Thanks for your support

If you want to support the important work of the HOSI Wien, you can become a member or support us with a donation (any amount is welcome!).
Bawag P.S.K
IBAN: AT921400010010143980
BIC: BAWAATWW

Donations via Paypal or credit card

The ‘Donate’ button below will redirect you to a PayPal page where you can make a donation via PayPal or credit card.

PRIVACY POLICY

Introduction and Overview

We have created this Privacy Policy (version 18.11.2024-112909180) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (referred to as "data" hereafter) we, as data controllers—and the processors we commission (e.g., service providers)—process now and will process in the future, as well as the lawful options available to you. The terms used are intended to be gender-neutral.
In short: We provide you with comprehensive information about the data we process about you.

Privacy policies are often written in a highly technical style and use legal jargon. This Privacy Policy aims to describe the most important aspects as simply and transparently as possible. Where helpful for clarity, technical terms are explained in a user-friendly manner, links to additional information are provided, and graphics are included. We want to inform you clearly and straightforwardly that we process personal data in the course of our business activities only if there is an appropriate legal basis for doing so. This clarity is not achieved with overly brief, vague, and legally technical explanations, as is often the standard on the internet when it comes to data protection. We hope you find the following explanations interesting and informative, and you may even discover something new.
If you still have questions, please contact the responsible party listed below or in the imprint, follow the provided links, and seek additional information from third-party sources. Our contact details can also be found in the imprint.

Scope of Application

This Privacy Policy applies to all personal data processed by our company and to all personal data processed by companies (processors) commissioned by us. By personal data, we mean information as defined in Article 4(1) GDPR, such as a person's name, email address, and postal address. The processing of personal data ensures that we can offer and bill for our services and products, whether online or offline. This Privacy Policy covers the following:

  • All online presences (websites, online shops) operated by us
  • Social media presences and email communication
  • Mobile apps for smartphones and other devices

In short: This Privacy Policy applies to all areas in which personal data is processed within the company via the mentioned channels. Should we establish legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal Bases

In the following sections, we provide transparent information about the legal principles and provisions, i.e., the legal bases of the General Data Protection Regulation (GDPR), that enable us to process personal data.

Regarding EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can read the EU GDPR online on EUR-Lex, the European Union Law portal, at this link.

We process your data only if at least one of the following conditions applies:

  • Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of data you entered in a contact form.
  • Contract (Article 6(1)(b) GDPR): We process your data to fulfill a contract or pre-contractual obligations with you. For example, if we enter into a purchase agreement with you, we need personal information in advance.
  • Legal Obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For instance, we are legally required to retain invoices for accounting purposes, which typically include personal data.
  • Legitimate Interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not override your fundamental rights, we reserve the right to process personal data. For example, we may process certain data to securely and efficiently operate our website, which constitutes a legitimate interest.

Other conditions, such as the performance of tasks in the public interest, the exercise of public authority, or the protection of vital interests, are generally not applicable to us. Should such a legal basis become relevant, it will be specified at the appropriate point.

In addition to the EU regulation, national laws also apply:

  • In Austria, this is the Federal Act on the Protection of Natural Persons regarding the Processing of Personal Data (Data Protection Act, DSG).
  • In Germany, the Federal Data Protection Act (BDSG) applies.

If other regional or national laws are applicable, we will inform you in the following sections.

Contact Details of the Controller

If you have questions about data protection or the processing of personal data, please contact the responsible party listed below:

Homosexuelle Initiative (HOSI) Vienna
Heumühlgasse 14/1
1040 Vienna

Email: [email protected]
Phone: +436602166605
Imprint: https://www.hosiwien.at/impressum/

Contact Details of the Data Protection Officer

Below are the contact details of the Data Protection Officer:

Homosexuelle Initiative (HOSI) Vienna
Heumühlgasse 14/1
1040 Vienna

Email: [email protected]
Phone: +436602166605

Retention Period

As a general principle, we retain personal data only as long as it is strictly necessary for the provision of our services and products. This means we delete personal data as soon as the purpose for processing no longer exists. In some cases, we are legally required to retain certain data even after the original purpose no longer applies, for example, for accounting purposes.

