Data protection
data protection
We have prepared this privacy policy (version 16.06.2019-221096123) to explain to you, in accordance with the provisions of the Basic Data Protection Regulation (EU) 2016/679 and the Data Protection Act (DSG), which information we collect, how we use data and what decision-making options You as a visitor to this site.
Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to make the most important things as simple and clear as possible.
Automatic data storage
When you visit websites today, certain information is automatically created and stored, including on this website.
If you visit our website as it is now, our web server (computer on which this website is stored) automatically saves data such as
- the address (URL) of the website you are visiting
- Browser and browser version
- the operating system used
- the address (URL) of the previously visited page (referrer URL)
- the host name and IP address of the device from which it is accessed
- Date and Time
in files (web server log files).
As a rule, web server log files are stored for two weeks and then deleted automatically. We do not disclose this information, but we can not rule out that it will be seen in the event of unlawful behavior.
The legal basis, according to Article 6 paragraph 1 f DSGVO (lawfulness of processing), is that there is a legitimate interest in enabling the error-free operation of this website by capturing web server log files.
cookies
Our website uses HTTP cookies to store user-specific data.
Below, we explain what cookies are and why they are used to help you better understand the following privacy statement.
What exactly are cookies?
Whenever you surf the Internet, use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most web pages store small text files in your browser. These files are called cookies.
One thing can not be dismissed: cookies are really useful helpers. Almost all websites use cookies. More precisely, it is HTTP cookies, as there are other cookies for other applications. HTTP cookies are small files that are stored by our website on your computer. These cookie files are automatically stored in the cookie folder, the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser will return the “user-related” information to our site. Thanks to the cookies, our website knows who you are and offers you your usual standard setting. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly from our site, and third-party cookies are created by partner websites (such as Google Analytics). Each cookie is to be evaluated individually, since each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies also can not access information from your PC.
For example, cookie data may look like this:
- Name: _ga
- Expiration time: 2 years
- Use: Differentiation of website visitors
- Exemplary value: GA1.2.1326744211.152221096123
A browser should support the following minimum sizes:
- A cookie should be able to contain at least 4096 bytes
- Per domain at least 50 cookies should be stored
- In total, at least 3000 cookies should be stored
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and will be clarified in the following sections of the privacy policy. At this point we would like to briefly discuss the different types of HTTP cookies.
There are 4 types of cookies:
Absolutely necessary cookies
These cookies are necessary to ensure basic functionality of the website. For example, these cookies are needed if a user puts a product in the shopping cart, then continues surfing on other sites and later goes to the checkout. These cookies do not delete the shopping cart, even if the user closes his browser window.
Functional cookies
These cookies collect information about the user behavior and whether the user gets any error messages. In addition, these cookies also measure the load time and behavior of the website on different browsers.
Targeted cookies
These cookies make for better usability. For example, stored locations, font sizes or form data are stored.
Advertising cookies
These cookies are also called targeting cookies. They are used to provide the user with customized advertising. This can be very convenient, but also very annoying.
Usually, the first time you visit a webpage, you are asked which of these cookie types you want to allow. And of course, this decision is also stored in a cookie.
How can I delete cookies?
You decide for yourself how and whether you want to use cookies. Regardless of which service or which website the cookies come from, you always have the option of deleting cookies, only partially approving or deactivating them. For example, you may block third-party cookies but allow all other cookies.
If you want to know which cookies have been saved in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, activate, and manage cookies in Chrome
Safari: Manage cookies and site data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
If you basically do not want to have cookies, you can set up your browser so that it always informs you when a cookie is to be set. So you can decide with each single cookie whether you allow the cookie or not. The procedure varies depending on the browser. It is best that you search Google for “Chrome cookies” or “Disable cookies Chrome” in the case of a Chrome browser, or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari out.
What about my privacy?
Since 2009 there are the so-called “cookie guidelines”. It states that the storage of cookies requires the consent of the website visitor (ie you). Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, the implementation of this directive was carried out in Section 96 (3) of the Telecommunications Act (TKG).
If you want to know more about cookies and do not shy away from technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
Storage of personal data
Personal data that you submit to us electronically on this website, such as name, e-mail address, address or other personal information in the course of submitting a form or comments in the blog, will be transmitted by us together with the time and IP address. Address used only for the purpose specified, kept safe and not disclosed to third parties.
We only use your personal data for communication with visitors who expressly request contact and for the processing of the services and products offered on this website. We will not disclose your personal information without consent, but we can not rule out that it will be seen in the event of unlawful behavior.
