Privacy Policy

Name and contact details of the controller

Rights under the General Data Protection Regulation

According to the provisions of the GDPR and the Austrian Data Protection Act (DSG) , you are generally entitled to the following rights:

• Right to rectification (Article 16 GDPR)
• Right to erasure (“right to be forgotten”) (Article 17 GDPR)
• Right to restriction of processing (Article 18 GDPR)
• Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
• Right to data portability (Article 20 GDPR)
• Right to object (Article 21 GDPR)
• Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority, which in Austria is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/.

Automatic data storage

the address (URL) of the website accessed
browser and browser version
the operating system used
the address (URL) of the previously visited page (referrer URL)
the host name and IP address of the device from which the website is accessed
date and time
in files (web server log files).
Web server log files are usually stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out the possibility that this data may be viewed in the event of illegal behavior.

Change privacy settings

TLS encryption with https

We use https to transmit data securely over the Internet (data protection through technology design, Article 25(1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the upper left corner of the browser and the use of the https scheme (instead of http) as part of our Internet address.

Communication

Affected persons

Telephone

Email

Request form

Legal bases

The processing of data is based on the following legal grounds:

• Art. 6 (1) (a) GDPR (consent): You give us your consent to store your data and use it for purposes related to the business transaction;
• Art. 6 (1) (b) GDPR (contract): It is necessary for the performance of a contract with you or a processor, such as a telephone provider, or we need to process the data for pre-contractual activities, such as preparing an offer;
• Art. 6 (1) (f) GDPR (legitimate interests): We want to handle customer inquiries and business communications in a professional manner. This requires certain technical equipment, such as email programs, Exchange servers, and mobile phone operators, in order to communicate efficiently.

WordPress

We use WordPress.com, a website builder system, for our website. The service provider is the American company Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA.

WordPress processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks for the legality and security of data processing.

As a basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer to such countries, WordPress uses so-called standard contractual clauses (= Art. 46 (2) and (3) GDPR). Standard contractual clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when it is transferred to third countries (such as the USA) and stored there. Through these clauses, WordPress undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision by the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The data processing agreements that comply with the standard contractual clauses can be found at https://wordpress.com/support/data-processing-agreements/.

For more information about the data processed through the use of WordPress.com, please refer to the privacy policy at https://automattic.com/de/privacy/.

Cookies

Our website uses HTTP cookies to store user-specific data.
Below, we explain what cookies are and why they are used so that you can better understand the following privacy policy.

What exactly are cookies?

Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: cookies are really useful little helpers. Almost all websites use cookies. More specifically, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is essentially the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans, or other “malware.” Cookies also cannot access information on your PC.
Cookie data may look like this, for example:

Name: _ga
Value: GA1.2.1326744211.152111340561-9
Purpose: Distinguishing between website visitors
Expiration date: After 2 years

A browser should be able to support these minimum sizes:

• At least 4096 bytes per cookie
• At least 50 cookies per domain
• At least 3000 cookies in total

What types of cookies are there?

The question of which cookies we use specifically depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

There are four types of cookies:

Essential cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user adds a product to their shopping cart, then continues browsing other pages and only proceeds to checkout later. These cookies ensure that the shopping cart is not deleted, even if the user closes their browser window.

Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. These cookies are also used to measure the loading time and behavior of the website in different browsers.

Targeted cookies
These cookies improve user-friendliness. For example, they store entered locations, font sizes, or form data.

Advertising cookies
These cookies are also known as targeting cookies. They are used to deliver personalized advertising to the user. This can be very practical, but also very annoying.

When you visit a website for the first time, you are usually asked which of these cookie types you want to allow. And, of course, this decision is also stored in a cookie.

How can I delete cookies?

