Privacy Policy

Status: 26 May 2025

Table of Contents

Controller

Andreas Schwab
softworx by andreas schwab
Schillinghofstraße 61
5023 Salzburg
Austria

Email address: andreas.schwab@softworx.at

Legal Notice: https://www.softworx.at/en/legal-notice

Overview of Processing Activities

The following overview summarizes the types of data processed, the purposes of processing, and the data subjects concerned.

Types of Data Processed

  • Inventory data.
  • Contact data.
  • Content data.
  • Usage data.
  • Meta, communication and procedural data.
  • Log data.

Categories of Data Subjects

  • Communication partners.
  • Users.

Purposes of Processing

  • Provision of contractual services and performance of contractual obligations.
  • Communication.
  • Security measures.
  • Reach measurement.
  • Organizational and administrative procedures.
  • Feedback.
  • Profiles with user-related information.
  • Provision of our online offering and user-friendliness.
  • Information technology infrastructure.

Applicable Legal Bases

Applicable legal bases under the GDPR: Below is an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or registered office. If more specific legal bases apply in individual cases, we will inform you of these in the privacy policy.

  • Consent (Art. 6(1)(a) GDPR) – The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Performance of a contract and pre-contractual inquiries (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legitimate interests (Art. 6(1)(f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

National data protection regulations in Austria: In addition to the GDPR, national data protection regulations apply in Austria. These include, in particular, the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Datenschutzgesetz – DSG). The Datenschutzgesetz contains specific provisions on the right of access, the right to rectification or deletion, the processing of special categories of personal data, processing for other purposes and on transmission as well as on automated individual decision-making.

Notice on the applicability of the GDPR and the Swiss FADP: These privacy notices serve to provide information under both the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR). For broader applicability and clarity, the terms of the GDPR are used. In particular, instead of the terms used in the Swiss FADP (“processing” of “personal data”, “overriding interest” and “particularly worthy of protection personal data”), the terms used in the GDPR (“processing” of “personal data” as well as “legitimate interest” and “special categories of data”) are used. The legal meaning of the terms is, however, determined under the Swiss FADP where it applies.

Security Measures

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.

Measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to data as well as access, input, transfer, ensuring availability, and separation of data. Furthermore, we have established procedures to ensure the exercise of data subjects’ rights, deletion of data and responses to data threats. We also take the protection of personal data into account when developing or selecting hardware, software and procedures, in accordance with the principle of data protection through technology design and by default settings.

Disclosure of Personal Data

In the course of processing personal data, it may happen that such data is transmitted to other entities, companies, legally independent organizational units or persons, or disclosed to them. Recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.

International Data Transfers

Data processing in third countries: If we transfer data to a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or this occurs in the context of using third-party services or disclosure/transmission of data to other persons, entities or companies (which is apparent from the provider’s postal address or where this privacy policy expressly refers to data transfers to third countries), this is always done in compliance with legal requirements.

For data transfers to the USA, we primarily rely on the Data Privacy Framework (DPF), which was recognized as a secure legal framework by an adequacy decision of the EU Commission on 10 July 2023. In addition, we have concluded Standard Contractual Clauses with the respective providers that comply with the EU Commission’s requirements and establish contractual obligations to protect your data.

This dual safeguard ensures comprehensive protection of your data: the DPF forms the primary layer of protection, while the Standard Contractual Clauses serve as an additional safety measure. Should changes occur regarding the DPF, the Standard Contractual Clauses act as a reliable fallback option. In this way, we ensure that your data remains adequately protected even in the event of political or legal changes.

For each individual service provider, we inform you whether they are certified under the DPF and whether Standard Contractual Clauses are in place. Further information on the DPF and a list of certified companies can be found on the website of the U.S. Department of Commerce at https://www.dataprivacyframework.gov/ (in English).

For data transfers to other third countries, corresponding safeguards apply, in particular Standard Contractual Clauses, explicit consent, or legally required transfers. Information on third-country transfers and applicable adequacy decisions can be found in the information provided by the European Commission: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en?prefLang=de.

General Information on Data Storage and Deletion

We delete personal data that we process in accordance with legal provisions as soon as the underlying consents are withdrawn or no further legal bases for processing exist. This applies in cases where the original processing purpose no longer exists or the data is no longer needed. Exceptions apply if legal obligations or particular interests require longer retention or archiving of the data.