If you send us personal data by e-mail – outside of this website – we can not guarantee secure transmission and protection of your data. We recommend that you never send confidential information via email.
The legal basis under Article 6 (1a) of the GDPR (lawfulness of processing) is that you give us consent to the processing of the data you enter. You can revoke this consent at any time – an informal e-mail is sufficient, you will find our contact details in the imprint.
Evaluation of visitor behavior
In the following privacy policy we inform you about whether and how we evaluate data of your visit to this website. The evaluation of the collected data is usually anonymous and we can not infer from your behavior on this website on your person.
You can read more about the possibilities of this evaluation of the visit data in the following privacy statement.
TLS encryption with https
We use https to transmit data securely on the Internet (data protection through technology design Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data. You acknowledge the use of this safeguarding of the data transfer at the small lock symbol in the upper left corner of the browser and the use of the scheme https (instead of http) as part of our Internet address.
Google Fonts Privacy Policy
We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.
You do not need to sign in or have a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested through the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google Account, you do not need to worry about your Google Account information being sent to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. As the data storage looks exactly, we will look at the details.
What are Google fonts?
Google Fonts (formerly Google Web Fonts) is an interactive directory of over 800 fonts that Google LLC provides for free use.
Many of these fonts are published under the SIL Open Font License, while others have been released under the Apache license. Both are free software licenses. Thus, we can use them freely without paying royalties.
Why do we use Google fonts on our website?
With Google Fonts we can use fonts on our own website and do not have to upload them on our own server. Google Fonts is an important building block to keep the quality of our website high. All Google fonts are automatically optimized for the Web, and this saves data volume and is a great advantage especially for mobile device use. When you visit our page, the low file size ensures fast loading time. Furthermore, Google fonts are so-called secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites visually. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform issues with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod).
So we use the Google fonts to make our entire online service as beautiful and consistent as possible. According to Art. 6 para. 1 lit. F DSGVO already constitutes a “legitimate interest” in the processing of personal data. In this case, “legitimate interest” means legal as well as economic or non-material interests that are recognized by the legal system.
What data is stored by Google?
When you visit our website, the fonts will be reloaded via a Google server. This external call sends data to the Google servers. Google also recognizes that you or your IP address is visiting our website. The Google Fonts API is designed to reduce the collection, storage and use of end-user data to what is needed for efficient font delivery. Incidentally, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software area.
Google Fonts securely stores CSS and font requests on Google and is thus protected. Through the collected usage figures, Google can determine the popularity of the fonts. Google publishes the results on internal analysis pages, such as Google Analytics. In addition, Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in Google Fonts’ BigQuery database. BigQuery is a Google web service for companies that want to move and analyze large amounts of data.
It should be kept in mind, however, that any Google Font request will also automatically transfer information such as IP address, language settings, browser screen resolution, browser version, and browser name to the Google servers. Whether this data is also stored, is not clear or is not clearly communicated by Google.
How long and where is the data stored?
For a day, Google stores requests for CSS assets on its servers, which are mainly located outside the EU. This allows us to leverage the fonts using a Google style sheet. A style sheet is a style that allows you to quickly and easily find out, for example, a style sheet. can change the design or font of a web page.
The font files are stored at Google for one year. Google is pursuing the goal of generally improving the load time of websites. If millions of web pages refer to the same fonts, they will be cached after the first visit and immediately appear on all other later visited web pages. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.
How can I delete my data or prevent data storage?
Data that Google stores for a day or a year can not simply be deleted. The data is automatically transmitted to Google when the page is viewed. To prematurely delete this information, you must contact Google Support at https://support.google.com/?hl=en&tid=221096123. In this case, you prevent data storage only if you do not visit our site.
Unlike other web fonts, Google allows us unrestricted access to all fonts. So we can access unlimited fonts and get the most out of our website. More about Google Fonts and other questions can be found at https://developers.google.com/fonts/faq?tid=221096123. Although Google addresses privacy issues, it does not include detailed information about data storage. It is relatively difficult (almost impossible) for Google to get really accurate information about stored data.
You can also see what data Google collects and what this data is used for at https://www.google.com/intl/en/policies/privacy/.
Google Maps Privacy Policy
We use Google Maps from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.
By using the features of this card, data will be transmitted to Google. To see what data Google collects and what this data is used for, visit https://www.google.com/intl/en/policies/privacy/.
