Data protection

Privacy Policy

Introduction and Overview

We have prepared this privacy policy (version 04.09.2025-113050238) to inform you in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws explain which personal data (hereinafter referred to as "data") we, as data controllers – and the data processors we have engaged (e.g., providers) – process, will process in the future, and what legal options you have. The terms used are to be understood as gender-neutral. In short: We provide you with comprehensive information about the data we process about you. Privacy policies usually sound very technical and use legal jargon. This privacy policy, however, aims to describe the most important aspects to you as simply and transparently as possible. Where it promotes transparency, technical details will be explained in more detail below. Terms explained in a reader-friendly way, links to further information are provided and Graphics We have implemented this policy. We are informing you in clear and simple language that we only process personal data in the course of our business activities when there is a corresponding legal basis. This is certainly not possible if one provides the briefest, unclear, and overly technical legal explanations that are often standard practice on the internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps you will find some information here that you were not previously aware of. If you still have questions, please contact the responsible party named below or in the legal notice, follow the provided links, and consult further information on third-party websites. Our contact details can, of course, also be found in the legal notice.

scope

This privacy policy applies to all personal data processed by us within our company and to all personal data processed by companies commissioned by us (data processors). Personal data, as defined in Article 4 No. 1 GDPR, refers to information such as a person's name, email address, and postal address. The processing of personal data enables us to offer and bill for our services and products, whether online or offline. The scope of this privacy policy includes:

• all online presences (websites, online shops) that we operate
• Social media presence and email communication
• mobile apps for smartphones and other devices

In short: This privacy policy applies to all areas where personal data is processed in a structured manner within the company via the aforementioned channels. Should we enter into a legal relationship with you outside of these channels, we will inform you separately if necessary.

Legal basis

In the following privacy statement, we provide you with transparent information on the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation (GDPR), that allow us to process personal data. With regard to EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can, of course, access this EU General Data Protection Regulation online at EUR-Lex, the gateway to EU law, at [link to EUR-Lex website]. https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679 Read more. We only process your data if at least one of the following conditions applies:

1. consent (Article 6 paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of your entered data from a contact form.
2. Contract (Article 6 paragraph 1 lit. b GDPR): We process your data in order to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a purchase agreement with you, we need personal information beforehand.
3. Legal obligation (Article 6 paragraph 1 lit. c GDPR): We process your data when we are subject to a legal obligation. For example, we are legally required to retain invoices for accounting purposes. These typically contain personal data.
4. Legitimate interests (Article 6 paragraph 1 lit. f GDPR): In the case of legitimate interests that do not infringe your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data to operate our website securely and economically. This processing therefore constitutes a legitimate interest.

Other conditions, such as the recording of images in the public interest and the exercise of official authority, as well as the protection of vital interests, do not generally apply in our case. If such a legal basis should apply, it will be indicated where relevant. In addition to the EU regulation, national laws also apply.

• In Austria This is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Data Protection Act), short DSG.
• In Germany Does this apply? Federal Data Protection Act, short BDSG.

If other regional or national laws apply, we will inform you about them in the following sections.

Contact details of the responsible party

Should you have any questions regarding data protection or the processing of personal data, you will find the contact details of the controller pursuant to Article 4(7) of the EU General Data Protection Regulation (GDPR) below: Agrar Produktion Consulting GesmbH Ernst Speer Ludersdorf 183, A-8200 Gleisdorf E-mail: apc@apc-austria.com Phone: 0043 (0) 3112/ 75 20 Imprint: https://apc-austria.com//impressum/

Storage duration

We generally adhere to the principle that we only store personal data for as long as is absolutely necessary for providing our services and products. This means that we delete personal data as soon as the reason for processing it no longer exists. In some cases, we are legally obligated to retain certain data even after the original purpose has ceased, for example, for accounting purposes. Should you wish to have your data deleted or withdraw your consent to data processing, the data will be deleted as quickly as possible, provided there is no legal obligation to retain it. We will inform you about the specific duration of each data processing period below, if we have further information available.

Rights under the General Data Protection Regulation

In accordance with Articles 13 and 14 of the GDPR, we inform you about the following rights to which you are entitled, in order to ensure fair and transparent data processing:

• According to Article 15 of the GDPR, you have the right to information about whether we process your data. If this is the case, you have the right to receive a copy of the data and the following information:
  • for what purpose we carry out the processing;
  • the categories, i.e. the types of data that are processed;
  • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
  • how long the data will be stored;
  • the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
  • that you can lodge a complaint with a supervisory authority (links to these authorities can be found below);
  • the origin of the data if we did not collect it from you;
  • whether profiling is carried out, i.e., whether data is automatically evaluated to create a personal profile of you.
• According to Article 16 of the GDPR, you have a right to rectification of your data, which means that we must correct any data you find.
• According to Article 17 of the GDPR, you have the right to erasure („right to be forgotten“), which specifically means that you can request the deletion of your data.
• According to Article 18 GDPR, you have the right to restrict processing, which means that we may only store the data but not use it further.
• According to Article 20 of the GDPR, you have the right to data portability, which means that we will provide you with your data in a commonly used format upon request.
• According to Article 21 GDPR, you have the right to object, which, if exercised, will result in a change to the processing.
  • If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interest), you can object to the processing. We will then examine as quickly as possible whether we can legally comply with this objection.
  • If your data is used for direct marketing purposes, you can object to this type of data processing at any time. We will then no longer be permitted to use your data for direct marketing.
  • If data is used for profiling, you can object to this type of data processing at any time. We will then no longer be permitted to use your data for profiling.
• According to Article 22 of the GDPR, you may have the right not to be subject to a decision based solely on automated processing (for example, profiling).
• According to Article 77 of the GDPR, you have the right to lodge a complaint. This means you can lodge a complaint with the data protection authority at any time if you believe that the processing of your personal data violates the GDPR.

