Manuel Kisilak’s Privacy Policy
Effective as of August 2021
We are strongly committed to protecting your privacy and complying with your choices. Both personal and non-personal information collected is safeguarded according to the highest privacy and data protection standards adopted worldwide.
- Our commitment
Your information will not be sold to any third party
We use state-of-the-art security measures to protect your information from unauthorized use
We give you the possibility to control the information that you shared with us
Therefore, in this Privacy Policy, we want to inform you in detail about which personal data we collect from you, how we process it and to whom we might forward it. Furthermore, we would like to inform you about the precautions we are taking to protect your personal data, which rights you have in this context and to whom you can turn for data protection concerns.
- Personal data
We process the personal data that we receive from you only within the scope of the business relationship and usage of our website. When using our services or interacting with us, the following personal data might be processed:
Type of data
What does this include
Contact Data
when contacting us, we might process for example: first and last name / company name, user ID, birth date / company registration number, phone number, email address, business and billing address.
Financial Data
as part of transactions, we might process for example: bank details (IBAN, BIC), payment service provider information, payment details, transaction-ID, VAT number, etc.
Technical Data
during visits of our websites, we might process for example: internet protocol address, login data, browser type and version, time zone setting and locations, browser plug-in types and versions, operation system and platform, and other technology on the devise used to access our services.
Marketing and Communications Data
when you visit our website or social media sites, we might process statistical and marketing data such as: preferences in receiving marketing from us and your communication preferences (including in respect of cookies).
Photo, video and audio data
when we attend or organize events or fairs or hold interviews, we may take photos and other recordings of such events and might process photo, video and audio data. However, we will always inform you separately about such recordings.
- Purpose and legal basis for using personal data
All processing is performed in accordance with the GDPR and the Austrian Data Protection Act (Datenschutzgesetz - DSG). We process your personal data based on at least one of the legal bases listed below.
Legal bases:
for the performance of contractual obligations (Art 6 para 1 lit b GDPR):
- Processing of personal data might be necessary for the performance of the contract with you or in order to take steps at your request prior to entering into a contract.
for compliance with legal obligations (Art 6 para 1 lit c GDPR):
- Processing of personal data might also be necessary for complying with various legal obligations (e.g. GewO 1994, tax laws etc.)
to protect legitimate interests (Art 6 para 1 lit f GDPR):
- Where necessary, data processing might take place beyond the performance of the contract in order to maintain the legitimate interests of us or a third party.
based on your consent (Art 6 para 1 lit a GDPR):
- If you have given us your consent to process your personal data, processing will only take place in accordance with the defined purposes and to the extent agreed in the declaration of consent. Given consent may be withdrawn at any time without giving reasons and with future effect, if you no longer agree to the processing. Please note that the withdrawal of the consent does not affect the lawfulness of processing based on consent before its withdrawal.
- Data transfer
We may share your personal data with the parties set out below for the purposes mentioned above.
Data transfer to external data processors such as:
Processors who perform services for us such as website, marketing and sales software (e.g., Google ), IT services (AWS and others); performance of contracts, account management, accounting, invoicing, and sending out newsletters. Processors may only use or disclose this data to the extent necessary to perform services for us or to comply with legal rules. We contractually oblige these processors to ensure the confidentiality and security of your personal data that they process on our behalf.
Website, marketing and sales software which helps us to successfully communicate with you (e.g., Google).
Technology companies that provide us with desktop and cloud-based products, solutions and services which are important to ensure our business conduct (e.g., Microsoft).
Payment service providers that process payments made by customers.
Other external third parties which are not deemed to be data processors in their relationships with us such as:
Professional advisers (e.g., law firms, banks, accountants): We may need to engage with them from time to time for the purposes of our business and to provide data.
Regulators and other governmental authorities: We may need to engage with them for the purposes of our business and to provide data.
We do not sell your personal data to any third parties.
Our third-party service providers are not allowed to use your personal data for their own purposes and are only permitted to process your personal data for specified purposes as instructed by us.
- Third-party links & plug-ins
Our websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We encourage you to read the privacy documentation of every website you visit.
