Unfortunately, by their very nature these policies can sound quite technical. However, we have made every effort to describe the most important items as simply and clearly as possible.
Automated data storage
If you visit websites these days, a certain amount of information is created and stored automatically, as is the case with this website.
If you visit our website, as you are doing right now, our web server (the computer on which this website is stored) automatically stores data such as
- the address (URL) of the website accessed
- the browser and browser version
- the operating system being used
- the address (URL) of the previously visited site (referrer URL)
- the host name and IP address of the device from which the website is accessed
- date and time
in web server log files.
Web server log files are usually stored for two weeks and then deleted automatically. We do not pass on this data; however, we cannot rule out the fact that this data might be seen in the event of unlawful conduct.
In accordance with Article 6 Para. 1 (f) GDPR (General Data Protection Regulation) (lawfulness of processing), the legal basis consists in there being a legitimate interest in enabling fault-free operation of this website by recording web server log files.
Storage of personal data
Personal data that you transfer to us electronically on this website when sending a form or comments in the blog, such as your name, email address, address or other personal information, will be stored securely by us together with the time and IP address, and will only be used for the designated purpose in each case and will not be passed onto third parties.
Hence we only use your personal data for communication with those visitors who expressly wish contact and for processing the services and products offered on this website. We do not pass on your personal data without consent; however, we rule out the fact that this data might be seen in the event of unlawful conduct.
If you send us personal data by email – and hence outside of this website – we cannot guarantee any secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by email.
In accordance with Article 6 Para. 1 (a) GDPR (lawfulness of processing), the legal basis consists in your giving us your consent to process the data that you enter. You can revoke this consent at any time. An informal email is sufficient. You will find our contact data in the legal information.
Rights in accordance with the General Data Protection Regulation (GDPR)
In accordance with the provisions of the GDPR and the Austrian Data Protection Act [DPA], you essentially have the following rights.
- right to correction (Article 16 GDPR)
- right to deletion (“right to be forgotten”) (Article 17 GDPR)
- right to restriction of the processing (Article 18 GDPR)
- right to notification – obligation of notification in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)
- right to data portability (Article 20 GDPR)
- right to object (Article 21 GDPR)
- right not to be subject to decisions based solely on automated processing, including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law, or your legal rights to data protection are violated in another way, you can complain to the supervisory authority, which in Austria is the Data Protection Authority. Its website can be found at https://www.dsb.gv.at/.
TLS encryption with HTTPS
We use HTTPS to transfer data on the Internet in such a way that it cannot be intercepted (data protection by technical design) Article 25 Para. 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transfer on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transfer protection by the small lock symbol on the top left of the browser and use of the HTTPS schema (instead of http) as part of our Internet address.
Our website uses HTTP cookies to store user-specific data.
A cookie is a short data packet that is exchanged between the web browser and web server. However, it is completely meaningless to the web server and only becomes meaningful in the web application, e.g. for example the content of a shopping cart in an online shop,
There are two types of cookies: First-party cookies are created by our website, and third party cookies are created by other websites (e.g. Google Analytics).
Three categories of cookies are differentiated: cookies that are absolutely necessary to ensure the basic functions of the website, functional cookies to ensure the performance of the website, and targeted cookies to improve the user experience.
Viewing cookie settings and deleting cookies
If you would like to find out what cookies are stored in your browser, change your cookie settings or delete cookies, you can find this in your browser settings:
- Safari: Management of cookies and website data with Safari
- Firefox: Deleting cookies to remove data that websites have stored on your computer
- Chrome: Deleting, activating and managing cookies in Chrome
- Internet Explorer: Deleting and managing cookies
If you do not want data to be stored in cookies, then you can set up your browser so that it informs you when cookies are placed and you only allow this in individual cases. You can delete or deactivate cookies that are already on your computer at any time. The procedure for this varies depending on the browser. If you have a Chrome browser, you can search for instructions in Google using the search term “delete cookies Chrome” or “deactivate cookies Chrome”, or substitute the name of your browser for the word “Chrome”, e.g. Edge, Firefox, Safari etc.
On this website we use Google Analytics from Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA), to statistically analyze visitor data. In so doing, Google Analytics uses targeted cookies.
Google Analytics cookies
- Expiry period: 2 years
- Usage: distinguishing website visitors
- Example of value: GA1.2.1326744211.152211063807
- Expiry period: 24 hours
- Usage: distinguishing website visitors
- Example of value: GA1.2.1687193234.152211063807
- Expiry period: 1 minute
- Usage: Used to slow down the request rate. If Google Analytics is provided via the Google Tag Manager, this cookie is given the name _dc_gtm_ <property-id>.
- Example of value: 1
Creation of pseudonyms
Our interest within the meaning of the GDPR is the improvement of our offering and our website. As the privacy of our users is important to us, their user data is pseudonymized. The data are processed on the basis of the legal provisions of Section 96 Para. 3 of the Telecommunications Act [TKG] and Article 6 Para. 1 (a) of the EU GDPR (consent) and/or f (justified interest) of the GDPR.
Deactivation of data acquisition by Google Analytics
You can prevent the recording of the data generated by the cookie that is related to your use of the website by Google and the processing of this data by Google by downloading and installing the browser plug-in available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de
We use Google reCAPTCHA from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to prevent spam.
The legal basis for such use is Article 6 Para. 1 (f) GDPR ((lawfulness of processing), because there is legitimate interest in protecting this website against bots and spam.
reCAPTCHA is a free service that protects websites against spam and misuse. It uses advanced risk analysis techniques to keep people and bots separate. With the new API, a significant number of your valid human users will pass the reCAPTCHA challenge without having to solve a CAPTCHA. We use reCAPTCHA to secure forms.
By using reCAPTCHA, data is transferred to Google and used by Google to determine whether the visitor is a person or a bot (spam). You can read which data are recorded by Google and what these data are used for at https://policies.google.com/privacy?hl=de-AT.