Privacy Policy
I. Overview
If we welcome you as a customer or business partner, please read from point III.
If you visit our website, please read from point II.
II. What data do we process if you visit our website?
Welcome on our website https://www.smartreportorganizer.com/! lease get a picture of how we process your personal data when you visit our website (Art 13, Art 14 GDPR; section 165 (2) Austrian Telecommunication Act („TKG“)). When using our website, the following data may be processed:
- Browser Type,
- Operating System,
- Country,
- Date,
- Time and duration of access,
- IP address [1] and pages visited on our website including entry and exit pages,
- E-mail address,
- Payment data,
- Phone number,
- Postal address,
- Data in the course of registration.
The processing of this data is necessary to manage the security of the operation of the website and to ensure the functionality of the website from a technical point of view. The collection of this data is partly carried out via technical cookies. These technical cookies are only used to the extent necessary section 165 (2) TKG). The processing of this data is justified by our legitimate interest in operating our website (Art 6 para 1 lit f GDPR). For the operation of our website, it may be necessary for us to disclose your data to the following recipients:
Recipient of Data | Purpose of Data Processing | Legal Justification for Data Processing | Seat of Data Recipient | Reasoning for Legal Data Transfer |
---|---|---|---|---|
Hetzner Online GmbH | Website-Hosting | Legitimate Interest (Art 6 Abs 1 lit f GDPR) Data processing agreement pursuant to Art 28 GDPR | Germany | Within the EAA |
Mouseflow ApS Please see their privacy policy: https://mouseflow.com/de/gdpr/ |
Website analysis tool - analysis of click behavior on the website | Consensus (Art 6 Abs 1 lit a GDPR) | Denmark | Within the EAA |
PayPal, Inc Please see their privacy policy: https://www.paypal.com/at/webapps/mpp/ua/privacy-full |
Online-Payment-Provider | Contractual obligation (Art 6 Abs 1 lit b GDPR) | USA |
Standard data protection clauses pursuant to Art. 46 (2) lit c GDPR or contract performance according to Art 49 (1) lit b GDPR |
Alphabet Inc Google Analytics, Youtube, Google Ads For more information, please see: Privacy Policy – Privacy & Terms – Google |
Statistical analysis Video-Provider Advertising purposes |
Consensus (Art 6 Abs 1 lit a GDPR) | USA |
Standard data pro-tection clauses pur-suant to Art. 46 (2) lit c GDPR or contract perfor-mance according to Art 49 (1) lit b GDPR |
Intuition Machines, Inc hCaptcha (Bot protection) For more information, please see: hCaptcha's Privacy Policy and hCaptcha's Terms of Service |
Protection against automated access and abuse (Bot protection) | Legitimate Interest (Art 6 Abs 1 lit f GDPR) | USA | Standard contractual clauses pursuant to Art. 46 (2) lit c GDPR |
Facebook Ireland Ltd. Facebook Inc (Meta) Please see thei privacy policy: https://www.facebook.com/about/privacy |
Social-Media-Provider | Consensus (Art 6 Abs 1 lit a GDPR) | USA |
Standard data pro-tection clauses pur-suant to Art. 46 (2) lit c GDPR or contract perfor-mance according to Art 49 (1) lit b GDPR |
II.1. Overview of technical cookies
The above data is stored via so-called "cookies"[2]. Cookies are text files that are stored on your terminal device (cell phone, computer) and enable an analysis of the use of the website. They are used for recognition and storage of tempo-related data of the website visitor. We only use cookies to the extent necessary to communicate with you via the website. These technical cookies are activated as soon as you visit our website. The following cookies are used on the basis of our predominantly legitimate interest (Art 6 para 1 lit f GDPR) in our website:
Name of cookie | Purpose | Duration of storage | Location of recipient |
---|---|---|---|
dzEuCookieConsent | Used to store your selected cookie consent. | 365 days | Austria |
dzLanguageSelection | Used to save the language selected by the user. | 365 days | Austria |
ASP.NET_SessionId | This cookie creates an anonymous "session" that allows the website to respond to your requests. | Session | Austria |
__RequestVerificationToken | This cookie is used to prevent, by means of an assigned ID, unauthorized content from being published on the website (cross-site request forgery). | Session | Austria |
II.2. Overview of „Advertising-Cookies“
In addition to the "technical cookies" described above, we also use so-called advertising cookies (including "statistical cookies"). These advertising cookies allow us to better understand and evaluate your interests. With the help of the advertising cookies, we can merge your "surfing behavior" across the boundaries of our website with data from other websites. This is to enable us to better understand the interests of our homepage visitors and to target them more effectively. We respect that not every visitor to the website wants this. Therefore, we only process your data in the course of advertising cookies if you consent to this (Art 6 para 1 lit a GDPR). You can revoke this consent at any time, whereby the data processing carried out until the time of revocation remains justified. Currently, the following advertising cookies are used:
Name of cookie | Purpose | Duration of storage | Location of recipient | Purpose of cookie |
---|---|---|---|---|
_ga (Google) |
Statistical purposes | 6 months | USA | Registers a unique ID that is used to generate statistical data about it. |
_gat (Google) |
Statistical purposes | 1 day | USA | Used by Google Analytics to limit the request rate. |
_gid (Google) |
Statistical purposes | 1 day | USA | Registers a unique ID that is used to generate statistical data about who uses the website again. |
_fbp fr (Facebook) |
Marketing purposes | 3 months | USA | Used by Facebook to offer customized product advertising to the visitor. |
mf_user mf_[website-id] |
Marketing purposes | 3 months | Denmark | This website uses Mouseflow, a web analytics tool provided by Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark. The purpose of data processing is to analyze this website and its visitors. For this purpose, data is collected and stored for marketing and optimization purposes. |
