Privacy Policy
Table of Contents
- Introduction and Overview
- Scope of Application
- Legal Basis
- Contact Details of the Data Controller
- Data Retention Period
- Rights under the General Data Protection Regulation (GDPR)
- Data Transfer to Third Countries
- Security of Data Processing
- Communication
- Cookies
- Web Hosting – Introduction
- Website Builder Systems – Introduction
- Web Design – Introduction
- Online Map Services – Introduction
- Explanation of Used Terms
- Conclusion
Introduction and Overview
We have prepared this Privacy Policy (version 11.12.2025-113087545) in order to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (in short: data) we, as the controller — and the processors commissioned by us (e.g. providers) — process, will process in the future, and which lawful options are available to you. The terms used are to be understood as gender-neutral. In short: We provide comprehensive information about the data we process about you.
Privacy policies are usually very technical and use legal terminology. This
privacy policy, however, is intended to describe the most important aspects for you as simply and transparently as possible. Wherever it helps to promote transparency, technical terms are explained in a reader-friendly manner, links to further information are provided, and graphics are used. We therefore inform you in clear and simple language that, within the scope of our business activities, we only process personal data when an appropriate legal basis exists. This would certainly not be possible if we provided explanations that are as brief, unclear, and legally technical as those that are often standard on the Internet
when it comes to data protection. I hope you find the following explanations interesting and informative and
perhaps there is one or another piece of information that you were not yet familiar with.
If any questions should still remain, we kindly ask you to contact the responsible entity listed below or in the legal notice, to follow the existing links, and to view further information on third-party websites. Of course, you can also find our contact details in the legal notice.
Scope of Application
This Privacy Policy applies to all personal data processed by us within the company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information within the meaning of Article 4(1) GDPR, such as a person’s name, email address, and postal address. The processing of personal data enables us to offer and bill our services and products, whether online or offline. The scope of application of this Privacy Policy includes:
- all online presences (websites, online shops) that we operate
- social media presences and email communication
- mobile apps for smartphones and other devices
In short: The Privacy Policy applies to all areas in which personal data are processed in a structured manner within the company via the channels mentioned above. If we enter into legal relationships with you outside of these channels, we will inform you separately where applicable.
Legal Basis
In the following Privacy Policy, we provide you with transparent information about the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which allow us to process personal data.
Was das EU-Recht betrifft, beziehen wir uns auf die VERORDNUNG (EU) 2016/679 DES EUROPÄISCHEN PARLAMENTS
UND DES RATES vom 27. April 2016. Diese Datenschutz-Grundverordnung der EU können Sie selbstverständlich
online auf EUR-Lex, dem Zugang zum EU-Recht, unter https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679 nachlesen.
We process your data only if at least one of the following conditions applies:
- Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of the data you entered in a contact form.
- Contract (Article 6(1)(b) GDPR): In order to perform a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase agreement with you, we require personal information in advance.
- Legal obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally required to retain invoices for accounting purposes. These usually contain personal data.
- Legitimate interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not override your fundamental rights, we reserve the right to process personal data. For example, we must process certain data in order to operate our website securely and in an economically efficient manner. This processing therefore constitutes a legitimate interest.
Further conditions, such as the performance of tasks carried out in the public interest or in the exercise of official authority, as well as the protection of vital interests, generally do not apply in our case. Should such a legal basis nevertheless be relevant, it will be indicated at the appropriate place.
In addition to the EU Regulation, national laws also apply:
- In Austria, this is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Data Protection Act), in short DSG.
- In Germany, the Federal Data Protection Act, in short BDSG, applies.
If further regional or national laws apply, we will inform you about them in the following sections.
Contact Details of the Data Controller
If you have any questions regarding data protection or the processing of personal data, you will find the contact details of the controller pursuant to Article 4(7) of the EU General Data Protection Regulation (GDPR) below:
Weitblick GmbH
Frederick Lins
Im Hag 16b
A-6840 Götzis
Austria
Email:
frederick.lins(at)weitblick-gmbh.org
Phone: 0664/8824773
Data Retention Period
We consider it a general principle that we store personal data only for as long as it is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as the reason for processing the data no longer exists. In some cases, we are legally obliged to retain certain data even after the original purpose has ceased to apply, for example for accounting purposes.
If you wish to have your data deleted or to withdraw your consent to data processing, the data will be deleted as quickly as possible, provided there is no obligation to retain the data.
We will inform you further below about the specific duration of the respective data processing, provided that we have additional information available.
Rights under the General Data Protection Regulation (GDPR)
- According to Article 15 of the GDPR, you have the right to know whether we process your data. If this is the case, you have the right to receive a copy of the data and to obtain the following information:
- the purposes for which the processing is carried out;
- the categories, i.e. the types of data, that are processed;
- the recipients of the data and, if the data are transferred to third countries, how appropriate safeguards are ensured;
- the period for which the data are stored;
- the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
- the right to lodge a complaint with a supervisory authority (links to these authorities can be found below);
- the origin of the data, if we did not collect them directly from you;
- whether profiling is carried out, i.e. whether data are automatically evaluated in order to create a personal profile about you.
- Pursuant to Article 16 GDPR, you have the right to rectification of data, which means that we must correct data if you discover any inaccuracies.
- Pursuant to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which specifically means that you may request the deletion of your data.
- Pursuant to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but no longer use them.
- Pursuant to Article 20 GDPR, you have the right to data portability, which means that we will provide you with your data in a commonly used format upon request.
- Pursuant to Article 21 GDPR, you have the right to object, which, once exercised, results in a change to the processing.
- Werden Daten verwendet, um Direktwerbung zu betreiben, können Sie jederzeit gegen diese Art der Datenverarbeitung widersprechen. Wir dürfen Ihre Daten danach nicht mehr für Direktmarketing verwenden.
- If data are used for direct marketing purposes, you may object to this type of data processing at any time. We may no longer use your data for direct marketing thereafter.
- If data are used for profiling purposes, you may object to this type of data processing at any time. We may no longer use your data for profiling thereafter.
- Pursuant to Article 22 GDPR, you may, under certain circumstances, have the right not to be subject to a decision based solely on automated processing (for example, profiling).
- Pursuant to Article 77 GDPR, you have the right to lodge a complaint. This means that you may lodge a complaint with a data protection authority at any time if you believe that the processing of personal data violates the GDPR.
