We are pleased to welcome you as an Interactive Paper user. We store certain data so that our products and services function flawlessly and a great user experience is possible. With the following privacy policy, we would like to give you an insight into what data we collect, for what purposes this data is collected and what choices you have as a user.
What is Interactive Paper?
At Interactive Paper GmbH, we're redefining the communication landscape by seamlessly blending the digital and analog worlds. Our pioneering product, Interactive Paper, leverages cutting-edge technologies like NFC and QR Codes to create a unique interactive experience. When you engage with these technologies, such as scanning a QR code or using NFC to access a link on your mobile device, this policy becomes applicable. Interactive Paper GmbH not only facilitates innovative campaign design and content creation but also provides detailed data reports to comprehensively analyse user engagement. Our commitment is to bridge the gap between tactile and digital, offering an unparalleled user experience.
Privacy Policy
To further enhance the privacy and security of our users' data, we have ceased all data processing activities outside the European Union. We have implemented our own data tracking system, which operates exclusively within EU borders. This ensures that all data processing activities are in full compliance with the EU General Data Protection Regulation (GDPR), providing an added level of data protection and peace of mind for our users. Our commitment to data security and privacy is paramount, and we continuously work to align our practices with the highest standards set by the GDPR.
When you access mobile websites, including ours, certain data is automatically generated and stored. This occurs when you visit our site and involves our web server recording information such as the website's URL, your browser type and version, the operating system you're using, the URL of the site you visited prior (Referrer URL), the hostname and IP address of your accessing device, and the date and time of your visit. This data is compiled in web server log files.
These log files are retained for two weeks before being automatically deleted. While we do not actively share this data, it may be accessed in cases of legal investigations or unauthorised activities. Our collection and processing of this data are based on Article 6(1)(f) of the GDPR, which allows us to process data where it is necessary for the purposes of our legitimate interests, in this case, ensuring the seamless and secure operation of our website.
Your rights under DSGVO
In accordance with the provisions of the Data Protection Ordinance (DSGVO) and the Austrian Data Protection Act (DSG), you have the following rights in principle:
Right to correction (Article 16 GDPR)
Right to cancellation ("Right to be forgotten") (Article 17 of the GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to be notified - Duty to provide information in connection with the correction or erasure of personal data or limitation of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right of objection (Article 21 GDPR)
Right not to be subjected to a decision based solely on automated processing - including profiling - (Article 22 of the GDPR)
If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority, which in Austria is the data protection authority whose website you can find at https://www.dsb.gv.at/ .
Secure Data Transmission
For the secure transfer of data over the internet, our website employs HTTPS, in line with the GDPR's mandate for data protection through technology design (Article 25(1) GDPR). This security measure is reinforced through the use of TLS (Transport Layer Security), a robust encryption protocol that safeguards the confidentiality of data as it travels across the internet. The presence of a small lock icon in the upper left corner of your browser, along with the use of the 'https://' prefix in our web address, are indicators of this secure data transmission method.
Sub-processor
To ensure the highest standards of security and performance for our services, we rely on reputable subprocessors to assist us in delivering our offerings. A key partner in this context is Hetzner Online GmbH, a leading provider of server hosting services based in Germany. We utilize Hetzner's servers and infrastructure solutions to securely and efficiently process and store the data collected through our platform. These servers are located in highly secure data centers in Germany, which adhere to strict European data protection standards. It is important to emphasize that we have full control over the servers hosted by Hetzner, and Hetzner does not have direct access to your personal data or process this data for its own purposes. The use of Hetzner as a subprocessor is carried out in strict compliance with data protection regulations, including the General Data Protection Regulation (GDPR), and is subject to a relevant data processing agreement (DPA) that ensures the protection of your data.
Cookies in general
Our website utilises HTTP cookies to store specific information relevant to each user. A cookie is essentially a small packet of data exchanged between your web browser and our web server. While it appears as random data to the browser and server, it is crucial for certain web applications to function effectively.
We strictly use first-party cookies, aligning with legal requirements. These cookies are categorised into:
Essential Cookies: These are necessary for the fundamental operations of our website, ensuring its basic functionality.
Analytical Cookies: These are used to enhance the user-friendliness of our mobile websites and to gather data on consumer and user behavior, which we then analyze and share with our clients.
Some cookies may remain on your device until you manually delete them. Their purpose is to enable our website to recognise your browser during your subsequent visits.
Managing Cookies and Your Preferences
Understanding and managing the cookies saved in your browser is crucial for maintaining control over your personal data. Each browser offers different methods for viewing, managing, and deleting cookies. Below are guides for some commonly used browsers:
Google Chrome: To view, enable, disable, or delete cookies in Chrome, go to Settings > Privacy and security > Cookies and other site data. You can choose to block third-party cookies, clear cookies when you close the browser, or block cookies entirely.
