Privacy Policy
The following policy is translated from the original German version. Only the German version is legally binding; this translation is provided for information purposes only.
Introduction and Overview
We have written this privacy policy (version 06/21/2021-111766562) to explain to you according to the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (short data) we as controllers and the processors we commission (e.g., providers) process, will process in the future, and what legitimate options you have. The terms used are to be understood as gender-neutral.
In short: We inform you comprehensively about the data we process about you.
Privacy policies usually sound very technical and use legal terms. This privacy policy, on the other hand, aims to describe the most important things to you as simply and transparently as possible. As far as transparency is beneficial, technical terms are explained in a reader-friendly way, links to further information are provided, and graphics are used. We inform you in clear and simple language that we only process personal data within the scope of our business activities when a relevant legal basis is in place. This is certainly not possible if one gives as brief, unclear, and legally technical explanations as are often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps there is one or another piece of information that you did not already know.
If you still have questions, we would like to ask you to contact the responsible contact points mentioned below or in the imprint, follow the available links, and view additional information on third-party sites. Of course, you will also find our contact details in the imprint.
Scope of Application
This privacy policy applies to all personal data processed by us in the company and for all personal data that companies commissioned by us (processors) process. By personal data, we mean information pursuant to Art. 4 No. 1 GDPR, such as a person's name, email address, and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this privacy policy includes:
all online presences (websites, online shops) that we operate
social media presences and email communication
mobile apps for smartphones and other devices
In short: The privacy policy applies to all areas where personal data is processed within the company through the mentioned channels. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.
Legal Bases
In the following privacy policy, we provide transparent information on the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation, which allow us to process personal data. Regarding EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course read this EU General Data Protection Regulation online on EUR-Lex, the access to EU law, at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679.
We only process your data if at least one of the following conditions is met:
Consent (Article 6 paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be storing your entered data from a contact form. Contract (Article 6 paragraph 1 lit. b GDPR): To fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we need personal information in advance. Legal obligation (Article 6 paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting. These typically contain personal data. Legitimate interests (Article 6 paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data to operate our website safely and economically efficiently. This processing is thus a legitimate interest. Other conditions such as the performance of tasks carried out in the public interest or the exercise of official authority and the protection of vital interests generally do not apply to us. If such a legal basis should be relevant, it will be indicated at the appropriate place.
In addition to the EU regulation, national laws also apply:
In Austria, this is the Federal Act for the Protection of Natural Persons with regards to the Processing of Personal Data (Data Protection Act), abbreviated as DSG. In Germany, the Federal Data Protection Act applies, abbreviated as BDSG. If additional regional or national laws are applicable, we will inform you in the following sections.
Contact Information of the Responsible Party
If you have any questions about data protection, you can find the contact details of the responsible person or entity below: Ahoi Kapptn FlexCo Industriezeile 35, 4020 Linz Authorized representatives: Philipp Baldauf, Gregor Pichler, Simon Kapl, Philipp Jahoda Email: ahoi@ahoikapptn.com Phone: +43 677 612 791 77 Imprint: https://ahoikapptn.com/impressum
Retention Period
As a general criterion, we only store personal data for as long as is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as the reason for data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased, for example, for accounting purposes.
If you wish for your data to be deleted or revoke consent for data processing, the data will be deleted as quickly as possible, and as long as there is no obligation to retain it.
We inform you further down about the specific duration of the respective data processing, provided we have more information on this.
