Introduction and overview
We have written this data protection declaration (version 01/30/2023-112399184) in order to explain to you in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the person responsible - and that of processors commissioned by us (e.g. providers) - process, will process in the future and what legal options you have. The terms used are to be understood as gender-neutral.
In Short: We will provide you with full information about the data we process about you.
Privacy policies usually sound very technical and use legal terms. This data protection declaration, however, is intended to describe the most important things to you as simply and transparently as possible. To the extent that it promotes transparency, technical terms are explained in a reader-friendly manner, links to further information are provided and graphics are used.
We thereby inform you in clear and simple language that we only process personal data as part of our business activities if there is a corresponding legal basis. This is certainly not possible if you make as brief, unclear and legal-technical statements as possible, as are often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps there is one or two pieces of information that you didn't know before.
If you still have questions, we would like to ask you to contact the responsible body named below or in the legal notice, follow the existing links and look at further information on third-party sites. You can of course also find our contact details in the legal notice.
Scope
This data protection declaration applies to all personal data processed by us in the company and to all personal data that companies commissioned by us (processors) process. By personal data we mean information within the meaning of Article 4 No. 1 GDPR such as a person's name, email address and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this data protection declaration includes:
- all online presences (websites, online shops) that we operate
- Social media appearances and email communication
- mobile apps for smartphones and other devices
In short: The data protection declaration applies to all areas in which personal data is processed in a structured manner within the company via the channels mentioned. If we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.
Legal basis
In the following data protection declaration we provide you with transparent information about the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.Was das EU-Recht betrifft, beziehen wir uns auf die VERORDNUNG (EU) 2016/679 DES EUROPÄISCHEN PARLAMENTS UND DES RATES vom 27. April 2016. Diese Datenschutz-Grundverordnung der EU können Sie selbstverständlich online auf EUR-Lex, dem Zugang zum EU-Recht, unter https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679 read up.
We only process your data if at least one of the following conditions applies:
- Consent (Article 6 Paragraph 1 Letter a GDPR): You have given us your consent to process data for a specific purpose. An example would be saving the data you entered on a contact form.
- Contract (Article 6 Paragraph 1 Letter b GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we need personal information in advance.
- Legal obligation (Article 6 paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
- Legitimate interests (Article 6 paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and economically efficiently. This processing is therefore a legitimate interest.
Other conditions such as the perception of recordings in the public interest and the exercise of public authority as well as the protection of vital interests generally do not apply to us. If such a legal basis is relevant, it will be shown in the appropriate place.
In addition to the EU regulation, national laws also apply:
- In Austria, this is the Federal Law on the Protection of Natural Persons with regard to the Processing of Personal Data (Data Protection Act), or DSG for short.
- In Germany, the Federal Data Protection Act, or BDSG for short, applies.
Contact details of the person responsible
If you have any questions about data protection or the processing of personal data, you will find the contact details of the responsible person or body below::
meshmakers GmbH
Simon Kranzer
Firmianstraße 31A, 5020 Salzburg, Österreich
Authorized to represent: Reinhard Mayr, Gerald Lochner
E-Mail: simon.kranzer@meshmakers.io
Phone: +43 662 234919
Legal Notice: https://www.meshmakers.i/impressum/
Storage period
Our general criterion is that we only store personal data for as long as is absolutely necessary to provide our services and products. This means that we delete personal data as soon as the reason for data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased, for example for accounting purposes.
If you wish to have your data deleted or revoke your consent to data processing, the data will be deleted as quickly as possible and unless there is an obligation to store it.
We will inform you below about the specific duration of the respective data processing, provided we have further information.
Rights under the General Data Protection Regulation
In accordance with Articles 13, 14 GDPR, we inform you of the following rights to which you are entitled so that data is processed fairly and transparently:
- According to Article 15 GDPR, you have a right to information as to whether we are processing your data. If this is the case, you have the right to receive a copy of the data and to know the following information:
- for what purpose we carry out the processing;
- the categories, i.e. the types of data that are processed;
- hoever receives this data and if the data is transmitted to third countries, how security can be guaranteed;
- how long the data is saved;
- the existence of the right to correction, deletion or restriction of processing and the right to object to the processing;
- that you can complain to a supervisory authority (links to these authorities can be found below);
- the origin of the data if we have not collected it with you;
- Whether profiling is carried out, whether data is automatically evaluated in order to get a personal profile from you.
- According to Article 16 GDPR, you have the right to correct the data, which means that we have to correct data if you find errors.
