LEGAL CENTER
Terms & Conditions
Important information: Updates to our General Terms of Service
As part of the simplification of our product range and to enable us to deliver a more efficient service, we have updated our General Terms of Service. We have also adjusted the terms to comply with EU Data Security laws and policies.
What does this mean for you
We are providing thirty (30) days notice of these changes, unless stated in specific clauses. The General Terms of Service will take effect from 25 May 2018. These will replace any existing Terms and Conditions you previously held.
Download Netigate General Terms (PDF)
For Customers of Netigate Deutschland GmbH and for the SWISS branch these separate Terms of Service apply (DACH, Deutsch).
Für Kunden der Netigate Deutschland GmbH sowie der Zweigniederlassung Schweiz gelten diese Allgemeinen Geschäftsbedingungen.
Data Processing Agreement (DPA)
Legal
Through the usage of Netigate both we and our customers contact a large amount of respondents. It is very important that our survey tool users show respect towards the respondents and their integrity. To maintain the highest level of quality in Netigate and security for our customers, we have strict rules and policies that our users must follow. Please contact Netigate to receive your copy of the Netigate General terms and conditions.
How to contact us
Stockholm – Head office
Netigate AB
Drottninggatan 29
111 51 Stockholm
Sweden
Phone: +46 (0)8 411 71 10
Org.nr: 556576-0997
Security is a highly prioritized area for us and we continuously work to maintain the highest level of security. Our servers are hosted by one of the leading providers in Sweden. All data is currently backed up and stored in multiple locations. Netigate provide systems that discover any attempts to intrude and immediately notify us if that situation should occur. Access to the service is blocked while the investigation takes place.
The general terms and conditions regulate the usage of Netigate. We care about our customers and the respondents that receive surveys through Netigate. Therefore we have a strict policy against spam.
To be able to give you as a visitor on our web site a smooth and personal experience we use cookies. Learn more about cookies and how we respect and protect your privacy.
The information contained in this website (not the survey tool) is for general information purposes only. The information is provided by Netigate AB in Sweden and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.
Through this website you might be able to link to other websites which are not under the control of Netigate AB, Sweden. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, Netigate AB in Sweden, takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.
Cookies & Privacy
To give you as a visitor a smooth and personal experience we use cookies. By using this website and agreeing to our cookie settings you consent to the processing of data by Netigate in accordance with the terms of this policy.
Cookies are small text files that can be used by websites to make a user's experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
Data stored as necessary cookies are for example:
- Browsername/ -version
- Operating System
- Referrer URL
- Hostname (IP Adress)
- Time of the server request
- Font preferences
- Cookie Consent
We use cookies to personalise your experience, content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.
Netigate follows a strict anti spam-policy in accordance with the GDPR guidelines.
Your cookie consent applies to the following domain(s): https://netigate.net, https://enterprise.netigate.net, https://success.netigate.net/
We do not use any marketing cookies such as Google Analytics on the Netigate survey tool itself on the following domains ntgt.de and https://netigate.se
Our sites uses different types of cookies depending on the user session.
We may use the following cookie types:
Session Cookies
These cookies are temporary and expire once you leave our site.
Permanent Cookies
Permanent cookies may stay on your disk for some time (up to 12 months) after the session has ended. These cookies may hold data such as login details and contact information, so that you don’t have to type them in every time you use the site. We have cookies on the login page to the Netigate tool e.g for the purpose to recognise your login email, but none once you are in a logged-in mode in your account.
First-party Cookies
First-party cookies are issued from Netigate’s domains. These cookies often serve to give memory to the website about your data and preferences.
Third-party cookies are cookies that are set by a website/service other than Netigate’s domains.
We may use the information we obtain from your use of our cookies for the following purposes:
(1) to recognise your computer when you visit our website;
(2) to track you as you navigate our website, and to enable the use of login and webforms on our website;
(3) to improve the website’s usability;
(4) to analyse the use of our website;
(5) to personalise our website for you;
(6) to save your cookie settings;
(7) to remarket our services on third party websites.
More information about each cookie, such as provider, purpose, usage and duration can be found below in our cookie declaration.
Google Analytics
Google Analytics is a software solution for webmasters and helps us to get access to e.g. user statistics and to adjust certain parts of our content regarding user needs. Cookies also help third-party providers (e.g. Google) to recognize which content and advertisements across multiple websites were interesting for users.
