Privacy Policy & Cookies

Data protection notice as of: 28.10.2020

In this data protection notice we inform you about the type, purpose and scope of the processing of your personal data. This data protection notice applies to the processing of your personal data as part of the provision of our services online and offline, but above all to this website and our social media presence.

All terms used are not gender specific.

Responsible for data processing:

Hans-Georg Schaffler Webdesign
Owner: Hans-Georg Schaffler
Address: In der Weiz 52, 8160 Weiz, AUSTRIA
Phone: +43 664 3884700
Email: george@greatwebdesign.at

General information

The protection and security of your personal data are important to us. This website therefore stores and processes data exclusively in accordance with the Austrian and European General Data Protection Regulation (GDPR). As a user, you consent to data processing in the sense of this declaration. You can find the current version of the GDPR at:

https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN

This data protection declaration only applies to this website. If you are forwarded to other pages via links on our pages, you can find out more about how your data is handled on the forwarded website. Your personal data (e.g. title, name, address, email address, telephone and fax number, date of birth, text input) will only be processed by us in accordance with the provisions of Austrian data protection law. The following regulations inform you about the type, scope and purpose of the collection, processing and use of personal data.

Types of data processed

  • Contact details (e.g. telephone numbers, email addresses)
  • Inventory data (e.g. names, addresses)
  • Content data (e.g. text entries, photos, videos)
  • Contract data (e.g. subject matter of the contract)
  • Payment details (e.g. account details)
  • Usage data (e.g. websites visited)
  • Location data (e.g. position of the device)
  • Meta / communication data (e.g. IP addresses)

Categories of data subjects

  • Customers, business partners, interested parties
  • Visitors and users of the online offer

Purpose of processing

  • Provision of our online offer
  • Ease of use
  • Communication with customers, business partners, interested parties, users
  • Provision of contractual services
  • Fulfillment of legal documentation requirements
  • Safety measures
  • Marketing & Advertising

Overview of the legal bases

  • Consent (Art. 6 para. 1 lit. a GDPR)
    The data subject has given their consent to the processing of their personal data for one or more specific purposes.
  • Fulfillment of a contract (Art. 6 para. 1 lit. b GDPR)
    The processing is necessary for the fulfillment of a contract to which the data subject is a party, or for the implementation of pre-contractual measures that take place at the request of the data subject.
  • Fulfillment of a legal obligation (Art. 6 para. 1 lit. c GDPR)
    The processing is necessary to fulfill a legal obligation to which the person responsible for the processing is subject.
  • Preservation of legitimate interests (Art. 6 para. 1 lit. f GDPR)
    Processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, outweigh this.

Rights of the persons affected

According to Austrian data protection law and the European GDPR, you as the person concerned have extensive rights. Above all, these rights should ensure more transparency. Your rights as a data subject are the right to information about your personal data, to correction, deletion, restriction of processing, objection to processing and data portability (only in the case of a contractual relationship or consent) and to withdraw consent at any time (Art. 15 to 21 GDPR).

The easiest way for you as a data subject to exercise your rights is to send an email to george@greatwebdesign.at. In addition, by sending a message by post, making personal contact, as well as via the contact form on the website.

In addition, you always have the right to lodge a complaint with the data protection authority regarding the processing of your personal data. The contact details of the data protection authority are:

Österreichische Datenschutzbehörde
Wickenburggasse 8
1080 Wien
Telefon: +43 1 521 52-25 69
E‑Mail: dsb@dsb.gv.at

Data erasure

Your data will be deleted as soon as the respective contract with you has been fulfilled and there is no longer any legal obligation to store the data. Your data will generally be deleted after seven years; Retention period according to § 132 BAO.

