Data privacy

Cookies: Privacy settings

Change privacy settings

History of privacy settings

Withdraw consent

Privacy Policy

This website is operated by dedomind GmbH (FN 665651z), hereinafter referred to as “we,” “us,” and “dedomind GmbH,” with its registered office in 4100 Ottensheim. In this privacy policy, we, as the controller pursuant to Art. 4 (7) GDPR, describe what data we collect when you visit our website and for what purpose we process it. We also inform you about how we generally process data from our customers, suppliers, and interested parties, and conclude by explaining what rights and safeguards we offer in the course of data processing. All relevant contact details can be found in section 11 of this privacy policy.

As the protection of your personal data is of particular concern to us, we strictly adhere to the legal requirements of the DSG and the GDPR when collecting and processing your personal data.

Below, we provide detailed information about the scope and purpose of our data processing and your rights as a data subject. Please read our privacy policy carefully before continuing to use our website and, if necessary, giving your consent to data processing.

1. Personal data

You can generally use our website without providing any personal data. However, different rules may apply to the use of individual services, which we will point out to you separately.

Apart from the cookies described in detail below, we only collect and store data that you yourself provide by entering it in our input masks or by actively interacting with our website in any other way. Personal data is any information relating to an identified or identifiable natural person. This includes, for example, your name, address, telephone number, or date of birth, but also your IP address or geolocation data that allows conclusions to be drawn about you.

2. Use of cookies

a. If you use our website for informational purposes only, i.e. if you do not register for a service or otherwise provide us with information, for example via a contact form, we only collect the (personal) data that your browser transmits to our server. If you wish to visit our website, we collect the following data, which is technically necessary for us to display the website to you and to ensure its stability and security in accordance with Art. 6 (1) (f) GDPR:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request
• Access status / HTTP status code
• Amount of data transferred in each case
• Website from which the request originates
• Browser used
• Operating system and its interface
• Language and version of the browser software

However, this data will not be processed beyond the purpose of displaying our website.

b. In addition to the aforementioned data, first-party and third-party cookies are stored on your computer when you use our website; these are small text files that are stored on your hard drive in the browser you are using. The entity that sets a cookie (either us or an explicitly named third party) receives certain information as a result.

We need these cookies on the one hand to recognize you as a user of the website and on the other hand to be able to track the use of our services. Finally, we may use cookies for marketing purposes to analyze your usage behavior and, if necessary, to send you targeted advertising.

c. A basic distinction can be made between first-party cookies, third-party cookies, and third-party requests.

• First Party Cookies

First-party cookies are stored in your browser by us or our website itself in order to provide you with the best possible user experience. These are primarily functional cookies, such as shopping cart cookies. We may also use cookies to identify you for subsequent visits if you have an account with us—otherwise, you will have to log in again each time you visit.

• Third Party Cookies

Third-party cookies are stored in your browser by a third-party provider. These are mostly tracking or marketing tools that evaluate your user behavior on the one hand and, on the other hand, enable the third-party provider to recognize you on other websites you visit. Retarget marketing, for example, is generally based on the function of such cookies.

• Third Party Requests

Third-party requests are all requests that you, as a site user, make to third parties via our site—for example, when you interact with social network plugins or use the services of a payment provider. In this case, no cookies are stored in your browser, but it cannot be ruled out that personal data may be sent to this third-party provider as a result of the interaction. For this reason, we also provide detailed information about the tools and applications we use in our privacy policy.

d. In order to provide you with comprehensive information about the cookies we use, we have designed a cookie banner in accordance with the ruling of the European Court of Justice of October 1, 2019, C-673/17 (Planet 49) and other relevant decisions, we have designed a cookie banner that is displayed when you first visit our website. This cookie banner shows all cookies used, including their function, storage period, and origin. Only if you agree to the use of some or all cookies will we store them; An exception to this may be technically necessary cookies, without which our website could not be displayed correctly.

e. You can change your browser settings at any time to refuse the acceptance of third-party cookies or all cookies, for example. In this case, however, we must point out that you may no longer be able to use all functions of our website.

3. Collection and processing of personal data

a. Website

Personal data that goes beyond the information stored by cookies is only processed by us in the context of operating our website if you voluntarily provide it to us, for example when you register with us, enter into a contractual relationship with us, or otherwise contact us. This data consists exclusively of contact details and information about the matters for which you are contacting us.