- According to Article 17 GDPR, you have the right to deletion ("right to be forgotten"), which concretely means that you can request the deletion of your data.
- According to Article 18 GDPR, you have the right to restrict processing, which means that we can only save the data more but do not use it any further.
- According to Article 20 GDPR, you have the right to data portability, which means that we provide you with your data in a common format on request.
- According to Article 21 GDPR, you have a right to object, which after enforcement brings a change in processing.
- If the processing of your data is based on Article 6 (1) lit. e (public interest, exercise of public violence) or Article 6 (1) lit. f (legitimate interest), you can object to the processing. We then check as quickly as possible whether we can legally comply with this contradiction.
- If data is used to operate direct mail, you can object to this type of data processing at any time. We are no longer allowed to use your data for direct marketing.
- If data is used to operate profiling, you can object to this type of data processing at any time. We are no longer allowed to use your data for profiling.
- According to Article 22 GDPR, you may have the right not to be subject to a decision based exclusively on automated processing (e.g. profiling).
- According to Article 77 GDPR, you have the right to complain. This means that you can complain to the data protection authority at any time if you believe that the data processing of personal data violates the GDPR.
In short: you have rights - do not hesitate to contact the responsible body listed above!
If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can complain to the supervisory authority. This is the data protection authority for Austria whose website youhttps://www.dsb.gv.at/ find. In Germany there is a data protection officer for each state. For more information you can get to theFederal Commissioner for Data Protection and Freedom of Information (BfDI) turn around. The following local data protection authority is responsible for our company:
Austria data protection authority
Leader: Mag. Dr. Andrea Jelinek
Address: Barichgasse 40-42, 1030 Wien
Phone: +43 1 52 152-0
E-Mail address: dsb@dsb.gv.at
Website: https://www.dsb.gv.at/
Security of data processing
In order to protect personal data, we have implemented both technical and organizational measures. Wherever it is possible for us to encrypt or pseudonymize personal data. As a result, we make it as difficult as possible that third parties can conclude personal information from our data.
Art. 25 GDPR speaks of “data protection through technology design and through data protection -friendly default settings” and means that you always think of safety and corresponding Measures. In the following we, if necessary, go into specific measures.
TLS encryption with https
This means that the complete transfer of all data from your browser to our web server is secured - nobody can “listen”.
We have thus introduced an additional safety layer and meet data protection through technology design (Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this protection of data transmission by the small lock symbol at the top left of the browser, to the left of the Internet address (e.g. example.com) and the use of the scheme https (instead of http) as part of our Internet address.
If you want to know more about encryption, we recommend Google search for "Hypertext Transfer Protocol Secure wiki" to get good links to further information.
Cookies
The purpose ultimately depends on the respective cookie. You can find more details below or from the manufacturer of the software that the cookie sets.
What data are processed?
Cookies are small assistants for many different tasks. Unfortunately, you cannot generalize which data is stored in cookies, but we will inform you about the processed or stored data as part of the following data protection declaration.
Storage duration of cookies
The memory duration depends on the respective cookie and is further specified. Some cookies are deleted after less than an hour, others can remain stored on a computer for several years.
You also have an impact on the storage time yourself. You can delete all cookies manually at any time via your browser (see also “right of object” below). Furthermore, cookies that are based on consent will be deleted at the latest after the revocation of their consent, whereby the legality of the storage remains unaffected until then.
Right to object - how can I delete cookies?
You decide yourself how and whether you want to use cookies. Regardless of which service or website the cookies come, you always have the opportunity to delete, deactivate or only partially allow. For example, you can block cookies from third -party providers, but allow all other cookies.
If you want to determine which cookies have been saved in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, activate and manage cookies
Safari: Manage Cookies and Website data
Internet Explorer: Delete and Manage Cookies
Microsoft Edge: Delete and Manage Cookies
If you basically do not want cookies, you can set up your browser so that it always informs you if a cookie is to be set. So you can decide for every single cookie whether you allow the cookie or not. The procedure varies depending on the browser. It is best to search the instructions in Google with the search term “Delete Cookies Chrome” or “Deactivate Cookies Chrome” in the case of a Chrome browser.
Legal basis
The so-called “Cookie Guidelines” have existed since 2009. This states that the storage of cookies requires your consent (Article 6 Para. 1 lit. a GDPR). However, there are still very different reactions to these guidelines within the EU countries. In Austria, however, this directive was implemented in Section 96 Paragraph 3 of the Telecommunications Act (TKG). In Germany, the cookie guidelines have not been implemented as national law. Instead, this directive was largely implemented in Section 15 Paragraph 3 of the Telemedia Act (TMG).