All cookies by Google can be identified and start with “__utma”, “__utmb”, “__utmc”, “__utmv”, “__utmz”. None of these identify you personally.
Please refer to the web analytics section of our Privacy Policy for more information
You may refuse the use of cookies by selecting the appropriate settings in your browser or by removing your consent. Please note that if you do this you may not be able to use the full functionality of our websites.
Visitors to our websites may opt out of certain types of Google Analytics tracking, customize the Google Display Network ads by using the Google Ad Preferences Manager and learn more about how Google serves ads by viewing its Customer Ads Help Center. If you do not wish to participate in Google Analytics, you may also download the Google Analytics opt-out browser add-on. You can also opt-out from interest based advertising on the Network Advertising Network.
To remove cookies that are already implemented simply reset your cookie preferences in your browser settings. If you have visited us from different web browsers you need to reset the settings in each web browser.
There might be content on our domains linking to other websites, which also use cookies. Netigate AB has no responsibility in how these websites handle and store their cookies.
Don’t hesitate to contact us if you have questions about how we use cookies.
Cookie declaration was last updated on 2018-10-22 by Netigate AB
Necessary Cookies (6)
Necessary cookies help make our website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
| Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| __cfduid [x2] | ionicframework.com | Used by the content network, Cloudflare, to identify trusted web traffic. | 1 year | HTTP Cookie |
| CookieConsent | netigate.net | Stores the user's cookie consent state for the current domain | 1 year | HTTP Cookie |
| JSESSIONID | nr-data.net | Preserves users states across page requests. | Session | HTTP Cookie |
| fonts | netigate.net | Determine what font-settings to use depending on visitor browser | Session | HTML Local Storage |
| __lc.visitor_id.# | netigate.net | Livechat cookie. This cookie is used in context with load balancing; this optimizes the response rate between the visitor and the site, by distributing the traffic load on multiple network links or disk drivers. | 999 days | HTTP Cookie |
| lc_window_state | netigate.net | Livechat cookie. This cookie is necessary for the chat-box function on the website to function. | Session | HTTP Cookie |
Preference Cookies (15)
Preference cookies enables our website(s) to remember information that changes the way our website(s) behaves or looks, like your preferred language or the region that you are in.
| Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| lang | ads.linkedin.com | Remembers the user's selected language version of a website | Session | HTTP Cookie |
| lang | linkedin.com | Set by LinkedIn when a web page contains an embedded "Follow us" panel. | Session | HTTP Cookie |
| __livechat | livechatinc.com | Used to hide the user's personal customisation of LiveChat. | 3 Years | HTTP Cookie |
| __livechat_lastvisit | livechatinc.com | Stores when the user last used LiveChat. | 3 Years | HTTP Cookie |
| 3rdparty | livechatinc.com | Used to hide the user's personal customisation of LiveChat. | Session | HTTP Cookie |
| main_window_timestamp# | livechatinc.com | Used to hide the user's personal customisation of LiveChat. | Session | HTTP Cookie |
| recent_window | livechatinc.com | Used to hide the user's personal customisation of LiveChat. | Session | HTTP Cookie |
| __lc_vv | accounts.livechatinc.com | Determins the LiveChat version. | Session | HTTP Cookie |
| __lc_cst | accounts.livechatinc.com | Livechat cookie. Used for storing the communication protocol. | 3 years | HTTP Cookie |
| __lc_mcid | accounts.livechatinc.com | Stores the Livechat visitor ID | 3 years | HTTP Cookie |
| __lc_mcst | accounts.livechatinc.com | Livechat cookie. Used for storing the communication protocol. | 3 years | HTTP Cookie |
| lc_sso9739830 | accounts.livechatinc.com | Used for storing the Livechat communication protocol | 3 years | HTTP Cookie |
| message_text | livechatinc.com | Contains text typed by visitor before Livechat message is sent | Session | HTTP Cookie |
| notification[personal_invitation] | livechatinc.com | Livechat cookie. Used for synchronization between browser's tabs in the old window. | Session | HTTP Cookie |
| notification[status_ping] | livechatinc.com | Livechat cookie. Timestamp of the last ping, information about agent availability and state of the visitor - during chatting session. | Session | HTTP Cookie |
Statistic Cookies (7)
Statistic cookies help us to understand how visitors interact with our websites by collecting and reporting information anonymously.
| Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| _ga [x2] | netigate.net | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 2 years | HTTP Cookie |
| _gat | netigate.net | Used by Google Analytics to throttle request rate | Session | HTTP Cookie |
| _gid [x2] | netigate.net, pardot.com | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | Session | HTTP Cookie |
| dtCookie | pardot.com | Unclassified | Session | HTTP Cookie |
| _omappvp | netigate.net | Used by the lead generation platform OptinMonster to determine if the visitor is returning and has visited the website before. | 11 years | HTTP Cookie |
| collect | google-analytics.com | Used to send data to Google Analytics about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels. | Session | Pixel Tracker |
| vuid | vimeo.com | Collects data on the user's visits to the website, such as which pages have been read | 2 years | HTTP Cookie |
Marketing Cookies (20)
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
| Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| _hjIncludedInSample | netigate.net | Determines if the user's navigation should be registered in a certain statistical place holder. | Session | HTTP Cookie |
| _omappvs | netigate.net | Used by the lead generation platform OptinMonster to determine if the visitor is visiting the website for the first time. | Session | HTTP Cookie |
| ads/ga-audiences | google.com | Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites. | Session | Pixel Tracker |
| bcookie | linkedin.com | Used by the social networking service, LinkedIn, for tracking the use of embedded services. | 2 years | HTTP Cookie |
| BizoID | ads.linkedin.com | This is a Microsoft MSN 1st party cookie to enable user-based content. | 29 days | HTTP Cookie |
| bscookie | linkedin.com | Used by the social networking service, LinkedIn, for tracking the use of embedded services. | 2 years | HTTP Cookie |
| fr | facebook.com | Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. | 3 months | HTTP Cookie |
| lidc | linkedin.com | Used by the social networking service, LinkedIn, for tracking the use of embedded services. | Session | HTTP Cookie |
| lpv294052 | pardot.com | Unclassified | Session | HTTP Cookie |
| MUID | bing.com | Used widely by Microsoft as a unique user ID. The cookie enables user tracking by synchronising the ID across many Microsoft domains. | 1 year | HTTP Cookie |
| MUIDB | bing.com | This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website. | 1 year | HTTP Cookie |
| om-session-pageviews | netigate.net | Used by the lead generation platform OptinMonster to count the number of pages viewed by the visitor. | Session | HTML Local Storage |
| om-session-start | netigate.net | Used by the lead generation platform OptinMonster to register the amount of time the visitor has spend on the website. | Session | HTML Local Storage |
| pardot | pardot.com | Unclassified | Session | HTTP Cookie |
| test_cookie | doubleclick.net | Used to check if the user's browser supports cookies. | Session | HTTP Cookie |
| tr | facebook.com | Unclassified | Session | Pixel Tracker |
| UserMatchHistory | ads.linkedin.com | Unclassified | 29 days | HTTP Cookie |
| visitor_id# [x2] | netigate.net, Pardot.com | Unclassified | 10 years | HTTP Cookie |
| visitor_id#-hash [x3] | pardot.com | Unclassified | 10 years | HTTP Cookie |
| _hjIncludedInSample | success.netigate.net | Determines if the user's navigation should be registered in a certain statistical place holder. | Session | HTTP Cookie |
Unclassified Cookies (5)
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
| Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| __lc_cid | accounts.livechatinc.com | Unclassified | 3 years | HTTP Cookie |
| _gcl_au | netigate.net | Unclassified | 3 months | HTTP Cookie |
| autoinvite_callback | netigate.net | Unclassified | Session | HTTP Cookie |
| omSessionPageviews | netigate.net | Unclassified | Session | HTTP Cookie |
| omSessionStart | netigate.net | Unclassified | Session | HTTP Cookie |
General Data Protection Regulation (GDPR)
Netigate is one of the leading European providers of cloud-based services for online surveys. We help organisations gain valuable insights, make better business decisions and improve processes.
While doing so, we will maintain the value of privacy and preserve the ability for you to control how your data is collected and stored in accordance with the General Data Protection Regulation.
This starts with making sure that you get clear choices about how and why data is collected and used, and ensuring that you have the information you need to make the choices that are right for you across our products and services.
Key Points of the General Data Protection Regulation (GDPR)
- New data protection laws for organizations that handle personal data within EU and EEA countries.
- GDPR will replace current data protection laws starting the 25th of May 2018.
- GDPR restricts how organizations can collect, store, and process personal data.