If you request the deletion of your data or revoke your consent for data processing, the data will be deleted as quickly as possible, provided there is no legal obligation to retain it.

For specific retention periods for individual data processing activities, we provide further details below when applicable.

 

Rights Under the General Data Protection Regulation (GDPR)

According to Articles 13 and 14 of the GDPR, you are entitled to the following rights to ensure fair and transparent data processing:

  • Right of Access (Article 15 GDPR): You have the right to know whether we process your data. If we do, you have the right to obtain a copy of the data and information about:
    • The purposes for processing.
    • The categories of data being processed.
    • The recipients of the data, and if the data is transferred to third countries, how security is ensured.
    • The storage duration of the data.
    • The existence of rights to rectify, delete, or restrict the processing and the right to object to the processing.
    • The right to lodge a complaint with a supervisory authority (links to these authorities are provided below).
    • The origin of the data if we did not collect it from you.
    • Whether profiling is being conducted, i.e., whether data is being automatically evaluated to create a personal profile.
  • Right to Rectification (Article 16 GDPR): If you find any errors in your data, you have the right to have them corrected.
  • Right to Erasure ("Right to be Forgotten") (Article 17 GDPR): You have the right to request the deletion of your data.
  • Right to Restriction of Processing (Article 18 GDPR): You have the right to restrict processing, meaning we may only store the data but not use it further.
  • Right to Data Portability (Article 20 GDPR): You have the right to request your data in a commonly used format for transfer.
  • Right to Object (Article 21 GDPR): You have the right to object to processing, leading to changes in how we process your data.
    • If the processing of your data is based on Article 6(1)(e) (public interest, exercise of public authority) or Article 6(1)(f) (legitimate interest), you may object to the processing. We will then promptly review whether we can legally comply with your objection.
    • If data is used for direct marketing purposes, you can object to such processing at any time. We will then cease to use your data for direct marketing purposes.
    • If data is used for profiling purposes, you may object at any time, and we will no longer use your data for profiling.
  • Right Not to Be Subject to Automated Decision-Making (Article 22 GDPR): You have the right not to be subject to decisions made solely through automated processing (e.g., profiling).
  • Right to Lodge a Complaint (Article 77 GDPR): If you believe that the processing of your data violates data protection laws or that your data protection rights have been infringed, you can file a complaint with a supervisory authority.

In short: You have rights—don’t hesitate to contact the responsible entity listed above!

If you believe the processing of your data violates data protection laws or infringes on your data protection rights in any way, you can lodge a complaint with the supervisory authority. In Austria, this is the Data Protection Authority, whose website you can find at https://www.dsb.gv.at.
In Germany, each federal state has its own data protection officer. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). For our company, the following local data protection authority is relevant:

Austrian Data Protection Authority
Director: Dr. Matthias Schmidl
Address: Barichgasse 40-42, 1030 Vienna
Phone: +43 1 52 152-0
Email: [email protected]
Website: https://www.dsb.gv.at

Communication

Communication Summary
👥 Affected parties: Anyone who communicates with us via phone, email, or online forms.
📓 Data processed: e.g., phone number, name, email address, entered form data. More details can be found under each communication method.
🤝 Purpose: Handling communication with customers, business partners, etc.
📅 Retention period: Duration of the business case and statutory requirements.
⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(b) GDPR (contract), Article 6(1)(f) GDPR (legitimate interests).

When you contact us via phone, email, or online form, your personal data may be processed.

The data is processed to handle your inquiry and the related business case. The data is stored only as long as necessary or as required by law.

Affected Parties
The above processes affect all individuals who contact us via the communication methods we provide.

  • Phone:
    When you call us, call data is pseudonymized and stored on the respective device and by the telecommunications provider. Additionally, data such as your name and phone number may be forwarded via email and stored for inquiry handling. The data is deleted once the business case is closed, provided no legal retention requirements apply.
  • Email:
    When you communicate with us via email, data may be stored on the respective device (computer, laptop, smartphone, etc.) and the email server. The data is deleted once the business case is closed, provided no legal retention requirements apply.
  • Online Forms:
    When you communicate with us using online forms, data is stored on our web server and may be forwarded to one of our email addresses. The data is deleted once the business case is closed, provided no legal retention requirements apply.

