Privacy Policy & Cookie Policy
1. The entity responsible for processing my data (within the meaning of Article 4 GDPR) is:
MyPilz GmbH
Wienerbergstraße 55/13-15
1120 Vienna, Austria
2. What data do we process and where does it come from?
Personal data is information relating to an identified or identifiable natural person (hereinafter referred to as "data"). By using our online shop, we process the following data in particular:
When you place an order or contact us (e.g., via contact form or email), you provide us with data. The specific data you provide is evident from the respective input forms. This includes, for example, the following information: your name, email address, telephone number, and any other contact details you provide.
3. On what legal basis is my data processed?
Your data will be processed in accordance with applicable data protection regulations (see General Data Protection Regulation GDPR). If we process your data for purposes other than those originally collected, we will ensure that there is a sufficient legal basis for doing so.
The following examples of legal bases are for transparency purposes and are not intended to be an exhaustive list.
Performance of a contract / pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b) GDPR): In the course of fulfilling your purchase contract or any other contract with us, we need to process certain data.
Fulfillment of a legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR): We need to process some of your data in order to comply with legal obligations to which we are subject.
Safeguarding legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR): We also process some of your data to protect our legitimate interests or those of third parties, but only if your interests do not override those interests in individual cases.
4. For what purposes is your data processed?
Contract-related processing purposes
Data collection and use for contract processing: We collect and process personal data when you voluntarily provide it to us as part of your order. The specific data collected is evident from the respective input forms. We use the data you provide to fulfill our contractual obligations to you and to process your inquiries.
5. With whom will your data be shared?
We are committed to taking the necessary steps to ensure that your data is protected, processed, and transferred in accordance with legal regulations. When using cookies, we may transfer data to third parties. For more information, please consult our Cookie Policy.
Shipping
As part of fulfilling the contract, we will pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of your ordered goods.
6. How long will your data be stored?
Your data will be stored in accordance with Article 17 of the GDPR for as long as we are legally obligated to do so, or as long as we need it for the purposes stated in section 4. Afterwards, your data will be deleted in accordance with the principle of data minimization.
7. What data security measures are in place?
We encrypt your data using SSL encryption. Furthermore, we anonymize visitor statistics on our website. Contact forms are forwarded directly to us via one of our email inboxes. However, we have also concluded a data processing agreement with our server and domain host.
8. What data protection rights can you assert?
You may assert various rights as a data subject. Please contact us for this purpose using the contact information provided in section 1.
Right to information
Upon request, you will receive information about the following data stored by us (Art. 15 GDPR).
Copies of the data (emails, letters, database extracts) and the specific data processed, the purposes for which we processed it, and, if applicable, the recipients if we have transferred your data. We will provide you with this information free of charge.
Right to rectification and erasure
You can request both the correction of inaccurate information (pursuant to Article 16 GDPR) and the deletion of your data (pursuant to Article 17 GDPR). This may be the case, for example, if...
their data are no longer required for the purposes for which they were collected or processed;
they withdraw their consent, which is the basis for data processing;
You may object to the processing of your data and there are no overriding legitimate grounds for the processing;
their data was processed unlawfully.
subject to the condition that compliance with a legal obligation which requires us to process your data is ensured, in particular with regard to statutory retention periods and for the establishment, exercise or defense of legal claims.
Right to restriction of processing
According to Article 18 of the GDPR, you have the right to restrict the processing of your data. This aims to limit the future processing of your data. This may be the case if...
They dispute the accuracy of their personal data, as long as we verify the accuracy of the personal data;
They may object to the processing as long as it is not yet clear whether our legitimate grounds for processing override theirs;
we no longer need your data, but you require it for the establishment, exercise or defense of legal claims;
The processing is unlawful and you refuse the deletion of your data, and instead request the restriction of the use of your personal data.
Right to data portability
According to Article 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format, as well as the right to transmit this data to another controller without hindrance from us.
Furthermore, you can request that we transfer your data directly to another controller, insofar as this is technically feasible.
Right to object
You have the right, pursuant to Article 21 GDPR, to object at any time to the processing of your data on grounds relating to your particular situation, where the processing of your data is based on your consent or on our legitimate interests or those of a third party.
In this case, we will no longer process your data unless we are legally obligated to do so, for example, for the establishment, exercise, or defense of legal claims. Your right to withdraw your consent to processing remains freely revocable at any time, regardless of your right to object.
9. Right to lodge a complaint with a supervisory authority
Pursuant to Article 77 GDPR, without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of personal data relating to you by us infringes applicable data protection law.
11. Processing of personal data in the context of online surveys and questionnaires
We provide online surveys and questionnaires on our website, for example as part of research projects or on behalf of clients. Participation in these surveys is voluntary.
Type and purpose of data processing
When conducting online surveys, we process the data you enter in the form as well as technical data (such as IP address and time of participation). Depending on the survey, the collected data may include, for example, contact details, professional information, or expert opinions. We use this data to conduct and analyze the respective survey, to create studies, and, if you have given your consent, to contact you.
Legal basis
The processing is based on your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR), our legitimate interests in carrying out surveys (Art. 6 para. 1 sentence 1 lit. f) GDPR) or for the performance of a contract (Art. 6 para. 1 sentence 1 lit. b) GDPR).
Data recipients and storage duration
The data is processed by us and, where applicable, by commissioned service providers. In the case of customer orders, the collected data may be passed on to the respective clients.
Data is stored for the duration of the respective project, including a reasonable follow-up period. Afterwards, the data is deleted or anonymized, unless legal retention obligations apply. Contact details for which you have given us consent for further use will be stored until you withdraw this consent.