In short: You have rights — do not hesitate to contact the controller listed above. If you believe that the processing of your data violates data protection law or that your data protection rights have been infringed, you may lodge a complaint with the supervisory authority. For Austria, this is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/ In Germany, there is a data protection authority for each federal state. For further information, you may contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) The following local data protection authority is responsible for our company:
Austrian Data Protection Authority
Head: Dr Matthias Schmidl
Address: Barichgasse 40–42, 1030 Vienna
Telephone number: +43 1 52 152-0
Email address: dsb@dsb.gv.at
Website: https://www.dsb.gv.at/
Data Transfer to Third Countries
We transfer or process data in countries outside the scope of the GDPR (third countries) only if you have consented to such processing or if another legal authorization exists. This applies in particular if the processing is required by law or is necessary for the performance of a contractual relationship and, in any case, only to the extent that such processing is generally permitted. In most cases, your consent is the primary basis on which we arrange for data to be processed in third countries. The processing of personal data in third countries, such as the United States, where many software providers offer services and maintain server locations, may result in personal data being processed and stored in ways that are not always foreseeable.
We expressly point out that, in the opinion of the European Court of Justice, an adequate level of protection for the transfer of data to the United States currently exists only if a U.S. company that processes personal data of EU citizens in the United States is an active participant in the EU–U.S. Data Privacy Framework. More information on this can be found at:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
The processing of data by U.S. services that are not active participants in the EU–U.S. Data Privacy Framework may result in data being processed and stored without anonymization. Furthermore, U.S. governmental authorities may, in some cases, gain access to individual data. In addition, collected data may be linked with data from other services of the same provider, provided that you have a corresponding user account. Wherever possible, we endeavor to use server locations within the European Union, where such options are available.
We provide more detailed information about data transfers to third countries at the appropriate places in this Privacy Policy, where applicable.
Security of Data Processing
In order to protect personal data, we have implemented both technical and organizational measures. Wherever possible, we encrypt or pseudonymize personal data. In doing so, we make it as difficult as possible, within the scope of our capabilities, for third parties to draw conclusions about personal information from our data.
Article 25 GDPR refers to “data protection by design and by default” and means that both software (e.g. forms) and hardware (e.g. access to server rooms) must always be designed with security in mind and appropriate measures must be implemented. Where necessary, we will address specific measures in more detail below.
TLS encryption with HTTPS
TLS, encryption, and HTTPS sound very technical — and they are. We use HTTPS (Hypertext Transfer Protocol Secure) to transmit data securely over the Internet.
This means that the entire transmission of all data from your browser to our web server is secured, and no third party can “eavesdrop”.
By doing so, we have introduced an additional layer of security and comply with data protection by design (Article 25(1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we are able to ensure the protection of confidential data.
You can recognize the use of this data transmission security by the small padlock icon
in the upper left of the browser, to the left of the internet address (e.g. beispielseite.de), and by the use of the https scheme (instead of http) as part of our internet address.
If you would like to learn more about encryption, we recommend searching Google for “Hypertext Transfer Protocol Secure wiki” to find useful links with further information.
Communication
| Communication Summary 👥 Data subjects: All persons who communicate with us via telephone, email, or online forms 📓 Data processed: e.g., telephone number, name, email address, form data entered. More details can be found under the respective contact method used. 🤝 Purpose: Handling communication with customers, business partners, etc. 📅 Storage period: Duration of the business case and legal requirements ⚖️ Legal basis: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract), Art. 6(1)(f) GDPR (legitimate interests) |
If you contact us and communicate with us via telephone, email, or an online form, personal data may be processed.
The data are processed for the handling and processing of your inquiry and the related business transaction. The data are stored for as long as necessary for this purpose or for as long as required by law.
Affected persons
The aforementioned processes affect everyone who contacts us via the communication channels we provide.
Phone
When you call us, the call data is stored in pseudonymised form on the respective end device and by the telecommunications provider used. In addition, data such as your name and telephone number may be sent by email and stored for the purpose of responding to your enquiry. The data will be deleted as soon as the business transaction has been completed and legal requirements permit.
If you communicate with us via email, data may be stored on the respective end device (computer, laptop, smartphone, etc.), and data will also be stored on the email server. The data are deleted as soon as the business transaction has been completed and legal requirements permit.
Online Forms
If you communicate with us via an online form, data are stored on our web server and may be forwarded to one of our email addresses. The data are deleted as soon as the business transaction has been completed and legal requirements permit.
Legal Basis
The processing of data is based on the following legal grounds:
- Art. 6(1)(a) GDPR (consent): You give us your consent to store your data and to further use it for purposes related to the respective business transaction;
- Art. 6(1)(b) GDPR (contract): There is a necessity to perform a contract with you or with a processor, such as a telecommunications provider, or we must process the data for pre-contractual measures, such as the preparation of an offer;
- Art. 6(1)(f) GDPR (legitimate interests): We aim to handle customer inquiries and business communication in a professional manner. For this purpose, certain technical facilities, such as email programs, Exchange servers, and mobile network operators, are necessary in order to operate communication efficiently.
Cookies
Cookies Summary
👥 Affected persons: Visitors to the website
🤝 Purpose: depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.
📓 Data processed: Depends on the specific cookie used. More details can be found below or on the website of the software provider that sets the cookie.
📅 Storage period: depending on the cookie, this can vary from hours to years.
⚖️ Legal basis: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)
What are cookies?
Our website uses HTTP cookies to store user-specific data.
Below, we explain what cookies are and why they are used so that you can better understand the following privacy policy.
Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
One thing cannot be denied: cookies are really useful little helpers. Almost all websites use cookies. More specifically, they use HTTP cookies, as there are other types of cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is essentially the ‘brain’ of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits the ‘user-related’ information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our website, while third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration period of a cookie also varies, ranging from a few minutes to several years. Cookies are not software programs and do not contain viruses, trojans, or other “malware”. Cookies also cannot access information on your PC.
Cookie data may look like this, for example:
Name: _ga
Value: GA1.2.1326744211.152113087545-9
Intended use: Differentiation of website visitors
Expiry date: after 2 years
A browser should be able to support these minimum sizes:
- At least 4096 bytes per cookie
- At least 50 cookies per domain
- At least 3,000 cookies in total
What types of cookies are there?