Legal Bases
The processing of data is based on the following legal bases:

  • Article 6(1)(a) GDPR (consent): You provide consent for us to store and process your data for purposes related to the business case.
  • Article 6(1)(b) GDPR (contract): It is necessary to fulfill a contract with you or a processor, such as a telecommunications provider, or we must process the data for pre-contractual activities, such as preparing an offer.
  • Article 6(1)(f) GDPR (legitimate interests): We aim to conduct customer inquiries and business communication in a professional manner. This requires certain technical tools, such as email programs, exchange servers, and mobile carriers, to operate communication efficiently.

Cookies

Cookies Summary
👥 Affected parties: Visitors to the website
🤝 Purpose: Dependent on the specific cookie. More details are provided below or by the software manufacturer that sets the cookie.
📓 Processed data: Dependent on the specific cookie. More details are provided below or by the software manufacturer that sets the cookie.
📅 Retention period: Dependent on the specific cookie; can range from hours to years.
⚖️ Legal basis: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests).

What Are Cookies?

Our website uses HTTP cookies to store user-specific data.
The following section explains what cookies are and why they are used, to help you better understand this Privacy Policy.

Whenever you browse the internet, you use a browser. Common browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

There’s no denying it: cookies are incredibly useful little helpers. Almost all websites use cookies. More specifically, they use HTTP cookies, as there are also other types of cookies for other applications. HTTP cookies are small files that our website saves on your computer. These cookie files are automatically placed in the "brain" of your browser—the cookie folder. A cookie consists of a name and a value. When defining a cookie, one or more additional attributes must also be specified.

Cookies store certain user-specific data, such as language settings or personal preferences for the website. When you revisit our website, your browser sends the "user-specific" information back to our site. Thanks to cookies, our website recognizes you and provides you with your preferred settings. In some browsers, each cookie is stored as a separate file, while in others, such as Firefox, all cookies are stored in a single file.

The graphic below illustrates a potential interaction between a web browser (e.g., Chrome) and a web server. The web browser requests a website and receives a cookie from the server, which the browser then reuses when another page is requested.

Cookies can be classified into two categories: first-party cookies and third-party cookies.

  • First-party cookies are created directly by our site.
  • Third-party cookies are created by partner websites (e.g., Google Analytics).

Each cookie needs to be evaluated individually, as each one stores different data. The lifespan of a cookie also varies, ranging from a few minutes to several years. Cookies are not software programs; they do not contain viruses, Trojans, or other “malware.” Additionally, cookies cannot access information stored on your computer.

An example of cookie data might look like this:

  • Name: _ga
  • Value: GA1.2.1326744211.152112909180-9
  • Purpose: To distinguish website visitors
  • Expiration: After 2 years

Minimum Browser Requirements for Cookies

A browser should support at least the following minimum cookie sizes:

  • At least 4096 bytes per cookie.
  • At least 50 cookies per domain.
  • At least 3000 cookies in total.

What Types of Cookies Exist?

The specific types of cookies we use depend on the services employed and are explained in detail in the subsequent sections of this Privacy Policy. At this point, we’d like to briefly describe the different types of HTTP cookies.

Cookies can generally be categorized into four types:

  1. Essential Cookies
    These cookies are necessary to ensure the basic functionality of the website. For example, these cookies are required if a user adds a product to the shopping cart, navigates to other pages, and later proceeds to checkout. With these cookies, the shopping cart is not cleared, even if the user closes their browser window.
  2. Functional Cookies
    These cookies gather information about user behavior and whether users encounter any error messages. Additionally, these cookies help measure the loading time and performance of the website in different browsers.
  3. Targeted Cookies
    These cookies enhance user-friendliness. For example, they store entered locations, font sizes, or form data.
  4. Advertising Cookies
    Also known as targeting cookies, these are used to deliver tailored advertisements to users. While they can be very practical, they can also be quite annoying.

Typically, when you visit a website for the first time, you’ll be asked which of these cookie types you wish to allow. Naturally, this decision is also stored in a cookie.

