We respect the privacy of our customers and other interested parties and comply with applicable laws to protect your privacy. These laws include, in particular:
This privacy notice applies to:
The following categories of data subjects are covered by this data protection notice:
The party responsible for processing your personal data under this Privacy Notice is:
Upstrive gmbH
Techno Z Urstein
Ûrstein S 15
5412 Puch bei Hallein
Austria
If you have any questions regarding data protection, please contact us at the following email address: info@upstrivesystem.com
In the following, we explain:
We process your personal data to enable the technical operation, availability, and maintenance of our applications. This includes providing the necessary infrastructure to store, manage, and deliver content and services, ensuring secure access, and supporting the reliable functioning of our online offerings.
To ensure that our website loads quickly and reliably for all users, we use a Content Delivery Network (CDN). A CDN is a network of servers distributed across different locations that helps deliver website content efficiently by storing copies of our website closer to where users are located. This improves website performance, reduces loading times, and enhances the overall user experience.
To provide secure access to our services, we process personal data for the purpose of authenticating users and managing user accounts. This ensures that only authorized individuals can access protected areas and functionalities, helps maintain the integrity and security of our systems, and enables us to manage user preferences and account-related activities efficiently. Authentication and user management are essential for delivering a personalized and secure user experience.
For push notifications on iOS devices, we use Apple's Apple Push Notification Service (APNS).
For push notifications, we use Firebase Cloud Messaging from Firebase, a Google subsidiary.
We use push notifications to display relevant messages quickly and effectively directly on your device.
For more information about Apple Services' privacy practices, please see the Apple Privacy Policy.
For more information about Firebase Cloud Messaging's terms of use and privacy practices, please visit the Firebase website.
We analyze how users interact with our application to better understand usage patterns, identify areas for improvement, and enhance the overall user experience. This helps us ensure that our application functions effectively, is easy to use, and meets the needs of our users.
We may use technologies in the form of code snippets to monitor and optimize the experience of application users.
The following technologies are in use:
We process personal data to identify, analyze, and resolve technical errors that may occur when using our offers and services. This helps us maintain the stability, security, and reliability of our services, ensuring that issues are detected and fixed promptly so that your experience remains smooth and secure.
We use the “Sentry” service provided by the US company “Functional Software, Inc” to detect and fix errors that could impair our service.
Further information on data protection when using Sentry can be found in the Sentry Privacy Policy.
Interest based on the legal basis: Ensure the proper functioning, security, and continuous improvement of our offers and services by identifying and resolving technical issues.
With our application "Upstrive Education" we offer the following service: Wellbeing measurment and management. In this subsection, we outline data processed and third-party service providers involved for the direct provisioning of our services.
We process your personal data when you contact us via e-mail in order to respond to your inquiries, provide you with requested information, or otherwise communicate with you. This enables us to address your questions, support requests, or other concerns efficiently and effectively.
We retain your personal data only for as long as necessary to fulfill the purposes described in this privacy notice, or as long as required by contractual or legal retention obligations. Once your personal data is no longer needed for these purposes, or when applicable retention periods have expired, your data will be deleted or anonymized in accordance with applicable data protection laws
We safeguard personal data by implementing appropriate technical and organizational measures in accordance with applicable data protection laws and recognized industry standards. These measures include, where feasible, the pseudonymization and encryption of personal data both in transit and at rest. Our security practices are regularly reviewed and updated to ensure the ongoing confidentiality, integrity, and availability of your personal information.
If you have given your consent to the processing of your personal data for a specific purpose based on Art. 6 para. 1 lit. a GDPR, you can withdraw this consent at any time. The lawfulness of the processing of the personal data until the withdrawal is not affected by the withdrawal.
We only transfer or disclose your personal data to third parties when required by applicable law, regulation, or legal process, or when it is necessary for the performance or provision of our services to you. In all cases, we ensure that any transfer of your personal data complies with relevant data protection laws, including the General Data Protection Regulation (GDPR) where applicable. Third-party data processors process personal data only as necessary to deliver the agreed-upon services, in accordance with our instructions and applicable data protection agreements. We do not sell your personal data to third parties. If we intend to use your personal data for purposes that require your consent under applicable law, we will obtain your explicit consent beforehand.
You have the right to request at any time information about the personal data we store about you and to receive a copy of that information. Furthermore, you have the right to obtain confirmation as to whether the personal data in question is being processed.
Should your data be inaccurate or incomplete, we will rectify it upon request.
If we process your personal data in an automated way based on your consent or based on a corresponding agreement, you have the right to request a copy of your data in a structured, commonly used, and machine-readable format, which can be sent to you or another party. This right applies only to the personal data that you have provided to us.
You have the right to request that we restrict the processing of your personal data under certain circumstances.
You have the right to have the personal data processed by us deleted, insofar as this is legally permissible.
You can object to the processing of your personal data, for example, by not using certain services. If you object to the processing of your personal data for certain purposes, this may result in the inability to use the services concerned.
If you believe that we are not processing your personal data correctly, you can contact us. You also have the right to lodge a complaint with a supervisory authority. For more information on the supervisory authorities in the European Union, please click here.
All rights can be exercised by sending an e-mail to the contact named at the beginning of this privacy notice.
To ensure the protection of your personal data when it is transferred outside the European Economic Area (EEA), we rely on recognized legal mechanisms in accordance with the General Data Protection Regulation (GDPR).
On July 10, 2023, the European Commission adopted an adequacy decision under Article 45(1) GDPR for the EU-US Data Privacy Framework (DPF). This means that personal data can be lawfully transferred from the EEA to organizations in the United States that participate in the DPF, as these organizations are considered to provide an adequate level of data protection equivalent to that of the EU.
If we engage a US service provider that is not certified under the Data Privacy Framework, we will clearly inform you in this privacy notice and specify the alternative legal safeguards in place for such transfers (for example, Standard Contractual Clauses approved by the European Commission).
Regardless of the transfer mechanism, you retain all rights provided under the GDPR, including the right to access, rectify, erase, or restrict the processing of your personal data, as well as the right to lodge a complaint with a supervisory authority.
For more details about the EU-US Data Privacy Framework and the adequacy decision, you can visit the European Commission’s website.
In order to enable data transfer to countries without an adequacy decision, the EU Commission has drawn up standard contracts (standard contractual clauses). These standard contractual clauses require contractual partners to adhere to a level of data protection comparable to that in the EU. These contractual texts are made available on the European Commission's website. Standard contractual clauses are abbreviated to “SCC”.
We may update this privacy notice occasionally to reflect changes in our data processing practices, legal requirements, or other operational needs. Any modifications will be published on this page, and the "Date of publication" below will be updated accordingly. We encourage you to review this notice periodically to stay informed about how we protect your personal data.
Date of publication of the current version: 03.06.2026
This privacy notice is generated and provided by the Metasoul privacy notice generator.