Privacy Policy Website

Privacy Policy – SteadyTemp

Privacy Policy – SteadyTemp Website and Shop

1. Introduction

This Privacy Policy describes how SteadySense GmbH (“SteadySense”, “we”, “us”) processes personal data when you visit our website https://www.steadytemp.health or make a purchase via our online shop at https://shop.steadytemp.health (“Shop”).

This policy applies only to website and shop interactions — not to our SteadyTemp Apps (SteadyTemp App or SteadyTemp Professional App). For information on the SteadyTemp Apps, please see the respective App Privacy Policies.

2. Controller and Contact

SteadySense Gmbh

Johann-Schreiner-Strasse 3,
8074 Raaba-Grambach,
Austria
Tel: 0043 316 232004
E-Mail: gdpr@steadysense.at
Website: https://www.steadysense.at

3. Categories of Data Processed

When you use our website or shop, we may process:

Data type

What we process

How we get it

Access data

IP address, browser type/version, operating system, referring URL, time of access

Collected automatically when you use the site

Order data

Full name, billing/shipping address, phone number, email address

Entered by you during checkout

Payment data

Payment method, transaction ID, payment status

Processed by SumUp Limited (our payment provider)

Support / contact data

Information you submit via email or contact form

Provided voluntarily by you

Cookies & analytics data

Device information, session data, consent preferences

Collected automatically via SumUp and cookie tools

We do not require registration or creation of a customer account to complete purchases.

4. Purpose and Legal Basis

Purpose

Legal Basis

Explanation

Processing orders and delivering products

Art. 6 (1) (b) GDPR

Necessary for performance of the purchase contract

Communicating order status, invoices, and shipping updates

Art. 6 (1) (b) GDPR

Contractual necessity

Payment processing via SumUp

Art. 6 (1) (b) GDPR

Contract performance; see also SumUp’s Privacy Policy

Providing customer service or responding to requests

Art. 6(1)(b) and/or (f) GDPR

Legitimate interest in user communication

Website security and functionality

Art. 6(1)(f) GDPR

Legitimate interest in safe operations

Fulfilling legal obligations (e.g., tax, accounting)

Art. 6 (1) (c) GDPR

Legal requirement under Austrian tax law

Cookie-based analytics and performance tracking

Art. 6 (1) (a) GDPR

Consent via cookie banner

5. Payment Processing (SumUp)

All online payments are processed securely by SumUp Limited, 16–20 Shorts Gardens, London WC2H 9US, United Kingdom. SumUp acts as an independent controller for payment transactions.

During checkout, necessary payment details (method, amount, transaction reference) are transmitted to SumUp over encrypted HTTPS connections. We do not receive or store your full credit card or bank information.

For more details see: https://www.sumup.com/en-gb/privacy/

6. Cookies and Tracking Technologies

6.1 Overview

Cookies are small text files placed on your device. We use them to ensure our website and shop function properly, to improve usability, and—if you consent—to analyze aggregated visitor behavior.

6.2 Types of Cookies Used

Category

Purpose

Examples

Legal Basis

Retention

Essential Cookies

Required for website and checkout operation (cart, payment flow, cookie preferences)

_sumup_session, session_id, cookie_consent_status

Art. 6(1)(b)

Session / until browser closed

Functional Cookies

Remember preferences such as language or region

locale_pref

Art. 6(1)(a)

Up to 6 months

Analytics Cookies

Measure site traffic and improve performance (anonymized)

_ga, _gid, _gat

Art. 6(1)(a)

13 months (max)

Marketing Cookies

Only used if SumUp or Google Ads remarketing is enabled

_gcl_au

Art. 6(1)(a)

13 months (max)

6.3 Cookie Consent and Withdrawal

When you first visit the site, a cookie banner appears.
You can:

Accept all cookies
Reject non-essential cookies
Choose specific categories

Your consent choices are stored locally and can be changed anytime under “Cookie Settings” in the footer.