In particular, data that must be retained for commercial or tax reasons, or whose retention is necessary for legal prosecution or to protect the rights of other natural or legal persons, must be archived accordingly.

Our privacy notices contain additional information on the retention and deletion of data that applies specifically to certain processing operations.

Where multiple retention periods or deletion deadlines are specified for data, the longest period shall always apply.

If a period does not expressly begin on a specific date and is at least one year, it automatically starts at the end of the calendar year in which the event triggering the period occurred. In the case of ongoing contractual relationships within which data is stored, the triggering event is the effective date of termination or other ending of the legal relationship.

Data that is no longer processed for its original purpose but retained due to legal requirements or other reasons is processed solely for the reasons justifying its retention.

Further notes on processing operations, procedures and services:

  • Retention and deletion of data: The following general periods apply under Austrian law for retention and archiving:
    • 10 years – Retention period for books and records, annual financial statements, inventories, management reports, opening balance sheets, accounting vouchers and invoices, as well as all necessary work instructions and other organizational documents (Federal Fiscal Code (BAO §132), Commercial Code (UGB §§190–212)).
    • 6 years – Other business documents: received commercial or business letters, copies of dispatched commercial or business letters, and other documents insofar as they are relevant for tax purposes. These include, for example, hourly wage slips, cost accounting sheets, calculation documents, price labels, and payroll documents, provided they are not already accounting vouchers and till receipts (Federal Fiscal Code (BAO §132), Commercial Code (UGB §§190–212)).
    • 3 years – Data required to consider potential warranty and damages claims or similar contractual claims and rights, as well as to handle related inquiries, based on previous business experience and customary industry practice, are stored for the duration of the regular statutory limitation period of three years (§§ 1478, 1480 ABGB).

Rights of Data Subjects

Rights of data subjects under the GDPR: As a data subject, you have various rights under the GDPR, in particular those arising from Articles 15 to 21 GDPR:

  • Right to object: You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is based on Article 6(1)(e) or (f) GDPR; this also applies to profiling based on those provisions. Where personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing; this also applies to profiling to the extent that it is related to such direct marketing.
  • Right to withdraw consent: You have the right to withdraw consent at any time.
  • Right of access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed and, where that is the case, access to the personal data and to further information and copies of the data in accordance with legal requirements.
  • Right to rectification: You have the right, in accordance with legal requirements, to request the completion of data concerning you or the rectification of inaccurate data concerning you.
  • Right to erasure and restriction of processing: You have the right, in accordance with legal requirements, to request that data concerning you be erased without delay, or alternatively to request restriction of processing of the data in accordance with legal requirements.
  • Right to data portability: You have the right to receive the data concerning you that you have provided to us in a structured, commonly used and machine-readable format in accordance with legal requirements, or to request its transmission to another controller.
  • Complaint to a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

Provision of the Online Offering and Web Hosting

We process users’ data in order to provide our online services. For this purpose, we process the user’s IP address, which is necessary to transmit the content and functions of our online services to the user’s browser or device.

  • Types of data processed: Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions); meta, communication and procedural data (e.g., IP addresses, timestamps, identifiers, persons involved). Log data (e.g., log files regarding logins or data retrieval or access times.).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Provision of our online offering and user-friendliness; information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)). Security measures.
  • Retention and deletion: Deletion according to the details in the section “General Information on Data Storage and Deletion”.
  • Legal bases: Legitimate interests (Art. 6(1)(f) GDPR).

Further notes on processing operations, procedures and services:

  • Provision of online offering on rented storage space: To provide our online offering, we use storage space, computing capacity and software that we rent or otherwise obtain from a corresponding server provider (also called “web host”); Legal bases: Legitimate interests (Art. 6(1)(f) GDPR).
  • Collection of access data and log files: Access to our online offering is recorded in the form of so-called “server log files”. Server log files may include the address and name of the web pages and files retrieved, the date and time of retrieval, transferred data volumes, notification of successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), and, as a rule, IP addresses and the requesting provider. Server log files can be used for security purposes, e.g., to avoid overloading the servers (particularly in the case of abusive attacks, so-called DDoS attacks), and also to ensure server utilization and stability; Legal bases: Legitimate interests (Art. 6(1)(f) GDPR). Deletion of data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data that must be retained for evidence purposes is excluded from deletion until the respective incident has been finally clarified.
  • netcup: Services in the field of provision of information technology infrastructure and related services (e.g., storage space and/or computing capacities); Service provider: netcup GmbH, Daimlerstraße 25, D-76185 Karlsruhe, Germany; Legal bases: Legitimate interests (Art. 6(1)(f) GDPR); Website: https://www.netcup.de/; Privacy Policy: https://www.netcup.de/kontakt/datenschutzerklaerung.php. Data Processing Agreement: https://helpcenter.netcup.com/de/wiki/general/avv/.