In short: You have rights – don't hesitate to contact the responsible party listed above! If you believe that the processing of your data violates data protection law or that your data protection rights have been infringed in any other way, you can lodge a complaint with the supervisory authority. In Austria, this is the Data Protection Authority, whose website you can find at [link to website]. https://www.dsb.gv.at/ You can find them here. In Germany, each federal state has a data protection officer. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) Please contact us. The following local data protection authority is responsible for our company:

Austrian Data Protection Authority

Director: Dr. Matthias Schmidl Address: Barichgasse 40-42, 1030 Vienna Telephone number: +43 1 52 152-0 E-mail address: dsb@dsb.gv.at Website: https://www.dsb.gv.at/

Data processing security

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. This makes it as difficult as possible, within our means, for third parties to infer personal information from our data. Article 25 of the GDPR refers to "data protection by design and by default," meaning that security must always be considered and appropriate measures implemented for both software (e.g., forms) and hardware (e.g., access to the server room). We will discuss specific measures below, if necessary.

TLS encryption with https

TLS, encryption, and HTTPS sound very technical, and they are. We use HTTPS (Hypertext Transfer Protocol Secure) to transmit data securely over the internet. This means that the entire transmission of all data from your browser to our web server is secure – no one can eavesdrop. With this, we have introduced an additional layer of security and comply with data protection regulations by design (Article 25 paragraph 1 GDPRBy using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the internet, we can ensure the protection of confidential data. You can recognize the use of this secure data transmission by the small padlock symbol.  In the top left corner of your browser, to the left of the web address (e.g., examplepage.com), you'll see the https scheme (instead of http) as part of the address. If you'd like to learn more about encryption, we recommend searching Google for "Hypertext Transfer Protocol Secure wiki" to find helpful links to further information.

communication

Communication Summary 👥 Data subjects: Everyone who communicates with us by phone, email, or online form 📓 Data processed: e.g., phone number, name, email address, form data entered. More details can be found under the respective contact method used. 🤝 Purpose: Handling communication with customers, business partners, etc. 📅 Storage period: Duration of the business transaction and legal requirements ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR (contract), Art. 6 para. 1 lit. f GDPR (legitimate interests)

When you contact us by phone, email, or online form, your personal data may be processed. This data is used to handle your inquiry and the related business transaction. The data will be stored for as long as required by law.

Affected persons

The aforementioned processes affect everyone who contacts us via the communication channels we provide.

phone

When you call us, the call data is stored pseudonymously on your device and with your telecommunications provider. Additionally, data such as your name and phone number may be sent via email and stored for the purpose of responding to your inquiry. This data will be deleted as soon as the matter is resolved and legal requirements permit.

e-mail

When you communicate with us via email, data may be stored on your device (computer, laptop, smartphone, etc.) and on our email server. This data will be deleted once the business transaction is complete and legal requirements permit.

Online forms

When you communicate with us via online form, data is stored on our web server and may be forwarded to an email address provided by us. The data is deleted as soon as the business transaction has been completed and legal requirements permit.

Legal basis

The processing of the data is based on the following legal grounds:

• Article 6 paragraph 1 letter a GDPR (consent): You give us your consent to store your data and to use it further for purposes relating to the business transaction;
• Article 6 paragraph 1 letter b GDPR (contract): The processing is necessary for the performance of a contract with you or a data processor such as the telephone provider, or we need to process the data for pre-contractual activities, such as preparing an offer;
• Article 6 paragraph 1 letter f GDPR (Legitimate Interests): We want to handle customer inquiries and business communication in a professional manner. This requires certain technical equipment such as email programs, Exchange servers, and mobile network operators to ensure efficient communication.

Cookies

Cookies Summary 👥 Affected parties: Website visitors 🤝 Purpose: Depends on the specific cookie. More details can be found below or on the website of the software provider that sets the cookie. 📓 Data processed: Depends on the specific cookie used. More details can be found below or on the website of the software provider that sets the cookie. 📅 Storage period: Depends on the specific cookie; can vary from hours to years. ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What are cookies?

Our website uses HTTP cookies to store user-specific data. Below, we explain what cookies are and why they are used to help you better understand the following privacy policy. Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies. There's no denying it: cookies are really useful tools. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other types of cookies for different applications. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, essentially the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified. Cookies store certain user data, such as your language or personal website settings. When you revisit our site, your browser sends this user-related information back to us. Thanks to cookies, our website knows who you are and offers you your preferred settings. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file. The following graphic illustrates a possible interaction between a web browser, such as Chrome, and the web server. The web browser requests a website and receives a cookie from the server, which the browser then reuses whenever another page is requested. There are both first-party and third-party cookies. First-party cookies are created directly by our website, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to several years. Cookies are not software programs and do not contain viruses, Trojans, or other malware. Cookies cannot access information on your computer. Here's an example of what cookie data might look like: Name: _ga Value: GA1.2.1326744211.152113050238-9 Purpose of use: Differentiation of website visitors Expiry date: After 2 years, these are the minimum sizes a browser should be able to support:

• At least 4096 bytes per cookie
• At least 50 cookies per domain
• At least 3000 cookies in total

What types of cookies are there?

