Data protection

Table of contents

Introduction and overview

We have written this data protection declaration (version 09/05/2023-122574473) to provide you with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws to explain which personal data (data for short) we as controllers - and the processors commissioned by us (e.g. providers) - process, will process in the future and what legal options you have. The terms used are to be understood as gender-neutral.
In short: We will inform you comprehensively about the data we process about you.

Privacy policies usually sound very technical and use legal terms. This data protection declaration, however, is intended to describe the most important things to you as simply and transparently as possible. To the extent that it promotes transparency, technical Terms explained in a reader-friendly way , links to further information provided and Graphics brought into use. We thereby inform you in clear and simple language that we only process personal data as part of our business activities if there is a corresponding legal basis. This is certainly not possible if you make as brief, unclear and legal-technical statements as possible, as are often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps there is one or two pieces of information that you didn't know before.
If you still have questions, we would like to ask you to contact the responsible body named below or in the legal notice, follow the existing links and look at further information on third-party sites. You can of course also find our contact details in the legal notice.

scope of application

This data protection declaration applies to all personal data processed by us in the company and to all personal data that companies commissioned by us (processors) process. By personal data we mean information within the meaning of Article 4 No. 1 GDPR such as a person's name, email address and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this data protection declaration includes:

  • all online presences (websites, online shops) that we operate
  • Social media appearances and email communication
  • mobile apps for smartphones and other devices

In short: The data protection declaration applies to all areas in which personal data is processed in a structured manner within the company via the channels mentioned. If we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal basis

In the following data protection declaration we provide you with transparent information about the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course access this EU General Data Protection Regulation online on EUR-Lex, the access to the EU -Right, under read up.

We only process your data if at least one of the following conditions applies:

  1. consent (Article 6 paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be saving the data you entered on a contact form.
  2. Contract (Article 6 paragraph 1 lit. b GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we need personal information in advance.
  3. Legal obligation (Article 6 paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
  4. Legitimate interests (Article 6 paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and economically efficiently. This processing is therefore a legitimate interest.

Other conditions such as the perception of recordings in the public interest and the exercise of public authority as well as the protection of vital interests generally do not apply to us. If such a legal basis is relevant, it will be shown in the appropriate place.

In addition to the EU regulation, national laws also apply:

  • In Austria This is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data ( Data Protection Act ), for short DSG .
  • In Germany is that valid Federal Data Protection Act , short BDSG .

If other regional or national laws apply, we will inform you about them in the following sections.

Contact details of the person responsible

If you have any questions about data protection or the processing of personal data, you will find the contact details of the responsible person or body below:
Effect advertising
Suat Özcökmez
Kaiser-Ebersdorfer-Strasse 259/22
1110 Vienna

Phone: +43 660 777 0853

Storage period

Our general criterion is that we only store personal data for as long as is absolutely necessary to provide our services and products. This means that we delete personal data as soon as the reason for data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased, for example for accounting purposes.

If you wish to have your data deleted or revoke your consent to data processing, the data will be deleted as quickly as possible and unless there is an obligation to store it.

We will inform you below about the specific duration of the respective data processing, provided we have further information.

Rights under the General Data Protection Regulation

In accordance with Articles 13, 14 GDPR, we inform you of the following rights to which you are entitled so that data is processed fairly and transparently:

  • According to Article 15 GDPR, you have a right to information as to whether we are processing your data. If this is the case, you have the right to receive a copy of the data and to know the following information:
    • for what purpose we carry out the processing;
    • the categories, i.e. the types of data, that are processed;
    • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
    • how long the data is stored;
    • the existence of the right to rectification, deletion or restriction of processing and the right to object to processing;
    • that you can complain to a supervisory authority (links to these authorities can be found below);
    • the origin of the data if we did not collect it from you;
    • whether profiling is carried out, i.e. whether data is automatically evaluated in order to create a personal profile for you.
  • According to Article 16 GDPR, you have a right to correction of data, which means that we must correct data if you find errors.
  • According to Article 17 GDPR, you have the right to deletion (“right to be forgotten”), which specifically means that you can request the deletion of your data.
  • According to Article 18 GDPR, you have the right to restrict processing, which means that we are only allowed to store the data but not use it any further.
  • According to Article 20 GDPR, you have the right to data portability, which means that upon request we will provide you with your data in a common format.
  • According to Article 21 GDPR, you have a right to object, which, once enforced, will result in a change to the processing.
    • If the processing of your data is based on Article 6 Paragraph 1 Letter e (public interest, exercise of official authority) or Article 6 Paragraph 1 Letter f (legitimate interest), you can object to the processing. We will then check as quickly as possible whether we can legally comply with this objection.
    • If data is used to conduct direct advertising, you can object to this type of data processing at any time. We may then no longer use your data for direct marketing.
    • If data is used to carry out profiling, you can object to this type of data processing at any time. We are then no longer allowed to use your data for profiling.
  • According to Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (e.g. profiling).
  • According to Article 77 GDPR, you have the right to lodge a complaint. This means that you can complain to the data protection authority at any time if you believe that the processing of personal data violates the GDPR.

