top of page

data protection


Stephan Tromayer


Hoffeldstraße 14
2381 Laab in the woods
Phone +43 2239 2230


Privacy policy

We have written this Privacy Policy (version 15.06.2021-111762731) to explain to you in accordance with the General Data Protection Regulation (EU) 2016/679 and applicable national laws, what personal data (data for short) we are responsible and the processors commissioned by us (e.g. B. Providers) – will be processed in the future and what legitimate possibilities you have. The terms used are to be understood as a gender-neutral manner.
In short: We will inform you about data that we process about you.

Data protection declarations usually sound very technical and use legal terms. This privacy policy, however, is intended to describe the most important things as simple and transparent as possible. As far as transparency is conducive to transparency, technical terms are explained in a reader-friendly manner, links are provided for further information and graphics are used. We shall therefore inform in clear and simple language that we process personal data within the scope of our business activities only if there is an appropriate legal basis. This is certainly not possible if you make as brief, unclear and legal-technical statements as possible, as they are often standard on the Internet when it comes to data protection. I hope you will find the following explanations interesting and informative and perhaps there is one or two information you did not know yet.
If you still have any questions, please contact the responsible body mentioned below or in the imprint, to follow the existing links and to view further information on third-party sites. Of course, you will also find our contact details in the imprint.

Scope of application

This privacy policy applies to all personal data processed by us in the company and to all personal data that processes our companies (processors) commissioned by us. By means of personal data we mean information in the sense of Art. 4 No. 1 GDPR such as the name, e-mail address and postal address of a person. The processing of personal data ensures that we offer and can settle our services and products, whether online or offline. The scope of this privacy policy includes:

  • all online appearances (websites, online shops) that we operate

  • Social Media Performances and Email Communications

  • Mobile Apps for Smartphones and Other Devices

In short, the privacy policy applies to all areas in which personal data is processed in the company in a structured manner via the channels mentioned. If we enter into legal relationships with you outside these channels, we may inform you separately.

Legal bases

In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.
As regards EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 July 27 April 2016. Of course, you can read this EU General Data Protection Regulation online on EUR-Lex, access to EU law, at

We process your data only if at least one of the following conditions applies:

  1. Consent (Article 6 (1) (a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of your entered data of a contact form.

  2. Contract (Article 6 (1) (b) GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we need personal information in advance.

  3. Legal obligation (Article 6 (1) (c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to cancel invoices for accounting. These usually contain personal data.

  4. Legitimate interests (Article 6 (1) (f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and economically efficiently. This processing is therefore a legitimate interest.

Other conditions such as the perception of recordings in the public interest and exercise of official authority as well as the protection of vital interests usually do not appear in our country. If such a legal basis is to be relevant, it will be shown at the appropriate place.

In addition to the EU regulation, national laws also apply:

  • In Austria, this is the Federal Act on the Protection of Natural Persons in the Processing of Personal Data (Data Protection Act), or DSG for short.

  • In Germany, the Federal Data Protection Act applies, or BDSG for short.

If further regional or national laws are applied, we will inform you in the following sections.

Storage duration

The fact that we store personal data only as long as is absolutely necessary for the provision of our services and products is considered to be a general criterion for us. This means that we delete personal data as soon as the reason for the data processing is no longer available. In some cases, we are legally obliged to store certain data even after the original purpose has lapsed, for example for accounting purposes.

If you wish to have your data deleted or withdraw your consent to data processing, the data will be deleted as soon as possible and as far as no obligation to store it.

We will inform you below if we have further information about the specific duration of the respective data processing.

Rights according to the General Data Protection Regulation

According to Article 13 GDPR, you have the following rights to ensure fair and transparent processing of data:

  • According to Article 15 GDPR, you have a right to information as to whether we process your data. If this is true, you have the right to receive a copy of the data and to know the following information:

    • for what purpose we carry out the processing;

    • the categories, i.e. the types of data that are processed;

    • who receives this data and when the data is transmitted to third countries, how security can be guaranteed;

    • how long the data is stored;

    • the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;

    • that you can complain to a supervisory authority (see below links to these authorities);

    • the origin of the data if we have not collected them from you;

    • whether profiling is carried out, i.e. whether data is automatically evaluated in order to reach a personal profile of you.

