Datenschutz

2.1.1 Third-Party Cookies and Plugins Used

If the visitor allows the use of additional cookies through their browser settings or consent, cookies from the following third-party providers and plugins may be used on our websites:

• Google Tag Manager
• Google Maps
• OpenStreetMap
• Google Analytics

If these cookies may also relate to personal data, we provide information about them under "Plugins."

The visitor can delete individual cookies or the entire cookie inventory through their browser settings. In addition, they will receive information and instructions on how to delete these cookies or block their storage in advance.

Depending on the browser used, the necessary information can be found in your browser's settings.

For more information on cookies in general, you can refer to:

• http://www.allaboutcookies.org/
• http://www.youronlinechoices.com/

2.1.2 Access to the Website and Log Files

We use an Internet service provider to host our online presence, on whose server the website is stored (hosting), and who makes our site available on the Internet. In this process, the internet service provider processes contact data, content data, contract data, usage data, inventory data, as well as meta and communication data on our behalf.

Name and address of the Internet service provider: master design gmbh Hauptstraße 6/4 7350 Oberpullendorf

You can view their data protection provisions here: [Link to the provider's privacy policy]

The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website, which requires the collection of server log files.

If you only use our website for informational purposes, our internet service provider will only collect the personal data that your browser transmits to their server. This data includes the following:

• Browser type and browser version
• Operating system used
• Referrer URL
• Hostname of the accessing computer
• Time of the server request
• IP address

These data will not be merged with other data sources.

2.1.3 Plugins and Third-Party Cookies

CookieFirst

This website uses the Cookie Consent technology from CookieFirst to obtain your consent to the storage of certain cookies on your device and to document this in compliance with data protection regulations. The provider of this technology is Digital Data Solutions B.V., Plantage Middenln 42a, 1018 DH Amsterdam, website: CookieFirst.

When you enter our website, the following personal data is transmitted to CookieFirst:

• Your consent(s) or the revocation of your consent(s)
• Your IP address
• Information about your browser
• Information about your device
• Time of your visit to the website

Furthermore, CookieFirst stores a cookie in your browser to associate the granted consents or their revocation with your browser. The data collected in this way will be stored until you request us to delete it, delete the CookieFirst cookie yourself, or the purpose for data storage no longer applies. Mandatory statutory retention periods remain unaffected.

The use of CookieFirst is based on obtaining the legally required consents for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or analytics tools and other technologies on our website. Google Tag Manager does not create user profiles, store cookies, or conduct its own analyses. It is used solely for the management and deployment of the tools integrated through it. However, Google Tag Manager does collect your IP address, which may also be transferred to Google's parent company in the United States.

The use of Google Tag Manager is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on their website. If consent has been requested, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; consent can be revoked at any time.

Google Analytics

Our website uses Google Analytics, including features of Universal Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses "cookies," which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.

IP anonymization (IP masking) is used on our website. Due to the unresolved legal situation regarding the use of full IP addresses with analytics tools, Google Analytics is used with the "_anonymizeIp()" extension. This means that your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transferred to the USA and will only be fully processed there in exceptional cases. Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity, and to provide us with other services related to website activity and internet usage.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly; however, please note that if you do this, you may not be able to use all the features of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: Google Analytics Opt-out Browser Add-on.

More information on terms of use and data protection can be found at Google Analytics Terms of Service.

Google Maps

This website uses Google Maps for displaying map information. When using Google Maps, Google also processes data about the use of the map functions by visitors to the websites. For more information about data processing by Google, please refer to Google's privacy policy at Google Privacy Policy. You can also change your settings in the Google Privacy Center to manage and protect your data.

OpenStreetMaps

We use the open-source map service "OpenStreetMaps" (OSM) provided by the OpenStreetMap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom, for displaying geodata on our website. OSM allows us to provide an interactive map on our website that shows how to find and reach us. This service enables us to present our website in an appealing way by loading map material from an external server. The following data is transmitted to OSM's servers during display: the pages of our website that you have visited and the IP address of your device. The legal basis for processing your data in relation to the "OSM" service is Art. 6(1)(f) GDPR (Legitimate interest in data processing). The legitimate interest arises from our need for an attractive presentation of our online offering and the easy accessibility of the locations provided on our homepage.

For more information on how user data is handled, please refer to the OSM Foundation's privacy policy.

