Privacy Policy
- Summary
- 1. Introduction
- 2. Contact Information
- 3. Lawfulness of Processing
- 4. Rights of Concerned Individuals
- 5. Data Collection
- 6. Use of Your Personal Data
- 7. Sharing of Your Personal Data
- 8. Data Collected
- 9. Third-Party Service Providers
- 10. Security Measures
- 11. Changes to Our Privacy Policy
- 12. Conclusion
Last modified: 11/26/2024
1. Introduction
Welcome to www.graphicatelier.com (hereinafter referred to as the “Site”), a website operated by graphicatelier (hereinafter referred to as “We” or “Our” or “graphicatelier”). If you use this site, you are considered a user (hereinafter referred to as “You” or “Your” or “User”). This privacy policy (hereinafter referred to as the “Policy”) governs how we collect, use, store, and disclose information about you when you use this site. This Policy also applies to information collected by third-party services we use to enhance your experience on the Site (hereinafter referred to as “Third-Party Services”).
1.1 Objectives of this Policy
The objectives of this Policy are to inform you about:
- The types of information we collect
- How we use this information
- With whom we share this information
- Your data protection rights
1.2 What is GDPR?
GDPR, or General Data Protection Regulation (2016/679), is a European Union law that came into effect on May 25, 2018. GDPR aims to give EU citizens full control over their personal data and simplify the regulatory framework for international trade by harmonizing data protection regulations within the EU.
1.4 What Information is Collected
We collect various types of information to provide you with our services. This information may include but is not limited to:
- Personal data (name, email address, etc.)
- Browsing data (visited pages, time spent on the site, etc.)
- Technical data (browser type, IP address, etc.)
2. Contact Information
If you have any questions or concerns about this Policy or how we handle your data, you can contact the data protection officer of graphicatelier:
- Company Name: graphicatelier
- Address: Wimmerfeld 27, 4492 Hofkirchen, Austria.
- Representative Name: Pierre Niel
- Phone Number: +43 650 956 5454
- Email Address: info@website.com
3. Lawfulness of Processing
In this section, we will explain the legal bases on which we rely for processing your personal data in accordance with the provisions of GDPR.
3.1 Legal Basis for Processing
The processing of your personal data is based on one or more of the following legal bases:
3.1.1 Consent
When you use this Site, you give your consent to the processing of your personal data for specific purposes, as provided in Article 6(1)(a) of GDPR. You have the right to withdraw this consent at any time by contacting us.
3.1.2 Legitimate Interests
We may process your data when it is necessary for our legitimate interests or those of a third party, provided that these interests do not override your rights and interests, as stipulated in Article 6(1)(f) of GDPR.
3.1.3 Contractual Necessity
Processing of your data may be necessary for the performance of a contract to which you are a party or for taking pre-contractual steps at your request, in accordance with Article 6(1)(b) of GDPR.
3.1.4 Legal Obligations
We may process your data when it is necessary to comply with a legal obligation to which we are subject, in accordance with Article 6(1)(c) of GDPR.
3.1.5 Vital Interests
In situations where a person’s life or health is at stake, we may process personal data if it is necessary to safeguard vital interests, in accordance with Article 6(1)(d) of GDPR.
3.1.6 Public Interest
We may also process your personal data when such processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us, in accordance with Article 6(1)(e) of GDPR.
3.2 Summary
The lawfulness of processing your personal data by graphicatelier is established on several legal bases, including your consent, our legitimate interests, contractual necessity, legal obligations, safeguarding vital interests, and tasks of public interest. Each data processing is aligned with at least one of these legal bases to ensure transparent and appropriate use of your data.
4. Rights of Concerned Individuals
As a User, you have certain rights regarding the processing of your personal data. We are committed to respecting these rights and facilitating their exercise, in accordance with the provisions of GDPR.
4.1 Right of Access
According to Article 15 of GDPR, you have the right to know if your personal data is being processed, access it, and receive additional information about its use.
4.2 Right to Rectification
Under Article 16 of GDPR, you have the right to request the correction of your personal data if it is inaccurate or incomplete.
4.3 Right to Erasure / Right to Be Forgotten
According to Article 17 of GDPR, you have the right to request the deletion of your personal data under certain conditions, especially when such data is no longer necessary for the purposes for which it was collected.
4.4 Right to Restriction of Processing
According to Article 18 of GDPR, you can request the restriction of the processing of your personal data in certain circumstances, particularly when you dispute the accuracy of such data.
4.5 Right to Data Portability
Under Article 20 of GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format and to transmit it to another data controller without hindrance from us.
4.6 Right to Object
According to Article 21 of GDPR, you have the right to object to the processing of your personal data in certain situations, especially when such processing is based on our legitimate interests.
4.7 Right Not to Be Subject to Automated Decision-Making
Under Article 22 of GDPR, you have the right not to be subject to a decision based solely on automated processing, including profiling, when it has legal effects on you or significantly affects you.
4.8 Summary
You have various rights related to your data: the right of access, the right of rectification, the right to erasure, the right to restriction of processing, the right to data portability, the right to object, and the right not to be subject to automated decision-making. If you wish to exercise any of these rights, please contact us using the information provided in the “Contact Details of the Responsible Person” section.
5. Data Collection
When you use our Site, various categories of information may be gathered to provide you with an optimal user experience, in line with our service objectives. This data collection is carried out in compliance with GDPR.
5.1 Information Provided Directly by the User
When you browse the Site or use certain of our services, you have the option to provide us with data such as your name, email address, phone number, and more. This data collection is done with your consent and is necessary to provide you with our services, in accordance with Article 6(1)(a) of GDPR.
5.2 Information Automatically Collected
When you visit the Site, certain information may be automatically collected, such as your IP address, browser details, operating system, and more. This automatic information collection is aimed at analyzing and improving the quality of our services, in accordance with Article 6(1)(f) of GDPR based on legitimate interest.
5.3 Information from Third-Party Services
We may also receive information about you from Third-Party Services we use. This information is collected to better understand our users and improve our Site. This collection is in accordance with Article 6(1)(f) of GDPR based on legitimate interest.
If you have questions regarding the collection of your personal data, feel free to refer to the “Contact Details of the Responsible Person” section.
6. Use of Your Personal Data
The personal data we collect is used for various purposes, always in strict compliance with applicable laws. Each use is governed by the GDPR to ensure the absolute respect of your rights.
6.1 Communication and Service
We process your data, such as your email address, to communicate with you, keep you informed of our service updates, or respond to your requests. This use arises from our contractual obligation to provide you with the service for which you have registered. It is therefore in accordance with Article 6(1)(b) of GDPR.