We use the personal data you provide only to the extent necessary to fulfill the respective purpose of processing (e.g., registration, sending newsletters, processing an order, sending information material and advertising, conducting a competition, answering a question, enabling access to certain information) and this is permitted by law (in particular in accordance with Art. 6 or Art. 9 GDPR) (e.g. sending advertising and information material to existing customers in accordance with Art. 6 (1) (1) (f) GDPR).

The purpose of processing your data is to operate our website and to provide targeted company-specific information, including the presentation of our goods and services (marketing).

Any further use of your data will only take place if you have given your express prior consent, if we need your data to fulfill a contract concluded with you, or if we are obliged to store it due to a legal provision. You can revoke any consent you have given at any time for the future, as explained in detail below.

b. Contract processing, marketing, and more

In general, we use personal data of our customers, suppliers, and other contractual and cooperation partners, e.g., contact persons, their contact details, and marketing-relevant information, for the purpose of contract processing and within the scope of statutory retention obligations (e.g., accounting), and also for legitimate interests, such as marketing and customer care purposes.

We also collect personal data from interested parties (e.g., contact persons, their contact details, and marketing-relevant information) in the course of our acquisition and sales activities. We are always on the Internet, at trade fairs, and at other events looking for potential contractual partners and maintain a marketing database for this purpose to enable targeted advertising for our products and services. We carry out all of the measures listed here in our legitimate interest for marketing purposes in accordance with Art. 6 (1) (f) GDPR in conjunction with Recital 47 for a period of three years from the end of a contractual relationship (customers & suppliers) or our initial (unsuccessful) contact (prospective customers), unless the data subject has given their express consent for a longer period.

If we do not collect personal data for marketing purposes from the data subject themselves, we will also inform the data subject where we collected their data when we first contact them, in accordance with Art. 14 GDPR.

c. application management

We collect data from applicants for job vacancies at our company for the purpose of initiating a possible employment relationship in accordance with Art. 6 (1) (b) GDPR or, if necessary, on the basis of explicit consent for record-keeping purposes.

4. Storage period

We generally store data that you have provided to us exclusively for customer service or marketing and information purposes for a period of three years after our last contact. However, if you wish, we will delete your data before this period expires, provided that there are no legal obstacles to doing so.

In the event of a contract initiation or conclusion, we process your personal data after complete contract processing until the expiry of the warranty, guarantee, limitation, and statutory retention periods applicable to us, and furthermore until the conclusion of any legal disputes in which the data is required as evidence.

We will only store data that you may provide to us as part of an application process for a period of 6 months without separate consent.

If storage is required by law, we will comply with the period specified therein. If we process your personal data for purposes other than those set out in this privacy policy, for example on the basis of a legitimate interest, we will inform you separately before processing begins.

5. Data transmission

a. General

Your data will not be transferred to third parties unless we are legally obliged to do so, the transfer of data is necessary for the performance of a contractual relationship between us, or you have expressly consented to the transfer of your data in advance.

External processors or other cooperation partners will only receive your data if this is necessary for the execution of the contract, if we have a legitimate interest in doing so, which we will always disclose separately in each case, or if this is required by special standards, with your consent.

We will not sell your personal data to third parties or market it in any other way. If our contractual partners or processors are based in a third country, i.e., a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.

If one of our processors comes into contact with your personal data, we will ensure that they comply with the provisions of data protection laws in the same way as we do.

b. Data transfer to the USA?

We occasionally offer certain services that involve or may involve the transfer of data to the United States. The transfer of data to the United States has consistently led to legal challenges in recent years. There are several legal bases for legally compliant data transfers to the United States, but we generally rely on two different legal bases:

c. Data transfer based on the existence of an adequacy decision

On July 10, 2023, the European Commission adopted a new adequacy decision pursuant to Art. 45 GDPR for the US – namely the EU-US Data Privacy Network.

However, this adequacy decision only applies to those data importers in the US who are registered in the Data Privacy Framework List (https://www.dataprivacyframework.gov/s/participant-search).

We check whether each of our service providers who, as data importers, are to receive personal data in the US, is registered in the Data Privacy Framework List. If this is the case, it is stated in our privacy policy for the respective service provider.