Use of Cookies

The term “cookies” refers to functions that store information on users’ end devices and read information from them. Cookies can be used for different purposes, such as ensuring the functionality, security and convenience of online offerings, as well as producing analyses of visitor flows. We use cookies in accordance with legal requirements. Where necessary, we obtain users’ prior consent. Where consent is not necessary, we rely on our legitimate interests. This applies where storing and reading information is essential to provide expressly requested content and functions. This includes, for example, storing settings and ensuring the functionality and security of our online offering. Consent can be withdrawn at any time. We provide clear information about the scope of processing and which cookies are used.

Notes on legal bases: Whether we process personal data by means of cookies depends on consent. Where consent is given, it serves as the legal basis. Without consent, we rely on our legitimate interests as explained above in this section and in the context of the respective services and procedures.

Retention period: With regard to the retention period, the following types of cookies are distinguished:

  • Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their end device (e.g., browser or mobile application).
  • Permanent cookies: Permanent cookies remain stored even after the end device is closed. For example, the login status can be saved and preferred content displayed directly when the user visits a website again. Data collected using cookies can also be used for reach measurement. Unless we provide users with explicit information on the type and retention period of cookies (e.g., in the context of obtaining consent), they should assume that they are permanent and that the retention period can be up to two years.

General notes on withdrawal and objection (opt-out): Users can withdraw their consent at any time and can also object to processing in accordance with legal requirements, including via the privacy settings of their browser.

  • Types of data processed: Meta, communication and procedural data (e.g., IP addresses, timestamps, identifiers, persons involved).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Legal bases: Legitimate interests (Art. 6(1)(f) GDPR). Consent (Art. 6(1)(a) GDPR).

Further notes on processing operations, procedures and services:

  • Processing of cookie data based on consent: We use a consent management solution through which users’ consent to the use of cookies or to the procedures and providers specified within the consent management solution is obtained. This procedure serves to obtain, record, manage and withdraw consents, in particular regarding the use of cookies and comparable technologies used for storing, reading and processing information on users’ end devices. In this context, users’ consents to the use of cookies and the associated processing of information, including the specific processing and providers mentioned in the consent management procedure, are obtained. Users also have the option to manage and withdraw their consents. Consent declarations are stored to avoid repeat queries and to provide proof of consent in accordance with legal requirements. Storage takes place server-side and/or in a cookie (so-called opt-in cookie) or by means of comparable technologies to be able to assign consent to a specific user or their device. Unless specific information on providers of consent management services is provided, the following general notes apply: The duration of consent storage is up to two years. A pseudonymous user identifier is created and stored together with the time of consent, details of the scope of consent (e.g., relevant categories of cookies and/or service providers), as well as information about the browser, system and device used; Legal bases: Consent (Art. 6(1)(a) GDPR).

Registration, Login and User Account

Users can create a user account. During registration, users are informed of the required mandatory information, which is processed for the purpose of providing the user account on the basis of contractual performance. Data processed includes, in particular, login information (username, password and an email address).

In the context of using our registration and login functions and using the user account, we store the IP address and the time of the respective user action. Storage is based on our legitimate interests and those of users in protection against abuse and other unauthorized use. This data is not shared with third parties as a rule unless necessary to pursue our claims or there is a legal obligation to do so.

Users may be informed by email about operations that are relevant to their user account, such as technical changes.

  • Types of data processed: Inventory data (e.g., full name, residential address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and posts and related information, such as authorship or time of creation); usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions). Log data (e.g., log files regarding logins or data retrieval or access times.).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Provision of contractual services and performance of contractual obligations; security measures; organizational and administrative procedures. Provision of our online offering and user-friendliness.
  • Retention and deletion: Deletion according to the details in the section “General Information on Data Storage and Deletion”. Deletion upon termination.
  • Legal bases: Performance of a contract and pre-contractual inquiries (Art. 6(1)(b) GDPR). Legitimate interests (Art. 6(1)(f) GDPR).

