top of page

Privacy Policy

 

Introduction and Overview

We have drafted this privacy policy (version 8.4.2024-112504401) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (short: data) we as controllers - and the data processors commissioned by us (e.g., providers) - process, will process in the future, and what lawful options you have. In short: We provide comprehensive information about the data we process about you.

Privacy policies usually sound very technical and use legal terminology. However, this privacy policy aims to describe the most important things to you as simply and transparently as possible. To the extent that it is conducive to transparency, technical terms are explained in a reader-friendly manner, and links to further information are provided. We inform you in clear and simple language that we only process personal data within the scope of our business activities if there is a corresponding legal basis. This is certainly not possible if one provides as concise, unclear, and legally technical explanations as is often standard on the internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps there is some information that you were not aware of yet.

If you still have questions, we would like to ask you to contact the responsible office mentioned below or in the imprint, follow the links provided, and view further information on third-party sites. Our contact details can of course also be found in the imprint.

Scope

This privacy policy applies to all personal data processed on this website. By personal data, we mean information as defined in Art. 4 No. 1 GDPR, such as name, email address, and postal address of a person. Processing personal data ensures that we can contact you. The scope of this privacy policy includes: this website and any email communication.

Legal Basis

In the following privacy policy, we provide you with transparent information about the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation, which allow us to process personal data. As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course read this EU General Data Protection Regulation online on EUR-Lex, the access to EU law, at https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679.

We only process your data if at least one of the following conditions applies:

Consent (Article 6 (1) (a) GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you entered in a contact form.

Legitimate interests (Article 6 (1) (f) GDPR): In the case of legitimate interests that do not override your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data to securely operate our website. This processing is therefore a legitimate interest.

Other conditions such as the exercise of official authority or the protection of vital interests do not usually apply to us. If such a legal basis should be applicable, it will be indicated at the relevant point.

In addition to the EU regulation, national laws also apply:

In Austria, this is the Federal Act concerning the Protection of Personal Data (Data Protection Act), abbreviated as DSG.

In Germany, the Federal Data Protection Act, abbreviated as BDSG, applies.

Contact Details of the Controller

If you have any questions about data protection or the processing of personal data, you will find our contact details in the imprint.

Storage Period

It is a general criterion for us to store personal data only for as long as it is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as the reason for processing the data no longer exists. If you wish to have your data deleted or revoke your consent to the processing of data, the data will be deleted as soon as possible and to the extent that there is no obligation to store it.

Rights under the General Data Protection Regulation

According to Articles 13 and 14 of the GDPR, we inform you about the following rights that you have, to ensure fair and transparent data processing:

According to Article 15 GDPR, you have the right to know whether we process data about you. If this is the case, you have the right to receive a copy of the data and to obtain the following information:

the purpose for which we process the data;

the categories, i.e., the types of data processed;

who receives this data, and if the data is transferred to third countries, how security can be guaranteed;

how long the data is stored;

the existence of the right to rectification, erasure, or restriction of processing and the right to object;

that you have the right to lodge a complaint with a supervisory authority (links to these authorities can be found below);

the origin of the data, if we did not collect it from you;

whether profiling is carried out, i.e., whether data is automatically evaluated to create a personal profile of you.

According to Article 16 GDPR, you have the right to rectify the data, which means that we must correct any errors you find.

According to Article 17 GDPR, you have the right to erasure ("right to be forgotten"), which means that you can request the deletion of your data.

According to Article 18 GDPR, you have the right to restrict processing, which means that we may only store the data but not use it further.

According to Article 20 GDPR, you have the right to data portability, which means that we will provide you with your data in a common format upon request.

According to Article 21 GDPR, you have the right to object, which, when enforced, leads to a change in the processing.

If the processing of your data is based on Article 6 (1) (e) (public interest, exercise of official authority) or Article 6 (1) (f) (legitimate interest), you can object to the processing. We will then check as soon as possible whether we can legally comply with this objection.

If data is used for direct marketing purposes, you can object to this type of data processing at any time. We may not use your data for direct marketing purposes thereafter.

If data is used for profiling purposes, you can object to this type of data processing at any time. We may not use your data for profiling purposes thereafter.

According to Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (e.g., profiling).

According to Article 77 GDPR, you have the right to lodge a complaint. This means that you can complain to the supervisory authority at any time if you believe that the processing of personal data violates the GDPR.

In short: You have rights - do not hesitate to contact the responsible office listed above!

If you believe that the processing of your data violates data protection law or if your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the Data Protection Authority, whose website you can find at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information.

bottom of page