- GDPR aims to give each individual full control of how his/her personal data is handled.
- GDPR provides clear regulations regarding transparency connected to processing personal data.
- Strict sanctions for organizations that does not comply.
How Does the GDPR Affect Feedback Collection?
- Collecting and assessing feedback from individuals is a way of processing personal data under the GDPR.
- According to GDPR, the organisation that collects the feedback and determines the purpose of processing is the “Controller”.
- GDPR requires that a Controller process personal data in accordance with its rules and principles.
- According to GDPR, a supplier that processes personal data on behalf of the Controller assumes the role as “Processor”.
- A Controller that wants to use a Processor (for example Netigate) for their feedback collection, needs to ensure that the processor is compliant with GDPR.
- A Controller that wants to use a Processor for gathering feedback processes and procedures must enter into a Data Processing Agreement (DPA) with the Processor. Netigate has this mandatory DPA available for its customers.
Netigate and the GDPR – be on the Safe Side With us
A business with a problem that needs a solution Collecting and assessing feedback from your customers, employees or other individuals within the EU and EEA countries is considered processing personal data. Therefore, it is your responsibility to comply with GDPR as well as document your compliance. As a customer of Netigate you’re on the safe side.
GDPR Focus
One of Netigate’s highest priorities is and has always been data security. Netigate’s focus to comply with GDPR began in April 2016, when EU executed the new legal framework. As a result, Netigate assembled a dedicated GDPR team with the CEO as well as representatives from each department to ensure that every part of the company is compliant.
Located in Europe
Netigate’s headquarters are located in Stockholm, Sweden. Netigate only uses EU-based servers to ensure data protection and security. Netigate offers server locations in Germany and Sweden for our customers. Netigate only utilises certified data centers according to the international information security standard, ISO 27001.
WHO IS WHO IN THE GDPR
DATA SUBJECT
Respondent provides input into the survey, and must provide the Controller consent for processing.
CONTROLLERS
The Controller must receive legal consent (typically consent or a contractual relationship) for processing personal data. The Controller defines the purpose as well as the data lifecycle and retention time. The Controller is always in full control of the data. The Controller is the contact point for the Data Subject.
PROCESSOR
Netigate provides the software tool used by the Controller. The tool includes functionalities that allow customers to fulfill the requirements and principles in accordance with the GDPR. Netigate performs support and services. Netigate provides the required security measures. Data Processing Agreement (DPA) in place with Customer.
SUB-PROCESSOR
Netigate uses certified hosting providers across a range of data centers to meet the highest security requirements. To ensure data confidentiality, integrity, and accessibility, Netigate takes the necessary and relevant technical and organizational security measures. Data Processing Agreement (DPA) in place with Netigate.
SUB-PROCESSORS
Support and services may be provided by other entities within Netigate.
Security of Highest Standard
Netigate continues to be the first and safest choice for data security. Netigate strictly follows German security requirements since Germany maintains the highest security standards in Europe. Netigate has several action points in place that aligns with GDPR, which include the following:
- Maintain confidentiality with access control measures for systems and data
- Secured integrity by encrypted data transfers
- Availability is ensured by regular data and storage backups and disaster recovery plans
- Customer data is logically separated for each customer to ensure confidentiality and integrity
- Continuous penetration tests conducted by external third-party security providers
- Notification of data breach
Privacy and Consent
Netigate has implemented strategies and functions compliant with GDPR’s guidelines by respecting individuals’ rights to control their personal data. This is one reason why Netigate requires personal consent. As a Netigate customer (the Controller), you will always have:
- Full control of your data while using the Netigate platform. This can be accessed through the account settings. Users have the option to permanently remove all data associated with a particular Netigate account at any time.
- There are several privacy settings available, such as set data retention policies, automatic anonymising or the immediate removal of all personal data.
- There is an editable consent collection functionality available for surveys.
Detailed Documentation - for Your and our Safety
GDPR has strict requirements regarding processing documentation. The Controller is responsible for collecting documentation from the Processor. As a Netigate customer, you will have access to required documentation regarding the processing of personal data in the Netigate platform.
Employee Confidentiality
All Netigate employees operate and must abide by non- disclosure agreements. Netigate employees are also subject to privacy training and awareness. All Customer data is considered confidential. Internal access is restricted and is only granted on a need-to-know basis.
Employees are not permitted to enter customer accounts or surveys without explicit approval. Our Netigate employees know how to protect your integrity.
