We process your personal data exclusively within the framework of the provisions of the General Data Protection Regulation (GDPR), as well as the Data Protection Act of 2018
Note: For ease of reading, we generally use the term “data”, even when referring to personal data. Statutory provisions without reference exclusively refer to the provisions of the GDPR, unless stated otherwise.
In the following, we will inform you about the type, scope, and purpose of data collection and use, in accordance with the provisions of the GDPR.
The data controller for data processing is:
1. Description and scope of data processing
Every time you visit our website, our system automatically collects data and information from the computer system of the accessing computer.
The following data are collected:
2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. lit. f.
3. Purpose of data processing
Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. To this end, the user’s IP address must remain stored for the duration of the session.
Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f also lies in these purposes.
4. Duration of storage
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of data collection for provision of the website, this will be undertaken once the respective session has ended.
5. Options for objection and removal
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for operation of the website. Consequently, there is no option to object on the part of the user.
1. Description and scope of data processing
Technically necessary cookies:
The following data is stored and transmitted in the cookies:
Cookies that are not technically necessary:
The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for processing your data using technically necessary cookies is Article 6 Paragraph 1 f. For cookies that are not technically necessary, the legal basis is Article 6 Paragraph 1 a.
3. Purpose of data processing
The user data collected by technically necessary cookies are not used to create user profiles. Cookies that are not technically necessary are used to improve the quality of our website and its content. Through these cookies, we or corresponding third-party providers learn how the website is used and can thus continuously optimize our offer.
4. Duration of storage, possibility of objection and removal
1. Data protection provisions on the use and application of Google Analytics (with anonymisation function)
The controller has integrated the Google Analytics component (with anonymisation function) on this website. Google Analytics is a web analytics service. Web analysis is the surveying, collecting, and analysing of data on the behaviour of visitors to websites. A web analysis service collects, among other things, data on the website from which a data subject has accessed a website (“referrer”), which sub-pages of the website have been accessed, or how often and for how long a sub-page has been viewed. A web analysis tool is mainly used to optimise a website and for cost-benefit analysis of Internet advertising.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The data controller uses the suffix “_gat._anonymizeIp” for the web analysis via Google Analytics. Using this addition, Google shortens and anonymises the IP address of the data subject when accessing our Internet pages from a Member State of the European Union or from another signatory state to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Among other things, Google uses the data and information obtained to evaluate the use of our website, to compile online reports showing us the activities on our websites, and to provide other services related to the use of our website.
Google Analytics places a cookie on the information technology system of the data subject. Cookies have already been explained above. The placement of this cookie enables Google to analyse the use of our website. Each time one of the individual pages of this website is accessed which is operated by the data controller and on which a Google Analytics component has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the IP address of the data subject, which allows Google, among other things, to trace the origin of visitors and clicks and subsequently enable commission settlements.
Cookies are used to store personal information, such as the time of access, the location from which the website was accessed, and the frequency of visits to our website by the data subject. Whenever you visit our website, these personal data, including the IP address of the Internet connection used by the data subject, are transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may disclose personal data collected through the technical process to third parties.
The data subject can prevent cookies being set by our website at any time, as already described above, by using an appropriate setting of the Internet browser used and therefore permanently objecting to cookies being set. Setting the Internet browser used in this way would also prevent Google from placing a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programmes.
The data will be deleted as soon as they are no longer needed for our recording purposes. In our case, this takes place after 26 months
2. Data protection provisions on the application and use of GOOGLE FONTS
We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.
You do not have to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts / fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don’t need to worry that your Google account details will be transmitted to Google while you are using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at what the data storage looks like.
What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts that Google LLC provides for free use.
Many of these fonts are released under the SIL Open Font License, while others are released under the Apache license. Both are free software licenses. So we can use them freely without paying license fees.
Why do we use Google Fonts on our website?
With Google Fonts, we can use fonts on our own website and do not have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage, especially for use on mobile devices. When you visit our site, the small file size ensures a quick loading time. Furthermore, Google Fonts are so-called secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites. Thanks to the fast content delivery network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod).
So we use Google Fonts so that we can present our entire online service as beautifully and consistently as possible. According to Art. 6 Paragraph 1 f lit. F GDPR, this already represents a “legitimate interest” in the processing of personal data Legal system are recognized.
