Skip to searchSkip to main content
Privacy Policy
Languages
greenpass
greenpass
PRIVACY POLICY

Privacy Policy

Thank you for choosing greenpass!

I.  SCOPE OF THE PRIVACY POLICY

§ 1.1  Scope.  This Privacy Policy applies to services (the "greenpass Services") provided on www.greenpass.io and other of our websites, mobile, or desktop applications (the "Platform"), as well as to other interactions (e.g., customer service inquiries, user conferences, etc.) that take place between you and us. The greenpass Services include, in particular,

(a)  visiting the platform; visiting the platform;

(b)  the account you will create (the “User Account”);

(c)  the purchase of physical products through the platform; and

(d)  the subscriptions related to software for climate protection in the construction sector (the “Subscription”).

§ 1.2  Declaration of consent.  If you do not agree to the terms of our Privacy Policy, you may not access or use the greenpass Services, the Platform, or any other aspect of our business.

§ 1.3 Third-party providersThis Privacy Policy does not apply to third-party applications or software integrated into the greenpass Services through a platform ("Third-Party Services"), or to products, services, or companies of other third parties.

§ 1.4 Definitions. “We”, “our” and “us” refer to the persons referred to in Article XVI.

In a nutshell

Please always observe this privacy policy when using the greenpass services

II.  DATA WE COLLECT AND RECEIVE

§ 2.1  Registration data.When you create a user account, we will receive the following information from you or a third party (the “Registration Data”):

(a) When you register via a platform, we receive:

i. your first and last name, an email address, and a password. This information is mandatory; and
ii. company details and address, if provided voluntarily by you.

(b)  When you register via the social logins Facebook, Google and Apple, we receive your first and last name and an email address.

§ 2.2  Account detailsWhen you purchase physical products or activate a subscription, you provide us or our payment providers with billing information such as credit card information, bank details, billing address or payment ID number ("Account Data").

§ 2.3 Other information. We also collect, generate and/or receive other information and data ("Other Information"):

(a)  Usage information.

i. greenpass Services Metadata. When you use the greenpass Services, metadata is generated that provides additional context about your usage. For example, we may log features, content, links, or Third-Party Services (as defined below) that you have viewed or used.

ii. Log Data. Like most websites, our servers automatically collect information when you access the Platform and record it in log files. This log data includes your Internet Protocol (IP) address, the address of the web page visited before using the Platform, your browser type and settings, the date and time you used the Platform, browser configuration and plug-in information, language preferences, and cookie data.
iii. Device Information. We also collect information about the devices used to access the greenpass Services, including the device type, operating system used, device settings, application IDs, unique device identifiers, and crash data.
iv. Location Information. We receive information from you and other third parties that helps us determine your approximate location, such as an IP address received through your browser or device. We may also collect location information from devices, where permitted by the device's settings.

(b)  Newsletter.

i. You have the option of subscribing to our free newsletter. This newsletter is sent regularly and contains current news and information about our company, valuable information for those interested in health, product information for users of the greenpass services, and customized advertising.
ii. To receive our newsletter, you need a valid email address. The email address you provided when registering or separately subscribing to the newsletter will be verified by us to determine whether it is the correct email address and whether you actually wish to receive the newsletter. To do so, we will send you an email to the email address you provided. This email contains a link that you can click to confirm receipt. Once you have confirmed receipt of this email, you have subscribed to our newsletter (double opt-in). When you register or subscribe to our newsletter for the first time, data such as your IP address, the date and time of your registration or registration, and the language you use are automatically collected. This is for security reasons in case your email address is used by third parties without your knowledge. We also receive the data you provide directly through questions you answer during registration or login. We do not collect or process any further data for your subscription, and the data is used exclusively to send you the newsletter.
iii. Unless you object, we will share your data within our company for analysis purposes and to send you information for advertising purposes. The data you have provided for subscription purposes will be compared with the data we have collected for other purposes (e.g., for booking a product) within the company. We do not share data you have provided when subscribing to the newsletter with third parties who are not part of our company.
iv. You can revoke your consent to receive the newsletter at any time. Details regarding such termination can be found in the confirmation email and in each newsletter.