YouTube with Enhanced Privacy

This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in enhanced privacy mode. According to YouTube, this mode ensures that YouTube does not store information about visitors to this website before they watch the video. However, the extended privacy mode does not necessarily exclude data sharing with YouTube partners. For example, YouTube - regardless of whether you watch a video - establishes a connection to the Google DoubleClick network.

When you start a YouTube video on this website, a connection to YouTube's servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube may store various cookies on your device after starting a video or use similar recognition technologies (e.g., device fingerprinting). This allows YouTube to obtain information about visitors to this website. This information may be used, among other things, to collect video statistics, improve user-friendliness, and prevent fraud.

Additional data processing operations may be triggered after starting a YouTube video, over which we have no control.

The use of YouTube is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; the consent can be revoked at any time.

For more information about data protection at YouTube, please refer to their privacy policy at: YouTube Privacy Policy.

2.2 Data Sharing

Personal data is transmitted to third parties when:

• The data subject has expressly consented to it in accordance with Art. 6(1)(a) GDPR.
• The transfer is necessary for the establishment, exercise, or defense of legal claims under Art. 6(1)(f) GDPR, and there is no reason to believe that the data subject has an overriding legitimate interest in not disclosing their data.
• There is a legal obligation to transmit the data under Art. 6(1)(c) GDPR, and/or
• It is necessary for the performance of a contract with the data subject under Art. 6(1)(b) GDPR.

In other cases, personal data will not be disclosed to third parties.

3. Rights of the Data Subject

Where personal data concerning the visitor is processed during their visit to our website, the visitor is considered a "data subject" within the meaning of the GDPR and is entitled to the following rights:

3.1 Information

The visitor can request information from us as to whether personal data concerning them is being processed by us. There is no right to information if the provision of the information would violate a duty of confidentiality or if the information must be kept secret for other reasons, in particular due to an overriding legitimate interest of a third party. Notwithstanding this, there may be an obligation to provide the information if, in particular in the case of imminent damage, the interests of the visitor outweigh the interest in confidentiality.

The right to information is also excluded if the data is only stored because it may not be deleted due to legal or statutory retention periods or solely serves the purpose of data backup or data protection control, provided that the provision of information would require a disproportionate effort and the processing for other purposes is excluded by appropriate technical and organizational measures.

If, in the specific case, the right to information is not excluded and personal data is processed by us, the visitor can request information from us about the following information:

• Purposes of processing
• Categories of personal data processed by the visitor
• Recipients or categories of recipients to whom personal data of the visitor is disclosed, particularly for recipients in third countries
• If possible, the planned duration for which personal data will be stored or, if this is not possible, the criteria for determining this duration
• The existence of a right to rectify or erase or restrict the processing of personal data concerning the visitor or to object to such processing
• The existence of a right to lodge a complaint with a supervisory authority for data protection
• If the personal data was not collected from the visitor as the data subject, the available information about the data source
• The existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing
• In the case of transfers to recipients in third countries, if there is no decision by the EU Commission on the adequacy of the level of protection pursuant to Art. 45(3) GDPR, information about what appropriate safeguards pursuant to Art. 46(2) GDPR have been taken for the protection of personal data.

3.2 Correction and Completion

If the visitor determines that we have incorrect personal data concerning them, they can request us to promptly correct this incorrect data. In the case of incomplete personal data concerning the visitor, they can request completion.

3.3 Deletion

a) Obligation to Delete

You can request the controller to delete your personal data concerning you without undue delay, and the controller is obliged to delete this data without undue delay if one of the following reasons applies:

(1) The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.

(2) You withdraw your consent on which the processing is based according to Art. 6(1)(a) or Art. 9(2)(a) GDPR, and there is no other legal basis for the processing.

(3) You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2) GDPR.

(4) Your personal data concerning you have been unlawfully processed.

(5) The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.

(6) Your personal data concerning you has been collected in relation to information society services offered pursuant to Art. 8(1) GDPR.

b) Information to Third Parties

Where the controller has made your personal data public and is obliged pursuant to Art. 17(1) GDPR to erase your personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

c) Exceptions

The right to deletion does not exist insofar as the processing is necessary

(1) to exercise the right to freedom of expression and information;

(2) to fulfill a legal obligation which requires processing according to the law of the Union or the Member States to which the controller is subject, or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller;

(3) for reasons of public interest in the field of public health according to Art. 9(2)(h) and (i) and Art. 9(3) GDPR;

(4) for archival purposes in the public interest, scientific or historical research purposes, or statistical purposes according to Art. 89(1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of such processing, or

(5) to assert, exercise or defend legal claims.