The specific cookies we use depend on the services used and are explained in the following sections of the privacy policy. Here, we would like to briefly discuss the different types of HTTP cookies. There are four main types of cookies: Essential cookies These cookies are necessary to ensure the basic functionality of the website. For example, these cookies are needed when a user adds a product to their shopping cart, then continues browsing other pages, and only later proceeds to checkout. These cookies prevent the shopping cart from being emptied, even if the user closes their browser window. Functional cookies These cookies collect information about user behavior and whether the user receives any error messages. They also measure loading times and the website's performance across different browsers. Targeted cookies These cookies improve user-friendliness. For example, they save entered locations, font sizes, or form data. Advertising cookies These cookies are also called targeting cookies. They are used to deliver personalized advertising to the user. This can be very convenient, but also very annoying. Usually, you will be asked which of these cookie types you want to allow the first time you visit a website. And of course, this decision is also stored in a cookie. If you would like to learn more about cookies and aren't afraid of technical documentation, we recommend... datatracker.ietf.org/doc/html/rfc6265, the Request for Comments from the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Purpose of processing via cookies

The purpose ultimately depends on the specific cookie. More details can be found below or on the website of the software provider that sets the cookie.

What data is processed?

Cookies are small tools that help with many different tasks. Unfortunately, it's impossible to generalize about what data is stored in cookies, but we will inform you about the data processed and stored in the following privacy policy.

Storage duration of cookies

The storage duration depends on the specific cookie and is further specified below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years. You also have control over the storage duration yourself. You can manually delete all cookies at any time via your browser (see also "Right to object" below). Furthermore, cookies based on consent are deleted at the latest after you withdraw your consent, although the lawfulness of the storage remains unaffected until then.

Right to object – how can I delete cookies?

How and whether you want to use cookies is entirely up to you. Regardless of the service or website the cookies originate from, you always have the option to delete, disable, or partially allow them. For example, you can block third-party cookies but allow all others. If you want to see which cookies have been stored in your browser, or if you want to change or delete cookie settings, you can find this information in your browser settings. Chrome: Delete, enable and manage cookies in Chrome Safari: Managing cookies and website data with Safari Firefox: Clear cookies to remove data that websites have stored on your computer. Internet Explorer: Deleting and managing cookies Microsoft Edge: Deleting and managing cookies If you generally don't want to allow cookies, you can configure your browser to always notify you when a cookie is about to be set. This allows you to decide whether to allow each individual cookie. The procedure varies depending on the browser. The best way to find instructions is to search on Google using the keywords "delete cookies Chrome" or "disable cookies Chrome" if you are using the Chrome browser.

Legal basis

The so-called "Cookie Directive" has been in effect since 2009. It stipulates that storing cookies is a consent (Article 6(1)(a) GDPR) requires your consent. However, reactions to these guidelines vary considerably across EU countries. In Austria, this directive was implemented in Section 165(3) of the Telecommunications Act (2021). In Germany, the cookie guidelines were not transposed into national law. Instead, they were largely implemented in Section 15(3) of the Telemedia Act (TMG), which was replaced by the Digital Services Act (DDG) in May 2024. For strictly necessary cookies, even without consent, the following applies: legitimate interests (Article 6(1)(f) GDPR), which in most cases are of an economic nature. We want to provide website visitors with a pleasant user experience, and certain cookies are often essential for this. If non-essential cookies are used, this only happens with your consent. The legal basis for this is Article 6(1)(a) GDPR. The following sections provide more detailed information about the use of cookies, insofar as the software used employs cookies.

Web hosting introduction

Web hosting summary 👥 Affected parties: Website visitors 🤝 Purpose: Professional website hosting and operational security 📓 Data processed: IP address, time of website visit, browser used, and other data. More details can be found below or with the respective web hosting provider. 📅 Storage period: Depends on the provider, but usually 2 weeks ⚖️ Legal basis: Art. 6 para. 1 lit. f GDPR (Legitimate interests)

What is web hosting?

When you visit websites these days, certain information – including personal data – is automatically generated and stored, and this website is no exception. This data should be processed as sparingly as possible and only with justification. By "website," we mean the entirety of all web pages on a domain, i.e., everything from the homepage to the very last subpage (like this one). By "domain," we mean, for example, example.de or sample.com. If you want to view a website on a computer, tablet, or smartphone, you use a program called a web browser. You're probably familiar with some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. We simply call them browsers or web browsers. To display the website, the browser must connect to another computer where the website's code is stored: the web server. Operating a web server is a complex and resource-intensive task, which is why it's usually handled by professional providers, or ISPs. These providers offer web hosting and thus ensure the reliable and error-free storage of website data. A lot of technical terms, but please bear with us, it gets better! When your browser connects to the web server (desktop, laptop, tablet, or smartphone) and during data transfer to and from the server, personal data may be processed. Your computer stores data, and the web server also needs to store data for a period of time to ensure proper operation. A picture is worth a thousand words, so the following graphic illustrates the interaction between the browser, the internet, and the hosting provider.

Why do we process personal data?

The purposes of data processing are:

1. Professional website hosting and operational security
2. to maintain operational and IT security
3. Anonymous analysis of access behavior to improve our services and, if necessary, for law enforcement or pursuit of claims.

What data is processed?

Even while you are currently visiting our website, our web server, that is the computer on which this website is stored, usually automatically saves data such as

• the complete internet address (URL) of the accessed website
• Browser and browser version (e.g. Chrome 87)
• the operating system used (e.g. Windows 10)
• the address (URL) of the previously visited page (referrer URL) (e.g. examplesourcesite.de/fromdabinichher/)
• the hostname and IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
• Date and time
• in files, the so-called web server log files

How long is data stored?

The data mentioned above is generally stored for two weeks and then automatically deleted. We do not share this data, but we cannot rule out the possibility that authorities may access it in the event of unlawful activity. In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we will not share your data without your consent!

Legal basis

The lawfulness of processing personal data within the context of web hosting is based on Article 6(1)(f) GDPR (legitimate interests), as the use of professional hosting from a provider is necessary to present the company securely and user-friendly on the internet and to be able to pursue any attacks and claims arising therefrom. We generally have a data processing agreement with the hosting provider in accordance with Articles 28 et seq. GDPR, which ensures compliance with data protection regulations and guarantees data security.