The question of which cookies we use specifically depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.
There are four types of cookies:
Essential cookies
These cookies are necessary to ensure basic website functionality. For example, these cookies are needed when a user adds a product to their shopping basket, then continues browsing other pages and only proceeds to checkout later. These cookies ensure that the shopping basket is not deleted, even if the user closes their browser window.
Functional cookies
These cookies collect information about user behaviour and whether the user receives any error messages. These cookies are also used to measure the loading time and behaviour of the website in different browsers.
Targeted cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.
Advertising cookies
These cookies are also known as targeting cookies. They are used to deliver personalised advertising to the user. This can be very practical, but also very annoying.
When you visit a website for the first time, you are usually asked which types of cookies you would like to allow. And, of course, this decision is also stored in a cookie.
If you would like to know more about cookies and are not afraid of technical documentation,
we recommend: https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments from the Internet Engineering Task Force (IETF) entitled ‘HTTP State Management Mechanism’.
Purpose of processing via cookies
The purpose ultimately depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.
What data is processed?
Cookies are little helpers for many different tasks. Unfortunately, it is not possible to generalise about what data is stored in cookies, but we will inform you about the data processed or stored in the following privacy policy.
Cookie storage period
The storage period depends on the cookie in question and is specified below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years.
You also have control over how long cookies are stored. You can manually delete all cookies at any time via your browser (see also ‘Right to object’ below). Furthermore, cookies based on consent will be deleted at the latest after you revoke your consent, whereby the legality of the storage remains unaffected until then.
Right to object – how can I delete cookies?
You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete, deactivate or only partially allow cookies. For example, you can block third-party cookies but allow all other cookies.
If you want to find out which cookies have been stored in your browser, or if you want to change or delete cookie settings, you can find this in your browser settings:
- Chrome: Delete, enable and manage cookies in Chrome
- Safari: Managing cookies and website data with Safari
- Firefox: Delete cookies to remove data that websites have stored on your computer
- Internet Explorer: Deleting and managing cookies
- Microsoft Edge: Deleting and managing cookies
If you do not want cookies at all, you can set your browser to always inform you when a cookie is about to be set. This allows you to decide whether to accept or reject each individual cookie. The procedure varies depending on the browser. The best way to find the instructions is to search Google using the search term ‘delete cookies Chrome’ or ‘disable cookies Chrome’ if you are using the Chrome browser.
Legal Basis
The so-called ‘cookie guidelines’ have been in place since 2009. These stipulate that the storage of cookies is a consent (Article 6(1)(a) GDPR) requires you to do so. However, there are still very different responses to these guidelines within EU countries. In Austria, however, this guideline was implemented in Section 165(3) of the Telecommunications Act (2021). In Germany, the cookie guidelines have not been implemented as national law. Instead, this directive has largely been implemented in Section 15(3) of the Telemedia Act (TMG), which was replaced by the Digital Services Act (DDG) in May 2024.
Essential cookies are permitted even without consent. legitimate interests (Article 6(1)(f) GDPR), which are mostly of an economic nature. We want to provide visitors to the website with a pleasant user experience, and certain cookies are often essential for this.
If cookies that are not absolutely necessary are used, this will only happen with your consent. The legal basis for this is Art. 6(1)(a) GDPR.
The following sections provide more detailed information about the use of cookies, provided that the software used employs cookies.
Web Hosting – Introduction
Webhosting Summary
👥 Affected persons: Visitors to the website
🤝 Purpose: professional hosting of the website and securing its operation
📓 Data processed: IP address, time of website visit, browser used, and other data. More details can be found below or on the website of your web hosting provider.
📅 Storage period: depends on the provider, but usually 2 weeks
⚖️ Legal basis: Art. 6(1)(f) GDPR (legitimate interests)
What is Webhosting?
When you visit websites today, certain information – including personal data – is automatically generated and stored, and this website is no exception. This data should be processed as sparingly as possible and only when justified. By website, we mean all web pages on a domain, i.e. everything from the home page to the very last subpage (such as this one). By domain, we mean, for example, example.co.uk or sampleexample.com.
If you want to view a website on a computer, tablet or smartphone, you use a programme called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari. We refer to them simply as browsers or web browsers.
To display the website, the browser must connect to another computer where the website code is stored: the web server. Operating a web server is a complicated and time-consuming task, which is why it is usually handled by professional providers. These providers offer web hosting and thus ensure reliable and error-free storage of website data. That's a lot of technical terms, but please hang in there, it gets even better!
When the browser on your computer (desktop, laptop, tablet or smartphone) establishes a connection and during data transmission to and from the web server, personal data may be processed. On the one hand, your computer stores data, and on the other hand, the web server must also store data for a period of time to ensure proper operation.
Why do we process personal data?
The purposes of data processing are:
- Professional website hosting and operational security
- to maintain operational and IT security
- Anonymous evaluation of access behaviour to improve our offering and, if necessary, for criminal prosecution or the pursuit of claims.
What data is processed?
When you visit our website, our web server – i.e. the computer on which this website is hosted – automatically stores the following data as a rule:
- the full internet address (URL) of the website accessed
- browser type and browser version (e.g. Chrome 87)
- the operating system used (e.g. Windows 10)
- the address (URL) of the previously visited page (referrer URL), for example: https://www.example-referrer-site.com/how-you-got-here/
- the host name and IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
- date and time
- this data is stored in files known as web server log files
How long is data stored?
As a rule, the above data is stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out the possibility that it may be accessed by authorities in the event of unlawful behaviour.
In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we will not pass on your data without your consent!
Legal Basis
The lawfulness of the processing of personal data in the context of web hosting is based on Article 6(1)(f) GDPR (legitimate interests), as the use of a professional hosting provider is necessary in order to present the company securely and user-friendly on the internet and to be able to trace and defend against attacks and claims if required.
As a rule, a data processing agreement pursuant to Article 28 GDPR is concluded between us and the hosting provider, which ensures compliance with data protection requirements and guarantees data security.
External Web Hosting Provider – Privacy Policy
Below you will find the contact details of our external hosting provider, where you can obtain further information on data processing in addition to the information provided above:
polymorph e.U.
