Personal data in the sense of Article 4 of the EU General Data Protection Regulation (GDPR) is any information relating to an identified or identifiable natural person, e.g. name, address, email addresses, etc.
The responsible party for the processing of personal data iSd Art. 4 (7) GDPR is:
vlabs innovation GmbH
1070 Vienna, Austria
Email: firstname.lastname@example.org (see our imprint).
As a data subject, you have the following rights with regard to the personal data concerning you in accordance with the legal provisions:
You also have the right to complain to a data protection supervisory authority about our processing of your personal data. When processing your rights, we may ask you for proof of identity.
We reserve the right, in the event of a legal obligation, to disclose information about you if such disclosure is required of us by lawful authorities or law enforcement bodies (legal basis: Art. 6 (1) c) GDPR).
In the course of your visit to this website, we will automatically collect the following personal data about you:
In addition, we may ask you to provide personal information, such as your name and email address, on our website in order to provide you with certain services. There is no obligation to actually provide the data that we ask you to provide on our website. However, if you do not do so, you may not be able to use all the features of the website.
Data processing is based on the legal provisions of § 96 para 3 TKG as well as Art 6 para 1 lit a (consent) and/or lit b (necessary for the performance of the contract) and/or lit f (safeguarding the legitimate interests of the controller) of the GDPR. We process your data for the following purposes:
We process the personal data specified in more detail above in accordance with the provisions of the GDPR, the other relevant data protection regulations and only to the extent necessary. Insofar as the processing of personal data is based on Article 6 (1) (f) GDPR, the aforementioned purposes also represent our legitimate interests. The processing of log data serves statistical purposes and to improve the quality of our website, in particular the stability and security of the connection (legal basis is Article 6 para 1 lit f GDPR).
In the case of mere informational use of the website, we only collect the personal data that your browser transmits to our server. If required for the above-mentioned purposes, we pass on the collected data to the relevant internal departments or to external IT service providers, including Google Analytics (see point 3.7) for processing in accordance with the required purposes (for the presentation of the website and the creation of content).
We will store your data for as long as is necessary to provide our services to you or for as long as we have a legitimate interest in continuing to store it. Longer storage will only take place to the extent necessary to investigate identified attacks on our website and, beyond that, only until the end of applicable statutes of limitations, statutory retention periods or any legal disputes in which the data is needed as evidence. After that, the data will be deleted.
When communicating and/or cooperating with us, e.g. by email, via a contact form on our website, the data you provide (e-mail address, your name and telephone number if applicable, or the personal data provided within the communication) will be stored by us, e.g. in order to answer your questions or to comply with the communication required for our business purposes. We delete the data accrued in this context after the storage is no longer necessary, unless there are legal retention obligations or statutes of limitations must be observed.
When processing data that arises in the course of communication, we have a legitimate interest in processing the data in accordance with legal requirements, for internal review or in accordance with the respective communication request.
So-called cookies are used on our website. A cookie is a small file that can be stored on your computer when you visit a website. Basically, cookies are used to provide users with additional functions on a website. For example, they can be used to make it easier for you to navigate a website. Cookies cannot access, read or modify any other data on your computer.
Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies).
Other cookies remain on your terminal device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). When cookies are set, they collect and process certain user information on an individual scale, such as browser and location data and IP address values. Persistent cookies are automatically deleted after a certain period of time, which may vary depending on the cookie.
If you want to control cookies on your computer, you can set your browser preferences to notify you when a website wants to store cookies. You can also block or delete cookies if they have already been stored on your computer. If you want to know more about how to set these steps, please use the "Help" function in your browser. Please note that blocking or deleting cookies may affect your online experience and prevent you from fully using this website.
We use social media plug-ins to recommend content from social networks, such as Facebook, Instagram or Linked-In. For this purpose, we use a two-stage procedure. Data is only transmitted to third parties when users click on one of the icons displayed in the social media bar. In this process, we have neither influence nor access to cookies set by Facebook, Instagram or Linked-In.
At most, our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to YouTube's servers is established as soon as you start playing a video. This tells the YouTube server which of our pages you have visited.
We use the Google Tag Manager on our pages. Google Tag Manager is an application that allows us to serve small code elements (tags) on our Sites based on user-defined rules. Such tags can be used, for example, to measure visitor behavior (Google Analytics).
The Tag Manager itself does not write cookies and does not collect personal data, but it can play tags that collect such data. The basis for the Cookie Consent Tool offered on our pages is the use of the Google Tag Manager, which interprets the settings made by visitors and then plays tags on the page or not.
The data obtained in this way is used to optimize our website and advertising measures. Our website uses the IP anonymization option offered by Google Analytics. Your IP address will therefore be shortened/anonymized by Google as soon as Google receives your IP address. On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data by Google.
Furthermore, we use the Signals function in Google Analytics. Google Signals enables an extended analysis of the user behavior of visitors who have visited our pages with their logged-in Google account, among other things, and have agreed to personalized advertising in their Google account. These are, for example, analyses of cross-device use of our pages (aggregation of multiple end devices), the ability to perform cross-device remarketing for logged-in Google users, and the storage of socio-demographic data (such as age group, geographic data,...) in the Google Analytics database.
With Google Optimize, another tool of the Google marketing platform is used on our websites. Google Optimize allows us to increase the interaction rate of our visitors by playing different test variants of our websites, among other things by optimizing usability. Such tests are either A/B tests or multivariate tests. If Google Optimize is used on the website, cookies are used to optimize and analyze the behavior of visitors to our website.