Legal Terms
A mandatory GDPR compliant Data Processing Agreement available (if personal data is processed).
Netigate’s work on privacy
Introduction
On May 25th, 2018, the European Union's (EU) new data protection framework, the General Data Protection Regulation (GDPR), will come into force. It is the most significant piece of data protection legislation to date and will impact any organization that processes personal data in connection with goods/services offered to an EU resident, or monitors the behaviour of persons within the EU. The GDPR strengthens individuals' privacy rights through stricter limits on the processing of their personal data, significantly expanding their rights over their data, and providing increased transparency into the nature, purpose, and utility of it.
GDPR Overview
As a regulation instead of a directive, the GDPR becomes enforceable as law in all EU member states simultaneously on this date. It replaces the separate member state implementations of data protection law, streamlining compliance by providing a single set of principles to follow.
The scope of this new regulation covers all organizations that process the personal data of EU residents or monitor individuals' behaviours conducted within the EU, regardless of the entity's location. The terms processing and personal data are defined broadly: processing involves "any operation or set of operations which is performed on personal data" and personal data means "any information relating to an identified or identifiable natural person ('data subject')." The GDPR outlines various requirements for Controllers (entities who determine the purposes and means of the processing of personal data) and Processors (entities who process personal data as directed by a Controller).
| Key Requirements | Brief Description |
|---|---|
| Data Protection by Design and Default | Controllers and Processors must incorporate data protection into new products and services that involve the processing of personal data (Design) and consider data protection issues in all business decisions (Default). |
| Lawfulness of Processing | Processing must be based on consent, performance of a contract, legal obligation, protection of vital interests, tasks carried out in the public interest, or legitimate interest balanced against the fundamental rights of data subjects. |
| Conditions for Consent | Requests for consent must be freely given, specific, informed and unambiguous through a statement or through a clear affirmative action. |
| Security of Processing | Controllers and Processors shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. |
| Data Subject Rights & Information | Controllers shall provide the information outlined in Articles 13 & 14 to Data Subjects and Data Subjects may access, correct, delete, restrict processing of, and transfer their personal data, as well as object to automated decision-making based on their personal data. |
| Data Inventory | Controllers and Processors must create centralized repositories containing records of processing activities carried out on personal data. |
| Data Protection Impact Assessments | Where a type of processing is likely to result in a high risk to the rights and freedoms of natural persons, prior to processing Controllers must carry out assessments of the impact of the envisaged processing operations on the protection of personal data. |
| Data Protection Officer | Controllers and Processors whose core activities consist of processing operations which require regular and systematic monitoring of data subjects on a large scale or large-scale processing of special categories of data must appoint a Data Protection Officer. |
| Controller-Processor Relationships | Controller and Processor relationships must be governed by binding contracts that set the terms of the processing to be performed and provide Controllers with the right to object to Sub-Processors engaged by the Processors. |
| Data Breach Reporting | In the event of a breach involving personal data, the Controller shall, where feasible, notify the relevant Supervisory Authority within 72 hours of becoming aware of it and, if there is a likely high risk to the rights and freedoms of natural persons, the affected data subjects without undue delay. |
Suggested Steps for GDPR Compliance
There are several steps that companies should take in anticipation of May 25th 2018, which Netigate have already implemented, such as:
- Form a GDPR compliance team and assign responsibilities
- Undertake a GDPR readiness assessment
- Evaluate requirements for a Data Protection Officer and appoint one if necessary
- Implement policies and procedures to respond to data subjects' rights requests
- Review and update processor and sub-processor agreements
- Create a record of personal data processing activities
- Obtain, document, and maintain a legal basis for each processing activity
- Update privacy and security policies and procedures
- Update data breach notification protocols
Additional helpful GDPR resources
Below are links to some GDPR resources which we at Netigate will continue to update as relevant regulatory authorities issue additional guidelines.
https://ico.org.uk/media/about-the-ico/consultations/2013551/draft-gdpr-consent-guidance-for-consultation-201703.pdf
http://www.eugdpr.org/gdpr-faqs.html
https://gdpr-info.eu/
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp187_en.pdf
While the content on this page is designed to help organizations understand the GDPR in connection with Netigate's services, the information contained herein may not be construed as legal advice. Organizations should consult with their own legal counsel with respect to interpreting their unique obligations under the GDPR and the use of a company's products and services to process personal data.