(c)  Third-party services

i. If available, you may choose to allow or restrict third-party software that integrates with the greenpass Services (the "Third-Party Services"). We may also develop and offer our own applications that connect the greenpass Services with a Third-Party Service. Once the Third-Party Services are enabled, such provider may share certain information with us. For example, if a cloud storage application is enabled to allow importing files into a user account, we will receive your username and email address, as well as other information that such application may provide to us to facilitate integration with the greenpass Services. Please refer to the privacy policy of the respective Third-Party Service for details about what information is shared with us in this context.
ii. If a Third-Party Service is enabled, we may connect and access other information provided to us in accordance with our agreement with the third party. However, we do not receive or store passwords for those Third-Party Services when we connect them to the greenpass Services.

(d)  Data from third parties.We may receive data about your visits to the Platform, marketing campaigns, and other matters related to our business from affiliates, our partners, or other third parties. We may use this data to improve our offerings or make the content we provide to you more useful. We may also combine this data with other information we collect and include aggregated data, such as the language and country from which you access the greenpass Services. Or it may be more specific, such as how well an online marketing or email campaign performed.

(e)  Additional Information. We also receive other information when it is submitted to us through the Platform or otherwise, such as when you participate in a competition or event, apply for a job, request support, interact with our social media channels, or otherwise contact us.

§ 2.4 Automatic captureGenerally, no one is legally or contractually obligated to provide registration data or other information (collectively, the "Information"). However, certain information is collected automatically or is mandatory for using the greenpass Services.

In a nutshell

There is content that you voluntarily upload to the Platform, and there is other information that we collect and receive from you while you use the Platform and the greenpass Services. Please read on to learn more about our obligations regarding such information.

III.  HOW WE USE INFORMATION

§ 3.1  User account data.  We use registration data and other information collected through the use of your account (the "Account Data") in accordance with your instructions and applicable laws. We are a processor of such data, and you are the controller. For example, you can modify or remove the data or configure certain settings.

§ 3.2 Other informationWe use other information, except for that in Section 3.1, to protect our legitimate interests in operating the greenpass services, platforms, and our business. Specifically, we use other information

(a) to provide, update, maintain, and protect the greenpass services and platform. This includes, in particular,

i. providing the greenpass services tailored to your location;
ii. preventing and resolving service errors or security or technical issues; and
iii. analyzing and monitoring usage, trends, and other activities;

(b) if required by applicable law, legal process or regulation;

(c) to communicate with you by responding to your inquiries and requests. If you contact us, we may use your other information to respond;

(d) to send emails and other communications. We may send you service, technical, or administrative emails and other types of communications, such as push notifications. We may also contact you to inform you about changes to the greenpass Services, our offerings within the greenpass Services, and important notices related to the Services, such as security and fraud alerts. These communications are considered part of the greenpass Services, and you cannot opt out of receiving them. In addition, we sometimes send emails or other notifications about new product features, promotional messages, or other news about our company. These are marketing messages, so you have the option to choose whether to receive them. If you have further questions about a message you received from us, please contact us;

(e)  for billing, account management, and other administrative matters. We may need to contact you for billing, account management, and similar purposes, and use account data to manage accounts and keep track of invoices and payments; and

(f) to investigate security issues and abuse and work to prevent them.

§ 3.3 Personal and anonymized dataIf information is aggregated or anonymized so that it can no longer be reasonably associated with an identified or identifiable natural person, we may use it for any business purpose. To the extent that information is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to in this Privacy Policy as "Personal Data."

In a nutshell

We use the data we store only to provide and improve the greenpass services and for related business purposes. Of course, we always comply with all applicable laws.

IV.  LEGAL BASIS

§ 4.1  Legal provisions. We process your data in accordance with the provisions

(a)  the General Data Protection Regulation (GDPR);

(b) Austrian data protection regulations, such as the Data Protection Act (DSG); and/or

(c)  other national provisions applicable to the matter. These may also be laws of the country in which you are resident.

§ 4.2 Data categories. We process the above-mentioned data categories in accordance with the following provisions of the GDPR:

(a) Registration data and account data based on Art 6 Para 1 lit a for those data whose processing you have consented to, and lit b for those data that we necessarily need to fulfill our contractual obligations;

(b) Other information based on Art 6 (1) (a) for data whose processing you have consented to, (b) for data that we necessarily need to fulfil our contractual obligations, and (f) for processing that is necessary to safeguard the legitimate interests of us or a third party; and

(c) Legal obligation In the event that the processing of your data is necessary to fulfill one of our legal obligations, this is based on Art 6 Para 1 lit c.