6.2 Service Improvement
Automatically collected information, such as those related to your browser or operating system, helps us understand how users interact with our Site. This understanding allows us to enhance our services to better meet your needs. This use is based on Article 6(1)(f) of GDPR regarding legitimate interest.
6.3 Legal Compliance
We may also use your data to comply with our legal obligations, for example, to respond to a request from a judicial authority. This use is in accordance with Article 6(1)(c) of GDPR.
If you have questions regarding the use of your personal data, feel free to refer to the “Contact Details of the Responsible Person” section.
7. Sharing of Your Personal Data
We attach great importance to the privacy of your data. However, in certain situations, it may be necessary to share your personal data. Each sharing is strictly regulated by GDPR, ensuring the highest protection of your information.
7.1 Service Partners
We may share your data with third-party partners who assist us in operating the Site, providing our services, or processing transactions on our behalf. These third parties are required to process this data in accordance with the law and in compliance with our commitment to protecting your privacy. This practice aligns with Article 28 of the GDPR.
7.2 Legal Requirements
We may be obligated to disclose your data if required by law, when we believe such disclosure is necessary to protect our rights, the safety of others, or to respond to a judicial or governmental request. This practice aligns with Article 6(1)(c) of the GDPR.
7.3 International Transfers
If we need to transfer your data outside of the EEA (European Economic Area), we ensure that these transfers comply with the requirements of the GDPR, thus ensuring adequate protection of your data. This practice aligns with Chapter V of the GDPR.
7.3.1 EU-US Privacy Shield
The EU-US Privacy Shield is an agreement between the European Union and the United States designed to protect the fundamental rights of individuals whose personal data is transferred from EU member states to the United States. This agreement provides legal protection to companies engaged in such transfers.
The EU-US Privacy Shield was adopted by the European Commission on July 12, 2016, and became effective on August 1, 2016, replacing the previous “Safe Harbor” invalidated by the European Court of Justice in October 2015.
According to Article 45 of the GDPR, the transfer of personal data to a third country, such as the United States, is allowed if the European Commission has determined that the country provides an adequate level of protection. The EU-US Privacy Shield is recognized as offering this level of protection.
For more information on the EU-US Privacy Shield, you can visit the official website.
In summary: The EU-US Privacy Shield is an agreement between the EU and the United States that allows the transfer of personal data from the EU to the United States, provided that companies adhere to certain data protection standards.
If you have any questions regarding the sharing of your personal data, please refer to the “Contact Details of the Responsible Person” section.
8. Data Collected
Our Site uses various technologies to collect and store information when you visit it. This may include the use of cookies or similar technologies to identify your browser or device.
8.1 Cookies
8.1.1 Definition
A cookie is a small text file sent to your browser by a website you visit. When you consent, these files are stored on your device to distinguish users of the Site. Cookies are mainly used to enhance the user experience. For example, they make it easier to remember information about your visit, such as your preferred language and other settings, to make your next visit more convenient and useful. You have the option to refuse the use of cookies by modifying your browser settings, although this may affect your ability to use certain features of the Site.
8.1.1.1 Consent Management
To manage cookies and similar technologies (such as tracking pixels and web beacons) and associated consents, we use the consent management tool called “Real Cookie Banner.” You can get details on how it works by visiting the following link: https://devowl.io/rcb/data-processing/.
8.1.1.2 Cookies Used for Consent Management
Real Cookie Banner uses various cookies to record user consent on the Site. Here is a list of commonly used cookies:
Cookie Name | Example Value | Purpose | Persistence |
---|---|---|---|
real_cookie_banner* | 1695556215%3A6679e4d8-f483-4d79-b60c-[hash] | Stores the Universally Unique Identifier (UUID) allocated to the consent given by the visitor. | 1 year |
real_cookie_banner-*-tcf | COtybnMOpzYcSABABAENAk-AAAqyAAA | Stores consent given via the Transparency & Consent Framework (TCF). | 1 year |
real_cookie_banner-test | a3d2e4f5b679c8d9e01f2g3h4i567890 | The cookie is set to test whether HTTP cookies can be set. It will be deleted immediately after the test. | 1 year |
8.1.1.3 Legal Basis
The processing of personal data in this context is based on Article 6(1)(c) of the GDPR, as well as Article 6(1)(f) of the GDPR. Our legitimate interest lies in the management of cookies and similar technologies, as well as associated consents.
Providing personal data is neither contractually required nor necessary. You are not obliged to provide this data. However, please note that without this personal data, we will not be able to manage your consents.
8.1.2 Types of Cookies
Cookies come in different types, classified by their origin, function, and lifespan:
-
- First-party cookies: Issued by the site you visit. They are often necessary for the proper functioning of the site, such as maintaining your session active during your visit.
- Third-party cookies: Issued by domains other than the site you visit, such as external analytics tools or social media sharing buttons.
- Session cookies: Temporary, they are only stored for the duration of your browsing session and disappear when you close your browser.
- Persistent cookies: Stored on your device for a specified period, even after you close your browser. They are used, for example, to remember user preferences across multiple sessions.
- Performance cookies: Collect information on how visitors use a website, such as the most visited pages and any error messages. The collected data is anonymous and helps improve the site’s performance.
- Functionality cookies: Allow the site to remember choices you have made (such as your username, language, or region) and provide enhanced, more personalized features.
- Targeting or advertising cookies: Used to deliver more relevant advertisements based on your interests. They are also used to limit the frequency at which you see an ad and measure the effectiveness of advertising campaigns.
- Geolocation cookies: Used to determine the geographic region of your computer, tablet, or phone, enabling the delivery of location-appropriate content or ads.
- Analytical cookies: Help understand how visitors interact with the website by providing information about visited areas, time spent on the site, and any encountered issues such as error messages.
8.1.3 Examples
Here is a concrete example of a cookie used by Google reCAPTCHA on our site:
Cookie Name | Value | Purpose | Persistence Duration |
---|---|---|---|
_grecaptcha | AQzOHyfRgRjYU1-2f | This cookie is used to distinguish humans from automated robots. It helps the site prevent unwanted automated form submissions. | Session (disappears when the browser is closed) |
8.1.4 Purpose of Processing
Cookies are essential for the proper functioning of a website, and on our Site, they serve the following purposes:
-
- Authentication: Some cookies are essential to identify and authenticate users when accessing certain parts of the Site. They ensure that each user only accesses their personal information and maintain the user’s logged-in state throughout their session.
- Preferences and features: These cookies allow our Site to remember choices you make, such as language, font size, or other display preferences, making your browsing experience more personalized and enjoyable.