Margaretenstraße 133/3/68
1050 Vienna
Austria
Website Builder Systems – Introduction
Website Builder Systems Privacy Policy – Summary
👥 Affected persons: Visitors to the website
🤝 Purpose: Optimization of our services
📓 Data processed: Data such as technical usage information like browser activity, clickstream activity, session heatmaps, as well as contact details, IP address, or your geographic location. More details can be found below in this privacy policy and in the providers' privacy policies.
📅 Storage period: Depends on the provider
⚖️ Legal bases: Article 6(1)(f) GDPR (legitimate interests), Article 6(1)(a) GDPR (consent)
What are website builder systems?
We use a website builder system for our website. Website builder systems are special forms of content management systems (CMS). With a builder system, website operators can create websites very easily and without programming knowledge. In many cases, web hosting providers also offer builder systems. By using a website builder system, personal data may also be collected, stored, and processed. In this privacy policy, we provide you with general information about data processing by website builder systems. More detailed information can be found in the privacy policy of the respective provider.
Why do we use website builder systems for our website?
The main advantage of a website builder system is its ease of use. We want to provide you with a clear, simple, and well-structured website that we can operate and maintain ourselves—without external support. Website builder systems now offer many helpful features that we can use even without programming knowledge. This allows us to design our web presence according to our needs and to offer you an informative and pleasant experience on our website.
What data is stored by a website builder system?
The specific data that is stored naturally depends on the website builder system used. Each provider processes and collects different data from website visitors. However, as a rule, technical usage information is collected, such as the operating system, browser, screen resolution, language and keyboard settings, hosting provider, and the date of your website visit. In addition, tracking data (e.g. browser activity, clickstream activities, session heatmaps, etc.) may be processed. Personal data may also be collected and stored. This usually includes contact details such as email address, telephone number (if provided), IP address, and geographic location data. Information on which data is stored in detail can be found in the privacy policy of the respective provider.
How long and where is the data stored?
We provide further information below regarding the duration of data processing in connection with the website builder system used, insofar as we have additional information. Detailed information can be found in the provider’s privacy policy. In general, we process personal data only for as long as it is strictly necessary to provide our services and products. It is possible that the provider stores your data according to its own criteria, over which we have no influence.
Right to object
You always have the right to access, rectification, and deletion of your personal data. If you have any questions, you may also contact the controller of the website builder system used at any time. Contact details can be found either in our privacy policy or on the website of the respective provider.
Cookies used by the provider for their functions can be deleted, deactivated, or managed in your browser. Depending on the browser you use, this works in different ways. Please note, however, that not all functions may work as intended if cookies are disabled.
Legal Basis
We have a legitimate interest in using a website builder system to optimize our online services and to present them to you in an efficient and user-friendly manner. The corresponding legal basis is Article 6(1)(f) GDPR (legitimate interests). Nevertheless, we only use the website builder system insofar as you have given your consent.
Where the processing of data is not strictly necessary for the operation of the website, data is processed solely on the basis of your consent. This applies in particular to tracking activities. The legal basis in this case is Article 6(1)(a) GDPR (consent).
With this privacy policy, we have provided you with the most important general information regarding data processing. If you wish to obtain more detailed information, you will find further details – where available – in the following sections or in the privacy policy of the respective provider.
WordPress.com Privacy Policy
WordPress.com Datenschutzerklärung Zusammenfassung
👥 Affected persons: Visitors to the website
🤝 Purpose: Optimization of our services
📓 Data processed: Data such as technical usage information like browser activity, clickstream activity, session heatmaps, as well as contact details, IP address, or your geographic location. More details can be found below in this privacy policy.
📅 Storage period: Depends primarily on the type of data stored and the specific configuration settings.
⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)
What is WordPress?
We use the well-known content management system WordPress.com for our website. The service provider is the US-based company Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA.
Founded in 2003, the company developed within a relatively short period into one of the most widely used content management systems (CMS) worldwide. A CMS is software that helps us design and organize our website and its content in an appealing and structured way. Content may include text, audio, and video.
By using WordPress, personal data may also be collected, stored, and processed. As a rule, this mainly includes technical data such as operating system, browser, screen resolution, or hosting provider. However, personal data such as IP address, geographic data, or contact details may also be processed.
Why do we use WordPress on our website?
We have many strengths, but advanced programming is not one of our core competencies.
Nevertheless, we want to operate a high-performance and visually appealing website that we can manage and maintain ourselves. This is exactly what a website builder system or content management system such as WordPress makes possible. With WordPress, we do not need to be programming experts in order to offer you a well-designed website. Thanks to WordPress, we can operate our website quickly and easily even without extensive technical knowledge. Should technical problems arise or should we have special requests regarding our website, we can always rely on our specialists who are familiar with HTML, PHP, CSS, and related technologies.
Due to its ease of use and comprehensive features, WordPress enables us to design our web presence according to our needs and to provide you with a high level of user-friendliness.
What data is processed by WordPress?
Non-personal data includes technical usage information such as browser activity, clickstream activities, session heatmaps, as well as data about your device, operating system, browser, screen resolution, language and keyboard settings, internet service provider, and the date of your website visit.
In addition, personal data is also collected. This primarily includes contact details (email address or telephone number, if provided), IP address, or your geographic location.
WordPress may also use cookies to collect data. These often record information about your behavior on our website. For example, it may track which subpages you prefer to visit, how long you stay on individual pages, when you leave a page (bounce rate), or which preferences (e.g. language selection) you have chosen. Based on this data, WordPress may also tailor its own marketing measures more closely to your interests and user behavior. When you visit our website again, the website may therefore be displayed according to your previous settings.
WordPress may also use technologies such as pixel tags (web beacons) to clearly identify you as a user and, where applicable, to offer interest-based advertising.
How long and where is the data stored?
The duration for which data is stored depends on various factors. In particular, it depends on the type of data stored and the specific configuration of the website. In principle, WordPress deletes data once it is no longer required for its own purposes. There are, of course, exceptions, especially where statutory retention obligations require data to be stored for a longer period. Server log files containing your IP address and technical data are deleted by WordPress or Automattic after 30 days. Automattic uses this data to analyze traffic on its own websites (for example, all WordPress sites) and to identify and resolve potential issues. Server log files containing your IP address and technical data are deleted by WordPress or Automattic after 30 days. Automattic uses this data to analyze traffic on its own websites (for example, all WordPress sites) and to identify and resolve potential issues.