Website Building Blocks Introduction

Website Builder Systems Privacy Policy Summary 👥 Affected parties: Website visitors 🤝 Purpose: Optimizing our service 📓 Data processed: Data such as technical usage information like browser activity, clickstream activity, session heatmaps, as well as contact details, IP address, or your geographic location. More details can be found below in this privacy policy and in the providers' privacy policies. 📅 Storage period: Depends on the provider ⚖️ Legal basis: Art. 6 para. 1 lit. f GDPR (Legitimate interests), Art. 6 para. 1 lit. a GDPR (Consent)

What are website builder systems?

We use a website builder for our website. Website builders are a specific type of content management system (CMS). With a website builder, website operators can easily create a website without any programming knowledge. In many cases, web hosting providers also offer website builders. Using a website builder may also result in the collection, storage, and processing of your personal data. This privacy policy provides you with general information about data processing by website builders. You can find more detailed information in the provider's privacy policy.

Why do we use website builder systems for our website?

The biggest advantage of a modular website system is its ease of use. We want to offer you a clear, simple, and user-friendly website that we can easily operate and maintain ourselves – without external support. Modular systems now offer many helpful features that we can use even without programming knowledge. This allows us to design our web presence according to our wishes and provide you with an informative and enjoyable experience on our website.

What data is stored by a modular system?

The exact data stored depends, of course, on the website builder system used. Each provider processes and collects different data from website visitors. However, technical usage information such as operating system, browser, screen resolution, language and keyboard settings, hosting provider, and the date of your website visit are typically collected. Tracking data (e.g., browser activity, clickstream activity, session heatmaps, etc.) may also be processed. Furthermore, personal data may be collected and stored. This usually includes contact information such as email address, telephone number (if you have provided it), IP address, and geographic location data. You can find out exactly which data is stored in the provider's privacy policy.

How long and where will the data be stored?

We will inform you about the duration of data processing below in connection with the website builder system we use, provided we have further information on this. You can find detailed information about this in the provider's privacy policy. Generally, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. The provider may store your data according to their own policies, over which we have no control.

Right to object

You always have the right to access, correct, and delete your personal data. If you have any questions, you can also contact the responsible parties of the website builder system at any time. Contact details can be found either in our privacy policy or on the respective provider's website. You can delete, disable, or manage cookies used by providers for their functions in your browser. Depending on which browser you use, this works differently. Please note, however, that some functions may then no longer work as expected.

Legal basis

We have a legitimate interest in using a website builder to optimize our online service and present it to you efficiently and in a user-friendly manner. The corresponding legal basis for this is Article 6(1)(f) GDPR (legitimate interests). However, we only use the website builder if you have given your consent. If the processing of data is not strictly necessary for the operation of the website, the data will only be processed based on your consent. This applies in particular to tracking activities. The legal basis for this is Article 6(1)(a) GDPR. This privacy policy provides you with the most important general information about data processing. If you would like more detailed information, you can find further details – if available – in the following section or in the provider's privacy policy.

WordPress.com Privacy Policy

WordPress.com Privacy Policy Summary 👥 Affected parties: Website visitors 🤝 Purpose: Optimizing our service 📓 Data processed: Data such as technical usage information like browser activity, clickstream activity, session heatmaps, as well as contact details, IP address, or your geographic location. You can find more details below in this privacy policy. 📅 Storage period: This depends primarily on the type of data stored and the specific settings. ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is WordPress?

We use the well-known content management system WordPress.com for our website. The service provider is the American company Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. Founded in 2003, the company quickly became one of the world's most popular content management systems (CMS). A CMS is software that helps us design our website and present content attractively and in an organized manner. This content can include text, audio, and video. Using WordPress may also result in the collection, storage, and processing of your personal data. Typically, this primarily involves technical data such as your operating system, browser, screen resolution, and hosting provider. However, personal data such as your IP address, geographic location, and contact information may also be processed.

Why do we use WordPress on our website?

We have many strengths, but actual programming isn't one of our core competencies. Nevertheless, we want a high-performing and attractive website that we can manage and maintain ourselves. A website builder or content management system like WordPress makes this possible. With WordPress, we don't need to be programming experts to offer you a beautiful website. Thanks to WordPress, we can operate our website quickly and easily, even without prior technical knowledge. If technical problems arise or we have specific requirements for our website, we always have our specialists who are proficient in HTML, PHP, CSS, and other languages. WordPress's ease of use and comprehensive features allow us to design our web presence according to our wishes and offer you excellent user-friendliness.

What data does WordPress process?

Non-personal data includes technical usage information such as browser activity, clickstream activity, session heatmaps, and data about your computer, operating system, browser, screen resolution, language and keyboard settings, internet service provider, and the date of your visit. Personal data is also collected. This primarily includes contact information (email address or phone number, if provided), IP address, and your geographic location. WordPress may also use cookies to collect data, often about your behavior on our website. For example, it can track which subpages you visit most frequently, how long you stay on individual pages, when you leave a page (bounce rate), and your preferences (e.g., language selection). Based on this data, WordPress can better tailor its marketing efforts to your interests and user behavior. Consequently, the next time you visit our website, it will be displayed according to your previous settings. WordPress can also use technologies such as pixel tags (web beacons) to, for example, clearly identify you as a user and potentially offer interest-based advertising.

How long and where will the data be stored?

How long data is stored depends on various factors. It primarily depends on the type of data stored and the specific website settings. Generally, WordPress deletes data when it is no longer needed for its own purposes. There are, of course, exceptions, especially when legal obligations require longer data retention. Web server logs, which contain your IP address and technical data, are deleted by WordPress and Automattic after 30 days. Automattic uses this data to analyze traffic on its own websites (for example, all WordPress pages) and to troubleshoot potential problems. Deleted content on WordPress websites is also kept in the trash for 30 days to allow for restoration; after that, it may remain in backups and caches until they are deleted. The data is stored on Automattic's servers in the USA.

How can I delete my data or prevent data storage?

You have the right and the ability to access your personal data at any time and to object to its use and processing. You can also lodge a complaint with a supervisory authority at any time. Your browser also allows you to manage, delete, or disable cookies individually. However, please note that disabling or deleting cookies may negatively impact the functionality of our WordPress site. Managing cookies varies slightly depending on the browser you use. In the "Cookies" section, you will find links to instructions for the most common browsers.

Legal basis

If you have consented to the use of WordPress, the legal basis for the corresponding data processing is this consent. According to Article 6(1)(a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data, such as that which may occur during collection by WordPress. We also have a legitimate interest in using WordPress to optimize our online service and present it attractively to you. The corresponding legal basis for this is Article 6(1)(f) GDPR (legitimate interests). However, we only use WordPress if you have given your consent. WordPress, or rather Automattic, also processes your data in the USA. Automattic is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information about this at [link to relevant information]. https://commission.europa.eu/document/
fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.Furthermore, Automattic uses so-called Standard Contractual Clauses (Article 46, paragraphs 2 and 3 of the GDPR). Standard Contractual Clauses (SCCs) are template agreements provided by the European Commission and are designed to ensure that your data complies with European data protection standards even when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Automattic commits to maintaining European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de More details about the privacy policy and what data is processed by WordPress and how can be found on [website address]. https://automattic.com/privacy/.

Blogs and Publication Media Introduction

Blogs and publication media Privacy policy Summary 👥 Affected parties: Website visitors 🤝 Purpose: Presentation and optimization of our service, communication between website visitors, security measures, and administration 📓 Data processed: Data such as contact details, IP address, and published content. More details can be found under the tools used. 📅 Storage period: Depends on the tools used ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests), Art. 6 para. 1 sentence 1 lit. b GDPR (contract)

What are blogs and publication media?

We use blogs and other communication tools on our website to allow us to communicate with you and vice versa. In doing so, we may store and process your data. This may be necessary to ensure proper content display, effective communication, and enhanced security. Our privacy policy provides general information about what data we may process. Specific details regarding data processing always depend on the tools and functions used. You can find detailed information about data processing in the privacy policies of the individual providers.

Why do we use blogs and publication media?

Our primary goal with this website is to offer you interesting and engaging content, and your opinions and contributions are equally important to us. Therefore, we aim to foster a positive and interactive exchange between us and you. Various blogs and publication options allow us to achieve precisely this. For example, you can write comments on our content, respond to other comments, or, in some cases, even create your own posts.

What data is processed?

The exact data processed always depends on the communication functions we use. Very often, IP address, username, and published content are stored. This is primarily done to ensure security, prevent spam, and take action against illegal content. Cookies may also be used for data storage. These are small text files that contain information stored in your browser. You can find more details about the data collected and stored in our individual sections and in the privacy policy of the respective provider.

Duration of data processing

We will inform you about the duration of data processing below, provided we have further information on this. For example, posting and commenting functions store data until you revoke your consent. Generally, personal data is only stored for as long as it is absolutely necessary for the provision of our services.

Right to object

You also have the right and the option to withdraw your consent to the use of cookies or third-party communication tools at any time. This can be done either via our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser. Since publication media may also use cookies, we recommend that you also read our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.

Legal basis

We primarily use communication tools based on our legitimate interests (Art. 6 para. 1 lit. f GDPR) in fast and effective communication with you or other customers, business partners, and visitors. Insofar as the use serves the purpose of processing or initiating contractual relationships, the legal basis is also Art. 6 para. 1 sentence 1 lit. b GDPR. Certain processing activities, in particular the use of cookies and the use of comment or messaging functions, require your consent. If and to the extent that you have consented to the processing and storage of your data by integrated publication media, this consent serves as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). Most of the communication functions we use place cookies in your browser to store data. Therefore, we recommend that you carefully read our privacy policy on cookies and review the privacy statement or cookie policy of the respective service provider. Information on specific tools, if available, can be found in the following sections.

Blog posts and comment functions Privacy policy

There are various online communication tools that we may use on our website. For example, we use blog posts and comment functions. This gives you the opportunity to comment on content or write posts. When you use this function, your IP address may be stored for security reasons. This protects us from illegal content such as insults, unsolicited advertising, or prohibited political propaganda. To determine whether comments are spam, we may also store and process user data based on our legitimate interest. If we launch a survey, we will also store your IP address for the duration of the survey to ensure that all participants only vote once. Cookies may also be used for storage purposes. All data that we store about you (such as content or information about you) will remain stored until you object.

Cookie Consent Management Platform Introduction

Cookie Consent Management Platform Summary 👥 Affected parties: Website visitors 🤝 Purpose: Obtaining and managing consent for certain cookies and thus the use of certain tools 📓 Data processed: Data for managing the configured cookie settings, such as IP address, time of consent, type of consent, and individual consents. More details can be found with the respective tool used. 📅 Storage period: Depends on the tool used; expect retention periods of several years ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is a Cookie Consent Management Platform?

We use a Consent Management Platform (CMP) software on our website to facilitate the correct and secure handling of scripts and cookies for both you and us. The software automatically generates a cookie popup, scans and controls all scripts and cookies, provides you with the legally required cookie consent, and helps us and you maintain an overview of all cookies. Most cookie consent management tools identify and categorize all existing cookies. As a website visitor, you then decide which scripts and cookies you allow or block. The following graphic illustrates the relationship between browser, web server, and CMP.

Why do we use a cookie management tool?

Our goal is to offer you the greatest possible transparency regarding data protection. We are also legally obligated to do so. We want to inform you as thoroughly as possible about all tools and cookies that can store and process your data. It is also your right to decide which cookies you accept and which you do not. To grant you this right, we first need to know exactly which cookies have landed on our website. Thanks to a cookie management tool that regularly scans the website for all existing cookies, we are aware of all cookies and can provide you with GDPR-compliant information about them. You can then accept or reject cookies via the consent system.

