Datenschutzerklärung

Privacy Policy

1. Data Controller

Marcus Pichler
Thenngasse 5/4
5020 Salzburg
Austria

Email: [email protected]

2. Overview of Data Processing

Types of Data Processed

  • Inventory data (e.g., names, addresses)
  • Contact data (e.g., email, phone numbers)
  • Content data (e.g., text input, photographs)
  • Usage data (e.g., websites visited, interest in content, access times)
  • Meta/communication data (e.g., device information, IP addresses)

Categories of Data Subjects

  • Visitors and users of the online offering

Purpose of Processing

  • Provision of the online offering, its functions, and content
  • Responding to contact requests and communicating with users
  • Security measures
  • Reach measurement/Marketing

In accordance with Art. 13 GDPR, we inform you of the legal bases for our data processing. The following legal bases apply:

  • Consent (Art. 6 para. 1 lit. a GDPR): The data subject has given consent to the processing of personal data for one or more specific purposes.
  • Contract Performance (Art. 6 para. 1 lit. b GDPR): Processing is necessary for the performance of a contract.
  • Legal Obligation (Art. 6 para. 1 lit. c GDPR): Processing is necessary for compliance with a legal obligation.
  • Legitimate Interests (Art. 6 para. 1 lit. f GDPR): Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.

4. Security Measures

We take appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing.

The measures include:

  • Encryption of data transmission (TLS/SSL)
  • Secure server infrastructure
  • Regular security updates
  • Access controls and authentication

5. Hosting and Content Delivery

Cloudflare

This website uses Cloudflare services for security, performance optimization, and content delivery. Cloudflare may process technical data such as IP addresses for these purposes.

Provider: Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA

Privacy Policy: cloudflare.com/privacypolicy

Legal Basis: Legitimate interests (Art. 6 para. 1 lit. f GDPR) - ensuring the security and performance of our website.

6. Analytics

Umami Analytics

We use Umami, a self-hosted, privacy-focused analytics solution. Umami:

  • Does not use cookies
  • Does not collect personal data
  • Does not track users across websites
  • Stores data on our own servers in the EU

The data collected includes:

  • Page views
  • Referrer information
  • Browser and device type (anonymized)
  • Country (based on anonymized IP)

Legal Basis: Legitimate interests (Art. 6 para. 1 lit. f GDPR) - understanding how visitors use our website to improve it.

Note: No cookie consent banner is required as Umami does not use cookies and does not process personal data.

7. Contact

When you contact us (e.g., via email or LinkedIn), your data will be processed for the purpose of handling the contact request.

Data processed:

  • Name
  • Email address
  • Content of the message
  • Date and time of the request

Legal Basis: Legitimate interests (Art. 6 para. 1 lit. f GDPR) or contract performance (Art. 6 para. 1 lit. b GDPR) if the inquiry relates to a contractual relationship.

Retention: Contact requests are stored for as long as necessary to process your inquiry, and then deleted unless legal retention obligations apply.

8. Your Rights

Under GDPR, you have the following rights:

Right to Information (Art. 15 GDPR)

You have the right to request confirmation as to whether personal data concerning you is being processed and, if so, to receive information about this data.

Right to Rectification (Art. 16 GDPR)

You have the right to request the rectification of inaccurate personal data concerning you.

Right to Erasure (Art. 17 GDPR)

You have the right to request the erasure of personal data concerning you under certain conditions.

Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request restriction of processing under certain conditions.

Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

Right to Object (Art. 21 GDPR)

You have the right to object to the processing of your personal data at any time.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority. The competent supervisory authority in Austria is:

Austrian Data Protection Authority (Datenschutzbehörde)
Barichgasse 40-42
1030 Vienna
Austria
Email: [email protected]
Website: dsb.gv.at

9. Changes to This Privacy Policy

We reserve the right to update this privacy policy to reflect changes in our practices or legal requirements. The current version will always be available on this page.

Last updated: January 2026