For absolutely necessary cookies, even if consent is not given, there are legitimate interests (Article 6 (1) (f) GDPR), which in most cases are of an economic nature. We want to provide website visitors with a pleasant user experience and certain cookies are often absolutely necessary for this.
If non-essential cookies are used, this will only happen with your consent. The legal basis in this respect is Article 6 Paragraph 1 Letter a GDPR.
In the following sections you will be informed in more detail about the use of cookies if the software used uses cookies.
Web Analytics Introduction
We use software to evaluate the behavior of website visitors, for short web analytics or web analysis on our website. Data is collected that the respective analytic tool provider (also called a tracking tool) is collected, managed and processed. With the help of the data, analyzes about the user behavior are created on our website and provided us as website operator. In addition, most tools offer different test options. For example, we can test which offers or content are best received by our visitors. For this we show you two different offers for a limited period of time. After the test (so-called A/B test) we know which product or content our website visitors find more interesting. For such test procedures, as well as for other analytics procedures, user profiles can also be created and the data is saved in cookies.
Why do we operate web analytics?
With our website we have a clear goal in mind: We want to deliver the best website on the market for our industry. In order to achieve this goal, we want to offer the best and most interesting offer on the one hand and, on the other hand, make sure that you feel completely comfortable on our website. With the help of web analysis tools, we can take a closer look at the behavior of our website visitors and then improve our website for you and us accordingly. For example, we can see how old our visitors are on average, where they come from, when our website is visited the most or which content or products are particularly popular. All of this information helps us optimize the website and thus perfectly adapt to your needs, interests and wishes.
What data are processed?
Which data is saved exactly depends on the analysis tools used. However, it is usually saved, for example, what content you look at on our website, on which buttons or links you click, when to call up a page, which browser you use, with which device (PC, tablet, smartphone, etc.) Visit the website or which computer system you use. If you agreed that location data may also be collected, these can also be processed by the web analysis tool provider.
Your IP address is also saved. According to the General Data Protection Regulation (GDPR), IP addresses are personal data. However, your IP address is usually stored pseudonymized (i.e. in unrecognizable and abbreviated form). For the purpose of the tests, web analysis and web optimization, no direct data, such as your name, age, your address or your email address, is basically saved. If you are collected, all of this data is stored pseudonymously. So they cannot be identified as a person.
The following example shows the functionality of Google Analytics as an example of client-based web tracking with Java script code.
How long the respective data will be saved always depends on the provider. Some cookies only save data for a few minutes or until you leave the website again, other cookies can save data over several years.
Duration of data processing
We will inform you further below about the duration of data processing if we have more information. In general, we only process personal data as long as is absolutely necessary for the provision of our services and products. If, such as in the case of accounting, this is required by law, this storage duration can also be exceeded.
Right to object
You also have the right to revoke your consent to the use of cookies or third -party providers at any time. This works either via our cookie management tool or other opt-out functions. For example, you can also prevent data acquisition by cookies by manage, deactivating or deleting the cookies in your browser.
Legal basis
The use of web analytics requires your consent, which we obtained with our cookie popup. According to Article 6, Paragraph 1, Letter a of the GDPR (consent), this consent represents the legal basis for the processing of personal data, as may occur when it is collected by web analytics tools.
In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors and thus improving our offering technically and economically. With the help of web analytics, we detect website errors, identify attacks and improve profitability. The legal basis for this is Article 6 (1) (f) GDPR (legitimate interests). However, we only use the tools if you have given your consent.
Since cookies are used in web analytics tools, we also recommend that you read our general privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the data protection declarations of the respective tools.
Information about special web analytics tools, if available, can be found in the following sections.
Chatbots introduction
You can also communicate with us using chatbots or similar chat functions. A chat offers the opportunity to write or speak to one another with very little time delay. A chatbot is software that tries to answer your question and, if necessary, informs you of any news. By using these means of communication, your personal data may also be processed and stored.
Why do we use chatbots?
Opportunities to communicate with you are important to us. Ultimately, we want to talk to you and answer any questions you may have about our service in the best possible way. Well-functioning communication is an important part of our service. Chatbots have the great advantage that we can answer frequently asked questions automatically with the help of this software. This saves us time and you still receive detailed and helpful answers. If the chatbot cannot help, you of course have the option of contacting us personally at any time.
