Introduction and overview
We have written this data protection declaration (version 06.05.2021-221145116) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the person responsible - and that of Processors commissioned by us (e.g. provider) - process, will process in the future and what legitimate options you have. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about the data that we process about you.
Data protection declarations usually sound very technical and use legal terminology. However, this data protection declaration is intended to describe the most important things to you as simply and transparently as possible. As far as transparency is beneficial, technical terms are explained in a reader-friendly manner, links to further information are provided and graphics are used. We are thus informing in clear and simple language that we only process personal data in the context of our business activities if there is a corresponding legal basis. This is certainly not possible if you make as brief, unclear and legal-technical statements as possible, as they are often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and maybe there is one or the other piece of information that you were not familiar with.
If you still have questions, we would like to ask you to contact the responsible body named below or in the imprint, to follow the links provided and to look at further information on third-party sites. You can of course also find our contact details in the imprint.
scope of application
This data protection declaration applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (contract processors). By personal data, we mean information such as the name, email address and postal address of a person. The processing of personal data ensures that we can offer and invoice our services and products, be it online or offline. The scope of this data protection declaration includes:
all online presences (websites, online shops) that we operate
Social media appearances and email communication
mobile apps for smartphones and other devices
In short: all areas where personal data is processed in a structured manner in the company.
In the following data protection declaration, we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation that enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course access this EU General Data Protection Regulation online at EUR-Lex, the gateway to the EU -Recht, read at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex%3A32016R0679.
We only process your data if at least one of the following conditions applies:
Consent (Article 6 Paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of the data you entered in a contact form.
Contract (Article 6 Paragraph 1 lit. a GDPR): We process your data in order to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a sales contract with you, we need personal information in advance.
Legal obligation (Article 6 Paragraph 1 lit. a GDPR): If we are subject to a legal obligation, we will process your data. For example, we are legally required to keep invoices for bookkeeping. These usually contain personal data.
Legitimate interests (Article 6 Paragraph 1 lit. a GDPR): In the case of legitimate interests that do not restrict your basic rights, we reserve the right to process personal data. For example, we have to process certain data in order to be able to operate our website securely and economically efficiently; this processing is therefore a legitimate interest.
Other conditions such as the taking of recordings in the public interest and the exercise of official authority as well as the protection of vital interests do not usually apply to us. If such a legal basis should be relevant, it will be shown at the appropriate point.
In addition to the EU regulation, national laws also apply:
In Austria this is the federal law for the protection of natural persons when processing personal data (data protection law), DSG for short.
In Germany, the Federal Data Protection Act, or BDSG for short, applies.
If other regional or national laws apply, we will inform you about them in the following sections.
Contact details of the person responsible
If you have any questions about data protection, you will find the contact details of the responsible person or office below.
Matthias Minstrel Bettler
Tel .: 0676 9488982
Storage of personal data
Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information in the context of submitting a form or comments in the blog, are stored by us together with the time and the IP address. Address is only used for the specified purpose, stored securely and not passed on to third parties.
We therefore only use your personal data for communication with those visitors who expressly request contact and for processing the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.
If you send us personal data by e-mail - outside of this website - we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by email.
Evaluation of visitor behavior
In the following data protection declaration we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot infer your person from your behavior on this website.
You can find out more about how to object to this analysis of the visit data in the following data protection declaration.
Our website uses HTTP cookies to save user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
What exactly are cookies?
Whenever you surf the Internet, you are using a browser. Well-known browsers are, for example, Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.
Cookies save certain user data about you, such as language or personal page settings. When you call up our site again, your browser transmits the "user-related" information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "pests". Cookies cannot access information on your PC either.
For example, cookie data can look like this:
Purpose: differentiation of website visitors
Expiry date: after 2 years
A browser should be able to support these minimum sizes:
At least 4096 bytes per cookie
At least 50 cookies per domain
At least 3000 cookies in total
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.
There are 4 types of cookies:
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only goes to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window.
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and the behavior of the website in different browsers.
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. That can be very practical, but also very annoying.
When you visit a website for the first time, you will usually be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.
How can I delete cookies?
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether or not to allow the cookie. The procedure is different depending on the browser. The best thing to do is to search for the instructions in Google using the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser.
What about my data protection?