The EU Commission’s press release on the EU-U.S. Data Privacy Framework can be found at: https://ec.europa.eu/commission/presscorner/detail/en/ip_23_3721.

d. consent

However, if a data importer is not registered in the Data Privacy Framework List, it is necessary—unless there is another justification, such as the fulfillment of contractual obligations—that you consent to the use of your data collected via these services, including in the US, if applicable (Art. 49 (1) (a) GDPR).

This is because we are currently unable to assess how case law will develop as a result of the EU-U.S. Data Privacy Network. Depending on the service, we collect this consent via our cookie banner or separately by means of a corresponding declaration of consent directly before the use of a service offered.

Your consent is required because, according to recent administrative and court decisions and the case law of the ECJ, the US is not certified as providing an adequate level of data protection when processing personal data (C-311/18, Schrems II). These administrative and court decisions are particularly critical of the fact that access by US authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority, and does not provide relevant legal remedies for those affected in the event of such interference.

Apart from the contracts concluded with US service providers, we have no direct influence on the access of US authorities to personal data that is transferred to service providers in the US when using these services. Even though we assume that our service providers take the necessary steps to ensure the promised level of protection in accordance with the contractual agreements made with us, access by US authorities to data processed in the US is still conceivable.

We therefore ask for your consent to the processing of data in the US before using such services. We will indicate separately for each service or application that there is a possibility of data being transferred to the US.

6. Newsletter

You have the option of subscribing to our free newsletter. With this newsletter, you will receive all the latest news and information about our company as well as customized advertising at regular intervals. To receive our newsletter, you need a valid email address.

We will check the email address you entered in our registration form to ensure that you actually wish to receive newsletters. We do this by sending an email to the email address you provided, which you can confirm by clicking on a link provided. Once you have confirmed the email, you are registered for our newsletter. (Double opt-in)

When you first subscribe to the newsletter, we store your IP address and the date and time of your registration. We do this for security reasons in case a third party misuses your email address and subscribes to our newsletter without your knowledge. We do not collect or process any other data for the newsletter subscription; the data is used exclusively for the purpose of receiving the newsletter.

Unless you object, we may transfer your data to companies affiliated with our company for the purpose of analysis and to send you information for advertising purposes. Within the group of companies, the data you have provided to us for the purpose of subscribing to the newsletter will be compared with data that may be collected by us elsewhere (e.g., when purchasing goods or booking a service).

Your data for newsletter registration will not be passed on to third parties that do not belong to the group of companies. You can unsubscribe from our newsletters at any time. Details on how to unsubscribe can be found in the confirmation email and in each individual newsletter.

7. Tools and applications used

a. Our website also contains links to other websites; these are provided for informational purposes only. These websites are not under our control and are therefore not covered by the provisions of this privacy policy. However, if you activate a link, it is possible that the operator of this website may collect data about you and process it in accordance with their privacy policy, which may differ from ours. Please always check the current data protection regulations on the websites we link to.

b. Our website also offers the option of interacting with various social networks via plugins. These are:

• Facebook, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The parent company, Meta Platforms Inc., Menlo Park, California, is registered in the Data Privacy Framework List.
• LinkedIn, operated by LinkedIn Inc., 2029 Stierlin Court, Mountain View, CA 94043, USA
• YouTube, operated by YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066 USA
• Instagram, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The parent company, Meta Platforms Inc., Menlo Park, California, is registered in the Data Privacy Framework List.

When you click on a plugin for one of these social networks, it is activated and a connection to the respective server of that network is established as described above.

By activating these plugins, you consent to the use of your data collected via these plugins, including in the USA, if applicable.

We have no influence on the scope and content of the data that is transmitted to the respective operator of this social network when you click on the plugin, or which may subsequently be subject to access by US authorities.

If you would like to find out about the type, scope, and purpose of the data collected by the operators of these social networks, we recommend that you read the privacy policies of the respective social network.

8. Joint responsibilities pursuant to Art. 26 GDPR

a. Facebook – company page

We operate a Facebook fan page at https://www.facebook.com/. The purpose of this fan page is to share information about our company’s activities, implement marketing measures, and provide an additional channel of communication with us.

In this context, we are “joint controllers” with Facebook, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, which provides us with this service. Facebook generally allows you to select in your settings which personal data is shared with us. If you do not wish to do so, we will receive all information regarding the use of our fan page and personal data about visitors in anonymized form.

