As a service provider in the field of electronics and medical device technology, SteadySense GmbH (hereafter also abbreviated to ‘SteadySense’) takes the protection of your personal data very seriously. We collect and process personal data only to the extent described here and in accordance with the regulations of the GDPR. The following notice describes how we provide this protection, what data is collected for what purpose and how it is processed.
Responsible person and contact details
If you have any questions regarding the processing of your personal data, please contact us:
Kärntner Strasse 518
Tel: +43 316 232004
SteadySense processes personal data that is collected or transmitted by business partners in the context of a business relationship. The following categories of personal data are - depending on the service - the subject-matter of the processing:
- Inventory data (for example, names, addresses).
- Contact details (e.g. e-mail, telephone numbers).
- Content data (e.g. text input, photographs, videos).
- Usage data (e.g. websites visited, interest in content, access times).
- Meta/communication data (e.g. device information, IP addresses).
- Health details (e.g. Cycle length, weight,…)
Purpose and Legality
SteadySense processes personal data to provide services related to medical device technology. The following legal principles can be taken into consideration:
Fulfilment of contractual obligations and pre-contractual measures pursuant to Article 6 paragraph 1 (b) of the GDPR
In order to provide our contractual or pre-contractual services to our business partners, the processing of personal data is necessary. If you do not wish to provide us with this data, it may be impossible to conclude the contract or execute the order or pre-contractual services. An existing contract can no longer be executed under these circumstances and may have to be terminated. Please refer to the individual contracts for the scope and specific purpose of data processing. If you have registered as a test person, this is only so you can be contacted for future tests. Your data will be deleted after 24 months.
Protection of legitimate interests pursuant to Article 6, paragraph 1 (f) DSGVO
There is a legitimate interest in data processing by us or by third parties in the following cases:
- Newsletter distribution
- Processing an order
Consent according to Article 6, para 1 (a) GDPR
If the processing of personal data goes beyond contractual or legal obligations and a legitimate interest, SteadySense will seek the consent of business partners, for example for the distribution of our newsletter. In the event of consent, the data will be processed exclusively for the stated purpose. Consent given can be revoked at any time. The revocation can be given both in writing and orally: firstname.lastname@example.org.
The recipients of the personal data are employees of SteadySense, who process them according to the purpose of use and the legal framework. Depending on the purpose of the processing, SteadySense will pass on data to contract processors (especially newsletter service providers, online payment processing service provider and logistics partners), if we need to do so in order to fulfil the relevant task. SteadySense is committed to compliance with data protection regulations when selecting its contract processors and has entered into agreements with the contract processors to ensure that personal data is processed confidentially and carefully. The collected data will not be sold or passed on to uninvolved third parties. Depending on the contract, the data may have to be forwarded to third parties.
We will only keep your data for as long as is necessary for the fulfilment of the contractual, pre-contractual or legal obligations and is permissible under the applicable law. Personal data, which you provide when contacting us, will be stored after responding to your question until further notice. Among other things, SteadySense is subject to the following legal storage obligations:
- Business Code (UGB Austria)
- Federal Fiscal Code (BAO Austria)
- General Civil Code (ABGB Austria)
You have a right to information about processed personal data, its amendment, deletion and restrictions on processing by SteadySense, unless legal or contractual provisions conflict with these rights. In addition, you have the right of appeal to the supervisory authority:
Austrian Data Protection Authority
Website - Personal data
In the course of your visit to our website, we will potentially process the following personal data:
- Date and time the website was accessed
- Your IP address
- Name and version of your Web browser
- The website (URL) that you visited before you visited our website
- Certain cookies (see next point)
Online-Shop/In-App-Shop - Personal data
To enable us to process and complete your order in our Online-Shop/In-App-Shop, we require your complete and correct name, address, and payment details as well as your e-mail address. We need your e-mail address in order to confirm the receipt of your order.
Our website uses features of the web analysis service Google Analytics from the ’ Google ’ company:
1600 Amphitheatre Parkway
Mountain View, CA 94043
Google Analytics collects the number of users and the usage behaviour on our website. Cookies are used for this, they enable the analysis of the use of the website by our users. The information generated in this way is transferred to the provider’s servers in the USA and stored there. We have entered into a corresponding contract with the provider for the purposes of assignment-related data processing. If you do not want your usage behaviour to be recorded on our website, you can prevent this by setting your browser so that no cookies are stored. You can prevent the installation and storage of cookies by setting your browser software accordingly and by downloading and installing the browser plugin which is available free of charge.
