1.1 What is personal data
Personal data is information that discloses or can disclose the identity of the user. We adhere to the principle of data avoidance. As far as possible, we refrain from collecting personal data.
1.2 Handling of personal data
Personal data is used exclusively for the purpose of establishing the contract, defining its content, implementing or processing the contractual relationship (Art. 6 (1 b) GDPR).
Beyond that, personal data will only be processed if we have received your consent to do so (Art. 6 (1 a) GDPR) or if it is data whose processing is necessary for our legitimate interests and insofar as the balancing process shows that no overriding interests, fundamental rights or freedoms on your part are opposed (Art. 6 (1 f) GDRP).
We may use order processors to process your personal data but will not pass on the personal data to third parties beyond this as a matter of principle.
The processing of your personal data takes place exclusively within the EU unless otherwise stated below.
1.3 Usage data
When using our app, general technical information is collected. This is the IP address used, time, duration of the visit, browser type/device type and, if applicable, the page of origin. This usage data is registered in a log file for technical reasons and can be used and stored for statistical evaluation of this app. A linkage of these usage data with your further personal data does not occur.
1.4 Registration data
To use our app, you must first register in the Google Play Store, Windows Store or Apple App Store to download the app. The separate provisions of Google, Windows or Apple apply here.
1.5 Data access
Through your consent after downloading the app, we gain access to the following types of data:
- End device
- Type of the end device
- Time zone
- Country of origin
This data is required for the assignment of the user and the functions of our app. In particular, however, it is also intended to prevent misuse by the user.
1.6 Push Services
Our app uses push services provided by the operating system manufacturers.
After downloading the app, the mobile device registers with the corresponding push service of the platform (iOS – Apple Push Notification Service; Android – Google Cloud Messaging). The service then sends the registration ID (Android) or token (iOS) to the registered device; the ID or receipt is sent by the app to the server and stored therein a database. If a push notification is to be sent, the server sends the desired message with registration ID/token to the platform’s push service, which forwards the push message to the respective devices.
We use push messages to inform you about events within the app that may require your special attention or a reaction on your part.
Consent is requested during the initial setup of the app and/or later on occasion.
You can suspend receiving push notifications when not using the app by explicitly logging out of the app. Through the operating system, you can revoke consent to receive push notifications as follows:
– Android/Settings/Applications/Application Manager//Notifications.
1.7 Duration of storage
We store your personal data after the termination of the purpose for which the data was collected only as long as required by law (especially tax law).
2. Your rights
You can request information from us as to whether we are processing personal data about you and, if so, you have a right to be informed about this personal data and to receive the further information referred to in Article 15 of the GDPR.
2.2 Right to rectification
You have the right to rectify inaccurate personal data concerning you and may request the completion of incomplete personal data by following Art. 16 GDPR.
2.3 Right to erasure
You have the right to demand that we delete the personal data concerning you without undue delay. We are obliged to delete them without delay, in particular, if one of the following reasons applies:
- Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- You revoke your consent on which the processing of your data was based and there is no other legal basis for the processing.
- Your data has been processed unlawfully.
The right to erasure does not exist insofar as your personal data is required for the assertion, exercise or defense of our legal claims.
2.4 Right to restriction of processing
You have the right to demand that we restrict the processing of your personal data if
- you dispute the accuracy of the data and we, therefore, verify the accuracy,
- the processing is unlawful and you refuse the deletion and demand the restriction of use instead
- we no longer need the data, but you need it to assert, exercise or defend legal claims,
- you have objected to the processing of your data and it has not yet been determined whether our legitimate reasons outweigh your reasons.
2.5 Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent or a contract and the processing is carried out by us with the help of automated processes.
2.6 Right of withdrawal
Insofar as the processing of your personal data is based on consent, you have the right to revoke this consent at any time.
2.7 General and right of appeal
The exercise of your above rights is generally free of charge for you. In the event of complaints, you have the right to contact the supervisory authority responsible for us, the State Data Protection Officer, directly.
3. Data security
3.1 Data security
All data within the application of the app is secured by technical and organizational measures against loss, destruction, access, modification and distribution.
3.2 Sessions and cookies
4. Presence on social media platforms
We use the following social media platforms for company presentation and communication (an explicit reference to the privacy statements and opt-out options linked below).
Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland).
Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland).
TikTok (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland)
These social media platforms may process personal data outside the EU, we refer in this respect to the above privacy statements of the social media platforms.
The respective social media platforms may create usage profiles from your usage behavior and the resulting interests and actions on your part and store cookies on your computer in which your usage behavior is stored. If you have an account on the respective social media platform and are logged in, your usage behavior may even be stored independently of the device. Your user profile can be used, for example, to place advertisements that presumably correspond to your interests.
We process the personal data exclusively for communicating with you via the social media platform you have chosen and for optimizing our online presence and ensure that no interests of yours are affected here that outweigh this legitimate interest of ours (Art. 6 (1 f) GDPR). Insofar as you have already given the respective operator of the social media platform effective consent to the corresponding data processing, the processing of your personal data will also be based on this consent (Art. 6 (1 a) GDPR).
5. Social media links
We have our own social media pages with third-party providers that can be reached via links from this app. Using the links will take you to the respective websites of the third-party providers (e.g. Facebook, Twitter, Instagram). To avoid unnecessary data transfer, we recommend logging out of the respective third-party provider before using a corresponding link, so that user profiles cannot be created by the third-party provider simply by using the link.
To contact us regarding data protection, you are welcome to use the following contact options.
Responsible party within the meaning of the GDPR:
KLG Rosenberg Parz. 85