The so-called “cookie guidelines” have existed since 2009. It states that the storage of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, this directive was implemented in Section 96 (3) of the Telecommunications Act (TKG). In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265 , the Request for Comments of the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".
Automatic data storage
When you visit websites these days, certain information is automatically created and stored, including on this website. This collected data should be collected as sparingly as possible and only with justification. By website we mean the entirety of all websites on your domain, ie everything from the start page (homepage) to the very last subpage (like this one here). By domain we mean example.de or musterbeispiel.com.
Even while you are visiting our website, our web server - that is the computer on which this website is stored - usually automatically saves data such as
the complete Internet address (URL) of the website called up (e.g. https://www.beispielwebsite.de/beispieluntereite.html/)
Browser and browser version (e.g. Chrome 87)
the operating system used (e.g. Windows 10)
the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen.html/)
the host name and the IP address of the device from which access is made (e.g. COMPUTERNAME and 126.96.36.199)
Date and Time
in files, the so-called web server log files.
As an illustration:
As a rule, these files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed by authorities in the event of illegal behavior.
In short: your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not pass on your data!
TLS encryption with https
TLS, encryption and https sound and are very technical. We use HTTPS (the Hypertext Transfer Protocol Secure stands for "secure hypertext transfer protocol") to transfer data securely on the Internet.
This means that the complete transmission of all data from your browser to our web server is secured - nobody can "overhear".
We have thus introduced an additional security layer and comply with data protection through technology design ( Article 25 (1) GDPR ). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this protection of data transmission by the small lock symbol in the top left of the browser to the left of the Internet address (e.g. examplepage.de) and the use of the https scheme (instead of http) as part of our Internet address.
If you want to know more about encryption, we recommend doing a Google search for “Hypertext Transfer Protocol Secure wiki” for good links to further information.
Rights according to the General Data Protection Regulation
According to the provisions of the GDPR, you have the following rights:
Right to rectification (Article 16 GDPR)
Right to erasure ("right to be forgotten") (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification - obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing - including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can complain to the supervisory authority. For Austria this is the data protection authority, whose website you can find at https://www.dsb.gv.at/ and for Germany you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
For our website we use the Google Tag Manager of the company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. This Tag Manager is one of many helpful marketing products from Google. Using the Google Tag Manager, we can centrally integrate and manage code sections from various tracking tools that we use on our website.
In this data protection declaration we want to explain in more detail what the Google Tag Manager does, why we use it and in what form data is processed.
What is the Google Tag Manager?
Why do we use Google Tag Manager for our website?
What data is saved by the Google Tag Manager?
The Tag Manager itself is a domain that does not set cookies and does not save any data. He acts as a mere "administrator" of the implemented tags. The data is recorded by the individual tags of the various web analysis tools. The data is passed through to the individual tracking tools in the Google Tag Manager and is not saved.
The situation is completely different, however, with the integrated tags of the various web analysis tools, such as Google Analytics. Depending on the analysis tool, various data about your web behavior are usually collected, saved and processed with the help of cookies. To do this, please read our data protection texts on the individual analysis and tracking tools that we use on our website.
In the Tag Manager account settings, we have allowed Google to receive anonymized data from us. However, this only concerns the use and use of our Tag Manager and not your data, which is stored via the code sections. We enable Google and others to receive selected data in an anonymous form. We therefore consent to our website data being passed on anonymously. In spite of long research, we were unable to find out exactly which summarized and anonymous data is forwarded. In any case, Google will delete all information that could identify our website. Google combines the data with hundreds of other anonymous website data and creates user trends as part of benchmarking measures. Benchmarking compares your own results with those of your competitors. Processes can be optimized on the basis of the information collected.
How long and where will the data be stored?
When Google stores data, this data is stored on its own Google servers. The servers are distributed all over the world. Most of them are in America. At https://www.google.com/about/datacenters/inside/locations/?hl=de you can read exactly where the Google servers are located.
How long the individual tracking tools store your data can be found in our individual data protection texts for the individual tools.
How can I delete my data or prevent data storage?
The Google Tag Manager itself does not set cookies, but manages tags from various tracking websites. In our data protection texts for the individual tracking tools, you will find detailed information on how to delete or manage your data.
Google is an active participant in the EU-US Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=221145116 . If you want to find out more about the Google Tag Manager, we recommend the FAQs at https://www.google.com/intl/de/tagmanager/faq.html .