Rights according to the General Data Protection Regulation
According to the regulations of the DSGVO and the Austrian Data Protection Act (DSG) you have the following rights:
- Right to rectification (Article 16 GDPR)
- Right to cancellation (“Right to be forgotten”) (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to Notification – Obligation to Notify in Connection with Correction or Deletion of Personal Data or Restriction of Processing (Article 19 GDPR)
- Right to data portability (Article 20 GDPR)
- Right of objection (Article 21 GDPR)
- Right not to be subjected to a decision based solely on automated processing – including profiling – (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority, which in Austria is the data protection authority whose website you can find at https://www.dsb.gv.at/.
Facebook Privacy Policy
We use functions of Facebook, a social media network of FIrma Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland.
What features (social plug-ins) Facebook provides, you can read on https://developers.facebook.com/docs/plugins/.
By visiting our website information can be transmitted to Facebook. If you have a Facebook account, Facebook can associate that information with your personal account. If you do not want that, please log out of Facebook.
The privacy policy, which information Facebook collects and how they use them can be found at https://www.facebook.com/policy.php.
YouTube Privacy Policy
We use YouTube’s YouTube video service, YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
By accessing pages of our website that have integrated YouTube videos, data is transmitted to YouTube, stored and evaluated.
If you have a YouTube account and you’re signed in, that information will be associated with your personal account and the data stored in it.
To see what data Google collects and what this data is used for, visit https://www.google.com/intl/en/policies/privacy/.
Instagram Privacy Policy
We use features of the social media Instagram network of Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA.
We can display images and videos with Embed Embed Instagram features.
By calling up pages that use such functions, data (IP address, browser data, date, time, cookies) are transmitted to Instagram, stored and evaluated.
If you have an Instagram account and you’re signed in, it will be associated with your personal account and the data stored in it.
The privacy policy that collects information about Instagram and how to use it can be found at https://help.instagram.com/519522125107875.
Google reCAPTCHA Privacy Policy
Our ultimate goal is to make our website as safe and secure as possible for you and for us. To ensure this, we use Google reCAPTCHA from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA). With reCAPTCHA we can see if you are really a flesh-and-blood person and not a robot or any other spam software. By spam, we mean any, by electronic means, unwanted information that we receive unsolicitedly. For classic CAPTCHAS, you usually had to solve text or image puzzles for review. With reCAPTCHA from Google we usually do not have to bother you with such puzzles. In most cases, just tick the box to confirm that you are not a bot. With the new Invisible reCAPTCHA version, you do not even have to check the box. How this works and, above all, what data is used for this, you will learn throughout this privacy policy.
The legal basis for use is Article 6 (1) f (lawfulness of processing), as there is a legitimate interest in protecting this website from bots and spam software.
What is reCAPTCHA?
reCAPTCHA is a free captcha service from Google that protects websites from spam software and abuse by non-human visitors. This service is most commonly used when you fill out forms on the Internet. A captcha service is an automatic Turing test designed to ensure that an action on the internet is made by a human rather than a bot. In the classic Turing test (named after the computer scientist Alan Turing), a person determines the distinction between bot and human. For captchas, this is also done by the computer or a software program. Classic captchas work with small tasks that are easy for humans to solve, yet have significant difficulties for machines. With reCAPTCHA, you do not have to actively solve any puzzles. The tool uses modern risk techniques to differentiate people from bots. All you have to do is tick the text field “I’m not a robot” or Invisible reCAPTCHA does not need that anymore. With reCAPTCHA a JavaScript element is integrated into the source code and then the tool runs in the background and analyzes your user behavior. From these user actions, the software calculates a so-called captcha score. Google calculates with this score even before captcha input how high the probability that you are human. ReCAPTCHA or captchas in general are used whenever bots could manipulate or misuse certain actions (such as registrations, surveys, etc.).
Why do we use reCAPTCHA on our website?
We only want to welcome people of flesh and blood on our side. Bots or spam software of various kinds may safely stay at home. That’s why we’re working hard to protect ourselves and provide the best possible usability for you. That’s why we use Google reCAPTCHA from Google. So we can be pretty sure that we are staying a “non-bot” website. Using reCAPTCHA transmits data to Google that Google uses to determine if you are truly human. Thus, reCAPTCHA serves the security of our website and consequently also your safety. For example, without reCAPTCHA, when registering, a bot could register as many email addresses as possible, and then “tag” forums or blogs with unwanted advertisements. With reCAPTCHA we can avoid such bot attacks.
What data is stored by reCAPTCHA?
ReCAPTCHA collects personally identifiable information from users to determine if the actions on our site are actually human. So it can send the IP address and other data that Google needs for the reCAPTCHA service to Google. IP addresses within the member states of the EU or other parties to the Agreement on the European Economic Area are almost always truncated before the data ends up on a server in the United States. The IP address will not be combined with any other Google data unless you are logged in with your Google Account while using reCAPTCHA. First, the reCAPTCHA algorithm checks if your browser already has Google cookies from other Google services (YouTube, Gmail, etc.). Then reCAPTCHA sets an additional cookie in your browser and captures a snapshot of your browser window.