- Analytics: We use analytical cookies to better understand how our visitors use the Site, determine which content and features are most popular, and understand any challenges they may face. This helps us improve the browsing experience and optimize the Site’s functionality.
- Advertising and targeting: These cookies are used to display relevant ads to users based on their interests. They are also used to limit how often a user sees an ad and to measure the effectiveness of advertising campaigns.
- Security: Some cookies are essential to ensure the security of users and the Site. They help detect suspicious or fraudulent behavior and provide features such as form validation or protection against brute force attacks.
It is important to note that some cookies are necessary for certain website features to work correctly, while others are used to enhance performance and the user experience.
8.1.5 Retention Duration
The retention duration of a cookie varies depending on its type. Session cookies expire when you close the browser, while persistent cookies have a defined expiration date.
8.1.6 Deleting Cookies
You have the option to delete cookies directly from your browser settings. Here’s how to do it for the most commonly used browsers:
-
- Google Chrome:
- Open Chrome on your computer.
- Click the menu icon (three vertical dots) in the upper right corner.
- Select More tools, then Clear browsing data.
- Choose the time range. To delete everything, select All time.
- Check the box for “Cookies and other site data” and click Clear data.
- Safari:
- Open Safari.
- Choose Preferences from the menu bar, then click the Privacy tab.
- Click either Remove All Website Data or Details to delete cookies selectively.
- Firefox:
- Open Firefox.
- Click the menu icon (three horizontal lines) in the upper right corner.
- Select Options, then the Privacy & Security tab.
- Go to the “Cookies and Site Data” section and click Clear Data….
- Internet Explorer:
- Open Internet Explorer.
- Click the gear icon, then select Internet options.
- In the General tab, under Browsing history, click Delete….
- Check the box for “Cookies and website data” and click Delete.
- Microsoft Edge:
- Open Microsoft Edge.
- Click the menu icon (three horizontal dots) in the upper right corner.
- Select Settings.
- Scroll down and click Choose what to clear.
- Check the box for “Cookies and saved website data” and click Clear.
- Google Chrome:
Deleting cookies may impact the functionality of some websites and may result in the reset of certain browsing preferences.
8.1.7 Legal Basis
The legal basis for using cookies is our legitimate interest in providing and improving the Site for our users, in accordance with Article 6(1)(f) of the GDPR.
8.1.8 In Summary
Cookies are small text files used to store information about browsers. They are used for features such as authentication, remembering preferences, and analyzing user behavior. You can manage and delete them through your browser settings.
8.2 WordPress Comments
8.2.1 Definition
WordPress Comments is a feature of WordPress that allows users to leave comments on published articles. It provides a platform for interaction between the reader and the content author, as well as among readers themselves.
8.2.2 Purpose
The purpose of WordPress Comments is to facilitate open discussion and encourage feedback on published content. It also helps enhance community engagement and may provide valuable insights to the author or site administrator.
8.2.3 Data Stored
When you leave a comment on our site, the data you enter in the comment form, along with your IP address and browser user agent, is collected to help us detect unwanted comments.
8.2.3.1 Cookies Used by WordPress Comments
WordPress Comments uses various cookies to function correctly and improve the user experience. Here is a list of commonly used cookies:
Cookie Name | Example Value | Purpose | Persistence |
---|---|---|---|
comment_author_[hash] | JohnDoe | Stores the name of the comment author to prefill the field on subsequent visits. | 1 year |
comment_author_email_[hash] | john.doe@example.com | Stores the email address of the comment author to prefill the field on subsequent visits. | 1 year |
comment_author_url_[hash] | http://example.com | Stores the website URL of the comment author to prefill the field on subsequent visits. | 1 year |
8.2.4 Data Retention
Comments and their metadata are retained indefinitely. This allows for the automatic recognition and approval of subsequent comments rather than leaving them pending moderation.
8.2.5 How to Delete or Prevent Data Storage
You have the right to request the deletion of your comments at any time. To do so, please contact us. However, please note that deleting your comment may impact ongoing discussions.
8.2.6 Legal Basis
The legal basis for processing this data is based on Article 6(1)(f) of the GDPR, which authorize data processing for the legitimate interests pursued by the data controller or a third party.
8.2.7 In Summary
WordPress Comments is a WordPress feature that allows users to leave comments. Collected data includes information from the form, IP address, and user agent. This data is retained indefinitely but can be deleted upon request.
8.3 Contact Form 7
8.3.1 Definition
Contact Form 7 is a WordPress plugin that allows easy integration of contact forms on websites. It offers advanced customization while remaining user-friendly.
8.3.2 Purpose
The primary purpose of Contact Form 7 is to provide an effective means for website visitors to communicate with site owners or administrators, whether for information requests, suggestions, or feedback.
8.3.3 Data Stored
When you fill out a form created with Contact Form 7, the data you enter (such as your name, email address, subject, and message) is collected. This data is transmitted to the form’s recipient (typically the site administrator) for processing.
8.3.4 Data Retention
Data submitted through Contact Form 7 is typically stored for a period determined by the site administrator, depending on each site’s specific needs and the form’s purpose.
8.3.5 How to Delete or Prevent Data Storage
To avoid submitting your data via Contact Form 7, do not fill out or send the form on the site. If you have already submitted data and wish to delete it or obtain more information, contact us directly.
8.3.6 Legal Basis
Data processed through Contact Form 7 is based on individual consent, in accordance with Article 6(1)(a) of the GDPR.
8.3.7 In Summary
Contact Form 7 is a WordPress form plugin. It collects information entered into the form and forwards it to the site administrator. Data is retained as needed by the site and can be deleted upon request.
8.4 Google reCAPTCHA
8.4.1 Definition
Google reCAPTCHA is a service provided by Google Ireland Limited, with its European headquarters located at Gordon House, Barrow Street, Dublin 4, Ireland. This service helps protect websites from spam and abuse. It uses advanced risk analysis and adapts to real-time challenges to differentiate humans from robots.
8.4.2 Purpose
The main purpose of Google reCAPTCHA is to determine whether interactions on your website are coming from malicious robots or legitimate human users. This helps ensure site security and enhance user experience.
8.4.3 Data Collected
Google reCAPTCHA collects IP addresses and may gather other user browsing-related information to determine whether it’s a robot or a human. This information is processed by Google.
