We ("we," "us," "our(s)") take the privacy of users ("users" or "you") of our website (the "website") very seriously and are committed to protecting the information users provide to us in connection with their use of our Website. Further, we are committed to protecting and using your information in accordance with applicable law.
What data we collect
How we collect data
Why we collect this data
Who we share the data with
Where the data is stored
How long the data is kept
How we protect the data
How we treat minors
Information on the rights according to the General Data Protection Regulation
Information on Rights under the California Consumer Privacy Act
What data do we collect?
The following is an overview of the data we may collect:
Non-identified and non-identifiable information that you provide during the registration process or that is collected through your use of our Services ("non-personal information"). Non-personal information does not identify who it was collected from. Non-personal information that we collect consists primarily of technical and aggregate usage information.
Individually Identifiable Information, which is any information that can be used to identify you or could be used to identify you with reasonable effort („personal data"). Personally identifiable information we collect through our services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses, and more. When we combine personal data with non-personal data, as long as it is in combination, we will treat it as personal data.
How do we collect data?
Below are the main methods we use to collect data:
We collect data when you use our services. So when you visit our digital assets and use services, we may collect, record and store usage, sessions and related information.
We collect data that you provide to us yourself, for example, when you contact us directly through a communication channel (such as an email with a comment or feedback).
We may collect data from third-party sources, as described below.
We collect data that you provide to us when you sign in to our services through a third-party provider such as Facebook or Google.
Why do we collect this data?
We may use your information for the following purposes:
to provide and operate our services;
to develop, customize and improve our services;
to respond to your feedback, requests and inquiries and to provide assistance;
to analyze request and usage patterns;
for other internal, statistical and research purposes;
to improve our data security and fraud prevention capabilities;
to investigate violations and enforce our terms and policies and to comply with applicable law, regulation or governmental request;
to provide you with updates, news, promotional materials and other information related to our services. For promotional emails, you can choose whether you want to continue receiving them. If not, simply click the unsubscribe link in those emails.
Who do we share the data with?
We may share your information with our service providers to operate our services (e.g., storing data through third-party hosting services, providing technical support, etc.).
We may also disclose your information in the following circumstances: (i) to investigate, detect, prevent, or take action regarding illegal activities or other misconduct; (ii) to establish or exercise our rights to defend ourselves; (iii) to protect our rights, property, or personal safety and the safety of our users or the public; (iv) in the event of a change of control of us or any of our affiliates (by way of a merger, acquisition or purchase of (substantially all of) our assets, et al. a.); (v) to collect, maintain and/or manage your information through authorized third party vendors (e.g., cloud service providers) as appropriate for business purposes; (vi) to work with third party vendors to improve your user experience. For the avoidance of doubt, we would like to point out that we may transfer or disclose non-personal data to third parties or otherwise use it at our discretion.
Cookies and similar technologies
When you visit or access our services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services („tracking technologies"). These tracking technologies may allow third parties to automatically collect your information to improve the navigation experience on our digital assets, optimize their performance and provide a customized user experience, as well as for security and fraud prevention purposes.
We will not share your email address or other personal information with advertisers or advertising networks without your consent.
Where do we store the data?
Personal data may be maintained, processed and stored in the United States, Ireland, South Korea, Taiwan, Israel, and to the extent necessary for the proper provision of our services and/or as required by law (as further explained below) in other jurisdictions.
This website is hosted on World4You Internet Services GmbH and operated through the Wix.com platform. Wix.com and World4You Internet Services GmbH provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s and through the World4You Internet Services GmbH data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
How long will the data be retained?
Please note that we retain the data we collect for as long as necessary to provide our services, to comply with our legal and contractual obligations to you, to resolve disputes, and to enforce our agreements.
We may correct, amend or delete inaccurate or incomplete data at any time at our sole discretion.
How do we protect the data?
The hosting service for our digital assets provides us with the online platform through which we can offer you our services. Your data can be stored through our hosting provider's data storage, databases and general applications. It stores your data on secure servers behind a firewall and it provides secure HTTPS access to most areas of its services.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee absolute protection and security of the data you upload, post or otherwise share with us or others.
For this reason, we ask that you establish strong passwords and, whenever possible, do not provide us or others with confidential information that you believe could cause you significant or lasting harm if disclosed. In addition, because e-mail and instant messaging are not considered secure forms of communication, we ask that you not share confidential information through either of these communication channels.
How do we deal with minors?
The Services are not intended for users who are under the legal age of majority. We will not knowingly collect data from children. If you are under the legal age of majority, you should not download or use the Services or provide any information to us.
We reserve the right to request proof of age at any time so that we can verify whether minors are using our Services. In the event that we become aware that a minor is using our Services, we may prohibit such users from accessing our Services and block them, and we may delete any information we hold about such user. If you have reason to believe that a minor has disclosed data to us, please contact us as explained below.
the use of your personal data is necessary to perform or enter into a contract (for example, to provide you with the services themselves or customer service or technical support);
the use of your personal data is necessary to comply with relevant legal or regulatory obligations; or
the use of your personal data is necessary to support our legitimate business interests (provided that at all times this is done in a way that is proportionate and respects your data protection rights).
Rights according to the General Data Protection Regulation
According to the regulations of the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG), you are generally entitled to the following rights:
Right to rectification (Article 16 GDPR)
Right to erasure ("right to be forgotten") (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification - obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing - including profiling (Article 22 GDPR).
If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been violated in any way, you may lodge a complaint with the supervisory authority, which in Austria is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/.
Please note, however, that these rights are not unlimited and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal information we collect and how we use it, please contact us as indicated below.
In the course of providing the Services, we may transfer data across borders to affiliates or other third parties and from your country/jurisdiction to other countries/jurisdictions around the world. By using the Services, you consent to the transfer of your data outside the EEA.
If you are located in the EEA, your personal data will only be transferred to locations outside the EEA if we are satisfied that there is an adequate or comparable level of protection for personal data. We will take appropriate steps to ensure that we have adequate contractual arrangements with our third parties to ensure that appropriate safeguards are in place so that the risk of unlawful use, alteration, deletion, loss or theft of your personal data is minimized and that such third parties act at all times in accordance with applicable laws.
Rights under the California Consumer Privacy Act
If you use the Services as a California resident, then you may be entitled under the California Consumer Privacy Act ("CCPA") to request access to and deletion of your information.
To exercise your right to access and delete your information, please see below for how to contact us.
Users of the Services who are California residents and under the age of 18 may request and obtain removal of their Posted Content by emailing us at the address provided in the "Contact Us" section below. These requests must all be marked "California Removal Request." All requests must include a description of the content you wish to have removed and sufficient information to help us locate the material. We will not accept notices that are not marked or properly submitted, and we may not be able to respond if you do not provide sufficient information. Please note that your request does not ensure that the material will be completely or comprehensively deleted. For example, material posted by you may be republished or re-posted by other users or third parties.
If you don’t want us to process your data anymore or if you have general questions about the services or the information we collect about you and how we use it, please contact us per e-mail or mail at:
Mario Kiesenhofer (Privacy Compliance Officer)
Austria / Europe