In short: You have rights – do not hesitate to contact the responsible body listed above!

If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. For Austria, this is the data protection authority, whose website you can find at find. In Germany there is a data protection officer for each federal state. For further information you can contact Federal Commissioner for Data Protection and Freedom of Information (BfDI) turn around. The following local data protection authority is responsible for our company:

Austria data protection authority

Head: Mag. Andrea Jelinek
Barichgasse 40-42, 1030 Vienna
Phone number.: 
+43 1 52 152-0
E-mail address:


Cookies summary
👥 Data subjects: visitors to the website
🤝 Purpose: depending on the respective cookie. You can find more details about this below or from the manufacturer of the software that sets the cookie.
📓 Processed data: Depending on the cookie used. You can find more details about this below or from the manufacturer of the software that sets the cookie.
📅 Storage period: depending on the respective cookie, can vary from hours to years
⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit.f GDPR (legitimate interests)

What are cookies?

Our website uses HTTP cookies to store user-specific data.
Below we explain what cookies are and why they are used so that you can better understand the following privacy policy.

Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. To be more precise, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically stored in the cookie folder, the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser sends the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser such as: B. Chrome and the web server. The web browser requests a website and receives a cookie back from the server, which the browser uses again as soon as another page is requested.

HTTP cookie interaction between browser and web server

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually because each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “malicious” things. Cookies also cannot access information on your PC.

For example, cookie data might look like this:

Surname: _ga
Value: GA1.2.1326744211.152122574473-9
Purpose of use: Differentiation of website visitors
Expiry date: after 2 years

A browser should be able to support these minimum sizes:

  • At least 4096 bytes per cookie
  • At least 50 cookies per domain
  • At least 3000 cookies in total

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Essential cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only later checks out. These cookies do not delete the shopping cart, even if the user closes their browser window.

Purposeful cookies
These cookies collect information about user behavior and whether the user receives any error messages. These cookies are also used to measure the loading time and behavior of the website on different browsers.

Targeting cookies
These cookies ensure better user experience. For example, entered locations, font sizes or form data are saved.

Advertising cookies
These cookies are also called targeting cookies. They serve to provide the user with individually tailored advertising. This can be very practical, but also very annoying.

Typically, when you first visit a website, you will be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.

If you would like to know more about cookies and are not afraid of technical documentation, we recommend , the Request for Comments from the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Purpose of processing via cookies

The purpose ultimately depends on the respective cookie. You can find more details about this below or from the manufacturer of the software that sets the cookie.

Which data is processed?

Cookies are little helpers for many different tasks. Unfortunately, it is not possible to generalize which data is stored in cookies, but we will inform you about the data processed or stored in the following data protection declaration.

Storage period of cookies

The storage period depends on the respective cookie and is further specified below. Some cookies are deleted after less than an hour, others can remain on a computer for several years.

You also have an influence on the storage period. You can delete all cookies manually at any time via your browser (see also “Right to object” below). Furthermore, cookies that are based on consent will be deleted at the latest after you revoke your consent, although the legality of storage remains unaffected until then.

Right to object – how can I delete cookies?

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, deactivating them or only partially allowing them. For example, you can block third-party cookies but allow all other cookies.

If you would like to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can do this in your browser settings:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Manage cookies and site data with Safari

Firefox: Delete cookies to remove data that websites have placed on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set your browser so that it always informs you when a cookie is to be set. This means you can decide for each individual cookie whether you allow the cookie or not. The procedure varies depending on the browser. The best thing to do is to search for the instructions in Google using the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser.

