Pursuant to Article 13 GDPR
Thank you for your interest in our website. The trust of all visitors and customers, the security of your data and the protection of your privacy are of key importance to us.
We therefore handle your personal data in accordance with the applicable statutory data protection regulations and this privacy policy. Personal data is information that can be used to get to know your identity. Typical personal data include but are not limited to: surname, first name, address, telephone number, IP address, cookies and email address.
When you view and use our website or explicitly send information to us in any other way, we process the data that is automatically transmitted to us with each request of your browser (see the section “Log data”). If you voluntarily send us personal data, the processing is exclusively carried out for the purpose of the request or the respective order. Please note that data transmission on the internet can never be completely protected against third-party access.
In the individual sections below, we would like to explain in more detail which data we process, when and for what purpose. We explain how our services are operated and how the protection of your personal data is guaranteed.
The data controller, within the meaning of the EU General Data Protection Regulation and other data protection regulations, is:
Novogenia Marketing GmbH
Strass 19
5301 Eugendorf
Austria
Contact
You can contact the company’s data protection officer at datenschutz@novogenia.com.
As a provider, we may only process personal data of visitors to our website if one of the following conditions exists as a legal basis:
If the data subject grants us consent to process personal data, Article 6 para. 1 lit. a GDPR is the legal basis.
For the processing of personal data that is necessary for fulfilling a contract to which the data subject is a party, Article 6 para. 1 lit. b GDPR is the legal basis. This also applies to processing operations that are required for carrying out pre-contractual measures.
If it is necessary to process personal data to fulfil a legal obligation to which our company is subject, Article 6 para. 1 lit. c GDPR is the legal basis.
If the vital interests of the data subject or another natural person require the processing of personal data, Article 6 para. 1 lit. d GDPR is the legal basis.
If data processing is necessary to safeguard a legitimate interest of our company or a third party, and the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the former interest, then Article 6 para. 1 lit. f GDPR is the legal basis for data processing.
The data subject’s personal data will be deleted as soon as the purpose of the storage no longer exists.
In addition, storage is permitted if this has been provided for by European or national laws or other regulations to which the data controller is subject.
The data shall also be blocked or deleted when a storage period prescribed by the aforementioned provisions expires, unless there is a need for further storage of the data for the purpose of concluding or fulfilling the contract.
When you contact us (e.g. via contact form, email, telephone or social media), your details will be processed to handle of the contact request and its processing in accordance with Article 6, par. 1 lit. b) GDPR (“pre-contractual measure”).
We will delete the requests if they are no longer required. We review this requirement every two years. The statutory archiving obligations also apply.
The legal basis for processing these data are the pre-contractual measures pursuant to Article 6, para. 1 lit. b) GDPR.
TThe internet service provider (ISP) automatically collects “log data” in server log files.
The log data shall include the following information:
• Date and time of the respective request
• Internet address (URL) requested
• URL that the visitor visited immediately before (referrer)
• Browser and language used
• Operating system which is used
• IP address and hostname of the visitor
• Access status / http status code
• Amount of data transferred in each case
This data is transmitted to us automatically and cannot be traced back to you by means of proportionate effort.
TThe legal basis for processing this data is our legitimate interest pursuant to Article 6 para. 1 (1) lit. f GDPR.
Logging is used for access control and monitoring the technical processes and their optimisation.
It is not forwarded to third parties, except to law enforcement authorities following a judicial order in the event of an incident.
The data are deleted as soon as they are no longer required for achieving the purpose for which they were collected or after the legally prescribed deletion period has been reached.
There is therefore no possibility of objection on the part of the user.
You have the right to free information about your personal data stored by us and, if applicable, the right to rectification, restriction of processing or deletion of this data. You also have the right to data portability. Finally, you also have the right to complain about our processing of your personal data. You may send your complaint to the data protection authority (Datenschutzbehörde der Republik Österreich, Barichgasse 40-42, 1030 Vienna, email: dsb@dsb.gv.at).
Please also note that you may object at any time to the future processing of your personal data in accordance with the legal provisions pursuant to Article 21 GDPR. The objection may, in particular, be made against processing for direct marketing purposes.
FIf you have any questions about the collection, processing or use of your personal data, about information, the correction, blocking or deletion of data, as well as the revocation of any consent given or the objection to a specific data use, please contact us using the following email address:
For security reasons, our website uses SSL or TLS encryption. This protects transmitted data and cannot be read by third parties. You can recognise successful encryption when the protocol name in the browser status bar changes from “http://” to “https://” and by the appearance of a closed padlock symbol.
TWe use the services of Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (“Hetzner Online”) to host our websites and have concluded a contract for order processing in accordance with Art. 28 GDPR with Hetzner for this purpose.
For more information, please see Hetzner’s privacy policy at
https://www.hetzner.de/rechtliches/datenschutz/
TThe legal basis for processing this data is our legitimate interest in the operation and preservation of the operational security of these websites in accordance with Article 6 para. 1 lit. f GDPR.
PWe use Google Web fonts. All fonts are loaded locally. No personal data will be forwarded to third parties when using the aforementioned fonts.
We use the share function on our website for social media channels:
These social media channels can be, in particular:
• Facebook
• Instagram
• Whatsapp
The information is only transmitted to the social network when you actively click on the corresponding buttons. This ensures that unwanted and automatic data transmission to the corresponding social networks does not occur even when you visit our site.
TThe legal basis for the data processing is our legitimate interest in accordance with Article 6 para. 1 lit. f GDPR, since we want to offer you an attractive website as well as various options for receiving the latest information and for interacting with us.
This website may contain links to websites operated by other companies, including, for example, social media websites such as YouTube, Vimeo, Instagram and Facebook.
