Privacy policy

Privacy Policy

We have written this privacy policy (version 21.06.2021-121766488) to provide you with information in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 as well as to explain what information we collect, how we use data and what choices you have as a visitor to this website.

Privacy policies usually sound very technical. However, this version should describe the most important things as simply and clearly as possible. Moreover, technical terms are explained in a reader-friendly manner whenever possible. We would also like to convey that we only collect and use information via this website if there is a corresponding legal basis for it. This is certainly not possible if you give very brief technical explanations, as are often standard on the Internet when it comes to data protection. We hope you find the following explanations interesting and informative. Maybe you will also find some information that you did not know yet.
Should you still have questions, we kindly ask you to follow the existing links to see further information on third-party websites, or to simply write us an email. You can find our contact information in our website’s imprint.

Contact details of the data protection controller

If you have any question about data protection, please find the contact details of the body or person responsible for data protection below:
Peter Hofbauer
Willersdorferstraße 80, 8061 Sankt Radegund bei Graz
Email: peter.hofbauer@aon.at
Phone: +43 664 1162164
Company details: Imprint

Rights in accordance with the General Data Protection Regulation

You are granted the following rights in accordance with the provisions of the GDPR (General Data Protection Regulation) and the Austrian Data Protection Act (DSG):

  • right to rectification (article 16 GDPR)
  • right to erasure (“right to be forgotten“) (article 17 GDPR)
  • right to restrict processing (article 18 GDPR)
  • righ to notification – notification obligation regarding rectification or erasure of personal data or restriction of processing (article 19 GDPR)
  • right to data portability (article 20 GDPR)
  • Right to object (article 21 GDPR)
  • right not to be subject to a decision based solely on automated processing – including profiling – (article 22 GDPR)

If you think that the processing of your data violates the data protection law, or that your data protection rights have been infringed in any other way, you can lodge a complaint with your respective regulatory authority. For Austria this is the data protection authority, whose website you can access at https://www.data-protection-authority.gv.at/.

TLS encryption with https

The terms TLS, encryption and https sound very technical, which they are indeed. We use HTTPS (Hypertext Transfer Protocol Secure) to securely transfer data on the Internet.
This means that the entire transmission of all data from your browser to our web server is secured – nobody can “listen in”.

We have thus introduced an additional layer of security and meet privacy requirements through technology design Article 25 Section 1 GDPR). With the use of TLS (Transport Layer Security), which is an encryption protocol for safe data transfer on the internet, we can ensure the protection of confidential information.
You can recognise the use of this safeguarding tool by the little lock-symbol , which is situated in your browser’s top left corner in the left of the internet address (e.g. examplepage.uk), as well as by the display of the letters https (instead of http) as a part of our web address.
If you want to know more about encryption, we recommend you to do a Google search for “Hypertext Transfer Protocol Secure wiki” to find good links to further information.

Automatic Data Retention

Every time you visit a website nowadays, certain information is automatically created and stored, just as it happens on this website. This data should be collected as sparingly as possible, and only with good reason. By website, we mean the entirety of all websites on your domain, i.e. everything from the homepage to the very last subpage (like this one here). By domain we mean example.uk or examplepage.com.

Even while you are currently visiting our website, our web server – this is the computer this website is stored on, usually automatically retains data such as the below – for reasons such as operational security or for creating access statistics etc.

  • the full address (URL) of the accessed website (e. g. https://www.examplepage.uk/examplesubpage.html/)
  • browser and browser version (e.g. Chrome 87)
  • the operating system used (e.g. Windows 10)
  • the address (URL) of the previously visited site (referrer URL) (z. B. https://www.examplepage.uk/icamefromhere.html/)
  • the host name and the IP-address of the device the website is accessed from (e.g. COMPUTERNAME and 194.23.43.121)
  • date and time
  • in so-called web server log files.

As an illustration:

Browser und Webserver

Generally, these files are stored for two weeks and are then automatically deleted. We do not pass these data to others, but we cannot exclude the possibility that this data may be looked at by the authorities in case of illegal conduct.

In short: your visit is logged by our provider (company that runs our website on servers), but we do not pass on your data!

Cookies

Our website uses HTTP-cookies to store user-specific data.
For your better understanding of the following Privacy Policy statement, we will explain to you below what cookies are and why they are in use.

What exactly are cookies?

Every time you surf the internet, you use a browser. Common browsers are for example Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text-files in your browser. These files are called cookies.

What should not be dismissed, is that cookies are very useful little helpers. Nearly all websites use cookies. More accurately speaking these are HTTP-cookies, since there are also different cookies for other uses. http-cookies are small files which our website stores on your computer. These cookie files are automatically put into the cookie-folder, which is like the “brain” of your browser. A cookie consists of a name and a value. Moreover, to define a cookie, one or multiple attributes must be specified.