How can I delete my data or prevent data storage?
You have the right and the ability at any time to access your personal data and to object to its use and processing. You also have the right to lodge a complaint with a competent supervisory authority at any time.
In your browser, you can also manage cookies individually, delete them, or deactivate them entirely. Please note, however, that deactivated or deleted cookies may have negative effects on the functionality of our WordPress website. Depending on the browser you use, cookie management works slightly differently. In the “Cookies” section of this privacy policy, you will find links to instructions for the most common browsers.
Legal Basis
If you have consented to the use of WordPress, this consent constitutes the legal basis for the corresponding data processing. Pursuant to Article 6(1)(a) GDPR (consent), this consent serves as the legal basis for the processing of personal data arising from the use of WordPress.
In addition, we have a legitimate interest in using WordPress in order to optimize our online services and to present them in an appealing manner. The corresponding legal basis is Article 6(1)(f) GDPR (legitimate interests). However, we only use WordPress if you have given your consent.
WordPress or Automattic also processes data relating to you in the United States, among other locations. Automattic is an active participant in the EU–US Data Privacy Framework, which regulates the lawful and secure transfer of personal data of EU citizens to the United States. Further information can be found at: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en .
In addition, Automattic uses so-called Standard Contractual Clauses (Article 46(2) and (3) GDPR). Standard Contractual Clauses (SCCs) are template agreements provided by the European Commission and are intended to ensure that your data continues to comply with European data protection standards even when it is transferred to and stored in third countries (e.g. the United States).
Through the EU–US Data Privacy Framework as well as the Standard Contractual Clauses, Automattic commits to complying with the European level of data protection when processing your personal data, even if the data is stored, processed, or managed in the United States. These clauses are based on an implementing decision of the European Commission,
which you can view at the following link:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
Further details on Automattic’s privacy policy and on which data is processed by WordPress and in what manner can be found in Automattic’s privacy policy at: https://automattic.com/privacy/ .
Web Design – Introduction
Webdesign Datenschutzerklärung Zusammenfassung
👥 Affected persons: Visitors to the website
🤝 Purpose: To improve the user experience
📓 Data processed: The specific data processed depends heavily on the services used. This typically includes IP address, technical data, language settings, browser version, screen resolution, and browser name. More details can be found in the documentation for each web design tool used.
📅 Storage period: depending on the tools used
⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)
What is web design?
We use various tools on our website that support our web design. Web design is not only about making a website look visually appealing, as is often assumed, but also about functionality and performance. Nevertheless, an appropriate visual appearance is one of the main goals of professional web design. Web design is a sub-discipline of media design and focuses on both the visual as well as the structural and functional design of a website. Its purpose is to improve users’ experience when visiting our website. In web design terminology, this is referred to as User Experience (UX) and Usability. User experience includes all impressions and experiences a visitor has while using a website. One key aspect of UX is usability, which focuses on how user-friendly a website is. Particular importance is placed on clear structure, easy navigation and the ability to quickly find the desired content, subpages or products. To provide you with the best possible experience on our website, we also use so-called web design tools from third-party providers. Within this privacy policy, the category “Web design” includes all services that help improve the visual appearance and functionality of our website. These may include, for example, fonts, plugins or other integrated web design features.
Why do we use web design tools?
How information is perceived on a website largely depends on its structure, functionality and visual presentation. For this reason, professional web design has become increasingly important for us. We continuously work on improving our website and consider this an extended service for you as a website visitor. In addition, a visually appealing and well-functioning website also offers economic advantages for us. Ultimately, users are more likely to visit our website and make use of our services when they feel comfortable and well-supported.
What data is processed by web design tools?
When you visit our website, web design elements may be embedded in our pages that can process personal data. The exact type of data processed depends on the tools used. Further details on which tools are used on our website can be found below. For more detailed information on data processing, we recommend reviewing the respective privacy policies of the tools used. These policies usually specify which data is processed, whether cookies are used, and how long data is stored. For example, when using fonts such as Google Fonts, information such as language settings, IP address, browser version, screen resolution and browser name may be automatically transmitted to Google servers.
Duration of data processing
The duration of data processing depends on the web design elements used and may vary significantly. For example, if cookies are used, the storage period may range from only a few minutes to several years. We therefore recommend that you inform yourself accordingly. On the one hand, please refer to our general section on cookies and, on the other hand, to the privacy policies of the tools used. These usually explain which cookies are used and what information is stored in them. For example, Google Font files may be stored for up to one year in order to improve the loading speed of a website. In principle, data is only stored for as long as it is necessary to provide the respective service. If there are legal retention obligations, data may be stored for a longer period.
Right to object
You have the right at any time to withdraw your consent to the use of cookies or third-party providers. This can be done either via our cookie management tool or via other opt-out options. In addition, you can prevent data collection by cookies by managing, disabling or deleting cookies in your browser settings.
However, in connection with web design elements (e.g. fonts), there may be data that cannot always be easily deleted. This applies in particular when data is automatically collected when a page is accessed and transmitted directly to a third-party provider (e.g. Google). In such cases, please contact the support service of the respective provider.
For Google, support can be reached at: https://support.google.com/?hl=de
Legal Basis
If you have given your consent to the use of web design tools, this consent constitutes the legal basis for the corresponding data processing in accordance with Article 6(1)(a) GDPR (consent). In addition, we have a legitimate interest in improving the design and functionality of our website. The corresponding legal basis is Article 6(1)(f) GDPR (legitimate interests), as this allows us to provide you with a visually appealing and professional website. However, we only use web design tools if you have given your consent. We would like to expressly emphasize this point.
Information on specific web design tools is provided—if applicable—in the following sections.
Google Fonts Privacy Policy
Google Fonts Privacy Policy – Summary
👥 Affected persons: Visitors to the website
🤝 Purpose: Optimization of our services
📓 Data processed: Data such as IP address and CSS and font requests
Mehr Details dazu finden Sie weiter unten in dieser Datenschutzerklärung.
📅 Storage duration: Font files are stored by Google for one year
⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)
What are Google Fonts?
We use Google Fonts on our website. These are the “Google fonts” provided by Google Inc. For the European Economic Area, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services.
