Data protection policy

 

We have drafted this privacy policy (version 06.04.2019-221090680) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act (DSG), what information we collect, how we use data, and what choices you as a visitor to this website have.

Unfortunately, it is inherent to the nature of such statements that they sound very technical. However, we have made an effort to describe the most important things as simply and clearly as possible.

**Automatic Data Storage**

When you visit websites today, certain information is automatically generated and stored, including on this website.

When you visit our website, our web server (the computer on which this website is stored) automatically stores data such as:

- The address (URL) of the accessed website
- Browser and browser version
- The operating system used
- The address (URL) of the previously visited page (referrer URL)
- The hostname and IP address of the device from which access is made
- Date and time

These are stored in files (web server log files). Web server log files are usually stored for two weeks and then automatically deleted. We do not disclose this data, but we cannot rule out that this data may be viewed in the event of unlawful behavior. The legal basis, according to Article 6, Paragraph 1 f of the GDPR (lawfulness of processing), is that there is a legitimate interest in enabling the error-free operation of this website by recording web server log files.

**Storage of Personal Data**

Personal data that you transmit to us electronically on this website, such as name, email address, address, or other personal information in the context of submitting a form or comments in the blog, will be used by us only for the specified purpose, securely stored, and not disclosed to third parties.

We use your personal data only for communication with those visitors who explicitly request contact and for the processing of the services and products offered on this website. We do not disclose your personal data without consent, but we cannot rule out that this data may be viewed in the event of unlawful behavior.

If you send us personal data by email – outside of this website – we cannot guarantee secure transmission and protection of your data. We recommend that you never transmit confidential data unencrypted by email. The legal basis, according to Article 6, Paragraph 1 a of the GDPR (lawfulness of processing), is that you give us consent to process the data you entered. You can revoke this consent at any time – a simple email is sufficient, and you can find our contact details in the imprint.

**Rights According to the General Data Protection Regulation**

According to the provisions of the GDPR and the Austrian Data Protection Act (DSG), you generally have the following rights:

- Right to rectification (Article 16 GDPR)
- Right to erasure ("right to be forgotten") (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
- Right to data portability (Article 20 GDPR)
- Right to object (Article 21 GDPR)
- Right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in a way, you can complain to the supervisory authority, which in Austria is the data protection authority, whose website you can find at https://www.dsb.gv.at/.

**Evaluation of Visitor Behavior**

In the following privacy policy, we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data usually occurs anonymously, and we cannot infer your person from your behavior on this website. Learn more about options to object to this analysis of visit data in the following privacy policy.

**TLS Encryption with HTTPS**

We use https to transmit data securely over the internet (data protection through technology design Article 25 Paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission safeguard by the small lock symbol in the upper left corner of the browser and the use of the https scheme (instead of http) as part of our internet address.

**Newsletter Privacy Policy**

If you subscribe to our newsletter, you provide the above-mentioned personal data and give us the right to contact you by email. We use the data stored during the registration for the newsletter exclusively for our newsletter and do not pass it on.

If you unsubscribe from the newsletter – you will find the link for this at the bottom of every newsletter – we will delete all data that was stored when you registered for the newsletter.

For sending our newsletter, we use the newsletter service of HubSpot, operated by HubSpot Germany GmbH. You can view HubSpot's privacy policy here: https://legal.hubspot.com/de/privacy-policy.

**Google Maps Privacy Policy**

We use Google Maps from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.

By using the features of this map, data is transmitted to Google. You can read about which data is collected by Google and how this data is used at https://www.google.com/intl/de/policies/privacy/.

**Google Analytics Privacy Policy**

We use Google Analytics from Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on this website to statistically analyze visitor data. Google Analytics uses targeted cookies.

**Cookies from Google Analytics**

- _ga
  - Expiry time: 2 years
  - Use: Distinguishing website visitors
  - Example value: GA1.2.1326744211.152221090680
- _gid
  - Expiry time: 24 hours
  - Use: Distinguishing website visitors
  - Example value: GA1.2.1687193234.152221090680
- _gat_gtag_UA_
  - Expiry time: 1 minute
  - Use: Used to throttle the request rate. If Google Analytics is provided through the Google Tag Manager, this cookie is named _dc_gtm_.
  - Example value: 1
  - More information can be found at http://www.google.com/analytics/terms/de.html or https://support.google.com/analytics/answer/6004245?hl=de.

**Pseudonymization**

Our concern in terms of the GDPR is the improvement of our offer and our online presence. Because the privacy of our users is important to us, user data is pseudonymized. Data processing is based on the legal provisions of § 96 Paragraph 3 of the Austrian Telecommunications Act (TKG) and Article 6 EU-GDPR Paragraph 1 lit a (consent) and/or f (legitimate interest) of the GDPR.

**Deactivation of Data Collection by Google Analytics**

With the help of the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js), website visitors can prevent Google Analytics from using their data.

You can prevent the collection of data generated by the