Cookies save certain parts of your user data, such as e.g. language or personal page settings. When you re-open our website, your browser submits these “user specific” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are familiar to. In some browsers every cookie has its own file, in others such as Firefox, all cookies are stored in one single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner-websites (e.g. Google Analytics). Every cookie is individual, since every cookie stores different data. The expiration time of a cookie also varies – it can be a few minutes, or up to a few years. Cookies are no software-programs and contain no computer viruses, trojans or any other malware. Cookies also cannot access your PC’s information.

This is an example of how cookie-files can look:

name: _ga
value: GA1.2.1326744211.152121766488-9
purpose: differentiation between website visitors
expiration date: after 2 years

A browser should support these minimum sizes:

  • at least 4096 bytes per cookie
  • at least 50 cookies per domain
  • at least 3000 cookies in total

Which types of cookies are there?

What exact cookies we use, depends on the used services. We will explain this in the following sections of the Privacy Policy statement. Firstly, we will briefly focus on the different types of HTTP-cookies.

There are 4 different types of cookies:

Essential Cookies
These cookies are necessary to ensure the basic function of a website. They are needed when a user for example puts a product into their shopping cart, then continues surfing on different websites and comes back later in order to proceed to the checkout. Even when the user closed their window priorly, these cookies ensure that the shopping cart does not get deleted.

Purposive Cookies
These cookies collect info about the user behaviour and record if the user potentially receives any error messages. Furthermore, these cookies record the website’s loading time as well as its behaviour within different browsers.

Target-orientated Cookies
These cookies care for an improved user-friendliness. Thus, information such as previously entered locations, fonts or data in forms stay saved.

Advertising Cookies
These cookies are also known as targeting-Cookies. They serve the purpose of delivering individually adapted advertisements to the user. This can be very practical, but also rather annoying.

Upon your first visit to a website you are usually asked which of these cookie-types you want to accept. Furthermore, this decision will of course also be saved in a cookie.

How can I delete cookies?

You yourself take the decision if and how you want to use cookies. Thus, no matter what service or website cookies are from, you always have the option to delete, deactivate or only partially allow them. Therefore, you can for example block cookies of third parties but allow any other cookies.

If you want change or delete cookie-settings and would like to determine which cookies have been saved to your browser, you can find this info in your browser-settings:

Chrome: Clear, enable and manage cookies in Chrome

Safari: Manage cookies and website data in Safari

Firefox: Clear cookies and site data in Firefox

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete cookies in Microsoft Edge

If you generally do not want to allow any cookies at all, you can set up your browser in a way, to notify you whenever a potential cookie is about to be set. This gives you the opportunity to manually decide to either permit or deny the placement of every single cookie. The settings for this differ from browser to browser. Therefore, it might be best for you to search for the instructions in Google. If you are using Chrome, you could for example put the search phrase “delete cookies Chrome” or “deactivate cookies Chrome” into Google.

How is my data protected?

There is a “cookie policy” that has been in place since 2009. It states that the storage of cookies requires the user’s consent. However, among the countries of the EU, these guidelines are often met with mixed reactions. In Austria the guidelines have been implemented in § 96 section 3 of the Telecommunications Act (TKG).

If you want to learn more about cookies and do not mind technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Google Fonts Privacy Policy

On our website we use Google Fonts, from the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA).

To use Google Fonts, you must log in and set up a password. Furthermore, no cookies will be saved in your browser. The data (CSS, Fonts) will be requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, all requests for CSS and fonts are fully separated from any other Google services. If you have a Google account, you do not need to worry that your Google account details are transmitted to Google while you use Google Fonts. Google records the use of CSS (Cascading Style Sheets) as well as the utilised fonts and stores these data securely. We will have a detailed look at how exactly the data storage works.

What are Google Fonts?

Google Fonts (previously Google Web Fonts) is a list of over 800 fonts which href=”https://en.wikipedia.org/wiki/Google?tid=121766650”>Google LLC provides its users for free.

Many of these fonts have been published under the SIL Open Font License license, while others have been published under the Apache license. Both are free software licenses.

Why do we use Google Fonts on our website?

With Google Fonts we can use different fonts on our website and do not have to upload them to our own server. Google Fonts is an important element which helps to keep the quality of our website high. All Google fonts are automatically optimised for the web, which saves data volume and is an advantage especially for the use of mobile terminal devices. When you use our website, the low data size provides fast loading times. Moreover, Google Fonts are secure Web Fonts. Various image synthesis systems (rendering) can lead to errors in different browsers, operating systems and mobile terminal devices. These errors could optically distort parts of texts or entire websites. Due to the fast Content Delivery Network (CDN) there are no cross-platform issues with Google Fonts. All common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) are supported by Google Fonts, and it reliably operates on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We also use Google Fonts for presenting our entire online service as pleasantly and as uniformly as possible.