To use Google Fonts, you do not need to register or create an account. No cookies are stored in your browser in connection with Google Fonts. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from other Google services. If you have a Google account, you do not need to worry that your Google account data will be transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will review the exact details of data storage more closely.
Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google provides to its users free of charge.
Many of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are free software licenses.
Why do we use Google Fonts on our website?
With Google Fonts, we can use fonts on our website without having to upload them to our own server. Google Fonts is an important component for maintaining a high-quality website. All Google Fonts are automatically optimized for the web, which reduces data volume and is a major advantage especially for use on mobile devices. When you visit our website, the small file size ensures fast loading times. In addition, Google Fonts are secure web fonts. Different font rendering systems in various browsers, operating systems, and mobile devices can lead to errors. Such errors may cause text or entire websites to appear distorted. Thanks to the fast Content Delivery Network (CDN), Google Fonts do not cause cross-platform issues. Google Fonts support all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and work reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We therefore use Google Fonts to present our entire online service as consistently and attractively as possible.
What data is stored by Google?
When you visit our website, fonts are loaded via a Google server. Through this external request, data is transmitted to Google servers. This allows Google to recognize that you or your IP address have visited our website. The Google Fonts API was developed to minimize the collection, storage, and use of end-user data to what is necessary for the proper delivery of fonts. API stands for “Application Programming Interface” and serves, among other things, as a data intermediary in the software sector.
Google Fonts stores CSS and font requests securely with Google and is therefore protected. Based on the collected usage statistics, Google can determine how well individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. In addition, Google uses data from its own web crawler to identify which websites use Google Fonts. These data are published in the Google Fonts BigQuery database. Companies and developers use Google’s BigQuery web service to analyze and process large volumes of data.
However, it should be noted that with every Google Fonts request, information such as language settings, IP address, browser version, browser screen resolution, and browser name is automatically transmitted to Google servers. Whether these data are stored is not clearly determinable or explicitly communicated by Google.
How long and where is the data stored?
Requests for CSS assets are stored by Google on its servers for one day. These servers are mainly located outside the European Union. This allows us to use Google Stylesheets efficiently. A stylesheet is a formatting template that makes it easy and fast to change the design or fonts of a website.
Font files are stored by Google for one year. Google pursues the goal of generally improving website loading times. When millions of websites reference the same fonts, these fonts are cached after the first visit and then load immediately on all other subsequently visited websites. Occasionally, Google updates font files to reduce file size, improve language coverage, and enhance design quality.
How can I delete my data or prevent data storage?
The data that Google stores for one day or one year cannot be easily deleted. The data are automatically transmitted to Google when a page is accessed. To request early deletion of this data, you would need to contact Google Support. In this case, preventing data storage is only possible by not visiting our website.
You can reach Google Support at: https://support.google.com/?hl=en&tid=113087545
Unlike other web font providers, Google allows unrestricted access to all fonts. This enables us to access a wide range of fonts and use them optimally for our website.
More information about Google Fonts and answers to frequently asked questions can be found at: https://developers.google.com/fonts/faq?tid=113087545
While Google addresses data privacy issues there, truly detailed information about data storage is not included. It is generally difficult to obtain precise information from Google about specific data stored.
Legal Basis
If you have given your consent to the use of Google Fonts, this consent constitutes the legal basis for the corresponding data processing. In accordance with Article 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the
processing of personal data that may occur when using Google Fonts.
From our side, there is also a legitimate interest in using Google Fonts in order to optimize our online service. The corresponding legal basis is Article 6(1)(f) GDPR (legitimate interests). However, we only use Google Fonts if you have given your consent.
Google also processes data relating to you in the United States, among other locations. Google is an active participant in the EU–US Data Privacy Framework, which regulates the lawful and secure transfer of personal data of EU citizens to the United States.
Further information can be found at:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
.
In addition, Google uses so-called Standard Contractual Clauses (Article 46(2) and (3) GDPR). Standard Contractual Clauses (SCCs) are template agreements provided by the European Commission and are intended to ensure that your data continues to comply with European data protection standards even when it is transferred to and stored in third countries (e.g. the United States).
Durch das EU-US Data Privacy Framework sowie durch die Standardvertragsklauseln verpflichtet sich Google, bei der Verarbeitung Ihrer personenbezogenen Daten das europäische Datenschutzniveau einzuhalten, selbst wenn die Daten in den USA gespeichert, verarbeitet oder verwaltet werden. Diese Klauseln basieren auf einem Durchführungsbeschluss der EU-Kommission, den Sie unter
folgendem Link einsehen können:https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
You can find the Google Ads data processing terms, which refer to the Standard Contractual Clauses, at:
https://business.safety.google/intl/en/adsprocessorterms/
You can find out which data is generally collected by Google and for what purposes this data is used in Google’s privacy policy:
https://policies.google.com/privacy
Online Map Services – Introduction
Online map services privacy policy summary
👥 Affected persons: Visitors to the website
🤝 Purpose: To improve the user experience
📓 Data processed: The specific data processed depends heavily on the services used. This typically includes IP address, location data, search terms, and/or technical data. Further details can be found in the descriptions of the respective tools used.
📅 Storage period: depending on the tools used
⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)
What are online map services?
We use online map services on our website as an extended service. Google Maps is probably the best-known service, but there are also other providers that specialize in creating digital maps. Such services make it possible to display locations, route planning, or other geographical information directly on our website. By integrating a map service, you do not need to leave our website to, for example, view directions to a location. In order for online maps to function on our website, map sections are embedded using HTML code. These services can display road maps, satellite images, or aerial photographs. When you use an embedded map service, data is transmitted to the respective tool and stored there. This data may also include personal data.
Why do we use online map services on our website?
Generally speaking, our goal is to provide you with a pleasant experience on our website. Your time is pleasant only if you can easily find your way around and quickly access the information you need. For this reason, we believe that using an online map system can significantly optimize our website services. Without leaving our website, you can view route descriptions, locations, or points of interest with the help of the map system. Of course, it is also convenient that you can immediately see where our company is located, allowing you to find us quickly and safely. As you can see, there are many advantages, and we clearly consider online map services to be part of our customer service.
What data is stored by online map services?