Rights under the General Data Protection Regulation
According to Article 13 GDPR, you have the following rights, so that data is processed fairly and transparently:
According to Article 15 GDPR, you have the right to know whether we are processing data about you. If applicable, you have the right to obtain a copy of the data and the following information: for which purpose we are conducting the processing; the categories, i.e., the types of data being processed; who receives this data and if the data is transferred to third countries, how security can be guaranteed; how long the data is stored; the existence of the right to rectification, deletion, or restriction of processing and the right to object against the processing; that you can complain to a supervisory authority (links to these authorities can be found below); the source of the data if we did not collect it from you; whether profiling is conducted, meaning, whether data are automatically evaluated to create a personal profile about you. According to Article 16 GDPR, you have a right to rectification, which means that we must correct data if you find errors. According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which means concretely that you may request the deletion of your data. According to Article 18 GDPR, you have the right to restriction of processing, meaning that we may only store the data but not use it further. According to Article 19 GDPR, you have the right to data portability, meaning we provide your data in a common format upon request. According to Article 21 GDPR, you have a right to object, which brings with it a change in processing upon enforcement. If the processing of your data is based on Article 6 para. 1 lit. e (public interest, exercise of official authority) or Article 6 para. 1 lit. f (legitimate interest), you can object to the processing. We then promptly assess whether we can legally comply with this objection. If data is used for direct marketing, you can object to this type of processing at any time. We may not use your data for direct marketing thereafter. If data is used for profiling, you can object to this type of data processing at any time. We may not use your data for profiling thereafter. According to Article 22 GDPR, you have, under certain circumstances, the right not to be subject to a decision based solely on automated processing (for example, profiling). If you believe that the processing of your data violates data protection law or if your data protection rights have otherwise been infringed, you may lodge a complaint with the supervisory authority. This in Austria is the Data Protection Authority, whose website you can find at https://www.dsb.gv.at/, and in Germany, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
In short: You have rights – do not hesitate to contact the responsible contact point listed above at our place!
Data Transfer to Third Countries
We only transfer or process data in countries outside the EU (third countries) if you consent to this processing, it is legally required, or contractually necessary, and in any case only as far as it is generally allowed. Your consent is in most cases the most important reason we have data processed in third countries. The processing of personal data in third countries such as the USA, where many software manufacturers offer services and have their server locations, may mean that personal data is processed and stored in unexpected ways.
We expressly point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. Data processing by US services (such as Google Analytics) may mean that data is processed and stored in a non-anonymized manner. Furthermore, US government authorities may have access to certain data. Additionally, data collected may be linked with data from other services of the same provider if you have a corresponding user account. We attempt to use server locations within the EU, as far as this is offered.
We inform you at the appropriate places in this privacy policy in more detail about data transfer to third countries, if applicable.
Communication
Communication Summary
👥 Affected: All those who communicate with us by phone, email, or online form 📓 Processed data: e.g., phone number, name, email address, entered form data. More details can be found with the respective contact methods used 🤝 Purpose: Handling communication with customers, business partners, etc. 📅 Retention period: Duration of the business case and legal regulations ⚖️ Legal bases: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR (contract), Art. 6 para. 1 lit. f GDPR (legitimate interests) If you contact us and communicate through phone, email, or online form, personal data may be processed.
The data is processed for the handling and processing of your inquiry and the related business transaction. The data is stored for as long as necessary, or as long as required by law.
Individuals Concerned
The mentioned operations affect all those who seek contact with us through the communication channels we provide.
Phone
If you call us, call data is pseudonymized on the respective device and with the telecommunication provider used. Furthermore, data such as name and phone number can be sent by email and stored for query response. The data is deleted as soon as the business case has ended and legal requirements permit.
If you communicate with us via email, data may be stored on the respective device (computer, laptop, smartphone,…) and data storage may occur on the email server. The data is deleted as soon as the business case has ended and legal requirements permit.
Newsletter
For sending our newsletter, we use the service MailerLite, which is operated by MailerLite Limited, Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593, Ireland. When you subscribe to our newsletter, the data you provide (e.g., email address, name) will be transmitted to and processed by MailerLite. MailerLite enables us to organize and evaluate newsletter distribution statistically, e.g., by tracking open and click rates. For more information on privacy at MailerLite, please visit their website. You can unsubscribe from our newsletter at any time by using the unsubscribe link in every newsletter email or by directly contacting us.
Online Forms
If you communicate with us using an online form, data will be stored on our web server and possibly forwarded to an email address of ours. The data is deleted as soon as the business case has ended and legal requirements permit.
Legal Bases
The processing of data is based on the following legal bases:
Art. 6 para. 1 lit. a GDPR (consent): You give us consent to store and use your data further for business-related purposes; Art. 6 para. 1 lit. b GDPR (contract): It is necessary to fulfill a contract with you or a processor such as the telecommunication provider, or we need to process the data for pre-contractual activities, such as preparing an offer; Art. 6 para. 1 lit. f GDPR (legitimate interests): We want to conduct customer inquiries and business communications in a professional framework. To do this, certain technical facilities such as email programs, exchange servers, and mobile operators are necessary for efficient communication.