V.  DATA RETENTION

§ 5.1  SettingsWe retain user account data in accordance with your instructions and applicable laws. Depending on your chosen subscription plan, you may be able to adjust certain retention settings. Deleting user account data may result in the deletion or anonymization of certain other related information.

§ 5.2 Duration of storage.  We may retain Other Information about you for as long as necessary to fulfill the purposes described in this Privacy Policy. This may include retaining your Other Information even after your account is deactivated, as long as necessary to pursue our legitimate business interests, conduct audits, comply with and demonstrate compliance with legal obligations, resolve disputes, and enforce our agreements.

In a nutshell

We retain information for as long as necessary to provide the greenpass services or as is legitimate to support our business

VI.  RECIPIENTS OF THE DATA WE PASS ON

§ 6.1 Guidelines and PracticeHere we describe the circumstances under which we may share and disclose information. Generally, you set your own policies and practices regarding sharing and disclosure of information, and we have no control over how you or other third parties share or disclose information.

§ 6.2 Instructions and applicable law.We will only share and disclose user account information in accordance with your instructions and applicable law.

§ 6.3 Third-party service providers and partnersWe may engage third-party companies or individuals as service providers or business partners to process other information and support our business. For example, these third parties may provide virtual computing and storage services, or we may share business information to develop strategic partnerships with third parties to support our mutual customers. Before engaging a processor, we review its privacy, security, and confidentiality practices and enter into an agreement setting forth the relevant commitments.

(a)  Tools and applications,connected to our platform and the greenpass services.

i. Website activities

Zoho Page Sense 

Trinkausstr. 7, 40213 Düsseldorf, Germany

 Google Analytics  Gordon House, Barrow Street Dublin 4, Ireland

ii. Customer inquiries

Zoho CRM

Trinkausstr. 7, 40213 Düsseldorf, Germany

Zoho Forms Trinkausstr. 7, 40213 Düsseldorf, Germany
 Zoho Billing Trinkausstr. 7, 40213 Düsseldorf, Germany
 Zoho Bookings Trinkausstr. 7, 40213 Düsseldorf, Germany
 Zoho Campaigns Trinkausstr. 7, 40213 Düsseldorf, Germany
 Zoho Meeting Trinkausstr. 7, 40213 Düsseldorf, Germany

iii. Emails. We use the following services to send emails, which handle both processing and analysis of the transmission:

Zoho Mail 

Trinkausstr. 7, 40213 Düsseldorf, Germany

iv. Performance and quality of greenpass services. We use the following services to monitor performance and quality:

Zoho Analytics 

Trinkausstr. 7, 40213 Düsseldorf, Germany

v. Customer relationships and HR management. We use the following CRM/CMS software to improve customer and HR management:

Zoho CRM 

Trinkausstr. 7, 40213 Düsseldorf, Germany

 Zoho Recruit Trinkausstr. 7, 40213 Düsseldorf, Germany
 Zoho Desk Trinkausstr. 7, 40213 Düsseldorf, Germany
 Zoho Projects Trinkausstr. 7, 40213 Düsseldorf, Germany
Zoho Sign Trinkausstr. 7, 40213 Düsseldorf, Germany
Zoho Workdrive Trinkausstr. 7, 40213 Düsseldorf, Germany
 Trainer Central Trinkausstr. 7, 40213 Düsseldorf, Germany

vi.  Retargeting. We use the retargeting technologies of the following services to show you personalized advertising on our partners' websites:

Google Ads Gordon House, Barrow Street Dublin 4, Ireland

vii.  Marketing through partners. We use the following services for our marketing, particularly advertisements and analysis of customer reviews:

Zoho Marketing Automation 

Trinkausstr. 7, 40213 Düsseldorf, Germany

 Zoho Campaigns Trinkausstr. 7, 40213 Düsseldorf, Germany

viii.  Newsletter.  To send the newsletter we use

Zoho Campaigns 

Trinkausstr. 7, 40213 Düsseldorf, Germany

ix.  Surveys. We use the following services to improve our products through voluntary surveys, learn more about your usage behavior, and adapt marketing activities accordingly.