When you open a page on our website that includes an online map function, personal data may be transmitted to the respective service and stored there. In most cases, this includes your IP address, which can be used to determine your approximate location. In addition to the IP address, data such as entered search terms as well as latitude and longitude coordinates are stored. If you enter an address for route planning, this data will also be stored. The data is not stored by us, but on the servers of the embedded tool. You can imagine this as follows: although you are on our website, the interaction with the map service actually takes place on the provider’s website. To ensure proper functionality of the service, at least one cookie is usually set in your browser. Google Maps, for example, also uses cookies to analyze user behavior, optimize its own service, and display personalized advertising. You can find more information about cookies in our section “Cookies”.
How long and where is the data stored?
Each online map service processes different types of user data. If we have additional information available, we will inform you about the duration of data processing further below in the relevant sections for the individual tools. In general, personal data is only stored for as long as it is necessary to provide the respective service. Google Maps, for example, stores certain data for a defined period, while other data must be deleted by users themselves. With Mapbox, for instance, the IP address is stored for 30 days and then deleted. As you can see, each tool stores data for different lengths of time. We therefore recommend that you carefully review the privacy policies of the tools used.
Providers also use cookies to store data about your user behavior in connection with the map service. You can find more general information about cookies in our section “Cookies.” In addition, the privacy policies of the individual providers explain which cookies may be used. Please note that these lists are usually only exemplary and may not be complete.
Right to object
You always have the option and the right to access your personal data and to object to its use and processing. You may also withdraw any consent you have given us at any time. In most cases, this works most easily via the cookie consent tool. However, there are also other opt-out tools that you can use. Cookies set by the providers used can usually be managed, deleted, or deactivated by you with just a few clicks. Please note, however, that some functions of the service may no longer work as usual. How cookies are managed in your browser also depends on the browser you use. In the section “Cookies,” you will also find links to instructions for the most common browsers.
Legal Basis
If you have given your consent for an online map service to be used, the legal basis for the corresponding data processing is this consent. Pursuant to Article 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data that may occur when using an online map service.
In addition, we have a legitimate interest in using an online map service to optimize our service on our website. The corresponding legal basis is Article 6(1)(f) GDPR (legitimate interests). However, we only use an online map service if you have given your consent. We would like to explicitly emphasize this once again at this point.
Information on specific online map services can be found—if available—in the following sections.
Google Maps Datenschutzerklärung
Google Maps Datenschutzerklärung Zusammenfassung
👥 Affected persons: Visitors to the website
🤝 Purpose: Optimization of our services
📓 Data processed: Data such as entered search terms, your IP address and also the latitude and longitude coordinates.
Mehr Details dazu finden Sie weiter unten in dieser Datenschutzerklärung.
📅 Storage duration: depends on the data stored
⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests)
What is Google Maps?
We use Google Maps, a service provided by Google Inc., on our website. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services. Google Maps allows us to display locations more clearly and thus tailor our services to your needs. By using Google Maps, data is transmitted to Google and stored on Google servers. Below, we explain in more detail what Google Maps is, why we use this Google service, which data is stored, and how you can prevent this data processing.
Google Maps is an online mapping service provided by Google. With Google Maps, you can search for precise locations of cities, sights, accommodations, or businesses online via a PC, tablet, or app. If businesses are represented on Google My Business, additional information about the company is displayed alongside the location. To show directions, map sections of a location can be embedded into a website using HTML code. Google Maps displays the earth’s surface as a road map or as aerial or satellite imagery. Thanks to Street View images and high-quality satellite images, very accurate representations are possible.
Why do we use Google Maps on our website?
All our efforts on this website aim to provide you with a useful and meaningful experience. By integrating Google Maps, we can provide you with the most important information about various locations. At a glance, you can see where our company headquarters are located. The route description shows you the best or fastest way to reach us. You can retrieve directions by car, public transportation, on foot, or by bicycle. For us, providing Google Maps is part of our customer service.
What data is stored by Google Maps?
In order to fully provide its service, Google Maps must collect and store data from users. This includes, among other things, entered search terms, your IP address, and latitude and longitude coordinates. If you use the route planner function, the entered starting address is also stored. However, this data storage takes place on the Google Maps websites. We can only inform you about this but have no influence over it. Because we have integrated Google Maps into our website, Google sets at least one cookie (name: NID) in your browser. This cookie stores data about your user behavior. Google primarily uses this data to optimize its own services and to provide individualized, personalized advertising.
The following cookie will be set in your browser due to the integration of Google Maps:
Name: NID
Value: 188=h26c1Ktha7fCQTx8rXgLyATyITJ113087545-5
Purpose: NID is used by Google to tailor advertisements to your Google searches. With the help of this cookie, Google “remembers” your most frequently entered search queries or your previous interactions with ads. This allows you to receive customized advertisements. The cookie contains a unique ID that Google uses to collect your personal preferences for advertising purposes.
Expiration date: after 6 months
Note: We cannot guarantee that the information about the stored data is complete. Especially when using cookies, changes can never be ruled out. To identify the NID cookie, a separate test page was created on which only Google Maps was embedded.
How long and where is the data stored?
Google servers are located in data centers all over the world. However, most servers are located in the United States. For this reason, your data is also predominantly stored in the United States. You can find more information about the exact locations of Google’s data centers here:
https://datacenters.google/
Google distributes data across various storage systems. This allows data to be accessed more quickly and provides better protection against manipulation attempts. Each data center is also equipped with special emergency programs. Even in the event of technical issues or natural disasters, data generally remains protected.
Some data is stored by Google for a defined period of time. For other data, Google only provides the option for users to delete it manually. In addition, Google anonymizes certain information, such as advertising data, in server logs by deleting parts of IP addresses and cookie information after 9 or 18 months.
How can I delete my data or prevent data storage?
With the automatic deletion feature for location and activity data introduced in 2019, information related to location tracking and web or app activity is stored—depending on your settings—for either 3 or 18 months and then automatically deleted. In addition, you can manually delete your data from the past at any time via your Google account. If you want to completely prevent location tracking, you must pause the “Web & App Activity” section in your Google account. To do this, click on “Data & Privacy” and then select “Activity Controls.” There you can enable or disable individual activities.
In your browser, you can also deactivate, delete, or manage individual cookies. Depending on which browser you use, this process may work differently. In the “Cookies” section, you will find links to instructions for the most common browsers.
