Privacy Policy

introduction

In this privacy policy, we describe our approach to the data collected from users who access our website at www.Haus-in-Griechenland.at or otherwise provide us with personal data. The company collects personal data when data subjects provide it, namely - as part of visiting and using the website, - as part of an inquiry (including with independent sales representatives and brokers) or when contacted by our representatives, - as part of an application as an employee or independent sales representative, - when contacting us (by other means) (e.g., via contact form or email). The data categories that may be collected are as follows: name, age, date of birth, address, economic status. Which (other) data is collected in detail can be seen from the respective input forms or from the queries by the company's employees or independent sales representatives. When applying for a job, all data disclosed by the applicant may be processed. The Austrian Data Protection Authority is responsible within the meaning of the General Data Protection Regulation (GDPR).

User rights

You have the following rights: Request confirmation as to whether and to what extent your personal data is being used and processed, as well as access to the personal data stored about you and additional information Request a copy of the personal data you have voluntarily provided to us in a structured, common and machine-readable format Request rectification of the personal data we have stored about you Request the erasure of your personal data Object to our processing of your personal data Request the restriction of our processing of your personal data Lodge a complaint with a supervisory authority Please note, however, that these rights are not unlimited but are subject to our own legitimate interests and official regulations. Rights of the data subject According to Art. 15 GDPR, the data subject has the right to request confirmation from the controller as to whether personal data concerning him or her are being processed, providing proof of his or her identity is provided. If this is the case, the data subject also has the right to information about this personal data and to the information referred to in Art. 15 (1) GDPR, such as the categories of personal data and further information (note: this corresponds to the information contained in this declaration). The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her (right to rectification pursuant to Art. 16 GDPR). Under the conditions of Art. 17 GDPR, the data subject has the right to erasure of personal data concerning him or her, for example if the data is no longer necessary for the purposes for which it was collected or otherwise processed, or is processed unlawfully, or in the case of processing based on a declaration of consent, if the data subject withdraws his or her consent. If the company has made the personal data to be erased public, the following obligation applies pursuant to Art. 21 (2) GDPR: Appropriate measures, taking into account available technology and the associated costs, shall be taken to inform other controllers about the erasure to be carried out. This applies to those responsible for processing the personal data. They must be informed that the data subject has requested the erasure of all links to, as well as copies and replications of, these personal data. However, the right to erasure does not apply if there is no reason for erasure (i.e. none of the reasons mentioned above apply) or if the exceptions mentioned in Article 17(3) GDPR apply, for example if processing is necessary to fulfil a legal obligation under EU or Austrian law (e.g. statutory retention periods) or to assert, exercise or defend legal claims. According to Article 18 GDPR, the data subject has the right to restriction of processing, for example if the data subject contests the accuracy of the data processed, the processing is unlawful or if there is a dispute between the company and the data subject as to whether a right to erasure exists. In this case, the company will only store the data in question and will not process it in any other way. If the data subject requests deletion or restriction of processing or objects (see the end of this data protection declaration), they will be informed immediately about the measures taken or about the reasons why the company does not implement them. According to Art. 20 GDPR, the data subject has the right to receive the personal data concerning them that they have made available to the company in a structured, common and machine-readable format. However, this only applies if the processing is carried out using automated procedures. They also have the right to transmit this data to another controller. The controller to whom the personal data was made available may not hinder them in doing so (right to data portability). If technically feasible, they have the right to have the data transmitted directly from one controller to another. If you wish to exercise any of the rights listed here or require further information, please contact: Johann Cenker T 4312369058 F 43123690589 Liebermannstraße F15 /312 Campus-21 2345 Brunn am Gebirge A data protection officer has not been appointed for the company.

storage

We retain your personal data for as long as necessary to provide our services, comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods depend on the type of data collected and the purpose for which the data was collected, taking into account both case-specific circumstances and the need to delete outdated, unused information as soon as possible. We retain customer personal data records, account setup documents, communications, and other data in accordance with applicable laws and regulations. We may correct, complete, or remove incomplete or inaccurate data at any time and at our sole discretion. Data retention period Personal data will be retained until it is no longer necessary for the purposes for which it was collected or otherwise processed; in the case of processing based on consent, until the data subject withdraws their consent and there is no other legal basis for further processing (Article 17 (1) (b) GDPR); in any case, however, as long as storage is necessary to fulfil a legal obligation (e.g. statutory retention periods) or to assert, exercise or defend legal claims of the company.

