usearistang

Privacy Policy

Privacy Policy

Effective Date: January 2025

This Privacy Policy describes how usearistang (legal name: usearistang), operating the website usearistang.cfd, collects, uses, processes, and protects your personal data. We are committed to safeguarding your privacy and ensuring transparency in how we handle your information. This policy complies with the General Data Protection Regulation (GDPR) and Austrian data protection laws.

1. Introduction and Scope

This Privacy Policy applies to all visitors and users of the website usearistang.cfd (hereinafter referred to as "the Website"). It explains our practices regarding the collection, use, disclosure, and protection of your personal data when you visit our Website, submit forms, or interact with our services.

As a company operating in Austria and serving users in the European Union and beyond, we are subject to the General Data Protection Regulation (GDPR) (EU 2016/679) and the Austrian Data Protection Act (Datenschutzgesetz – DSG). We take our data protection obligations seriously and have implemented appropriate technical and organisational measures to protect your personal data.

By accessing and using this Website, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with our practices, please refrain from using the Website.

2. Data Controller and Contact Information

Data Controller: usearistang (usearistang)

The data controller responsible for your personal data is:

  • Company: usearistang
  • Legal Name: usearistang
  • Website: usearistang.cfd
  • Email: [email protected]
  • Phone: +3472323233
  • Address: Klagenfurter Straße 28, St. Veit an der Glan, 9300, Austria

For any privacy-related inquiries, requests to exercise your rights, or concerns about our data handling practices, please contact us using the information provided above. We aim to respond to all privacy requests within 30 days, as required by applicable law.

3. Types of Personal Data We Collect

We collect personal data only when you voluntarily provide it to us or when it is automatically collected through your interaction with the Website. The types of personal data we collect include:

3.1 Data You Provide Directly

When you submit the contact form on our Website, we collect the following personal data:

  • Name: Your full name as provided by you
  • Email Address: Your email address for correspondence purposes
  • Phone Number: Your telephone number (optional but helpful for contact)
  • Message: Any message, inquiry, or comments you provide in the contact form

This data is provided voluntarily by you when you decide to submit a contact form or inquiry. We use this information solely to respond to your inquiry, provide customer support, and communicate with you regarding your request.

3.2 Automatically Collected Data

When you visit our Website, certain information is automatically collected:

  • IP Address: Your Internet Protocol (IP) address for security and site analytics purposes
  • Browser Information: Type of browser, browser version, and operating system
  • Referral Source: Information about how you accessed our Website (referrer URL)
  • Pages Visited: Which pages you visit and how long you spend on each page
  • Date and Time: Timestamp of your visit and activity
  • Device Information: Information about the device you use to access the Website (mobile, desktop, tablet)
  • Cookies and Similar Technologies: Data collected through cookies and web beacons

This data is collected through server logs, cookies, and similar tracking technologies to improve our Website, analyze user behaviour, and ensure security.

4. Legal Basis for Data Processing

Under the GDPR, we must have a lawful basis to process your personal data. The legal bases for our data processing activities are:

  • Article 6(1)(a) GDPR – Consent: For optional analytics and marketing communications, we rely on your explicit consent, which you can withdraw at any time
  • Article 6(1)(b) GDPR – Contract Performance: When processing data necessary to respond to your contact form submission or fulfill a service you request
  • Article 6(1)(c) GDPR – Legal Obligation: Where required by Austrian law or other applicable legislation
  • Article 6(1)(f) GDPR – Legitimate Interests: For website security, fraud prevention, analytics, and improving user experience, where our legitimate interests are not overridden by your fundamental rights

Before collecting optional data (such as for analytics), we will explicitly ask for your consent and explain what data will be collected and how it will be used. Your consent is always voluntary and can be withdrawn at any time without affecting the lawfulness of processing before withdrawal.

5. Cookies and Similar Technologies

Our Website uses cookies and similar tracking technologies to enhance your experience and collect information about your usage patterns.

5.1 Functional Cookies (Essential)

Functional cookies are strictly necessary for the Website to function properly. These cookies:

  • Enable basic Website functionality such as page navigation and form submission
  • Remember your preferences and settings
  • Maintain session information for your security
  • Are automatically placed without requiring your prior consent (legal basis: Article 6(1)(f) GDPR)

Examples of functional cookies include session identifiers and security tokens. You cannot opt out of these cookies as they are essential for Website operation, but you can delete them through your browser settings (though this may impair Website functionality).