If you’d like to learn more about cookies and are not intimidated by technical documentation, we recommend RFC6265, the "HTTP State Management Mechanism" by the Internet Engineering Task Force (IETF).

Purpose of Processing Through Cookies

The purpose of cookie processing ultimately depends on the specific cookie. More details can be found below or from the software manufacturer that sets the cookie.

What Data Is Processed?

Cookies are small helpers for many different tasks. Unfortunately, it’s not possible to generalize what data is stored in cookies. However, we will inform you in the following sections of the Privacy Policy about the data that is processed or stored in cookies.

Retention Period of Cookies

The retention period depends on the specific cookie and is specified further below. Some cookies are deleted within less than an hour, while others can remain stored on a computer for several years.

You also have control over the retention period. You can manually delete all cookies in your browser at any time (see below: “Right to Object”). Additionally, cookies based on consent are deleted once you withdraw your consent, without affecting the legality of their storage up until that point.

Right to Object – How Can I Delete Cookies?

You have full control over whether and how cookies are used. Regardless of the service or website from which the cookies originate, you can always delete, deactivate, or only partially allow cookies. For example, you can block third-party cookies while allowing all other cookies.

If you want to see which cookies are stored in your browser, or if you want to change or delete cookie settings, you can do so in your browser settings:

If you generally do not want cookies, you can configure your browser to notify you whenever a cookie is about to be set. This allows you to decide on a case-by-case basis whether to allow the cookie. The process varies depending on the browser. It’s best to search online for instructions using terms like “delete cookies in Chrome” or “disable cookies in Chrome” if you’re using the Chrome browser.

If You Generally Don’t Want Cookies

If you generally don’t want cookies, you can configure your browser to always notify you when a cookie is about to be set. This allows you to decide individually for each cookie whether to allow it or not. The process varies depending on the browser. It’s best to search Google for instructions using terms like “delete cookies Chrome” or “disable cookies Chrome” if you’re using the Chrome browser.

 

Legal Basis

Since 2009, the so-called "Cookie Guidelines" have required that storing cookies requires your consent (Article 6(1)(a) GDPR). However, responses to these guidelines vary significantly among EU countries. In Austria, the guidelines were implemented in Section 165(3) of the Telecommunications Act (2021). In Germany, the cookie guidelines were not implemented as national law; instead, they were largely incorporated into Section 15(3) of the Telemedia Act (TMG), which has been replaced by the Digital Services Act (DSA) as of May 2024.

For cookies that are strictly necessary, legitimate interests (Article 6(1)(f) GDPR) often apply, even without consent. These interests are typically of an economic nature. We aim to provide website visitors with a pleasant user experience, and certain cookies are often essential for this.

Cookies that are not strictly necessary will only be used with your consent. The legal basis for these cookies is Article 6(1)(a) GDPR.

In the following sections, we provide detailed information on the use of cookies, including software that employs them.

 

Introduction to Web Hosting

Web Hosting Summary
👥 Affected parties: Visitors to the website
🤝 Purpose: Professional hosting of the website and ensuring operational security
📓 Processed data: IP address, time of website visit, browser used, and other data. More details are provided below or from the respective web hosting provider.
📅 Retention period: Depends on the provider, usually two weeks.
⚖️ Legal basis: Article 6(1)(f) GDPR (legitimate interests).

 

What Is Web Hosting?

When you visit websites nowadays, certain information—including personal data—is automatically generated and stored, including on this website. Such data should be processed as sparingly as possible and only with justification. By "website," we refer to the entirety of all webpages on a domain, from the homepage to the very last subpage (like this one). By "domain," we mean examples like example.com or mywebsite.com.

To view a website on a computer, tablet, or smartphone, you use a program called a web browser. You are likely familiar with some browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. We refer to these simply as browsers or web browsers.

To display the website, the browser must connect to another computer where the website's code is stored: the web server. Operating a web server is a complex and resource-intensive task, which is why it is typically handled by professional providers, called hosting providers. These providers offer web hosting services, ensuring the reliable and error-free storage of website data. A lot of technical terms are involved here, but bear with us—it gets more interesting!

When your browser connects to the web server from your computer (desktop, laptop, tablet, or smartphone), and during data transfers to and from the web server, personal data may be processed. On one hand, your computer stores data; on the other hand, the web server must temporarily store data to ensure proper operation.

