Loading...
Loading...
Personal data is information that reveals or can reveal the identity of the user. We adhere to the principle of data minimization. We avoid collecting personal data wherever possible.
Personal data is used exclusively for contract formation, content design, implementation or processing of the contractual relationship (Art. 6 I S. 1 b GDPR).
Beyond this, personal data is only processed if we have obtained your consent (Art. 6 I S. 1 a GDPR) or if it concerns data whose processing is necessary for our legitimate interests and the assessment shows that no overriding interests, fundamental rights or freedoms on your part oppose this (Art. 6 I S. 1 f GDPR).
We may use data processors to process your personal data, with whom we have concluded a data processing agreement where necessary, but we will generally not pass on personal data to third parties beyond this.
Only for contract fulfillment will data be passed on to the payment processing company (Mollie) and the email service provider (Lettermint), insofar as this is necessary for contract implementation.
The processing of your personal data takes place in the EU and in countries classified as safe or adequate by the EU. Should personal data be processed in the USA, we ensure that the services we use are certified under the "Data Privacy Framework".
When visiting the website, general technical information is collected. This includes the IP address used, time, duration of visit, browser type and possibly the referring page. This usage data is technically registered in a log file and can be used and stored for statistical evaluation of this website. No linking of this usage data with your other personal data takes place.
Registration is required for comprehensive use of our website functions. Registration data is collected through your corresponding entries and used for the specifically stated purpose according to your consent (Art. 6 I S. 1 a GDPR).
We store your personal data after the end of the purpose for which the data was collected only as long as required by legal (particularly tax) regulations.
You can request information from us about whether we process personal data about you and if so, you have a right to information about this personal data and the additional information mentioned in Art. 15 GDPR.
You have the right to correction of incorrect personal data concerning you and can request completion of incomplete personal data according to Art. 16 GDPR.
You have the right to request that we delete personal data concerning you immediately. We are obligated to delete this immediately, particularly if one of the following reasons applies:
The right to deletion does not exist insofar as your personal data is necessary for asserting, exercising or defending our legal claims.
You have the right to request restriction of processing of your personal data if
You have the right to receive personal data concerning you, which you have provided to us, in a structured, common and machine-readable format and you have the right to transmit this data to another controller without hindrance from us, provided the processing is based on consent or a contract and the processing is carried out using automated procedures.
Insofar as the processing of your personal data is based on consent, you have the right to revoke this consent at any time.
The exercise of your aforementioned rights is generally free of charge for you. You have the right to contact the supervisory authority responsible for us, the State Data Protection Officer, directly with complaints.
We offer the option to log in via your Google account. The following data is processed:
Authentication takes place directly with Google. We only receive the basic data necessary for login.
More information: https://policies.google.com/privacy
You can revoke the connection to the social login services at any time in your account settings. The data already transmitted will remain stored with us until you delete your account.
When using social login, data is transmitted to the following providers:
This transmission only occurs when actively using the respective login option and is based on your express consent.
We use various technologies on our website that are divided into different categories. You can adjust your consent at any time via the "Cookie Settings" link in the website footer.
These cookies are essential for the website to function properly and cannot be disabled.
To analyze the usage of our website, we use Umami Analytics, a privacy-friendly, self-hosted analytics solution.
Umami is operated on our own server (analytics.genussbyte.at) in Germany. No data is transmitted to third parties.
Collected data: Page views, time on page, device type, browser, approximate geographic region (country). All data is anonymized - no IP addresses or personally identifiable information is stored.
Umami does not set cookies and does not use cross-site tracking.
Use is only with your express consent (Art. 6(1)(a) GDPR). You can revoke your consent at any time in the cookie settings.
On our marketing pages, we offer live chat support powered by Tiledesk, a self-hosted open-source solution.
The chatbot server is operated on our own infrastructure (bot.genussbyte.at) in Germany. No data is transmitted to third parties.
Collected data: Chat messages, technical information (browser, device). When used anonymously, no personal data is stored.
Chat histories are stored on our server for a maximum of 90 days and are then automatically deleted.
Use of the chatbot is only with your express consent (Art. 6(1)(a) GDPR). You can revoke your consent at any time in the cookie settings.
The chatbot may set cookies for session management, which are deleted when the browser is closed.
You can adjust your cookie settings at any time via the "Cookie Settings" link in the website footer. We store your preferences for 6 months. Without your express consent, only technically necessary cookies will be set.
All data on our website is secured against loss, destruction, access, modification and distribution through technical and organizational measures.
To operate the website, we use server-side sessions in which data can be stored. We ensure that no personal data is taken from sessions without your express consent and sessions are only used if this is technically required for the website (e.g. user authentication, shopping cart function) and thus the assessment shows that no overriding interests on your part oppose this (Art. 6 I S. 1 f GDPR).
We have commissioned the payment service provider Mollie (Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, Netherlands) to handle our payment process. Mollie is a Dutch payment service provider and is fully subject to GDPR.
For this purpose, Mollie will be provided with the information communicated to us during the booking process along with information about your booking (name, address, email address, invoice amount, currency and transaction number) according to Art. 6 I S.1 b GDPR.
The transfer of your data is exclusively for the purpose of payment processing with the payment service provider Mollie and only to the extent necessary for this.
More detailed information about Mollie's privacy policy can be found at the URL https://www.mollie.com/de/privacy
Our email communication is handled via "Lettermint" (operated by Lettermint, based in the European Union). Your email address and other data described in these notices are stored on Lettermint's servers.
Lettermint uses the aforementioned information to send and evaluate emails on our behalf. Lettermint does not use our users' data to contact them directly or pass it on to third parties. We have concluded a data processing agreement with Lettermint.
The use of Lettermint is based on our legitimate interest in reliable email delivery (Art. 6 I S. 1 f GDPR) or, in the case of newsletter dispatch, based on your consent (Art. 6 I S. 1 a GDPR).
Lettermint's privacy policy can be found at https://lettermint.co/privacy
Our website is hosted on our own VPS (Virtual Private Server) provided by Hetzner Online GmbH, Germany.
All data is processed and stored exclusively in Germany (data center in Nuremberg). Technical data such as your IP address, access data, and uploaded files may be stored on our server.
Use is based on our legitimate interest in reliable and secure provision of our website (Art. 6 I S. 1 f GDPR).
More information about privacy at Hetzner can be found at https://www.hetzner.com/de/rechtliches/datenschutz
To optimize loading times and protect our website, we use the services of bunny.net (BunnyWay d.o.o., Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia). bunny.net is a European provider based in Slovenia and is fully subject to GDPR.
We use the following services from bunny.net: DNS hosting, Content Delivery Network (CDN) for worldwide delivery of static content, and Bunny Shield (Web Application Firewall and DDoS protection) to protect against malicious requests.
Each time you access our website, technical data such as your IP address, browser used, operating system, referrer URL, and time of access are transmitted to bunny.net. This data is required for content delivery and attack detection.
Use is based on our legitimate interest in fast, reliable, and secure provision of our website (Art. 6 I S. 1 f GDPR).
More information about privacy at bunny.net can be found at https://bunny.net/privacy
For contact regarding data protection, you are welcome to contact us using the following contact options. Controller within the meaning of GDPR: