Imprint

Content Responsibility

Paula Bründl 
Bergstraße 11 
5700 Zell am See
Austria

VAT ID: ATU80753908

Disclaimer

Liability for Content: 

As a service provider, we are responsible for our own content on these pages in accordance with § 7 (1) TMG and general laws. However, under §§ 8 to 10 TMG, we are not obligated to monitor transmitted or stored external information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information under general laws remain unaffected. Liability is only possible from the point at which we become aware of a specific legal infringement. Upon becoming aware of such violations, we will promptly remove the relevant content.

Liability for Links: 

Our offer contains links to external third-party websites, over which we have no control. Therefore, we cannot assume any responsibility for these external contents. The respective provider or operator of the linked pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal content was not identifiable at the time of linking. However, continuous monitoring of the linked pages without concrete evidence of a legal violation is not reasonable. Upon becoming aware of legal violations, we will promptly remove such links.

Copyright: 

The content and works created by the site operators on these pages are subject to Austrian copyright law. Reproduction, editing, distribution, and any form of exploitation outside the limits of copyright require the written consent of the respective author or creator. Downloads and copies of this page are only permitted for private, non-commercial use. As far as the contents on this site are not created by the operator, the copyrights of third parties are observed. In particular, third-party content is marked as such. If you become aware of a copyright infringement, please notify us accordingly. Upon becoming aware of such infringements, we will promptly remove the content.

Privacy Policy

INTRODUCTION AND OVERVIEW

We have drafted this Privacy Policy (version 09.07.2024-122829690) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (referred to as "data" hereafter) we, as the data controller – and our contracted processors (e.g., service providers) – process, will process in the future, and what lawful options you have. The terms used are to be understood in a gender-neutral sense.
In brief: We provide comprehensive information about the data we process about you.
Privacy policies often sound very technical and use legal jargon. However, this Privacy Policy aims to describe the most important aspects as simply and transparently as possible. To enhance transparency, technical terms will be explained in a reader-friendly manner, links to further information will be provided, and graphics will be used. We aim to clearly and simply inform you that we only process personal data in the course of our business activities when there is a corresponding legal basis. This is not feasible with brief, vague, and legally-technical explanations, which are often the standard on the internet concerning data protection. We hope you find the following explanations interesting and informative, and perhaps there is some information here that you did not know before.
If you still have questions, please contact the responsible party mentioned below or in the imprint, follow the provided links, and view additional information on third-party sites. You will also find our contact details in the imprint.

SCOPE OF APPLICATION

This Privacy Policy applies to all personal data processed by us within the company and to all personal data processed by companies we engage (processors). By personal data, we mean information within the meaning of Art. 4 No. 1 GDPR, such as a person's name, email address, and postal address. The processing of personal data enables us to offer and bill for our services and products, whether online or offline. The scope of this Privacy Policy includes:

All online presences (websites, online shops) operated by us
Social media presences and email communication
Mobile apps for smartphones and other devices

In short: The Privacy Policy applies to all areas where personal data is systematically processed within the company via the aforementioned channels. Should we enter into legal relationships with you outside these channels, we will inform you separately if necessary.

LEGAL BASES

In the following Privacy Policy, we provide transparent information about the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation, that allow us to process personal data.
Regarding EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can read this GDPR online at EUR-Lex, the access to EU law, at EUR-Lex GDPR.
We process your data only if at least one of the following conditions applies:
Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you entered in a contact form.
Contract (Article 6(1)(b) GDPR): We process your data to fulfill a contract or pre-contractual obligations with you. For instance, if we enter into a purchase contract with you, we need personal information in advance.
Legal Obligation (Article 6(1)(c) GDPR): We process your data if we are subject to a legal obligation. For example, we are legally required to retain invoices for accounting purposes, which usually contain personal data.
Legitimate Interests (Article 6(1)(f) GDPR): We process personal data for legitimate interests that do not override your fundamental rights. For instance, we need to process certain data to operate our website securely and efficiently. This processing is thus a legitimate interest.
Additional conditions such as the performance of tasks carried out in the public interest and the exercise of official authority or protection of vital interests do not typically apply to us. If such a legal basis is applicable, it will be specified in the relevant section.
In addition to the EU Regulation, national laws also apply:

In Austria, this is the Federal Act on the Protection of Natural Persons in the Processing of Personal Data (Data Protection Act), abbreviated DSG.
In Germany, it is the Federal Data Protection Act (BDSG).

If further regional or national laws apply, we will inform you about them in the following sections.

CONTACT DETAILS OF THE DATA CONTROLLER

If you have any questions about data protection or the processing of personal data, you can contact the responsible person or entity at the following details:
Paula Bründl 
Bergstraße 11 
5700 Zell am See 
Austria

DATA RETENTION

We retain personal data only as long as necessary to provide our services and products. This means we delete personal data as soon as the reason for processing it no longer exists. In some cases, we are legally required to retain certain data even after the original purpose has been fulfilled, for example, for accounting purposes.
If you wish to have your data deleted or withdraw your consent to data processing, we will delete the data as quickly as possible, provided there is no legal obligation to retain it.
We will provide further details about the specific duration of data processing below if we have additional information on this.

RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION

According to Articles 13 and 14 GDPR, we inform you about the following rights you have to ensure fair and transparent data processing:
Right to Access (Article 15 GDPR): You have the right to know whether we process data about you. If so, you have the right to receive a copy of the data and to be informed about the following:

The purpose of the processing;
The categories, i.e., types of data being processed;
Who receives this data and, if the data is transferred to third countries, how the security of this transfer is ensured;
The period for which the data will be stored;
The existence of the right to rectification, deletion, or restriction of processing, and the right to object to processing;
The possibility to lodge a complaint with a supervisory authority (links to these authorities are provided below);
The source of the data if we did not collect it from you;

Whether profiling is conducted, i.e., if data is evaluated automatically to create a personal profile of you.

Right to Rectification (Article 16 GDPR): You have the right to request that we correct any inaccurate data.

Right to Erasure (Article 17 GDPR): Also known as the "right to be forgotten," you have the right to request the deletion of your data.

Right to Restriction of Processing (Article 18 GDPR): You have the right to request that we restrict the processing of your data, meaning that we can only store the data but not use it further.

Right to Data Portability (Article 20 GDPR): You have the right to request that we provide your data to you in a commonly used format.

Right to Object (Article 21 GDPR): You have the right to object to the processing of your data, which may lead to changes in the processing.
If the processing of your data is based on Article 6(1)(e) (public interest or exercise of official authority) or Article 6(1)(f) (legitimate interests), you can object to the processing. We will then review as quickly as possible whether we can comply with this objection legally.

If data is used for direct marketing, you can object at any time to this type of data processing. We will then no longer use your data for direct marketing.

If data is used for profiling, you can object at any time to this type of data processing. We will then no longer use your data for profiling.

Right Not to Be Subject to Automated Decision-Making (Article 22 GDPR): You may have the right not to be subject to a decision based solely on automated processing (e.g., profiling).
Right to Lodge a Complaint (Article 77 GDPR): You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.

In short: You have rights – do not hesitate to contact the responsible party listed above!
If you believe that the processing of your data violates data protection law or if your data protection rights have been otherwise infringed, you can file a complaint with the supervisory authority. For Austria, the relevant authority is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/. In Germany, each federal state has a data protection officer. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The relevant local data protection authority for our company is:

AUSTRIAN DATA PROTECTION AUTHORITY

Head: Dr. Matthias Schmidl Address: Barichgasse 40-42, 1030 Vienna Phone: +43 1 52 152-0 Email: dsb@dsb.gv.at Website: https://www.dsb.gv.at/

DATA SECURITY

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. This makes it as difficult as possible for third parties to deduce personal information from our data.
Article 25 GDPR refers to "data protection by design and by default," which means incorporating security into both software (e.g., forms) and hardware (e.g., server room access). We will outline specific measures where necessary.

TLS ENCRYPTION WITH HTTPS

TLS, encryption, and HTTPS sound very technical—and they are. We use HTTPS (Hypertext Transfer Protocol Secure) to securely transmit data over the internet. This means that the entire transfer of data from your browser to our web server is protected—no one can "eavesdrop."
This adds an extra layer of security and fulfills the data protection by design requirement (Article 25(1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the internet, we ensure the protection of confidential data.
You can recognize this secure data transmission by the small lock symbol on the upper left of your browser, next to the web address (e.g., examplepage.com), and the use of HTTPS (instead of HTTP) as part of our web address.
If you want to learn more about encryption, we recommend searching Google for "Hypertext Transfer Protocol Secure wiki" to find useful links to further information.

COMMUNICATION

When you contact us by phone, email, or online form, personal data may be processed.
The data will be processed for handling and responding to your inquiry and related business transactions. Data will be stored as long as necessary for the purpose and as required by law.
Affected Parties
All individuals contacting us via the provided communication channels are affected by the following processes.
Phone
When you call us, the call data is pseudonymized and stored on the respective device and with the telecommunications provider used. Additionally, data such as name and phone number may be sent via email and stored for responding to the inquiry. Data is deleted once the business case is completed and legal requirements allow.
Email
When you communicate with us via email, data may be stored on the respective device (computer, laptop, smartphone, etc.) and on the email server. Data is deleted once the business case is completed and legal requirements allow.
Online Forms
When you communicate with us via an online form, data is stored on our web server and may be forwarded to an email address of ours. Data is deleted once the business case is completed and legal requirements allow.

LEGAL BASIS

The processing of data is based on the following legal grounds:
Article 6(1)(a) GDPR (Consent): You give us consent to store and further process your data for purposes related to the business case.
Article 6(1)(b) GDPR (Contract): Data processing is necessary for the performance of a contract with you or a data processor (e.g., telephone provider), or for pre-contractual activities, such as preparing an offer.
Article 6(1)(f) GDPR (Legitimate Interests): We aim to handle customer inquiries and business communication in a professional manner. Technical facilities such as email programs, Exchange servers, and mobile network operators are necessary to efficiently manage communication.

All texts are copyrighted.
Source: Created with the Privacy Generator Austria by AdSimple