  • According to Article 16 GDPR, you have a right to correct the data, which means that we need to correct data if you find an error.

  • According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which concretely means that you may request the deletion of your data.

  • According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but no longer use it further.

  • According to Article 19 GDPR, you have the right to data portability, which means that we provide you with your data in a common format on request.

  • According to Article 21 GDPR, you have a right to object, which entails a change in the processing after enforcement.

    • If the processing of your data is based on Article 6 para. 1 lit. e (public interest, exercise of official authority) or Article 6 para. 1 lit. f (legitimate interest) based, you can object to the processing. We then examine as soon as possible whether we can legally comply with this objection.

    • If data is used to direct marketing purposes, you can object to this type of data processing at any time. We may no longer use your data for direct marketing.

    • If data is used to operate profiling, you can object to this type of data processing at any time. We may no longer use your data for profiling.

  • In accordance with Article 22 GDPR, you may have the right not to be subjected to a decision based exclusively on automated processing (for example, profiling).

If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated, you can complain to the supervisory authority. For Austria, this is the data protection authority whose website you can find at and for Germany you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

In short: You have rights – do not hesitate to contact the responsible body listed above with us!

Web hosting

What is Web Hosting?

When you visit websites today, certain information – including personal data – is automatically created and stored, including on this website. These data should be processed as economically as possible and only with justification. By the way, we mean the entirety of all websites on a domain, i.e. everything from the homepage (homepage) to the very last subpage (like this one). With domain we mean for example or

If you want to view a website on a screen, use a program called web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari.

This web browser must connect to another computer where the code of the website is stored: the web server. The operation of a web server is a complicated and time-consuming task, which is why this is usually taken over by professional providers, the providers. These offer web hosting and thus ensure reliable and error-free storage of website data.

When connection is reached on your computer (desktop, laptop, smartphone) and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, on the other hand, the web server must also store data for a while to ensure proper operation.

To illustrate:


Why do we process personal data?

The purposes of the data processing are:

  1. Professional hosting of the website and securing the operation

  2. to maintain operational and IT security

  3. Anonymous evaluation of access behaviour to improve our offer and, if necessary, to prosecute or Prosecution of claims

What data is processed?

Even while you are visiting our website right now, our web server, which is the computer on which this website is stored, usually automatically stores data such as

How long is data stored?

As a rule, the above data will be stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed by authorities if there is illegal behaviour.

In short: Your visit is logged by our provider (company that runs our website on special computers (servers), but we will not share your data without consent!

Legal basis

The lawfulness of the processing of personal data within the framework of web hosting results from Art. 6 para. 1 lit. f GDPR (currency of legitimate interests), because the use of professional hosting at a provider is necessary in order to present the company securely and user-friendly on the Internet and to be able to prosecute attacks and claims if necessary.


What are cookies?

Our website uses HTTP cookies to store user-specific data.
Below we explain what cookies are and why you are used so that you can better understand the following privacy policy.

Whenever you browse through the Internet, use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing is not to be denied: cookies are really useful helpers. Almost all websites use cookies. More precisely, there are HTTP cookies, as there are other cookies for other application areas. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, virtually the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must be specified.

Cookies store certain user data from you, such as language or personal page settings. When you return to our site, your browser sends back the "user-related" information to our site. Thanks to the cookies, our website knows who you are and offers you the attitude you are used to. In some browsers, each cookie has its own file, in others such as Firefox all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser such as e.g. B. Chrome and the web server. The web browser requests a website and receives a cookie from the server back, which the browser uses again as soon as another page is requested.


There are both first-party cookies and third-party cookies. First-party cookies are created directly from our site, third-party cookies are provided by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, since each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies cannot access information on your PC.

For example, cookie data may look like:

Name: Ã
Value: GA1.2.1326744211.152111762731-9
Use: Distinction of website visitors
Expiry date: after 2 years

A browser should be able to support these minimum sizes:

  • At least 4096 bytes per cookie

  • Minimum 50 cookies per domain

  • At least 3000 cookies in total

What types of cookies are available?