Basis for data collection

The processing of your personal data (i.e., any data that allows you to be identified by reasonable means; "personal data") [insert explanation of the legal basis for processing personal data, for example:] is necessary to fulfill our contractual obligations to you and to provide our services to you, protect our legitimate interests, and comply with legal and financial regulatory obligations to which we are subject. By using this website, you consent to the collection, storage, use, disclosure, and other uses of your personal data as described in this Privacy Policy. Please read the Privacy Policy carefully before making any decisions.

What data is collected?

We collect two types of data and information from users. The first category includes non-identifying and non-identifiable user data provided or collected through the use of the Website (“Non-Personal Data”). We do not know the identity of the user from whom Non-Personal Data was collected. The Non-Personal Data that may be collected includes aggregated usage data and technical data sent by your device, including certain information regarding software and hardware (e.g., browser and operating system used on the device, language preference, access time, etc.). We use this data to improve the functionality of our Website. We may also collect data about your activity on the Website (e.g., pages viewed, browsing behavior, clicks, actions, etc.). The second category is Personal Data, which is data that identifies an individual or can be identified through reasonable measures. Such data includes: Device Data: We collect Personal Data from your device. Such data includes geolocation data, IP address, unique identifiers (e.g., MAC address and UUID), and other data resulting from your activity on the website. If you contact us via a form on the website or by email, the data you provide will be stored by us for six months to process your request and in case of follow-up questions. We will not share this data without your consent. Since business documents must generally be archived for at least three years and business correspondence relevant for tax purposes for up to seven years (Section 131 et seq. of the Federal Fiscal Code (BAO), Section 190 of the Austrian Commercial Code (UGB) and the German Value Added Tax Act (UStG), these deadlines apply to business transactions.

How do we receive data about you?

We obtain your personal data from various sources: We receive such data when you use our website or access it in connection with one of our services. We receive such data from other providers, services, and public records (for example, from data traffic analysis providers).

How is the data used? To whom is the data shared?

We do not share user information with third parties except as described in this Privacy Policy. We use data for the following purposes: To communicate with you (sending notices regarding our services, providing technical information, and, where appropriate, responding to customer service requests) To inform you about new updates and services To display ads related to your use of our website (see "Advertising" for more information) To market our websites and products (see "Marketing" for more information) For statistical and analytical purposes to improve the website In addition to the various uses listed above, we may also share personal information with our subsidiaries, affiliates, and subcontractors. In addition to the purposes listed in this Privacy Policy, we may transfer personal data to our trusted third party service providers located in different jurisdictions around the world for the following reasons: Hosting and operating our website Providing our services, including the personalized display of our website Storing and processing such data on our behalf Serving ads and the ability to evaluate the success of our advertising campaigns, retargeting users Providing marketing offers and promotional materials related to our website and services Conducting studies, technical diagnostics or analyses We rely on a legitimate interest in the following cases: - when the company initiates business transactions, - for adequately informing customers about the products and services, events, promotions, etc. offered or brokered by the company, i.e. advertising. This also includes transmitting the data to processors for this purpose if this is necessary for the implementation of these or other marketing measures, statistical evaluations, etc., - for internal administration within the group, provided the company belongs to or is affiliated with such a group, - for processing by processors (e.g. external accounting), - to obtain credit reports, - to prevent fraud or illegal use of the website. Except in the latter case, the data automatically collected and stored by the provider on the web server (e.g. browser used, operating system, referring page, IP address, time) is not evaluated or assigned to a specific person. If comments or form entries are left, the entered data and their IP addresses are stored for the purpose of tracking illegal content. We may also disclose data if we believe in good faith that this is helpful or appropriate to: (i) comply with applicable laws, regulations, legal proceedings or government requests; (ii) enforce our policies (including our agreement) and, if necessary, investigate possible violations thereof; (iii) to investigate, detect, prevent, or take action regarding illegal activities or other misconduct, suspected fraud, or security issues; (iv) to assert or enforce our own legal claims or to defend ourselves against the claims of others; (v) to protect the rights, property, or safety of ourselves, our users, your safety, or the safety of third parties; or (vi) to cooperate with law enforcement authorities and/or to protect intellectual property or other legal claims. Recipients of the data As a general rule, the personal data of the data subject will not be disclosed to recipients other than the company (i.e., to other natural or legal persons, authorities, institutions, or other bodies) (but see the information in points j, k, and l). Exceptions to this are: - any appointed independent commercial agents (to contact the interested party, advise them through the representative, etc.); - any third parties named by the data subject (e.g., architects or professionals); - authorities that may receive personal data within the scope of a specific investigation under Union or Austrian law. the processing of this data by the aforementioned authorities must be carried out in accordance with the applicable data protection regulations; - processors who process the personal data on behalf of the company (e.g. printing companies for sending newsletters; for processing payments, the credit institution commissioned to process the payment). The company does not intend to transfer the personal data to a third country or to an international organization. Right to lodge a complaint with the supervisory authority The data subject has the right to lodge a complaint with the data protection authority if they believe that the processing of personal data concerning them violates the GDPR or Section 1 or Article 2, Chapter 1 of the Data Protection Act (DSG) in the version of the Data Protection Adaptation Act 2018.

