This Data Privacy Statement informs you of the type, scope and purpose of the processing of personal data (hereinafter referred to in brief as “data”) within our website and the associated websites, functions and content as well as external online presences, such as our social media profile (hereinafter referred to collectively as “website content”). With regard to the terms used, such as “processing” or “controller” we refer to the definitions in Article 4 of the General Data Protection Regulations (GDPR).


Martin Dobler

Wingertstrasse 6

6824 Schlins

Tel +43 660 677 59 18

Link to Legal Notice:

Types of data processed:

– Master data (e.g. names, addresses).
– Contact data (e.g. e-mail, telephone numbers).
– Content data (e.g. text input, photographs, videos)
– Usage data (e.g. websites visited, interest in content, access times)
– Meta-/communication data (e.g. device information, IP addresses)

Purpose of processing

– Provision of the website content, its functions and content
– Responding to contact inquiries and communication with users
– Security measures.
– Reach measurement/marketing

Terms used

“Personal data” refers to all information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data. The term is wide-reaching and encompasses practically every form of data handing.

“Controller” is the term used for the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Relevant legal basis

Pursuant to Article 13 GDPR we inform you of the legal basis of our date processing. Unless the legal basis is specified in the Data Privacy Statement, the following shall apply: The legal basis of the obtaining of consent is Article 6 (1)(a) and Article 7 GDPR, the legal basis for processing serving to fulfil our performance obligations and execute contractual measures as well as responding to inquiries is Article 6 (1)(b) GDPR, the legal basis for processing serving to fulfil our legal obligations is Article 6 (1)(c) GDPR, and the legal basis for processing for purposes of our legitimate interests is Article 6 (1)(f) GDPR. For the event that vital interests of the data subject or any other natural person require the processing of personal data, the legal basis shall be Article 6 (1)(d) GDPR.

Security measures

We would ask you to check the content of our Data Privacy Statement on a regular basis. We adapt the Data Privacy Statement as soon as changes occurring in the data processing carried out by us so require. We will inform you as soon as the changes require cooperation on your part (e.g. consent) or any other individual notification is required.

Cooperation with processors and third parties

Where, in the context of our processing, we disclose data to other persons and enterprises (processors or third parties), send these to same or permit access to the data in any other way, this shall be carried out on the basis of statutory consent (e.g. when the transfer of data to third parties, such as payment service providers, is necessary pursuant to Article 6 (1)(b) GDPR), you have provided consent, a legal obligation applies or on the basis of our legitimate interests (e.g. when deploying agents, web hosts, etc.).

Where we engage third parties with the processing of data on the basis of what is known as a “data processing agreement”, this ensues on the basis of Article 28 GDPR.

Transfers to third countries

Where we process data in a third country (i.e. outside of the European Union (EU) or the European Economic Area (EEA)) or where this occurs in the context of availing of third-party services or disclosure or transfer of data to third parties, this shall ensue only where it is necessary for meeting our (pre)contractual obligations, on the basis of your consent, as the result of a legal obligation or on the basis of our legitimate interests. Subject to statutory or contractual consent, we process data in third countries, or have data processed in third countries only when the special prerequisites of Article 44 et seq. GDPR have been met. This means that the processing ensues, e.g. on the basis of special guarantees such as officially-recognised determination of a level of data protection commensurate with that in the EU (e.g. for the USA by the “Privacy Shield”) or the observance of officially-recognised special contractual obligations (what are known as “standard contractual clauses”).

Rights of data subjects

You have the right to request confirmation on whether your data is being processed and to information on this data as well as further information and copies of the data pursuant to Article 15 GDPR.

Pursuant to Article 16 GDPR, you have the right to request completion of incomplete data or the rectification of inaccurate data referring to you.

Pursuant to Article 17 GDPR, you have the right to obtain the immediate erasure of relevant data, or, alternatively, pursuant to Article 18 GDPR, to obtain the restriction of processing of the data.

You have the right, pursuant to Article 20 GDPR, to receive the data you have provided to us and to transmit this data to another controller.

Furthermore, pursuant to Article 77 GDPR, you have the right to lodge a complaint with the responsible supervisory authority.

Right of withdrawal

Pursuant to Article 7 (3) GDPR, you have the right to withdraw consent with effect for the future.

Right to object

You can object, at any time, to the future processing of your personal data according to Article 21 GDPR. In particular, you can object to the processing for the purpose of direct marketing.