5.2 Analytics Cookies (Optional)

Analytics cookies help us understand how visitors use our Website and which content is most valuable. These cookies:

  • Collect aggregated data about page visits, user behaviour, and traffic patterns
  • Allow us to measure Website performance and user engagement
  • Help identify technical issues and areas for improvement
  • Are placed only with your explicit prior consent (legal basis: Article 7 GDPR)

Analytics cookies do not store personally identifiable information directly. However, they may collect IP addresses and device information that could be considered personal data under the GDPR. Before any analytics tracking is implemented, we will provide you with a clear cookie consent banner where you can opt in or opt out of analytics tracking.

5.3 Marketing Cookies (Optional)

We do not currently employ marketing or advertising cookies on our Website. However, if we implement such cookies in the future, they will only be placed with your explicit prior consent, as required by law.

5.4 Cookie Management

You can manage your cookie preferences at any time by:

  • Adjusting your browser settings to accept or reject cookies
  • Using "Do Not Track" (DNT) features if your browser supports them
  • Deleting cookies from your browser's storage
  • Using cookie management tools or opt-out mechanisms provided on our Website

Please note that disabling cookies may affect the functionality and user experience of our Website. Most browsers provide information on how to manage cookies in their help sections.

6. Third-Party Services and External Resources

Our Website uses certain third-party services and external resources to deliver content and functionality. We only use trusted providers and ensure appropriate data protection agreements are in place.

6.1 Google Fonts

Our Website uses Google Fonts to load typography resources. When you access our Website, your browser makes requests to Google's servers to download font files. This may result in:

  • Your IP address being transmitted to Google's servers
  • Google processing this data in accordance with its privacy policy
  • Potential storage of referral data and access logs

Google Fonts does not store cookies or use your data for personalised advertising. However, Google may collect information about your visit for analytics and security purposes. For more information, please review Google's Privacy Policy at https://policies.google.com/privacy. If you prefer not to load external resources, you may adjust your browser settings, though this may affect the visual appearance of our Website.

6.2 Tailwind CSS CDN

We use the Tailwind CSS Content Delivery Network (CDN) to load styling and design resources. When you visit our Website:

  • Your browser requests CSS resources from Tailwind's CDN
  • Your IP address and access logs may be recorded by the CDN provider
  • This data is used for security, performance monitoring, and content delivery optimisation

Tailwind CSS does not use this data for advertising or tracking purposes. We have selected Tailwind CDN as our provider based on its strong privacy practices and compliance with data protection regulations. You can review their privacy documentation on their official website.

6.3 Data Transfers to Third Parties

When you provide personal data through our contact form, this data is transmitted only to our internal systems. However, if we use email providers, payment processors, or other service providers in the future, any transfer of personal data will:

  • Be based on documented Data Processing Agreements (DPA) compliant with GDPR Article 28
  • Ensure that data processors have appropriate security measures in place
  • Be limited to data necessary for the specific service
  • Never occur without appropriate legal safeguards

We do not sell, share, or disclose your personal data to third parties for marketing purposes without your explicit consent.

7. Data Retention and Deletion

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law.

7.1 Contact Form Data

Personal data submitted through our contact form (name, email, phone, message) will be retained for:

  • Active Correspondence: For the duration of our communication and up to 30 days after the final response to your inquiry
  • Follow-up Communication: For an additional period of up to 6 months, in case you wish to continue correspondence
  • Legal Obligation: For any period required by Austrian tax law, commercial law, or other applicable legislation (typically 6-10 years for business records)

After the retention period expires, your data will be securely deleted unless we are required by law to retain it for a longer period.

7.2 Website Analytics Data

Automatically collected data (IP addresses, browser information, access logs) will be retained for:

  • Server Logs: Up to 30 days for security and troubleshooting purposes
  • Analytics Data: Up to 13 months if analytics tracking is enabled, after which data is automatically deleted or anonymised

7.3 User Rights to Deletion

You have the right to request deletion of your personal data ("Right to be Forgotten") in accordance with GDPR Article 17, except where:

  • We need to retain data to fulfill a legal obligation
  • Data is necessary for the exercise of legal claims
  • Data must be retained for tax or accounting purposes

To request deletion of your data, please contact us at [email protected] with your request and appropriate identification.