What data is processed?

Our cookie management tool allows you to manage each individual cookie yourself and gives you complete control over the storage and processing of your data. Your consent is stored so that we don't have to ask you every time you visit our website and so that we can prove your consent if legally required. This is stored either in an opt-in cookie or on a server. The storage period for your cookie consent varies depending on the provider of the cookie management tool. This data (such as pseudonymous user ID, time of consent, details about the cookie categories or tools, browser, and device information) is usually stored for up to two years.

Duration of data processing

We will inform you about the duration of data processing below, provided we have further information. Generally, we process personal data only as long as it is absolutely necessary for the provision of our services and products. Data stored in cookies is stored for varying lengths of time. Some cookies are deleted as soon as you leave the website, while others can remain stored in your browser for several years. The exact duration of data processing depends on the tool used; you should usually expect a storage period of several years. You can generally find detailed information about the duration of data processing in the respective privacy policies of the individual providers.

Right to object

You also have the right and the option to withdraw your consent to the use of cookies at any time. This can be done either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser. Information on specific cookie management tools, if available, can be found in the following sections.

Legal basis

If you consent to cookies, your personal data will be processed and stored via these cookies. consent (Article 6 paragraph 1 letter a GDPR) If you consent to the use of cookies, this consent also forms the legal basis for the use of cookies and the processing of your data. To manage cookie consent and enable you to grant it, we use cookie consent management platform software. This software allows us to operate the website efficiently and in compliance with the law, which is a legitimate interest (Article 6 paragraph 1 letter f GDPR).

AdSimple Consent Manager Privacy Policy

AdSimple Consent Manager Privacy Policy Summary 👥 Affected parties: Website visitors 🤝 Purpose: Obtaining consent for certain cookies and thus the use of certain tools 📓 Data processed: Data for managing the configured cookie settings, such as IP address, time of consent, type of consent, individual consents. More details can be found further down in this privacy policy 📅 Storage period: The cookie used expires after one year ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is the AdSimple Consent Manager?

We use the AdSimple Consent Manager from the software development and online marketing company AdSimple GmbH, Fabriksgasse 20, 2230 Gänserndorf, on our website. The AdSimple Consent Manager allows us, among other things, to provide you with a comprehensive and GDPR-compliant cookie notice, so you can decide which cookies you allow and which you do not. By using this software, your data is sent to and stored by AdSimple. In this privacy policy, we inform you why we use the AdSimple Consent Manager, what data is transferred and stored, and how you can prevent this data transfer. The AdSimple Consent Manager is software that scans our website and identifies and categorizes all existing cookies. Furthermore, as a website visitor, you are informed about the use of cookies via a cookie notice script and can decide for yourself which cookies you allow and which you do not.

Why do we use the AdSimple Consent Manager on our website?

We want to offer you maximum transparency regarding data protection. To ensure this, we first need to know exactly which cookies have landed on our website over time. Because AdSimple's Consent Manager regularly scans our website and identifies all cookies, we have full control over these cookies and can therefore act in compliance with the GDPR. This allows us to inform you precisely about the use of cookies on our website. Furthermore, you will always receive an up-to-date and GDPR-compliant cookie notice and can decide for yourself, via a checkbox system, which cookies you accept or block.

What data is stored by the AdSimple Consent Manager?

If you consent to cookies on our website, the following cookie will be set by the AdSimple Consent Manager: Name: acm_status Value: “:true,”statistics”:true,”marketing”:true,
”socialmedia”:true,”settings”:true} Purpose of use: This cookie stores your consent status. This allows our website to read and follow your current status on future visits. Expiry date: after one year

How long and where will the data be stored?

All data collected by the AdSimple Consent Manager is transferred and stored exclusively within the European Union. The collected data is stored on AdSimple's servers at Hetzner GmbH in Germany. Only AdSimple GmbH and Hetzner GmbH have access to this data.

How can I delete my data or prevent data storage?

You have the right to access and delete your personal data at any time. You can prevent data collection and storage, for example, by rejecting the use of cookies via the cookie notice script. Your browser also offers another way to prevent data processing or manage it according to your preferences. Cookie management works slightly differently depending on the browser. In the "Cookies" section, you will find links to the instructions for the most common browsers.

Legal basis

If you consent to cookies, your personal data will be processed and stored via these cookies. consent (Article 6 paragraph 1 letter a GDPR) If you are permitted to use cookies, this consent also serves as the legal basis for the use of cookies and the processing of your data. To manage cookie consent and enable you to grant it, we use the AdSimple Consent Manager. The use of this software allows us to operate the website efficiently and in compliance with the law, which is a legitimate interest (Article 6 paragraph 1 letter f GDPR). We hope we have provided you with a good overview of the data traffic and data processing by the AdSimple Consent Manager. If you would like to learn more about this tool, we recommend the description page on https://www.adsimple.at/consent-manager/.

Online Map Services Introduction

Online map services privacy policy summary 👥 Affected parties: Website visitors 🤝 Purpose: Improving user experience 📓 Data processed: The data processed depends heavily on the services used. This usually includes IP address, location data, search terms, and/or technical data. More details can be found with the respective tools used. 📅 Storage period: Depends on the tools used ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What are online map services?

We also use online map services as an enhanced service on our website. Google Maps is probably the service you're most familiar with, but there are other providers that specialize in creating digital maps. These services allow you to display locations, route plans, or other geographical information directly on our website. With an integrated map service, you no longer need to leave our website to, for example, view directions to a location. Map sections are embedded using HTML code to enable the online map to function on our website. These services can then display road maps, the Earth's surface, or aerial and satellite images. When you use the embedded map service, data is also transferred to and stored by the tool used. This data may include personal data.