Cookies and right of objection to direct marketing

“Cookies” are small text files stored on the users’ computers. Within the cookies, a variety of data can be stored. A cookie serves primarily to store information on the user (or the device on which the cookie is stored) during their visit within a website. Temporary cookies or session cookies are the terms used for cookies which are deleted as soon as the user leaves the website content and closes their browser. A cookie of this kind can be stored, for example, the content of the shopping basket in an online shop or a login status. “Permanent” or persistent” cookies are cookies which remain stored after the browser has been closed. This allows, for example, the login status to be stored for when the user returns after a number of days. Similarly, these cookies can also store information on the user’s interests which can be used for reach measurement or marketing purposes. Third-party cookies are cookies offered by providers other than the controller operating the website content (otherwise, these cookies are referred to as “first-party cookies”).

We can use temporary and permanent cookies and provide information on same within the framework of our Data Privacy Statement.

Users who do not wish cookies to be stored on their computers are asked to deactivate the relevant options in the system settings on their browsers. Stored cookies can be deleted in the browser’s system settings. The blocking of cookies can lead to a restriction of the functions in this website content.

It is possible to declare a general objection to the use of cookies for the purpose of online marketing with a number of services, above all in the case of tracking, via the US website the EU website Furthermore, the storage of cookies can be prevented by deactivation in the browser settings. Please note that this may hinder the use of all functions of this website content.

Deleting data

The data processed by us are deleted pursuant to Article 17 and 18 GDPR or their processing restricted. Unless expressly stated otherwise in the context of this Data Privacy Statement, the data we store will be deleted as soon as they are no longer necessary for the purpose for which they were intended and no statutory retention obligations prevent their deletion. If the data are not deleted because they are required for other, legitimate purposes, the processing will be restricted. This means the data will be blocked and processed for other purposes. This shall apply, for example, for data which must be retained for reasons relating to trade law or tax law.

According to the statutory stipulations in Austria, the retention period is seven years pursuant to Section 132, Sub-section 1 BAO (accounting records, receipts/invoices, accounts, supporting documents, business documents, list of earnings and expenses, etc.), 22 years in relation to real estate and 10 years for documents relating to services provided by electronic means, telecommunications, radio and TV services rendered to non-business customers in EU Member States and for which the mini One Stop Shop (MOSS) regulation was availed of.


The hosting service we avail of serves to provide the following: Infrastructure and platform services, computing capacity, storage space and data bank services, security services and technical maintenance services, which we use for the purpose of operating this website.

We or our hosting provider process master data, contact data, content data, contract data, usage data, meta and communication data from customers, prospective customers and visitors to this website on the basis of our legitimate interest in efficient and secure provision of this website content pursuant to Article 6 (1)(f) GDPR in conjunction with Article 28 GDPR (conclusion of data processing agreement).

Collection of access data and log files

On the basis of our legitimate interests within the meaning of Article 6 (1)(f) GDPR, we or our hosting provider collects data on each event of access to the server on which this service is located (what are known as server log files). This access data includes the name of the website viewed, file, date and time of the viewing, data volume transferred, report on successful viewing, browser type and version, the user’s operating system, referrer URL (the website previously visited), IP address and the requesting provider.

For security reasons (e.g. for the investigation of acts of abuse or fraud), log file information is stored for the maximum duration of seven days and then deleted. Data requiring further retention for evidence purposes constitute an exception and are retained until the respective incident has been fully investigated.


Administration, financial accounting, office organisation, contact administration

We process data in the context of administrative duties and the organisation of our enterprise, financial accounting and compliance with statutory obligations, such as, for example, archiving. In this context, we process the same data as that which we process within the framework of providing our contractual services. The processing is based on Article 6 (1)(c) GDPR and Article 6 (1)(f) GDPR. The processing relates to customers, prospective customers, business partners and visitors to our website. The purpose of the processing and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e. tasks which serve the maintenance of our business activities, fulfilling of our obligations and rendering of our services. The deletion of data regarding contractual performance and the contractual communication corresponds to the details stipulated in these.

In this context, we disclose or transfer data to the Tax Authorities, advisors such as tax consultants or auditors and to further billing centres and payment service providers.

Furthermore, on the basis of our business interests, we store data on suppliers, organisers and other business partners, e.g. for the purpose of making contact at a later date. These primarily business-related data are generally stored on a permanent basis.