8. Your Data Protection Rights

Under the GDPR and Austrian Data Protection Act, you have comprehensive rights regarding your personal data:

8.1 Right of Access (Article 15 GDPR)

You have the right to request access to all personal data we hold about you. We will provide this information in a clear, accessible format within 30 days of your request. To exercise this right, contact [email protected] and specify that you wish to exercise your right of access.

8.2 Right to Rectification (Article 16 GDPR)

If any personal data we hold about you is inaccurate or incomplete, you have the right to request correction. We will make the necessary corrections without undue delay and notify you of the changes made.

8.3 Right to Erasure (Article 17 GDPR)

You have the right to request deletion of your personal data ("Right to be Forgotten"), provided that:

  • The data is no longer necessary for the purposes for which it was collected
  • You withdraw your consent and no other legal basis exists for processing
  • You object to processing and no compelling legitimate grounds exist
  • The data has been unlawfully processed

We cannot delete data where required by law or where we have legitimate grounds to retain it.

8.4 Right to Restrict Processing (Article 18 GDPR)

You can request that we restrict (limit) the processing of your personal data where:

  • You dispute the accuracy of the data
  • Processing is unlawful and you prefer restriction to deletion
  • We no longer need the data but you require it for legal claims
  • You have objected to processing pending our verification

During the restriction period, we will store your data but will not actively process it except with your consent or for legal claims.

8.5 Right to Data Portability (Article 20 GDPR)

You have the right to request your personal data in a structured, commonly used, machine-readable format (such as CSV or JSON). This allows you to:

  • Transmit your data to another service provider without hindrance
  • Retain a copy of your information
  • Exercise greater control over your data

We will provide your data within 30 days of your request at no charge.

8.6 Right to Object (Article 21 GDPR)

You have the right to object to the processing of your personal data where:

  • Processing is based on our legitimate interests (unless we can demonstrate compelling reasons to continue)
  • Processing is for direct marketing purposes (we will immediately cease such processing)
  • Processing is for profiling or automated decision-making

8.7 Rights Related to Automated Decision-Making (Article 22 GDPR)

Our Website does not employ automated decision-making or profiling that produces legal or similarly significant effects on you. If we implement such processing in the future, we will inform you and provide appropriate safeguards.

8.8 How to Exercise Your Rights

To exercise any of these rights, please contact us:

  • Email: [email protected]
  • Phone: +3472323233
  • Address: Klagenfurter Straße 28, St. Veit an der Glan, 9300, Austria

Your request must include sufficient information for us to identify you (such as your full name, email address, and any details of your previous communication). We will verify your identity before processing your request. We will respond to all requests within 30 days. If your request is complex or voluminous, we may extend the deadline by two additional months (60 days total), and we will inform you of any extension.

9. Data Security Measures

We implement comprehensive technical and organisational security measures to protect your personal data from unauthorised access, disclosure, alteration, and destruction.

9.1 Technical Security Measures

Our technical security includes:

  • HTTPS Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS protocols
  • Secure Server Infrastructure: We use secure hosting with regular security updates and patches
  • Firewalls and Intrusion Detection: Multiple layers of security to prevent unauthorised access
  • Database Security: Personal data is stored in secure databases with access controls
  • Regular Security Audits: We conduct regular security assessments and penetration testing

9.2 Organisational Security Measures

Our organisational security practices include:

  • Access Controls: Only authorised personnel can access personal data, and access is strictly limited to what is necessary
  • Confidentiality Obligations: All staff who handle personal data are bound by confidentiality agreements
  • Data Protection Training: Our team receives regular training on data protection best practices
  • Incident Response Plan: We have a documented procedure for responding to data breaches
  • Backup and Recovery: Regular backups are maintained to prevent data loss

9.3 Data Breach Notification

In the unlikely event of a data breach that compromises your personal data, we will:

  • Notify you without undue delay and in any case within 72 hours of becoming aware of the breach (as required by GDPR Article 33)
  • Provide information about the nature of the breach, affected data, and potential risks
  • Explain the measures we are taking to address the breach and prevent future incidents
  • Notify the relevant Austrian data protection authority where required by law

However, we must emphasize that no security measure is completely foolproof. While we implement industry-standard protections, we cannot guarantee absolute security.

