Privacy Policy

Privacy Policy

In all our business areas, we deal with confidential, sometimes even very personal information on a daily basis. For this reason alone, careful handling of data is a very important concern for us. We therefore strictly comply with the applicable data protection regulations and ensure that all data relating to our members, suppliers, project partners and interested parties (in short: data subjects) is protected against access by third parties by means of appropriate technical and organizational measures. The data will be processed, stored and used by the association's authorized and responsible persons only for the purposes described. Your personal data will be treated by us as strictly confidential. The details can be found in this privacy policy.

 

Overview of processing

 

  • Usage data
  • Location data
  • Contract data
  • Inventory data
  • Contact data
  • Metadata

 

Affected persons

 

  • Members
  • Business partners
  • Communication partners
  • Interested parties
  • Suppliers

 

Purposes

 

  • Provision of our online offer
  • Office and organizational procedures
  • Provision of offered services
  • Administration and answering of inquiries
  • Direct marketing
  • Contact requests
  • Reach
  • Security

 

Scope

This privacy policy is intended to inform the users of this website in accordance with the legal provisions (DSGVO, TKG 2003) about the nature, scope and purpose of the collection and use of personal data.

The website operator takes your data protection very seriously and treats your personal data confidentially and in accordance with the legal regulations.

Please bear in mind that data transmission on the Internet can always be subject to security vulnerabilities. A full protection against access by third parties is not feasible.

 

Person responsible for data processing

President Association Bereginja: Genia Lackey

Further details can be found on the page with our imprint.

 

Rights based on the DSGVO

 

§ 13 & 14 DSGVO you are entitled to the following rights, so that it comes to a fair and transparent processing of data. To ensure a transparent, understandable and clear presentation of the information for you, we have designed this information sheet in the form of a question and answer catalog.

 

§ Section 15 DSGVO a right to information about whether we process data from you. If this is the case, you have the right to receive a copy of the data and to know the following information:

 

For what purpose we carry out the processing and the categories, i.e. the types of data that are processed, who receives this data and if the data is transferred to third countries, how security can be guaranteed, how long the data is stored, the existence of the right to rectification, erasure or restriction of processing and the, right to object to processing.

 

You can complain to the supervisory authority about the origin of the data if we have not collected it from you and whether profiling is carried out, i.e. whether data is automatically evaluated to arrive at a personal profile of you.

 

§ 16 DSGVO a right to rectification of data, which means that we must correct data if you find errors.

 

§ 17 DSGVO the right to erasure ("right to be forgotten"), which specifically means that you may request the deletion of your data.

 

§ 18 DSGVO the right to restriction of processing, which means that we may only store the data but not use it further.

 

§ 19 DSGVO the right to data portability, which means that we may, upon

provide you with your data in a common format upon request.

 

§ 21 DSGVO a right to object, which after enforcement brings a change in the

Processing entails.

 

If the processing of your data is based on § 6 para. 1 lit. e (public interest, exercise of official authority) or § 6 para. 1 lit. f (legitimate interest), you may object to the processing. We will then check as soon as possible whether we can legally comply with this objection.

 

If data is used to conduct direct advertising, you may object to this type of data processing at any time. We may not use your data for direct marketing thereafter.

 

If data is used to carry out profiling, you may object to this type of data processing at any time.

 

§ Section 22 DSGVO under certain circumstances the right not to be subjected to a decision based exclusively on automated processing or if you believe that the processing of your data violates data protection law or your data protection rights have been violated in some other way, you can complain to the supervisory authority.

 

 

For Austria, this is the data protection authority, whose website can be found at https://www.dsb.gv.at/.

 

Data processing in third countries

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of using third-party services or disclosing or transferring data to other persons, entities or companies, this will only be done in accordance with legal requirements. Subject to express consent or contractually or legally required transfer, we only process or have data processed in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).

 

Collection and processing of data

We process your personal data exclusively in accordance with the provisions of the General Data Protection Regulation (DSGVO) and the Data Protection Act. In the following, we inform you about us and the type, scope and purpose of data collection and use.