The question of which cookies we use in particular depends on the services used and will be clarified in the following sections of the Privacy Policy. At this point we would like to briefly respond to the different types of HTTP cookies.

You can distinguish 4 types of cookies:

Essential cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues to surf on other pages and later goes to the checkout. These cookies do not delete the shopping cart, even if the user closes their browser window.

Current cookies
These cookies collect information about user behaviour and whether the user receives any error messages. In addition, these cookies also measure the loading time and behaviour of the website in various browsers.

Targeted cookies
These cookies ensure a better user-friendly. For example, entered locations, font sizes or form data are stored.

Advertising cookies
These cookies are also called targeting cookies. They serve to deliver individually adapted advertising to the user. This can be very practical, but also very annoying.

When you visit a website for the first time, you are usually asked which of these cookie types you want to admit. And of course this decision is also stored in a cookie.

If you want to know more about cookies and do not shy away from technical documentation, we recommend, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Purpose of processing via cookies

The purpose ultimately depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.

What data is processed?

Cookies are small assistants for a many different tasks. Which data is stored in cookies cannot be generalised, but we will inform you about the processed or stored data within the scope of the following privacy policy.

Storage period of cookies

The storage period depends on the respective cookie and is further specified below. Some cookies are deleted after less than one hour, others can remain stored on a computer for several years.

They also have an impact on the storage period. You can delete all cookies manually via your browser at any time (see also “right of objection”) below. Furthermore, cookies based on consent are deleted at the latest after your revocation of your consent, whereby the lawfulness of the storage remains unaffected by then.

Right to object – how can I delete cookies?

You decide how and if you want to use cookies. Regardless of which service or website the cookies originate, you always have the option to delete, deactivate or only partially allow cookies. For example, you can block third-party cookies, but allow all other cookies.

If you want to determine which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Managing cookies and website data with Safari

Firefox: Delete cookies to remove data that have placed websites on your computer

Internet Explorer: Deleting and Managing Cookies

Microsoft Edge: Deleting and Managing Cookies

If you do not want to have cookies, you can set your browser so that it should always inform you whenever a cookie is to be set. For each individual cookie, you can decide whether to allow the cookie or not. The procedure varies depending on the browser. It is best to search the instructions in Google using the search term “Clear Cookies Chrome” or “Disable Chrome cookies” in the case of a Chrome browser.

Legal basis

Since 2009 there have been the so-called “cookie guidelines”. It states that the storage of cookies is given consent (Article 6 para. 1 lit. a GDPR) requested from you. Within the EU countries, however, there are still very different reactions to these directives. In Austria, however, this directive was implemented in section 96 para. 3 of the Telecommunications Act (TKG). In Germany, the cookie guidelines were not implemented as a national law. Instead, this directive was largely implemented in Section 15 para.3 of the Telemedia Act (TMG).

For absolutely necessary cookies, even if there is no consent. 1 lit. f GDPR), which in most cases are economic in nature. We want to give visitors to the website a pleasant user experience and certain cookies are often absolutely necessary for this.

If not necessarily required cookies are used, this is only done in the case of your consent. The legal basis is Art. 6 para. 1 lit. a GDPR.

In the following sections, you will be informed more about the use of cookies, if the software used uses uses.

WP Statistics Privacy Policy

What is WP Statistics?

We use the analysis plugin WP Statistics on our website. This plugin was developed by Veronalabs (5460 W Main St, Verona, NY 13478, United States), an American software company. With this plugin we receive simple statistics on how you as a user use our website. In this privacy policy, we will go into the analysis tool in more detail and show you which data is stored where and for how long.

This plugin is an analysis software designed specifically for websites that use the WordPress content management system. WordPress helps us to edit our website easily without programming knowledge. WP Statistics may collect data about how long you stay on our website, which subpages you visit, how many visitors are on the website or from which website you came to us. WP Statistics does not set any cookies and you cannot be identified as a person by the data collected.

Why do we use WP Statistics?