10. International Data Transfers

Our Website is hosted and operated from Austria, which is part of the European Union. Therefore, personal data collected on our Website is primarily processed within the EU, which benefits from an adequacy decision under GDPR Article 45.

If we ever transfer personal data outside the European Economic Area (EEA) to countries without an EU adequacy decision, we will implement appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs): We use EU-approved SCCs to govern data transfers
  • Binding Corporate Rules (BCRs): Where applicable, we implement BCRs for multinational operations
  • Your Explicit Consent: We will obtain your prior written consent before any non-EEA transfer

Any international data transfers will be conducted in full compliance with GDPR and Austrian law.

11. Children's Privacy

Our Website is not intended for children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children under 13.

If we become aware that a child under 13 has provided us with personal data, we will take immediate steps to delete such data and terminate the child's account or interaction with our Website.

For users between 13 and 18 years of age (where applicable), parental or guardian consent may be required depending on local law. If you are a minor and wish to use our Website, please ensure you have appropriate parental or guardian permission.

Parents or guardians who believe their child has provided personal data to us should contact us immediately at [email protected].

12. Austria-Specific Privacy Information

As a data controller operating in Austria, we comply with the following Austrian-specific requirements:

12.1 Austrian Data Protection Act (Datenschutzgesetz – DSG)

In addition to GDPR compliance, we comply with the Austrian Data Protection Act (DSG), which transposes the GDPR into Austrian law and provides additional protections. This Privacy Policy meets all Austrian requirements for transparency and data subject rights.

12.2 Data Protection Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Austrian data protection authority:

Austrian Data Protection Authority (Österreichische Datenschutzbehörde)
Wickenburggasse 8
1080 Wien
Telephone: +43 1 52 152-0
Email: [email protected]
Website: https://www.dsb.gv.at

12.3 Data Protection Officer (DPO)

While we are not currently required to appoint a Data Protection Officer under GDPR Article 37, we have designated a contact person responsible for privacy matters. For privacy inquiries, please contact:

Privacy Contact:
Email: [email protected]
Phone: +3472323233
Address: Klagenfurter Straße 28, St. Veit an der Glan, 9300, Austria

13. Marketing Communications and Opt-Out

We will only send you marketing communications (newsletters, promotional offers, updates) if you have explicitly consented to receive such communications. Your consent is always voluntary and can be withdrawn at any time.

To opt out of marketing communications, you can:

  • Click the "Unsubscribe" link in any marketing email we send you
  • Contact us directly at [email protected] with a request to unsubscribe
  • Adjust your communication preferences through any account or preference centre we may provide

If you opt out of marketing communications, we will respect your preference and remove you from our marketing mailing lists. This will not affect our ability to send you transactional messages (e.g., responses to your inquiries or service notifications).

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Any material changes will be communicated to you:

  • By posting an updated version on our Website with a new "Effective Date"
  • By sending you an email notification at the email address you provided
  • By requiring your affirmative consent before implementing significant changes that increase your data usage or change the purposes of processing

Your continued use of the Website after any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy regularly to stay informed about how your data is handled.

15. Links to Third-Party Websites

Our Website may contain links to third-party websites that are not operated by us. This Privacy Policy applies only to our Website and does not cover:

  • Third-party websites accessed through links on our Website
  • Third-party services or plugins integrated into external websites
  • Information collected by third-party websites according to their own privacy policies

We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any third-party websites before providing your personal data to them. Third-party links are provided for your convenience and do not constitute an endorsement of their practices.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us:

usearistang (usearistang)
Email: [email protected]
Phone: +3472323233
Address: Klagenfurter Straße 28, St. Veit an der Glan, 9300, Austria
Website: usearistang.cfd

We will respond to all inquiries promptly and will work with you to address any concerns. If you are not satisfied with our response, you have the right to lodge a complaint with the Austrian Data Protection Authority as detailed in Section 12.2 above.

17. Disclaimer

This Privacy Policy is provided for information purposes and constitutes our commitment to data protection and transparency. While we have prepared this policy with careful attention to legal requirements, no privacy policy can cover every conceivable situation. For specific legal advice regarding your privacy rights, you may wish to consult with a qualified attorney. This policy is effective as of the date listed at the top and supersedes all previous privacy policies.

Last Updated: January 2025
Version: 1.0