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete, deactivate, or only partially allow cookies. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, or if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable, and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Deleting and managing cookies

If you do not want cookies at all, you can set your browser to always inform you when a cookie is about to be set. This allows you to decide whether or not to allow each individual cookie. The procedure varies depending on the browser. The best way to find the instructions is to search Google using the search term “delete cookies Chrome” or “disable cookies Chrome” if you are using the Chrome browser.

What about my data protection?

The so-called “cookie guidelines” have been in place since 2009. These stipulate that the storage of cookies requires your consent. However, there are still very different responses to these guidelines within EU countries. In Austria, however, this directive was implemented in Section 96 (3) of the Telecommunications Act (TKG).

If you would like to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments from the Internet Engineering Task Force (IETF) called ”HTTP State Management Mechanism”.

Google Fonts

Cookie Consent Management Platform

What is a cookie consent management platform?
We use consent management platform (CMP) software on our website, which makes it easier for us and you to handle scripts and cookies correctly and securely. The software automatically creates a cookie pop-up, scans and checks all scripts and cookies, provides you with the cookie consent required by data protection law, and helps us and you keep track of all cookies. Most cookie consent management tools identify and categorize all existing cookies. As a website visitor, you then decide for yourself whether and which scripts and cookies you allow or do not allow. The following graphic illustrates the relationship between the browser, web server, and CMP.
Why do we use a cookie management tool? Our goal is to offer you the best possible transparency in the area of data protection. We are also legally obligated to do so. We want to inform you as best we can about all tools and cookies that can store and process your data. It is also your right to decide for yourself which cookies you accept and which you do not. In order to grant you this right, we first need to know exactly which cookies have ended up on our website. Thanks to a cookie management tool that regularly scans the website for all existing cookies, we know about all cookies and can provide you with information about them in accordance with the GDPR. You can then accept or reject cookies via the consent system.
What data is processed?
Our cookie management tool allows you to manage each individual cookie yourself and gives you complete control over the storage and processing of your data. Your declaration of consent is stored so that we do not have to ask you every time you visit our website and so that we can prove your consent if required by law. This is stored either in an opt-in cookie or on a server. The storage period for your cookie consent varies depending on the provider of the cookie management tool. In most cases, this data (such as pseudonymous user ID, time of consent, details of cookie categories or tools, browser, device information) is stored for up to two years.

Duration of data processing
We will inform you about the duration of data processing below, provided we have further information on this. In general, we only process personal data for as long as is absolutely necessary to provide our services and products. Data stored in cookies is stored for varying lengths of time. Some cookies are deleted as soon as you leave the website, while others may be stored in your browser for several years. The exact duration of data processing depends on the tool used, but in most cases you should expect a storage period of several years. You can usually find detailed information about the duration of data processing in the respective privacy policies of the individual providers.

Right to object
You also have the right and the option to revoke your consent to the use of cookies at any time. You can do this either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating, or deleting cookies in your browser.
Information on specific cookie management tools, if available, can be found in the following sections.

Legal basis
If you agree to cookies, your personal data will be processed and stored via these cookies. If we are permitted to use cookies with your consent (Article 6(1)(a) GDPR), this consent also constitutes the legal basis for the use of cookies and the processing of your data. Cookie consent management platform software is used to manage consent to cookies and to enable you to give your consent. The use of this software enables us to operate the website in an efficient and legally compliant manner, which constitutes a legitimate interest (Article 6(1)(f) GDPR).

BorlabsCookie

We use BorlabsCookie on our website, which is, among other things, a tool for storing your cookie consent. The service provider is the German company Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany. You can find out more about the data processed through the use of BorlabsCookie in the privacy policy at https://de.borlabs.io/datenschutz/.

Google Analytics

We use the Google Analytics (GA) analysis tracking tool from the American company Google Inc. on our website. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, when you click on a link, this action is stored in a cookie and sent to Google Analytics. The reports we receive from Google Analytics help us to better tailor our website and our service to your needs. Below, we provide more detailed information about the tracking tool and, in particular, what data is stored and how you can prevent this.

What is Google Analytics?

