DATA PROTECTION

DATA PROTECTION

Imprint & legal notice in accordance with § 25 of the Austrian Media Act

Imprint & legal notice in accordance with § 25 of the Austrian Media Act

I. Who is responsible for data processing?
Data controller is KNEEBYTE.

If you have any questions regarding the processing of your data, please contact:

Reinhard Kniebeiss
Perbersdorf 57
8093 St.Peter am Ottersbach
Telefon: +43 660 3222000
E-Mail: reinhard@kneebyte.com

II. What kind of personal data do we process and on what legal basis do we process the data?
We process among others the following data:

IP-address
Browser type and version
Information that the user is providing while filling in a contact form

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

III. For what purposes and on what legal basis will your data be processed?
1. Use of website
While operating this website, we collect certain data (“personal data”) that may refer to identified natural persons or identifiable natural persons, which are directly provided by the users of this website by filling in forms (e.g. name, first name, e-mail address, telephone number) or indirectly by visiting the website (e.g. IP-address).

For further details on embedded third party services, content and cookies please refer to the information further below.

2. Answering your Inquiries, Requests or Complaints
We process the data that you provide us with in your correspondence in order to answer your inquiries, requests or complaints. We obtain this data for this purpose based on your freely given consent. Providing your consent is neither a legal, nor a contractual obligation. However, if you do not provide your personal data, we are unable to answer your inquiries, requests or complaints.

3. Embedded third party services and content
Google Analytics
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA).
Purpose: Web Analytics, Performance Measurement, Conversion Tracking, Collection of Statistical Data
Category: Statistics
Recipients: EU, USA
Data processed: IP Address, Website Visit details, User Data.
Data subjects: Users
Technology: JavaScript Call, Cookies
Legal basis: Consent, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.google.com
Further information:
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located: https://www.google.com/about/datacenters/locations/

On our website, we use the functions of the web analysis service Google Analytics to analyze user behavior and to optimize our website. The reports provided by Google are used to analyze the performance of our website and to measure the success of possible campaigns via our website.

Google Analytics uses cookies that enable an analysis of the use of our website.

Information about the use of the website such as browser type/version, operating system used, the previously visited page, host name of the accessing computer (IP address), time of server request are usually transmitted to a Google server and stored there. We have concluded a contract with Google for this purpose.

On our behalf, Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. According to Google, the IP address transmitted by your browser is not merged with other data from Google.

We only use Google Analytics with IP anonymization activated by default. This means that the IP address of a user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. According to Google, the IP address transmitted by a user’s browser within the scope of Google Analytics is not linked to other Google data.

During the website visit, the user behaviour is recorded in the form of so-called events. These can represent the following:

Page views, the click path of a user.
first visit to our website
visited websites
start of a session
interaction with our website
user behavior (for example, clicks, scrolls, dwell time, bounce rates)
interaction with videos
internal search queries
furthermore, the following is recorded:

approximate location (region)
date and time of visit
IP address (in shortened form)
technical information about the browser or the end devices used (e.g. language setting, screen resolution)
Internet service provider
Referrer URL (via which website/advertising medium a user came to our website).
The processing of this data is essentially done by Google for its own purposes such as profiling (without our ability to influence).

The data about the use of our website is deleted immediately after the end of the retention period set by us in each case. Google Analytics gives us a default of 2 months for the retention period of user and event data, with a maximum retention period of 14 months. This retention period also applies to conversion data. For all other event data, the following options are available: 2 months, 14 months, 26 months (Google Analytics 360 only), 38 months (Google Analytics 360 only), 50 months (Google Analytics 360 only). We will choose the shortest storage period that corresponds to our intended use. You can ask us at any time for the retention period currently set by us.

The deletion of data whose retention period has been reached takes place automatically once a month.

Google Fonts
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company Google LLC (USA), https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Purpose: Integration of fonts
Category: Statistics
Recipients: EU, USA (possible)
Data processed: IP address, language settings, screen resolution, version and name of browser.
Data subjects: website visitors
Technology: JavaScript call
Legal basis: Consent, Data Privacy Framework
Website: www.google.com
Further information: https://developers.google.com/fonts/faq https://policies.google.com/privacy https://www.google.com/about/datacenters/inside/locations/

To display fonts consistently, our website uses Web Fonts which are provided by Google.