A picture is worth a thousand words, so the following graphic illustrates the interaction between the browser, the internet, and the hosting provider.

Why Do We Process Personal Data?

The purposes of data processing include:

  • Professional hosting of the website and ensuring operational security.
  • Maintaining IT and operational security.
  • Anonymous analysis of access behavior to improve our offerings and, if necessary, for law enforcement or claim enforcement.

 

What Data Is Processed?

Even while you are visiting our website, the web server—where this website is stored—typically automatically saves data such as:

  • The complete internet address (URL) of the accessed webpage.
  • Browser and browser version (e.g., Chrome 87).
  • The operating system used (e.g., Windows 10).
  • The address (URL) of the previously visited page (referrer URL) (e.g., https://www.example-source-site.com/where-i-came-from/).
  • The hostname and IP address of the device from which access is made (e.g., COMPUTERNAME and 194.23.43.121).
  • Date and time of access.

This information is stored in files called web server log files.

 

How Long Is Data Stored?

The above-mentioned data is typically stored for two weeks and then automatically deleted. We do not share this data but cannot exclude the possibility of it being viewed by authorities in the case of unlawful behavior.

In short: Your visit is logged by our provider (the company running our website on specialized computers or servers), but we do not share your data without your consent!

 

Legal Basis

The legality of processing personal data as part of web hosting is based on Article 6(1)(f) GDPR (legitimate interests). Using professional hosting by a provider is necessary to present the company securely and user-friendly on the internet and to pursue any related attacks or claims.

There is typically a contract for order processing (as per Articles 28 and following GDPR) between us and the hosting provider, which ensures compliance with data protection and guarantees data security.

 

Introduction to Cookie Consent Management Platforms

Cookie Consent Management Platform Summary
👥 Affected parties: Website visitors
🤝 Purpose: Collecting and managing consent for specific cookies and tools.
📓 Processed data: Data for managing cookie preferences, such as IP address, time of consent, type of consent, and individual preferences. More details are available from the respective tool used.
📅 Retention period: Depends on the tool; durations may span several years.
⚖️ Legal basis: Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (legitimate interests).

 

What Is a Cookie Consent Management Platform?

We use a consent management platform (CMP) on our website to facilitate the correct and secure use of scripts and cookies. This software automatically generates a cookie popup, scans and monitors all scripts and cookies, provides the legally required cookie consent functionality for you, and helps both you and us maintain an overview of all cookies.

Most cookie consent management tools identify and categorize all cookies on the site. As a visitor, you can then decide for yourself which scripts and cookies you want to allow or disallow.

The following graphic illustrates the relationship between the browser, the web server, and the CMP.

Why Do We Use a Cookie Management Tool?

Our goal is to provide you with the highest level of transparency regarding data protection. Additionally, we are legally obligated to do so. We want to inform you as comprehensively as possible about all tools and cookies that may store and process your data. It is also your right to decide which cookies you accept and which you do not. To provide you with this right, we first need to know exactly which cookies are used on our website. Thanks to a cookie management tool that regularly scans the website for all active cookies, we stay informed and can provide you with GDPR-compliant information. Using the consent system, you can then choose to accept or reject cookies.

 

What Data Is Processed?

With our cookie management tool, you can manage each cookie individually and have complete control over the storage and processing of your data. Your consent is stored so that you do not have to provide it again each time you visit our website, and so we can demonstrate your consent if legally required. This information is stored either in an opt-in cookie or on a server. The retention period for your cookie consent depends on the provider of the cookie management tool. Typically, this data (e.g., pseudonymous user ID, consent timestamp, detailed information about cookie categories or tools, browser, and device details) is stored for up to two years.

 

Duration of Data Processing

Details about the duration of data processing are provided further below, if additional information is available. In general, we process personal data only as long as necessary to provide our services and products. The data stored in cookies is retained for varying periods. Some cookies are deleted as soon as you leave the website, while others may remain in your browser for several years. The exact duration of data processing depends on the tool used. Typically, you can expect a retention period of several years. The respective providers' privacy policies usually include precise information about the duration of data processing.