Google Analytics is a tracking tool that analyzes traffic on our website. For Google Analytics to work, a tracking code is embedded in the code of our website. When you visit our website, this code records various actions you perform on our website. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.

Google processes the data and we receive reports on your user behavior. These reports may include the following:

• Audience reports: Audience reports help us get to know our users better and understand more precisely who is interested in our services.
• Advertising reports: Advertising reports make it easier for us to analyze and improve our online advertising.
• Acquisition reports: Acquisition reports provide us with helpful information on how we can get more people excited about our service.
• Behavior reports: Here we learn how you interact with our website. We can track the path you take on our site and which links you click on.
• Conversion reports: Conversion is the process by which you perform a desired action based on a marketing message. For example, when you go from being a mere website visitor to a buyer or newsletter subscriber. These reports help us learn more about how our marketing efforts are resonating with you. This is how we aim to increase our conversion rate.
• Real-time reports: Here, we always know immediately what is happening on our website. For example, we can see how many users are currently reading this text.

Why do we use Google Analytics on our website?

Our goal with this website is clear: we want to offer you the best possible service. The statistics and data from Google Analytics help us achieve this goal.

The statistically evaluated data gives us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it is easier for interested people to find on Google. On the other hand, the data helps us to better understand you as a visitor. This means we know exactly what we need to improve on our website in order to offer you the best possible service. The data also helps us to tailor our advertising and marketing measures more individually and cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.

What data is stored by Google Analytics?

Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This allows Google Analytics to recognize you as a new user. The next time you visit our site, you will be recognized as a “returning” user. All collected data is stored together with this user ID. This is what makes it possible to evaluate pseudonymous user profiles in the first place.
Your interactions on our website are measured using identifiers such as cookies and app instance IDs. Interactions are all types of actions you perform on our website. If you also use other Google systems (such as a Google account), data generated by Google Analytics may be linked to third-party cookies. Google does not share Google Analytics data unless we, as the website operator, approve it. Exceptions may occur if required by law.
The following cookies are used by Google Analytics:

Name: _ga
Value:2.1326744211.152111340561-5
Purpose: By default, analytics.js uses the _ga cookie to store the user ID. It is primarily used to distinguish between website visitors.
Expiration date: after 2 years

Name: _gid
Value:2.1687193234. 152111340561-1
Purpose: This cookie is also used to distinguish between website visitors.
Expiration date: After 24 hours

Name: _gat_gtag_UA_<property-id>
Value: 1
Purpose: Used to reduce the request rate. If Google Analytics is provided via Google Tag Manager, this cookie is named _dc_gtm_ <property-id>.
Expiration date: after 1 minute

Name: AMP_TOKEN
Value: Not specified
Purpose: The cookie has a token that can be used to retrieve a user ID from the AMP client ID service. Other possible values indicate a logout, a request, or an error.
Expiration date: after 30 seconds to one year

Name: __utma
Value:1564498958.1564498958. 1564498958.1
Purpose: This cookie tracks your behavior on the website and measures performance. The cookie is updated every time information is sent to Google Analytics.
Expiration date: after 2 years

Name: __utmt
Value: 1
Purpose: Like _gat_gtag_UA_<property-id>, this cookie is used to throttle the request rate.
Expiration date: after 10 minutes

Name: __utmb
Value:3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated every time new data or information is sent to Google Analytics.
Expiration date: after 30 minutes

Name: __utmc
Value: 167421564
Purpose: This cookie is used to set new sessions for returning visitors. It is a session cookie and is only stored until you close your browser.
Expiration date: After closing the browser

Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: This cookie is used to identify the source of visitor traffic to our website. This means that the cookie stores where you came from to our website. This could have been another page or an advertisement.
Expiration date: after 6 months

Name: __utmv
Value: not specified
Purpose: This cookie is used to store user-defined data. It is always updated when information is sent to Google Analytics.
Expiration date: after 2 years

Note: This list cannot claim to be exhaustive, as Google constantly changes its choice of cookies.

