The security of personal data such as name, address, telephone number or email, is a serious and important concern for me. Following please find the information I process.
By voluntarily inquiring via e-mail you share your email address and the message with me. Those data are stored at my mail account at firstname.lastname@example.org
If you place an order, your data are processed by paypal.com At my end, I receive a note containing the delivery address together with a name, the type of products ordered and the amount of money which had been paid. Those data are stored at my paypal account, my site provider wix and they are also forwarded to my mail account at email@example.com
Contractual information is stored at least for seven years to be compliant with Austrian bookkeeping regulations. Orders of one year are listed in my income statement which is passed to the Austrian Tax authority. Upon their request, the data can be reviewed by their officers.
Data deletion and storage duration:
The data subject’s personal data will be deleted as soon as the purpose of storage ceases to apply, maximum after 8 years of storage after the legally required period of storage has ended. Data may be stored beyond this period if you explicitly agree to my request.
Data automatically collected on our website / usage data:
I welcome anybody to visit and use my website free of charge and to look at the products on offer. When you visit my website. I do not willingly record nor process data obtained by visiting my website like the following:
Information about the browser type and version used
The user’s operating system
The user’s IP address
Date and time of access
Websites from which the user’ system reaches our website
The services and functions used on our website
What really counts for me is to answer inquiries accordingly and to process orders properly.
The legal basis for processing personal data using cookies required for technical and analytical purposes - in case I would do so - would be Article 6(1)(f) GDPR.
The website requires cookies for the following:
The user data collected through technically necessary cookies are not used to create user profiles.
If you do not want your browser to accept cookies, you can deactivate or restrict this option in your browser settings. Deactivation of cookies may prevent this website from functioning properly; in that case, you may not be able to access all the options and information on this website.
I take precautions to ensure the security of your personal data. Your data will be diligently protected against loss, destruction, manipulation and unauthorized access or unauthorized disclosure and transmission.
I protect collected customer data by passwords to access my the website account, the mail account and the PayPal account. No other person than yours truly has those passwords. However, I cannot guarantee the absolute security of your data.
Rights as a data subject
If your personal data is processed, you are a data subject as defined in the GDPR and you have the following rights with regard to the controller:
1. Information, rectification, restriction and deletion
You have the right to be informed about the data stored about you by me free of charge at any time. In addition, you have the right to rectify, delete or restrict the processing of your personal data, provided the legal requirements to do so are met. Details can be found in the relevant statutory provisions, Article 15 to 19 GDPR.
2. Right to data portability
You have the right to receive the personal data concerning you that you have provided to me as the controller, in an e-mail.
3. Right to information
If you have exercised your right of rectification, deletion or restriction of processing against the controller, the controller is obliged to notify all recipients to whom your personal data has been disclosed of this rectification or deletion of data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort. You have the right to be informed about these recipients by the controller.
4. Right to object
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you that is based upon point (e) or (f) of Article 6(1) GDPR, including profiling based upon those provisions.
The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing that override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
5. Revocability of declarations of consent under data protection law
You may also revoke your consent with regard to me at any time with effect for the future using the contact details given below.
6. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.
Responsible authority, contact person for queries or exercising your rights as a data subject, contact
The responsible authority within the meaning of the data protection regulations for all data processing through this website is:
Elmar Zeilhofer, Hippgasse 38/13, 1160 Vienna, Austria.
In the event of any questions, comments, complaints or to exercise your rights as a data subject in connection with my Privacy Notice and the processing of your personal data by my websites, you can contact me directly by email at firstname.lastname@example.org