If you generally do not want cookies, you can configure your browser so that you are always informed when a cookie is about to be set. This allows you to decide individually whether to allow or block each cookie.
Legal Basis
If you have given your consent to the use of Google Maps, this consent constitutes the legal basis for the corresponding data processing. According to Article 6(1)(a) GDPR (consent), this consent forms the legal basis for the
processing of personal data that may occur when using Google Maps.
If you have given your consent to the use of Google Maps, this consent constitutes the legal basis for the corresponding data processing. According to Article 6(1)(a) GDPR (consent), this consent forms the legal basis for the
processing of personal data that may occur when using Google Maps.
Google also processes data relating to you in the United States, among other locations. Google is an active participant in the EU–US Data Privacy Framework, which regulates the lawful and secure transfer of personal data of EU citizens to the United States.
Further information can be found at:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
.
In addition, Google uses so-called Standard Contractual Clauses (Article 46(2) and (3) GDPR). Standard Contractual Clauses (SCCs) are template agreements provided by the European Commission and are intended to ensure that your data continues to comply with European data protection standards even when it is transferred to and stored in third countries (e.g. the United States).
Through the EU–US Data Privacy Framework as well as the Standard Contractual Clauses, Google commits to complying with the European level of data protection when processing your personal data, even if the data is stored, processed, or managed in the United States. These clauses are based on an implementing decision of the European Commission, which you can view at the following link:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
You can find the Google Ads data processing terms, which refer to the Standard Contractual Clauses, at:
https://business.safety.google/intl/en/adsprocessorterms/
If you would like to learn more about Google’s data processing, we recommend reviewing the company’s privacy policy at:
https://policies.google.com/privacy?hl=en
Explanation of Used Terms
We always strive to draft our privacy policy as clearly and understandably as possible. Especially when dealing with technical and legal topics, this is not always easy. It often makes sense to use legal terms (such as personal data) or certain technical expressions (such as cookies or IP address). However, we do not wish to use these terms without explanation. Below you will therefore find an alphabetical list of important terms used in this privacy policy that may not yet have been sufficiently explained. Where these terms are taken from the GDPR and represent defined legal concepts, we also include the relevant GDPR wording and, where appropriate, add our own explanations.
Processor
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
“Processor” a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller;
Explanation: We, as a company and website operator, are responsible for all data that we process from you. In addition to controllers, there may also be so-called processors. This includes any company or individual that processes personal data on our behalf. Processors may therefore include, in addition to service providers such as tax consultants, hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.
Third Party
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
“Third party” means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor, and persons who, under the direct authority of the controller or the processor, are authorised to process personal data;
Explanation: The GDPR essentially explains here what a “third party” is *not*. In practice, any “third party” is someone who has an interest in the personal data but does not belong to the persons, authorities, or entities listed above. For example, a parent company may act as a “third party.” In such a case, the subsidiary is the controller and the parent company is the “third party.” However, this does not mean that the parent company is automatically permitted to access, collect, or store the subsidiary’s personal data.
consent
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
“Consent” means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes, expressed by a statement or by a clear affirmative action, by which the data subject signifies agreement to the processing of personal data relating to them;
Explanation: On websites, such consent is usually obtained via a cookie consent tool. You are probably familiar with this. Whenever you visit a website for the first time, you are typically asked via a banner whether you agree to or consent to data processing. In most cases, you can also make individual settings and decide for yourself which types of data processing you allow and which you do not. If you do not give consent, no personal data may be processed. In principle, consent can of course also be given in written form, i.e. not via a tool.
Personal Data
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person;
Explanation: Personal data therefore includes all data that can be used to identify you as a person. This generally includes data such as, for example:
- Name
- Address
- Email address
- Postal address
- Telephone Number
- Date of birth
- Identification numbers such as social security number, tax identification number, ID card number, or student ID number
- Bank data such as account number, credit information, account balances, etc.
According to the European Court of Justice (ECJ), your IP address is also considered personal data. IT experts can use your IP address to determine at least the approximate location of your device and, subsequently, identify you as the connection holder. Therefore, storing an IP address also requires a legal basis within the meaning of the GDPR. There are also so-called “special categories” of personal data, which are considered particularly worthy of protection. These include:
- racial and ethnic origin
- political opinions
- religious or philosophical beliefs
- trade union membership
- genetic data, such as data obtained from blood or saliva samples
- biometric data (i.e. information relating to physical, physiological, or behavioral characteristics that can identify a person)
health data - data concerning sexual orientation or sexual life
Profiling
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
“Profiling” means any form of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that person’s work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements.
Explanation: In profiling, various pieces of information about a person are collected in order to learn more about that person. In the online context, profiling is often used for advertising purposes or for creditworthiness assessments. Web and advertising analytics tools, for example, collect data about your behaviour and interests on a website. This results in a specific user profile that can be used to display targeted advertising to a particular audience.
Controller
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
“Controller” the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its designation may be provided for by Union law or the law of the Member States;
Explanation: In our case, we are responsible for the processing of your personal data and are therefore the “controller”. If we pass on collected data to other service providers for processing, they are considered “processors”. In such cases, a data processing agreement (DPA) must be concluded.
Processing
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
“Processing” means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Note: When we refer to processing in our privacy policy, we mean any type of data processing. As stated above in the original GDPR definition, this includes not only the collection of data but also the storage and further processing of data.
Conclusion
Congratulations! If you are reading these lines, you have truly made your way through our entire privacy policy—or at least scrolled all the way to the end. As you can see from the scope of this privacy policy, we take the protection of your personal data very seriously.
It is important to us to inform you, to the best of our knowledge and belief, about the processing of personal data. In doing so, we do not only want to explain which data is processed, but also clarify the reasons for using various software tools. Privacy policies often sound very technical and legalistic.
Since most of our visitors are neither web developers nor lawyers, we deliberately chose a different linguistic approach and tried to explain the facts in the clearest and simplest language possible. Due to the complexity of the subject, this is not always entirely possible. Therefore, the most important terms are explained in more detail at the end of this privacy policy.
If you have any questions regarding data protection on our website, please do not hesitate to contact us or the responsible authority. We wish you a pleasant time and hope to welcome you back to our website soon.
All texts are protected by copyright.
Source: Privacy Policy created with the Privacy Policy Generator for Austria by AdSimple.