PRIVACY STATEMENT

According to the provisions of the DSGVO and the Austrian Data Protection Act (DSG), you have the following rights in principle:

• Right to rectification (Article 16 DSGVO)
• Right to cancellation (“right to be forgotten”) (Article 17 DSGVO)
• Right to limitation of processing (Article 18 DSGVO)
• Right of notification – notification obligation in relation to rectification or erasure of personal data or limitation of processing (Article 19 DSGVO)
• Right to data transferability (Article 20 DSGVO)
• Right of objection (Article 21 DSGVO)
• Right not to be subject to a decision based exclusively on automated processing, including profiling (Article 22 DS Block Exemption Regulation)

If you believe that the processing of your data violates the data protection law or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority, which in Austria is the data protection authority, whose website you can find at https://www.dsb.gv.at/ .

Personal data that you provide to us electronically on this website, such as your name, e-mail address, address or other personal information when submitting a form or comment in the blog, will be used by us together with the time and IP address only for the purpose stated, kept secure and will not be disclosed to third parties.

We therefore use your personal data only for communication with visitors who expressly wish to contact us and for the processing of the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out the possibility that this data may be viewed in the event of unlawful conduct.

If you send us personal data by e-mail – i.e. outside of this website – we cannot guarantee the secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by e-mail.

According to Article 6 paragraph 1 a DSGVO (lawfulness of processing), the legal basis is that you give us your consent to process the data you have entered. You can revoke this consent at any time – an informal e-mail is sufficient, you will find our contact details in the imprint.

When you visit websites today, certain information is automatically generated and stored, including on this website.

When you visit our website as you are doing now, our web server (computer on which this website is stored) automatically stores data such as

• the address (URL) of the called web page
• Browser and browser version
• the operating system
• the address (URL) of the previously visited page (referrer URL)
• the host name and IP address of the device from which it is accessed
• Date and time

in files (web server log files).

Web server log files are usually stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed in the event of unlawful conduct.

According to Article 6 paragraph 1 f DSGVO (lawfulness of processing), the legal basis is that there is a legitimate interest in enabling the error-free operation of this website by recording web server log files.

Our website uses HTTP cookies to store user-specific data.

Below we explain what cookies are and why they are used to help you better understand the following privacy statement.

What exactly are cookies?

Whenever you surf the Internet, use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most Web pages store small text files in your browser. These files are called cookies.

One thing cannot be dismissed: Cookies are really useful helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, since there are also other cookies for other applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more additional attributes must be specified.

Cookies store certain user data from you, such as language or personal page settings. When you return to our site, your browser sends the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you your usual standard settings. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

There are both first-party and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner sites (such as Google Analytics). Each cookie is unique because each cookie stores different information. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies also cannot access information on your PC.

For example, cookie data may look like this:

• Name: _ga
• Expiry time: 2 years
• Use: Differentiation of website visitors
• Example value: GA1.2.1326744211.152211097727

A browser should support the following minimum sizes:

• A cookie should contain at least 4096 bytes.
• At least 50 cookies should be stored per domain.
• A total of at least 3000 cookies should be stored.

What types of cookies are there?

The question which cookies we use in particular depends on the services used and is clarified in the following sections of the Privacy Policy. At this point we would like to briefly explain the different types of HTTP cookies.

There are 4 types of cookies:

• Absolutely necessary cookies
  These cookies are necessary to ensure the basic functionality of the website. For example, these cookies are needed when a user places a product in the shopping cart, then continues surfing on other pages and later only proceeds to checkout. These cookies do not delete the shopping cart, even if the user closes his browser window.
• Functional cookies
  These cookies collect information about the user behavior and whether the user gets any error messages. In addition, these cookies are used to measure the loading time and the behaviour of the website with different browsers.
• Target-oriented cookies
  These cookies ensure better user friendliness. For example, entered locations, font sizes or form data are stored.
• Advertising cookies
  These cookies are also called targeting cookies. They are used to deliver individually tailored advertising to the user. This can be very practical, but also very annoying.

Usually, when you first visit a website, you are asked which of these cookie types you want to allow. And of course this decision is also stored in a cookie.

How can I delete cookies?

How and whether you want to use cookies is up to you. Regardless of which service or website the cookies originate from, you always have the option of deleting cookies, only partially allowing or deactivating them. For example, you can block third-party cookies, but allow all other cookies.

