We have written this privacy statement (version 05.01.2019-211083282) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act (DSG), what information we collect, how we use data and what decision-making options you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible when creating them.

Automatic data storage

Nowadays, when you visit websites, certain information is automatically created and stored, including on this website.

When you visit our website, as you are doing right now, our web server (computer on which this website is stored) automatically stores data such as

the address (URL) of the visited web page
browser and browser version
the operating system used
the address (URL) of the previously visited page (referrer URL)
the host name and IP address of the device from which access is made
the date and time

in files (web server log files).

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot exclude the possibility that this data may be viewed in the event of unlawful conduct.
The legal basis, according to Article 6(1) f DSGVO (lawfulness of processing), is that there is a legitimate interest in enabling the error-free operation of this website by collecting web server log files.

Storage of personal data

Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information in the context of submitting a form or comments on the blog, will be used by us together with the time and IP address only for the purpose stated in each case, stored securely and not disclosed to third parties.

We thus use your personal data only for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We do not disclose your personal data without your consent, but we cannot exclude the possibility that this data may be accessed in the event of unlawful conduct.

If you send us personal data by e-mail – thus away from this website – we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data by e-mail without encryption.

According to Article 6(1)(a) DSGVO (lawfulness of processing), the legal basis is that you give us consent to process the data you have entered. You can revoke this consent at any time – an informal e-mail is sufficient, you will find our contact details in the imprint.

Rights according to the Basic Data Protection Regulation

According to the provisions of the GDPR and the Austrian Data Protection Act (DSG), you are generally entitled to the following rights:

Right to rectification (Article 16 DSGVO).
Right to erasure („right to be forgotten“) (Article 17 DSGVO)
Right to restriction of processing (Article 18 DSGVO)
Right to notification – obligation to notify in connection with rectification or erasure of personal data or restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR).

If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can complain to the supervisory authority, which in Austria is the data protection authority whose website can be found at https://www.dsb.gv.at/.

TLS encryption with https

We use https to transmit data in a tap-proof manner on the Internet (data protection by design of technology Article 25(1) DSGVO). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this protection of data transmission by the small lock symbol at the top left of the browser and the use of the scheme https (instead of http) as part of our Internet address.

Cookies
Our website uses HTTP cookies to store user-specific data.
A cookie is a short data packet that is exchanged between the web browser and the web server, but is completely meaningless to the latter and only acquires meaning for the web application, e.g. an online store, such as the contents of a virtual shopping cart.

There are two types of cookies: first-party cookies are created by our website, third-party cookies are created by other websites (e.g. Google Analytics).
Example cookie data:

Name: _ga
Expiration time: 2 years
Usage: Differentiation of website visitors
Example value: GA1.2.1326744211.152211083282
There are three categories of cookies: strictly necessary cookies to ensure basic website functionality, functional cookies to ensure website performance, and goal-oriented cookies to improve the user experience.

We use cookies to make our website more user-friendly. Some cookies remain stored on your terminal device until you delete them. They allow us to recognize your browser on your next visit.

View cookie settings and delete cookies
If you want to see which cookies have been stored in your browser, change cookie settings or delete cookies, you can find this in your browser settings:

Safari: Manage cookies and website data with Safari.
Firefox: Delete cookies to remove data that websites have placed on your computer
Chrome: delete, enable and manage cookies in Chrome
Internet Explorer: Delete and manage cookies
If you do not want data to be stored in cookies, you can set your browser to notify you when cookies are set and to allow this only on a case-by-case basis. You can delete cookies that are already on your computer or deactivate cookies at any time. The procedure for doing this varies by browser, it is best to search for the instructions in Google using the search term „delete cookies Chrome“ or „disable cookies Chrome“ in the case of a Chrome browser or replace the word „Chrome“ with the name of your browser, e.g. Edge, Firefox, Safari.
If you generally do not allow us to use cookies, i.e. disable them by browser setting, some features and pages may not work as expected.

Cloudflare privacy policy
We use Cloudflare on this website from Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) to make the website faster and more secure. In doing so, Cloudflare uses cookies and processes visitor data about which we inform you in the following.

Cloudflare’s cookie (__cfduid) is used to identify individual visitors behind a shared IP address and to apply security settings to each individual visitor. For example, if a visitor to this website is in a locale where there are a number of infected computers, but the particular visitor’s computer is trusted, we can detect this using the cookie. The cookie does not correspond to a user ID and does not store any personal data.
This cookie is strictly necessary for Cloudflare security features and cannot be disabled.

Cookies from Cloudflare
__cfduid
Expiration time: 1 year
Usage: security settings for each individual visitor
Example value: d798bf7df9c1ad5b7583eda5cc5e78211083282
Cloudflare provides web optimization and security services to enhance and protect websites. These include a reverse proxy, a passthrough security service, and a content distribution network. Cloudflare collects information from website visitors. This information may include, but is not limited to, IP addresses, system configuration information, and other information about traffic to and from the website. Cloudflare collects and uses log data to operate, maintain and improve its services in accordance with customer agreements. For example, Log Data may help Cloudflare detect new threats, identify malicious third parties, and provide more robust security protection to this Website.

Cloudflare is an active participant in the EU-U.S. Privacy Shield Framework which governs the accurate and secure transfer of personal data. For more information, please visit https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0.
For more information about Cloudflare’s privacy practices, please visit https://www.cloudflare.com/de-de/privacypolicy/.

Google Fonts Privacy Policy
We use Google Fonts from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website. Google Fonts are used without authentication and no cookies are sent to the Google Fonts API. If you have an account with Google, none of your Google account information is transmitted to Google while using Google Fonts. Google only records the usage of CSS and the fonts used and stores this data securely. You can find out more about these and other issues at https://developers.google.com/fonts/faq?tid=211083282.

To find out what data is collected by Google and what it is used for, visit https://www.google.com/intl/de/policies/privacy/.

Source: Created with the privacy generator of firmenwebseiten.at in cooperation with schoenheitsmagazin.at