We process those personal data that you provide to us as a user of the website and/or as a member through information, for example, for the fulfillment of the membership relationship, in particular for the fulfillment of the tasks assigned to us by you, as well as insofar as this results from legal obligations and authorizations, we process not only the master data (name, address, contact data, etc.) but also all data provided to us as well as data disclosed to us in the course of the membership relationship and collected - also by third parties - both in electronic and non-electronic form.

We only collect and process personal data that is contractually or legally required for the implementation and processing of our services or that you have voluntarily provided to us.

Personal data includes your personal details (these are, for example: Name, address, contact data, date and place of birth, nationality, etc.), legitimation data (e.g. ID data) and authentication data.

Furthermore, this may also include order data, data from the fulfillment of our contractual obligation, sales data, documentation data, register data, image and sound, and visual data (e.g. photos, video or telephone recordings), processing results, data to meet legal and regulatory requirements.

Data processing is carried out for the following purposes:

 

1. to fulfill contractual obligations (Art. 6 para. 1 lit. b DSGVO). 

The processing of personal data (Art. 4 No. 1 and No. 2 DSGVO) is carried out for the provision and mediation of our services which we make available to you, in particular for the execution of our contracts with you and the execution of your applications as well as all activities necessary with the operation and administration.

Furthermore, this takes place for the fulfillment of the membership relationship with you, thus for the fulfillment of a contract or already for the implementation of pre-contractual measures. In addition, we also have a legitimate interest in the processing of this data pursuant to Art. 6 (1) f) DSGVO, namely the processing using electronic systems in order to carry out our business processes with the greatest possible efficiency.

The purposes of data processing primarily depend on the specific product or service offered and may include, among other things, needs analyses, consulting and the performance of services of all kinds. The specific details on the purpose of data processing can be found in the respective contract documents and terms and conditions.

 

2. for the fulfillment of legal obligations (Art. 6 para. 1 lit. c DSGVO). 

Processing of personal data may be necessary for the purpose of fulfilling various legal obligations. Contract initiation and fulfillment according to Art. 6 para. 1 b DSGVO. In order to process your order, inquiry, contact to your fullest satisfaction, we need your data.

 

The provision of the aforementioned personal data is absolutely necessary for the fulfillment of the membership relationship and is mandatory due to legal provisions.

The non-provision as well as the revocation of any consent would result in the impracticability of the membership relationship and would lead to a mandatory immediate termination of the contractual relationship.

In rare cases, the processing of personal data could become necessary to protect vital interests of the data subject or another natural person pursuant to Art. 6 I lit. d DSGVO.

Finally, processing operations could be based on Art. 6 I lit. f DSGVO. Processing operations are based on this legal basis if they are necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden.

This would be, for example, processing in the course of our software development, IT security and IT operations, when we contact you to provide you with, among other things, product information, knowledge and understanding gaps or to inform you about changes within our company.

We also do not consider your interests to be violated if we send you (un)regular greeting letters, congratulations, anniversary wishes, etc., or if we use data analyses to detect clues for the prevention and investigation of criminal offences.

Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a member of the association (recital 47 sentence 2 DSGVO).

 

3. registration of users on the homepage

The data entered by the user during registration on our websites or forms are used for the purposes of using the offer. We store on our websites with registration function or forms the personal data provided during registration with consent as a personal profile, so that the user can log in with user name and password during future visits to the respective website.

By logging in to the websites with registration function or by means of forms, the member consents to the use and exploitation of the personal data provided by him/her, such as name, address, e-mail, telephone number, bank details for the proper performance of the contract, for billing and for advertising purposes. Member-related data will be stored and processed for member support and will only be passed on to third parties if this is necessary for the fulfillment of the contract.

We also send administrative notifications by e-mail that are part of the use of the respective product. Service notifications inform about important changes regarding our products. Unsubscribing from these e-mail notifications is only possible if the contractual relationship relating to the use of the product has also been terminated.

 

  • Data categories: Order data, member data, contact data, bank data, user data.
  • Purpose: provision of products and services, registration function, user account, account management, billing
  • Legal basis: fulfillment of contract, legitimate interest, consent, legal obligation.

 

4. ordering products and services (online and offline)

Products can be purchased from us on our websites, webshops and/or in the store as well as by means of printed order cards.

