Data protection declaration

With this privacy policy, we would like to inform you about the type, scope and purpose of the processing of personal data (hereinafter also referred to as "data"). Personal data is all data that has a personal reference to you, e.g. name, address, email address or your user behaviour. The privacy policy applies to all data processing operations carried out by us, both in the context of our core activities and for the online media we provide.

Who is responsible for data processing at our company

Responsible for data processing

Aloisia Pipek GmbH
Claudia Fürst
Ortsstraße 157
2331 Vösendorf
Österreich


‭+43 664 2076310‬
pension.claudia@icloud.com


Imprint

Processing of your data as part of the core activity of our company

If you are our customer or business partner or are interested in our services, the type, scope and purpose of the processing of your data depends on the contractual or pre-contractual relationship existing between us. In this sense, the data processed by us includes all data that is or was provided by you for the purpose of utilising the contractual or pre-contractual services and that is required to process your enquiry or the contract concluded between us. Unless otherwise stated in the further information in this privacy policy, the processing of your data and its disclosure to third parties is limited to the data that is necessary and expedient to answer your enquiries and/or to fulfil the contract concluded between you and us, to protect our rights and to fulfil legal obligations. We will inform you which data is required for this before or during data collection. Insofar as we use third-party providers to provide our services, the data protection notices of the respective third-party providers apply.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Payment data (e.g. bank details, invoices)
  • Contact data (e.g. email address, telephone number, postal address)
  • Contract data (e.g. subject matter of contract, duration of contract)


Data subjects: Interested parties, business and contractual partners

Processing purpose: Processing of contractual services, communication and answering contact enquiries, office and organisational procedures

Legal basis: Contract fulfilment and pre-contractual enquiries, Art. 6 para. 1 lit. b GDPR, legal obligation, Art. 6 para. 1 lit. c GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR

Your rights under the GDPR

According to the GDPR, you are entitled to the rights listed below, which you can assert at any time with the controller named in section 1 of this privacy policy:

  • Right to information: You have the right to request information from us as to whether and which of your data we process.
  • Right to rectification: You have the right to request the rectification of inaccurate data or the completion of incomplete data.
  • Right to erasure: You have the right to request the erasure of your data.
  • Right to restriction: In certain cases, you have the right to request that we only process your data to a limited extent.
  • Right to data portability: You have the right to request that we transfer your data to you or another controller in a structured, commonly used and machine-readable format.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. The supervisory authority of your usual place of residence, your workplace or our company headquarters is responsible.

Right of cancellation

You have the right to withdraw your consent to data processing at any time.


Right to object

You have the right to object at any time to the processing of your data, which we base on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. If you exercise your right to object, we ask you to explain the reasons. We will then no longer process your personal data unless we can prove to you that compelling legitimate grounds for data processing outweigh your interests and rights .

Irrespective of the above, you have the right to object to the processing of your personal data for the purposes of advertising and data analysis at any time. Please address your objection to the contact address of the controller given above.

When do we delete your data?

We delete your data when we no longer need it or when you instruct us to do so. This means that - unless otherwise stated in the individual data protection notices of this privacy policy - we delete your data when the purpose of the data processing has ceased to exist and the respective legal basis stated in the individual data protection notices no longer exists, e.g.

  • after termination of the contractual or membership relationship existing between us (Art. 6 para. 1 lit. a GDPR) or
  • after our legitimate interest in the further processing or storage of your data ceases to exist (Art. 6 para. 1 lit. f GDPR),
  • if you exercise your right of cancellation and there is no other legal basis for processing within the meaning of Art. 6 para. 1 lit. b-f GDPR,
  • if you exercise your right to object

and there are no compelling legitimate grounds for the erasure of your data, or if we are required to retain (certain parts of) your data for other purposes, for example because of tax retention periods (usually 6 years for business correspondence or 10 years for accounting documents) or because we are required to retain your data for other purposes. 10 years for accounting documents) or the assertion, exercise or defence of legal claims arising from contractual relationships (up to four years) or the data is needed to protect the rights of another natural or legal person, we will only delete (part of) your data after these periods have expired. Until the expiry of these periods, however, we restrict the processing of this data to these purposes (fulfilment of retention obligations).