Zoho Survey 

Trinkausstr. 7, 40213 Düsseldorf, Germany

Zoho Forms Trinkausstr. 7, 40213 Düsseldorf, Germany

(b)  More information about the type, scope, purposes and, in particular, opt-out options for the services described in Section 6.3(a) can be found in the privacy policies of the respective provider.

(c)  The platform also contains links to other websites. These are provided for informational purposes only. We have no control over these websites or the content presented there. Such websites are therefore not covered by the provisions of this Privacy Policy. If you click on a link, the operator of such a website may collect data about you and process it in accordance with its own privacy policy, which may differ from ours.

(d)  External tools and applications. In addition to the above, you have the option to interact with a number of social networks on the platform via plugins. Clicking on a plugin for one of these social networks activates it and establishes a connection to the server of the respective network. We have no influence on the scope or content of the data transmitted to the operator of the respective social network when clicking on the plugin.

§ 6.4  Third-party services. You may enable third-party services. We require each third-party service to disclose all permissions to access information in the greenpass Services, but we do not guarantee that they will actually do so. If enabled, we may share Other Information with third-party services. Third-party services are not owned or controlled by us, and third parties granted access to Other Information may have their own policies and practices regarding the collection, use, and disclosure of Other Information.

§ 6.5  Change concerning our company. If we undergo or are subject to a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of our assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, similar transaction or proceeding, or take any steps in contemplation of such activities, some or all of the Other Information may be disclosed or transferred, subject to customary confidentiality agreements.

§ 6.6  Aggregated or anonymized information.We may disclose or use aggregated or anonymized Other Information for any purpose. For example, we may share it with potential or existing business partners for business or research purposes.

§ 6.7  Compliance with laws. If we receive a request to provide information, we may disclose other information if we believe that disclosure is in compliance with, or required to comply with, an applicable law, regulation or legal process.

§ 6.8  Enforcement of our rights, prevention of fraud, and security.We may disclose information to protect and defend our or third parties' rights, property, or safety, including to enforce agreements or policies, or in connection with investigations and prevention of fraud or security issues.

§ 6.9  Consent.We may share other information with third parties if we have your consent.

In a nutshell

We do not sell or otherwise share your information with third parties unless it helps us provide the greenpass services or we are legally required to do so

VII.  COOKIES

§ 7.1  Definition. Cookies are small text files that we send to your computer or mobile device to enable the functionality of the greenpass services or to facilitate their use. New cookies are sent to each user account and browser, so they are always unique.

§ 7.2  Types of cookies. Cookies can be divided into different categories depending on their characteristics, as shown below.

(a)  Storage period.

i. Temporary cookies remain only as long as your browser is open and are automatically deleted when you close your browser. They therefore only exist for the specific period of use of the greenpass services, i.e., a "session".

ii. Persistent cookies remain until deleted by you or your browser, or until they expire.

(b)  Creator of the cookies.

i. First-party cookies are set by us.
ii. Third-party cookies are set by third parties.

(c)  Need.

i. Necessary cookies are technically essential for the operation of the platform.
ii. Non-necessary cookies serve to improve and facilitate your use of the greenpass services, but are not technically necessary. These include, for example, cookies that help create personalized advertising for you.

§ 7.3  Our cookies. We use the following cookies:

(a) Necessary cookies;

(b) Analytics cookies; and
(c) Advertising and social media cookies.

A detailed list of the cookies we use can be found in Appendix § 7.3 of this Privacy Policy.

§ 7.4  Rejection of cookiesYou can refuse all cookies except those that are strictly necessary for the greenpass services, the necessary cookies. Such refusal may happen by

(a)  when visiting the website via the cookie banner; or

(b)  subsequently in your browser settings. How this works depends on the browser used. You can find a link to the instructions for the most common browsers here:

i. Microsoft Edge: https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d
ii. Mozilla Firefox: http://support.mozilla.com/en-US/kb/Cookies
iii. Google Chrome: http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95647
iv. Safari: http://support.apple.com/kb/PH5042
v. Opera: http://www.opera.com/browser/tutorials/security/privacy/

In a nutshell

we have the right to always collect technically necessary cookies

VIII.  SECURITY

§ 8.1  We take the security of your data very seriously. We work hard to protect the Other Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Other Information we collect, process, and store, as well as current technology advances. Given the nature of communications and information processing technologies, we cannot guarantee that information will be absolutely secure from intrusion by others while being transmitted over the Internet or while stored on our systems or otherwise in our care. When you click on a link to a third-party website, you will leave the Platform, and we have no control over, and do not endorse, the content of third-party websites.