Cookies

We and our partners use cookies to provide the relevant services. This also applies when you visit our website or access our services. A “cookie” is a small data package that is assigned to your device by this website when you visit a web page. Cookies are useful and can be used for a variety of purposes. These include, for example, making it easier to navigate between different pages, automatically activating certain functions, saving your preferences, and optimizing access to our services. The use of cookies also enables us to show you relevant advertising tailored to your interests and to collect statistical information about your use of our services. This website uses the following types of cookies: a. “session cookies,” which ensure normal system usage. Session cookies are only stored for a limited time during a session and are deleted from your device when you close your browser. b. “permanent cookies,” which are only read by the website and are not deleted when the browser window is closed, but are stored on your computer for a specific period of time. This type of cookie enables us to identify you on your next visit and, for example, to save your preferences. c. “Third-party cookies” that are set by other online services that have their own content on the page you visit. These can be, for example, external web analytics companies that record and analyze access to our website. Cookies do not contain any personal data that identifies you, but the personal data we store may be linked by us to the data contained in the cookies. You can remove cookies via your device settings. Follow the instructions provided. Please note that disabling cookies may restrict certain functions when using our website. The tool we use is based on technology from Snowplow Analytics. The data we collect about the use of our website includes, for example, how often users visit the website or which areas are accessed. The tool we use does not collect any personal data and is used by our web hosting provider and service provider solely to improve their own offering.

Use of Google Analytics

This website uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies"). The company therefore relies on a legitimate interest in compiling website access statistics cost-effectively and simply (Article 6 (1) (f) of the General Data Protection Regulation). The information generated by the cookie about your use of the website is usually transferred to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, Google will shorten your IP address beforehand within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. However, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. As explained under point (j), you have the option of preventing cookies from being saved by selecting the appropriate settings in your browser; however, please note that if you do this, you may not be able to use all of the features of this website to their full extent. Furthermore, you can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de). Further information on terms of use and data protection can be found at www.google.com/analytics/terms/de.html or at support.google.com/analytics/answer/6004245. On this website, Google Analytics has been supplemented by the code "gat._anonymizeIp();" to ensure anonymized collection of IP addresses (so-called IP masking).

Google Maps

The Google Maps API is used on the microsites. This service is provided by Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. As a result, at least the following data is transmitted to Google, Inc.: IP address, time of visit to the website, visitor's screen resolution, website URL (referrer), browser identifier (user agent), and search terms. Data is transmitted regardless of whether a user account exists with Google through which the user is logged in, or whether no user account exists. If the user is logged in, this data is assigned directly to the account. If this assignment to the profile is not desired, the user must log out before activating the button. Google, Inc. stores this data as user profiles and uses them for the purposes of advertising, market research, and/or tailoring its website to meet customer needs. The user has the right to object to the creation of these user profiles; to exercise this right, they must contact Google Inc. Further information on the purpose and scope of data collection and processing by Google, Inc. is available at www.google.at/intl/de/policies/privacy/. By using the Google Maps service, the user consents to data processing by Google, Inc. The controller does not process the data in question.

