Whalecard (“whalecard”, “we,” “us” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy sets out how we collect, use and share data which identifies you or is associated with you (“personal data”).
Please read this Privacy Policy carefully to understand our views and practices regarding your personal data and how we will treat it. By using and accessing https://www.whalecard.co (the “Service”), you consent to the use of your personal data as described in this Privacy Policy.
Please note that your data shall be processed respecting Austrian laws and “REGULATION (EU) 2016/679” of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR).
The legal basis of the data processing is the contractual relationship between Whalecard and you.
For your information, the Data Controller is:
Whalecard, whalecard.co Laaer-Berg-Straße 47/192, 1100 Vienna, Austria
Data we collect directly from you
We collect data from you when you submit data to us. The following are examples of when we may collect data directly from you:
When you fill in and submit forms on the Service, including forms submitted at the time of registering to use our Service, conducting assessments, reporting a problem with the Service or requesting further information from us. When you contact us via online submission, telephone, electronic mail or regular mail, we may keep a record of that correspondence. When you complete surveys via the Service. When you post comments or opinions to us on the Service or third party website where we have a profile or presence (e.g. on our Linkedin page).
From companies we usually collect the following major data, but the list might vary depending on your Service usage, plans etc.:
Information about how you connect to the Service
We collect your IP address, your presumed country and your presumed city.
Information about how you use the Service
The data we collect directly from you, about how you use the Service and about how you connect to Service may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things the provision of support services. By using the Service you consent to any transfer, storage or processing of your personal data outside of your country. We only transfer your personal data to countries that ensure adequate level of protection. We will take all steps reasonably necessary to ensure that personal data is treated securely and in accordance with this Privacy Policy and article 46 of GDPR. You can obtain a communication of the safeguards we have implemented to protect your data in countries outside the EEA, by sending an email to privacy@whalecard.co. Note that those transfers are necessary for the performance of the contract. All data you provide to us is stored on secure servers of a third party providing data hosting services to us under our control or on computing machines of Whalecard.
We use the collected data in the following ways
To manage your account and provide you with the features of the Service, validate and keep your personal data accurate. We will use data we collect directly from you for this purpose. To ensure that content from the Service is presented in the most effective manner for you and for your device and to display content and features that are tailored to you, your interests and how you use the Service. We will use data we collect directly from you, data about how you use the Service and data about how you connect to the Service for this purpose. To provide you with data about products or services of Whalecard that you request from us or which we feel may interest you (in accordance with your marketing preferences). We will use data we collect directly from you for this purpose. To determine and predict data that may be of interest or relevant to you. We will use data we collect directly from you, data about how you use the Service and data about how you connect to the Service for this purpose. To carry out our obligations arising from any agreements entered into between you and us, such as allowing our employer clients to evaluate any test you have taken. We will use data we collect directly from you, data about how you use the Service and data about how you connect to the Service for this purpose. To notify you about changes to the Service and address complaints, comments and issues you have in relation to your use of the Service. We will use data we collect directly from you for this purpose. To prevent, detect and investigate illegal activities, breaches of any agreements entered into between you and us and threats to the security of the Service. We will use data we collect directly from you, data about how you use the Service and data about how you connect to the Service for this purpose. To produce aggregate statistical data and analytics about users of and their submissions to the Service from which individuals cannot be directly identified.
Integrity and Retention of Personal Data
Whalecard will retain your personal data for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.
As Controller of the data processing, Whalecard processed data in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
Disclosure of Personal Data
We may disclose your personal data to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries and the employees, agents, officers, directors and contractors of the foregoing entities. These companies will only use your personal data in the same way and for the same purposes as we can under this Privacy Policy.
We may disclose your personal data to third parties
Who provide a service to us. These third parties will only be allowed to use your personal data in accordance with our instructions and will be required to keep your data secure. In the event that we sell or buy or transfer any business or assets (in part or whole), in which case we may disclose your personal data to the prospective seller, buyer or recipient of such business or assets.In order to respond to a subpoena, court order or other legal duty or obligation (including without limitations requests or demands from law enforcement and government authorities and regulators). In order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person or to prevent financial loss to any person or entity, including WhaleCard, its customers, clients, and other parties. In order to enforce or apply any agreement we have with you. When acting as an assessment candidate, business partners who offer a service to you jointly with us. For example, 3rd party HR consultancy firms that might conduct soft skill interviews of your candidates jointly with us.
Access to Information
You have a right to access and rectify your personal data, and with legitimate reason you have the right to restrict and erase data which concern you. You have also a right to data portability and the right to withdraw your consent. You may at any time request to exercise those rights by contacting us by email: privacy@whalecard.co or by postal mail sent to the following address:
Whalecard, whalecard.co Laaer-Berg-Straße 47/192, 1100 Vienna, Austria
If you have any question or any claim, we will do our best to answer you, but in case we are not able to satisfy your demand, you can lodge a complaint with a supervisory authority.
Changes to our Privacy Policy
Any changes we may make to our privacy policy in the future will be posted on this page. We may change, modify, add or remove portions of this Privacy Policy at any time in order to maintain the transparency we apply in the processing of your data. We will use reasonable endeavors to inform you of any material changes when they occur. We may do this by email or notice on the site as we consider appropriate. Any changes will be updated on this Privacy Policy page. You should periodically review our Privacy Policy page for any such changes and can object to them by unsubscribing from the Service (i.e. deleting your account). Please further note, depending on your particular interaction with us, different portions of this Privacy Policy may apply to you at different times.
Contact
Questions, comments and requests regarding this Privacy Policy are welcome and should be directed to privacy@whalecard.co