Technical implementation
We currently use the WordPress plugin WPForms for our surveys. The collected data is stored on our web server. We use SSL encryption for data security and have a data processing agreement in place with our hosting provider.
Your rights
Regarding your data, you have the same rights as explained in section 8 of our privacy policy. Participation in surveys is voluntary, and you can withdraw your consent at any time. However, withdrawal is no longer possible for data that has already been anonymized.
Cookie Policy
According to §96 Paragraph 3 TKG, the use of cookies is only permitted if
The user is thoroughly informed in advance, consent is given before the use of cookies, and the consent is given voluntarily, unambiguously, and through an active action.
What are cookies?
Cookies are small pieces of data stored in text files that are saved on your computer or other device when websites are loaded in a browser.
They are frequently used to “remember” you and your preferences, either for a single visit through a “session cookie” or for multiple repeat visits through a “persistent cookie.” They ensure a consistent and efficient experience for visitors and perform important functions, such as the ability to register and stay logged in.
Cookies can be set by the website you are visiting, known as “first-party cookies”, or by third parties, e.g., those that provide content or offer advertising or analytics services on the website, known as “third-party cookies”.
Both websites and HTML emails can also contain other tracking technologies such as "web beacons" or "pixels." These are typically small, transparent images that provide us with statistics for similar purposes as cookies. They are often used in conjunction with cookies, although they are not stored on your computer in the same way. If you disable cookies, the web beacons will still load, but their functionality will be limited.
Which cookies do we use?
NameBorlabs Cookie
Purpose: Saves the settings of visitors who have selected them in the Borlabs Cookie cookie box.
Cookie name: borlabs-cookie
Duration: 1 year
NameWooCommerce
PurposeHelps WooCommerce detect when the cart contents/data change. Contains a unique code for each customer, so WooCommerce knows where to find the cart data in the database for each customer. Allows customers to hide shop notifications.
Cookie name: woocommerce_cart_hash, woocommerce_items_in_cart, wp_woocommerce_session, woocommerce_recently_viewed, store_notice[notice id]
DurationSession / 2 days
NameGoogle Analytics
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
PurposeGoogle cookie for website analytics. Generates statistical data about how the visitor uses the website.
Privacy Policy: https://policies.google.com/privacy?hl=de
Cookie name: _ga,_gat,_gid
Duration: 2 months
Use of Google services
We use the following technologies from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland („Google“). The information about your use of our website that is automatically collected by Google technologies is generally transmitted to and stored on a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The European Commission has not issued an adequacy decision for the USA. Our cooperation is based on standard contractual clauses for data protection issued by the European Commission. If your IP address is collected via Google technologies, it is shortened before being stored on Google's servers by activating IP anonymization. Only in exceptional cases will the full IP address be transmitted to a Google server and shortened there. Unless otherwise stated for the individual technologies, data processing is based on a joint controllership agreement pursuant to Article 26 GDPR. You can find further information about data processing by Google in Google's privacy policy.
Google Analytics
For website analysis purposes, Google Analytics automatically collects and stores data (IP address, time of visit, device and browser information, and information about your use of our website), from which user profiles are created using pseudonyms. Cookies may be used for this purpose. Your IP address is generally not combined with other Google data. Data processing is based on a data processing agreement with Google.
For the purpose of optimizing the marketing of our website, we have activated the data sharing settings for “Google products and services.” This allows Google to access the data collected and processed by Google Analytics and subsequently use it to improve Google services. The data sharing with Google under these settings is based on an additional agreement between data controllers. We have no control over the subsequent data processing by Google.
We also use the Google Analytics extension function Google Optimize to create and conduct tests.
For web analytics, Google Analytics uses the Google Signals extension, which enables so-called "cross-device tracking." If your internet-enabled devices are linked to your Google account and you have activated the "personalized advertising" setting in your Google account, Google can generate reports about your usage behavior (especially cross-device user numbers), even if you switch devices. We do not process any personal data in this context; we only receive statistics generated by Google Signals.
For web analytics and advertising purposes, the DoubleClick cookie, an extension of Google Analytics, enables your browser to be recognized when you visit other websites. Google will use this information to compile reports on website activity and to provide other services related to website usage.
Google AdSense
Our website uses Google AdSense to market advertising space for third-party providers. These ads are displayed to you at various locations on this website. The so-called DoubleClick cookie enables the display of interest-based advertising by collecting and processing data (IP address, time of visit, device and browser information, and information about your use of our website) and automatically assigning a pseudonymous UserID, which helps determine your interests based on visits to this and other websites.
Google Ads
For advertising purposes in Google search results and on third-party websites, a so-called Google Remarketing cookie is set when you visit our website. This cookie automatically enables interest-based advertising by collecting and processing data (IP address, time of visit, device and browser information, and information about your use of our website) and using a pseudonymous cookie ID based on the pages you have visited. Further data processing only takes place if you have activated the "personalized advertising" setting in your Google account. If you are logged into Google during your visit to our website, Google uses your data together with Google Analytics data to create and define target audience lists for cross-device remarketing.
For website analysis and event tracking, we use Google Ads Conversion Tracking to measure your subsequent user behavior after you have reached our website via a Google Ads advertisement. Cookies may be used for this purpose, and data (IP address, time of visit, device and browser information, as well as information about your use of our website based on events we define, such as visiting a page or subscribing to a newsletter) may be collected. This data is then used to create pseudonymous user profiles.