If you want to determine which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

• Chrome: Delete, enable and manage cookies in Chrome
• Safari: Managing cookies and website data with Safari
• Firefox: Deleting cookies to remove data that websites have stored on your computer
• Internet Explorer: Deleting and managing cookies
• Microsoft Edge: Deleting and managing cookies

If you do not want cookies, you can set your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether to allow the cookie or not. The procedure varies depending on the browser. It is best to search for the instructions in Google using the search term “Delete cookies Chrome” or “Deactivate cookies Chrome” in the case of a Chrome browser or exchange the word “Chrome” for the name of your browser, e.g. Edge, Firefox, Safari.

What about my privacy policy?

Since 2009 there are the so-called “cookie guidelines”. These guidelines state that the storage of cookies requires the consent of the website visitor (i.e. you). Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, this directive was implemented in § 96 (3) of the Telecommunications Act (TKG).

If you want to know more about cookies and do not shy away from technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

On this website we use Google Analytics from Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to statistically evaluate visitor data. Google Analytics uses target-oriented cookies for this purpose.

Cookies from Google Analytics

• _ga
  Expiry time: 2 years
  Use: Differentiation of website visitors
  Example value: GA1.2.1326744211.152211097727
• _gid
  Expiry time: 24 hours
  Use: Differentiation of website visitors
  Example value: GA1.2.1687193234.152211097727
• _gat_gtag_UA_
  Expiration time: 1 minute
  Use: Used to throttle the requirement rate. If Google Analytics is provided through the Google Tag Manager, this cookie is named _dc_gtm_ .
  Sample value: 1

For more information about our terms of use and privacy policy, please visit http://www.google.com/analytics/terms/de.html or https://support.google.com/analytics/answer/6004245?hl=de

Pseudonymisation

Our concern in the sense of the DSGVO is the improvement of our offer and our web appearance. Since the privacy of our users is important to us, the user data is pseudonymised. Data processing is based on the statutory provisions of § 96 Para. 3 TKG and Art. 6 EU-DSGVO Para. 1 lit a (consent) and/or f (legitimate interest) of the DSGVO.

Deactivation of data collection by Google Analytics

The browser add-on to disable Google Analytics JavaScript (ga.js, analytics.js, dc.js) helps website visitors prevent Google Analytics from using their information.

You can prevent Google from collecting the data generated by the cookie and related to your use of the website and Google from processing this data by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de

Google Analytics IP anonymization

We have implemented the IP address anonymization of Google Analytics on this website. This feature was developed by Google to enable this website to comply with applicable data protection laws and the recommendations of local data protection authorities when they prohibit the storage of the full IP address. IP anonymization or masking occurs when IP addresses arrive on the Google Analytics data collection network and before the data is stored or processed.

More information on IP anonymization can be found at https://support.google.com/analytics/answer/2763052?hl=de.

We use Google Maps of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.

By using the functions of this map, data is transferred to Google. You can find out which data is collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/ .

We use Google Fonts of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.

You do not need to login or provide a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google Account, don’t worry that your Google Account information will be transmitted to Google while using Google Fonts. Google collects and stores information about your use of CSS (Cascading Style Sheets) and fonts. We’ll take a closer look at how the data is stored.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is an interactive directory of more than 800 fonts that the Google LLC provides for free use.

Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses. So we can use them freely without paying royalties.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our own website, and don’t have to upload them to our own server. Google Fonts is an important building block to keep the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage especially for use on mobile devices. When you visit our site, the small file size ensures fast loading time. Google Fonts are also known as secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire web pages optically. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all popular browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod).

So we use Google Fonts to make our entire online service as beautiful and consistent as possible. According to Art. 6 para. 1 f lit. F DSGVO, this already represents a “legitimate interest” in the processing of personal data. In this case, the term “legitimate interest” refers to legal as well as economic or ideational interests that are recognised by the legal system.

Which data is stored by Google?

When you visit our website, the fonts are downloaded via a Google server. This external call transmits data to the Google server. In this way, Google also recognises that you or your IP address is visiting our website. The Google Fonts API was developed to reduce the collection, storage and use of end-user information to what is necessary for the efficient delivery of fonts. API also stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests at Google and is therefore protected. Google can determine the popularity of the fonts through the collected usage figures. Google publishes the results on internal analysis pages such as Google Analytics. Google also uses data from its own web crawler to determine which web pages use Google fonts. This data is published in Google Fonts’ BigQuery database. BigQuery is a Google web service for companies that want to move and analyze large amounts of data.

However, it should also be remembered that each Google Font Request also automatically transmits information such as IP address, language settings, browser screen resolution, browser version and browser name to the Google servers. It is not clear whether this data is also stored or not, and Google does not communicate this information unambiguously.

How long and where is the data stored?