Use of script libraries (Google Web Fonts)

To ensure that our content is displayed correctly and graphically appealing in every browser, we use script and font libraries such as Google Web Fonts (https://www.google.com/webfonts) for this website. Google Web Fonts are transferred to your browser's cache so that they only need to be loaded once. If your browser does not support Google Web Fonts or denies access, the content will be displayed in a standard font. When you access script or font libraries, a connection is automatically established to the operator of the library. In theory, this means that this operator has the opportunity to collect data. It is currently not known whether and for what purpose the operators of the respective libraries actually collect data. You can find the privacy policy of the operator of the Google library here: https://www.google.com/policies/privacy .

Collection of data by third parties

This Policy only addresses the use and disclosure of information we collect from you. If you post information on other websites or disclose information to third parties online, different terms may apply. Therefore, always read the terms and conditions and privacy policies carefully before disclosing information. This Privacy Policy does not apply to the business practices of companies we do not own or control, or to anyone other than our employees and staff, including third parties to whom we may disclose information as described in this Privacy Policy.

How do we protect your data?

We implement the security measures on the website with great care and protect your data. We use industry-standard procedures and policies to ensure the protection of the data we collect and store and to prevent unauthorized use of such data. We also require third parties to adhere to similar security requirements in accordance with this Privacy Policy. While we take reasonable steps to protect data, we cannot be held responsible for the actions of those who gain unauthorized access to or misuse our website, and we make no warranty, express or implied, that we can prevent such access.

Transfer of data outside the European Economic Area

Please note that some recipients may not be located in the European Economic Area. If this is the case, we will only transfer your data to countries approved by the European Commission with an adequate level of data protection or ensure an adequate level of data protection through a legal agreement.

Advertising

When you access our website, we may serve ads using third-party ad technology. This technology uses your usage data from the Services (e.g., by placing third-party cookies on your web browser) to deliver ads. [Insert information about opt-out choices from personalized advertising, for example:] You can opt out of many third-party ad networks, including those operated by members of the Network Advertising Initiative ("NAI") and the Digital Advertising Alliance ("DAA"). For information about the practices of NAI and DAA members, your choices regarding use of such data by these companies, and how to opt out of third-party ad networks operated by NAI and DAA members, please visit their respective websites: http://optout.networkadvertising.org/#!/ and http://optout.aboutads.info/#!/.

Marketing

We may use your personal information, such as your name, email address, telephone number, etc., ourselves or share it with a third-party subcontractor to provide you with promotional materials regarding our services that may be of interest to you. We respect your right to privacy, and therefore you will always be given the opportunity to opt out of future mailings in these marketing materials. If you opt out, your email address or telephone number will be removed from our marketing mailing lists. Please note that even if you opt out of receiving our marketing emails, we may still send you emails with important information that do not include an unsubscribe option. This includes maintenance messages or administrative notifications.

Corporate transaction

We may transfer data in the event of a corporate transaction (e.g., a sale of a substantial portion of the business, a merger, consolidation, or asset sale). If any of the above events occur, the acquiring entity or company will assume the rights and obligations set forth in this Privacy Policy.

Minors

Protecting children's data is particularly important online. This website is not designed or directed at children. Minors may use our services only with the prior consent or authorization of a parent or guardian. We do not knowingly collect personal information from minors. If a parent or guardian becomes aware that their child has provided us with personal information without their consent, they can contact us at sophie@haus-in-griechenland.at.

Updates or changes to this privacy policy

We reserve the right to change or review this Privacy Policy from time to time. You will find the current version's date under "Last Modified." Your continued use of the Platform following the posting of such changes on our website constitutes your acceptance of such changes to the Privacy Policy and your agreement to be bound by the amended terms.

How to reach us

If you have general questions about the website, the data we collect about you, or how we use that data, please contact us at sophie@haus-in-griechenland.at. Last updated on December 5, 2019