In order to process orders in the webshop, the processing of personal data is necessary. The data to be collected results from the respective input mask used for ordering processes. The corresponding invoices are stored in accordance with the statutory storage periods.

In order to process orders on our homepage, the processing of personal data may be necessary. The data to be collected is necessary for delivery and invoicing. Members can also provide their contact details, postal address, telephone number, e-mail for the creation of membership cards. The corresponding invoices are kept in accordance with the legal storage periods.

In order to process orders, the processing of personal data is necessary. The data to be collected result from the respective order and are necessary for delivery and invoicing. The corresponding invoices are stored in accordance with the statutory storage periods.

 

  • Data categories: Order data, membership data, contact data, bank data, user data.
  • Purpose: Order processing
  • Legal basis: Contract fulfillment, legal obligation

 

5. in the course of your consent (Art. 6 para. 1 lit. a DSGVO). 

In the course of consent to the processing of your personal data, processing will only take place in accordance with the purposes and to the extent agreed in the declaration of consent. Consent given can be revoked by you at any time with effect for the future (e.g. you can object to the processing of your personal data for marketing and advertising purposes if you no longer agree to processing in the future). Marketing and advertising pursuant to Art. 6 para. 1 lit. f DSGVO.

 

6. for the protection of legitimate interests (Art. 6 para. 1 lit. f DSGVO). 

As far as necessary, within the framework of balancing interests in favor of our association or a third party, data processing may take place beyond the actual fulfillment of the contract for the protection of legitimate interests of us or third parties. In the following cases, for example, data processing is carried out to safeguard legitimate interests:

 

  • Testing and optimization of procedures for demand analysis and direct member approach.
  • Advertising, unless you have objected to the use of your data in accordance with Art. 21 DSGVO.
  • Measures for business management and further development of services and products.

 

7. contacting with our contact form

On our website, there are contact forms for our members for e.g.: Reservations, data changes, complaints, request for confirmations, contact by one of our employees, or cooperation partners, callback forms and general contact forms. When you use these, you can enter the following data, for example:

  • Type of interest or information about the request
  • Personal information such as: Gender, title, name, subject, phone, date of birth or home address and a text.
  • Information on how you can be reached, such as telephone number and/or e-mail address
  • Additional information to facilitate processing of your request such as: Files, images, videos related to the request

 

We use this information in accordance with Art. 6 Para. 1 lit. b and f DSGVO to process and respond to your request quickly. We store this data for a maximum of six months after completion of your request, provided that the data is not further required for this purpose within the framework of a valid contract in accordance with our General Terms and Conditions and/or other contractual agreements or other statutory retention periods apply.

 

8. marketing and advertising

We use personal data to send you both general and tailored to your usage behavior information, offers and recommendations, from us or from our cooperation partners. However, we will only do so if you give us your consent in advance to contact you by e-mail, telephone, SMS or other channels to inform you in a timely manner about interesting offers, new developments and services.

We also give our existing members who have previously consented to receive a newsletter, or email advertising, the opportunity to receive personalized offers by allowing you to add your consent.

If you are not interested in receiving customized and relevant offers and services, but are only interested in general content, you may opt-out of receiving this newsletter.

Depending on the content of the consent you have given, you will receive offers and other information from us regarding our currently offered range of products and services or our other cooperation partners.

If you would like to receive customized and tailored information and recommendations, we can send you these, for example, about our products and services, current or individually tailored offers, coupons, competitions and campaigns and much more.

The creation of the content is based on evaluation of the following data: First name/last name, date of birth, address and contact data, about you, geo-data, device and browser information including your attributable usage behavior.

Geo data is used for so-called location-based services. Location-based services provide you with selective information using location-based data.

 

  • By preferences assigned to you we mean, for example, your stored method of contact, etc.
  • Member loyalty measures include information and more details about promotions and campaigns already sent to you, and other notices.
  • Device and browser information, including your attributable usage behavior, includes information about the devices you use (computer, laptop, smartphone, etc.) to visit our websites and the associated web browsers (e.g. Internet Explorer, Firefox, Safari, etc.).

 

You can revoke your consent at any time without giving reasons.