To display web fonts, the web browser you use must connect with a Google server. This informs Google that our website is being accessed via your IP address. The IP address from the browser of the device you are using to access our site is also stored by Google. If your browser does not support Web Fonts, your device will display the site using a standard font type. With each Google Font request, your IP address is automatically transferred to a Google server along with information such as your language preferences, display resolution, version and name of your browser. The usage data collected by Google enables them to determine the popularity of specific font types. Google publishes these findings on internal analytics sites (e.g. Google Analytics).

Google Fonts enables us to use fonts on our own website without uploading them to our server. Google Fonts is an important building block for maintaining the high quality of our website. All Google fonts are automatically optimized for the web. This reduces the data volume and is particularly advantageous for use on mobile devices. When you visit our site, the low file size allows for quicker loading times. Furthermore, Google Fonts are secure Web Fonts that support all major browsers.

Google stores requests for CSS assets for one day on its servers. This enables us to use the fonts with the support of a Google style sheet. The font files are stored by Google for one year. To delete data prematurely, you must contact Google Support ( https://support.google.com ).

Google Tag Manager
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA)
Purpose: Launching Tools and Plugins
Category: Technically Required
Recipients: EU, USA (possible)
Data processed: IP Address
Data subjects: User
Technology: JavaScript Call
Legal basis: legitimate interest, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.google.com
Further information:
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located: https://www.google.com/about/datacenters/locations/

The Google Tag Manager service is used on our website.

The Tag Manager is a service that allows us to manage website tags via an interface. This allows us to include code snippets such as tracking codes or conversion pixels on websites without interfering with the source code. In doing so, the data is only forwarded by the Tag Manager, but neither collected nor stored. The Tag Manager itself is a cookie-less domain and does not process any personal data, as it serves purely to manage other services in our online offering.

When the Google Tag Manager is started, the browser establishes a connection to Google’s servers. These are mainly located in the U.S. Through this, Google obtains knowledge that our website was called up via the IP address of a user.

The Tag Manager ensures the resolution of other tags, which in turn may collect data. However, the Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags that are implemented with the Tag Manager.

Hosting
In the process of hosting our website, we store all data related to the operation of our website. This is necessary for enabling operation of our website. Therefore, we process this data on the legal grounds of our legitimate interest in optimising our website. To provide access to our website, we use the services of web hosting providers, to whom we supply the aforementioned data within the context of contractual processing.

Contact
We offer various ways to get in touch with us on our website. Whenever you contact us, your information is used to process and handle your contact request in the course of fulfilling pre-contractual rights and obligations. To handle and answer your request it is necessary for us to process your data; otherwise we are unable to answer your request or only able to partially answer it. Your information can be stored in a database of customers and leads on the grounds of our legitimate interest in direct marketing.

We delete your request and contact information when your request has been definitively answered and there is no legally required time limit for storing this data prior to deletion (e.g. pursuant to a subsequent contractual relationship). This is usually the case when there is no further contact with you for three years in a row.

Server Log Files
For technical reasons, particularly to ensure a functioning and secure website, we process the technically necessary data about accesses to our website in so-called server log files which your browser automatically sends to us.

The access data we process includes:

The name of the website you are accessing
The browser type (including version) you use
The operating system you use
The site you visited before accessing our site (referrer URL)
The time of your server request
The amount of data transferred
The host name of computer (IP address) you are using to access the site
This data cannot be traced back to any natural person and is used solely to perform statistical analyses and to operate and improve our website while also optimising our site and keeping it secure. This data is sent exclusively to our website operator. The data is neither connected nor aggregated with other data sources. In case of suspicion of unlawful use of our website, we reserve the right to examine the data retroactively. This data processing takes place on the legal grounds of our legitimate interest in maintaining a technically fault-free and optimal website.

The access data is deleted within a short period of time after serving its purpose (usually within a few days) unless further storage is required for evidence purposes. In such cases, the data is stored until the incident is definitively resolved.

SSL Encryption
Within your visit to our website, we use the widespread SSL procedure (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser. We use this encryption procedure on the basis of our justified interest in the use of suitable encryption techniques.