We use Google AdWords Conversion Tracking to measure the success of our advertising measures. After certain target achievements on our website ("conversions") - such as sending the contact form - this target achievement is recorded by Google. Google can thus measure the number of target achievements. In addition, Google will use previously set cookies to assign which advertisements were clicked on beforehand and were thus decisive for the target achievement.
Google Ads will set a cookie on your computer if you have reached our website via a Google ad. These cookies usually lose their validity after 30 days and are not used for personal identification. If users visit certain pages of the Google Ads customers' websites and the cookie has not yet expired, Google and the customers can recognize that the user clicked on the ad and was redirected to that page. Each Google Ads customer receives a different cookie.
When you visit our Facebook page, personal data (documentation of usage behavior) is processed by Facebook using cookies. From this information, anonymized statistical data about page activity is created and automatically provided to us (Insights). We are jointly responsible with Facebook for this data processing pursuant to Article 26 GDPR. In doing so, we rely on our legitimate interests. Without the processing of this data, we would not be able to maintain the presence and optimization of our offer on Facebook. You can find more information about this here.
We also use the "pixel" from Facebook on our websites. This allows us to track the behavior of users after they have clicked on an ad on Facebook. This allows us to evaluate ads for statistical and market research purposes and optimize future advertising measures.
Another benefit is to recognize whether and which interactions were carried out on the website (e.g. download) (see Event Tracking). This function is also used to present interest-based advertisements ("Facebook Ads") to visitors of this website when visiting the social network Facebook (see Custom Audiences). For this purpose, Facebook Pixel has been implemented on our website. Via Facebook Pixel, a direct connection to the Facebook servers is established when visiting the website. In doing so, it is transmitted to the Facebook server that you have visited this website and Facebook assigns this information to your personal Facebook user account.
In addition to the integration of the Facebook pixel, our websites also use the associated event tracking. An event is a specific action that a visitor takes on our website, such as a contact request or a newsletter subscription. This helps us to better measure the success of our online campaigns and how successful they were.
Our website uses Facebook's "Custom Audiences" remarketing function, which uses the Facebook Pixel installed on our website to recognize logged-in visitors, along with the information on which of our pages the visit took place. These visitors can then be served targeted advertisements.
This website uses the services of Active Campaign for sending newsletters. The provider is the US provider ActiveCampaign, LLC, 150 N. Michigan Ave Suite 1230, Chicago, IL, US, USA. Active Campaign is a service with which, among other things, the dispatch of newsletters can be organized and analyzed. In order to receive the newsletter offered on our website, you can register via our form. We use the so-called double opt-in procedure. First, a confirmation email will be sent to the email address you provided, asking for confirmation. The registration only becomes effective when you click on the activation link contained in the confirmation email. We use your data transmitted to us exclusively for sending the newsletter, which may contain information or offers.
When you enter data for the purpose of receiving newsletters (e.g. your e-mail address), this data is stored on Active Campaign's servers in the USA. Active Campaign has a certification according to the "EU-US Privacy-Shield". The "Privacy Shield" is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA.
Active Campaign allows us to analyze our newsletter campaigns. When you open an email sent with Active Campaign, a file contained in the email (known as a web beacon) connects to Active Campaign's servers in the USA. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you do not want any analysis by Active Campaign, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also unsubscribe from the newsletter directly on our website.
The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you have provided to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of Active Campaign after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
We have concluded a so-called "Data-Processing-Agreement" with Active Campaign, in which we oblige Active Campaign to protect the data of our customers and not to pass them on to third parties.
We use Piwik PRO Analytics Suite as a website/app analytics software and consent management tool. The provider is Piwik PRO GmbH, Knesebeckstraße 62/63,10719 Berlin. We collect data about website visitors based on cookies. The collected information may include a visitor’s IP address, operating system, browser ID, browsing activity and other information. See the scope of data collected by Piwik PRO here.
We calculate metrics like bounce rate, page views, sessions and the like to understand how our website/app is used. We may also create visitors’ profiles based on browsing history to analyze visitor behavior, show personalized content and run online campaigns.
We host our solution on Microsoft Azure in Germany, and the data is stored for 25 months.
The purpose of data processing: analytics and conversion tracking based on consent. Legal basis: Art. 6 (1)(a) GDPR.
We use Calendly, a scheduling and organization tool, for our website. The service provider is the American company Calendly LCC, 271 17th St NW, Ste 1000, Atlanta, Georgia, 30363, USA.
Calendly also processes data in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks to the legality and security of data processing.
As a basis for data processing with recipients in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. especially in the USA) or a data transfer there, Calendly uses standard contractual clauses approved by the EU Commission (= Art. 46. para. 2 and 3 DSGVO). These clauses oblige Calendly to comply with the EU level of data protection when processing relevant data also outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision as well as the clauses here.
Some of the recipients listed above may be located outside of Austria or the EU or may process your personal data there. The level of data protection in other countries may not be the same as in Austria. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or we take measures to ensure that all recipients have an adequate level of data protection.
Under applicable law, you have the right, among other things (subject to applicable law), to (i) verify whether and what personal data we hold about you and to obtain copies of such data, (ii) request that we correct, amend, or delete your personal data that is inaccurate or not being processed in accordance with the law, (iii) request that we restrict the processing of your personal data, (iv) in certain circumstances, object to the processing of your personal data or withdraw any consent previously given for the processing, such withdrawal not affecting the lawfulness of the processing until the withdrawal (v) request data portability, (vi) know the identity of third parties to whom your personal data is transferred, and (vii) lodge a complaint with the data protection authority.
If you have any questions or concerns about the processing of your personal data, please contact us. You can reach us at the following contact details:
vlabs innovation gmbh
1070 Vienna, Austria
Tel: +43 5522 21531