Legal basis

The so-called “Cookie Guidelines” have existed since 2009. It states that storing cookies is a consent (Article 6 Paragraph 1 Letter a GDPR) is required from you. However, there are still very different reactions to these guidelines within the EU countries. In Austria, however, this directive was implemented in Section 96 Paragraph 3 of the Telecommunications Act (TKG). In Germany, the cookie guidelines have not been implemented as national law. Instead, this directive was largely implemented in Section 15 Paragraph 3 of the Telemedia Act (TMG).

Cookies that are absolutely necessary exist, even if no consent has been given legitimate interests (Article 6 Paragraph 1 Letter f GDPR), which in most cases is of an economic nature. We want to provide website visitors with a pleasant user experience and certain cookies are often absolutely necessary for this.

If non-essential cookies are used, this will only happen with your consent. The legal basis in this respect is Article 6 Paragraph 1 Letter a GDPR.

In the following sections you will be informed in more detail about the use of cookies if the software used uses cookies.

Web hosting introduction

Web hosting summary
👥 Data subjects: visitors to the website
🤝 Purpose: professional hosting of the website and securing its operation
📓 Processed data: IP address, time of website visit, browser used and other data. You can find more details about this below or with the web hosting provider you use.
📅 Storage period: depends on the respective provider, but usually 2 weeks
⚖️ Legal basis: Art. 6 Para. 1 lit.f GDPR (legitimate interests)

What is web hosting?

When you visit websites these days, certain information - including personal data - is created and stored automatically, including on this website. This data should be processed as sparingly as possible and only with justification. By the way, by website we mean the entirety of all websites on a domain, i.e. everything from the start page (homepage) to the very last subpage (like this one). By domain we mean, for example, or

If you want to view a website on a computer, tablet, or smartphone, you use a program called a web browser. You probably know a few web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. We call it browser or web browser for short.

To display the website, the browser must connect to another computer where the website's code is stored: the web server. Operating a web server is a complicated and time-consuming task, which is why it is usually carried out by professional providers. These offer web hosting and thus ensure reliable and error-free storage of website data. A lot of technical terms, but please stay tuned, it gets better!

When the browser connects to your computer (desktop, laptop, tablet or smartphone) and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, but on the other hand, the web server also needs to store data for a while to ensure proper operation.

A picture is worth a thousand words, so the following graphic shows the interaction between the browser, the Internet and the hosting provider.

Browsers and web servers

Why do we process personal data?

The purposes of data processing are:

  1. Professional website hosting and operational security
  2. to maintain operational and IT security
  3. Anonymous evaluation of access behavior to improve our offering and, if necessary, to prosecute or pursue claims

Which data is processed?

Even while you are visiting our website, our web server, which is the computer on which this website is stored, usually automatically saves data such as

  • the complete internet address (URL) of the website accessed
  • Browser and browser version (e.g. Chrome 87)
  • the operating system used (e.g. Windows 10)
  • the address (URL) of the previously visited page (referrer URL) (e.g. )
  • the host name and IP address of the device from which access is made (e.g. COMPUTERNAME and
  • Date and Time
  • in files called web server log files

How long is data stored?

As a rule, the above-mentioned data is stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed by authorities if illegal behavior occurs.

In short: Your visit will be logged by our provider (company that runs our website on special computers (servers)), but we will not pass on your data without your consent!

Legal basis

The legality of the processing of personal data in the context of web hosting results from Article 6 Paragraph 1 Letter f of the GDPR (protection of legitimate interests), because the use of professional hosting from a provider is necessary to keep the company safe and user-friendly on the Internet to be able to present and, if necessary, pursue attacks and claims resulting from this.

There is usually a contract for order processing between us and the hosting provider in accordance with Art. 28 f. GDPR, which ensures compliance with data protection and guarantees data security.

World4You Privacy Policy

It's quite possible that you've heard of the web hosting provider World4You before. The web host is particularly popular in Austria. The service provider is the Austrian company World4You Internet Services GmbH, Hafenstraße 35, 4020 Linz, Austria.

What is World4You?

The company from the Upper Austrian capital has been active in the web hosting sector since 1998. World4You operates several of its own data centers in Austria and relies on its own technology. This ensures fail-safe operation and a fast server connection. As you may have already read in our introduction to web hosting, your data is also transferred to World4You's servers and processed there. This primarily involves technical data such as browser version or operating system, but personal data is also processed along with your IP address.