If you follow such links, you may encounter cookies that are beyond our control. We cannot assume any liability for these and we refer to the data protection regulations or cookie policies of the respective websites.
To make our website attractive and to enable the use of certain functions, we use cookies. These are small text files that are stored on your end device and store certain information to be exchanges with our system.
First-party cookies – necessary cookies
These are generated by our website and are required for the error-free operation of the application. These cookies are also called session cookies or transient cookies and are automatically deleted after the end of the browser session, i.e. after the browser has closed.
Without these cookies, there is no guarantee that the website will work without error.
The legal basis for processing this data is Article 6 para. 1 (1) lit. f GDPR.
These are provided by various services (e.g. analytics services or Facebook) and store a unique identifier that your end device will recognise the next time you visit (persistent cookies).
These cookies remain on your device for a specified period of time. This duration is variable.
The legal basis for processing these data are Article 6 para. 1 (1) lit. a GDPR.
Please note that with some providers, particularly providers from the USA, it is possible that data will be transferred to the USA and processed by US authorities. The USA is considered an unsafe third country with an inadequate level of data protection under current legislation.
There is currently no adequacy decision in accordance with Article 45 GDPR, nor can suitable safeguards pursuant to Article 46 GDPR be provided.
In part, American companies have agreed to comply with the standard contractual clauses for the transfer of personal data to third countries under Directive 95/46/EC (Standard Contractual Clauses – SCC).
Please note that in the event of non-compliance with the aforementioned standard contractual clauses, the legal basis will be your express consent, pursuant to Article 49, para. 1 lit. a GDPR.
We use the consent tool “Real Cookie Banner” to manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and the related consents. For details on how “Real Cookie Banner” works, visit https://devowl.io/de/rcb/datenverarbeitung/.
The legal bases for processing personal data in this context are Article 6 para. 1 lit. c GDPR and Article 6 para. 1 lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
Provision of the personal data is neither required by contract nor necessary for concluding a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consent.
This website uses the Google Tag Manager. This service is offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
This website uses the Google Tag Manager to centrally manage and configure data collections. This service allows website tags to be managed through an interface.
The Google Tag Manager only implements tags. This means: No cookies are used and no personal data is collected.
The Google Tag Manager triggers other tags, which in turn may collect personal data.
This is hereby mentioned separately. However, the Google Tag Manager does not access this data.
This means that no data is collected or stored by the Google Tag Manager. If a deactivation has been carried out at the domain or cookie level, it remains in place for all tracking tags, insofar as they are implemented with the Google Tag Manager.
Google provides further details here:
https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/
Facebook conversion tracking, known as “Facebook pixels” of the Facebook social network, is used for the purpose of analysing and optimising our website. The provider of these services is Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If you are located in the EU, the provider of the services is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter “Facebook”).
By using the Facebook pixel, Facebook can identify and determine the visitors to our website as a potential target group for the display of ads (“Facebook ads”). We use the Facebook pixel to display the Facebook ads enabled by us only to those Facebook users who have also shown an interest in our website or who have certain characteristics (interests determined on the basis of visited websites, etc.). We transmit this information to Facebook, thereby forming “custom audiences”. By using the Facebook pixel, we want, above all, to ensure that our Facebook ads match the potential interest of visitors and are not perceived as a nuisance. By using the Facebook pixel, we can track the effectiveness of the Facebook ads statistically and for the purpose of market research. We analyse whether visitors are redirected to our website after clicking on a Facebook ad, i.e. whether a conversion takes place.
Please note that with some providers, particularly providers from the USA, it is possible that data will be transferred to the USA and processed by US authorities. The USA is considered an unsafe third country with an inadequate level of data protection under current legislation.
There is currently no adequacy decision in accordance with Article 45 GDPR, nor can suitable safeguards pursuant to Article 46 GDPR be provided.
General information about the processing of data by Facebook is available here https://www.facebook.com/policy.php.
Further information and details on the Facebook pixel can be found here:www.facebook.com/business/help/742478679120153
You can object to the Facebook pixel collecting your data, and to the use of your data to display Facebook ads. To configure the types of ads you see within Facebook, you can access the page set up by Facebook and follow the instructions on the settings of usage-based ads: https://www.facebook.com/settings?tab=ads . The settings are platform-independent, meaning they are applied to all devices, such as desktop computers and mobile devices.
The legal basis for processing this data is your consent, pursuant to Article 6, para. 1 lit. a GDPR as well as your explicit consent, pursuant to Article 49, para. 1 lit. a GDPR.
TOur website uses YouTube functions. When you visit our website, a connection to YouTube’s servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you give YouTube the opportunity to associate your user behaviour directly with your personal YouTube profile. You can avoid this by logging out of your YouTube account.
We have no knowledge of the further processing or the storage period.
The operator of the service is Google LLC, D/B/A YouTube, 901 Cherry Ave., San Bruno, CA 94066, USA.
Please note that with some providers, particularly providers from the USA, it is possible that data will be transferred to the USA and processed by US authorities. The USA is considered an unsafe third country with an inadequate level of data protection under current legislation.
There is currently no adequacy decision in accordance with Article 45 GDPR.
However, Google has undertaken to comply with the standard contractual clauses for the transfer of personal data to third countries under Directive 95/46/EC (Standard Contractual Clauses – SCC).
For more information on the standard contractual clauses, see
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_deand https://policies.google.com/privacy/frameworks?hl=de
For more information on how YouTube handles user data, please see YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy
Legal basis
The legal basis for processing this data is your consent, pursuant to Article 6, para. 1, lit. a GDPR.