8.4.3.1 Cookie Settings
Google reCAPTCHA uses several cookies to operate effectively and provide its robot protection services. Here’s a non-exhaustive list of cookies used by Google reCAPTCHA:
Cookie Name | Host | Purpose | Persistence |
---|---|---|---|
_grecaptcha | .google.com | Used to distinguish humans from robots. | Session |
SSID | .google.com | Stores authentication information. | 2 years |
HSID | .google.com | Stores authentication information. | 2 years |
SID | .google.com | Stores authentication information. | 2 years |
SIDCC | .google.com | Performance and security measurement. | 1 year |
__Secure-3PAPISID | .google.com | Profiling for personalized advertising. | 2 years |
SAPISID | .google.com | Profiling for personalized advertising. | 2 years |
APISID | .google.com | Profiling for personalized advertising. | 2 years |
__Secure-3PSID | .google.com | Profiling for personalized advertising. | 2 years |
1P_JAR | .google.com | Data transfer for advertising. | 1 month |
CONSENT | .google.com | Records user consent. | 18 years |
NID | .google.com | Customizes ads in Google services. | 1 year |
SEARCH_SAMESITE | .google.com | Ads effectiveness measurement. | 6 months |
8.4.3.2 Loading External Data
Google reCAPTCHA is a service provided by Google Inc., with some servers located in the United States. Consequently, data collected by Google reCAPTCHA may be transmitted and stored on servers located in the United States.
Data sent to Google is stored on their servers, which may be located in the United States or other countries. Google is committed to adhering to the privacy standards of the Data Privacy Framework EU-USA for secure data transfer to the United States.
It should be noted that Google LLC is self-certified under the Trans-Atlantic Data Privacy Framework for secure data processing in the United States. This certification ensures that the company adheres to strict data protection and privacy standards when processing data outside of the European Economic Area.
Furthermore, to ensure an appropriate level of data protection when transferring this data to the United States, Google has committed to complying with the Standard Contractual Clauses (SCC) of the EU, in accordance with Article 46, paragraphs 2 and 3 of the GDPR. These Standard Contractual Clauses are templates provided by the European Commission to ensure that personal data transferred outside of the EEA enjoys an appropriate level of protection.
By employing these clauses, Google commits to maintaining a level of data protection that complies with European standards, even when data is processed in the United States. This approach is based on an implementing decision by the European Commission.
For more information on how Google processes data, including data collected by Google reCAPTCHA, you can refer to the Google Privacy Policy.
8.4.4 Data Retention
Data collected by Google reCAPTCHA is retained in accordance with Google’s privacy policy. It is recommended to consult this policy for specific details on retention periods.
8.4.5 How to Delete or Prevent Data Storage
Google reCAPTCHA is an essential security service for most websites to prevent malicious automated actions. However, if you wish to limit interaction with Google reCAPTCHA, here are some steps you can take:
-
- Site Preferences: It’s possible to disable reCAPTCHA directly from our website. To do this, go to the privacy menu located at the top of this page and disable items in the “Functional” group. However, this action may degrade your user experience, as it could result in additional security challenges during site interactions.
- Disable Third-Party Cookies: Disabling third-party cookies in your browser settings will prevent reCAPTCHA and other services from storing cookies on your device. Here’s how you can do it for different browsers:
- Use a Script Blocker: There are browser extensions like NoScript that allow you to control the execution of JavaScript scripts, on which reCAPTCHA relies.
- Privacy Extensions: There are several extensions that block various trackers and scripts to enhance privacy, such as:
- Privacy Badger
- Ghostery
- Adblock Plus with the anti-tracking filter enabled
Please note that disabling or blocking reCAPTCHA may affect the functionality of some websites and could prevent access to certain parts or features of those sites.
8.4.6 Legal Basis
The use of Google reCAPTCHA is based on individual consent, as per Article 6(1)(a) of the GDPR. It also serves the legitimate interest of protecting the website from malicious activities, as per Article 6(1)(f) of the GDPR.
8.4.7 In Summary
Google reCAPTCHA protects the site from malicious robots by analyzing user behavior. The data collected is retained in accordance with Google’s policy, and measures can be taken to control or block this collection.
8.5 Google Fonts
8.5.1 Definition
Google Fonts is a service provided by Google Ireland Limited, with its European headquarters located at Gordon House, Barrow Street, Dublin 4, Ireland. This service allows the integration of fonts directly into a web page. These fonts are hosted on Google’s servers and are incorporated into the site via a link pointing to this service.
8.5.2 Purpose
The purpose of using Google Fonts is to enhance the visual appearance of our website. Using consistent fonts helps maintain a uniform appearance on the site, regardless of the device used to access it.
8.5.3 Data Stored
When using Google Fonts, certain information, such as the user’s IP address, may be transmitted to Google’s servers in the United States. This transmission is necessary for the provision and integration of fonts on the website.
8.5.3.1 Loading External Data
Google Fonts is a service by Google Inc., and some of its servers are located in the United States. Consequently, data collected by Google Fonts may be transmitted and stored on Google’s servers in the United States.
Data sent to Google is stored on their servers, which may be located in the United States or other countries. Google is committed to adhering to the privacy standards of the EU-US Data Privacy Framework for secure data transfers to the United States.
It’s worth noting that Google LLC is self-certified under the Trans-Atlantic Data Privacy Framework for secure data processing in the United States. This certification ensures that the company adheres to strict data protection and privacy standards when processing data outside of the European Economic Area.
Furthermore, to ensure an adequate level of data protection when transferring this data to the United States, Google has committed to complying with the EU’s Standard Contractual Clauses (SCC) under Article 46, paragraphs 2 and 3 of the GDPR. These Standard Contractual Clauses are templates provided by the European Commission to ensure that personal data transferred outside of the EEA receives an appropriate level of protection.
By using these clauses, Google commits to maintaining a level of data protection in line with European standards, even when data is processed in the United States. This approach is based on an implementing decision by the European Commission.
For more information on how Google handles data, including data collected by Google Fonts, you can consult Google’s privacy policy.
8.5.4 Data Retention
Google retains usage data and user information from Google Fonts for a limited period. This data is used for service optimization and maintenance.
8.5.5 How to Delete or Prevent Data Storage
Although Google Fonts does not directly store cookies on your device, it can influence how other third-party services interact with your browser. If you wish to limit these interactions, there are several measures you can take:
-
- Preferences on our site: To ensure an optimal experience while respecting your privacy preferences, we have provided a privacy settings feature on our site. If you want to prevent the loading of Google Fonts, simply go to the privacy menu at the top of this page and disable items in the “Functional” group.
- Your browser settings: Most browsers allow you to choose which data is stored and for how long. Consult your browser’s documentation for guidance on managing stored data.
- Browser extensions: There are extensions available for most browsers that allow you to block third-party trackers, including those associated with Google Fonts. Here are some of the most popular extensions:
8.5.6 Legal Basis
The use of Google Fonts to enhance the aesthetics of the website is based on individual consent, in accordance with Article 6(1)(a) of the GDPR. It also relies on the legitimate interest of the site owner in improving the user experience, in accordance with Article 6(1)(f) of the GDPR.