Why do we use World4You?

When it comes to a website, we, probably like you, value reliability, speed and security. Even if you access our website in the middle of the night or we already have a lot of visitors, it must work properly. If you click on subpages, it shouldn't take forever for the page to load completely. And if problems do arise, there should be a good backup system in place to back up our content and protect all data. In order for everything to work to our satisfaction, we of course need a reliable web host. With World4You we believe we have found a partner who meets our requirements. World4You has its own data centers and therefore a fixed bandwidth, which makes a website accessible quickly. We also value the company’s personal support.

You can of course also use this support if you have specific questions about data protection at World4You. Also recommended is the privacy policy of the website, which you can find at find. The FAQs below have their own GDPR section where you can also find a lot of useful information.

Email marketing introduction

Email marketing summary
👥 Affected: Newsletter subscribers
🤝 Purpose: Direct advertising via email, notification of system-relevant events
📓 Processed data: Data entered during registration but at least the email address. You can find more details about the email marketing tool used.
📅 Storage period: Duration of the subscription
⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests)

What is Email Marketing?

In order to always keep you up to date, we also use email marketing. If you have agreed to receive our emails or newsletters, your data will also be processed and stored. Email marketing is a part of online marketing. This involves sending news or general information about a company, product or service via email to a specific group of people who are interested in it.

If you want to participate in our email marketing (usually via newsletter), you usually just need to register with your email address. To do this, fill out an online form and submit it. However, it may also happen that we ask you for your title and name so that we can write to you personally.

Basically, registering for newsletters works with the help of the so-called “double opt-in procedure”. After you have registered for our newsletter on our website, you will receive an email confirming your newsletter registration. This ensures that the email address belongs to you and that no one has logged in with someone else's email address. We, or a notification tool we use, logs each login. This is necessary so that we can prove that the registration process was legally correct. The time of registration, the time of registration confirmation and your IP address are usually stored. Additionally, it will also be logged if you make changes to your saved data.

Why do we use email marketing?

Of course, we want to stay in touch with you and always present you with the most important news about our company. For this purpose, we use, among other things, email marketing – often just called “newsletter” – as an essential part of our online marketing. If you agree or as permitted by law, we will send you newsletters, system emails or other notifications by email. When we use the term “newsletter” in the following text, we mainly mean emails sent on a regular basis. Of course, we do not want to bother you in any way with our newsletter. That's why we always strive to only offer relevant and interesting content. You can find out more about our company, our services or products. Since we are always improving our offers, you will always find out via our newsletter when there is news or when we are currently offering special, lucrative promotions. If we commission a service provider who offers a professional sending tool for our email marketing, we do this in order to be able to offer you fast and secure newsletters. The purpose of our email marketing is basically to inform you about new offers and also to get closer to our business goals.

Which data is processed?

If you become a subscriber to our newsletter via our website, you will confirm your membership in an email list by email. In addition to your IP address and email address, your title, name, address and telephone number can also be stored. However, only if you agree to this data storage. The data marked as such is necessary so that you can participate in the service offered. Providing information is voluntary, but failure to provide it will result in you not being able to use the service. In addition, information about your device or your preferred content on our website may also be stored. To learn more about how data is stored when you visit a website, see the “Automatic data storage” section. We record your declaration of consent so that we can always prove that it complies with our laws.

Duration of data processing

If you unsubscribe your email address from our email/newsletter distribution list, we may store your address for up to three years based on our legitimate interests so that we can still prove your consent at the time. We are only allowed to process this data if we have to defend ourselves against any claims.

However, if you confirm that you have given us your consent to subscribe to the newsletter, you can submit an individual deletion request at any time. If you permanently object to your consent, we reserve the right to save your email address in a blacklist. As long as you have voluntarily subscribed to our newsletter, we will of course also keep your email address.

Right to object

You have the option to cancel your newsletter subscription at any time. All you have to do is revoke your consent to subscribe to the newsletter. This usually only takes a few seconds or one or two clicks. You will usually find a link to unsubscribe from the newsletter right at the end of each email. If you really cannot find the link in the newsletter, please contact us by email and we will cancel your newsletter subscription immediately.