Which data is saved by Google?
When you visit our website, the fonts are downloaded from a Google server. This external call transfers data to the Google server. In this way, Google also recognizes that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the collection, storage and use of end-user data to what is necessary for the efficient provision of fonts. By the way, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.
Google Fonts securely stores CSS and font requests with Google and is therefore protected. Google can determine the popularity of the fonts through the collected usage figures. Google publishes the results on internal analysis sites such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the BigQuery database by Google Fonts. BigQuery is a web service from Google for companies that want to move and analyze large amounts of data.
It should be noted, however, that information such as the IP address, language settings, screen resolution of the browser, version of the browser and the name of the browser are automatically transmitted to the Google server with every Google Font request. It is not clear whether this data is saved or not clearly communicated by Google.
How long and where will the data be stored?
Google stores requests for CSS assets for one day on your servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example.
The font files are stored by Google for one year. With this, Google is pursuing the goal of fundamentally improving the loading time of websites. If millions of web pages refer to the same fonts, they are cached after the first visit and immediately reappear on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.
How can I delete my data or prevent data storage?
The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To be able to delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=231560253391. In this case, you only prevent data storage if you are not visiting our site.
Unlike other web fonts, Google allows us unrestricted access to all fonts. We can therefore have unlimited access to a sea of fonts and thus get the most out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=231560253391. Although Google deals with data protection issues there, it does not contain any really detailed information about data storage. It is relatively difficult (almost impossible) to get really precise information about stored data from Google.
You can also read which data is generally recorded by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
Source: Created with the data protection generator from firmenwebseiten.at in cooperation with hashtagmode.at
Due to legal regulations, our website contains information that enables users to quickly contact our company electronically, as well as to directly communicate with us, which also includes a general address of so-called electronic mail (email address). If a data subject contacts the controller by email or via a contact form, any personal data transmitted by the data subject are stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. We will not disclose these personal data to third parties.
If your personal data are processed, you are a data subject within the meaning of the GDPR. You have the following rights vis-à-vis us as the controller:
1. Right to information
You can request information on whether we are processing personal data that concerns you.
If such processing is taking place, you can request the following information from us:
The purposes and categories of personal information that are being processed, including the recipients or categories of recipients to whom data have been or will be disclosed, as well as the planned duration of the storage of your data. If we use profiling technologies, we are obligated to provide you with meaningful information about the logic used, the scope, as well as the intended implications such processing might have for you. Furthermore, we are obligated to inform you about your right to complain to a data protection authority. You additionally have the right to request information on whether the data which concern you will be transmitted to a third-party country or an international organisation.
2. Right to rectification
You have the right to request the rectification and/or completion of your personal data if these have been processed and are incorrect or incomplete. If your complaint has valid grounds, we will rectify the data without delay.
3. Right to restriction of processing
Under the following conditions, you may request that the processing of your data be restricted:
If the processing of your data has been restricted, such data – apart from being stored – may be processed only with your consent or for the purpose of asserting, exercising, or defending claims or for the protection of the rights of another natural or legal person.
If the processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.
4. Right to deletion
We are obligated to delete your data immediately if one of the following grounds applies:
The right to deletion does not exist if processing is necessary
5. Right to object
You have the right to object at any time to the processing of your personal data on the basis of Art. 6 para. 1 lit. e or f GDPR for reasons arising from your particular situation. This includes profiling based on these provisions.
We will then no longer process your data, unless we have compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms, or if the processing is intended to assert, exercise, or defend legal claims.
If your data are processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data that concern you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing.
If you object to processing your data for direct marketing purposes, the data which concern you will no longer be processed for these purposes.
6. The right to revoke your consent under data protection provisions
You have the right at any time to revoke your data protection declaration of consent. The revocation does not affect the lawfulness of processing based on consent before its withdrawal.
7. Right to appeal to a data supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in accordance with § 24 et seq. Federal Data Protection Act of 2018 (BDSG 2018), if you believe that the processing of your data is in contravention of the GDPR.
The data supervisory authority shall inform the appellant of the status and results of the appeal, including the possibility of a judicial remedy.
Schruns, November 2021