Further notes on processing operations, procedures and services:

  • Registration with pseudonyms: Users may use pseudonyms as usernames instead of real names; Legal bases: Performance of a contract and pre-contractual inquiries (Art. 6(1)(b) GDPR).

Blogs and Publication Media

We use blogs or comparable means of online communication and publication (hereinafter “publication medium”). Readers’ data is processed for the purposes of the publication medium only to the extent necessary for its presentation and for communication between authors and readers or for security reasons. Otherwise, we refer to the information on processing visitors to our publication medium in this privacy notice.

  • Types of data processed: Inventory data (e.g., full name, residential address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and posts and related information, such as authorship or time of creation); usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions). Meta, communication and procedural data (e.g., IP addresses, timestamps, identifiers, persons involved).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Feedback (e.g., collecting feedback via online form); provision of our online offering and user-friendliness; security measures. Organizational and administrative procedures.
  • Retention and deletion: Deletion according to the details in the section “General Information on Data Storage and Deletion”.
  • Legal bases: Legitimate interests (Art. 6(1)(f) GDPR).

Further notes on processing operations, procedures and services:

  • Comments and posts: When users leave comments or other posts, their IP addresses may be stored on the basis of our legitimate interests. This is for our security in case someone leaves unlawful content in comments and posts (insults, prohibited political propaganda, etc.). In such a case, we ourselves can be held liable for the comment or post and are therefore interested in the author’s identity.

    Furthermore, on the basis of our legitimate interests, we reserve the right to process users’ information for the purpose of spam detection.


    On the same legal basis, in the case of surveys we reserve the right to store users’ IP addresses for the duration of the survey and to use cookies to prevent multiple votes.


    The information provided within comments and posts about the person, any contact and website information, as well as the content details, will be stored by us permanently until users object; Legal bases: Legitimate interests (Art. 6(1)(f) GDPR).


  • Retrieval of WordPress emojis and smilies: Retrieval of WordPress emojis and smilies – Within our WordPress blog, graphical emojis (or smilies), i.e., small graphic files expressing feelings, are used for the efficient integration of content elements and are obtained from external servers. The providers of the servers collect users’ IP addresses. This is necessary so that the emoji files can be transmitted to users’ browsers; Service provider: Aut O’Mattic A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland; Legal bases: Legitimate interests (Art. 6(1)(f) GDPR); Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy; Data Processing Agreement: Provided by the service provider. Basis for third-country transfers: Data Privacy Framework (DPF), Standard Contractual Clauses (provided by the service provider), Data Privacy Framework (DPF)Standard Contractual Clauses (provided by the service provider).
  • Akismet Anti-Spam check: Akismet Anti-Spam check – We use the “Akismet” service on the basis of our legitimate interests. With the help of Akismet, comments from real people are distinguished from spam comments. For this purpose, all comment information is sent to a server in the USA, where it is analyzed and stored for four days for comparison purposes. If a comment has been classified as spam, the data will be stored beyond this period. This information includes the entered name, email address, IP address, comment content, referrer, information about the used browser and computer system, and the time of entry.

    Users are welcome to use pseudonyms or to refrain from entering their name or email address. They can completely prevent the transmission of data by not using our comment system. This would be a pity, but unfortunately we see no alternatives that work equally effectively; Service provider: Aut O’Mattic A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland; Legal bases: Legitimate interests (Art. 6(1)(f) GDPR); Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy/; Data Processing Agreement: Provided by the service provider. Basis for third-country transfers: Data Privacy Framework (DPF), Standard Contractual Clauses (provided by the service provider), Data Privacy Framework (DPF)Standard Contractual Clauses (provided by the service provider).


Contact and Request Management

When contacting us (e.g., by post, contact form, email, telephone or via social media) and in the context of existing user and business relationships, the information provided by the inquiring persons is processed to the extent necessary to respond to contact requests and any requested measures.