With the help of WP Statistics, we get simple statistics to help us make our website even more interesting and better. Our website and the content, products and/or services offered on it should meet your requirements and wishes as best as possible. In order to achieve this goal, we must, of course, also find out where we should make improvements and changes. The statistics received help us to get one step closer to this goal.

What data is stored by WP Statistics?

WP Statistics does not set any cookies and through the data collected is only created in anonymous form statistics about the use of our website. WP Statistics also anonymizes your IP address. You as a person cannot be identified.

WP Statistics collects visitor data (so-called Visitos' data) if your web browser connects to our web server. This data is stored in our database on our server. These include, for example:

  • the address (URL) of the website accessed

  • Browser and browser version

  • The operating system used

  • the address (URL) of the previously visited page (referrer URL)

  • the host name and the IP address of the device from which to be accessed

  • Date and time

  • Information on Country/City

  • Number of visitors coming from a search engine

  • Duration of the website stay

  • Clicks on the website

The data will not be passed on and will not be sold.

How long and where will the data be stored?

All data is stored locally on our web server. The data is stored on our web server until it is no longer needed for the purposes listed above.

How can I delete my data or prevent data storage?

You have the right to information, correction or Deletion and restriction of the processing of your personal data. You can also revoke your consent to the processing of data at any time.

Legal basis

The use of WP Statistics requires your consent, which we have obtained with our cookie popup. This consent is provided according to Art. 6 para. 1 lit. a GDPR (consent) the legal basis for the processing of personal data as may occur when collecting through web analytics tools.

In addition to the consent of our site, there is a legitimate interest in analysing the behaviour of the website visitors and thus improving our offer technically and economically. With the help of WP Statistics, we recognize errors of the website, can identify attacks and improve economic efficiency. The legal basis for this is Art. 6 para. 1 lit. f GDPR (Legal interests). Nevertheless, we only use WP Statistics if you have given your consent.

We have now provided you with the most important information about data processing by WP Analytics. Because the plugin does not use cookies and the data for statistical analysis is stored locally in the web server, your data is handled here very carefully. If you wish to learn more about WP Analytics, you should view the company's privacy policy at .

Cookie Consent Management Platform

What is a Cookie Consent Manangement Platform?

We use a Consent Management Platform (CMP) software on our website, which makes it easier for us and you to handle the correct and secure handling of used scripts and cookies. The software automatically creates a cookie popup, scans and controls all scripts and cookies, provides data protection consent for you and helps us and you to keep track of all cookies. Most Cookie Consent Management Tools identifies and categorizes all existing cookies. As a website visitor, you then decide for yourself whether and which scripts and cookies you allow or not allow. The following graphic represents the relationship between browser, web server and CMP.


Why do we use a cookie management tool?

Our goal is to provide you with the best possible transparency in the area of data protection. In addition, we are also legally obliged to do so. We want to inform you as well as possible about all tools and all cookies that you can store and process your data. It is also your right to decide for yourself which cookies you accept and which ones you do not. To grant you this right, we must first know exactly which cookies have landed on our website. Thanks to a cookie management tool that regularly scans the website for all existing cookies, we know all cookies and can provide you with GDPR compliance. You can then accept or reject cookies via the consent system.

What data is processed?

As part of our cookie management tool, you can manage each individual cookie yourself and have complete control over the storage and processing of your data. The declaration of your consent is stored so that we do not have to request you every new visit to our website and we can also prove your consent if necessary by law. This is saved either in an opt-in cookie or on a server. Depending on the provider of the cookie management tool, the storage period of your cookie consent varies. In most cases, this data (such as pseudonymous user ID, consent time, detailed information about the cookie categories or tools, browser, device information) of up to two years is stored.

Duration of data processing

We will inform you about the duration of data processing below, provided that we have further information about this. In general, we process personal data only as long as it is strictly necessary for the provision of our services and products. Data stored in cookies is stored at different lengths. Some cookies are deleted after you leave the website, others may be stored in your browser for a few years. The exact duration of data processing depends on the tool used, mostly you should prepare for a storage period of several years. In the respective data protection declarations of the individual providers, you will usually receive precise information about the duration of the data processing.