8.5.7 In Summary
Google Fonts enables us to use specific fonts on our website. During your visit to our site, certain data may be transmitted to Google for font display purposes.
8.6 Google Maps
8.6.1 Definition
Google Maps is an online mapping service offered by Google Ireland Limited, whose European headquarters is located at Gordon House, Barrow Street, Dublin 4, Ireland. This service allows users to search for locations, obtain directions, and explore interactive maps.
8.6.2 Purpose
The objective of Google Maps is to provide precise geographical information to users, help them find locations, plan routes, and visualize maps for a better understanding of location.
8.6.3 Collected Data
Google Maps collects various data, including the user’s location, search queries, planned routes, and information about visited locations. These data can be used to improve service quality and personalize recommendations.
8.6.3.1 Cookie Settings
Google Maps uses different cookies to improve user experience and provide essential functionalities. Here’s an overview of the cookies used by Google Maps:
Cookie Name | Host | Purpose | Persistence |
---|---|---|---|
NID | .google.com | Stores identification information to personalize user experience. | 6 months |
__Secure-3PSIDCC | .google.com | Used to target advertisements based on user browsing history. | 1 year |
__Secure-1PSIDCC | .google.com | Used to target advertisements based on user browsing history. | 1 year |
SIDCC | .google.com | Stores identification information to improve user security. | 1 year |
__Secure-3PAPISID | .google.com | Used to personalize advertisements based on user interests. | 13 months |
SSID | .google.com | Stores identification information to personalize user experience. | 13 months |
__Secure-1PAPISID | .google.com | Used to personalize advertisements based on user interests. | 13 months |
HSID | .google.com | Stores identification information to improve user security. | 13 months |
__Secure-3PSID | .google.com | Used to target advertisements based on user browsing history. | 13 months |
__Secure-1PSID | .google.com | Used to target advertisements based on user browsing history. | 13 months |
SID | .google.com | Stores identification information to improve user security. | 13 months |
SAPISID | .google.com | Stores identification information to personalize user experience. | 13 months |
APISID | .google.com | Stores identification information to personalize user experience. | 13 months |
CONSENT | .google.com | Stores user consent for cookie usage. | 13 months |
__Secure-ENID | .google.com | Used to personalize advertisements based on user interests. | 13 months |
AEC | .google.com | Stores identification information to personalize user experience. | 6 months |
8.6.3.2 External Data Loading
When using Google Maps, data such as maps and images may be downloaded from Google’s servers.
Google Maps is a service of Google Inc., some of whose servers are located in the United States. Therefore, data collected by Google Maps may be transmitted and stored on Google servers located in the United States.
The data sent to Google is stored on their servers, which may be located in the United States or other countries. Google is committed to respecting the privacy standards of the EU-US Data Privacy Framework for the secure transfer of data to the United States.
It is worth noting that Google LLC is self-certified in accordance with the Trans-Atlantic Data Privacy Framework for the secure processing of data in the United States. This certification ensures that the company adheres to strict data protection and privacy standards when processing data outside the European Economic Area.
Moreover, to ensure an appropriate level of data protection when transferring this data to the United States, Google has committed to respecting the EU’s Standard Contractual Clauses (SCC), in accordance with Article 46, paragraphs 2 and 3 of the GDPR. These standard contractual clauses are models provided by the European Commission to ensure that personal data transferred outside the EEA receives appropriate protection.
By using these clauses, Google commits to respecting a level of data protection compliant with European standards, even when data is processed in the United States. This approach is based on an implementing decision by the European Commission.
For more information on how Google processes data, particularly data collected by Google Maps, you can consult the privacy policy of Google.
8.6.4 Data Retention
Data collected by Google Maps may be retained to improve future services, but they are not kept indefinitely. Google may define its own data retention policy.
8.6.5 How to Delete or Prevent Data Storage
If you wish to prevent Google Analytics from tracking your activities on this site or other sites, and you want to control these interactions or limit data collection, here are some steps you can take:
-
- Preferences on our site: To customize your experience while preserving your privacy, we offer a privacy menu on our site. If you prefer to prevent the use of Google Maps, you can access the privacy menu at the top of this page and disable elements associated with the “Google Maps” service in the “Functional” group.
- Browser Settings: Most browsers offer options for managing stored data, including the ability to block specific elements. Consult your browser’s documentation to learn more about managing stored data.
- Browser Parameters: Most browsers offer the possibility to disable cookies or disable only certain cookies. Additionally, browsers allow you to delete already installed cookies. Note that you must configure settings separately for each browser and computer you use. How to adjust these settings varies between browsers. Here’s how you can do it for different browsers:
Note that if you disable cookies, some functions of our site may not work correctly.
8.6.6 Legal Basis
The legal basis for using Google Maps is the individual’s consent, in accordance with Article 6(1)(a) of the GDPR.
8.6.7 In Summary
Google Maps is an online mapping service that allows users to search for locations, obtain directions, and explore interactive maps. It can collect data to improve the service, but users have options to limit data collection if they wish.
8.7 Jetpack Stats
8.7.1 Definition
Jetpack Stats is an analytics service integrated into the WordPress plugin Jetpack, developed by Aut O’Mattic A8C Ireland Ltd., with headquarters located at Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland. This service provides website owners with detailed insights about their site’s traffic, visitor interactions, and performance metrics.
8.7.2 Purpose
The objective of Jetpack Stats is to provide website administrators with comprehensive analytics, helping them understand visitor behavior, track site performance, and gain insights to improve their website’s user experience and content strategy.
8.7.3 Collected Data
Jetpack Stats collects various data points, including page views, visitor demographics, referral sources, device types, geographical location, and interaction patterns. These data can be used to provide detailed site analytics and improve service quality.
8.7.3.1 Cookie Settings
Jetpack Stats uses different cookies to track and analyze website traffic. Here’s an overview of the cookies typically used:
Cookie Name | Host | Purpose | Persistence |
---|---|---|---|
wordpress_logged_in_* | graphicatelier.com | Tracks logged-in user sessions and authentication | 14 days |
jetpack_stats_* | .wordpress.com | Tracks page views and site analytics | 30 days |
tk_ai | graphicatelier.com | Used for anonymous visitor tracking | 1 year |
jetpackDevMode | Ygraphicatelier.com | Indicates development mode for Jetpack | Browser Session |
wpcom-thirdparty-cookie-check | widgets.wp.com | Tracks page views and site analytics | 1 hour |
8.7.3.2 External Data Loading
When using Jetpack Stats, analytics data and scripts are transmitted to and processed by Automattic’s servers, which are primarily located in the United States.
