Table of Contents
- Data Protection Declaration
- Note on Graphics
Information according to § 5 TMG:
Information about the Website
The imprint was created with the imprint generator of activeMind AG.
The terms used are not gender-specific.
Date: December 29, 2023
Controller / Data Protection Officer
Overview of Processing
The following overview summarizes the types of processed data and the purposes of their processing, and refers to the data subjects.
Types of processed data
Categories of data subjects
- Communication partners.
Purposes of processing
- Contact inquiries and communication.
- Management and response to inquiries.
- Provision of our online offering.
- Information technology infrastructure.
Relevant Legal Bases
- Contractual Performance and Pre-contractual Inquiries (Art. 6(1)(b) GDPR) - Processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures requested by the data subject.
- Legitimate Interests (Art. 6(1)(f) GDPR) - Processing is necessary to protect the legitimate interests of the data controller or a third party, unless the interests or fundamental rights and freedoms of the data subject, requiring the protection of personal data, prevail.
In addition to the data protection regulations of the General Data Protection Regulation, national regulations on data protection apply in Austria. This includes, in particular, the Federal Act concerning the Protection of Personal Data (Data Protection Act - DSG). The Data Protection Act contains special provisions, in particular, regarding the right to information, the right to rectification or erasure, the processing of special categories of personal data, processing for other purposes, transmission, and automated decision-making in individual cases.
In accordance with legal requirements and considering the state of the art, implementation costs, the nature, scope, circumstances, and purposes of processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of protection commensurate with the risk.
These measures include, in particular, securing the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access, input, disclosure, availability, and separation thereof. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, the deletion of data, and responses to data threats. Additionally, we consider the protection of personal data during the development or selection of hardware, software, and procedures, following the principles of data protection, through technical design and privacy-friendly settings.
TLS Encryption (https): To protect the data transmitted via our online offering, we use TLS encryption. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.
The data processed by us will be deleted in accordance with legal requirements as soon as the consent for processing, which is allowed for processing, is revoked, or other permissions are no longer valid (e.g., when the purpose of processing this data has ceased to exist or they are no longer necessary for the purpose). If the data is not deleted because it is required for other purposes that are legally permissible, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons or whose storage is necessary for the assertion, exercise, or defense of legal claims or to protect the rights of another natural or legal person.
Our privacy notices may also provide additional information on the storage and deletion of data that is primarily applicable to the respective processing activities.
Contact and Inquiry Management
When contacting us (e.g., via contact form, email, phone, or social media) and within existing user and business relationships, the information of the inquiring individuals is processed to the extent necessary to respond to contact inquiries and any requested actions.
- Processed Data Types: Contact data (e.g., email, phone numbers); Content data (e.g., entries in online forms); Usage data (e.g., visited web pages, interest in content, access times); Meta-/communication data (e.g., device information, IP addresses).
- Data Subjects: Communication partners.
- Purposes of Processing: Contact inquiries and communication; Management and response to inquiries; Feedback (e.g., collecting feedback via online form); Provision of our online offering and user-friendliness.
- Legal Bases: Legitimate interests (Art. 6(1)(f) GDPR); Contractual performance and pre-contractual inquiries (Art. 6(1)(b) GDPR).
Additional Information on Processing Processes, Procedures, and Services:
- Contact Form: When users contact us via our contact form, email, or other communication channels, we process the information provided in this context to handle the stated request; Legal Bases: Contractual performance and pre-contractual inquiries (Art. 6(1)(b) GDPR), Legitimate interests (Art. 6(1)(f) GDPR).
Rights of Data Subjects
As data subjects, you have various rights under the GDPR, particularly arising from Articles 15 to 21 of the GDPR:
- Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you, based on Article 6(1)(e) or (f) GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, including profiling related to such direct marketing.
- Right to Withdraw Consent: You have the right to withdraw consent at any time.
- Right to Information: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and additional information and a copy of the data in accordance with legal requirements.
- Right to Rectification: You have the right, in accordance with legal requirements, to request the completion of personal data concerning you or the correction of inaccurate data concerning you.
- Right to Erasure and Restriction of Processing: You have the right, in accordance with legal requirements, to request the immediate deletion of personal data concerning you or, alternatively, to request a restriction of processing of the data.
- Right to Data Portability: You have the right to receive the personal data concerning you that you have provided to us, in accordance with legal requirements, in a structured, commonly used, and machine-readable format or to request the transmission of this data to another controller.
- Complaint to Supervisory Authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement, if you believe that the processing of personal data concerning you violates the requirements of the GDPR.
- Personal Data: "Personal data" refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or one or more specific features expressing the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
- Controller: The "controller" is a natural or legal person, authority, agency, or other body that alone or jointly with others determines the purposes and means of processing personal data.
- Processing: "Processing" refers to any operation or set of operations performed on personal data, whether or not by automated means. The term is broad and includes virtually any handling of data, whether it be collection, evaluation, storage, transmission, or deletion.
All graphics/images used are licensed under the Creative Commons license CC0 Public Domain.