III. For what purposes do we process your data, when we are in a business relationship?
In the course of our business relationship with customers and business partners, we process data on the basis of contractual (processing of the contractual relationship with you, pre-contractual obligations, billing for services, dispatch of documents, communication for the processing of the contract) and legal obligations (legally required storage within the meaning of section 132 BAO); (Art 6 para 1 lit b and c GDPR) as well as on the basis of our legitimate interests or on the basis of legitimate interests of third parties (Art 6 para 1 lit f GDPR), namely:
- for the purpose of internal administration and management of your business case to the extent required (e.g.: Processing your business case, forwarding your business case to various departments, filing, archiving purposes, correspondence with you);
- for direct marketing purposes (e.g.: Mailing, e-mailing, satisfaction surveys, congratulatory letters, statistical analysis);
We would like to inform you explicitly that you can object to the processing of your data for the purpose of direct advertising
- assertion and defense of legal claims
in each case to the extent necessary. The processing of your data serves the initiation, maintenance and handling of our business relations. If you do not provide us with this data, we will unfortunately not be able to process your business case. In addition, personal data may be transferred to our order processors (within the meaning of Art 4 number 8 GDPR). These processors are listed under point V. If applicable, we process your data based on your voluntary, explicit consent (Art 6 para 1 lit a GDPR).
IV. How long do we store your data?
We will only store your data for as long as is necessary for the purposes for which we collected your data. In this context, statutory retention obligations must be taken into account (for example, for reasons of tax law, contracts and other documents from our contractual relationship must generally be retained for a period of seven years section 132 BAO)). In justified individual cases, such as for the assertion and defense of legal claims, we may also store your data for up to 30 years after termination of the business relationship. We store data of interested parties for up to three years from the date of the last contact by the interested party.
V. Who may receive your data?
In the course of our business relationship, it may be necessary for us to transmit your data to the following recipients:
Recipient | Purpose | Legal reasoning | Location | Reasoning for legal data transfer |
---|---|---|---|---|
Auditor and tax consultant | Tax and business advisory | Contractual obligation (Art 6 (1) lit b GDPR) | Austria | Within the EAA |
Banks | Payment services | Contractual obligation (Art 6 (1) lit b GDPR) | Within the EAA | Within the EAA |
Attorney at law | Pursuit and defense of legal claims |
Contractual obligation (Art 6 (1) lit b GDPR) Legitimate interest (Art 6 (1) lit f GDPR) |
Austria | Within the EAA |
VI. Collection of data from other sources (Art 14 GDPR)
In the course of a business relationship or the initiation thereof, it is naturally necessary to conduct research on the business partner. This is done exclusively to the extent required for this purpose. In this context, data may be retrieved and processed from the following source:
Our company receives no data from outside sources.
VII. Does automated decision-making or profiling take place (Art 13 (2) lit f GDPR)?
No automated decision-making or profiling takes place in our company.
VIII. What are your rights under the GDPR?
We would like to inform you that, provided the legal requirements are met:
- Have the right to request information about which of your data is processed by us (see in detail Art 15 GDPR).
- You have the right to request the correction or completion of incorrect or incomplete data concerning you (see in detail Art 16 of the GDPR).
- Have the right to have your data deleted (see in detail Art 17 GDPR).
- Have the right to object to processing of your data that is necessary to protect our legitimate interests or those of a third party (see in detail Art 21 GDPR). This applies in particular with regard to the processing of your data for advertising purposes.
- Have the right to receive the transfer of the data you have provided in a structured, common and machine-readable format.
If we process your data on the basis of your consent, you have the right to revoke this consent at any time by e-mail. This does not affect the lawfulness of the data processing carried out up to this point (Art 7 (3) GDPR).
IX. Do you have a right to complain?
If, contrary to expectations, there is a violation of your right to lawful processing of your data, please contact us by mail or e-mail. We will make every effort to process your concerns promptly. However, you also have the right to lodge a complaint with the supervisory authority for data protection matters responsible for you. The address of the Austrian data protection authority is:
Austrian Data Protection AuthorityBarichgasse 40-42,
1030 Vienna
AUSTRIA
X. How can you get in contact with us?
If you have any further questions about the processing of your data, please feel free to contact our data protection coordinator using the contact details below.
XI. Controller
The controller in terms of Art 4 number 7 GDPR is:
Gilbert ZimmermannUnterer Aubachweg 35
6300 Wörgl
AUSTRIA
Email: contact@smartreportorganizer.com
XII. Further listings and information
hCaptcha
We use the hCaptcha security service (hereinafter "hCaptcha") on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation ("IMI"). hCaptcha is used to check whether user actions on our online service (such as submitting a login or contact form) meet our security requirements. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled. For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI. hCaptcha analysis in the "invisible mode" may take place completely in the background. Website or app visitors are not advised that such an analysis is taking place if the user is not shown a challenge. Data processing is based on Art. 6(1)(b) of the GDPR: the processing of personal data is necessary for the performance of a contract to which the website visitor is party (for example, the website terms) or in order to take steps at the request of the website visitor prior to entering into a contract. Our online service (including our website, mobile apps, and any other apps or other forms of access offered by us) needs to ensure that it is interacting with a human, not a bot, and that activities performed by the user are not related to fraud or abuse. In addition, processing may also be based on Art. 6(1)(f) of the GDPR: our online service has a legitimate interest in protecting the service from abusive automated crawling, spam, and other forms of abuse that can harm our service or other users of our service. IMI acts as a "data processor" acting on behalf of its customers as defined under the GDPR, and a "service provider" for the purposes of the California Consumer Privacy Act (CCPA). For more information about hCaptcha’s privacy policy and terms of use, please visit the following links: https://www.hcaptcha.com/privacy and https://www.hcaptcha.com/terms