Legal basis

Our newsletter is sent based on your consent (Article 6 Paragraph 1 Letter a GDPR). This means that we can only send you a newsletter if you have previously actively registered for it. If necessary, we may also send you advertising messages if you have become our customer and have not objected to the use of your email address for direct advertising.

Information about special email marketing services and how they process personal data, if available, can be found in the following sections.

Chatbots introduction

Chatbots Privacy Policy Summary
👥 Data subjects: visitors to the website
🤝 Purpose: Contact requests and general communication between us and you
📓 Processed data: Data such as name, address, email address, telephone number, general content data, if applicable IP address
You can find more details about the tools used in each case.
📅 Storage period: depends on the chatbots & chat functions used
⚖️ Legal basis: Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests), Art. 6 Para. 1 sentence 1 lit. b. GDPR (contractual or pre-contractual obligations)

What are chatbots?

You can also communicate with us using chatbots or similar chat functions. A chat offers the opportunity to write or speak to one another with very little time delay. A chatbot is software that tries to answer your question and, if necessary, informs you of any news. By using these means of communication, your personal data may also be processed and stored.

Why do we use chatbots?

Opportunities to communicate with you are important to us. Ultimately, we want to talk to you and answer any questions you may have about our service in the best possible way. Well-functioning communication is an important part of our service. Chatbots have the great advantage that we can answer frequently asked questions automatically with the help of this software. This saves us time and you still receive detailed and helpful answers. If the chatbot cannot help, you of course have the option of contacting us personally at any time.

Please note that when using our built-in elements, your data may also be processed outside the European Union, as many providers are American companies. This may mean that you may no longer be able to easily request or enforce your rights in relation to your personal data.

Which data is processed?

It may happen that you also use the chat services on other websites/platforms. In this case, your user ID will also be stored on the servers of this website. We can also be informed about which user used the chat at what time. The content is also saved. Exactly which data is stored depends on the respective service. As a rule, this involves contact data such as email address or telephone number, IP address and various usage data.

If you have consented to the chat function being used, this consent will also be saved or logged along with any possible registration. We do this so that we can demonstrate registration or consent if required by law.

The chat platform provider can also learn when you are chatting and also receive technical information about the device you are using. Exactly which information is stored and processed also depends on your PC settings. In many cases, data about your approximate location can be collected. This is done on the one hand to optimize the chat services and on the other hand to ensure greater security. Furthermore, the information can also be used to set personalized advertising and marketing measures.

If you have agreed that a chatbot can send you messages, you can of course deactivate this activation at any time. The chatbot also serves as help and shows you how you can unsubscribe from this function. All your relevant data will then be deleted from the recipient directory.

We use the above-mentioned data in order to be able to address you personally via the chat, to be able to answer your questions and inquiries or to send you possible content. We can also use it to fundamentally improve our chat services.

How long is data stored?

How long the data is processed and stored depends primarily on the tools we use. You can find out more about the data processing of the individual tools below. The data protection declarations of the providers usually state exactly which data is stored and processed for how long. In principle, personal data is only processed for as long as is necessary to provide our services. When data is stored in cookies, the storage period varies greatly. The data can be deleted immediately after you leave a website, but it can also remain stored for several years. Therefore, you should look at each individual cookie in detail if you want to know more about data storage. You will usually also find informative information about the individual cookies in the data protection declarations of the individual providers.

Right to object

You also have the right and the opportunity to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, deactivating or deleting cookies in your browser.

Since cookies can be used in chat services, we also recommend our general data protection declaration about cookies. To find out exactly which of your data is stored and processed, you should read the data protection declarations of the respective tools.

Legal basis

We ask for your permission to process your data as part of the chat services via a pop-up window. If you consent, this consent also applies as the legal basis (Art. 6 para. 1 lit. a GDPR) for data processing. We also process your inquiries and manage your data within the framework of contractual or pre-contractual relationships in order to fulfill our pre-contractual and contractual obligations or to answer inquiries. is the basis for this Art. 6 Paragraph 1 Sentence 1 Letter b. GDPR . In principle, your data is also processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) stored and processed for fast and good communication with you or other customers and business partners. However, we only use the tools if you have given your consent.

