Data protection

data protection

We have written this data protection declaration (version 27.08.2019-221100700) to explain to you in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act (DSG) which information we collect, how we use data and which decision-making options As a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical. However, we have tried to describe the most important things as simply and clearly as possible.

Automatic data storage

When you visit websites these days, certain information is automatically created and stored, including on this website.

If you visit our website as it is now, our web server (computer on which this website is stored) automatically saves data such as

the address (URL) of the accessed website
Browser and browser version
the operating system used
the address (URL) of the previously visited page (referrer URL)
the host name and the IP address of the device from which access is made
Date and Time
in files (web server log files).

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed in the event of illegal behavior.

Cookies

Our website uses HTTP cookies to save user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.

What exactly are cookies?
Whenever you surf the Internet, you are using a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.

One thing cannot be dismissed out of hand: Cookies are really useful little helpers. Almost all websites use cookies. To be more precise, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, which is the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you call up our site again, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you your usual standard settings. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies cannot access information on your PC either.

For example, cookie data can look like this:

Name: _ga
Expiry time: 2 years
Use: Differentiation of website visitors
Exemplary value: GA1.2.1326744211.152221100700
A browser should support the following minimum sizes:

A cookie should be able to contain at least 4096 bytes
At least 50 cookies should be able to be stored per domain
A total of at least 3000 cookies should be able to be stored
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Absolutely necessary cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only goes to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window.

Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and the behavior of the website in different browsers.

Goal-oriented cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.

Advertising cookies
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. That can be very practical, but also very annoying.

When you visit a website for the first time, you will usually be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.

How can I delete cookies?
You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies originate from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, activate and manage cookies in Chrome

Safari: manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. For each individual cookie, you can decide whether or not to allow the cookie. The procedure is different depending on the browser. It is best to search for the instructions in Google with the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.

What about my data protection?
The so-called “cookie guidelines” have existed since 2009. This states that the saving of cookies requires the consent of the website visitor (i.e. you). Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, this directive was implemented in Section 96 (3) of the Telecommunications Act (TKG).

If you want to know more about cookies and don’t shy away from technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the request for comments from the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Storage of personal data
Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information in the context of submitting a form or comments in the blog, are saved by us together with the time and the IP Address is only used for the specified purpose, stored securely and not passed on to third parties.

We therefore only use your personal data for communication with those visitors who expressly request contact and for processing the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.

If you send us personal data by email – outside of this website – we cannot guarantee the secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by e-mail.

Rights according to the General Data Protection Regulation
According to the provisions of the GDPR and the Austrian Data Protection Act (DSG), you have the following rights:

Right to rectification (Article 16 GDPR)
Right to cancellation (“right to be forgotten”) (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification – obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can complain to the supervisory authority, which is the data protection authority in Austria whose website you can find at https: // www. Find dsb.gv.at/.

Evaluation of visitor behavior

In the following data protection declaration, we inform you whether and how we evaluate data from your visit to this website. The analysis of the collected data is usually anonymous and we cannot infer your person from your behavior on this website.

You can find out more about how to object to this analysis of the visit data in the following data protection declaration.

TLS encryption with https
We use https to transfer data securely on the Internet (data protection through technology design, Article 25 (1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transfer protection by the small lock symbol in the top left of the browser and the use of the https (instead of http) scheme as part of our Internet address.

Google Fonts Local Privacy Policy

We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website. We have integrated the Google fonts locally, i.e. on our web server – not on the Google servers. As a result, there is no connection to the Google server and therefore no data transmission or storage.

What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts that Google LLC provides for free use. With Google Fonts you could use the fonts without uploading them to your own server. But in order to prevent any information transfer to the Google server in this regard, we have downloaded the fonts to our server. In this way, we act in compliance with data protection regulations and do not send any data to Google Fonts.

Unlike other web fonts, Google allows us unrestricted access to all fonts. We can therefore have unlimited access to a sea of ​​fonts and thus get the most out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=221100700.

Google Fonts privacy policy
We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.

You do not have to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested from the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don’t need to worry that your Google account information will be transmitted to Google while you are using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at what the data storage looks like.

What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts that Google LLC provides for free use.

Many of these fonts are released under the SIL Open Font License, while others are released under the Apache license. Both are free software licenses. So we can use them freely without paying license fees.

Why do we use Google Fonts on our website?
With Google Fonts, we can use fonts on our own website and do not have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage, especially for use on mobile devices. When you visit our site, the small file size ensures a fast loading time. Furthermore, Google Fonts are so-called secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites. Thanks to the fast content delivery network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). So we use Google Fonts so that we can present our entire online service as beautifully and consistently as possible.

Which data is saved by Google?
When you visit our website, the fonts are downloaded from a Google server. This external call transfers data to the Google server. In this way, Google also recognizes that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the collection, storage and use of end-user data to what is necessary for the efficient provision of fonts. By the way, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests with Google and is therefore protected. Google can determine the popularity of the fonts through the collected usage figures. Google publishes the results on internal analysis sites such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in Google Fonts’ BigQuery database. BigQuery is a web service from Google for companies that want to move and analyze large amounts of data.

It should be noted, however, that information such as the IP address, language settings, screen resolution of the browser, version of the browser and the name of the browser are automatically transmitted to the Google server with every Google Font request. It is not clear whether this data is saved or not clearly communicated by Google.

How long and where is the data stored?
Google stores requests for CSS assets for one day on your servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example.

The font files are stored by Google for one year. With this, Google is pursuing the goal of fundamentally improving the loading time of websites. When millions of web pages refer to the same fonts, they are cached after the first visit and immediately reappear on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase speech coverage, and improve design.

How can I delete my data or prevent data storage?
The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. In order to be able to delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=221100700. In this case, you only prevent data storage if you are not visiting our site.

Unlike other web fonts, Google allows us unrestricted access to all fonts. We can therefore have unlimited access to a sea of ​​fonts and thus get the most out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=221100700. Although Google deals with data protection issues there, it does not contain really detailed information about data storage. It is relatively difficult (almost impossible) to get really precise information about stored data from Google.

You can also read which data is generally recorded by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

Embedded social media elements data protection declaration

We integrate elements of social media services on our website in order to display images, videos and texts.
When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data.
The following links take you to the pages of the respective social media services where it is explained how they handle your data:

Instagram privacy policy

We use functions of the Instagram social media network from Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA on our website.

With the functions for embedding Instagram content (embed function) we can display pictures and videos.

By calling up pages that use such functions, data (IP address, browser data, date, time, cookies) are transmitted to Instagram, stored and evaluated.

If you have an Instagram account and are logged in, this data will be assigned to your personal account and the data stored in it.

The data protection guidelines, what information Instagram collects and how they use it can be found at https://help.instagram.com/519522125107875.

Newsletter data protection declaration

If you subscribe to our newsletter, you transmit the above personal data and give us the right to contact you by email. We only use the data stored when registering for the newsletter for our newsletter and do not pass it on.

If you unsubscribe from the newsletter – you will find the link for this at the bottom of every newsletter – then we will delete all data that was saved when you registered for the newsletter.

Source: Created with the data protection generator from firmenwebseiten.at in cooperation with justmed.de