Statutory / legal retention obligations or contractual obligations e.g. personal data must continue to be stored in relation to customers from warranty or compensation or to contractual partners. (Art. 6 para. 1 lit. c GDPR)

Contact us

Contact form, email

If you contact us using the form on the website or by e-mail, the data you provide (e-mail addresses, names, addresses, telephone and fax numbers, date of birth, text input) will be used for the purpose of processing the request and in the event of Follow-up questions stored with us for 12 months. We do not pass on this data without your consent. The data entered is therefore processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent informally by email to us at any time.

The data you have entered will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. completed processing of your request). Statutory provisions remain unaffected (retention periods).

Inventory data (customer and contract data)

We collect, process and use personal data only insofar as they are necessary for the establishment, content or change of the legal relationship. This is done on the basis of Art. 6 para. 1 lit. b GDPR, which allows the processing of data for the performance of a contract or pre-contractual measures. We collect, process and use personal data on the use of our website (usage data) only insofar as this is necessary to enable the user to use the service. The customer data collected will be deleted after the business relationship has ended. Statutory retention periods remain unaffected.

Automatic data storage

When you visit our website, various information is automatically stored on the web server of the hosting provider.

Hosting provider

We host our website with our processor Lederhaas IT Solutions, Schönberg 3, 8411 Hengsberg, Austria.

Only connection data are processed for the mere provision of the website. This processing is based on our legitimate interest in accordance with. Art. 6 para. 1 lit. f GDPR (absolute technical necessity to provide this website).

Personal data is processed to operate the website and to call up other functions. You can read details about the individual functions and services here in this data protection declaration.

Server log files

When you visit this website, the browser used on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your part and stored until it is automatically deleted:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the file called up,
  • Website from which access is made (referrer URL),
  • Browser used and, if applicable, the operating system of your computer and the name of
  • your access provider.

The possibility to use this data on the legal basis according to Art. 6 para. 1 lit. f GDPR for purposes like

  • ensuring a smooth connection to the website,
  • ensuring comfortable use of our website,
  • the evaluation of system security and stability as well as
  • for further administrative purposes

is currently being used by us. Under no circumstances will the data collected be used to draw conclusions about you personally. The duration of the processing is limited to 14 days.

Cookie Notice

What is a cookie?

Cookies are small text files that are created by the website you are visiting and that contain data. They are stored on the visitor’s computer in order to give the user access to various functions. A session cookie is temporarily stored on the computer while the visitor is navigating through the website. This cookie is deleted when the user closes his internet browser or after a certain period of time (i.e. when the session expires). A permanent cookie remains on the visitor’s computer until it is deleted.

Types of cookies

  • Temporary cookies (session cookies)
    Session cookies are only temporarily stored on the computer and are deleted when the browser is closed.
  • Permanent cookies
    Permanent cookies remain stored on the computer even after the browser is closed. E.g. Language settings for the next visit are saved in these cookies.
  • Essential cookies
    Essential cookies are absolutely necessary for the smooth operation of a website.
  • Marketing cookies
    These cookies are used for advertising purposes, e.g. to assign a specific user profile to a user and thereby show the user advertising appropriate to his surfing behavior.
  • First-party cookies
    These cookies are set by the website operator himself.
  • Third-party cookies
    These cookies are mostly set by so-called social networks (so-called third parties) to process the usage behavior of the website visitor.

Storage duration of cookies

The storage duration of cookies varies depending on the type and function of the cookie. If our cookie notice does not provide any information on the storage period, the storage period can be up to 2 years.

How can I refuse and delete cookies?

We generally do not use cookies to collect personal information about a visitor. If you wish, you can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. You can find out more about this in the “Help function” of your browser or if the name of your browser is listed below, then click on it and you will be redirected to the corresponding page.

Internet Explorer
Google Chrome
Mozilla Firefox
Apple Safari

If you generally want to object to the use of cookies for advertising purposes, you can do so on the USA page http://optout.aboutads.info/ or the EU page http://www.youronlinechoices.com/ to adjust.

If you deactivate cookies, the functionality of this website may be restricted. Cookies that are required to carry out the electronic communication process or to provide certain functions you require (e.g. comment function, shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR saved. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services.

For more information about cookies, including information on how to set, organize, block or delete cookies, visit www.allaboutcookies.org. The website www.allaboutcookies.org provides detailed instructions on how cookies are set and deleted, depending on the browser type.


Your cookie settings

As a user, you can make your personal cookie settings in our cookie notice (pop-up window). If you give us your consent to the setting of cookies, we will process this data on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time.

Otherwise, only cookies (essential cookies) are set that are absolutely necessary for the operation of the website. We act on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR).

If you want to change your cookie settings, click on the following button:

Cookie-Einstellungen


Integration of third party services

We integrate services (content and functions) from third-party providers on our website in order to display their content such as fonts, videos, images, etc.

If we obtain the consent of the user for this, the processing of the data takes place on the legal basis of the consent of the user (Art. 6 para. 1 lit. a GDPR). Otherwise, we process the user’s data on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR).

Services used:

Google Fonts

We use external fonts (“Google Fonts”) from the provider Google Fonts, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The browser or connection data for the purpose of displaying the required fonts are only processed for the required duration of the selection and transmission of the fonts. This data processing is based on our legitimate interest in accordance with. Art. 6 para. 1 lit. f GDPR (absolute technical necessity to provide this website).

Details can be found here:

Website: https://fonts.google.com
Data protection notice: https://policies.google.com/privacy
Opt-out (advertising settings): https://adssettings.google.com/authenticated

Google Maps

If you have given your consent, we use maps (“Google Maps”) provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The processing of your personal data serves the purpose of displaying interactive maps on our website.
This Google service can process browser and connection data, but these are usually only collected with the consent of the user (settings in the browser or on the mobile device).

Details can be found here:

Website: https://cloud.google.com/maps-platform
Data protection notice: https://policies.google.com/privacy
Possibility of objection: https://tools.google.com/dlpage/gaoptout?hl=de
Opt-out (advertising settings): https://adssettings.google.com/authenticated

Google ReCaptcha

We use the “Google ReCaptcha” function to distinguish bots from humans. For example, bots can be prevented from entering online contact forms. The provider of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Details can be found here:

Website: https://www.google.com/recaptcha/about/
Data protection notice: https://policies.google.com/privacy
Possibility of objection: https://tools.google.com/dlpage/gaoptout?hl=de
Opt-out (advertising settings): https://adssettings.google.com/authenticated

Facebook

Social plugins (“plugins”) from the social network facebook.com can be integrated into our website. The provider is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. These plugins can display content such as graphics, text contributions, videos or elements for interaction on the website. You can see the list and appearance of the Facebook social plugins here: https://developers.facebook.com/docs/plugins/

Details can be found here:

Website: https://www.facebook.com/
Data protection notice: https://www.facebook.com/about/privacy
Opt-out (advertising settings): https://www.facebook.com/settings?tab=ads

Instagram

Social plugins (“plugins”) from the social network instagram.com can be integrated into our website. The provider of the service is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

Details can be found here:

Website: https://www.instagram.com/
Data protection notice: https://instagram.com/about/legal/privacy

YouTube

Videos from the “YouTube” platform can be integrated into our website. They are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Details can be found here:

Website: https://www.youtube.com/
Data protection notice: https://policies.google.com/privacy
Possibility of objection: https://tools.google.com/dlpage/gaoptout?hl=de
Opt-out (advertising settings): https://adssettings.google.com/authenticated

Wordfence Security

We use the Wordfence Security Plugin to secure our online offer. The provider of this plug-in is Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA.

Our website uses this service to protect against viruses, malware and other attacks by criminals. For the purpose of protection against brute force and DDoS attacks or message spam, IP addresses are stored on the servers of Defiant, Inc. Wordfence Security protects our website and thus all visitors to our website against viruses and malware.

This data processing is based on our legitimate interest in accordance with. Art. 6 para. 1 lit. f GDPR (absolute technical necessity to provide this website).