In this case, we will not send you any offers or information by e-mail, newsletter or other communication media.

In all other cases, please contact us.

If you do not wish to be included in our direct marketing activities, you have the right to object to this (Art. 21 (2) and Art. 22 DSGVO).

If you have exercised your right and decided against the use of your personal data for advertising purposes (in particular direct advertising), you will no longer receive information, offers and news according to your request.

 

Messenger

We use messengers for communication purposes and therefore ask you to observe the following information on the functionality of the messengers, on encryption, on the use of the metadata of the communication and on your objection options. However, we would also like to point out to our communication partners that the providers of the messengers cannot view the content, but they can find out that and when communication partners communicate with us and that technical information about the device used by the communication partners and, depending on the settings of their device, also location information (so-called metadata) is processed.

In the case of end-to-end encryption of content, we point out that the communication content is encrypted from end to end. This means that the content of the messages cannot be viewed, not even by the messenger providers themselves. You should always use a current version of Messenger with encryption enabled to ensure that the message content is encrypted.

Notes on legal basis: If we ask communication partners for permission before communicating with them via Messenger, the legal basis of our processing of their data is their consent. Otherwise, if we do not ask for permission and they contact us on their own initiative, for example, we use Messenger in relation to our contractual partners and in the context of contract initiation as a contractual measure and, in the case of other interested parties and communication partners, on the basis of our legitimate interests in fast and efficient communication and meeting the needs of our communication partners in communication via Messenger.

Revocation, objection and deletion: You may revoke any consent given and object to communication with us via Messenger at any time. In the case of communication via Messenger, we delete the messages in accordance with our general deletion guidelines (i.e., e.g., as described above, after the end of contractual relationships, in the context of archiving requirements, etc.) and otherwise as soon as we can assume to have answered any information provided by the communication partners, if no reference to a previous conversation is to be expected and the deletion does not conflict with any legal retention obligations.

Reservation of reference to other communication channels: Finally, we would like to point out that, for reasons of your security, we reserve the right not to answer inquiries via Messenger. This is the case if, for example, contractual internals require special confidentiality or an answer via Messenger does not meet formal requirements. In such cases, we will refer you to more adequate communication channels.

 

Video conferencing, online meetings, webinars and screen sharing

We use platforms and applications of other providers (hereinafter referred to as "Third Party Providers") for the purpose of conducting video and audio conferences, webinars and other types of video and audio meetings. When selecting the third-party providers and their services, we observe the legal requirements.

In this context, data of the communication participants is processed and stored on the servers of the third-party providers, insofar as this is part of communication processes with us. This data may include, in particular, registration and contact data, visual as well as vocal contributions and entries in chats and shared screen contents.

If users are referred to third-party providers or their software or platforms in the course of communication, business or other relationships with us, the third-party providers may process usage data and metadata for security purposes, service optimization or marketing purposes. We therefore ask you to observe the data protection notices of the respective third-party providers.

Notes on legal bases: If we ask users for their consent to use the third-party providers or certain functions (e.g. consent to a recording of conversations), the legal basis of the processing is consent. Furthermore, their use may be a component of our (pre)contractual services, provided that the use of the third-party providers was agreed upon in this context. Otherwise, user data is processed on the basis of our legitimate interests in efficient and secure communication with our communication partners. In this context, we would additionally like to refer you to the information on the use of cookies in this privacy policy.

 

Types of data processed: 

  • Inventory data (e.g. names, addresses),
  • Contact data (e.g. e-mail, telephone numbers),
  • Content data (e.g. entries in online forms),
  • Usage data (e.g. websites visited, interest in content, access times),
  • Meta/communication data (e.g., device information, IP addresses).

 

Data subjects:

  • Communication partners, (e.g. ZOOM participants).
  • Users (e.g., website visitors, users of online services).

 

Purposes of processing:

  • Provision of contractual services,
  • Contact requests and communication,
  • Office and organizational procedures.

 

Legal basis:

  • Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO),
  • Contract performance and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. b. DSGVO),
  • legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).

