Welcome to SPOTTERON
SPOTTERON provides smartphone applications, web-applications, websites and media for partners, based on the service of the SPOTTERON platform and as associated media like video, animation or data visualization or homepages for projects and initiatives. We are constantly extending and improving the platform’s set of features and possibilities to create a topic related network of project`s apps, websites, tools and media, which offers innovative and unique features to users and project partners alike.
The service includes all the SPOTTERON features, applications (both smartphone and web apps), services, technologies, products and software that we provide and constantly evolve to create a modern and customizable platform for custom projects in the fields of science, environment protection and social agendas in collaboration with partners from institutions, organizations or companies.
SPOTTERON provides the service to enable partners in science, environment protection and social agendas to run own standalone smartphone apps on a common platform. For users this enables to participate in such projects by providing geo located data points (aka “spots”) or answers in questionnaires in apps or in interactive web-applications and be part of a topic related community.
To fulfill this mission and contribute to science, environment protection and social agendas, we provide apps, services and products within a scope of:
Connect and contribute
Every project on the platform is administered by one or more partner organizations, which are displayed in every app in the information section (about [project name]). Through your first contribution in a particular project on the platform, you agree that the according partners can access a copy of your basic profile information for contact, e.g. for questions about your observation or fot providing of information about the partners activities via eMail if you have given consent at the registration of your account or in the partner’s app via in-app overlay dialog.
All partners of the SPOTTERON platform agree to use the personal data of users internally only and do not give it to third parties without the user's consent.
Communication and networking
By providing the option to follow other user accounts and built-in communication tools, we support creating topic related communities within the projects. We provide a user search in-app to find new connections and friends, using the optional extended information if you provide it for better results. We provide and develop communication tools for all users and project partners to be able to exchange and interact with each other. For the project’s partners, we provide additional tools to get in contact with you via direct messages with push notifications or email for questions, news, requests or feedback.
Research and development
We constantly improve and extend the service, providing better tools and innovative solutions for project partners. We use your feedback to improve current features and also to incorporate suggestions or ideas, if possible. All parts and features of the service can change anytime and new functionalities are added to the platform’s feature-set.
Inform and educate
We are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of the GDPR.
USING THE SERVICE WITHOUT AN ACCOUNT
You can always use the applications of the projects on the SPOTTERON platform without registering or logging in for browsing, displaying and reviewing of the spots and contents - however if you want to participate actively, you have to create your own user account or log in to be able to be part of the community.
YOUR PERSONAL DATA
What personal data we store:
As unique logins, the only mandatory fields at registration are an unique username, your email address and a form of address (mister, misses, organisation or school class) along with your password. To personalize your user profile, which is findable by user search and linked in the authorship badge of your contributions we can add additional optional information about yourself like a display name, a personal quote, your interests, birthday, education, tools you use for observations, workplace, city, postcode or country. All these fields are optional. You do not have to provide your real name in your user account, we encourage you to use pseudonyms as username and display name. You can also add a profile image (aka “avatar”) to your user profile. To comply with the EU GDPR, we also log changes and read requests of personal data in-app and your IP address via log files. Our main policy and procedure document for data protection does meet the standards and requirements of the EU GDPR. Accountability and governance measures are in place to ensure that we understand and adequately disseminate and evidence our obligations and responsibilities; with a dedicated focus on privacy by design and the rights of individuals.
We do not implement third party tracker software like analytics or external scripts from social media buttons in any of the apps, running on the SPOTTERON platform, nor do we build data profiles about yourself or any other user on the platform.
Updating your personal data:
You can always edit your user profile information to update your personal data in the smartphone apps and interactive web-app of any of the projects running on the SPOTTERON Citizen Science platform.
Requesting your personal data
In the apps and interactive maps of a project you have been active in under “Settings” you can find a link to request a copy of the personal data we have stored about you. We will provide the data within 15 business days via eMail.
Deleting your data aka “Right to be forgotten”:
In the apps of the projects under “Settings” you can find a form field for deleting your personal data from our database. When submitted, we will erase your personal data and anonymize your contributions in the project. We also automatically forward your request for deletion to all the partners of projects, you contributed to. We have this dedicated erasure procedures in place to meet the new ‘Right to Erasure’ obligation and are aware of when this and other data subject’s rights apply; along with any exemptions, response timeframes and notification responsibilities.