Why do we use online map services on our website?

Generally speaking, our goal is to provide you with a pleasant experience on our website. And your time is only truly enjoyable if you can easily navigate our site and find all the information you need quickly and easily. Therefore, we thought an online map system could significantly improve our website service. Without leaving our website, you can easily view directions, locations, or points of interest using the map system. It's also incredibly convenient that you can see at a glance where our company headquarters are located, ensuring you can find us quickly and easily. As you can see, there are many advantages, and we clearly consider online map services on our website to be part of our customer service.

What data do online map services store?

When you open a page on our website that includes an online map function, personal data may be transmitted to and stored by the respective service. This usually includes your IP address, which can also be used to determine your approximate location. In addition to the IP address, data such as entered search terms and latitude and longitude coordinates are also stored. If you enter an address for route planning, this data will also be saved. The data is not stored on our servers, but on the servers of the integrated tools. You can think of it like this: you are on our website, but when you interact with a map service, this interaction actually takes place on their website. For the service to function correctly, at least one cookie is usually placed in your browser. Google Maps, for example, also uses cookies to record user behavior in order to optimize its own service and display personalized advertising. You can learn more about cookies in our "Cookies" section.

How long and where will the data be stored?

Each online map service processes different user data. If we have further information, we will inform you about the duration of data processing in the corresponding sections for each tool below. Generally, personal data is only stored for as long as necessary to provide the service. Google Maps, for example, stores certain data for a specific period, while you must delete other data yourself. Mapbox, for instance, stores the IP address for 30 days and then deletes it. As you can see, each tool stores data for a different length of time. Therefore, we recommend that you carefully review the privacy policies of the tools used. The providers also use cookies to store data about your user behavior with the map service. You can find more general information about cookies in our "Cookies" section, and you can also find out which cookies may be used in the privacy policies of the individual providers. However, these are usually only exemplary lists and are not exhaustive.

Right to object

You always have the option and the right to access your personal data and to object to its use and processing. You can also revoke your consent at any time. This is usually easiest via the cookie consent tool. However, there are other opt-out tools you can use. You can also manage, delete, or disable cookies set by the providers you use with just a few clicks. However, this may result in some service functions no longer working as expected. How you manage cookies in your browser depends on the browser you are using. In the "Cookies" section, you will also find links to instructions for the most common browsers.

Legal basis

If you have consented to the use of an online map service, the legal basis for the corresponding data processing is this consent. According to Article 6(1)(a) GDPR (consent), this consent constitutes the legal basis for processing personal data, such as that collected by an online map service. We also have a legitimate interest in using an online map service to optimize our website. The corresponding legal basis for this is Article 6(1)(f) GDPR (legitimate interests). However, we only ever use an online map service if you have given your consent. We want to emphasize this point again here. Information on specific online map services, if available, can be found in the following sections.

Google Maps Privacy Policy

Google Maps Privacy Policy Summary 👥 Affected parties: Website visitors 🤝 Purpose: Optimizing our service 📓 Data processed: Data such as entered search terms, your IP address, and latitude/longitude coordinates. More details can be found below in this privacy policy. 📅 Storage period: Depends on the stored data ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is Google Maps?

We use Google Maps from Google Inc. on our website. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services. Google Maps allows us to show you locations more effectively and thus tailor our service to your needs. By using Google Maps, data is transferred to Google and stored on Google's servers. Here, we would like to explain in more detail what Google Maps is, why we use this Google service, what data is stored, and how you can prevent this. Google Maps is an online mapping service from Google. With Google Maps, you can search for the exact locations of cities, landmarks, accommodations, or businesses online via a PC, tablet, or app. If businesses are listed on Google My Business, additional information about the company is displayed alongside the location. To show directions, map snippets of a location can be embedded into a website using HTML code. Google Maps displays the Earth's surface as a road map or as an aerial or satellite image. Thanks to Street View images and high-quality satellite images, very accurate representations are possible.

Why do we use Google Maps on our website?

All our efforts on this page aim to provide you with a useful and meaningful experience on our website. By integrating Google Maps, we can provide you with essential information about our various locations. You can see at a glance where our company headquarters are located. The directions always show you the best and fastest way to reach us. You can access directions for routes by car, public transport, on foot, or by bicycle. For us, providing Google Maps is part of our customer service.

What data does Google Maps store?

In order for Google Maps to fully offer its service, the company needs to collect and store data from you. This includes, among other things, the search terms you enter, your IP address, and your latitude and longitude coordinates. If you use the route planner function, the starting address you enter will also be saved. This data storage, however, takes place on Google Maps' websites. We can only inform you about this, but we have no control over it. Because we have integrated Google Maps into our website, Google places at least one cookie (name: NID) in your browser. This cookie stores data about your user behavior. Google primarily uses this data to optimize its own services and to provide you with individual, personalized advertising. The following cookie is set in your browser due to the integration of Google Maps: Name: NID Value: 188=h26c1Ktha7fCQTx8rXgLyATy
ITJ113050238-5 Purpose of use: NID is used by Google to personalize ads based on your Google searches. With the help of this cookie, Google "remembers" your most frequent search queries or your previous interactions with ads. This ensures you always receive tailored advertisements. The cookie contains a unique ID that Google uses to collect your personal preferences for advertising purposes. Expiry date: after 6 months Note: We cannot guarantee the completeness of the stored data. Changes are always possible, especially when using cookies. To identify the NID cookie, a separate test page was created that only included Google Maps.

How long and where will the data be stored?