Jetpack Stats is a service of Automattic Inc., whose servers are located in the United States. Data collected by Jetpack Stats may be transmitted and stored on Automattic’s servers located in the United States.
The data sent to Automattic is stored on their servers, which are primarily located in the United States. Automattic is committed to respecting data privacy standards for the secure transfer of data.
It is worth noting that Automattic is committed to the Privacy Shield Framework and adheres to strict data protection and privacy standards when processing data.
Moreover, to ensure an appropriate level of data protection, Automattic employs standard contractual clauses and takes measures to protect personal data in compliance with GDPR requirements.
For more information on how Automattic processes data, you can consult their privacy policy.
8.7.4 Data Retention
Data collected by Jetpack Stats may be retained to provide historical analytics and improve service quality. By default, aggregated and anonymized statistics are typically kept for a limited period, with detailed individual visitor data being retained for a shorter duration.
8.7.5 How to Delete or Prevent Data Storage
If you wish to prevent Jetpack Stats from tracking your website’s activities or limit data collection, here are some steps you can take:
-
- Jetpack Plugin Settings: Within your WordPress dashboard, go to Jetpack > Settings and you can disable or configure the Stats module.
- WordPress Privacy Settings: In your WordPress privacy settings, you can adjust tracking and analytics preferences.
- Browser Settings: Most browsers offer options to block tracking cookies:
Note that disabling tracking may limit your ability to gain insights about your website’s performance.
8.7.6 Legal Basis
The legal basis for using Jetpack Stats is typically the website owner’s legitimate interest and user consent, in accordance with GDPR Article 6(1)(a) and (f).
8.7.7 In Summary
Jetpack Stats is a WordPress analytics service that provides website owners with detailed traffic and performance insights. While it collects various data points, users have multiple options to control and limit data collection.
8.8 WPML
8.8.1 Definition
WPML, short for “WordPress Multilingual Plugin,” is a popular WordPress extension designed to create multilingual websites. It offers advanced features for managing content in multiple languages, making it easier to build websites tailored to an international audience. WPML is developed by OnTheGoSystems Limited, headquartered at 22/F 3 Lockhart Road, Wanchai, Hong Kong.
8.8.2 Purpose
The primary purpose of WPML is to enable website owners to create multilingual versions of their content, essential for reaching a global audience. This extension simplifies the translation, management, and publication of content in different languages, providing a seamless user experience for visitors regardless of their language.
8.8.3 Data Stored
WPML does not store any personally identifiable user data. Its functionality is limited to managing languages and translations on the website. Specifically, WPML does not store names, email addresses, payment information, or other personal data. However, WPML may use cookies to retain users’ language preferences, enhancing their navigation experience by displaying the site in their chosen language.
8.8.3.1 Cookie Settings
WPML uses various cookies to improve user experience by retaining their language preferences. Here is an overview of the cookies used by WPML:
Cookie Name | Host | Purpose | Persistence |
---|---|---|---|
wp-wpml_current_language | graphicatelier.com | Stores the user’s preferred language to display content in the appropriate language. | 1 day |
wp-wpml_current_admin_language_* | graphicatelier.com | Stores the administrator’s preferred language to display the admin interface in the appropriate language. | 1 day |
_icl_visitor_lang_js | graphicatelier.com | Stores the user’s preferred language to display content in the appropriate language via JavaScript. | Session |
wpml_browser_redirect_test | graphicatelier.com | A test cookie to automatically redirect visitors to the appropriate language version of the site. | Session |
These cookies do not contain personally identifiable data and are solely used to enhance the multilingual functionality of the site.
8.8.4 Data Retention
Data related to language management and translations is generally retained as long as necessary to maintain the multilingual functionality of the site. The retention duration may vary based on the specific needs of the site and the administrator’s preferences.
8.8.5 How to Delete or Prevent Data Storage
It is important to note that WPML neither collects nor stores personally identifiable user data. It primarily functions to manage language preferences on the site, making it essential for the proper functioning of the multilingual site.
However, if you wish to prevent WPML from using cookies, you can disable cookies in your browser settings. This will result in the site displaying in its original editing language without considering your previous language preferences.
Disable third-party cookies: Disabling third-party cookies in your browser settings will prevent WPML from storing cookies on your device. Here’s how you can do this for different browsers:
Please note that disabling cookies may affect your browsing experience, as some language-related features may no longer function as expected.
To manage data related to WPML, users can typically adjust their language settings within the plugin or contact the site administrator for assistance. If you wish to delete your data or have specific questions, it is recommended to contact us via the address indicated in the section “Person Responsible Contact Information”.
8.8.6 Legal Basis
Data processing through WPML is often based on user consent, as users generally choose their preferred language. This complies with Article 6(1)(a) of the GDPR. Additionally, the legitimate need to enrich website content with a language suited to visitor needs aligns with Article 6(1)(f) of the GDPR.
8.8.7 Summary
WPML is a WordPress plugin for creating multilingual websites. It collects and processes data related to language management and translations on the site. Data is generally retained as long as necessary to maintain the multilingual site, and users can manage their language preferences through the plugin.
8.9 Google reCAPTCHA
8.9.1 Definition
Google reCAPTCHA is a service provided by Google Ireland Limited, with its European headquarters located at Gordon House, Barrow Street, Dublin 4, Ireland. This service helps protect websites from spam and abuse. It uses advanced risk analysis and adapts to real-time challenges to differentiate humans from robots.
8.9.2 Purpose
The main purpose of Google reCAPTCHA is to determine whether interactions on your website are coming from malicious robots or legitimate human users. This helps ensure site security and enhance user experience.
8.9.3 Data Collected
Google reCAPTCHA collects IP addresses and may gather other user browsing-related information to determine whether it’s a robot or a human. This information is processed by Google.