- Data Security
The security of data is very important to us and we are committed to protecting data we collect. We maintain comprehensive administrative, technical and physical measures designed to protect your personal data against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. In addition, we limit access to your personal data to those employees, contractors and other third-parties who have a business need to know. They will only process your personal data based on our instructions and they are subject to a duty of confidentiality.
- International data transfer
If a data transfer outside the EEA is required, we ensure a similar degree of protection as within the EEA by implementing at least one of the following safeguards:
The European Commission assessed that a country has an adequate level of protection for personal data (for more details see: European Commission: Adequacy of the protection of personal data in on-EU countries).
With certain service providers we may use specific contracts approved by the European Commission which give personal data the same protection it has in EEA (known as “Standard Contractual Clauses”, for more details see: European Commission: Model contracts for the transfer of personal data to third countries).
Please contact us, if you need further information regarding the international data transfer.
- Retention and deletion periods
We retain personal data, as far as necessary, for the duration of the entire business relationship, and in principle 1 year after termination of the business relationship. Beyond this we retain your data only for a longer period, in accordance with statutory retention and documentation obligations, to defend legal claims or with your explicit consent.
The retention period is thus determined by the statutory retention periods or limitation periods. In accordance with the Austrian Enterprise Code (UGB) and the Federal Tax Code (BAO) 7 years, in accordance with the Equal Treatment Act (GIBG) half a year, and in certain cases between 3 and 30 years according to the Austrian General Civil Code (ABGB) e.g., if data is required as evidence for legal disputes or for as long as there are other legitimate interests in retention.
Unless expressly stated in this Privacy Policy, personal data processed by us shall be erased as soon as they are no longer required for their intended purpose and the erasure does not conflict with any statutory retention obligations.
- Marketing
We may use your Contact Data and Technical Data to form a view on what we think you may want or need, or what may be of interest to you.
You will receive marketing communication from us if you have requested such information and you have not opted out of receiving such product & marketing information. We will get your express opt-in consent before we share your personal data with anyone for other marketing purposes. Our newsletter might use so-called web beacons. Such web beacons provide us with a better understanding of your interactions with the newsletter. They fulfill a similar function as cookies, but they are not visible to users. Information can be obtained via web beacons, in particular about whether an email was opened and whether the user’s system is capable of receiving HTML emails.
You can unsubscribe from such marketing messages at any time by using the unsubscribe option at the end of marketing emails or contacting us and withdrawing your consent. If you opt out of receiving marketing messages, this will not apply to messages that we need to send you as a result of fulfilling a contractual relationship with you.
- Cookies
A cookie is a small file of letters and numbers that is stored in your browser, the hard drive of your computer or on your mobile device, if you agree. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of a website may become inaccessible or not function properly.
- Data Protection Rights
Under certain circumstances, you have rights under GDPR in relation to your personal data which we summarized in the following.
Right to access
You have the right to request copies of your personal data. We may charge you a small fee for this service.
Right of rectification
You have the right to request that we correct or complete any information you believe is inaccurate or incomplete.
Right to erasure
You have the right to request that we erase your personal data.
Right to restrict processing
You have the right to request that we restrict the processing of your personal data.
Right to object processing
You have the right to object to processing of your personal data.
Right to withdraw you consent
You have the right to withdraw your consent. This does not affect the lawfulness of any processing carried out beforehand. Further, we may not be able to provide certain services to you.
Right to data portability
You have the right to request that we transfer the data that we have collected to another organization, or directly to you.
Please contact us via email mailto:[email protected]. After such a request, we have on month to respond. We may need to request specific information from you to help us to confirm your identity. This security measure is in your own interest to ensure that personal data is not disclosed to any person who has no right to receive it.
- Data Protection Authority
Should you wish to report a complaint or if you feel that we have not addressed you concern in a satisfactory manner, you may contact the Austrian Data Protection Authority (Datenschutzbehörde).
- Changes to Policy
We regularly review this Privacy Policy to ensure transparency and compliance with developing data privacy rules. We update this Privacy Policy from time to time when required, in order to take current circumstances into account. If we make significant changes to this Privacy Policy, we will notify you and provide you with the updated version of the Privacy Policy. If it is required by law, we will obtain your express consent to significant changes.
- Contact us
If you have any further questions about this Privacy Policy or the processing of your personal data, please contact us:
Manuel Kisilak, mailto:[email protected]