Google's servers are located in data centers around the world. However, most servers are in America. Therefore, your data is also primarily stored in the USA. Here you can find detailed information about the locations of Google's data centers: https://datacenters.google/ Google distributes data across various storage devices. This makes the data faster to access and better protected against potential manipulation attempts. Each data center also has specific emergency protocols. For example, if there are problems with Google hardware or a natural disaster cripples the servers, the data remains quite secure. Google stores some data for a fixed period. For other data, Google only offers the option to delete it manually. Furthermore, the company anonymizes information (such as advertising data) in server logs by deleting part of the IP address and cookie information after 9 or 18 months.

How can I delete my data or prevent data storage?

With the automatic deletion feature for location and activity data introduced in 2019, information about your location and web/app activity is stored for either 3 or 18 months, depending on your choice, and then deleted. You can also manually delete this data from your history at any time via your Google account. If you want to completely prevent location tracking, you need to pause the "Web & App Activity" section in your Google account. Click on "Data & Personalization" and then on the "Activity controls" option. Here you can turn activities on or off. You can also disable, delete, or manage individual cookies in your browser. The process varies slightly depending on which browser you use. In the "Cookies" section, you will find links to the instructions for the most popular browsers. If you generally don't want any cookies, you can configure your browser to always notify you when a cookie is about to be set. This allows you to decide whether to allow each individual cookie.

Legal basis

If you have consented to the use of Google Maps, the legal basis for the corresponding data processing is this consent. According to... Article 6 paragraph 1 letter a GDPR (consent) This constitutes the legal basis for the processing of personal data, such as that which may occur when collected by Google Maps. We also have a legitimate interest in using Google Maps to optimize our online service. The corresponding legal basis for this is... Article 6 paragraph 1 letter f GDPR (Legitimate interests). We only use Google Maps if you have given your consent. Google also processes your data in the USA, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. You can find more information about this at [link to Google Maps]. https://commission.europa.eu/document/
fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.Furthermore, Google uses so-called Standard Contractual Clauses (Article 46, paragraphs 2 and 3 of the GDPR). Standard Contractual Clauses (SCCs) are model clauses provided by the European Commission and are designed to ensure that your data complies with European data protection standards even when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google commits to maintaining European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de The Google Ads Data Processing Terms, which refer to the Standard Contractual Clauses, can be found at https://business.safety.google/intl/de/
adsprocessorterms/.If you would like to learn more about Google's data processing practices, we recommend that you consult the company's own privacy policy at [link to privacy policy]. https://policies.google.com/privacy?hl=de.

Explanation of terms used

We always strive to make our privacy policy as clear and understandable as possible. However, this isn't always easy, especially when dealing with technical and legal topics. It often makes sense to use legal terms (such as personal data) or certain technical expressions (such as cookies, IP address). However, we don't want to use these without explanation. Below you will find an alphabetical list of important terms used that we may not have adequately addressed in the previous privacy policy. If these terms are taken from the GDPR and are definitions, we will also include the GDPR texts here and, where necessary, add our own explanations.

Data processor

Definition of terms according to Article 4 of the GDPR For the purposes of this Regulation, the term means:

„Data processor“ a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

Explanation: As a company and website owner, we are responsible for all data we process from you. In addition to the data controller, there may also be so-called data processors. This includes any company or individual who processes personal data on our behalf. Data processors can therefore include, besides service providers such as tax advisors, hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.

consent

Definition of terms according to Article 4 of the GDPR For the purposes of this Regulation, the term means:

„"Consent"“ any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

Explanation: Websites typically obtain such consent via a cookie consent tool. You're probably familiar with this. Whenever you visit a website for the first time, you're usually asked via a banner whether you agree to or consent to data processing. In most cases, you can also adjust your settings and thus decide for yourself which data processing you allow and which you don't. If you don't consent, no personal data may be processed. Of course, consent can also be given in writing, i.e., not via a tool.

Personal data

Definition of terms according to Article 4 of the GDPR For the purposes of this Regulation, the term means:

„personal data“ all information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Explanation: Personal data is therefore any data that can identify you as an individual. This typically includes data such as:

• name
• address
• E-mail address
• Postal address
• Telephone number
• birth date
• Identification numbers such as social security number, tax identification number, identity card number or matriculation number
• Bank details such as account number, credit information, account balances, etc.

According to the European Court of Justice (ECJ), yours also counts. IP address in relation to personal data. IT experts can use your IP address to determine at least the approximate location of your device and, consequently, you as the internet connection owner. Therefore, storing an IP address also requires a legal basis under the GDPR. There are also so-called... „"special categories"“ personal data, which is also particularly worthy of protection. This includes:

• racial and ethnic origin
• political opinions
• religious or philosophical beliefs
• union membership
• genetic data, such as data obtained from blood or saliva samples
• Biometric data (that is, information about psychological, physical, or behavioral characteristics that can identify a person). Health data
• Data on sexual orientation or sex life

Profiling

Definition of terms according to Article 4 of the GDPR For the purposes of this Regulation, the term means:

„Profiling“ any type of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements;

Explanation: Profiling involves gathering various pieces of information about a person to learn more about them. In the online world, profiling is frequently used for advertising purposes or credit checks. Web analytics programs, for example, collect data about your behavior and interests on a website. This results in a specific user profile, which can then be used to target advertising to a specific audience.

Responsible

Definition of terms according to Article 4 of the GDPR For the purposes of this Regulation, the term means:

„"Person in charge"“ the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for by Union or Member State law;

Explanation: In our case, we are responsible for processing your personal data and are therefore the “controller”. If we transfer collected data to other service providers for processing, these are “processors”. A “data processing agreement (DPA)” must be signed for this.

processing

Definition of terms according to Article 4 of the GDPR For the purposes of this Regulation, the term means:

„"Processing"“ any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Note: When we refer to processing in our privacy policy, we mean any type of data processing. As mentioned above in the original GDPR statement, this includes not only the collection but also the storage and processing of data. All texts are protected by copyright. Source: Privacy Policy Created with the privacy policy generator for Austria by AdSimple