Welcome to Triagonal.
We offer internet based solutions (f.ex. websites, e-learning, etc.) and IT-services to our companies and various organisations. While doing so, we seek to keep personal information private and secure.
Within this policy, you’ll find our rules for the protection of your personal data, which is stored on Triagonal.
Triagonal is a Service held by a legal person Triagonal, who processes Personal data on behalf of its Clients & Users.
Clients & Users can reach Triagonal via firstname.lastname@example.org or from the feature “Contact” in www.triagonal.net.
The legal address of Triagonal is Herrengasse 21, FL-9490 Vaduz, Liechtenstein
Personal Data – any information relating to an identified or identifiable natural person
User – A person (maybe including you) using Triagonal’s service
Client – A company or an organisation using Triagonal’s service. The client is organized by staff members (e.g. managers and/or employees etc.).
Service – Triagonal software used by Clients & Users located in the web and mobile apps of Triagonal, including but not limited to Triagonal.net, Coach Diary App, Player App, Parent App, Pro Player App.
GDPR – European Union’s General Data Protection Regulation (Regulation (EU) 2016/679)
3. The purposes and legal basis for the processing
The legal basis for processing of personal data is to provide the Service in accordance with Triagonal’s Terms of Service. Triagonal may also process data upon User’s freely given, specific, informed and unambiguous consent, asking for it as appropriate.
Every client has the right to withdraw consent at any time by deleting such data from the Service.
4. Categories of Personal Data concerned
Depending on the User type, the categories of personal data submitted to Triagonal may vary.
- Name and email address are required for all Clients & Users in order to access the Service.
- Other information, e.g. User’s personal information, health data, contacts, attendance data, etc. is optional and can be stored by:
- Clients (& their staff members) who should have independent agreements with the Clients & Users to do that;
- Users themselves who store it for their own benefit.
5. Recipients of Personal Data
If a User has a linked account with a Client in Triagonal, User’s Personal Data is provided to staff members oft hat client. A User should have an agreement with the Client to handle such information. Other Clients & Users cannot see Users’ Personal Data, except the list of Clients & Users who are also participating in data shared by the client to third parties in the Service.
Triagonal may review and analyze anonymous data Clients & User enters about workouts, exercise, and anything they choose to track, without written consent, and use it for further developments of the Service and to publish it for scientific purposes.
Triagonal may disclose information to third parties if a User gives consent for doing so, as well as in the following circumstances:
- Triagonal uses sub-processors, when necessary, to offer Service to the Clients & Users, including but not limited to support, server and messaging service providers. In addition, Triagonal uses customer relations management software (CRM) to offer better support to Clients, get a better overview of them and to reach them faster. The third parties needed to offer the Service are mostly located in Europe.
Triagonal has evaluated that all the other data processors also offer sufficient data protection. Third parties are only sent the minimum required amount of data.
- Triagonal may disclose Personal Data or other information if required to do so by law.
6. The storage period
Server service provider backs up data once a day and those copies are kept for two weeks. Triagonal also retains Personal Data to comply with legal obligations (i.e. billing information is retained for a period of 7 years in accordance with the local accounting and taxation laws), resolve disputes and enforce agreements. Triagonal makes backups once a week, and these are kept for six months.
7. The rights of the data subject
- Clients & Users have the right to access their Personal Data stored in Triagonal any time, by logging into their account or accessing it from the mobile apps.
Clients & Users have the right to correct or update their account information any time by accessing their account.
Triagonal deletes the account (including Personal Data) within 30 days after receiving the request.
If User’s account is linked to a Client, User should ask this Client to delete their data.
Clients & Users also have the right to restrict processing of the data while complaints (for example, about accuracy) are resolved, or if the processing is unlawful, but the User objects to erasure. Further instructions and activities rely upon the specific request.
Accounts are mainly linked with a Client, and the processing is often required by the Client to provide their services.
- Clients & Users have the right to export their data from Triagonal.
Triagonal exports data within 30 days after receiving the request.
8. Data security
Triagonal maintains appropriate administrative, technical and physical safeguards to protect Personal Data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Data in Triagonal’s possession. This includes, for example, password protection, resilience of processing systems, backing up Personal Data and https connection with encryption. Please note that Triagonal cannot guarantee full security for unauthorized entry or use of User’s account password or User’s software or hardware failure.
9. The right to lodge a complaint with a supervisory authority
If User finds that his/her rights have been violated, User has the right to submit a claim to Liechtensteinische Datenschutzstelle (e-mail: email@example.com or phone +423 236 60 90) or other supervisory authority in EC Member State User’s habitual residence, place of work or place of the alleged infringement or court.
10. Processing of childrens' data
Users under the age of 16 need to provide parental consent to use the Service. If someone under 16 has provided personal information to the Service without parental consent, reasonable efforts are used to restrict processing of such information in the Service until parental consent is attained.
11. Communication in relation to data breaches
In case of a Personal Data breach, Triagonal will without undue delay, and where feasible, notify the Clients & Users and authorities in accordance with applicable law.
12. Emails from Triagonal
Triagonal informs that occasional emails are sent about important events in the Service or related to it. Emails are sent to the email address User has submitted to the Service.
Triagonal does not use User emails for sending third-party advertisements.
Triagonal uses third-party analytics tools (mainly Google Analytics) which helps to measure traffic and usage trends on Triagonal’s website. These tools collect analytics information from Clients & Users so that it cannot be reasonably used to identify any particular individual User.
For additional website usage data, Triagonal also uses two types of cookies – session ID cookie and language cookie. They will not be shared with any other organization.
Session ID cookie is a unique number that is assigned to a User upon webpage visit and allows to identify when a User returns to the webpage. The session ID is stored for two days, after which it is automatically deleted.
Language cookie is used for presetting User’s language preference while using the website. Language cookie is stored for 28 days, after which it is automatically deleted.
14. Data Controller and Data Processor
- Triagonal highlights that Triagonal does not own, control or direct the use of any of the Personal Data stored or processed by a User via the Service. Only Clients & Users are entitled to access, retrieve and direct the use of such data.
- Triagonal is largely unaware of what Personal Data is actually being stored or made available by a Client & User to the Service. Triagonal does not directly access such data except as authorized by the Client & User or if necessary to provide Services to the Clients & Users.
- Triagonal does not collect or determine the use of any Personal Data or the purposes for which Personal Data is collected. Therefore Triagonal cannot be considered data controller in terms of the GDPR and does not have the associated responsibilities under the GDPR.
- Triagonal should be considered as a processor on behalf of its Clients & Users.
- The Clients & Users are the data controllers under the GDPR, meaning that the Clients & Users control the manner such Personal Data is collected and used as well as the determination of the purposes and means of the processing of such Personal Data.
- Triagonal is not responsible for the content of the Personal Data contained or other information stored on its (or its subcontractors’) servers nor is Triagonal responsible for the manner in which the User processes such information.
15. Updates to this policy
If Triagonal makes any changes to this policy, Clients & Users are also notified of the changes through a notification on the website or in our mobile app.
Last update 25.05.2018.