In a nutshell

We are constantly trying to improve the security of our system to protect your data. This is an important concern for us.

IX.  AGE RESTRICTIONS

§ 9.1  Minimum age. We only permit the use of greenpass services to persons who are at least 16 years old.

In a nutshell

You may not use the greenpass services without the consent of your legal guardian if you are under 18 years of age

X.  EFFECTIVENESS AND CHANGES TO THE PRIVACY POLICY

§ 10.1  Effectiveness. This privacy policy will take effect on December 1, 2023.

§ 10.2  Changes. We may change this Privacy Policy from time to time. Such changes may be necessary as laws, other regulations, industry standards, or our business and the related services we offer evolve. We will post the changes on this website and encourage you to revisit our Privacy Policy from time to time to stay informed. If we make changes that materially alter the rights granted to you under this Privacy Policy, we will provide you with additional notice, for example, by email or through the Platform. If you do not agree to the changes to the Privacy Policy, you should deactivate your user account.

In a nutshell

Please check this page regularly as this privacy policy may change over time

XI.  INTERNATIONAL DATA TRANSFERS

§ 11.1  We may transfer your personal data to countries outside the European Economic Area for processing. We will strictly ensure that the level of protection required by the GDPR is maintained during such processing.

§ 11.2  The processing pursuant to Section 11.1 is carried out on the basis of a data processing agreement containing the standard contractual clauses of the Commission of the European Union.

In a nutshell

We have entered into contracts to ensure that all your data is secure, even if it is processed outside the EU

XII.  DATA PROTECTION OFFICER

§ 12.1  To communicate with our data protection officer, please send an email to florian.kraus@greenpass.io

In a nutshell

This is the person you can contact with any concerns regarding data protection

XIII. IDENTIFICATION OF THE DATA CONTROLLER AND THE DATA PROCESSOR

§ 13.1  Data protection law in certain jurisdictions distinguishes between the "controller" and the "processor" of information. Generally, the customer is the controller of registration data and account data, and we are the processor of registration data and the controller of other information.

In a nutshell

We acknowledge our responsibility in handling your data and our crucial role in maintaining the security and protection of data

XIV. YOUR RIGHTS

§ 14.1 Individuals located in certain countries, including the European Economic Area and the United Kingdom, have certain legal rights with respect to their personal data. Subject to legal exceptions, you have the right to request access to information, as well as to request that that information be updated, deleted, or corrected. We strive to enable you to do this through the settings and tools provided in your greenpass Services user account.

§ 14.2 To the extent that our processing of your personal data is subject to the EU General Data Protection Regulation (GDPR), we rely on our legitimate interests described above to process your data. We may also process other information that constitutes your personal data for direct marketing purposes, and you have the right to object to our use of your personal data for this purpose at any time.

In a nutshell

You have the right to know what personal data we have stored about you as an individual

XV. DATA PROTECTION AUTHORITY

§ 15.1 Data Protection AuthoritySubject to applicable law, you also have the right

(a) restrict our use of other information that constitutes your personal data; and

(b)  lodge a complaint with your local data protection authority or the Austrian Data Protection Authority, which is our lead supervisory authority in the European Union. If you are located in the European Economic Area and believe that our storage of your personal data falls within the scope of the GDPR, you may address questions or complaints to our lead supervisory authority:


Austrian Data Protection Authority

Barichgasse 40-42,

1030 Vienna

Austria / Europe

Phone: +43 1 52 152-0

Mail: dsb@dsb.gv.at

§ 15.2 United KingdomIf you are a resident of the United Kingdom and believe that we are managing your personal data in accordance with the personal data laws applicable there, you may address any queries or complaints to the UK supervisory authority, the Information Commissioner's Office

In a nutshell

Our handling of data protection matters is monitored by government authorities, which you can contact if you have any questions or concerns

XVI. CONTACT INFORMATION

§ 16.1 You may also contact us if you have any questions about this Privacy Policy or our activities, or if you wish to exercise any of your legal rights. We will respond to you within a reasonable timeframe. You can reach us at contact@greenpass.io or at the following postal address:


greenpass GmbH, Leopold-Ungar-Platz 2/4/423, 1190 Vienna, Austria.