Explanation of terms used

We always strive to make our data protection declaration as clear and understandable as possible. However, this is not always easy, especially when it comes to technical and legal issues. It often makes sense to use legal terms (such as personal data) or certain technical terms (such as cookies, IP address). But we don't want to use them without explanation. Below you will find an alphabetical list of important terms used that we may not have addressed sufficiently in the previous data protection declaration. If these terms were taken from the GDPR and they are definitions, we will also cite the GDPR texts here and add our own explanations if necessary.


Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term means:

“Processor” a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller;

Explanation: As a company and website owner, we are responsible for all data that we process from you. In addition to those responsible, there can also be so-called processors. This includes every company or person who processes personal data on our behalf. In addition to service providers such as tax consultants, processors can also include hosting or cloud providers, payment or newsletter providers or large companies such as Google or Microsoft.


Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term means:

"Consent" to the data subject, any voluntary, specific, informed and unambiguous expression of his or her wishes, in the form of a statement or other clear affirmative action, by which the data subject indicates that he or she consents to the processing of personal data relating to him or her;

Explanation: As a rule, such consent is given on websites via a cookie consent tool. You probably know that. Whenever you visit a website for the first time, you will usually be asked via a banner whether you agree to data processing. You can usually also make individual settings and decide for yourself which data processing you allow and which not. If you do not consent, no personal data about you may be processed. In principle, consent can of course also be given in writing, i.e. not via a tool.

Personal Data

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term means:

“personal data” any information relating to an identified or identifiable natural person (hereinafter “data subject”); A natural person is considered to be identifiable if he or she can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;

Explanation: Personal data is all data that can identify you as a person. This is usually data such as:

  • Surname
  • address
  • E-mail address
  • Postal address
  • Telephone number
  • birth date
  • Identification numbers such as social security number, tax identification number, ID card number or matriculation number
  • Bank details such as account number, credit information, account balances and much more.

According to the European Court of Justice (ECJ), yours also counts IP address for personal data . Using your IP address, IT experts can at least determine the approximate location of your device and subsequently you as the connection owner. Therefore, storing an IP address also requires a legal basis within the meaning of the GDPR. There are also so-called “special categories” of personal data that is particularly worthy of protection. These include:

  • racial and ethnic origins
  • political opinions
  • religious or ideological beliefs
  • union membership
  • genetic data such as data collected from blood or saliva samples
  • biometric data (this is information about psychological, physical or behavioral characteristics that can identify a person).
    Health data
  • Data on sexual orientation or sex life


Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term means:

“Profiling” any type of automated processing of personal data, which consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal preferences, interests , analyze or predict the reliability, behavior, location or movements of that natural person;

Explanation: Profiling involves collecting various information about a person in order to learn more about that person. In the web sector, profiling is often used for advertising purposes or for credit checks. Web or advertising analysis programs, for example, collect data about your behavior and interests on a website. This results in a special user profile that can be used to target advertising to a specific target group.

Responsible person

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term means:

“responsible person” the natural or legal person, public authority, agency or other body which, alone or jointly with others, decides on the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

Explanation: In our case, we are responsible for the processing of your personal data and therefore the “controller”. If we pass on collected data to other service providers for processing, they are “processors”. To do this, an “order processing agreement (AVV)” must be signed.


Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term means:

"Processing" any operation or series of operations carried out with or without the aid of automated procedures in connection with personal data, such as the collection, recording, organization, structuring, storage, adaptation or modification, reading, querying, use, disclosure by transmission, distribution or other form of provision, alignment or association, restriction, deletion or destruction;

Annotation: When we talk about processing in our privacy policy, we mean any type of data processing. As mentioned above in the original GDPR declaration, this includes not only collecting but also storing and processing data.

Final word

Congratulations! If you are reading these lines, you have really “fought” your way through our entire privacy policy or at least scrolled this far. As you can see from the scope of our privacy policy, we do not take the protection of your personal data lightly.
It is important to us to inform you to the best of our knowledge and belief about the processing of personal data. We not only want to tell you which data is processed, but also explain the reasons for using various software programs. As a rule, data protection declarations sound very technical and legal. Since most of you are not web developers or lawyers, we wanted to take a different linguistic approach and explain the matter in simple and clear language. Of course, this is not always possible due to the subject matter. The most important terms are therefore explained in more detail at the end of the data protection declaration.
If you have any questions about data protection on our website, please do not hesitate to contact us or the responsible body. We wish you a wonderful time and hope to welcome you back to our website soon.

All texts are copyrighted.

Source: Created with the Privacy Generator by AdSimple