Here is an overview of the most important data collected by Google Analytics:

Heat maps: Google creates so-called heat maps. Heat maps show exactly which areas you click on. This gives us information about where you are “traveling” on our site.

Session duration: Google defines session duration as the time you spend on our site without leaving the page. If you have been inactive for 20 minutes, the session ends automatically.

Bounce rate: A bounce occurs when you view only one page on our website and then leave our website.

Account creation: When you create an account or place an order on our website, Google Analytics collects this data.

IP address: The IP address is only displayed in abbreviated form so that no unique assignment is possible.

Location: The IP address can be used to determine the country and your approximate location. This process is also known as IP location determination.

Technical information: Technical information includes your browser type, your internet service provider, and your screen resolution, among other things.

Source of origin: Google Analytics and we are of course also interested in which website or advertisement brought you to our site.

Other data includes contact details, any reviews, media playback (e.g., if you play a video on our site), sharing content via social media, or adding to your favorites. This list is not exhaustive and is only intended to provide a general overview of data storage by Google Analytics.

How long and where is the data stored?

Google has servers located around the world. Most servers are located in America, which means that your data is usually stored on American servers. You can find out exactly where Google’s data centers are located here: https://www.google.com/about/datacenters/inside/locations/?hl=de

Your data is distributed across various physical data carriers. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. Every Google data center has appropriate emergency programs for your data. If, for example, Google’s hardware fails or natural disasters cripple servers, the risk of service interruption at Google remains low.

Google Analytics has a standard retention period of 26 months for your user data. After that, your user data is deleted. However, we have the option of choosing the retention period for user data ourselves. There are five options available to us:

• Deletion after 14 months
• Deletion after 26 months
• Deletion after 38 months
• Deletion after 50 months
• No automatic deletion

Once the specified period has expired, the data is deleted once a month. This retention period applies to your data linked to cookies, user recognition, and advertising IDs (e.g., cookies from the DoubleClick domain). Reporting results are based on aggregated data and are stored independently of user data. Aggregated data is a combination of individual data into a larger unit.
How can I delete my data or prevent data storage?

Under European Union data protection law, you have the right to obtain information about your data, to update it, to delete it, or to restrict its use. You can prevent Google Analytics from using your data by using the browser add-on to disable Google Analytics JavaScript (ga.js, analytics.js, dc.js). You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only deactivates data collection by Google Analytics.
If you want to deactivate, delete, or manage cookies in general (regardless of Google Analytics), there are separate instructions for each browser:

Chrome: Delete, enable, and manage cookies in Chrome

Safari: Managing cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Deleting and managing cookies

Google Analytics is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. For more information, please visit https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=111340561. We hope we have been able to provide you with the most important information about data processing by Google Analytics. If you would like to learn more about the tracking service, we recommend these two links: http://www.google.com/analytics/ terms/en.html and https://support.google.com/analytics/answer/6004245?hl=de.

Google Analytics IP anonymization

We have implemented IP address anonymization from Google Analytics on this website. This feature was developed by Google so that this website can comply with applicable data protection regulations and recommendations from local data protection authorities if they prohibit the storage of the full IP address. The anonymization or masking of the IP address takes place as soon as the IP addresses arrive in the Google Analytics data collection network and before the data is stored or processed.

For more information on IP anonymization, please visit https://support.google.com/analytics/answer/2763052?hl=de.

Google Analytics reports on demographic characteristics and interests

We have enabled the advertising reporting features in Google Analytics. The reports on demographic characteristics and interests contain information on age, gender, and interests. This allows us to get a better picture of our users without being able to assign this data to individual persons. You can find out more about the advertising features https://support.google.com/analytics/answer/3450482?hl=de_AT&utm_id=ad.

You can opt out of the use of your Google Account activity and information by checking the box under “Advertising settings” at https://adssettings.google.com/authenticated.