Which data is saved by Google?

Whenever you visit our website, the fonts are reloaded by a Google server. Through this external cue, data gets transferred to Google’s servers. Therefore, this makes Google recognise that you (or your IP-address) is visiting our website. The Google Fonts API was developed to reduce the usage, storage and gathering of end user data to the minimum needed for the proper depiction of fonts. What is more, API stands for „Application Programming Interface“ and works as a software data intermediary.

Google Fonts stores CSS and font requests safely with Google, and therefore it is protected. Using its collected usage figures, Google can determine how popular the individual fonts are. Google publishes the results on internal analysis pages, such as Google Analytics. Moreover, Google also utilises data of ist own web crawler, in order to determine which websites are using Google fonts. This data is published in Google Fonts’ BigQuery database. Enterpreneurs and developers use Google’s webservice BigQuery to be able to inspect and move big volumes of data.

One more thing that should be considered, is that every request for Google Fonts automatically transmits information such as language preferences, IP address, browser version, as well as the browser’s screen resolution and name to Google’s servers. It cannot be clearly identified if this data is saved, as Google has not directly declared it.

How long and where is the data stored?

Google saves requests for CSS assets for one day in a tag on their servers, which are primarily located outside of the EU. This makes it possible for us to use the fonts by means of a Google stylesheet. With the help of a stylesheet, e.g. designs or fonts of a website can get changed swiftly and easily.

Any font related data is stored with Google for one year. This is because Google’s aim is to fundamentally boost websites’ loading times. With millions of websites referring to the same fonts, they are buffered after the first visit and instantly reappear on any other websites that are visited thereafter. Sometimes Google updates font files to either reduce the data sizes, increase the language coverage or to improve the design.

How can I delete my data or prevent it being stored?

The data Google stores for either a day or a year cannot be deleted easily. Upon opening the page this data is automatically transmitted to Google. In order to clear the data ahead of time, you have to contact Google’s support at https://support.google.com/?hl=en-GB&tid=121766650. The only way for you to prevent the retention of your data is by not visiting our website.

Unlike other web fonts, Google offers us unrestricted access to all its fonts. Thus, we have a vast sea of font types at our disposal, which helps us to get the most out of our website. You can find out more answers and information on Google Fonts at https://developers.google.com/fonts/faq?tid=121766650. While Google does address relevant elements on data protection at this link, it does not contain any detailed information on data retention.
It proofs rather difficult to receive any precise information on stored data by Google.

On https://policies.google.com/privacy?hl=en-GB you can read more about what data is generally collected by Google and what this data is used for.

YouTube Privacy Policy

We have integrated YouTube videos to our website. Therefore, we can show you interesting videos directly on our site. YouTube is a video portal, which has been a subsidiary company of Google LLC since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that contains an embedded YouTube video, your browser automatically connects to the servers of YouTube or Google. Thereby, certain data are transferred (depending on the settings). Google is responsible for YouTube’s data processing and therefore Google’s data protection applies.

In the following we will explain in more detail which data is processed, why we have integrated YouTube videos and how you can manage or clear your data.

What is YouTube?

On YouTube, users can watch, rate, comment or upload videos for free. Over the past few years, YouTube has become one of the most important social media channels worldwide. For us to be able to display videos on our website, YouTube provides a code snippet that we have integrated to our website.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and best content. We strive to offer you the best possible user experience on our website, which of course includes interesting videos. With the help of our embedded videos, we can provide you other helpful content in addition to our texts and images. Additionally, embedded videos make it easier for our website to be found on the Google search engine. Moreover, if we place ads via Google Ads, Google only shows these ads to people who are interested in our offers, thanks to the collected data.

What data is stored by YouTube?

As soon as you visit one of our pages with an integrated YouTube, YouTube places at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, by using cookies YouTube can usually associate your interactions on our website with your profile. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your Internet provider. Additional data can include contact details, potential ratings, shared content via social media or YouTube videos you added to your favourites.

If you are not logged in to a Google or YouTube account, Google stores data with a unique identifier linked to your device, browser or app. Thereby, e.g. your preferred language setting is maintained. However, many interaction data cannot be saved since less cookies are set.

In the following list we show you cookies that were placed in the browser during a test. On the one hand, we show cookies that were set without being logged into a YouTube account. On the other hand, we show you what cookies were placed while being logged in. We do not claim for this list to be exhaustive, as user data always depend on how you interact with YouTube.

