Privacy Policy

We have prepared this Privacy Policy (Version 26.11.2024-122912897) to explain to you, in accordance with the General Data Protection Regulation (EU) 2016/679 and applicable national laws, what personal data we process as the data controller, what personal data we will process in the future, and what legal rights you have.

We provide this information in clear and simple language: We process personal data only when there is a legal basis for doing so. If you have any questions, please contact the responsible party listed in the legal notice.

This Privacy Policy applies to all personal data processed by our company and to all personal data processed by companies we have engaged (processors). The scope of application includes:

• All of the websites we operate
• Social media presence and email communication
• Mobile apps for smartphones and other devices

We process your data only if at least one of the following conditions applies:

• Consent (Art. 6(1)(a) of the GDPR): You have given us your consent to process data for a specific purpose.
• Contract (Art. 6(1)(b) of the GDPR): To fulfill a contract or pre-contractual obligations with you.
• Legal obligation (Art. 6(1)(c) of the GDPR): When we are subject to a legal obligation (e.g., retention of invoices).
• Legitimate interests (Art. 6(1)(f) of the GDPR): In cases where legitimate interests are involved that do not infringe upon your fundamental rights.

In addition to the EU Regulation, the Data Protection Act (DSG) applies in Austria.

We retain personal data only for as long as is strictly necessary to provide our services and products. This means that we delete personal data as soon as the reason for processing it no longer exists.

In some cases, we are legally required to retain certain data even after the original purpose has ceased to apply (e.g., for accounting purposes). If you wish to have your data deleted or withdraw your consent to data processing, the data will be deleted as soon as possible.

Under Articles 13 and 14 of the GDPR, you have the following rights:

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data (Art. 25 GDPR, "Data protection by design").

We use HTTPS (TLS encryption) to ensure that data is transmitted securely over the Internet. This means that all data transmitted between your browser and our web server is encrypted. You can tell this by the padlock icon on the left side of your browser's address bar.

When you contact us by phone, email, or through our online form, your data will be processed for the purpose of handling and addressing your inquiry and will be stored for as long as required by law.

Phone: Call data is stored in pseudonymized form on the respective device and deleted as soon as the transaction is complete.

Email: Data is stored on the respective device and on the email server and is deleted once the transaction is complete.

Online forms: Data is stored on our web server and deleted as soon as the transaction is complete.

Our website uses HTTP cookies to store user-specific data. Cookies are small text files that our website stores on your computer.

Types of Cookies

• Essential cookies: Required for basic website functions.
• Functional cookies: Collect information about user behavior and page load times.
• Functional cookies: Store settings such as locations or form data.
• Advertising cookies: Used for personalized advertising (targeting).

You can delete, disable, or manage cookies at any time in your browser settings. There is a legitimate interest in using strictly necessary cookies (Art. 6(1)(f) GDPR). All other cookies are set only with your consent.

When you visit our website, our web server automatically stores data such as the URL accessed, browser type, operating system, referrer URL, IP address, and the date and time in what are known as web server log files.

This data is typically deleted automatically after two weeks. We do not share this data with third parties; however, we cannot rule out the possibility that it may be accessed by government authorities in the event of unlawful conduct. We have a data processing agreement with our hosting provider in accordance with Article 28 of the GDPR.

We use Google Analytics 4 (GA4) provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Analytics collects data about your activity on our website using a tracking code and uses this data to create pseudonymous user profiles.

GA4 uses an event-based data model and does not process IP addresses in plain text. IP address data is used to determine location and is deleted immediately afterward. This feature is only used with your consent (cookie pop-up).

You can disable data collection by Google Analytics using the browser add-on available at tools.google.com/dlpage/gaoptout.

Google also processes data in the United States and is an active participant in the EU-U.S. Data Privacy Framework. For more information, visit policies.google.com/privacy

We are active on social media platforms (LinkedIn). When you visit our social media pages, your data may be processed. Please note that data may also be processed outside the EU.

Data processing on the respective platforms is subject to the privacy policies of the respective providers. LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland) is responsible for data processing on LinkedIn.

We use Google Maps, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland), to show you our location. When you use the map feature, data such as your IP address and search terms you enter are transmitted to Google and stored there.

Google places at least one cookie (NID) in your browser. This is done only with your consent. For more information, visit: policies.google.com/privacy

We use Google Fonts from Google Ireland Limited on our website. However, we have hosted the Google fonts locally on our web server, not on Google’s servers.

As a result, there is no connection to Google’s servers, and therefore no data is transmitted to or stored by Google. This measure is intended to protect the privacy of our website visitors.

Data processor

A natural or legal person who processes personal data on behalf of the controller (Art. 4 GDPR). This includes, for example, hosting or cloud providers, payment providers, or large companies such as Google or Microsoft.

Consent

Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes (Art. 4 GDPR). On websites, this is typically done through a cookie consent tool.

Personal data

Any information relating to an identified or identifiable natural person (Art. 4 GDPR), such as name, email address, phone number, IP address, or location data.

Processing

Any operation involving personal data, such as collection, storage, modification, retrieval, transmission, or erasure (Art. 4 GDPR).

Data Controller

The natural or legal person who determines the purposes and means of the processing of personal data (Art. 4 GDPR). In our case, we, ITanic GmbH, are the controller.

All texts are protected by copyright. Source: Privacy Policy created using the Privacy Policy Generator for Austria by AdSimple.