 

Software used:

  • Jimdo: website: https://jimdo.com, Privacy: https://www.jimdo.com/info/privacy/
  • ZOOM: website: https://zoom.us; Privacy: https://explore.zoom.us/de/privacy/ 
  • Telegram: website: https://telegram.org; Privacy: https://telegram.org/privacy/; FAQ https://telegram.org/faq/ 
  • Moodle: website: https://moodle.org/ Privacy: https://moodle.com/privacy-notice/ 

 

Internal use of audiovisual media: 

I/we hereby consent to having photographs or video recordings made of me during internal (online) events for the purpose of storing research material and for the gallery. These recordings will remain on the Bereginja platform for at least one full year and may be added to the internal media library for future cohorts. 

I/we do not derive any rights (e.g. remuneration) from this consent.

This declaration of consent is a prerequisite for participation in online Bereginja events and courses.

 

External Use of Audiovisual Media: 

 

I/we hereby consent that during (online) events photo or video recordings of me may be made for the purpose of public relations work of the association, used for this purpose and published via live stream (transmission via the Internet at the time of the recordings, with and without storage), via the Internet (accessible at any time worldwide by anyone) and in social media (accessible at any time worldwide by anyone). 

I/we do not derive any rights (e.g. remuneration) from this consent.

This declaration of consent can be revoked at any time by sending an e-mail to info@weiber-yoga.at. 

 

Cookies

Cookies are used on our website to store user-specific data.

In the following, we explain what cookies are and why they are used so that you can better understand the following privacy policy.

Whenever you browse the Internet, you use a browser. Most websites store small text files in your browser. These files are called cookies. Almost all websites use cookies. More specifically, they are HTTP cookies, as there are other cookies for other uses. HTTP cookies are small files that are stored on your computer by our website.

Cookies store certain user data from you, such as language or personal

page settings. When you return to our site, your browser sends the information back to our site.

information back to our site. Thanks to cookies, our site knows who you are and offers you the setting you are used to. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.

 

Logging of e-mail traffic

To ensure adequate information and system security and to detect malware, we store log data on e-mail traffic. When you send an e-mail to one of our addresses, the following data is logged: E-mail and IP address of the recipient and the sender, number of recipients, subject, date and time of receipt by the server, file name of any attachments, size of the message, risk classification for spam and delivery status. In a first step, e-mails are checked purely automatically. Only in the case of suspicion of a threat to the security of the IT systems are individual e-mails checked manually by responsible persons.

In addition, we process your personal data in connection with e-mails, where necessary, for the duration of the entire business initiation and beyond that in accordance with the statutory retention and documentation obligations.

Phishing 

It is possible for fraudsters to forge e-mails and websites in order to obtain your confidential data, such as passwords and other personal or sensitive data. This practice is called "phishing." Please note that we will never send you e-mails or anything else in which you are asked to provide us with strictly confidential personal data, such as your bank account details, credit card number, password, etc., under false pretenses. Further information on phishing e-mails and how you can protect yourself can be found, for example, at https://www.help.gv.at/Portal.Node/hlpd/public/content/172/Seite.1720500.html.

Contact data, contact form and e-mail

If you contact us via the channels offered on our website, including the contact form available there, your details will be stored so that they can be used to process and respond to your inquiry. This data will not be passed on to third parties without your consent.

Who receives your data?

Only those offices or employees and cooperation partners of our association receive your data that need them to fulfill contractual, legal and supervisory obligations as well as legitimate interests. In addition, processors commissioned by us (in particular IT and back-office service providers) will receive your data if they require the data to perform their respective services. All processors are contractually obligated to treat your data confidentially and to process it only in the context of providing the service.

Public bodies and institutions may be recipients of your personal data if there is a legal or regulatory obligation.

For the storage of invoices, contracts and all activities necessary for the processing of the commissioned service, we use office software such as Microsoft Office, which is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with the European level of data protection.

Furthermore, we would like to point out that our association is obligated to maintain confidentiality about all member-related information and facts that have been entrusted to us or made accessible to us as a result of the business relationship.

We may therefore only disclose your personal data to third parties if you have expressly released us from this obligation in writing in advance or if we are required or authorized to do so by law or supervisory authority. Recipients of personal data in this context may be other cooperation partners or comparable institutions to which we transfer data in order to carry out the business relationship with you (depending on the contract, this may be e.g. correspondent banks, credit agencies, etc.).