Mozilla Firefox: In Firefox, you can manage cookie settings by going to Options > Privacy & Security. Under the 'Cookies and Site Data' section, you have options to clear cookies, set exceptions for specific websites, and choose how cookies are handled.
Apple Safari: Safari users can manage cookies by going to Safari > Preferences > Privacy. Here, you can choose to block all cookies, see which websites have stored cookies, and remove individual or all cookies.
Microsoft Edge: In Edge, cookies can be managed by navigating to Settings > Site permissions > Cookies and site data. Here, you can allow or block cookies, set specific rules for sites, and clear cookies.
Impact of Disabling Cookies
Please be aware that setting up your browser to block or alert you about cookies may affect your browsing experience. Some website features and services may not function properly without cookies. For instance, you might not be able to log in to certain sites, or preferences saved on websites might be lost.We recommend that you review your cookie settings periodically to ensure they align with your privacy preferences and browsing needs.
Cookies we use
Our website employs two specific types of cookies, each serving a distinct purpose:
Purpose: This cookie is crucial for maintaining the state of the user's session over multiple server requests. It is integral for the smooth operation of PHP-based web applications, as it helps identify and retain session-specific information for each user. Notably, the PHPSESSID cookie does not store any personal identification data; its use is strictly for technical session management.
Expiry: Lasts for the duration of the session.
Type: HTTP Cookie
Layer 2: this is only seen, when Layer 2 is activated.
Purpose: The 'user_session' cookie plays a crucial role in monitoring user engagement on our Interactive Paper webpages. It tracks various aspects of user behavior during each session, which is key for our analytical processes. The data it collects includes the total number of page visitors, the length of each visit, how frequently pages are accessed, and specific user actions such as clicks and entries. It also observes users' navigation trends within the website. This data is invaluable in helping us refine and enhance the overall user experience on our platform. Please note, if you opt to disable or decline data tracking in the cookie preferences on the Interactive Paper, this cookie will not be activated.
Expiry: after 30 days
Type: HTTP Cookie
These cookies are designed to optimise user experience and website functionality. The 'PHPSESSID' cookie is essential for technical session management, while the 'user_session' cookie plays a significant role in our analytical efforts to understand and improve user interactions on our site.
Layer 1: this is only seen, when Layer 1 is activated.
Click Behavior and Web Application Data Analysis
To deepen our understanding of user interactions on our website, we collect various types of click behavior data. This includes:
User actions on different page elements.
Time duration spent on each page.
Frequency of visits to specific pages.
Language settings of the web browser used.
The device and operating system used for accessing the page.
This information is gathered strictly for analytical reasons and is only recorded if you consent to the 'Cookies for statistics' tracking.
Additionally, we gather data from the web applications accessed through Interactive Paper, such as:
Quiz: This tool displays questions and provides personalized results based on your responses. We record the number of times each question is clicked and the tally of obtained results.
Survey: This application presents questions leading to custom results tailored to your responses. Here, we track the number of clicks per question and the count of results.
Tile Menu: This feature displays various clickable tiles. We collect data on the frequency of tile clicks and the time spent on each tile.
These data are collected for purely analytical purposes and is only tracked when you accept the tracking of "Cookies for statistics".
Layer 2: this is only seen, when Layer 2 is activated.
User Session Data Analysis
To enhance our understanding of user interactions on our website, we collect specific user session data, which includes:
Frequency of your visits to our pages.
The duration of your stay on each page.
Your click behavior and how it correlates with your user session.
This data collection is solely for analytical objectives and occurs only if you consent to the 'Cookies for statistics' tracking. It is facilitated by cookies on your device, which are linked to an anonymised user ID. This approach ensures a detailed analysis while maintaining your privacy.
Layer 2: this is only seen, when Layer 3 and location tracking is activated.
Location tracking
We incorporate the IP2Location API to enhance our services. This integration allows us to gather and analyse user behavior and location data, without directly collecting IP addresses. Instead, we use anonymised identifiers (user IDs) to associate this data with user interactions within our platform.
Data Processing and Storage
Anonymised Data: We assign a unique user ID to each interaction, ensuring no direct personal identification.
Location Data: Through IP2Location, we collect coarse geolocation information, such as country, region, and city, linked to the anonymised user ID.
Data Use: This data enables us to offer personalised content and better understand user engagement and preferences.
Data Storage: All collected data is stored securely within the EU, adhering to GDPR compliance standards.