Newsletter data protection declaration
If you subscribe to our newsletter, you transmit the above personal data and give us the right to contact you by email. We use the data stored when registering for the newsletter only for our newsletter and do not pass it on.
If you unsubscribe from the newsletter - you will find the link for this at the bottom of every newsletter - then we will delete all data that was saved when you registered for the newsletter.
Embedded social media elements data protection declaration
We integrate elements of social media services on our website to display images, videos and texts.
When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data.
The following links take you to the pages of the respective social media services where it is explained how they handle your data:
The Google data protection declaration applies to YouTube: https://policies.google.com/privacy?hl=de
Facebook data policy: https://www.facebook.com/about/privacy
For our website we use the Wix website builder from the Israeli company Wix.com Ltd., 40 Hanamal Tel Aviv St., Tel Aviv 6350671, Israel. In addition to the headquarters in Tel Aviv, there are other company offices such as in Berlin, Dublin, Vancouver and New York. By using Wix, your personal data can also be collected, stored and processed. With this data protection declaration we want to explain to you why we use Wix, which data is stored where and how you can prevent this data storage.
What is wix?
Wix is a website builder that makes it very easy to build HTML5 websites and mobile websites. This online platform is based on the cloud principle and you can easily integrate various functions from Wix or third-party providers into your own website.
Why do we use Wix on our website?
To work on our website, we need an easy-to-use system that allows us to present you with a nice design and interesting content quickly and easily. With Wix, we have found the right system for this. Due to the ease of use and the comprehensive functions of Wix, we can design our website according to our wishes and offer you good user-friendliness.
What data does Wix store?
Non-personal data includes technical usage information such as browser activity, clickstream activities, session heat maps and data on your computer, operating system, browser, screen resolution, language and keyboard settings, internet provider and the date of the page visit.
In addition, personal data is also recorded. These are primarily contact details (email address or telephone number, if you provide this), IP address or your geographic location.
Tracking systems such as cookies are used to collect data on your behavior on our website. For example, it is recorded which sub-pages you particularly like, how long you have been on individual pages, when you leave a page again (bounce rate) or which pre-settings (e.g. language selection) you have made. Based on this data, Wix.com can also better adapt its marketing measures to your interests and your user behavior. The next time you visit our website, our website will be displayed to you as you set it up in advance. Wix.com may also pass on personal data to third parties (such as service providers).
In the following we show you exemplary cookies that are used by Wix:
Name: XSRF TOKEN
Value: 1591628008 | P01ovn-JtsrK
Purpose: This cookie is a security cookie and prevents so-called Cross Site Request Forgery. This is an attack on a computer system.
Expiration date: after the session ends
Purpose: This cookie enables you to register on our website with the corresponding data storage in order to shorten the registration process the next time.
Expiry date: after 3 months
Purpose: This cookie is used to distribute the load on the website across several servers. This increases the loading speed of the page.
Expiry date: after one hour
Purpose: We have not yet been able to find out more information about this cookie. As soon as we know more, you will be informed.
Expiry date: after one hour
Note: Please note that the cookies displayed above are examples and that this list does not claim to be complete.
How long and where will the data be stored?
The data can be stored on various servers that are distributed around the world. For example, the data can be stored in the USA, Ireland, South Korea, Taiwan or Israel.
Wix always stores data until it is no longer required for the service provided. We have not yet been able to find out more details about the duration of data storage.
How can I delete my data or prevent data from being saved?
You have the option to update, correct or delete your personal data at any time. You can also contact the data protection department at Wix directly at firstname.lastname@example.org.
To deactivate, delete or manage cookies, all you have to do is select the appropriate settings in your browser. This works a little differently depending on the browser. The following instructions show how you can set or manage cookies in the most common browsers according to your wishes.
Wix.com Ltd. is headquartered in Israel. Israel is recognized by the European Commission as a country that offers adequate protection for personal data of EU citizens.
In addition, Wix.com is also an active participant in the EU-US Privacy Shield Framework, which also regulates the correct and secure transfer of personal data. You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt0000000GnbGAAS&status=Active . With this data protection declaration we have brought you the most important information about data processing by Wix.com. If you want to find out more about this, we recommend the company's data protection guidelines at https://de.wix.com/about/privacy .