Data Protection Statement

We process your personal data exclusively within the framework of the provisions of the General Data Protection Regulation (GDPR), as well as the Data Protection Act of 2018

Note: For ease of reading, we generally use the term “data”, even when referring to personal data. Statutory provisions without reference exclusively refer to the provisions of the GDPR, unless stated otherwise.

In the following, we will inform you about the type, scope, and purpose of data collection and use, in accordance with the provisions of the GDPR.

I. Name and address of the responsible party

The data controller for data processing is:

VirtuRail GmbH
Batloggstraße 95
6780 Schruns

II. Provision of the website and creation of log files

1. Description and scope of data processing

Every time you visit our website, our system automatically collects data and information from the computer system of the accessing computer.

The following data are collected:

  • Information regarding the used browser type and version
  • The user’s operating system
  • The user’s Internet service provider
  • The user’s IP address
  • Date and time of access
  • Websites from which the user’s system accesses our website
  • The websites accessed by the user’s system via our website

2. Legal basis for data processing    

The legal basis for the temporary storage of data and log files is Art. 6 para. lit. f.

3. Purpose of data processing

Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. To this end, the user’s IP address must remain stored for the duration of the session.

Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f also lies in these purposes.

4. Duration of storage

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of data collection for provision of the website, this will be undertaken once the respective session has ended.

5. Options for objection and removal

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for operation of the website. Consequently, there is no option to object on the part of the user.


1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user opens awebsite, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be clearly identified when the website is visited again.

Technically necessary cookies:

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can also be identified after changing pages.

The following data is stored and transmitted in the cookies:

  • Hide the cookie notice, save the settings with regard to cookies that are not technically necessary

Cookies that are not technically necessary:

When you visit our website, an information banner informs you about the use of cookies and refers you to this data protection declaration. In this context, there is also the option of deactivating technically unnecessary cookies. With the appropriate consent of the user, the following cookies are set (more information on the individual components can be found in Section V):

Google Analytics

We also use cookies on our website that enable an analysis of the surfing behavior of the users. The following data can be transmitted:

  • Entered search terms
  • Frequency of page views
  • Use of website functions

The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.

2. Legal basis for data processing

The legal basis for processing your data using technically necessary cookies is Article 6 Paragraph 1 f. For cookies that are not technically necessary, the legal basis is Article 6 Paragraph 1 a.

3. Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after changing pages.

The user data collected by technically necessary cookies are not used to create user profiles. Cookies that are not technically necessary are used to improve the quality of our website and its content. Through these cookies, we or corresponding third-party providers learn how the website is used and can thus continuously optimize our offer.

4. Duration of storage, possibility of objection and removal

Cookies are stored on the user’s computer and transmitted from there to our site. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. There are several ways to manage cookies. The help button on the toolbars of most browsers shows you how you can stop accepting cookies, how you can be notified when a new cookie is set and how you can block cookies. If you block cookies, you may not be able to register, log in or use the services to their full extent.



1. Data protection provisions on the use and application of Google Analytics (with anonymisation function)

The controller has integrated the Google Analytics component (with anonymisation function) on this website. Google Analytics is a web analytics service. Web analysis is the surveying, collecting, and analysing of data on the behaviour of visitors to websites. A web analysis service collects, among other things, data on the website from which a data subject has accessed a website (“referrer”), which sub-pages of the website have been accessed, or how often and for how long a sub-page has been viewed. A web analysis tool is mainly used to optimise a website and for cost-benefit analysis of Internet advertising.

The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The data controller uses the suffix “_gat._anonymizeIp” for the web analysis via Google Analytics. Using this addition, Google shortens and anonymises the IP address of the data subject when accessing our Internet pages from a Member State of the European Union or from another signatory state to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Among other things, Google uses the data and information obtained to evaluate the use of our website, to compile online reports showing us the activities on our websites, and to provide other services related to the use of our website.

Google Analytics places a cookie on the information technology system of the data subject. Cookies have already been explained above. The placement of this cookie enables Google to analyse the use of our website. Each time one of the individual pages of this website is accessed which is operated by the data controller and on which a Google Analytics component has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the IP address of the data subject, which allows Google, among other things, to trace the origin of visitors and clicks and subsequently enable commission settlements.

Cookies are used to store personal information, such as the time of access, the location from which the website was accessed, and the frequency of visits to our website by the data subject. Whenever you visit our website, these personal data, including the IP address of the Internet connection used by the data subject, are transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may disclose personal data collected through the technical process to third parties.

The data subject can prevent cookies being set by our website at any time, as already described above, by using an appropriate setting of the Internet browser used and therefore permanently objecting to cookies being set. Setting the Internet browser used in this way would also prevent Google from placing a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programmes.

Furthermore, it is possible for the data subject to object to and prevent the collection of data generated by Google Analytics relating to the use of this website and the processing of these data by Google. To do so, the data subject must download and install a browser add-on from the link This browser add-on informs Google Analytics via JavaScript that no data and information on visits to websites may be transmitted to Google Analytics. Google views the installation of the browser add-on as an objection. If the data subject’s information technology system is deleted, formatted, or reinstalled at a later time, the data subject must reinstall the browser add-on to disable Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within his/her control, it is possible to reinstall or reactivate the browser add-on.

Additional information and Google’s privacy policy can be retrieved at and at Google Analytics is explained in more detail at

The data will be deleted as soon as they are no longer needed for our recording purposes. In our case, this takes place after 26 months

2. Data protection provisions on the application and use of GOOGLE FONTS

We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.

You do not have to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts / fonts) are requested via the Google domains and According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don’t need to worry that your Google account details will be transmitted to Google while you are using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at what the data storage looks like.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts that Google LLC provides for free use.