For this purpose, we have entered into a so-called Art. 26 GDPR agreement with Facebook, which regulates the mutual rights and obligations of us and Facebook. You can find this at https://www.facebook.com/-legal/EU_data_transfer-_addendum/update. In this context, we also ask you to read Facebook’s privacy policy, which you can find at https://www.facebook.com/policy.php.

In the Article 26 GDPR agreement we have concluded, Facebook undertakes to be the first point of contact for data subjects regarding the processing of Insights data and to fulfill the associated obligations and tasks.

You can therefore assert your data subject rights both against us in accordance with section 10 of this privacy policy and against Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

b. Instagram – Profile

We operate an Instagram profile at www.instagram.com/. We use this profile to implement marketing measures, draw attention to our products and services, and create another channel of communication with our customers.

In this context, we are also “joint controllers” with Instagram, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, which provides us with this service. Instagram allows you to select in your settings which personal data is shared with us. If you do not wish to do so, we will receive all information regarding the use of our fan page and personal data about visitors in anonymized form.

For this purpose, we have concluded a so-called Art. 26 GDPR agreement with Instagram, which regulates the mutual rights and obligations of us and Instagram. You can find this at https://www.facebook.com/-legal/EU_data_transfer-_addendum/update. In this context, we also ask you to read Instagram’s privacy policy, which can be found at https://help.instagram.com/519522125107875.

In the Article 26 GDPR agreement we have concluded, Instagram undertakes to be the first point of contact for data subjects regarding the processing of Insights data and to fulfill the associated obligations and tasks.

You can therefore assert your data subject rights both against us in accordance with section 10 of this privacy policy and against Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

9. Safety

We use numerous technical and organizational security measures to protect your data against manipulation, loss, destruction, and access by third parties. Our security measures are continuously improved in line with technological developments on the Internet. If you would like more detailed information on the type and scope of the technical and organizational measures we have taken, please do not hesitate to contact us at any time with your written inquiries.

10. Your rights

In accordance with the General Data Protection Regulation and the Data Protection Act, you, as a data subject in our data processing, have the following rights and legal remedies:

• Right of access (Art. 15 GDPR)

As the person affected by the data processing described above and other data processing, you have the right to request information about whether and, if so, which personal data about you is being processed. For your own protection—so that no unauthorized person receives information about your data—we will verify your identity in an appropriate manner before providing any information.

• Right to rectification (Art. 16) and erasure (Art. 17 GDPR)

You have the right to request the immediate correction of inaccurate personal data concerning you or, taking into account the purposes of data processing, the completion of incomplete personal data and the deletion of your data, provided that the criteria of Art. 17 GDPR are met.

• Right to restriction of processing (Art. 18 GDPR)

Under the legal requirements, you have the right to restrict the processing of all personal data collected. From the time of the restriction request, this data will only be processed with your individual consent or for the assertion and enforcement of legal claims.

• Right to data portability (Art. 20 GDPR)

You may request the unhindered and unrestricted transfer of personal data that you have provided to us to you or a third party.

• Right to object (Art. 21 GDPR)

You may object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you that is necessary to safeguard our legitimate interests or those of a third party. Your data will no longer be processed after you object, unless there are compelling legitimate grounds for the processing that outweigh your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims. You can object to data processing for direct marketing purposes at any time with effect for the future.

• Withdrawal of consent

If you have given separate consent to the processing of your data, you can revoke this consent at any time. Such revocation affects the permissibility of the processing of your personal data after you have notified us of your revocation.

If you take action to enforce your rights under the GDPR as listed above, dedomind GmbH must respond to the requested action or comply with the request immediately, at the latest within one month of receiving your request.

We will respond to all reasonable requests within the legal framework free of charge and as quickly as possible.

The data protection authority is responsible for complaints concerning violations of the right to information, the right to confidentiality, the right to correction, or the right to deletion. Their contact details are as follows:

Austrian Data Protection Authority
Barichgasse 40-42
1030 Vienna
dsb@dsb.gv.at

11. Contact information / Contact persons

dedomind GmbH
Simon Schörghuber, Management
Phone: +4369910080016
E-Mail: info@dedomind.com

12. Technical and organizational measures for data protection

Please download the document as a PDF below:

13. Voluntary commitment declaration on order processing

Please download the document as a PDF below:

As of March 2026