Right of objection

You also have the right at any time and the possibility to revoke your consent to the use of cookies. This works either through our cookie management tool or via other opt-out functions. For the display, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.

Information on specific cookie management tools, please know in the following sections.

Legal basis

If you agree to cookies, you process and store personal data about these cookies. If we have provided your consent (Article 6 para. 1 lit. a GDPR), this consent is also the legal basis for the use of cookies or the processing of your data. In order to be able to manage consent to cookies and to enable you to give you consent management platform software, a cookie consent management platform software is used. The use of this software allows us to operate the website in an efficient manner in accordance with the law, which is a legitimate interest (Article 6 para. 1 lit. f GDPR).

What are Google Fonts?

We use Google Fonts on our website. These are the “Google fonts” from Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

You do not need to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, Fonts/Fonts) are requested via the Google domains and According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account details will be transmitted to Google while using Google Fonts. Google collects the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will see exactly what data storage looks like in detail.

Google Fonts (formerly Google Web Fonts) is a directory with over 800 fonts that Google makes available to your users free of charge.

Many of these fonts are published under the SIL Open Font License, while others were published under the Apache license. Both are free software licenses.

Why use Google Fonts on our website?

With Google Fonts, we can use fonts on our own website and do not need to upload them to our own server. Google Fonts is an important building block to keep the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage especially for use in mobile devices. When you visit our site, the low file size ensures a fast load time. Google Fonts are also secure web fonts. Different image synthesis systems (rendering) in various browsers, operating systems and mobile devices can lead to errors. Such errors can sometimes optically distort texts or entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all popular browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use the Google Fonts so that we can present our entire online service as beautifully and consistently as possible.

What data is stored by Google?

When you visit our website, the fonts will be loaded via a Google server. This external call-up transmits data to the Google servers. This way, Google also recognizes that you or Your IP address visited our website. The Google Fonts API is designed to reduce the use, storage and collection of end-user data to what is necessary for proper font delivery. By the way, API stands for “Application Programming Interface” and serves as a data transmitter in the software area.

Google Fonts stores CSS and font requests securely with Google and is therefore protected. Through the collected usage figures, Google can determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. In addition, Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the BigQuery database of Google Fonts. Entrepreneurs and developers use the Google web service BigQuery to explore and move large amounts of data.

It takes to bear in mind, however, that information such as language settings, IP address, version of the browser, screen resolution of the browser and name of the browser are automatically transmitted to the Google servers through each Google Font request. Whether this data is also stored is not clear or is not clearly communicated by Google.

How long and where will the data be stored?

Google stores requests for CSS assets for a day on its servers, which are mainly located outside the EU. This allows us to use the fonts using a Google style sheet. A stylesheet is a template that you can easily and quickly change the design or font of a website.

The font files are saved on Google for one year. In this way, Google pursues the goal of improving the loading time of websites in principle. When millions of websites refer to the same fonts, they are cached after the first visit and immediately appear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage and improve the design.

How can I delete my data or prevent data storage?

The data that Google stores for one day or one year cannot simply be deleted. The data is automatically transmitted to Google when page views. In order to be able to delete this data early, you must contact Google Support at . In this case, you only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unrestricted access to all fonts. So we can access a sea of fonts unlimitedly and get the most out of our website. More about Google Fonts and other questions can be found at Although Google responds to data protection-relevant matters, really detailed information about data storage is not included. It is relatively difficult to get really accurate information about stored data from Google.

Legal basis

If you have consented to Google Fonts being used, the legal basis for the corresponding data processing is this consent. This consent is provided according to Art. 6 para. 1 lit. a GDPR (consent) the legal basis for the processing of personal data as may occur when Google Fonts may be recorded.

There is also a legitimate interest in using Google Font to optimise our online service. The corresponding legal basis is Art. 6 para. 1 lit. f GDPR (Legal interests). Nevertheless, we only use Google Font if you have given your consent.

You can also read what data is collected by Google and what this data is used for, please refer to

All texts are protected by copyright.

Source: Created with the AdSimple Privacy Generator

bottom of page