  • Types of data processed: Inventory data (e.g., full name, residential address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and posts and related information, such as authorship or time of creation); usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions). Meta, communication and procedural data (e.g., IP addresses, timestamps, identifiers, persons involved).
  • Data subjects: Communication partners.
  • Purposes of processing: Communication; organizational and administrative procedures; feedback (e.g., collecting feedback via online form). Provision of our online offering and user-friendliness.
  • Retention and deletion: Deletion according to the details in the section “General Information on Data Storage and Deletion”.
  • Legal bases: Legitimate interests (Art. 6(1)(f) GDPR). Performance of a contract and pre-contractual inquiries (Art. 6(1)(b) GDPR).

Further notes on processing operations, procedures and services:

  • Contact form: When contacting us via our contact form, by email or other means of communication, we process the personal data transmitted to us to respond to and handle the respective request. This usually includes information such as name, contact details and any further information provided to us that is necessary for proper handling. We use this data solely for the stated purpose of contact and communication; Legal bases: Performance of a contract and pre-contractual inquiries (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR).

Web Analytics, Monitoring and Optimization

Web analytics (also referred to as “reach measurement”) serves to evaluate the visitor flows of our online offering and may include behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. With reach analysis, we can, for example, recognize at which time our online offering or its functions and content are used most frequently or invite reuse. It also allows us to understand which areas require optimization.

In addition to web analytics, we may also use testing procedures to test and optimize different versions of our online offering or its components.

Unless otherwise stated below, profiles (i.e., data compiled into a usage process) can be created for these purposes, and information can be stored in a browser or end device and then read. The data collected includes, in particular, visited websites and elements used there, as well as technical details such as the browser used, the computer system used and usage times. If users have consented to the collection of their location data to us or to the providers of the services we use, location data may also be processed.

In addition, users’ IP addresses are stored. However, we use an IP masking procedure (i.e., pseudonymization by shortening the IP address) to protect users. In general, no clear data of users (such as email addresses or names) is stored in the context of web analytics, A/B testing and optimization, but rather pseudonyms. This means that neither we nor the providers of the software used know the actual identity of users, only the information stored in their profiles for the purpose of the respective procedures.

Notes on legal bases: Where we ask users for their consent to use third-party providers, the legal basis for data processing is consent. Otherwise, user data is processed on the basis of our legitimate interests (i.e., interest in efficient, economical and recipient-friendly services). In this regard, we also refer you to the information on the use of cookies in this privacy policy.

  • Types of data processed: Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions). Meta, communication and procedural data (e.g., IP addresses, timestamps, identifiers, persons involved).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Reach measurement (e.g., access statistics, recognition of returning visitors). Profiles with user-related information (creating user profiles).
  • Retention and deletion: Deletion according to the details in the section “General Information on Data Storage and Deletion”. Storage of cookies for up to 2 years (Unless otherwise stated, cookies and similar storage methods may be stored on users’ devices for a period of two years.).
  • Security measures: IP masking (pseudonymization of the IP address).
  • Legal bases: Consent (Art. 6(1)(a) GDPR). Legitimate interests (Art. 6(1)(f) GDPR).

Plug-ins and Embedded Functions and Content

We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter “third-party providers”). These may include, for example, graphics, videos or maps (collectively referred to as “content”).

Integration always requires that the third-party providers of this content process users’ IP addresses, since without the IP address they could not send the content to users’ browsers. The IP address is therefore required for the display of such content or functions. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. “Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on users’ devices and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information on the use of our online offering, and may also be linked with such information from other sources.

Notes on legal bases: Where we ask users for their consent to use third-party providers, the legal basis for data processing is consent. Otherwise, user data is processed on the basis of our legitimate interests (i.e., interest in efficient, economical and recipient-friendly services). In this regard, we also refer you to the information on the use of cookies in this privacy policy.

  • Types of data processed: Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions). Meta, communication and procedural data (e.g., IP addresses, timestamps, identifiers, persons involved).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Provision of our online offering and user-friendliness.
  • Retention and deletion: Deletion according to the details in the section “General Information on Data Storage and Deletion”. Storage of cookies for up to 2 years (Unless otherwise stated, cookies and similar storage methods may be stored on users’ devices for a period of two years.).
  • Legal bases: Consent (Art. 6(1)(a) GDPR). Legitimate interests (Art. 6(1)(f) GDPR).

Created with the free privacy policy generator at Datenschutz-Generator.de by Dr. Thomas Schwenke