Privacy Policy

Introduction

With the following privacy policy, we would like to inform you about which types of your personal data (hereinafter also referred to as “data”) we process for which purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both within the scope of providing our services as well as, in particular, on our websites, in mobile applications, and within external online presences such as our social media profiles (hereinafter collectively referred to as the “online offering”).

The terms used are not gender-specific.

Last updated: February 6, 2023

Table of Contents

  • Introduction
  • Data Controller
  • Overview of Processing
  • Relevant Legal Basis
  • Security Measures
  • Transfer of Personal Data
  • Data Processing in Third Countries
  • Deletion of Data
  • Use of Cookies
  • Business Services
  • Provision of the Online Offering and Web Hosting
  • Contact and Request Management
  • Surveys and Polls
  • Web Analysis, Monitoring, and Optimization
  • Presence on Social Networks (Social Media)
  • Plugins and Embedded Functions and Content
  • Changes and Updates to the Privacy Policy
  • Rights of Data Subjects

Data Controller

Esther Sattler
Lisztgasse 5
8041 Graz, AT

Email address:
office@esthersattler.at

Overview of Processing

The following overview summarizes the types of data processed and the purposes of their processing and refers to the affected persons.

Types of Data Processed:

  • Inventory data
  • Payment data
  • Contact data
  • Content data
  • Contract data
  • Usage data
  • Meta, communication, and procedural data

Categories of Data Subjects:

  • Interested parties
  • Communication partners
  • Users
  • Business and contractual partners
  • Participants

Purposes of Processing:

  • Provision of contractual services and customer support
  • Contact requests and communication
  • Security measures
  • Reach measurement
  • Office and organizational procedures
  • Management and response to inquiries
  • Feedback
  • Marketing
  • Profiles with user-related information
  • Provision of our online offering and user-friendliness
  • Information technology infrastructure

Relevant Legal Basis

The following provides an overview of the legal bases of the General Data Protection Regulation (GDPR) on which we process personal data. Please note that, in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence or business location. If more specific legal bases apply in individual cases, we will inform you of them in this privacy policy.

  • Consent (Art. 6 para. 1 sentence 1 lit. a GDPR) – The data subject has given their consent to the processing of their personal data for one or more specific purposes.
  • Performance of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b GDPR) – The processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract.
  • Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) – The processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) – The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.

Security Measures

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the costs of implementation, and the nature, scope, circumstances, and purposes of the processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.

Transfer of Personal Data

In the course of processing personal data, it may happen that the data is transferred to other entities, companies, legally independent organizational units, or persons or disclosed to them. Recipients of this data may include service providers for IT tasks or providers of services and content integrated into a website.

Data Processing in Third Countries

If we process data in a third country (i.e., outside the European Union (EU), European Economic Area (EEA)), or the processing occurs in the context of the use of services of third parties or the disclosure or transfer of data to other persons, entities, or companies, this only takes place in compliance with legal requirements.

Deletion of Data

The data we process will be deleted in accordance with legal requirements as soon as their permitted consent is revoked or other authorizations cease to apply. If the data is not deleted because it is required for other legally permissible purposes, its processing will be restricted.

Use of Cookies

Cookies are small text files or other memory markers that store information on devices and retrieve information from devices. For instance, they can store login status, shopping cart contents, or visited content.

Business Services

We process data of our contractual and business partners (such as customers and interested parties) in the context of contractual and comparable legal relationships, as well as related actions and communications.

Provision of the Online Offering and Web Hosting

We process users’ data to be able to provide them with our online services. For this purpose, we process the IP address of the user, which is necessary to deliver the content and functions of our online services to the user’s browser or device.

Contact and Request Management

When you contact us (e.g., by post, contact form, email, phone, or via social media), your data will be processed as necessary to handle your request.

Surveys and Polls

We conduct surveys and polls to gather information for the communicated purpose of the respective survey or poll. These are evaluated anonymously unless otherwise stated.

Web Analysis, Monitoring, and Optimization

Web analysis serves to evaluate the visitor streams of our online offering and may include pseudonymous information about behavior, interests, or demographic information about visitors.

Presence on Social Networks (Social Media)

We maintain online presences within social networks and process users’ data in this context to communicate with them or offer information about us.

Plugins and Embedded Functions and Content

We integrate functional and content elements obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”) into our online offering, such as graphics, videos, or maps.

Changes and Updates to the Privacy Policy

We ask you to regularly review the content of our privacy policy. We will update the privacy policy whenever necessary based on changes in our data processing activities.

Rights of Data Subjects

As a data subject under the GDPR, you have various rights, including:

  • Right to Object: You have the right to object at any time to the processing of your personal data.
  • Right to Withdraw Consent: You can withdraw your consent at any time.
  • Right of Access: You have the right to request information about whether your data is being processed and to obtain further details.
  • Right to Rectification: You can request the correction of incorrect data.
  • Right to Erasure and Restriction of Processing: You have the right to request the deletion or restriction of the processing of your data under certain conditions.
  • Right to Data Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format.

This privacy policy was created using the free privacy policy generator by Dr. Thomas Schwenke.