Declaration on the duty to inform
— Status 21.01.2021
Unfortunately, these subjects sound rather technical due to their nature, but we have put much effort into describing the most important things as simply and clearly as possible.
— Automatic Data Retention
Every time you visit a website nowadays, certain information is automatically created and saved, just as it happens on this website.
Whenever you visit our website such as you are doing right now, our webserver (computer on which this website is saved/stored) automatically saves data such as
• the address (URL) of the accessed website
• browser and browser version
• the used operating system
• the address (URL) of the previously visited site (referrer URL)
• the host name and the IP-address of the device the website is accessed from
• date and time
in files (webserver-logfiles).
Generally, webserver-logfiles stay saved for two weeks and then get deleted automatically. We do not pass this information to others, but we cannot exclude the possibility that this data will be looked at in case of illegal conduct.
— Rights in accordance with the General Data Protection Regulation
You are granted the following rights in accordance with the provisions of the GDPR (General Data Protection Regulation) and the Austrian Data Protection Act (DSG):
• right to rectification (article 16 GDPR)
• right to erasure (“right to be forgotten“) (article 17 GDPR)
• right to restrict processing (article 18 GDPR)
• right to notification – notification obligation regarding rectification or erasure of personal data or restriction of processing (article 19 GDPR)
• right to data portability (article 20 GDPR)
• right to object (article 21 GDPR)
• right not to be subject to a decision based solely on automated processing – including profiling – (article 22 GDPR)
If you think that the processing of your data violates the data protection law, or that your data protection rights have been infringed in any other way, you can lodge a complaint with your respective regulatory authority. For Austria this is the data protection authority, whose website you can access at https://www.data-protection-authority.gv.at/.
— TLS encryption with https
We use https to transfer information on the internet in a tap-proof manner (data protection through technology design Article 25 Section 1 GDPR). With the use of TLS (Transport Layer Security), which is an encryption protocol for safe data transfer on the internet, we can ensure the protection of confidential information. You can recognise the use of this safeguarding tool by the little lock-symbol, which is situated in your browser’s top left corner, as well as by the use of the letters https (instead of http) as a part of our web address.
On our website we use Adobe Fonts, from the company Adobe Inc. (345 Park Avenue, San Jose, CA 95110-2704, USA).
Adobe does not set cookies in order to serve fonts.
Adobe is an active participant in the EU-U.S. Privacy Shield Framework, which regulates correct and secure transfer of personal data. More information can be found at https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active.
On https://www.adobe.com/mena_en/privacy/policies/adobe-fonts.html you can read more about what data is generally collected by Adobe and what this data is used for.
On our website, we use videos of the company Vimeo. This video portal is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. With the help of a plug-in, we can display interesting video material directly on our website. Consequently, some of your data may be transmitted to Vimeo.
Videos are embedded using the do not track parameter. This ensures a limited data gathering. In addition Vimeo does not set cookies due to this parameter.
When you open a site on our website that has a Vimeo video embedded to it, your browser will connect to Vimeo’s servers, and a data transmission will take place. The data are then collected, stored and processed on Vimeo’s servers. Regardless of whether you have a Vimeo account or not, Vimeo collects data about you. This includes your IP address, technical information about your browser type, your operating system or very basic device information. Furthermore, Vimeo store information on what website you use their service on and which actions (web activities) you carry out on our website. These web activities include e.g. session duration, bounce rate or which button you clicked on our site that contains a Vimeo function. Vimeo can track and store these actions using cookies and similar technologies.
If you are logged in as a registered member of Vimeo, more data may be collected, since a bigger number of cookies may already have been set in your browser. Furthermore, your actions on our website are directly linked to your Vimeo account. To prevent this, you must log out of Vimeo while “surfing” our website.
Vimeo use this data to improve their own service, to communicate with you and to implement their own targeted advertising measures. On their website they emphasise that only first-party cookies (i.e. cookies from Vimeo itself) are used for embedded videos, provided you do not interact with the video.
How long and where is the data stored?
Vimeo is headquartered in White Plains, New York (USA). However, their services are offered worldwide. For this, the company uses computer systems, databases and servers in the United States and other countries. Thus, your data may also be stored and processed on servers in America. Vimeo stores the data until the company no longer has an economical reason for keeping it. Then the data will be deleted or anonymised. Vimeo correspond to the EU-U.S. Privacy Shield Framework and are therefore allowed to collect and use information from users within the EU, and to transfer this data to the USA.