Privacy Policy

Contents

1. Controller
2. General Information on Data Processing
3. Server Log Files
4. Storage Duration
5. Legal Basis
6. Provision of Data
7. Data Sharing (Abuse Reporting)
8. Hosting
9. Security Measures
10. Data Processing Location
11. Your Rights
12. Contact
13. Changes

Controller

The controller responsible for data processing on this website is:

General Information on Data Processing

We take the protection of your personal data very seriously. Your data is processed exclusively in accordance with applicable legal regulations (in particular the GDPR and applicable national telecommunications laws).

Server Log Files

When you access this website, information is automatically collected by the web server and stored in so-called server log files. This data is not merged with other data sources.

The following data is processed:

• • IP address of the requesting device
• • Date and time of access
• • Requested page / URL
• • HTTP status code
• • Amount of data transferred
• • Referrer URL
• • User agent (browser and operating system)

This data is technically necessary in order to:

• • deliver the website correctly
• • ensure system security and stability
• • detect and prevent abuse or attacks

Storage Duration

Server log data, including IP addresses, is stored for 12 days and then automatically deleted.

Legal Basis

The processing is based on Art. 6(1)(f) GDPR (legitimate interest in ensuring the security and proper operation of this website).

Our legitimate interest lies in:

• • ensuring the secure operation of the website
• • defending against attacks (e.g. DDoS, brute force, exploits)
• • analyzing technical issues

Where processing is based on legitimate interests, we have carried out a balancing of interests to ensure that your fundamental rights and freedoms are not overridden.

Provision of Data

The provision of personal data is neither legally nor contractually required. However, without the processing of certain data (e.g. IP address), it is not possible to access and use this website.

Data Sharing (Abuse Reporting)

In the event of concrete indications of unlawful use or attacks, we may forward relevant log data to:

• • hosting providers
• • law enforcement authorities
• • affected third parties

This is done only to the extent necessary and on the basis of legal obligations or legitimate interests pursuant to Art. 6(1)(f) GDPR.

Hosting

This website is hosted on self-managed infrastructure / servers under our control.

All data collected in the course of using this website is processed on these servers. We implement appropriate technical and organizational measures to protect your data.

Security Measures

We implement appropriate technical and organizational measures (e.g. logging, access restrictions, and network protection mechanisms) to ensure a level of security appropriate to the risk, in accordance with Art. 32 GDPR.

Data Processing Location

All data is processed within the European Union. No data is transferred to third countries outside the EU or EEA.

Your Rights

You have the following rights under applicable data protection laws:

• • Right of access (Art. 15 GDPR)
• • Right to rectification (Art. 16 GDPR)
• • Right to erasure (Art. 17 GDPR)
• • Right to restriction of processing (Art. 18 GDPR)
• • Right to data portability (Art. 20 GDPR)
• • Right to object (Art. 21 GDPR)

If you believe that the processing of your data violates data protection law, you have the right to lodge a complaint with a supervisory authority.

You also have the right to withdraw consent at any time, if processing is based on consent.

In Austria, this is:

Contact

If you have any questions regarding data processing, you can contact us at:

Changes

We reserve the right to update this Privacy Policy to comply with legal requirements or to reflect changes in our services.