The EU General Data Protection Regulation (GDPR) applies to the processing of personal data carried out in the use of the discuto.io platform. discuto.io is a service of Community Based Innovation Systems GmbH (cbased).
The processor is Community Based Innovation Systems GmbH represented by Mr. Hannes Leo, Email: firstname.lastname@example.org
The purpose of the processing is to organise ideation, document crowdsourcing and survey projects on discuto.io.
The categories of data collected and used for the processing operations are:
- username, eMail address, password, IP address plus facultative information the user decides to add to the user profile (e.g. first name, last name, sector, affiliation, picture, social media handles, etc.);
- data produced during ideation or document crowdsourcing projects by voting, commenting and uploading ideas, attachment, pictures and videos.
The username, picture and the contributions of a user (e.g. comments and uploaded ideas) are displayed on the platform - i.e. in the ideation and document crowdsourcing processes and the user page. The votes of a user on the platform are secret, i.e. other participants cannot see how a user voted.
cbased bears the right to appoint Third Parties with the provision of its services, either partially or as a whole. In this case the ToS remain applicable.
cbased reserves the right to change the ToS at any time without prior notice. Users will be informed by email and through publication on the website four weeks before changes will come into effect.
Recipients or categories of recipients of the data is cbased.
Communication of the personal data are voluntary. Failure to reply will not enable the user to use the platform.
Uploaded comments and ideas cannot be altered by the user. Any rectifications have to be sent to email@example.com. Votes can be altered as long as the process concerned is active.
Registered users can delete their account and all other related data at any time. The data is stored until the user decides to delete his/or her data.
After de-registration the stored user data, such as name, address and IP address, will be deleted within 30 days. Messages, posts, comments and votes will be made anonymous and will remain accessible in the course of the services provided by discuto. The email address will be stored until revocation of the desired information emails.
Participants (i.e. registered users that took part in ideation or crowdsourcing processes) have the right to access and rectify the data concerning him or her on the user profile.
Measures in place to ensure appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage?
cbased is not operating own servers but rents server services from Hetzner Online GmbH (hetzner.de).
The servers are standing behind a firewall, also the datacenter has a Anti-DDoS protection against such attacks.
The servers use redundant SSD disks in RAID mirror configuration for high availability. Also there is incremental backup in 2 separated places (one in datacenter, the other in a cloud storage service). All backups are encrypted.
In case of disaster, the estimated recovery of any server is at no more than 1 hour outage.
The communication client-server is encrypted by using ssl (https) with certificates issued and recognised by an authority.
All server and platform components are maintained, patched and updated on a regular basis. Our maintenance team keeps track of disclosed bugs and patches of the software immediately. We carefully monitor every server for outages, too.
Information about our hosting service provider (company information, data center, certification, environment and protection, etc.) - Hetzner Online GmbH- can be found here: https://www.hetzner.de/gb/hosting/unternehmen/ueber-uns
To make this site work properly, we sometimes place small data files called cookies on your device. Most big websites do this too.
What are cookies?
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language and other preferences) over a period of time, so you don't have to keep re-entering them whenever you come back to the site or browse from one page to another.
- when you last visited discussions and where you commented
- if you have already replied to a survey pop-up that asks you if the content was helpful or not (so you won't be asked again)
Cookies are also stored by PIWIK, the programmes which measures the effectiveness and efficiency of discuto.io.
Enabling these cookies is necessary for the website to work and will provide you with a better browsing experience. You can delete or block these cookies, but if you do that some features of this site may not work as intended.
The cookie-related information is not used to identify you personally and the pattern data is fully under our control. These cookies are not used for any purpose other than those described here.
How to control cookies
You can control and/or delete cookies as you wish - for details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.