How long is your data stored?

We process your personal data, insofar as necessary, for the duration of the entire business relationship [from the (pre-contractual) initiation, processing to the termination of a contract] and beyond that in accordance with the statutory retention and documentation obligations, which result, among other things, from the Austrian Commercial Code (UGB). An extension may arise, among other things, due to warranty and liability claims.

Furthermore, we must take into account the statutory limitation periods for the storage period, which, for example, according to the General Civil Code (ABGB) can generally be 30 years (in certain cases it is only 5 years).

We generally retain your personal data for up to 30 years to defend against liability claims. In cases where such claims are excluded in any case, the retention period is at least seven years. If no other instructions are given, the documents and all information provided will be destroyed after the retention period has expired.

Are you obliged to provide data as part of the business relationship?

You are only required to provide personal data that is necessary for the establishment and performance of the business relationship and that we are obligated to collect. If you do not provide us with this data, we will usually have to refuse to conclude the contract or execute the order, or will no longer be able to perform an existing contract and consequently have to terminate it. Under no circumstances, however, are you obliged to provide us with those data that are not relevant for the performance of the contract or are not required by law and/or regulation.

E-mail marketing

In order to keep you up to date, we also use the possibility of e-mail marketing. If you have agreed to receive our e-mails or newsletters, your data will also be processed and stored. E-mail marketing is a sub-area of online marketing. 

It involves sending news or general information about a company, products or services by e-mail to a specific group of people who are interested in them. 

If you want to participate in our e-mail marketing (usually via newsletter), you usually just have to register with your e-mail address. To do this, you fill out an online form and submit it. However, it may also happen that we ask you for your title and name, for example, so that we can write to you personally.

In principle, the registration for newsletters works with the help of the so-called "double opt-in procedure". After you have registered for our newsletter on our website, you will receive an e-mail to confirm your newsletter registration. This ensures that the e-mail address belongs to you and that no one has registered with a third-party e-mail address. We or a

notification tool used by us logs each individual registration. This is necessary so that we can also prove the legally correct registration process. As a rule, the time of registration, the time of the registration confirmation and your IP address are stored. In addition, it is also logged when you make changes to your stored data.

Why do we use e-mail marketing?

We naturally want to stay in touch with you and always present you with the most important news about our company. To do this, we use, among other things, e-mail marketing - often just referred to as "newsletters" - as an essential part of our online marketing. If you agree to it or if it is permitted by law, we will send you newsletters, system e-mails or other notifications by e-mail. When we use the term "newsletter" in the following text, we mainly mean e-mails sent on a regular basis. 

For example, you will learn more about our company, our services or products. Since we are always improving our offers, our newsletter will also tell you when there is news or when we are offering special, lucrative promotions. If we use a service provider that offers a professional mailing tool for our e-mail marketing, we do so in order to be able to offer you fast and secure newsletters. The purpose of our email marketing is basically to inform you about new offers and also to get closer to our business goals.

What data is processed?

When you become a subscriber to our newsletter via our website, you confirm by email that you are a member of an email list. In addition to IP address and e-mail address, your salutation, name, address and telephone number may also be stored. However, only if you agree to this data storage. In addition, information about your device or your preferred content on our website may be stored. You can find out more about the storage of data when you visit a website in the section "Automatic data storage“.

Duration of data processing

If you unsubscribe your email address from our email/newsletter distribution list, we may store your address for up to five years based on our legitimate interests so that we can still prove your consent at the time. We may only process this data if we need to defend ourselves against any claims. However, if you confirm that you have given us your consent to subscribe to the newsletter, you can submit an individual deletion request at any time. If you permanently object to the consent, we reserve the right to store your e-mail address in a blacklist. As long as you have voluntarily subscribed to our newsletter, we will of course also keep your e-mail address.

Revocation

You have the possibility to cancel your newsletter subscription at any time. All you have to do is revoke your consent to the newsletter subscription. This usually takes only a few seconds or one or two clicks. Most of the time, you will find a link to cancel your newsletter subscription right at the end of each email. If the link cannot be found in the newsletter, please contact us by mail and we will cancel your newsletter subscription immediately.