6.4 Third-Party Cookies and Analytics

Google Analytics (IP Anonymization Enabled)

Used to generate anonymized statistics on site usage. Google Ireland Ltd. processes this data on our behalf. Your IP address is truncated before processing. Consent: Art. 6(1)(a) GDPR. Opt-out anytime via cookie settings. Privacy info: https://policies.google.com/privacy

Firebase Analytics (optional)

We may use Firebase to monitor basic site performance (page views, load times). Data are aggregated and pseudonymized. Consent: Art. 6(1)(a) GDPR. Privacy info: https://firebase.google.com/support/privacy

6.5 Managing Cookies Manually

You can also delete or block cookies via your browser settings. However, this may prevent parts of the shop (e.g. checkout or payment) from working correctly.

7. Data Recipients

Category

Recipient

Purpose

Payment Processing

SumUp Limited (UK)

Secure transaction processing

Web Hosting

[Insert hosting provider name, e.g. Netlify, AWS, or provider used by SumUp]

Hosting of website and shop

Shipping Providers

Austrian Post / DHL / UPS (as applicable)

Delivery of ordered products

Accounting Services

Authorized external accountant

Financial record-keeping

Analytics

SumUp (Performance Cookies)

Site usage analysis (anonymous)

All partners are bound by contractual agreements under Art. 28 GDPR.

8. Data Retention and Storage Periods

We store personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law. Once the retention period expires, the data are deleted or anonymized in accordance with data-minimization and storage-limitation principles (Art. 5(1)(c),(e) GDPR).

Data type

Purpose of Storage

Retention / Storage Period

Deletion Procedure

Order & Invoice Data

Fulfillment of contract, warranty, tax and accounting documentation

7 years under Austrian Commercial and Tax Law (§ 132 BAO, § 212 UGB)

Automatic deletion or archiving after legal period

Payment data

Transaction reference for refunds / audits

7 years

Automatic deletion or archiving after legal period

Shipping Data

Product delivery and potential returns

7 years

Erased together with order record

Customer Correspondence / Support Inquiries

Responding to questions, ensuring service quality

Up to 24 months after resolution

Manual deletion or automatic purge

Marketing / Newsletter Data

Sending newsletters or promotions

Until consent is withdrawn

Immediate suppression from mailing list

Cookie & Analytics Data

Site usage statistics and preferences

Up to 13 months (depending on cookie type)

Automatic expiration or user deletion

Server & Security Logs

System security and error diagnostics

90 days

Automatic deletion from hosting infrastructure

After expiration of the stated periods, personal data are securely erased or permanently anonymized.

9. Data Subject Rights

You have the right to:

Access your data (Art. 15 GDPR);
Rectify incorrect data (Art. 16);
Request deletion (Art. 17);
Restrict processing (Art. 18);
Withdraw consent at any time (Art. 7(3));
Lodge a complaint with a supervisory authority.

Contact: gdpr@steadysense.at

Supervisory Authority:

Austrian Data Protection Authority (DSB),

Wickenburggasse 8–10, 1080 Vienna, Austria

E-Mail: dsb@dsb.gv.at

10. International Data Transfers

Where services involve transfers to countries outside the European Economic Area (EEA) (e.g. UK or US), they are protected by:

Adequacy Decision (for UK), or
Standard Contractual Clauses (SCCs) for other third countries.

11. Security

We use state-of-the-art technical and organizational measures to protect your personal data, including:

SSL/TLS encryption for all website traffic;
Secure payment processing via PCI-DSS-certified provider (SumUp);
Regular review of data security and hosting.

12. External Links

Our website may link to third-party pages (e.g., SteadyTemp apps, partner sites). We are not responsible for their privacy practices and encourage you to review their respective privacy policies.

13. Updates

We may update this privacy policy as necessary to reflect new legal or technical developments. The current version is available at any time at: https://www.steadytemp.health/datenschutzerklaerung/

Last updated: 2025-11-18