Cloud services

We use cloud services in particular

  • to store and edit documents,
  • to send documents by email or to exchange files of any kind,
  • for our calendar appointment management,
  • for the preparation and execution of presentations and spreadsheets,
  • for publishing files of any kind,
  • for internal and external communication via chats, audio and video conferences.

The software applications that we use for these purposes are made available to us by the provider(s) named below on their servers. We access these servers via the Internet. If you transmit your data to us in the context of communication with us or in other processes explained by us in this privacy policy, we process this data in the cloud service we use. This means that your data is stored on the servers of the third-party cloud service provider. The third-party providers process usage and metadata to secure their servers and optimise their services. In particular, we process and store your contact, customer and contract data.

If we make files of any kind publicly available via our internet presence using the cloud service we use, the respective third-party provider of the cloud service may store cookies on your computer system if you access these files. The service provider may process the data collected in this way in order to analyse your usage behaviour or your browser settings, and we would like to point out that, depending on the country of domicile of the service provider named below, the data specified below may be transferred to and processed on servers outside the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will be difficult or impossible. If the service provider we use offers data processing exclusively within the EU, we intend - if not already implemented - to process your data exclusively there.‍

Data concerned:

  • Inventory data (e.g. names, addresses),
  • Contact data (e.g. email addresses, telephone and mobile phone numbers)
  • Content data (e.g. photos, videos, texts),
  • Usage data (e.g. times of access, websites visited, interest in content),
  • Metadata (e.g. IP address, computer system information)

Data subjects: Interested parties, communication partners, customers, employees (e.g. applicants, current and former employees)

Purpose of processing: Organisation of office and administrative tasks

Legal basis: Consent, Art. 6 para. 1 lit. a GDPR, fulfilment of contract and pre-contractual enquiries, Art. 6 para. 1 lit. b GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR‍

Cloud service providers used:
Apple iCloud
Service provider: Apple Inc, Infinite Loop, Cupertino, CA 95014, USA
Website: https://www.apple.com/de/
Privacy policy: https://www.apple.com/legal/privacy/de-ww/

cookies


Our website uses cookies. Cookies are small text files consisting of a series of numbers and letters that are stored on the device you are using. Cookies are primarily used to exchange information between the device you are using and our website. This includes the language settings on a website, the login status or the point at which a video was watched, etc. Two types of cookies are used when you visit our websites:

  • Temporary cookies (session cookies): These store a so-called session ID, which can be used to assign various requests from your browser to the shared session. Session cookies are deleted when you log out or close your browser.
  • Permanent cookies: Permanent cookies remain stored even after you close your browser. This allows our website to recognise your computer when you return to our website. Information on language settings or log-in information, for example, is stored in these cookies. These cookies can also be used to document and store your surfing behaviour. This data can be used for statistical, marketing and personalisation purposes.

In addition to the above categorisation, cookies can also be differentiated according to their purpose:

  • Necessary cookies: these are cookies that are absolutely necessary for the operation of our website in order to save logins or shopping baskets for the duration of your session or cookies that are set for security reasons.
  • Statistical, marketing and personalisation cookies: These are cookies that are used for analysis purposes or to measure reach. Such "tracking" cookies can be used in particular to store information on search terms entered or the frequency of page views. In addition, the surfing behaviour of an individual user (e.g. viewing certain content, use of functions, etc.) can also be stored in a user profile. Such profiles are used to display content to users that corresponds to their potential interests. If we use services that store cookies on your device for statistical, marketing and personalisation purposes, we will inform you about this separately in the following sections of our privacy policy or when obtaining your consent.

Data concerned:

  • Usage data (e.g. access times, websites clicked on)
  • Communication data (e.g. information about the device used, IP address)

Data subjects: Users of our online services

Purpose of processing: Displaying our website, ensuring the operation of our website, improving our website, communication and marketing‍

Legal basis:‍

Legitimate interest, Art. 6 para. 1 lit. f GDPR

If we do not obtain your consent to the setting of cookies, we base the processing of your data on our legitimate interest in improving the quality and user-friendliness of our website, in particular the content and functions. You can use the security settings of your browser to object to the use of cookies set by us within the scope of our legitimate interest. There you can specify whether you do not accept cookies from the outset or only accept them on request, or whether you want cookies to be deleted every time you close your browser. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.‍

Consent, Art. 6 para. 1 lit. a GDPR
If we ask you to allow us to place certain cookies on your end device before you visit our website and you consent to this, the legal basis is to be seen in the consent you have given. As part of your consent, we will inform you which cookies we set in detail. If you do not give this consent, only the so-called technically necessary cookies that are required for the proper operation of our website and its display in your browser will be set. If you have consented to the setting of cookies, you have the option to withdraw your consent at any time.