The following list of collected browser and user data is not exhaustive. Rather, they are examples of data that we understand to be processed by Google.
- Referrer URL (the address of the page from which the visitor comes)
- IP address (e.g., 256.123.123.1)
About the operating system (the software that enables you to operate your computer, known operating systems are Windows, Mac OS X or Linux) - Cookies (small text files that store data in your browser)
Mouse and keyboard behavior (any action you perform with the mouse or keyboard is saved) - Date and language settings (which language or which date you have preset on your PC)
- All javascript objects (javascript is a programming language that allows websites to adapt to the user javascript objects can collect all sorts of data under one name)
- Screen resolution (shows how many pixels the image is made of)
It is indisputable that Google uses and analyzes this data before clicking on the check mark “I am not a robot”. With the Invisible reCAPTCHA version even ticking off and the entire recognition process runs in the background. How much and what data Google stores exactly, you will not learn from Google in detail.
The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version of Google at https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies Google has set reCAPTCHA on the demo version:
Name: IDE
Expiration time: after one year
Use: This cookie is set by the company DoubleClick (also Google) to register and report the actions of a user on the website in the handling of advertisements. Thus, the advertising effectiveness can be measured and appropriate optimization measures are taken. IDE is stored in browsers under the domain doubleclick.net.
Example value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-221096123
Name: 1P_JAR
Expiration time: after one month
Usage: This cookie collects site usage statistics and measures conversions. For example, a conversion occurs when a user becomes a buyer. The cookie is also used to show advertisers relevant ads. Furthermore, the cookie prevents a user from seeing the same ad more than once.
Example value: 2019-5-14-12
Name: ANID
Expiration time: after 9 months
Usage: We could not get much information about this cookie. In the privacy policy of Google, the cookie is used in connection with “advertising cookies” such. Mentions “DSID”, “FLC”, “AID”, “TAID”. ANID is stored at domain google.com.
Example value: U7j1v3dZa2210961230xgZFmiqWppRWKOr
Name: CONSENT
Expiration time: after 19 years
Usage: The cookie stores the status of a user’s consent to use various services provided by Google. CONSENT also provides security to verify users, prevent credential fraud, and protect user data from unauthorized attacks.
Example value: YES + AT.de + 20150628-20-0
Name: NID
Expiration time: after 6 months
Usage: NID is used by Google to tailor advertisements to your Google search. With the help of cookies, Google “remembers” your most-typed searches or your earlier interaction with ads. So you always get customized advertisements. The cookie contains a unique ID that Google uses to collect the user’s personal settings for promotional purposes.
Example value: 0WmuWqy221096123zILzqV_nmt3sDXwPeM5Q
Name: DV
Expiry time: after 10 minutes
Usage: Once you tick the “I’m not a robot” checkbox, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in an anonymous form and is further used to make user distinctions.
Example value: gEAABBCjJMXcI0dSAAAANbqc221096123
Note: This list can not claim to be exhaustive, as experience has shown that Google changes the choice of cookies over and over again.
How long and where is the data stored?
Inserting reCAPTCHA transfers data to the Google server. Where exactly this data is stored, Google, even after repeated inquiries, is not clear. Without having received a confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings on the European or American Google Servers are stored. The IP address your browser sends to Google will generally not be merged with other Google data from other Google services. However, if you’re signed in to your Google Account while using the reCAPTCHA plug-in, the data will be merged. For this the deviating data protection regulations of the company Google apply.
How can I delete my data or prevent data storage?
If you do not want data to be transmitted to Google about you and about your behavior, you must log out of Google completely and delete all Google cookies before you visit our website or use the reCAPTCHA software. Basically, the data will be sent to Google automatically as soon as you visit our page. To delete this information, you must contact Google Support at https://support.google.com/?hl=en&tid=221096123.
So, if you use our website, you agree that Google LLC and its agents automatically collect, process and use information.
To learn more about reCAPTCHA, go to the web developer site at https://developers.google.com/recaptcha/. Google is here on the technical development of reCAPTCHA closer, but accurate information on data storage and privacy-related topics are looking for there in vain. You can find a good overview of the basic use of data on Google in our own privacy policy at https://www.google.com/intl/de/policies/privacy/.
Source: Created with the privacy generator of firmenwebseiten.at in cooperation with schoengesund.at