 

Right to Withdraw Consent

You have the right and the ability to withdraw your consent for the use of cookies at any time. This can be done either via our cookie management tool or through other opt-out mechanisms. For example, you can prevent data collection via cookies by managing, deactivating, or deleting cookies in your browser.

Information on specific cookie management tools, if available, is provided in the following sections.

 

Legal Basis

When you consent to cookies, personal data is processed and stored through these cookies. If we use cookies based on your consent (Article 6(1)(a) GDPR), this consent also serves as the legal basis for the use of cookies and the processing of your data. To manage cookie consent and enable you to give consent, we use a cookie consent management platform. The use of this software allows us to operate the website efficiently and in compliance with the law, which constitutes a legitimate interest (Article 6(1)(f) GDPR).

 

Explanation of Terms Used

We strive to make our Privacy Policy as clear and understandable as possible. However, this can be challenging, particularly with technical and legal topics. It is often necessary to use legal terms (e.g., personal data) or technical expressions (e.g., cookies, IP address). We aim to explain these terms clearly. Below, you will find an alphabetical list of important terms used in this Privacy Policy that may not have been sufficiently explained earlier. If these terms are defined in the GDPR, we will include the GDPR text along with additional explanations where applicable.

 

Processor

Definition from Article 4 of the GDPR

According to this regulation:
“A processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.”

Explanation:
As a company and website owner, we are responsible for all data we process from you. In addition to the controller, there can also be so-called processors. This includes any company or person that processes personal data on our behalf. Processors may include service providers such as accountants, hosting providers, cloud services, payment processors, newsletter providers, or large companies like Google or Microsoft.

Consent

Definition According to Article 4 of the GDPR

For the purposes of this Regulation:
"Consent" of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

Explanation: Consent on websites is typically obtained via a cookie consent tool. You’ve likely encountered this before—when visiting a website for the first time, you’re usually presented with a banner asking for your agreement to data processing. Most platforms also allow you to customize your settings, letting you decide which data processing you allow and which you don’t. If you do not give your consent, no personal data about you may be processed. Consent can also be provided in writing, not just through a digital tool.

 

Personal Data

Definition According to Article 4 of the GDPR

For the purposes of this Regulation:
"Personal data" means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Explanation: Personal data includes all information that can identify you as a person. Examples typically include:

  • Name
  • Address
  • Email address
  • Postal address
  • Phone number
  • Date of birth
  • Identification numbers like social security numbers, tax IDs, passport numbers, or student ID numbers
  • Bank details like account numbers, credit information, account balances, etc.

According to the European Court of Justice (ECJ), your IP address is also considered personal data. IT experts can use your IP address to determine at least the approximate location of your device and, subsequently, identify you as the account holder. Therefore, storing an IP address requires a legal basis under the GDPR.

There are also "special categories" of personal data, which are particularly sensitive and protected. These include:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data, such as that obtained from blood or saliva samples
  • Biometric data (e.g., information about physical, psychological, or behavioral characteristics that can identify a person)
  • Health data
  • Data concerning sexual orientation or sex life

 

Profiling

Definition According to Article 4 of the GDPR

For the purposes of this Regulation:
"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

Explanation: Profiling involves gathering various types of information about a person to learn more about them. In the online domain, profiling is often used for advertising purposes or credit checks. Web or advertising analysis programs, for example, collect data about your behavior and interests on a website. This creates a specific user profile that helps to target advertisements to a specific audience.

 

Controller

Definition According to Article 4 of the GDPR

For the purposes of this Regulation:
"Controller" means the natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Explanation: In our case, we are responsible for processing your personal data and are thus the “controller.” If we pass on collected data to other service providers for processing, they are “processors.” This requires a "data processing agreement" (DPA) to be signed.

 

Processing

Definition According to Article 4 of the GDPR

For the purposes of this Regulation:
"Processing" means any operation or set of operations that is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Note: When we refer to “processing” in our Privacy Policy, we mean any type of data processing. This includes not only collecting but also storing and using the data, as described in the original GDPR text.

 

All texts are copyright protected.
Source: Privacy Policy created using the Privacy Policy Generator for Austria by AdSimple.