Web hosting

We use a provider to host our Internet pages, on whose server our Internet pages are stored and made available for retrieval on the Internet (hosting). The provider may process all data transmitted via the browser you use that is generated when you use our website. This includes in particular your IP address, which the provider requires in order to be able to deliver our online offer to the browser you are using, as well as all entries you make via our website. In addition, the provider we use can collect

  • the date and time of access to our website
  • Time zone difference to Greenwich Mean Time (GMT)
  • access status (HTTP status)the amount of data transferred
  • the internet service provider of the accessing system
  • the browser type and version you are using
  • the operating system you are using
  • the website from which you may have reached our website
  • the pages or subpages that you visit on our website.

The aforementioned data is stored as log files on the servers of our provider. This is necessary to ensure the stability and security of the operation of our website.‍

Data concerned:

  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, websites clicked on)
  • Communication data (e.g. information about the device used, IP address)

Data subjects: Users of our website
Purpose of processing: Displaying our website, ensuring the operation of our website
Legal basis: Legitimate interest, Art. 6 para. 1 lit. f GDPR‍

Web host(s) commissioned by us:
Webflow Inc.
Service provider: Webflow Inc.
Address: 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA
Privacy policy: https://webflow.com

The data is transferred on the basis of the EU-US Privacy Shield, which you can view at this Link. Furthermore, we have concluded a corresponding agreement with Webflow on the basis of Art. 28 GDPR in conjunction with the EU standard contractual clauses.

Content Delivery Network

We use a content delivery network (CDN) to deliver our Internet pages. A CDN is a network of regionally distributed servers connected via the Internet. Scaling storage and delivery capacities are made available via the CDN. This optimises the loading times of our Internet pages and ensures optimum data throughput even at high load peaks. User requests on our websites are routed via CDN servers. Statistics are compiled from these data streams. On the one hand, this serves to recognise potential threats to our website from malware at an early stage and, on the other hand, to continuously improve our offering and make our website more user-friendly for you as a user.

We would like to point out that, depending on the country of domicile of the service provider named below, the data collected via the service may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may be difficult or impossible.

Data concerned:

  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, websites clicked on)
  • Communication data (e.g. information about the device used, IP address)

Purpose of processing: Technical optimisation of the website, analysis of errors and user behaviour

Legal basis: Legitimate interest, Art. 6 para. 1 lit. f GDPR

CDN service provider used:

Amazon CloudFront

Service provider: Amazon Web Services, Inc, 410 Terry Avenue North, Seattle WA 98109, USA
Website: https://aws.amazon.com/de/
Privacy policy: https://aws.amazon.com/de/privacy/?nc1=f_pr.

Contacting us


If you contact us via e-mail, social media, telephone, fax, post, our contact form or in any other way and provide us with personal data such as your name, telephone number or e-mail address or provide further information about yourself or your request, we will process this data to answer your enquiry within the framework of the pre-contractual or contractual relationship existing between us.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Contact data (e.g. email address, telephone number, postal address)
  • Content data (texts, photos, videos)
  • Contract data (e.g. subject matter of the contract, duration of the contract)

Data subjects: Interested parties, customers, business and contractual partners

Purpose of processing: Communication and responding to contact enquiries, office and organisational procedures

Legal basis: Contract fulfilment and pre-contractual enquiries, Art. 6 para. 1 lit. b GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR

Advertising by email, post or telephone

We process personal data for our advertising communication by email, post or telephone. You can object to receiving our advertising measures at any time or revoke your consent to receive our advertising communication at any time. In order to be able to prove in case of doubt that your consent was given even after your objection or revocation, we can store your data for up to 4 years after your objection/revocation. We will not use your data for any further purposes after your objection/revocation. If you want us to delete your data before then, we will do so after you have confirmed to us that you originally gave us your consent.