Legal basis

The sending of our newsletter is based on your consent (Article 6 (1) a DSGVO). This means that we may only send you a newsletter if you have actively registered for it beforehand. If consent is not required, then the newsletter dispatch is based on the legitimate interest in direct marketing (Article 6 (1) (f)), provided this is legally permitted. Even if we commission a service provider, this happens on the basis of our legitimate interest.

 

Access data

The website operator or page provider collects data about accesses to the page and stores them as "server log files". The following data is logged in this way:

  • visited website
  • Time at the time of access
  • Amount of data sent in bytes
  • source/reference from which you came to the page
  • browser used
  • operating system used
  • IP address used

The collected data is only used for statistical analysis and to improve the website. However, the website operator reserves the right to check the server log files retrospectively if there are concrete indications of illegal use.

Use of personal data

Insofar as you have provided us with personal data as a user of our website and/or member, we use this data exclusively to answer your inquiries, to process contracts and for technical administration.

Personal data will only be passed on or otherwise transferred to third parties by us if this is necessary for the purpose of contract processing or for billing purposes or if you, as a user of the website and/or member, have given your prior consent. As a user of the website and/or member, you have the right to revoke any consent given at any time with effect for the future.

Stored personal data will be deleted if you, as a user of the website and/or member, revoke your consent to storage, if your data is no longer required to fulfill the purpose for which it was stored, or if its storage is or becomes inadmissible for other legal reasons. Data for accounting and bookkeeping purposes are subject to the legal obligation to keep records in accordance with the Federal Tax Code and are not affected by a request for deletion.

Information, correction and deletion

Upon written request, we will be happy to inform you at any time about the personal data stored about you. You will find the necessary data for this on our contact email address.

If your data processed by us is not correct, please inform us. We will correct it immediately and inform you about it.

In the event that you no longer wish your data to be processed by us, we request that you inform us of this informally. We will of course delete your data immediately and inform you of this. If there are compelling legal reasons for deletion, we will inform you immediately.

In addition, you have the right to restriction of processing on data transfer. If you are of the opinion that we have violated Austrian or European data protection law in the processing of your data and thereby violated your rights, we request that you contact us in order to clarify any issues. Of course, you also have the right to complain to the data protection authority or a European supervisory authority or to appeal to the courts.

Performance of tasks according to the articles of association or rules of procedure

We process the data of our members, supporters, interested parties, business partners or other persons (collectively, "data subjects") if we have a membership or other business relationship with them and perform our tasks and are recipients of services and benefits. In addition, we process the data of data subjects on the basis of our legitimate interests, e.g. when administrative tasks or public relations work are involved.

The data processed in this context, the nature, scope and purpose of the data and the necessity of its processing, are determined by the underlying membership or contractual relationship, which also determines the necessity of any data disclosures (in other respects, we refer to required data).

We delete data that is no longer required to fulfill our statutory and business purposes. This is determined according to the respective tasks and contractual relationships. We retain the data for as long as they may be relevant for business processing, as well as with regard to any warranty or liability obligations based on our legitimate interests in their regulation. The necessity of retaining the data is reviewed regularly; in all other respects, the statutory retention obligations apply.

  • Types of data processed: inventory data (e.g., names, addresses), payment data (e.g., bank details, invoices, payment history), contact data (e.g., e-mail, telephone numbers), contract data (e.g., subject matter of contract, term, membership category).
  • Data subjects: Users (e.g., website visitors, users of online services), members, business and contractual partners.
  • Purposes of processing: provision of contractual services and member services, contact requests and communication, administration and response to requests
  • Legal basis: contract performance and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. b. DSGVO), legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).

 

Business services

We process data of our contractual and business partners, e.g. members and interested parties (collectively referred to as "contractual partners") in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g. to answer inquiries.

We process this data to fulfill our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organization. Within the framework of applicable law, we only disclose the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or to fulfill legal obligations, or with the consent of the data subjects (e.g. to participating telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). Contractual partners will be informed about other forms of processing, e.g. for marketing purposes, as part of this data protection declaration.