3.4 Restriction of Processing

The visitor can request us to restrict the processing if one of the following conditions is met:

• The visitor disputes the accuracy of the personal data. In this case, the restriction can be requested for the duration that allows us to verify the accuracy of the data.
• The processing is unlawful, and the visitor requests the restriction of the use of their personal data instead of deletion.
• We no longer need the personal data for the purposes of processing, but the visitor needs them to assert, exercise, or defend legal claims.
• The visitor has objected to the processing pursuant to Art. 21(1) GDPR. The restriction of processing can be requested as long as it is not yet clear whether our legitimate reasons outweigh the visitor's reasons.

Restriction of processing means that personal data will only be processed with the visitor's consent or for the purpose of asserting, exercising, or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest. Before lifting the restriction, we have an obligation to inform the visitor about it.

3.5 Right to Information

If you have asserted your right to correction, deletion, or restriction of processing to the responsible party, they are obliged to inform all recipients to whom the personal data concerning you has been disclosed about this correction or deletion of data or restriction of processing unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients from the responsible party.

3.6 Right to Data Portability

The visitor has the right to data portability if the processing is based on their consent (Article 6(1)(a) or Article 9(2)(a) GDPR) or on a contract to which they are a party, and the processing is carried out by automated means. In this case, the right to data portability includes the following rights, provided that this does not adversely affect the rights and freedoms of others. The visitor can request to receive the personal data they have provided to us in a structured, commonly used, and machine-readable format. They have the right to transmit this data to another controller without hindrance from us. To the extent technically feasible, the visitor can request that we transmit their personal data directly to another controller.

3.7 Right to Object

If processing is based on Article 6(1)(e) GDPR (performance of a task carried out in the public interest or in the exercise of official authority) or Article 6(1)(f) GDPR (legitimate interests pursued by the controller or a third party), the visitor has the right to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them. This also applies to profiling based on Article 6(1)(e) or (f) GDPR. After the exercise of the right to object, we will no longer process the visitor's personal data unless we can demonstrate compelling legitimate grounds for the processing that override the visitor's interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. The visitor can object at any time to the processing of their personal data for direct marketing purposes, including profiling related to such direct marketing. After exercising this right to object, we will no longer use the relevant personal data for direct marketing purposes. The visitor has the option to informally communicate their objection by telephone, email, possibly by fax, or to the postal address listed at the beginning of this data protection declaration.

3.8 Automated Individual Decision-Making, Including Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision is necessary for entering into or performing a contract between you and the responsible party, is authorized by Union or Member State law to which the controller is subject, and that law contains suitable measures to safeguard your rights, freedoms, and legitimate interests, or is based on your explicit consent. However, these decisions may not be based on special categories of personal data referred to in Article 9(1) GDPR unless Article 9(2)(a) or (g) GDPR applies, and suitable measures to safeguard your rights, freedoms, and legitimate interests are in place. With regard to the cases referred to in (1) and (3), the responsible party takes reasonable measures to safeguard your rights, freedoms, and legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your point of view, and to contest the decision. As a responsible company, we refrain from automated decision-making or profiling.

3.9 Right to Lodge a Complaint

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

4. Email Contact4.1 Description and Scope of Data Processing

Contact via the provided email addresses on the website is possible. In this case, the personal data of the user transmitted with the email will be stored. There is no further disclosure of the data to third parties. The data is exclusively used for processing the conversation.

4.2 Legal Basis for Data Processing

The legal basis for processing the data is Art. 6(1)(a) GDPR if the user has given their consent. The legal basis for processing the data transmitted in the course of sending an email is Art. 6(1)(f) GDPR. If the email contact aims to conclude a contract, an additional legal basis for the processing is Art. 6(1)(b) GDPR.

4.3 Purpose of Data Processing

The processing of personal data from email contact serves us to process the conversation as well as any necessary steps before concluding a contract.

4.4 Duration of Data Storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the matter in question has been finally clarified.

4.5 Objection and Removal Option

The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting will be deleted.

Update of this Data Protection Declaration

This data protection declaration is subject to adaptation and change. We reserve the right to update the data protection declaration at any time to improve data protection and/or to adapt it to changed supervisory practices or case law.