This data collection is solely for analytical objectives and occurs only if you consent to the 'Cookies for statistics' tracking. It is facilitated by cookies on your device, which are linked to an anonymised user ID. This approach ensures a detailed analysis while maintaining your privacy.
Layer 3: this is only seen, when Layer 3 is activated.
Collection and processing of personal data
We collect personal data only with your consent, which is indicated when you accept this policy. You can manage your preferences regarding 'Usage Data and Personalised Tracking' through the cookie settings on our website. Additionally, you have the option to delete all data associated with you and your user ID by using the 'Delete my data' feature at the bottom of our page.
Personal Data Submission
When you provide personal data on our website, like your name, email address, physical address, or other details through forms or comments, we treat this information with utmost confidentiality. Notably, if your Interactive Paper envelope features a QR code, it implies that your behavior data, linked to your name, is collected upon acceptance of the Cookie & Privacy Policy.
Use of Personal Data
The personal data you submit is used for the specific purposes outlined at the time of collection, such as responding to inquiries, processing your requests, or for service-related communications. We also record IP addresses for security and functional improvement of our website, treating them with the same level of confidentiality as other personal data.
Disclosure to Third Parties
We do not typically share your personal data with third parties unless necessary and directly related to your provided data's intended purpose. For example, participation in a third-party sweepstake on our site would involve sharing your data with that third party, but only with your explicit consent.
Data Collection and Legal Basis
Our data practices comply with relevant laws and are based on your consent. 'Personal data' under GDPR refers to any information that can identify and be traced back to you. While you can browse our site anonymously, we do collect non-personal, anonymized data to enhance our services. This does not permit personal identification. In terms of Interactive Paper, we track usage frequency and duration for product optimization.
Individual Tracking and Use of Personal Data
We prioritise your privacy and strive for transparency in our data handling. Using our interactive products and visiting our web pages entails individual tracking, where we collect data such as the date and time of access, visited pages and duration, device type used, and your device's unique identifiers. This data helps us understand user preferences, enhance our services, and offer more relevant content. If you provide contact details, these may be linked with your session activity data to improve customer service and personalization. Rest assured, this data will only be used as described and in compliance with data protection standards and laws. Additionally, we work with third-party service providers under strict contractual obligations to ensure the confidentiality and security of your data.
Right to Withdraw Consent
In compliance with Article 6(1a) of the GDPR, our processing of your data is contingent on your explicit consent. You retain the right to retract this consent at any point. To withdraw, simply send us an email request. Our contact information is readily available in the imprint section of our website.
Details on Data Retention Periods
In our commitment to ensuring data privacy and efficient data management, we have established clear guidelines for data retention periods. The data we collect is stored for a maximum duration of two years. After this period, the data is permanently deleted from our systems. This policy applies to all forms of data that we collect, including web server logs, cookies, user session data, and any personal information provided by users. Our aim is to balance the need for data to enhance user experience and comply with legal requirements, while also respecting the privacy and data minimisation principles of the GDPR.
Updates and Changes to the Policy
Our privacy policy may be subject to updates or changes to reflect new legal requirements, technological advancements, or changes in our data processing practices. To ensure that you are always aware of the most current version of our privacy policy, we will notify you of any significant updates or changes.
Upon any significant update or change to our privacy policy, you will be promptly informed via the reappearance of the cookie consent window during your next visit to our website. This method ensures that you are immediately aware of any changes and can review the updated policy.
Data Transmission Security Caution
We wish to highlight that transmitting personal information via email is not without risks. The secure transmission and protection of your data sent through email cannot be guaranteed by us. Therefore, we strongly advise against the transmission of confidential information via unsecured email channels.
Third-Party Access Details
User data access is rigorously controlled and exclusively provided to our clients, such as businesses using Interactive Paper GmbH services. This access is governed by strict legal frameworks including contracts, NDAs, and data processing agreements, and is primarily for analytical purposes to assess campaign performance. We guarantee that all third-party entities with data access adhere to confidentiality commitments and comply with our privacy protocols and GDPR regulations, ensuring the continuous protection of user data integrity and confidentiality.
Data Deletion
You can request the deletion of your data unless it conflicts with our legal data retention obligations. Data that is no longer necessary for its initial purpose and not subject to legal retention will be deleted. If data cannot be deleted due to legal requirements, its processing will be restricted, meaning the data will be blocked and not used for other purposes.
Right of objection
You have the right to object to the processing of your personal data at any time. If you seek to correct, block, delete, or acquire information about your personal data, have questions about data collection, processing, or use, or wish to withdraw consent, please contact us at it@interactivepaper.com or use the deletion button provided on our website.