Name: YSC
Value: b9-CV6ojI5Y121766488-1
Purpose: This cookie registers a unique ID to store statistics of the video that was viewed.
Expiry date: after end of session

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google receives statistics via PREF on how you use YouTube videos on our website.
Expiry date: after 8 months

Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices to track GPS locations.
Expiry date: after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie tries to estimate the user’s internet bandwith on our sites (that have built-in YouTube videos).
Expiry date: after 8 months

Further cookies that are placed when you are logged into your YouTube account:

Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7121766488-
Purpose: This cookie is used to create a profile on your interests. This data is then used for personalised advertisements.
Expiry date: after 2 years

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user’s consent to the use of various Google services. CONSENT also provides safety measures to protect users from unauthorised attacks.
Expiry date: after 19 years

Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile on your interests. This data helps to display customised ads.
Expiry date: after 2 years

Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information on your login data.
Expiry date: after 2 years

Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie identifies your browser and device. It is used to create a profile on your interests.
Expiry date: after 2 years

Name: SID
Value: oQfNKjAsI121766488-
Purpose: This cookie stores your Google Account ID and your last login time, in a digitally signed and encrypted form.
Expiry date: after 2 years

Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information on how you use the website and on what advertisements you may have seen before visiting our website.
Expiry date: after 3 months

How long and where is the data stored?

The data YouTube receive and process on you are stored on Google’s servers. Most of these servers are in America. At https://www.google.com/about/datacenters/inside/locations/?hl=en you can see where Google’s data centres are located. Your data is distributed across the servers. Therefore, the data can be retrieved quicker and is better protected against manipulation.

Google stores collected data for different periods of time. You can delete some data anytime, while other data are automatically deleted after a certain time, and still other data are stored by Google for a long time. Some data (such as elements on “My activity”, photos, documents or products) that are saved in your Google account are stored until you delete them. Moreover, you can delete some data associated with your device, browser, or app, even if you are not signed into a Google Account.

How can I delete my data or prevent data retention?

Generally, you can delete data manually in your Google account. Furthermore, in 2019 an automatic deletion of location and activity data was introduced. Depending on what you decide on, it deletes stored information either after 3 or 18 months.

Regardless of whether you have a Google account or not, you can set your browser to delete or deactivate cookies placed by Google. These settings vary depending on the browser you use. The following instructions will show how to manage cookies in your browser:

Chrome: Clear, enable and manage cookies in Chrome

Safari: Manage cookies and website data in Safari

Firefox: Clear cookies and site data in Firefox

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete cookies in Microsoft Edge

If you generally do not want to allow any cookies, you can set your browser to always notify you when a cookie is about to be set. This will enable you to decide to either allow or permit each individual cookie. Since YouTube is a subsidiary company of Google, Google’s privacy statement applies to both. If you want to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=en.

YouTube Subscribe Button Privacy Policy

We have integrated the YouTube subscribe button to our website, which you can recognise by the classic YouTube logo. The logo shows the words “Subscribe” or “YouTube” in white letters against a red background, with a white “Play” symbol on the left. The button may also be displayed in a different design.

Our YouTube channel consistently offers you funny, interesting or exciting videos. With the built-in “Subscribe” button you can subscribe to our channel directly via our website and do not need to go to YouTube’s website for it. With this feature, we want to make it as easy as possible for you to access our comprehensive content. Please note that YouTube may save and process your data.

If you see a built-in subscription button on our page, YouTube sets at least one cookie, according to Google. This cookie stores your IP address and our URL. It also allows YouTube to receive information about your browser, your approximate location and your default language. In our test the following four cookies were placed, without us being logged into YouTube:

Name: YSC
Value: b9-CV6ojI5121766488Y
Purpose: This cookie registers a unique ID, which stores statistics of the viewed video.
Expiry date: after end of session

Name: PREF
Value: f1=50000000
Purpose:This cookie also registers your unique ID. Google uses PREF to get statistics on how you interact with YouTube videos on our website.
Expiry date: after 8 months

Name: GPS
Value: 1
Purpose:This cookie registers your unique ID on mobile devices to track your GPS location.
Expiry date: after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 12176648895Chz8bagyU
Purpose: This cookie tries to estimate the user’s internet bandwith on our website (that contain built-in YouTube video).
Expiry date: after 8 months

Note:These cookies were set after a test, thus we do not claim for the list to be exhaustive.

If you are logged into your YouTube account, YouTube may store many of the actions and interactions you make on our website via cookies, to then assign them to your YouTube account.
This gives YouTube information on e.g. how long you have been browsing our website, which browser type you use, which screen resolution you prefer or what actions you take.

On the one hand, YouTube uses this data to improve its own services and offers, and on the other hand to provide analyses and statistics for advertisers (who use Google Ads).

All texts are copyrighted.

Source: Created with the Datenschutz Generator by AdSimple