Privacy Statement DOMINO
FluidHub Portal User
Fluidtime Data Services GmbH collects and uses your personal data exclusively within the framework of the Austrian data protection regulations. These are in particular the provisions of the Data Protection Act (DSG 2000) and the Telecommunications Act (TKG 2003). The DSG 2000 supplements the Data Protection Regulation (GPDR). We see it as our obligation to administer your data with the utmost care and to do everything to protect your information from misuse. Our employees and representatives are obliged to comply with data protection regulations in accordance with legal requirements.
The following information explains in detail what data is collected during your visit to the FluidHub Backoffice Portal and how we use it. You can access this data protection declaration at any time via the FluidHub BackofficePortal.
This statement applies only to FluidHub BBO Administrators Users. Those are users acting on behalf of their company for managing the Domino FluidHub instance. Users consuming mobility services are named "MSC (mobility service customers) users" in this document. Privacy related topics for MSC users are not covered by this statement.
1. Who is the data controller?
The data controller is Fluidtime Data Service GmbH, Neubaugasse 12-14/25, 1070 Vienna.
2. Which data are processed and from which sources?
The following information is collected by or on behalf of Fluidtime:
2.1. Information you provide
This information is provided during the registration process:
User profile: We hold data for your FluidHub account. This includes your name, email address and password.
2.2. Information created when you use our services
This information is collected while using our services:
Authentication data: We collect data about your logins and logouts of the FluidHub Portal.
User profile: We collect data of all your modification of your profile data.
Other than your own user profiles: We collect data of all your modifications to MSC user profiles.
Booking data: We collect data of all your modifications to a booking.
News/info data: We collect data of all your modifications to news/info entries.
Push-Notification: We collect data of all your push-notification trigged via the FluidHub Portal.
Other data: The statement does not cover information that does not personally identify you, such as summaries of anonymous data, IP addresses, operating systems, personal preferences, and the like. For data that does not identify you as an individual, we have the right to use them at our discretion.
We only process such personal information about you as is necessary regarding the predetermined objectives. All our personal data processing has so-called legal basis according to law.
3. For which purposes are data processed?
We use the information provided for the following purposes:
3.1. Providing the services to app users
For providing the services to MSC users, your above-mentioned personal data has to be processed. This will allow us to:
Provide functionality to manage the platform data including user and booking data
Ensuring the integrity and confidentiality of the platform data.
Perform internal operations necessary to provide our services, including to troubleshoot software bugs and operational problems, testing, and to monitor.
3.3. Legal obligations
We may use the information we collect to investigate or address claims or disputes relating to your use of our services, or as otherwise allowed by applicable law, or as requested by regulators, government entities, and official inquiries.
3.4. Research and development
We may use the information we collect for testing, research, analysis and product development. This allows us to improve and enhance the safety and security of our services, develop new features and products, and facilitate insurance and finance solutions in connection with our services.
4. Who receives your data?
The entities listed below may receive your data as they have justified reasons.
We also may share non-personal data or anonymized statistical data to selected third parties.
4.1. Hosting providers
We store and process your personal data on third party servers. Those providers are chosen carefully by us to be compliant to all requirements regarding data protection and security.
4.2. Enabling service providers
It is currently not required to transfer your personal data to enabling service providers.
4.3. Other back office users
Other back office users see (depending on their permissions) your own user profile and which changes you have performed. The list of tracked changes is described in chapter 2.2.
4.4. MSC and CMM users
MSC users do not receive personal data from back office users.
4.5. For legal reasons or in the event of a dispute
We may share your information if it is required by applicable law, regulation, operating agreement, legal process or governmental request or where the disclosure is otherwise appropriate due to safety or similar concerns. This includes sharing your information with law enforcement officials, government authorities or other third parties as necessary to enforce our Terms of Service, user agreements or other policies, to protect our rights or property or the rights, safety or property of others, or in the event of a claim or dispute relating to your use of our services. If you use another person’s credit card, we may be required by law to share information with that credit card holder, including trip information.
This also includes sharing your information with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing or acquisition of all or a portion of our business by or into another company.
5. How long are data stored?
We require user profile information in order to provide our services and retain such information for as long as you maintain your account.
We retain certain information, including transaction and usage information, for a minimum of 7 years, if required by regulatory, tax and other requirements in the places in which we operate.
You may request deletion of your account at any time through an email to email@example.com.
Following such request, we delete the information that it is not required to retain.
6. What data protection rights do you have according to the General Data Protection Regulation (GDPR)?
Right of revocation
You have the right to revoke your consent to the collection and use of personal data with effect for the future at any time.
Right to information
You have the right to request information about the data stored about you or your pseudonym. Upon your request, the information can also be
Right of deletion or correction
You have the right to request the deletion or correction of your stored personal data. In certain circumstances, we may be unable to delete your account, such as due to regulatory requirements. Upon resolution of the issue preventing deletion, we will delete your account as described above.
To exercise your rights of revocation, information, deletion or correction of your data, please contact Fluidtime Data Services GmbH, Neubaugasse 12-14-/25, 1070 Vienna, or send an e-mail to firstname.lastname@example.org. The use of your above rights is free of charge for you.
7. Data security
Your data security is our highest priority. Our declared aim is to take all necessary technical and organisational measures to ensure the security of data processing and to process your personal data in such a way that they are protected from access by unauthorised third parties.
By using the latest security software, coding and encryption methods, our IT infrastructure meets the highest international security standards. In addition, we promote the security of your data through the use of risk-minimizing measures and preventive precautions.
Our website and the associated IT systems are protected by technical and organizational measures against unauthorized access and modification of your data as well as against loss and destruction.
With our back office application you communicate exclusively encrypted, so that the transfer of personal data is protected.
Should you nevertheless encounter potential security gaps, please let us know as soon as possible! Send us a detailed description of the vulnerability to email@example.com. Please also send us the exact URL and a description of how the vulnerability was found – ideally with a screenshot or similar.
8. Changes to this privacy statement
As we want to ensure that this privacy statement properly reflects the way we handle your data, we need to reserve the right to make changes to it at our sole discretion whenever it is necessary. Although we will use reasonable efforts to notify you of all substantial changes to this privacy statement, you should also do your best to review this document on a regular basis.
Fluidtime Data Services GmbH