Please note that when using our built-in elements, your data may also be processed outside the European Union, as many providers are American companies. This may mean that you may no longer be able to easily request or enforce your rights in relation to your personal data.
What data are processed?
It may happen that you also use the chat services on other websites/platforms. In this case, your user ID will also be stored on the servers of this website. We can also be informed about which user used the chat at what time. The content is also saved. Exactly which data is stored depends on the respective service. As a rule, this involves contact data such as email address or telephone number, IP address and various usage data.
If you have consented that the chat function can be used, this consent together with a possible registration will also be stored or logged. We do this so that we can also show the registration or consent if required by law.
The provider of a chat platform can also find out when you are chatting and also receives technical information about your device. The exact information that is stored and processed also depends on your PC settings. In many cases, for example, data on your approximate location can be collected. This is done on the one hand to optimize the chat services and on the other hand to ensure more security. Furthermore, the information can also be used to set personalized advertising and marketing measures.
If you have consented that a chatbot can send you a message, you can of course also deactivate this activation at any time. The chatbot also serves as a help here and shows you how to unsubscribe from this function. All your data in this regard will then be deleted from the recipient directory.
We use the above data, for example, to be able to address you personally via the chat, to be able to answer your questions and inquiries or to send you possible content. In addition, we can also fundamentally improve our chat services.
How long is data stored?
How long the data is processed and stored depends primarily on the tools used. Below you will learn more about the data processing of the individual tools. The data protection declarations of the providers usually state exactly which data is stored and processed for how long. In principle, personal data will only be processed for as long as is necessary for the provision of our services. If data is stored in cookies, the storage period varies greatly. The data can be deleted immediately after leaving a website, but it can also be stored for several years. Therefore, you should look at each individual cookie in detail if you want to know more about data storage. In most cases, you will also find informative information about the individual cookies in the data protection declarations of the individual providers.
Right to object
You also have the right and the possibility at any time to give your consent to the use of cookies or Third-party providers. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.
Since cookies can be used for chat services, we also recommend our general privacy policy about cookies. In order to find out exactly which data is stored and processed by you, you should read the data protection declarations of the respective tools.
Legal basis
We ask for your permission to process data about you as part of the chat services via a pop-up window. If you consent, this consent also applies as a legal basis (Art. 6 para. 1 lit. a GDPR) for data processing. In addition, we process your inquiries and manage your data in the context of contractual or pre-contractual relationships in order to fulfill our pre-contractual and contractual obligations or To answer inquiries. The basis for this is Art. 6 para. 1 sentence 1 lit. b. GDPR. In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. However, we only use the tools if you have given your consent.
Blogs and publication media Introduction
We use blogs or other means of communication on our website, with which we can communicate with you on the one hand and you can also communicate with us on the other. Data from you can also be stored and processed by us. This may be necessary so that we can present content accordingly, communication works and security is increased. In our data protection text, we generally discuss which data can be processed by you. Exact information on data processing always depends on the tools and functions used. In the data protection information of the individual providers you will find detailed information about data processing.
Why do we use blogs and publication media?
Our greatest concern with our website is to offer you interesting and exciting content and at the same time your opinions and content are also important to us. That's why we want to create a good interactive exchange between us and you. With various blogs and publication options, we can achieve exactly that. For example, you can write comments on our content, comment on other comments or, in some cases, write contributions yourself.
What data are processed?
Which data is processed exactly always depends on the communication functions we use. Very often, the IP address, user name and the published content are stored. This is primarily done to ensure security protection, to prevent spam and to be able to take action against illegal content. Cookies can also be used for data storage. These are small text files that are stored with information in your browser. More details about the collected and stored data can be found in our individual sections and in the data protection declaration of the respective provider.
Duration of data processing
We will inform you about the duration of the data processing below, if we have further information on this. For example, post and comment functions store data until you revoke data storage. In general, personal data is only stored for as long as is strictly necessary for the provision of our services.
Right to object
You also have the right and the possibility at any time to give your consent to the use of cookies or Third-party providers of communication tools. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.
Since cookies can also be used in publication media, we also recommend our general privacy policy about cookies. In order to find out exactly which data is stored and processed by you, you should read the data protection declarations of the respective tools.
Legal basis
We use the means of communication mainly on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) in fast and good communication with you or other customers, business partners and visitors. Insofar as the use serves the processing of contractual relationships or their initiation, the legal basis is also Art. 6 para. 1 sentence 1 lit. b. GDPR.