We delete the data after the expiry of legal warranty and comparable obligations, i.e., generally after 10 years, unless the data is stored in a member account, e.g., as long as it must be retained for legal archiving reasons. We delete data disclosed to us by the contractual partner in the context of an order in accordance with the specifications of the order, in principle after the end of the order.

Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms shall apply in the relationship between the users and the providers.

 

Events: 

We process the data of participants in the events, functions and similar activities offered or hosted by us (hereinafter uniformly referred to as "Participants" and "Events") in order to enable them to participate in the Events and take advantage of the services or promotions associated with participation.

If we process health-related data, religious, political or other special categories of data in this context, then this is done within the scope of disclosure (e.g., for thematically oriented events or serves health care, safety or is done with the consent of the data subjects).

The required information is identified as such in the context of the order, order or comparable contract conclusion and includes the information required for the provision of services and billing, as well as contact information in order to be able to hold any consultations. To the extent that we obtain access to information of members or others, we process it in accordance with legal and contractual requirements.

Other Commercial Services Information: We process the data of our members as well as clients in order to enable them to select, purchase or commission the chosen services or works as well as related activities as well as their payment and delivery or execution or performance.

The required data is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the data required for the provision of services and billing as well as contact information in order to be able to hold any consultations.

  • Types of data processed: inventory data (e.g., names, addresses), payment data (e.g., bank details, invoices, payment history), contact data (e.g., e-mail, telephone numbers), contract data (e.g., subject matter of contract, term, membership category).
  • Data subjects: Interested parties, business and contractual partners, members.
  • Purposes of processing: provision of contractual services and member services, contact inquiries and communication, office and organizational procedures, administration and response to inquiries
  • Legal grounds: contract performance and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. b. DSGVO), legal obligation (Art. 6 para. 1 p. 1 lit. c. DSGVO), legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).

 

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. 

In this way, we make it as difficult as possible, within the scope of our possibilities, for third parties to infer personal information from our data.

Article 25 of the GDPR speaks here of "data protection through technical design and through data protection-friendly default settings" and thus means that security is always taken into account in both software and hardware and that appropriate measures are taken. In the following, we will go into more detail on specific measures, if necessary.

 

TLS encryption with https TLS, encryption and https sound very technical, and they are. We use HTTPS (Hypertext Transfer Protocol Secure stands for "secure hypertext transfer protocol") to transfer data over the Internet in a tap-proof manner.

 

This means that the complete transmission of all data from your browser to our web server is secured - no one can "listen in".

Thus, we have implemented an additional layer of security and fulfill data protection by design of technology Article 25(1) DSGVO). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.

 

You can recognize the use of this protection of data transmission by the small lock symbol at the top left of the browser, to the left of the Internet address (e.g., beispielseite.de) and the use of the scheme https (instead of http) as part of our Internet address.

If you want to know more about encryption, we recommend a Google search for "Hypertext Transfer Protocol Secure Wiki" to get good links to further information.

 

Web Hosting - Web Server

 

When you visit websites, certain information - including personal data - is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification

 

By website we mean the totality of all web pages on a domain, i.e. everything from the home page to the very last sub-page.

When you want to view a website on a screen, you use a program called a web browser to do it. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari.

 

This web browser needs to connect to another computer where the website's code is stored: the web server. Running a web server is a complicated and costly task, which is why this is usually done by professional providers, the providers. These offer web hosting and thus ensure reliable and error-free storage of website data.

When the browser on your computer (desktop, laptop, smartphone) connects and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, on the other hand, the web server also needs to store data for a while to ensure proper operation.

 

The purposes of data processing are professional hosting of the website and safeguarding its operation, for reasons of operational security and to compile access statistics. Even while you are visiting our website right now, our web server, which is the computer on which this website is stored, usually automatically saves data such as: the complete Internet address of the website you are visiting, the browser and browser version or the operating system you are using.

Furthermore, the address of the previously visited page (referrer URL) or / and the host name and IP address of the device from which access is made. The date and time in files, the so-called web server log files and much more.

As a rule, the above data is stored for two weeks and then automatically deleted.

Updating this privacy policy

We reserve the right to adapt this data protection declaration to technical developments as well as legal changes if necessary or to update it in connection with the offer of new services or products.