8.9.3.1 Cookie Settings
Google reCAPTCHA uses several cookies to operate effectively and provide its robot protection services. Here’s a non-exhaustive list of cookies used by Google reCAPTCHA:
Cookie Name | Host | Purpose | Persistence |
---|---|---|---|
_grecaptcha | .google.com | Used to distinguish humans from robots. | Session |
SSID | .google.com | Stores authentication information. | 2 years |
HSID | .google.com | Stores authentication information. | 2 years |
SID | .google.com | Stores authentication information. | 2 years |
SIDCC | .google.com | Performance and security measurement. | 1 year |
__Secure-3PAPISID | .google.com | Profiling for personalized advertising. | 2 years |
SAPISID | .google.com | Profiling for personalized advertising. | 2 years |
APISID | .google.com | Profiling for personalized advertising. | 2 years |
__Secure-3PSID | .google.com | Profiling for personalized advertising. | 2 years |
1P_JAR | .google.com | Data transfer for advertising. | 1 month |
CONSENT | .google.com | Records user consent. | 18 years |
NID | .google.com | Customizes ads in Google services. | 1 year |
SEARCH_SAMESITE | .google.com | Ads effectiveness measurement. | 6 months |
8.9.3.2 Loading External Data
Google reCAPTCHA is a service provided by Google Inc., with some servers located in the United States. Consequently, data collected by Google reCAPTCHA may be transmitted and stored on servers located in the United States.
Data sent to Google is stored on their servers, which may be located in the United States or other countries. Google is committed to adhering to the privacy standards of the Data Privacy Framework EU-USA for secure data transfer to the United States.
It should be noted that Google LLC is self-certified under the Trans-Atlantic Data Privacy Framework for secure data processing in the United States. This certification ensures that the company adheres to strict data protection and privacy standards when processing data outside of the European Economic Area.
Furthermore, to ensure an appropriate level of data protection when transferring this data to the United States, Google has committed to complying with the Standard Contractual Clauses (SCC) of the EU, in accordance with Article 46, paragraphs 2 and 3 of the GDPR and Article 16 of the FADP. These Standard Contractual Clauses are templates provided by the European Commission to ensure that personal data transferred outside of the EEA enjoys an appropriate level of protection.
By employing these clauses, Google commits to maintaining a level of data protection that complies with European standards, even when data is processed in the United States. This approach is based on an implementing decision by the European Commission.
For more information on how Google processes data, including data collected by Google reCAPTCHA, you can refer to the Google Privacy Policy.
8.9.4 Data Retention
Data collected by Google reCAPTCHA is retained in accordance with Google’s privacy policy. It is recommended to consult this policy for specific details on retention periods.
8.9.5 How to Delete or Prevent Data Storage
Google reCAPTCHA is an essential security service for most websites to prevent malicious automated actions. However, if you wish to limit interaction with Google reCAPTCHA, here are some steps you can take:
-
- Site Preferences: It’s possible to disable reCAPTCHA directly from our website. To do this, go to the privacy menu located at the top of this page and disable items in the “Functional” group. However, this action may degrade your user experience, as it could result in additional security challenges during site interactions.
- Disable Third-Party Cookies: Disabling third-party cookies in your browser settings will prevent reCAPTCHA and other services from storing cookies on your device. Here’s how you can do it for different browsers:
- Use a Script Blocker: There are browser extensions like NoScript that allow you to control the execution of JavaScript scripts, on which reCAPTCHA relies.
- Privacy Extensions: There are several extensions that block various trackers and scripts to enhance privacy, such as:
- Privacy Badger
- Ghostery
- Adblock Plus with the anti-tracking filter enabled
Please note that disabling or blocking reCAPTCHA may affect the functionality of some websites and could prevent access to certain parts or features of those sites.
8.9.6 Legal Basis
The use of Google reCAPTCHA is based on individual consent, as per Article 6(1)(a) of the GDPR. It also serves the legitimate interest of protecting the website from malicious activities, as per Article 6(1)(f) of the GDPR.
8.9.7 In Summary
Google reCAPTCHA protects the site from malicious robots by analyzing user behavior. The data collected is retained in accordance with Google’s policy, and measures can be taken to control or block this collection.
8.10 Vimeo
8.10.1 Definition
Vimeo is a video-sharing platform owned by Vimeo, Inc., headquartered at 555 West 18th Street, New York, NY 10011, United States. It allows users to upload, share, comment on, and watch videos. On our website, we use embedded Vimeo videos to share content and enhance the user experience.
8.10.2 Purpose
By embedding Vimeo videos on our website, we aim to enrich the content we provide and make your user experience more interactive. Vimeo videos may include information, demonstrations, tutorials, or other content we consider beneficial for our users.
When you view an embedded Vimeo video on our website, certain information, such as your IP address, may be transmitted to Vimeo. This transmission occurs whether or not you have a Vimeo account or are logged into it. If you are logged into your Vimeo account, Vimeo may directly associate your browsing information with your personal profile. If you do not wish for this association, you should log out of your account before interacting with the video. Vimeo may store your data as user profiles and use it for advertising, market research, and/or to tailor its platform to users’ needs.
8.10.3 Data Stored
When you watch an embedded Vimeo video on our website, Vimeo collects information about the device you are using, your browser, your IP address, the web pages you visit, the date and time of your visit, websites you visited before accessing our site, and your interactions with the video (e.g., pausing, skipping, or rewinding). Vimeo also uses cookies to collect information about your browsing activity.
If you are logged into your Vimeo account, in addition to the above information, Vimeo may also collect details about your preferences, viewing habits, videos watched, comments posted, people you follow, and other interactions on the Vimeo platform. For more information, please refer to the Vimeo Privacy Policy.
8.10.3.1 Cookies Used
Here are the specific cookies used by Vimeo on our website:
Cookie Name | Host | Purpose | Duration |
---|---|---|---|
vuid | .vimeo.com | Collects analytics data about how Vimeo videos are used on the site. | 1 year |
vimeo | .vimeo.com | Facilitates feature testing and user experience optimization on Vimeo. | 1 month |
player | .vimeo.com | Saves user preferences for the Vimeo player, such as playback and volume settings. | 1 year |
__cf_bm | .vimeo.com | Ensures bot protection and manages network performance for embedded Vimeo videos. | 30 minutes |
vimeo_cart | .vimeo.com | Tracks actions for Vimeo’s shopping cart functionality when applicable. | 9 days |
auth_xsrft | .vimeo.com | Provides security by preventing cross-site request forgery (CSRF) attacks. | 1 day |
builderSessionId | .vimeo.com | Tracks session data for editing tools integrated with Vimeo. | 1 day |
OptanonAlertBoxClosed | .vimeo.com | Remembers user interaction with the cookie consent banner to prevent repeated displays. | 1 year |
language | .vimeo.com | Saves the user’s language preference for displaying Vimeo content. | 1 year |
OptanonConsent | .vimeo.com | Stores the user’s consent preferences for cookies. | 1 year |
8.10.4 Data Retention
Cookies created by Vimeo are generally retained for a specific period, as determined by Vimeo in accordance with its privacy policy. You can delete these cookies at any time through your browser settings.
For more details on Vimeo’s data retention practices, please refer to the Vimeo Privacy Policy.
