Data privacy statement
We take data protection very seriously. On this page, you will find out more about how we use and process your personal data.
We only process your data according to the Austrian and European legal stipulations (particularly the General Data Protection Regulation, Data Protection Act of 2018, Telecommunications Act of 2003).
2. Data protection officer
Our data protection officer in the sense of 4 No. 7, GDPR. is
1050 Vienna, Gassergasse 23
Phone: +43 664 25 66 520
3. Legal basis
We only process personal data in compliance with the GDPR, and we abide by all data protection and civil law stipulations. We process personal data only if necessary for fulfilling legal and contractual obligations (e.g. billing, issue of vouchers ordered using the order form), for our own legitimate interests (e.g. direct mailing), or upon client’s agreement (e.g. newsletter).
4. Order form, personal data
We process the following personal data provided by our clients:
- E-Mail address,
- Telephone number (not obligatory),
- Credit card information
- Information about ordered goods (vouchers)
We process personal data to fulfill our part of contracts and to carry out pre-contractual measures, i.e. processing client’s orders including customer services and billing.
We process data according to Art 6 para 1 lit b, GDPR (performance of contract).
5. Transfer of personal data to recipient
We ask data processors to take care of our website. In the course of their activities, they may get access to your personal data if they need it to fulfill their tasks. We have obliged these data processors to abide by data protection regulations. We signed data processing agreements with them according to Art 28, GDPR. If you need any further information about our data processors, please contact us at firstname.lastname@example.org.
We do not disclose your data to third parties unless necessary and only on the basis of legal regulations. This may be the case if
it is necessary for performing a contract (e.g. credit card payment: We transfer your data to the processing bank)
there are legal requirements (e.g. we transfer your data to our tax consultant to fulfill our obligations according to tax law)
we have a legitimate interest (e.g. we transfer your data to our lawyers or courts to collect your debts if you fail to pay)
you have given us authorization (e.g. we send newsletters to you).
We only transfer your personal data within the EU and to countries the European Commission regards as having a reasonable level of data protection, or we take measures to make sure that all recipients have a reasonable level of data protection.
6. Agreement and right of revocation
If we need your agreement for processing your data, we will only start processing once you have expressly agreed.
You can always revoke your agreement by writing an e-mail to email@example.com. In this case, all data we have about you will be deleted or anonymized and will only be used for statistics not referring to actual persons. Such revocation, however, will not affect the legality of data processing prior to the date of revocation.
If you get direct mailings from us (e.g. e-mails for listed customers to advertise our products and services) based on our legitimate interest, you may also exercise your right of revocation anytime to stop us from processing your personal data for the purpose of such advertisements. If you do not want us to process your data for direct mailings, your personal data will not be processed for such purpose any more. Please send an e-mail with your revocation to firstname.lastname@example.org.
As a rule, we do not process data of minors. If you give us your personal data (e.g. if you order a voucher), you confirm that you are 14 years of age or older or that you are acting with your legal guardian’s consent.
7. Notification of data leaks
We do all we can to avoid data leaks and, if they happened, to find them early and notify you and the competent authority of the affected categories.
8. Data storage
We will not store data any longer than necessary to fulfill our contractual and legal obligations and to process any claims.
We process your data as necessary for as long as we have a business relationship plus the legal storage and documentation periods as e.g. stipulated in the Austrian Company Act (UGB), the Austrian Federal Fees and Duties Act (BAO), periods of limitation according to Austrian civil law, and until any legal disputes have been settled.
If you have agreed to us processing your data, we will delete them if you revoke your agreement. This, however, will not affect the legality of data processed prior to revocation.
9. Data security
We protect your personal data by applying appropriate organizational and technical safety measures. Such measures particularly refer to protection from unauthorized, illegal or random access, processing, loss, use and manipulation. Our safety measures will be consistently updated according to technical developments.
10. Your rights
You have the right to get information about your personal data any time. If we are not obliged by law to store the data, you have the right to request that your data be deleted and to disagree with us processing them. Moreover, you have the right to correct your data, and to limit data processing and transfer. You also have the right to complain to the Austrian Data Protection Office (Österreichische Datenschutzbehörde, Wickenburggasse 8-10, A-1080 Wien, e-mail: email@example.com).
For information about your rights, please write an e-mail to firstname.lastname@example.org or write a letter to:
1050 Wien, Gassergasse 23
If you write to us, please include a copy of your photo ID so that we can check your identity.