Storage and encryption:
We always use TLS/SSL encryption for your personal data to protect it. Your information is stored in the Cloud Servers we use for the service (currently: AWS on European Servers) and in rotating encrypted backups on the server cloud.
Our breach procedures ensure that we have safeguards and measures in place to identify, assess, investigate and report any personal data breach at the earliest possible time. Our procedures are robust and have been disseminated to all partners and employees, making them aware of the reporting lines and steps to follow.
International Data Transfers & Third-Party Disclosures
Where we store or transfer personal information outside the EU, e.g. on an international server hosting for performance optimization, we have robust procedures and safeguarding measures in place to secure, encrypt and maintain the integrity of the data. Our procedures include a continual review of the countries with sufficient adequacy decisions, as well as provisions for binding corporate rules, standard data protection clauses or approved codes of conduct for those countries without.
USING THE SPOTTERON SERVICE
1) Who may use the SPOTTERON service:
You may only use the service if
- you are not a person prohibited to receive services under the laws of the applicable jurisdiction
- you are at least 16 years old
If you are accepting these terms on behalf a government or non-government organization, company or other legal entity, you represent and warrant to be authorized to do so. Any use on any content, locations, maps or materials on the SPOTTERON platform by you is at your own risk.
2) Privacy and Data Protection
In our Data Policy, you can find what kind of personal information we process when you use our services. You declare your complete understanding that by using our services you agree to the collection, processing and use of this information as set forth in the Data Policy, including the transfer of this information within the European Union and/or other countries for processing, storage and use by SPOTTERON and its partners and affiliates.
Apps and software on the SPOTTERON platform are designed for sharing observations, user interactivity and to create communities in topic related environments. By nature, these apps and software allows you to submit user generated content, for which you are responsible including its compliance with the applicable laws and regulations.
We do not support, endorse or guarantee the accuracy, truthfulness or reliability of any content posted on or by other users or partners of our service, nor do we endorse any opinions or thoughts expressed on our platform by any user or project partner. All content is the sole responsibility of the user who submitted the content to the platform via any of our services, and we do not take responsibility for any user generated content. SPOTTERON and the project partners always have the right to modify or delete any of the content, you provided in the projects without further notification.
4) Content Licences and Intellectual Property Rights
4.1) Your contribution's data
Contributions aka "spots" in the projects running on the SPOTTERON platform can have standardized data attached, like classification information, GEO coordinates. timestamps, measurements and other. If such data is protected by any intellectual rights or law, you grant SPOTTERON and the projects a transferable, royality-free, non-exclusive, sub-licenceable, unlimited and worldwide licence to host, share, modify, use, display, distribute, modify, copy, publicly perfom, translate or create derivate works. This means that your submissions can be used e.g. by the project's partners in scientific analysis or can be combined with other data to create new knowledge.
If a project does publish its data sets as "Open Data" for public download and use, your anonymized contributions can be part of such a data set and can be made available to everyone for free use. Projects that publish their data set as Open Data do state that in the project's description, in the information panel and in the first introduction slide, visible when you open up the according app the first time. If not stated otherwise, the licence applied to such a project`s data is Open Database Licence (ODbL, opendatacommons.org). The published data sets never include any personal data and the projects using Open Data licences are liable for anonymizing all data export from our platform before publication.
4.2) Your Submission's content (aka “spot content”)
We support open data and non commercial works - for being able to provide the media content you created in your observations and submissions to partners for science, environment protection and social agendas, we licence all content protected by intellectual property rights as Creative Commons CC:0.
All works in user generated content, submitted through our service is licensed under the Creative Commons Licence CC:0 ("No Rights Reserved"). To the extent possible under law, by submitting works to our service you waived all copyright and related or neighboring rights to your content including pictures, photographs, media and text and licensed your works under CC:0. By waiving all copyright and intellectual property rights you allow the free use of your submitted works. By submitting work to our service, you agree to have the full rights to do so and take sole responsibility for applying the licence in effect. When submitting media containing persons, trademarks, private property or content protected by other laws, you represent and warrant to have all the permissions of the involved parties to do so.