8.10.5 How to Delete or Prevent Data Storage
Vimeo uses cookies to collect information about your browsing activity when you watch embedded videos on our site. If you do not want Vimeo to collect this information, you can manage or disable cookies through your browser settings.
If you wish to limit interaction with Vimeo, here are some steps you can take:
-
- Adjust browser settings: Configure your browser to block third-party cookies or to delete cookies upon closing the browser.
- Use a private browsing mode: Many browsers offer an incognito or private mode that limits the storage of cookies and other data.
- Log out of your Vimeo account: To avoid Vimeo associating your browsing activity with your account, log out before interacting with embedded videos.
- Review privacy settings: Check your Vimeo account settings to adjust how your data is used and shared.
Please note that disabling or blocking Vimeo may affect the functionality of certain websites and make it impossible to access some parts or features of these websites.
For more information about managing your data on Vimeo, please visit the Vimeo Privacy Policy page.
8.10.6 Legal Basis
The use of Vimeo is based on the individual’s consent, in accordance with Article 6(1)(a) of the GDPR, as well as the legitimate need to enrich the content of our website with relevant videos, in accordance with Article 6(1)(f) of the GDPR.
8.10.7 In Summary
We use Vimeo to enrich the content of our website with relevant videos. Some cookies may be stored in your browser when you watch an embedded Vimeo video on our website. You can disable these cookies by changing your browser settings.
9. Third-Party Service Providers
We engage third-party service providers to assist us in managing and improving our website. These providers may process or store personal data as part of providing these services. We ensure that these third-party service providers adhere to the same privacy and security standards as us. We only share your personal data with these third parties to the extent necessary for them to provide the respective services.
These third parties include:
- Web hosting and IT service providers to support our website and the services we offer.
- Website analytics and tracking service providers who help us understand how users interact with our website and identify areas for improvement.
- Online security service providers who assist us in protecting our website and maintaining the security of user data.
Please note that our website contains links to other websites that are not operated by us. We are not responsible for the privacy practices of these websites. We encourage users to be aware when leaving our website and to read the privacy policies of any website that collects personal information.
9.1 Web Hosting
Our online services are hosted by Hetzner Online GmbH, a leading web hosting company based in Germany. As a web hosting provider, Hetzner offers a robust and secure server infrastructure for our website.
Hetzner Online GmbH: Industriestr. 25, 91710 Gunzenhausen, Germany.
Hosting our website with Hetzner complies with European legal requirements for data protection, including the GDPR. Data is stored in highly secure data centers that provide physical protection against theft, fire, and other risks. Furthermore, data access is protected by technical security measures such as encryption and two-factor authentication.
As a host, Hetzner ensures the technical availability of our website. However, the responsibility for processing personal data lies with us. We have implemented appropriate security measures to protect your data from unauthorized access, alteration, disclosure, or destruction.
Hetzner is ISO 27001 certified, ensuring compliance with international standards for information security management. Hetzner also commits to adhering to the GDPR and other relevant data protection laws.
For more information on Hetzner’s privacy practices, please refer to their privacy policy.
Please note that transmitting information over the internet is not entirely secure. While we do our best to protect your personal data, we cannot guarantee the security of data transmitted to our site; any transmission is at your own risk. Once we receive your information, we use strict security procedures and features to try to prevent unauthorized access.
10. Security Measures
10.1 Technical and Organizational Measures
The security of your personal data is of paramount importance to us. To ensure the protection of your data against loss, alteration, unauthorized access, disclosure, or destruction, we have implemented advanced technical and organizational measures. These measures include:
- SSL (Secure Socket Layer) encryption to secure data in transit between your browser and our servers.
- Physical security measures in our data centers to prevent unauthorized access to our storage systems.
- Training for our employees and collaborators on the importance of data security and safe data handling practices.
- Regular backup procedures and the ability to quickly restore data in case of loss.
10.1.1 SSL Encryption
SSL (Secure Socket Layer) encryption is a standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data transmitted between the web server and browsers remains private and integral. We use SSL to protect your personal information online and strive to maintain the confidentiality of your transactions on our site.
SSL encryption is an essential requirement of the General Data Protection Regulation, in compliance with Article 32 of the GDPR, which mandates that organizations implement appropriate technical and organizational measures to ensure a level of security suitable for the risk.
To verify that our site uses SSL encryption, you can check your browser’s address bar. You should see a padlock icon and the “https://” prefix before our site’s address, indicating a secure connection.
10.2 Breach Notification Process
Despite all precautions, no method of transmission over the Internet or electronic storage is 100% secure. If we become aware of a security breach, we will react promptly to attempt to block unauthorized access and will inform you in accordance with Article 33 of the GDPR. Our breach notification process includes:
- Identifying the cause of the breach and potentially affected data.
- Taking measures to contain the breach and prevent further violations.
- Notifying all affected parties within 72 hours of discovering the breach.
- Implementing any necessary changes to our security policies and procedures to prevent similar breaches in the future.
10.3 Data Retention Period
The personal data we collect is retained for the duration necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Typically, we retain account data for three years from the user’s last activity. However, in certain cases, it may be necessary to retain information for a longer period, such as when required by law or for compliance, tax, legal, accounting, or auditing reasons. At the end of this period, your data will be securely deleted or anonymized.
For example, Austrian tax laws require us to retain customer billing information for a minimum period of ten years from the date of billing.
11. Changes to Our Privacy Policy
We reserve the right to modify this privacy policy at any time. If substantial changes are made to how we process your personal information, we will notify you through a prominently displayed notice on our website.
It is advisable to regularly review this privacy policy for any updates. The date of the last update is clearly indicated at the top of the privacy policy page. Any changes to this privacy policy will take effect when the revised privacy policy is published on the site.
12. Conclusion
Thank you for taking the time to go through our privacy policy. We understand it’s a lengthy text, but we hope you’ve learned something along the way! We greatly appreciate your trust in using our services, and we want you to know that your data is handled with the utmost care and respect.
If you have any questions or concerns about our use of your personal information, please don’t hesitate to contact us via the address provided in the “Contact Details of the Responsible Person” section. We will be more than happy to assist you.
This privacy policy is protected by copyright. It was written by graphicatelier. We kindly invite you to respect the author’s work. Reproduction, even in part, is prohibited without the author’s authorization under Directive 2019/790/EU of April 17, 2019, on copyright and related rights in the Digital Single Market.
And finally, if you’ve made it this far, we want to congratulate you! You are among the few people who read privacy policies to the end. Congratulations! Your dedication to protecting your personal data is impressive. You deserve a medal… but unfortunately, all we have to offer is this last sentence. Keep being amazing, and thank you for your trust!