Data concerned:

  • Contact data (e.g. email, telephone number, postal address)
  • Inventory data (e.g. names, addresses)

Persons concerned: Communication partner

Purpose of processing: Direct advertising measures (marketing) by email, post or telephone

Legal basis: Consent, Art. 6 para. 1 lit. a GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR

Web analysis and statistics

We use web analysis services to record and statistically analyse the flow of visitors to our website. Among other things, such services collect data on which website you came to our website from (so-called referrers), which pages of our website you accessed, how long you visited our pages and what interactions you made there. In addition, data on the browser, computer system and device type you are using is collected. In addition, demographic information, such as age or gender, can also be collected as pseudonymised values via such a service. If you have consented to the collection of your location data, this may also be processed, depending on the provider.

In order to collect and store this data, the web analysis service we use generally places a cookie on the end device you are using, which also collects the IP address assigned to you. However, this is shortened using a so-called IP masking procedure so that the IP address can no longer be assigned to your visit to our website. No other clear data such as names or e-mail addresses are stored. Neither we nor the service we use know the identity of visitors to our website.

We would like to point out that, depending on the country of domicile of the service provider named below, the data collected via the service may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will be difficult or impossible.

Data concerned:

  • Usage data (e.g. access times, websites clicked on)
  • Communication data (e.g. information about the device used, IP address)

Data subjects: Users of our online services

Purpose of processing: Reach measurement, monitoring the success of campaigns, remarketing and interest-based and behaviour-based marketing

Legal basis: If we have asked for your consent before using the respective service, this is the legal basis, Art. 6 para. 1 lit. a GDPR. Otherwise, we use the respective service on the basis of our legitimate interest in analysing the flow of visitors to our website in order to be able to continuously improve the functions, offers and user experience, Art. 6 para. 1 lit. f GDPR.

We use the following web analysis services

Google Analytics

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Registered office within the EU: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://marketingplatform.google.com/intl/de/about/analytics/
Privacy policy: https://policies.google.com/privacy?hl=de
Opt-out option: If you do not want your data to be used by Google Analytics, you can set a so-called opt-out plugin, which will prevent your data from being collected on our website in the future. You can obtain this plugin here: https://tools.google.com/dlpage/gaoptout?hl=de

Our online presence on social networks

We operate online presences within the social networks listed below. If you visit one of these presences, the data listed below will be collected and processed by the respective provider. As a rule, this data is collected for advertising and market research purposes and user profiles are created. Data can be stored in the user profiles regardless of the device you use. This is particularly the case if you are a member of the respective platform and are logged in to it. The user profiles can be used by the providers to display interest-based advertising to you. You have a right of cancellation against the creation of user profiles. To exercise this right, you must contact the respective provider.

If you have an account with one of the providers listed below and are logged in there when you visit our website, the respective provider may collect data about your usage behaviour on our website. To prevent your data from being linked in this way, you can log out of the provider's service before visiting our website.

You can find out for what purpose and to what extent data is collected by the provider in the respective privacy policies of the providers provided below.

We would like to point out that, depending on the country of domicile of the provider named below, the data collected via its platform may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will be difficult or impossible.

Data concerned:

  • Inventory and contact data (e.g. name, address, telephone number, email address)
  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, websites clicked on)
  • Communication data (e.g. information about the device used, IP address)
  • Purpose of processing: Communication and marketing, tracking and analysis of user behaviour

Legal basis: Consent, Art. 6 para. 1 lit. a GDPR, legitimate interests Art. 6 para. 1 lit. f GDPR

Opposition options: For the respective objection options (opt-out), please refer to the following linked information from the providers.

We maintain online presences on the following social networks

Facebook

Service provider: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA
Registered office in the EU: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Website: https://www.facebook.com/
Privacy policy: https://www.facebook.com/about/privacy/

Privacy policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data

Messenger services

We communicate via messenger services. Messenger services are chat programmes that can be used to send text messages as well as image or video files between users in real time via the Internet. Messenger services can also be used to send emoticons, electronic greeting cards and contacts. In order for messages to be transmitted, the participants must be connected to each other with a computer programme (called a client) via a network such as the Internet, either directly or via a server. As a rule, messages can also be sent when the other party is not online - the message is then temporarily stored by the service server and delivered to the recipient later when they are available again. Finally, these services can also be used for screen transmission and online games.

If the service uses end-to-end encryption for the content sent (texts, attachments), only the selected communication partners, but not third parties or the service provider itself, can view the message. In this respect, we recommend regularly installing updates for the service to ensure that the content is encrypted. However, the service provider has the option of accessing the metadata of the communication. This includes the time and (depending on the settings) location of the communication as well as the device you are using.