4.3) User profile content
You retain full rights of any content submitted to be displayed on your user profile page, including all text and the user avatar (aka "profile picture") and grant us and the project partners of the applications, you submitted user generated content to, a worldwide, non-exclusive, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such content in any and all media or distribution methods (now known or later developed). This enables us and the project partners to display your user information along with the submissions in the applications and make it available to the rest of the world and to make your authorship available to other organisations, companies or individuals for display, broadcast, syndication and promotion or publication.
The use of your user profile content does not include a right for compensation payments to you. You can always delete or change your user profile content or request the deletion of your user account according the European Union law (GDPR).
For all your content submissions on the user profile and the community areas like comment sections, you grant us a transferable, royality-free, non-exclusive, sub-licenceable and worldwide licence to host, modify, use, display, distribute, modify, copy, publicly perfom, translate or create derivate works of your content. You can end this licence anytime by deleting your account or removing your content.
We respect intellectual property rights (“Urheberrecht”), person and trademark laws and expect you to do the same. We always reserve the right to delete content violating applicable laws or our standard licences for content without our sole discretion or prior notice, without liability to you or other parties. We and the partner organisation of the apps you contributed to can also remove content if it is not in the scope of the project's topic. We may also disable your user account if you repeatedly submit content violating our terms or if you repeatedly violate our community standards by posting hate speech, swear words or content, that we think is not fitting for our audiences.
1070 Vienna, AT
By using any of the applications based on the SPOTTERON service you agree not to interfere or misuse our service or using a method other than the tools and interfaces we provide for use.
You may not do any of the following while accessing or using the services:
1) probe, scan, or test the vulnerability of any system or network or breach or circumvent any security or authentication measures;
2) access, tamper with, or use non-public areas of the Services, SPOTTERON’s or its partner’s computer systems, or the delivery systems of SPOTTERON’s providers or partners;
3) access, search or attempt to access or search the services by any means (automated or otherwise) other than through our officially published current interfaces that are provided by us (and only in the range of SPOTTERON’s terms and conditions), unless you have been specifically allowed to do so in a separate agreement with us. Crawling the service by robots for search indexing is permitted in accordance with the robots.txt file, however, scraping the services without the prior consent of SPOTTERON and its partners is expressly forbidden);
4) interfere with, do or try to to disrupt the access of any user, host or network, including (without limitation) sending malicious software, flooding, mail-bombing or spamming or by scripting the creation of content.
5) forge any TCP/IP packet header or any part of the header information in any email or posting, or in any way use the Services to send altered, deceptive or false source-identifying information;
6) Push Messaging
Part of our service is enable project partner to send project messages with push notification to all installations of the partners project app. You agree to receive these messages and notifications in the notification area of your device.
7) Ending These Terms
You may end your legal agreement with SPOTTERON at any time by deleting your account in any of the apps running on the platform and discontinuing your use of the services.
These terms are the entire agreement between you and the SPOTTERON Gmbh in regard of using the service.Particular partners of projects can have additional terms or content licences, which are always stated at the project`s description and in the information panel like for example science projects making anonymized data available as open data for the research community. These addtional terms or licences will become part of our agreement with you in such a case.
If any part of these terms is found to be unenforceable, the other parts will still remain in full effect.
Information Security & Technical and Organisational Measures
We take the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process. We have robust information security policies and procedures in place to protect personal information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures, including:
- SSL/TLS encryption of all transfer of personal data both in applications and on websites
- Encrypted and secure access control to the administration interface for partners
- Strong password protected storage of access codes to administration tools and login areas
- Server & Cloud storage at respected and high quality providers of such services
- internal policies to avoid including third party software or scripts (e.g. Analytics, Social Media scripts, etc) as much as possible, both in applications running on the SPOTTERON platform and also on webdesign projects we develop.
DPO, GDPR Roles and Employees
We have designated Philipp Hummer as our Data Protection Officer (DPO) and have developed and implemented a roadmap for complying with the new General Data Protection Regulation. Our team is aware of the GDPR across the organisation, assessing our GDPR readiness, identifying any gap areas and implementing the new policies, procedures and measures. We understand that continuous employee awareness and understanding is vital to the continued compliance of the GDPR and have involved our employees in our preparation plans. We have implemented an employee training procedure which has be provided to all employees prior to May 25th, 2018, and forms part of our induction and constant training.