Many of these fonts are released under the SIL Open Font License, while others are released under the Apache license. Both are free software licenses. So we can use them freely without paying license fees.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our own website and do not have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage, especially for use on mobile devices. When you visit our site, the small file size ensures a quick loading time. Furthermore, Google Fonts are so-called secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites. Thanks to the fast content delivery network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod).

So we use Google Fonts so that we can present our entire online service as beautifully and consistently as possible. According to Art. 6 Paragraph 1 f lit. F GDPR, this already represents a “legitimate interest” in the processing of personal data Legal system are recognized.

Which data is saved by Google?

When you visit our website, the fonts are downloaded from a Google server. This external call transfers data to the Google server. In this way, Google also recognizes that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the collection, storage and use of end-user data to what is necessary for the efficient provision of fonts. By the way, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests with Google and is therefore protected. Google can determine the popularity of the fonts through the collected usage figures. Google publishes the results on internal analysis sites such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the BigQuery database by Google Fonts. BigQuery is a web service from Google for companies that want to move and analyze large amounts of data.

It should be noted, however, that information such as the IP address, language settings, screen resolution of the browser, version of the browser and the name of the browser are automatically transmitted to the Google server with every Google Font request. It is not clear whether this data is saved or not clearly communicated by Google.

How long and where will the data be stored?

Google stores requests for CSS assets for one day on your servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example.

The font files are stored by Google for one year. With this, Google is pursuing the goal of fundamentally improving the loading time of websites. If millions of web pages refer to the same fonts, they are cached after the first visit and immediately reappear on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To be able to delete this data prematurely, you must contact Google support at In this case, you only prevent data storage if you are not visiting our site.

Unlike other web fonts, Google allows us unrestricted access to all fonts. We can therefore have unlimited access to a sea of ​​fonts and thus get the most out of our website. You can find more about Google Fonts and other questions at Although Google deals with data protection issues there, it does not contain any really detailed information about data storage. It is relatively difficult (almost impossible) to get really precise information about stored data from Google.

You can also read which data is generally recorded by Google and what this data is used for at

Source: Created with the data protection generator from in cooperation with



Due to legal regulations, our website contains information that enables users to quickly contact our company electronically, as well as to directly communicate with us, which also includes a general address of so-called electronic mail (email address). If a data subject contacts the controller by email or via a contact form, any personal data transmitted by the data subject are stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. We will not disclose these personal data to third parties.



If your personal data are processed, you are a data subject within the meaning of the GDPR. You have the following rights vis-à-vis us as the controller:

1. Right to information

You can request information on whether we are processing personal data that concerns you.

If such processing is taking place, you can request the following information from us:

The purposes and categories of personal information that are being processed, including the recipients or categories of recipients to whom data have been or will be disclosed, as well as the planned duration of the storage of your data. If we use profiling technologies, we are obligated to provide you with meaningful information about the logic used, the scope, as well as the intended implications such processing might have for you. Furthermore, we are obligated to inform you about your right to complain to a data protection authority. You additionally have the right to request information on whether the data which concern you will be transmitted to a third-party country or an international organisation.

2. Right to rectification

You have the right   to request the rectification and/or completion of your personal data if these have been processed and are incorrect or incomplete. If your complaint has valid grounds, we will rectify the data without delay.

3. Right to restriction of processing

Under the following conditions, you may request that the processing of your data be restricted:

  • if you dispute the accuracy of the data which concern you for a period that enables us to verify the accuracy of your data;
  • if the processing is unlawful and you refuse the deletion of your data and instead request the restriction of use;
  • if we no longer need your data for the purpose of data processing, but you require it to assert, exercise, or defend legal claims; or
  • if you have filed an objection to the processing of your data and it is not yet clear whether our justifiable grounds outweigh yours.

If the processing of your data has been restricted, such data – apart from being stored – may be processed only with your consent or for the purpose of asserting, exercising, or defending claims or for the protection of the rights of another natural or legal person.

If the processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.

4. Right to deletion

We are obligated to delete your data immediately if one of the following grounds applies:

  • your data are no longer necessary for the purposes for which they were collected by us;
  • you revoke your consent and there exists no other legal basis for data processing.
  • You file an objection against the processing pursuant to Art. 21 para. 1 and there exist no overriding legitimate reasons for the processing on our part, or if you file an objection against the processing pursuant to Art. 21 para.
  • Your data have been processed unlawfully.

The right to deletion does not exist if processing is necessary

  • for the performance of a legal obligation that requires processing (e.g., vis-à-vis authorities or administrative bodies), or to carry out a task in the public interest which has been assigned to us;
  • for the assertion, exercise, or defence of legal claims.


5. Right to object

You have the right to object at any time to the processing of your personal data on the basis of Art. 6 para. 1 lit. e or f GDPR for reasons arising from your particular situation. This includes profiling based on these provisions.

We will then no longer process your data, unless we have compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms, or if the processing is intended to assert, exercise, or defend legal claims.

If your data are processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data that concern you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing.

If you object to processing your data for direct marketing purposes, the data which concern you will no longer be processed for these purposes.

6. The right to revoke your consent under data protection provisions

You have the right at any time to revoke your data protection declaration of consent. The revocation does not affect the lawfulness of processing based on consent before its withdrawal.

7. Right to appeal to a data supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in accordance with § 24 et seq. Federal Data Protection Act of 2018 (BDSG 2018), if you believe that the processing of your data is in contravention of the GDPR.

The data supervisory authority shall inform the appellant of the status and results of the appeal, including the possibility of a judicial remedy.

Schruns, November 2021