We also make use of suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments and kept state-of-the-art.

Cookies
We collect information from you as a user of our website through the use of Cookies in order to make our website more user-friendly, effective and secure. This includes your IP-address (anonymized), browser type, language settings, operating system, type of device, domain name, domain host, date and time. The legal basis for this is your consent, which you express by the appropriate settings of your browser or device to allow Cookies or by choosing the respective settings in our Cookie banner. This consent can be revoked anytime. The setting of Cookies is according to Art. 6 para 1 lit. f GDPR also based on our legitimate interest insofar as it is technically absolutely necessary in order to use offered services accessed by you.

More information about the use of Cookies on this website and their purposes, as well as your options to control or block the Cookies, you find in our Cookie banner. Currently, we are using the following Cookies:

Required
Technically necessary cookies are used to enable the technical operation of a website and make it functional for you. The use is based on our legitimate interest to provide a technically flawless website. However, you can generally disable the use of cookies in your browser.

Hosting
While hosting our website, all data related to operating our website are stored. This is necessary in order to make the operation of the website possible. Thus, all data are processed on the basis of our legitimate interests according to Art. 6 para 1 lit. f GDPR to optimize our website.

Server Log- Files
Due to technical reasons, in particular in order to guarantee a functioning and secure web presence, we are processing technical necessary data on accesses on our website in so-called server-log-files. Your browser is transmitting those automatically to us.

The following data are protocolled:

Website visited
Browser type and version
Operating system
Websites you visited before ours
Hostname of the accessing computers
Time of server request
Amount of data sent
This data are not connected to natural personen and are only used for evaluation and improvement of our website. These data are only transmitted to our Website provider. A connection or aggregation of these data with other data sources does not take place.. The processing of data is based on our legitimate interest according to Art. 6 para 1 lit. f GDPR to provide for a technical flawless presentation and optimization of our website.

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer.

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
We process this data based on our legitimate interest in data processing pursuant to Art. 6 (1) lit. f GDPR.

Data are deleted after fulfilling the purpose, normally within a few days, in case there is no need to store data as evidence. In this case, data will be stored until the issue is finally resolved.

How long do we store your personal data?
We process your personal data as long as reasonably necessary to achieve the under point III mentioned purposes and in accordance with the legal obligations for storage and documentation, which result among others from the Austrian Civil Code (ABGB) and the Austrian Business Code (UGB) or for asserting, exercising or defending legal claims.

Generally, your data will be deleted after withdrawing your consent or objecting to the processing of your data, provided that the storage of data is not necessary to fulfill a legal obligation or to assert, exercise or defend legal claims. Further processing will only take place if you have expressly consented to the further use of your data or if we have reserved the right to process the data in excess thereof under the permission of applicable laws.

Instead of deleting your data, it is possible that the data may be made anonymous. In this case, any personal reference will irretrievably be removed, which is why the deletion obligations under data protection law also cease to apply.

Your Rights
According to current data protection laws, you enjoy the following rights regarding the processing of personal data:

Right of access (information about the data we process about you),
Right to rectification (correction of incorrect data),
Right to restriction of processing (limitation of data processing),
Right to data portability,
Right to object and the
Right to erasure (data deletion – “right to be forgotten”).
If the processing of your personal data is based on our legitimate interest, you have the right, to object any time to the processing of your data for reasons arising out of the particular situation; this applies in particular to the processing of data for the purpose of direct marketing.
If the processing of your data is based on your consent, you have the right to withdraw the consent at any time with future effect. Such withdrawal shall not affect the lawfulness of the data processing up to the date of withdrawal.

If you believe that our processing of your data is violating applicable data protection laws or if your privacy rights have otherwise been violated, please contact us using the contact details provided in point I above. In this way, we get to know and understand your concerns and can respond accordingly.

You also have the right to file a complaint with the national competent data protection authority. In Austria it is the:

Österreichische Datenschutzbehörde
Barichgasse 40-42, 1030 Wien, Österreich
Tel.: +43 1 52 152-0, dsb@dsb.gv.at

Amendment of this privacy policy
Due to the further development of our website and offers about it or due to changed legal or official requirements, it may become necessary to change this data protection declaration.