Google Analytics

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economical operation of our website content within the meaning of Article 6 (1)(f) GDPR) we use Google Analytics, a web analytics service provided by Google LLC (“Google”). Google uses cookies. The information generated by the cookie on the use of the website content by the user is generally transmitted to a Google server in the US and stored there.

Google is certified under the EU-US Privacy Shield and thus offers a guarantee of compliance with European data protection legislation (

Google uses this information on our behalf in order to assess the use of this website content by the user, to compile reports on the activities within this website and to provide us with further services relating to the use of this website content and the internet use. Pseudonymised user profiles can be compiled from this processed data.

We use Google Analytics only with activated IP anonymisation. This means the user’s IP address is shortened by Google within EU Member States or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.

The IP address provided by the user’s browser will not be merged with other data provided by Google. Users can prevent the storage of the data generated by the cookie by setting their browser software accordingly; furthermore, users can prevent the collection of the data generated by the cookie and relating to their use of the website content by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available under the following link:

Further information on data use by Google, possible settings and objection options can be found in the Google Data Privacy Statement ( and in the settings for the presentation of ads by Google (

Users’ personal data are deleted or anonymised after 14 months.

Online presence in social media

We maintain online presences within social networks and platforms in order to communicate with customers, potential customers and users active there and to be able to inform them of our services. When viewing ensues in the respective networks and platforms, the terms and conditions and the data processing guidelines of the respective operator apply.

Unless stated otherwise within the framework of our Data Privacy Statement, we process the data of users when they communicate with us within the social networks and platforms, e.g. post on our online presence or message us.

Embedding of third-party services and content

On the basis of our legitimate interests (e.g. interest in the analysis, optimisation and economical operation of our website content within the meaning of Article 6 (1)(f) GDPR) we use content and service offers from third-party providers within our website content, e.g. in order to embed videos or fonts (hereinafter referred to as “content”).

We assume that the third-party providers of this content are aware of the IP address of the user, as, without the IP address they would be unable to send the content to their browsers. The IP address is therefore necessary for the presentation of this content. We are at pains to use such content only where the respective provider uses the IP address exclusively for the purpose of delivering the content. Furthermore, third-party providers can use what are known as pixel tags (invisible graphics also known as “web beacons”) for statistical or marketing purposes. By means of the “pixel tags”, information such as visitor traffic on the pages of this website can be evaluated. The pseudonymised information can be stored in cookies on the user’s device and, among other things, can contain technical information on the browser and operating system, referring websites, visit time and other details on the use of our website content, as well as being linked with information of this kind from other sources.

Google Fonts

We embed the fonts (“Google Fonts“) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data Privacy Statement:, Opt-out:

Adobe Fonts

How does the service use “Adobe Fonts” for websites’ cookies?

In making available the Adobe Fonts website ( we use cookies in accordance with our Data Privacy Statement.

In making available the “Adobe Fonts” service for websites, we do not place or use cookies on websites in order to provide our fonts.

What information is collected by “Adobe Fonts” for websites?

For the purpose of providing the service “Adobe Fonts” for websites, Adobe can collect information regarding the fonts or font types provided for your website. The information is used for the purpose of invoicing and compliance with regulations and can encompass the following:

  • Fonts provided
  • ID of the web project
  • JavaScript version of the web project (String)
  • Type of web project (String “configurable” or “dynamic”)
  • Type of embedding (whether you use the JavaScript or CSS embedding code)
  • Account ID (identifies the customer from whom the web project originates)
  • Services providing the fonts (e.g. Adobe Fonts)
  • Server providing the fonts (e.g. servers of Adobe Fonts or corporate CDN)
  • Hostname of the website on which the fonts are loaded
  • The time required by the web browser to download the fonts
  • The time between downloading of the fonts with the web browser and use of the fonts
  • Whether an ad blocker has been installed to determine whether the ad blocker negatively impacts on the correct tracing of the page views
  • Operating system and browser version

How does the service “Adobe Fonts” for websites use the information collected?

Adobe uses the information collected from websites using Adobe Fonts to provide the “Adobe Fonts” service and diagnose delivery or downloading issues. This information is also used to remunerate and fulfil Adobe’s contracts with the font creators whose fonts are used. We share aggregated reports with font creators and possibly confirm to a font creator that you have a valid Adobe licence, but do not pass on any other personal data relating to you to font creators.