Certain processing, in particular the use of cookies and the use of comment or message functions, require your consent. If and to the extent that you have consented that data of you can be processed and stored by integrated publication media, this consent is considered the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). Most of the communication functions we use set cookies in your browser to store data. That's why we recommend that you read our privacy text about cookies carefully and view the privacy policy or the cookie policy of the respective service provider.
Information on special tools can be found in the following sections, if available.
Explanation of terms used
We always strive to write our privacy policy as clearly and comprehensibly as possible. However, this is not always easy, especially with technical and legal topics. It often makes sense to legal terms (such as E.g. personal data) or certain technical expressions (such as B. Cookies, IP address). However, we do not want to use them without explanation. Below you will now find an alphabetical list of important terms used, which we may not have sufficiently addressed in the previous data protection declaration. If these terms have been taken from the GDPR and they are definitions, we will also list the GDPR texts here and, if necessary, add our own explanations.
Processors
Definition according to Article 4 of the GDPR
For the purposes of this regulation, the term means:
"Processor" means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller;
Explanation: As a company and website owner, we are responsible for all data we process from you. In addition to those responsible, there may also be so-called processors. This includes every company or person who processes personal data on our behalf. Processors can therefore be, in addition to service providers such as tax consultants, hosting or cloud providers, payment or newsletter providers or large companies such as Google or Microsoft.
Consent
Definition according to Article 4 of the GDPR
For the purposes of this regulation, the term means:
"Consent" of the data subject any voluntary, informed and unambiguous indication of intent in the form of a statement or other clear affirmative action by which the data subject indicates that he or she agrees to the processing of personal data concerning him or her;
Explanation: As a rule, such consent is given for websites via a cookie consent tool. I'm sure you know that. Whenever you visit a website for the first time, you are usually asked via a banner whether you agree or consent to data processing. In most cases, you can also make individual settings and thus decide for yourself which data processing you allow and which you do not. If you do not consent, no personal data from you may be processed. In principle, consent can of course also be given in writing, i.e. not via a tool.
Personal data
Definition according to Article 4 of the GDPR
For the purposes of this regulation, the term means:
"Personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more special features that express the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Explanation: Personal data is therefore all the data that you can identify as a person. These are usually data such as:
- Name
- Address
- E-Mail-Address
- Postal address
- Phone number
- Date of birth
- Identification numbers such as social security number, tax identification number, identity card number or matriculation number
- Bank details such as account number, credit information, account balances and much more.
According to the European Court of Justice (ECJ), your IP address is also one of the personal data. IT experts can determine at least the approximate location of your device based on your IP address and subsequently you as the connection owner. Therefore, the storage of an IP address also requires a legal basis within the meaning of the GDPR. There are also so-called "special categories" of personal data, which are also particularly worth protecting. These include:
- Racial and ethnic origin
- Political opinions
- Religious or ideological beliefs
- Trade union membership
- Genetic data such as data taken from blood or saliva samples
- Biometric data (this is information on psychological, physical or behavioral characteristics that can identify a person).Gesundheitsdaten
- Data on sexual orientation or sexual life
Profiling
Definition according to Article 4 of the GDPR
For the purposes of this regulation, the term means:
"Profiling" means any type of automated processing of personal data consisting of such personal data being used to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to work performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location of that natural person;
Explanation: Profiling gathers various information about a person in order to learn more about that person. In the web area, profiling is often used for advertising purposes or for credit checks. Web or For example, advertising analysis programs collect data about your behavior and interests on a website. This results in a special user profile, with the help of which advertising can be played out specifically to a target group.
Responsible person
Definition according to Article 4 of the GDPR
For the purposes of this regulation, the term means:
"Responsible person" means the natural or legal person, public authority, agency or other body who, alone or jointly with others, decides on the purposes and means of the processing of personal data; if the purposes and means of such processing are specified by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for in accordance with Union law or the law of the Member States;
Explanation: In our case, we are responsible for the processing of your personal data and consequently the "Responsible person". If we pass on collected data to other service providers for processing, these are "processors". For this, an "order processing contract (AVV)" must be signed.
Processing
Definition according to Article 4 of the GDPR
For the purposes of this regulation, the term means:
"Processing" every process carried out with or without the help of automated procedures or any such process series in connection with personal data such as collecting, capturing, organization, ordering, storage, adaptation or change, reading, the questioning, the use , the disclosure by transmission, distribution or another form of provision, comparison or link, restriction, deletion or extermination;
Note: When we talk about processing in our privacy policy, we mean any kind of data processing. This includes, as mentioned above in the original GDPR declaration, not only the collection but also the storage and processing.