Details on the collection and use of data by Wordfence Security can be found here: https://www.wordfence.com/privacy-policy/

Wordfence currently uses three cookies:

wfwaf-authcookie- (hash)

What does this cookie do: This cookie is used by the Wordfence firewall to perform a functional test of the current user before WordPress is loaded.

Who receives this cookie: This cookie is only set for users who can log into WordPress.

How does this cookie help: With this cookie, the Wordfence firewall can recognize registered users and give them increased access. Wordfence can also detect users who are not logged in and restrict their access to secure areas. The cookie also tells the firewall what level of access a visitor has, so the firewall can make wise decisions about who to allow and who to block.

wf_loginalerted_ (hash)

What does this cookie do: This cookie is used to notify the Wordfence administrator when an administrator logs in from a new device or location.

Who is receiving this cookie? This is only set for administrators.

How does this cookie help: This cookie enables website owners to determine if an administrator has been logged in from a new device or location.

wfCBLBypass

What does this cookie do: Wordfence offers a function for a website visitor to bypass country blocking by accessing a hidden URL. You can use this cookie to track who is allowed to bypass country blocking.

Who is receiving this cookie? If a hidden URL defined by the site administrator is visited, this cookie is set to check whether the user can access the site from a country restricted by country blocking. This is set for anyone who knows the URL that can be used to bypass the standard country blocking. This cookie is not set for people who do not know the hidden URL in order to bypass country blocking.

How does this cookie help: With this cookie, website owners can allow certain users from blocked countries even though their country has been blocked.

Online presence in social media

On the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) we operate online presences within so-called “social media” in order to be able to communicate with users there or to provide information about our services.

We would like to point out that these social media can also process user data outside of the European Union and that this user data is processed in most cases for marketing and advertising purposes.

If you use these social media or networks (such as Facebook, Instagram, Pinterest, etc.), the terms and conditions and data processing guidelines of the respective operator apply.

Facebook

The provider of the service is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. Details can be found here:
Website: https://www.facebook.com/
Data protection notice: https://www.facebook.com/about/privacy
Additional data protection notice: https://www.facebook.com/legal/terms/information_about_page_insights_data
Opt-out (advertising settings): https://www.facebook.com/settings?tab=ads

Instagram

The provider of the service is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. Details can be found here:
Website: https://www.instagram.com/
Data protection notice: https://instagram.com/about/legal/privacy

YouTube

The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details can be found here:
Website: https://www.youtube.com/
Data protection notice: https://policies.google.com/privacy
Opt-out (advertising settings): https://adssettings.google.com/authenticated

LinkedIn

The provider of the service is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland. Details can be found here:
Website: https://www.linkedin.com/
Data protection notice: https://www.linkedin.com/legal/privacy-policy
Opt-out (advertising settings): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Twitter

The provider of the service is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Details can be found here:
Website: https://twitter.com/
Data protection notice: https://twitter.com/de/privacy
Privacy settings: https://twitter.com/settings/account/personalization

SSL encryption

This site uses SSL encryption for reasons of security and to protect the transmission of confidential content, such as the inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line.

If the SSL encryption is activated, the data that you transmit to us cannot be read by third parties.

Data security

The provider uses technical and organizational security measures to protect the data stored by the provider against accidental or deliberate manipulation, loss, destruction or against access by unauthorized persons. Data transfers between service providers are carried out using the SSL (Secure Socket Layer) method. In this case, this software encrypts all information that is transmitted to and from supporters.

All data is stored on the server of this website or on the servers of our service providers, with whom contracts for order processing according to § 28 GDPR have been concluded with appropriate verification.

Updates to this privacy notice

We adjust the content of this data protection notice at regular intervals if this becomes necessary due to changes in the data processing we have carried out. We therefore ask you to inform yourself regularly about the content of our data protection notice.

For your information: Addresses, links and other contact information that are given here in this data protection notice may change over time.