Google Analytics Data Processing Amendment

We have entered into a direct customer agreement with Google for the use of Google Analytics by accepting the “Data Processing Amendment” in Google Analytics.

You can find more information about the Data Processing Amendment for Google Analytics here: https://support.google.com/analytics/answer/3379636?hl=de&utm_id=ad

Google Tag Manager

We use Google Tag Manager from Google Inc. for our website. Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services in Europe. Tag Manager is one of many helpful marketing products from Google. Google Tag Manager allows us to centrally integrate and manage code snippets from various tracking tools that we use on our website.
In this privacy policy, we would like to explain in more detail what Google Tag Manager does, why we use it, and how data is processed.

What is Google Tag Manager?
Google Tag Manager is an organizational tool that allows us to integrate and manage website tags centrally via a user interface. Tags are small pieces of code that record (track) your activities on our website, for example. To do this, JavaScript code snippets are inserted into the source code of our site. The tags often come from Google’s own products, such as Google Ads or Google Analytics, but tags from other companies can also be integrated and managed via the manager. These tags perform various tasks. They can collect browser data, feed data to marketing tools, integrate buttons, set cookies, and even track users across multiple websites.

Why do we use Google Tag Manager for our website?
As the saying goes, organization is half the battle! And that also applies to maintaining our website, of course. In order to make our website as good as possible for you and everyone interested in our products and services, we need various tracking tools such as Google Analytics. The data collected by these tools shows us what interests you most, where we can improve our services, and which people we should show our offers to. And for this tracking to work, we need to embed the appropriate JavaScript codes into our website. In principle, we could embed each code section of the individual tracking tools separately into our source code. However, this takes a relatively long time and it is easy to lose track of things. That’s why we use Google Tag Manager. We can easily integrate the necessary scripts and manage them from one place. In addition, Google Tag Manager offers an easy-to-use user interface and requires no programming knowledge. This allows us to keep our tag jungle organized.

What data is stored by Google Tag Manager?
Tag Manager itself is a domain that does not set cookies or store data. It acts merely as an “administrator” of the implemented tags. The data is collected by the individual tags of the various web analytics tools. The data is essentially passed through Google Tag Manager to the individual tracking tools and is not stored.

However, the situation is completely different with the integrated tags of the various web analysis tools, such as Google Analytics. Depending on the analysis tool, various data about your web behavior is usually collected, stored, and processed with the help of cookies. For more information, please read our privacy policy texts for the individual analysis and tracking tools that we use on our website.
In the Tag Manager account settings, we have permitted Google to receive anonymized data from us. However, this only concerns the use of our Tag Manager and not your data stored via the code sections. We enable Google and others to receive selected data in anonymized form. We therefore consent to the anonymous transfer of our website data. Despite extensive research, we were unable to find out exactly which summarized and anonymous data is forwarded. In any case, Google deletes all information that could identify our website. Google combines the data with hundreds of other anonymous website data and creates user trends as part of benchmarking measures. Benchmarking involves comparing your own results with those of your competitors. Processes can be optimized based on the information collected.
How long and where is the data stored? When Google stores data, it is stored on its own Google servers. The servers are located all over the world, with most of them in America. At https://www.google.com/about/datacenters/inside/locations/?hl=de, you can find out exactly where the Google servers are located.

You can find out how long each tracking tool stores your data in our individual privacy policy texts for each tool.

How can I delete my data or prevent data storage?
Google Tag Manager itself does not set any cookies, but manages tags from various tracking websites. In our privacy policy texts for the individual tracking tools, you will find detailed information on how you can delete or manage your data.
Google is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. For more information, visit https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=111607701. If you would like to learn more about Google Tag Manager, we recommend reading the FAQs at https://www.google.com/intl/de/tagmanager/faq.html.

Copyright notice regarding this privacy policy

This privacy policy was created in cooperation with the AdSimple® privacy policy generator.
Link to AdSimple®