We also use the Google Firebase Service to analyze any app crashes.
Newsletter distribution is managed by ‘Mailchimp’
The Rocket Science Group
LLC, 512 Means Street Suite 404
Atlanta, GA 30318
‘The Rocket Science Group’ guarantees, by certification in accordance with the ‘EU- US Privacy Shield’, available at privacy-shield, that the data protection regulations of the EU are also observed when processing data in the USA. Further data protection information from ‘The Rocket Science Group’ can be found at: Mailchimp
When you register for our newsletter, your registration data, namely your e-mail address and IP address, are processed and stored by ‘The Rocket Science Group’. In addition, ‘The Rocket Science Group’ uses so-called ‘Web Beacons’ to evaluate whether and when you have read our newsletter and whether you have followed any further links.
As part of our social media marketing and advertising campaign SteadySense will use and create Facebook Events. These include:
Method of use Kinderwunsch or Cycletracker
The femSense app and website use tracking tools to track the performance of our services, this ist necessary to better understand how you use our products, and to see what improvements we need to make to offer a better service.
Apple Health iOS
You can choose whether and to what extent your personal data is shared between the femSense app and Apple Health. Permission can be granted or revoked in the Apple Health settings at any time. With your permission femSense may interact with the Health app on your iOS device. This may include a transfer of your personal data to Apple servers located outside the European Union
SteadySense may not use or disclose to third parties data gathered in the health, fitness, and medical research context—including from the Clinical Health Records API, HealthKit API, Motion and Fitness, MovementDisorderAPIs, or health-related human subject research—for advertising, marketing, or other use-based data mining purposes other than improving health management, or for the purpose of health research, and then only with permission.
SteadySense may not use information gained through the use of the HealthKit framework for advertising or similar services.
SteadySense may not disclose any information gained through HealthKit to a third party without express permission from the user. Even with permission, SteadySense can only share information to a third party if they are also providing a health or fitness service to the user.
SteadySense may not sell information gained through HealthKit to advertising platforms, data brokers, or information resellers.
If the user consents, SteadySense may share his or her HealthKit data with a third party for medical research but must clearly disclose to the user how the app will use their HealthKit data.
SteadySense values your privacy and does not sell personal data to third parties.
Sensitive information (e.g. menstrual cycle data) entered in the femSense App that can be connected to the user is stored for internal analytics purposes and to monitor the functionality of the femSense App. The provided sensitive information is not shared with any third parties.
User content in the femSense App is generated in the event of submitting a customer support request and is solely used for internal analytics purposes and to monitor the functionality of the femSense App. The provided user content is not shared with any third parties.
In the event of crashes of the femSense App, crash reports are anonomously submitted for analytics purposes and to monitor the performance of the femSense App, and are not shared with any third parties.
Legal basis and purpose of data processing
We process the personal data collected on this website on the legal basis of our legitimate interest pursuant to Article 6, paragraph 1 (f) of the, GDPR, which is to achieve the following objectives: To provide, develop and improve this website, compile usage statistics, detect, prevent and investigate attacks on this website.
We store your personal data for a period of 24 months. A longer storage would only be necessary, in order to investigate attacks on our website.
Deleting your account
If you wish to delete your femSense account, please use the “contact support” function in the menu of the femSense app and state that you wish to delete your account. Your account will be deleted within 2 working days.
All SteadySense employees are required to maintain secrecy about any information disclosed by you in the context of their employment or business.
Data security is very important to us. SteadySense has taken all necessary technical and organizational measures to ensure the security of data processing and to protect personal data from access by unauthorized third parties. SteadySense’s IT infrastructure complies with current security requirements and is checked regularly.
The femSense system uses a variety of cryptographic methods for security purposes and to protect the transmission of confidential content, such as temperature data and cycle data.
The HTTP connection between the app and the backend server is encrypted using the TLS method. The server is located in Europe and is hosted by SteadySense.
SteadySense does not store any payment-related data and archives health data and body measurement data only anonymously.