We would like to point out that, depending on the country of domicile of the provider named below, the data collected via its platform may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will be difficult or impossible.

Data concerned:

  • Inventory and contact data (e.g. name, telephone number, email address)
  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, websites clicked on)
  • Communication data (e.g. information about the device used, IP address)
  • Purpose of processing: Communication and marketing

Legal basis: If we have asked you for your consent before using the respective service, this is the legal basis, Art. 6 para. 1 lit. a GDPR. In this respect, we clarify that we do not transmit your contact data to the service provider for the first time without your consent. If we communicate with you in the context of a contract initiation or in the context of an existing contractual relationship via one of the following services, the legal basis is the fulfilment or preparation of the contract, Art. 6 para. 1 lit. b GDPR. In addition, we rely on our legitimate interests in fast and efficient communication and fulfilment of the needs of our communication partners in the communication of the following services, Art. 6 para. 1 lit. f GDPR.

Possibilities of objection: You can revoke the consent you have given us to use the following service at any time. You can also object to communication via the messenger service at any time.

We use the following messenger services:

Facebook Messenger

Service provider: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA
Registered office in the EU: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Website: https://www.facebook.com

Privacy policy: https://www.facebook.com/about/privacy

WhatsApp

Service provider: WhatsApp Inc. 1601 Willow Road Menlo Park, California 94025, USA
Registered office in the EU: Whatsapp Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Parent company: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA
Website: https://www.whatsapp.com/
Privacy policy: https://www.whatsapp.com/legal/?eea=1#privacy-policy

Content services

We use certain services to be able to display certain content or graphics (videos, images, music, fonts, maps) via our website. The services we use process the IP address assigned to you at the time of your visit to our website, as this is the only way the respective content can be displayed in the browser you are using. In addition, the providers of these services may place further cookies on your end device, which are used to collect information about your usage behaviour, your interests, the device and browser you are using and the time and duration of your session. The providers regularly use this data for analysis, statistical and marketing purposes. In addition, this information may also be combined with information from other sources. This applies in particular if you yourself have an account with the service provider and are logged in there at the time of the session.

We would like to point out that, depending on the country of domicile of the service provider named below, the data named in more detail below may be transferred to and processed on servers outside the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will be difficult or impossible.

Data concerned:

  • Usage data (e.g. access times, websites clicked on)
  • Communication data (e.g. information about the device used, IP address)

Data subjects: Users of our website

Purpose of processing: Displaying our website, offering content, ensuring the operation of our website

Legal basis: Consent via cookie consent banner, Art. 6 para. 1 lit. a GDPR, legitimate interests, Art. 6 para. 1 lit. f GDPR

We use the following content services:

Google Maps

We use Google Maps on our website. Google collects and processes the IP address of the visitor. When you visit a website on which Google Maps is integrated, your IP address and your location data (the latter usually not without your consent) are transmitted to Google, regardless of whether Google Maps is actually used or whether you are logged into your Google account. Your IP address will be assigned to your Google account if you are logged in there when you visit our website.

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Registered office in the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://www.google.de/maps
Privacy policy: https://policies.google.com/privacy
Opt-out option: https://tools.google.com/dlpage/gaoptout?hl=de

Google Web Fonts

With Google Web Fonts, we can integrate fonts (web fonts) into the design of our website and display them correctly in your browser when you view our website. These web fonts are integrated by calling up a Google server. From there, the fonts are passed on to your browser in compressed form and unpacked there. This server is usually located in the USA. If you visit one of our pages on which we integrate Google Fonts, Google will be informed which of our web pages you have visited.

Service provider: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Registered office in the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://fonts.google.com/
Privacy policy: https://policies.google.com/privacy

Security measures

We also take state-of-the-art technical and organisational security measures to comply with the provisions of data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties.

Up-to-dateness and amendment of this privacy policy

This privacy policy is currently valid and was last updated in February 2024. Due to changes in legal or official requirements, it may be necessary to amend this privacy policy.

This privacy policy was created with the help of the SOS Recht data protection generator. SOS Recht is a service provided by Mueller.legal Rechtsanwälte Partnerschaft based in Berlin.

AdDress
Ortsstraße 157
2331 Vösendorf
Austria
Imprint
data protection
Cookies
Copyright © 2024 Pension Claudia