Application Data Analysis
To deepen our understanding of user interactions on our website, we collect various types of click behavior data. This includes user actions on different page elements, time duration spent on each page, frequency of visits to specific pages, language settings of the web browser used, and the device and operating system used for accessing the page.
This information is gathered strictly for analytical reasons and is only recorded if you consent to "Cookies for statistics" tracking. When collected, this data is linked to the anonymised session ID stored in the webtool_user cookie.
Additionally, we gather data from the web applications accessed through Interactive Paper, such as:
Quiz: This tool displays questions and provides personalised results based on your responses. We record the number of times each question is clicked and the tally of obtained results.
Survey: This application presents questions leading to custom results tailored to your responses. Here, we track the number of clicks per question and the count of results.
Tile Menu: This feature displays various clickable tiles. We collect data on the frequency of tile clicks and the time spent on each tile.
These data are collected for purely analytical purposes and are only tracked when you accept the tracking of "Cookies for statistics".
Layer 2: this is only seen, when Layer 2 is activated.
User Session Data Analysis
To enhance our understanding of user interactions on our website, we collect specific user session data, which includes the frequency of your visits to our pages, the duration of your stay on each page, and your click behavior and how it correlates with your user session.
This data collection is solely for analytical objectives and occurs only if you consent to "Cookies for statistics" tracking. It is facilitated by the webtool_user cookie on your device, which stores an anonymised session ID (UUID). This approach ensures a detailed analysis while maintaining your privacy.
Layer 2: this is only seen, when Layer 3 and location tracking is activated.
Location tracking
If location tracking is enabled for the respective campaign and you have consented to "Cookies for statistics", we use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The data processing is carried out server-side – no Google Analytics tracking scripts are loaded in your browser and no additional cookies are set by Google.We use the Google Analytics Data API to enrich the anonymized usage data collected via the webtool_user cookie with geolocation information. The following data is determined and stored based on your anonymized session ID:
Country
City
Region
Continent
This geolocation data is processed exclusively for analytical purposes to provide aggregated location-based usage statistics. It is not used to identify individual users.Google processes data on our behalf and is contractually obligated not to use the data for its own purposes. Data may be transferred to Google servers in the USA. The legal basis for this data transfer is your explicit consent in accordance with Art. 49 (1) lit. a GDPR. You can find more information about data protection at Google at https://policies.google.com/privacy.If you do not consent to statistics tracking in the cookie preferences, no data will be transmitted to Google Analytics and no geolocation data will be collected.
Layer 3: this is only seen, when Layer 3 is activated.
Collection and processing of personal data
We collect personal data only with your consent, which is indicated when you accept this policy. You can manage your preferences regarding 'Usage Data and Personalised Tracking' through the cookie settings on our website. Additionally, you have the option to delete all data associated with you and your user ID by using the 'Delete my data' feature at the bottom of our page.
Personal Data Submission
When you provide personal data on our website, like your name, email address, physical address, or other details through forms or comments, we treat this information with utmost confidentiality. Notably, if your Interactive Paper envelope features a QR code, it implies that your behavior data, linked to your name, is collected upon acceptance of the Cookie & Privacy Policy.
Use of Personal Data
The personal data you submit is used for the specific purposes outlined at the time of collection, such as responding to inquiries, processing your requests, or for service-related communications. We also record IP addresses for security and functional improvement of our website, treating them with the same level of confidentiality as other personal data.
Disclosure to Third Parties
We do not typically share your personal data with third parties unless necessary and directly related to your provided data's intended purpose. For example, participation in a third-party sweepstake on our site would involve sharing your data with that third party, but only with your explicit consent.
Data Collection and Legal Basis
Our data practices comply with relevant laws and are based on your consent. 'Personal data' under GDPR refers to any information that can identify and be traced back to you. While you can browse our site anonymously, we do collect non-personal, anonymized data to enhance our services. This does not permit personal identification. In terms of Interactive Paper, we track usage frequency and duration for product optimization.
Individual Tracking and Use of Personal Data
We prioritise your privacy and strive for transparency in our data handling. Using our interactive products and visiting our web pages entails individual tracking, where we collect data such as the date and time of access, visited pages and duration, device type used, and your device's unique identifiers. This data helps us understand user preferences, enhance our services, and offer more relevant content. If you provide contact details, these may be linked with your session activity data to improve customer service and personalization. Rest assured, this data will only be used as described and in compliance with data protection standards and laws. Additionally, we work with third-party service providers under strict contractual obligations to ensure the confidentiality and security of your data.
Right to Withdraw Consent
In compliance with Article 6(1a) of the GDPR, our processing of your data is contingent on your explicit consent. You retain the right to retract this consent at any point. To withdraw, simply send us an email request. Our contact information is readily available in the imprint section of our website.
Details on Data Retention Periods
In our commitment to ensuring data privacy and efficient data management, we have established clear guidelines for data retention periods. The data we collect is stored for a maximum duration of two years. After this period, the data is permanently deleted from our systems. This policy applies to all forms of data that we collect, including web server logs, cookies, user session data, and any personal information provided by users. Our aim is to balance the need for data to enhance user experience and comply with legal requirements, while also respecting the privacy and data minimisation principles of the GDPR.
Updates and Changes to the Policy
Our privacy policy may be subject to updates or changes to reflect new legal requirements, technological advancements, or changes in our data processing practices. To ensure that you are always aware of the most current version of our privacy policy, we will notify you of any significant updates or changes.
Upon any significant update or change to our privacy policy, you will be promptly informed via the reappearance of the cookie consent window during your next visit to our website. This method ensures that you are immediately aware of any changes and can review the updated policy.
Data Transmission Security Caution
We wish to highlight that transmitting personal information via email is not without risks. The secure transmission and protection of your data sent through email cannot be guaranteed by us. Therefore, we strongly advise against the transmission of confidential information via unsecured email channels.
Third-Party Access Details
User data access is rigorously controlled and exclusively provided to our clients, such as businesses using Interactive Paper GmbH services. This access is governed by strict legal frameworks including contracts, NDAs, and data processing agreements, and is primarily for analytical purposes to assess campaign performance. We guarantee that all third-party entities with data access adhere to confidentiality commitments and comply with our privacy protocols and GDPR regulations, ensuring the continuous protection of user data integrity and confidentiality.
Data Deletion
You can request the deletion of your data unless it conflicts with our legal data retention obligations. Data that is no longer necessary for its initial purpose and not subject to legal retention will be deleted. If data cannot be deleted due to legal requirements, its processing will be restricted, meaning the data will be blocked and not used for other purposes.
Right of objection
You have the right to object to the processing of your personal data at any time. If you seek to correct, block, delete, or acquire information about your personal data, have questions about data collection, processing, or use, or wish to withdraw consent, please contact us at it@interactivepaper.com or use the deletion button provided on our website.