Requests for CSS assets are stored by Google for one day on your servers, which are mainly located outside the EU. This allows us to use the fonts using a Google stylesheet. A stylesheet is a style sheet that can be used to quickly and easily change the design or font of a website, for example.

The font files are stored on Google for one year. Google’s goal is to improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and appear immediately on all other websites visited later. Sometimes, Google updates font files to reduce file size, increase language coverage, and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is viewed. To delete this data early, you must contact Google support at https://support.google.com/?hl=de&tid=211097727 In this case, you will only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unrestricted access to all fonts. So we have unlimited access to a sea of fonts and can get the most out of our website. You can find out more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=211097727, where Google discusses privacy issues, but does not really provide detailed information about data retention. It’s relatively difficult (almost impossible) to get really precise information about stored data from Google.

You can also find out which data is basically collected by Google and for what purpose this data is used at https://www.google.com/intl/de/policies/privacy/ .

Our primary goal is to ensure that our website is protected and secure for you and for us in the best possible way. In order to guarantee this, we use Google reCAPTCHA from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). With reCAPTCHA, we can determine if you are a flesh and blood person and not a robot or other spam software. By spam we mean any unsolicited information that we receive electronically. With the classic CAPTCHAS, you usually had to solve text or image puzzles to check them. With reCAPTCHA from Google, we usually don’t have to bother you with such puzzles. In most cases it is enough to simply tick the box and confirm that you are not a bot. With the new Invisible reCAPTCHA version you don’t even have to set a checkmark anymore. You can find out exactly how this works and, above all, which data is used for it in the course of this data protection declaration.

The legal basis for its use is Article 6 (1) f (lawfulness of processing), because there is a legitimate interest in protecting this website from bots and spam software.

What is reCAPTCHA?

reCAPTCHA is a free captcha service from Google that protects websites from spam software and abuse by non-human visitors. This service is most commonly used when you fill out forms on the Internet. A captcha service is an automatic Turing test designed to ensure that an action on the Internet is performed by a human and not by a bot. In the classic Turing test (named after the computer scientist Alan Turing), a human being makes a distinction between a bot and a human being. With Captchas, this is also done by the computer or a software program. Classic captchas work with small tasks that are easy for humans to solve, but have considerable difficulties for machines. With reCAPTCHA you don’t have to actively solve any more puzzles. The tool uses modern risk techniques to distinguish people from bots. Here you only have to tick the text field “I am not a robot” or with Invisible reCAPTCHA even this is no longer necessary. With reCAPTCHA a JavaScript element is integrated into the source code and then the tool runs in the background and analyzes your user behavior. From these user actions, the software calculates a so-called captcha score. Google uses this score to calculate how high the probability is that you are a human being even before captcha input. ReCAPTCHA or captchas in general are always used when bots could manipulate or abuse certain actions (e.g. registrations, surveys, etc.).

Why do we use reCAPTCHA on our website?

We only want to welcome people of flesh and blood on our site. Bots or spam software of all kinds can stay at home. That’s why we do everything we can to protect ourselves and offer you the best possible usability. That’s why we use Google reCAPTCHA from Google. So we can be pretty sure that we will remain a “bot-free” website. By using reCAPTCHA, data is transmitted to Google, which uses Google to determine whether you are really a human being. reCAPTCHA therefore serves the security of our website and consequently also your security. For example, without reCAPTCHA it could happen that during registration a bot registers as many e-mail addresses as possible in order to subsequently “spam” forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.

Which data is stored by reCAPTCHA?

ReCAPTCHA collects personal data from users in order to determine whether the actions on our website really originate from people. This means that the IP address and other data required by Google for the reCAPTCHA service can be sent to Google. IP addresses are almost always truncated before they land on a server in the U.S. within the member states of the EU or other signatory states to the European Economic Area Agreement. The IP address will not be combined with any other data held by Google unless you are signed in to your Google Account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed on your browser. Then reCAPTCHA places an additional cookie in your browser and captures a snapshot of your browser window.

The following list of collected browser and user data is not exhaustive. Rather, they are examples of data which, according to our knowledge, are processed by Google.

• Referrer URL (the address of the page from which the visitor comes)
• IP address (e.g. 256.123.123.1)
• Information about the operating system (the software that allows you to run your computer). Known operating systems are Windows, Mac OS X or Linux.)
• Cookies (small text files that store data in your browser)
• Mouse and keyboard behavior (every action you perform with the mouse or keyboard is saved)
• Date and language settings (which language or which date you have preset on your PC is saved)
• All Javascript objects (JavaScript is a programming language that allows websites to adapt to the user. JavaScript objects can collect all possible data under one name.)
• Screen resolution (shows how many pixels the image consists of)

There’s no doubt that Google uses and analyzes this data before you click the “I’m not a robot” check mark. With the Invisible reCAPTCHA version even the ticking is omitted and the whole recognition process runs in the background. How much and which data Google stores exactly, you don’t get to know from Google in detail.