Web Hosting
Web Hosting Summary
👥 Affected: Visitors to the website 🤝 Purpose: professional hosting of the website and securing the operation 📓 Processed data: IP address, time of website visit, browser used, and other data. More details can be found further down or with the respective web hosting provider. 📅 Retention period: dependent on the respective provider, but usually 2 weeks ⚖️ Legal bases: Art. 6 para. 1 lit.f GDPR (legitimate interests)
What is web hosting?
When you visit websites today, certain information – including personal data – is automatically created and stored, as is the case on this website. These data should be processed as sparingly and with as much justification as possible. By website, we mean the entirety of all web pages on a domain, i.e., everything from the homepage to the very last sub-page (like this one). By domain, we mean, for example, example.com or example.org.
When you view a website on a screen, you use a program called a web browser. You are probably familiar with some web browsers like Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari.
This web browser must connect to another computer where the code of the website is stored: the web server. Running a web server is a complicated and elaborate task, which is why it is usually handled by professional providers. These providers offer web hosting and ensure reliable and error-free storage of website data.
When connecting from your computer (desktop, laptop, smartphone) and during the transmission of data to and from the web server, personal data can be processed. On one hand, your computer stores data, and on the other hand, the web server must store data for a period to ensure proper operation.
Why do we process personal data?
The purposes of data processing are:
Professional hosting of the website and securing the operation to maintain operational and IT security Anonymous evaluation of access behavior to improve our offer and, if necessary, for legal prosecution or claims assertion What data is processed?
Also, while you are visiting our website right now, our web server, which is the computer on which this website is stored, usually automatically stores data such as
the complete internet address (URL) of the accessed web page (e.g., https://www.examplewebsite.com/example-subpage.html?tid=111766562) Browser and browser version (e.g., Chrome 87) the operating system used (e.g., Windows 10) the address (URL) of the previously visited page (Referrer URL) (e.g., https://www.example-source-site.com/fromwhereicame.html/) the hostname and IP address of the device from which access is made (e.g., COMPUTERNAME and 194.23.43.121) Date and time in files, the so-called web server log files How long is data stored?
Generally, the above-mentioned data are stored for two weeks and then automatically deleted. We do not pass this data on, but we cannot exclude that these data might be viewed by authorities in the event of unlawful behavior.
In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not pass on your data without consent!
Legal Basis
The legality of processing personal data in the context of web hosting results from Art. 6 para. 1 lit. f GDPR (protection of legitimate interests), since the use of professional hosting by a provider is necessary to present the company safely and user-friendly on the internet and to be able to follow up on attacks and claims arising from it where applicable.
Events
If you participate in events by Ahoi Kapptn!, you agree to the processing of your registration data. These are name, email, company, and other event-specific details. During the event, photo and video recordings are made that may be used for marketing purposes by Ahoi Kapptn!. By participating in the event, you consent to the publication of such recordings. If you do not want to be photographed or filmed, please inform our team on site.
SalesViewer®
Use of the SalesViewer® Technology:
On this website, data for marketing, market research, and optimization purposes is collected and stored using the SalesViewer® technology of SalesViewer® GmbH based on the legitimate interests of the website operator (Art. 6 para. 1 lit.f GDPR).
For this purpose, a javascript-based code is used, which serves to collect company-related data and the corresponding use. The data collected using this technology are encrypted via a non-reversible one-way function (so-called hashing). The data is immediately pseudonymized and is not used to personally identify the visitor to this website.
The data stored within SalesViewer is deleted once it is no longer needed for its intended purpose, and there are no legal retention obligations that oppose deletion.
The collection and storage of data can be objected to at any time with effect for the future, by clicking on this link https://www.salesviewer.com/opt-out to prevent the capture by SalesViewer® within this website for the future. In this case, an opt-out cookie for this website will be placed on your device. If you delete your cookies in this browser, you will need to click this link again.
Cookies
Cookies Summary
👥 Affected: Visitors to the website 🤝 Purpose: depending on the respective cookie. More details can be found further down or with the software provider setting the cookie. 📓 Processed data: depends on the respective cookie used. More details can be found further down or with the software provider setting the cookie. 📅 Retention period: dependent on the respective cookie, can range from hours to years ⚖️ Legal bases: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit.f GDPR (legitimate interests)
What are cookies?
Our website uses HTTP cookies to store user-specific data. In the following, we explain what cookies are and why they are used so you can better understand this privacy policy.
Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser called cookies.
One thing is undeniable: cookies are really useful little helpers. Almost all websites use cookies. More specifically, these are HTTP cookies since there are also other cookies for other application areas. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, basically the "brain" of your browser. A cookie consists of a name and a value. In defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your default settings. In some browsers, each cookie has its own file, while in others such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie is individually rated as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to several years. Cookies are not software programs and do not contain viruses, trojans, or other "pests." Cookies also cannot access information on your PC.
Here's what cookie data might look like:
Name: _ga Value: GA1.2.1326744211.152111766562-9 Use: Differentiation of website visitors Expiry Date: after 2 years
These minimum sizes should be supported by a browser:
At least 4096 bytes per cookie At least 50 cookies per domain At least 3000 cookies in total What types of cookies are there?
The question of which cookies we specifically use depends on the services used and is clarified in the following sections of the privacy policy. Here, we briefly want to explain the different types of HTTP cookies.
One can distinguish 4 types of cookies:
Essential Cookies These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, surfs on other pages, and later goes to the checkout. Through these cookies, the cart is not deleted even if the user closes their browser window.
Functional Cookies These cookies collect information about user behavior and whether the user encounters any errors. Furthermore, these cookies measure the loading time and behavior of the website on different browsers.
Goal-Oriented Cookies These cookies provide better user-friendliness. For example, entered locations, font sizes, or form data are stored.
Advertising Cookies These cookies are also called targeting cookies. They are used to deliver tailored advertising to the user. This can be very handy, but also very annoying.
Usually, when you first visit a website, you will be asked which types of cookies you would like to allow. And of course, this decision is also stored in a cookie.
If you want to learn more about cookies and do not mind technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments by the Internet Engineering Task Force (IETF) titled "HTTP State Management Mechanism."
Purpose of processing through cookies
The purpose ultimately depends on the respective cookie. More details can be found further down or with the software provider setting the cookie.
What data is processed?
Cookies are small aides for many different tasks. Unfortunately, you cannot generalize which data is stored in cookies, but we will inform you about the data processed or stored within the context of this privacy policy.
Retention period of cookies
The retention period depends on the respective cookie and is specified further below. Some cookies are deleted after less than an hour, others can remain stored on your computer for several years.
Moreover, you have influence over the retention period. You can manually delete cookies at any time using your browser (see also the "Right to object" below). Furthermore, cookies that are based on consent are deleted at the latest after withdrawal of your consent, with the legality of storage up to that point remaining unaffected.
Right to object – how can I delete cookies?
You decide for yourself how and whether you want to use cookies. No matter from which service or website the cookies originate, you always have the option to delete, deactivate, or allow cookies only partially. For instance, you can block third-party cookies but allow all other cookies.
If you wish to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can do so in your browser settings:
Chrome: Delete, activate, and manage cookies in Chrome
Safari: Manage cookies and website data with Safari
Firefox: Delete cookies to remove information that websites have placed on your computer
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete and manage cookies
If you generally do not want to have cookies, you can set your browser so that it always informs you when a cookie is about to be set. Thus, you can decide case by case whether you allow the cookie or not. The procedure varies depending on the browser. It is best to find the instructions in Google with the search term "delete cookies Chrome" or "deactivate cookies Chrome" in the case of a Chrome browser.
Legal basis
Since 2009, there are the so-called "cookie directives." These stipulate that storing cookies requires your consent (Article 6 para. 1 lit. a GDPR). However, there are still very different reactions to these directives within EU countries. In Austria, however, this directive was implemented in § 96 (3) of the Telecommunications Act (TKG). In Germany, the cookie directives were not implemented as national law. Instead, they were largely implemented in § 15 (3) of the Telemedia Act (TMG).
For necessary cookies, even where no consent exists, legitimate interests (Article 6 para. 1 lit. f GDPR) are present, which are mostly economic in nature. We want to provide visitors to the website with a pleasant user experience, and certain cookies are often necessary for this.
Where non-essential cookies are used, this happens only with your consent. The legal basis is in this respect Art. 6 para. 1 lit. a GDPR.
In the following sections, you will be more precisely informed about the use of cookies where applicable software uses cookies.
All texts are copyrighted.
Source: Created with the Data Protection Generator from AdSimple