Privacy Policy

We process and use your personal data based on your consent, contractual agreements, or legal obligations. Where no contractual relationship exists, processing may also occur based on our legitimate interests, in compliance with applicable legal provisions. We only collect personal data that is necessary for the execution and handling of our services or that you have provided to us voluntarily.

1. Website

Server Log Files

When you visit our website, the web server automatically collects and stores certain information in so-called server log files, which your browser transmits automatically. This may include:

IP address or hostname
Browser type and version
Operating system
Referrer URL (previously visited page)
Date and time of the server request
Pages accessed
Duration of visit
Language settings
Internet service provider (ISP)

This processing is carried out to maintain the technical operation and IT security of the website (legitimate interest according to Art. 6(1)(f) GDPR).

The operator reserves the right to review the log files retrospectively if there are specific indications of unlawful use.

Cookie Banner & Consent Management

When you access our website, a cookie banner is displayed allowing you to choose whether to accept certain cookies and services. Your selection is stored for future visits.

The following data may be processed:

Your IP address (anonymised)
Timestamp of consent
Browser information
URL of the visited page
Consent status (accepted or declined)

Storage is based on our legal obligation under Art. 6(1)(c) GDPR in conjunction with § 165 Abs 3 TKG 2021, to prove cookie consent. Your choice is stored for 12 months or until you delete cookies in your browser.

Cookies

Our website uses technically necessary cookies to provide basic site functions and improve user experience.

These cookies do not store personal data and do not require consent under § 96(3) TKG 2003.

Examples include:

Session cookies for navigation or language preferences

You can configure your browser to inform you about cookie usage, allow cookies only in individual cases, or block them entirely. Disabling cookies may limit the functionality of the website.

The following processing activities are to be expected:

Order in the online store

Data: Name, address, contract details, payment information, email, contact information
Purpose: Order in the online store
Legal basis: Article 6(1)(b) of the GDPR (performance of a contract)
Retention period: The data is processed until the termination of the contract and for 7 years thereafter for tax purposes.
Recipients: Payment providers and shipping service providers

Creation of a customer account

Data requested
Purpose: e.g., creation of a customer account to enable faster and more convenient shopping
Legal basis: Consent pursuant to Art. 6(1)(a) GDPR
Note regarding the possibility to withdraw consent at any time, as well as a note that the lawfulness of the processing remains unaffected until such withdrawal (e.g., You may withdraw your consent at any time with future effect. To delete your customer account, you must [description of how to delete the customer account].
Retention period: The data will be stored until the customer account is deleted and beyond that for the 7-year tax retention period.

2. Contact Form or Email

If you contact us via the contact form or by email, we process the data you provide (name, email address, address, telephone number, company, message) in order to handle your inquiry. Without this data, we cannot respond to your inquiry. If your inquiry is aimed at entering into a contract, we process your data on the basis of Article 6(1)(b) of the GDPR (pre-contractual communication). For all other inquiries, we rely on our legitimate interest (Article 6(1)(f) of the GDPR) in responding to your inquiry. The data will be stored for 6 months to address follow-up questions and will be deleted thereafter, provided there are no legal retention obligations to the contrary. This data will not be disclosed to third parties.

3. Data Sharing

To fullfil your request, it may be necessary to share your data with third parties (e.g. service providers or processors). Such transfers are carried out solely in compliance with GDPR, particularly to execute the contract or based on your consent.

Some recipients may be located outside the European Union (EU) or European Economic Area (EEA). If the country does not have an adequate data protection level as defined by the EU Commission, we will only transfer your data to recipients who have signed EU Standard Contractual Clauses (SCC) in accordance with the GDPR.

4. Data Security & Retention

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, or manipulation. These measures are regularly updated to reflect the current state of technology.

However, please note that transmitting information over the internet carries inherent risks. Despite our safeguards, data you send online may be unlawfully accessed or used by third parties (e.g. through hacking, interception of faxes or phone calls). We assume no liability for such incidents beyond our control.

We retain personal data only as long as necessary to fulfil contractual or legal obligations and to defend against possible liability claims. Inquiries submitted via the contact form or email are stored for six months to process potential follow-up questions, unless longer retention is legally required.

5. Your Rights

You have the right to:

Access your stored data
Rectify incorrect data
Request deletion (unless subject to legal retention)
Restrict processing
Data portability
Withdraw consent
Object to processing (Art. 21 GDPR)

If you believe your data is being processed in violation of data protection law, you may contact us or file a complaint with the Austrian Data Protection Authority:

Austrian Data Protection Authority
Barichgasse 40–42
1030 Vienna, Austria
Web: www.dsb.gv.at