The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version of Google at https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google has set on the reCAPTCHA demo version:

Name: IDE
Expiry time: after one year
Use: This cookie is used by the company DoubleClick (also owned by Google) to register and report a user’s actions on the website in connection with advertisements. In this way, the advertising effectiveness can be measured and appropriate optimisation measures can be taken. IDE is stored in browsers under the domain doubleclick.net.
Example value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-211097727

Name: 1P_JAR
Expiry time: after one month
Use: This cookie collects website usage statistics and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant advertisements to users. The cookie can also be used to prevent a user from seeing the same ad more than once.
Example value: 2019-5-14-12

Name: ANID
Expiry time: after 9 months
Use: We could not get much information about this cookie. Google’s Privacy Policy mentions the cookie in connection with “promotional cookies,” such as “DSID,” “FLC,” “AID,” “TAID. ANID is stored under the domain google.com.
Example value: U7j1v3dZa2110977270xgZFmiqWppRWKOr

Name: CONSENT
Expiry time: after 19 years
Use: The cookie stores the status of a user’s consent to the use of different Google services. CONSENT also provides security to help verify users, prevent fraudulent logon information, and protect user information from unauthorized attacks.
Example value: YES+AT.de+20150628-20-0

Name: NID
Expiry time: after 6 months
Use: NID is used by Google to match ads to your Google search. The cookie helps Google “remember” your most frequently-entered searches or your past interaction with ads. You’ll always get customized ads. The cookie contains a unique ID that Google uses to collect the user’s personal preferences for advertising purposes.
Example value: 0WmuWqy211097727zILzqV_nmt3sDXwPeM5Q

Name: DV
Expiration time: after 10 minutes
Use: Once you have checked the “I am not a robot” box, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in anonymous form and is also used to make user choices.
Example value: gEAABBCjJMXcI0dSAAAANbqc211097727

Note: This enumeration cannot claim to be complete, as experience has shown that Google changes the selection of its cookies time and again.

How long and where is the data stored?

By inserting reCAPTCHA, data is transferred from you to the Google server. Where exactly this data is stored is not clearly shown by Google, even after repeated inquiries. Without having received confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings are stored on the European or American Google servers. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google Account while using the reCAPTCHA plug-in, the data will be merged. This is subject to Google’s different data protection regulations.

How can I delete my data or prevent data storage?

If you do not want data about you and your behaviour to be transmitted to Google, you must completely log out of Google and delete all Google cookies before visiting our website or using the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you call up our site. To delete this data again, you must contact Google support at https://support.google.com/?hl=de&tid=211097727 .

So when you use our website, you consent to Google LLC and its agents automatically collecting, processing and using information.

To learn more about reCAPTCHA, please visit Google’s web developer page at https://developers.google.com/recaptcha/ Although Google will go into the technical development of reCAPTCHA in more detail here, you will not find detailed information about data storage and data protection topics there. A good overview of the basic use of data by Google can be found in the company’s privacy policy at https://www.google.com/intl/de/policies/privacy/.

We include elements of social media services on our website to display images, videos and text. By visiting pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We do not have access to this data. The following links will take you to the pages of the respective social media services where we explain how they handle your data:

• Instagram Privacy Policy: https://help.instagram.com/519522125107875
• YouTube is subject to Google’s privacy policy: https://policies.google.com/privacy?hl=de
• Facebook data policy: https://www.facebook.com/about/privacy
• Twitter Privacy Policy: https://twitter.com/de/privacy

Facebook Privacy Policy

On this website we use functions of Facebook, a social media network of FIrma Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. You can read about the features (social plug-ins) provided by Facebook at https://developers.facebook.com/docs/plugins/ . When you visit our website, information may be transferred to Facebook. If you have a Facebook account, Facebook may associate this information with your personal account. If you do not want this, please unsubscribe from Facebook. The privacy policy about what information Facebook collects and how they use it can be found on https://www.facebook.com/policy.php

YouTube Privacy Policy

On this page we use the video service YouTube from YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. By accessing pages on our website that have integrated YouTube videos, data is transferred to YouTube, stored and evaluated. If you have a YouTube account and are logged in, this information will be associated with your personal account and the information it contains. You can find out what data Google collects and what this data is used for at https://www.google.com/intl/de/policies/privacy/ .