Privacy Policy

---

We have created this privacy policy (version 30.07.2019-111167492) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act (DSG), what information we collect, how we use data, and what choices you have as a visitor to this website.

Unfortunately, it is inherent in the nature of this topic that these explanations may sound technical. However, we have made an effort to describe the most important aspects as simply and clearly as possible.

Automatic Data Storage

When you visit websites nowadays, certain information is automatically created and stored, and the same applies to this website.

When you visit our website, just like you are doing now, our web server (the computer where this website is stored) automatically stores data such as:

• The address (URL) of the accessed webpage.
• Browser and browser version.
• The operating system used.
• The address (URL) of the previously visited page (referrer URL).
• The hostname and IP address of the device accessing the website.
• Date and time.

These data are stored in files (web server log files). Generally, web server log files are retained for two weeks and then automatically deleted. We do not disclose this data, but we cannot exclude the possibility that it may be viewed in the event of unlawful behavior.

The legal basis for this data processing, according to Article 6(1)(f) of the General Data Protection Regulation (GDPR) (legitimate interest), is that there is a legitimate interest in enabling the error-free operation of this website by collecting web server log files.

Cookies

Our website uses HTTP cookies to store user-specific data. In the following, we will explain what cookies are and why they are used to help you better understand the following privacy policy.

What are cookies?

Whenever you browse the internet, you use a web browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser, and these files are called cookies.

There's no denying that cookies are truly useful little helpers. Almost all websites use cookies. Specifically, they are HTTP cookies, as there are other types of cookies for different applications. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, which is like the "brain" of your browser. A cookie consists of a name and a value, and when defining a cookie, one or more attributes need to be specified.

Cookies store certain user data, such as language preferences or personal page settings. When you revisit our site, your browser transmits the "user-related" information back to our site. Thanks to cookies, our website knows who you are and provides you with your preferred default settings. In some browsers, each cookie has its own file, while in others, like Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie needs to be evaluated individually since each cookie stores different data. The expiration time of a cookie can vary from a few minutes to several years. Cookies are not software programs and do not contain viruses, trojans, or other "malware". Cookies also cannot access information on your PC.

An example of cookie data could look like this:

Name: _ga Expiration: 2 years Usage: Distinguishing website visitors Example Value: GA1.2.1326744211.152111167492

A browser should support the following minimum sizes:

• A cookie should be able to contain at least 4096 bytes.
• At least 50 cookies should be able to be stored per domain.
• A minimum of 3000 cookies should be able to be stored overall.

What types of cookies are there?

The specific types of cookies we use depend on the services used, and they will be explained in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

Four types of cookies can be distinguished:

1. Strictly necessary cookies: These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, continues browsing other pages, and then goes to the checkout later. These cookies prevent the shopping cart from being deleted, even if the user closes their browser window.
2. Functional cookies: These cookies collect information about user behavior and whether the user receives any error messages. Additionally, these cookies measure the loading time and behavior of the website with different browsers.
3. Targeted cookies: These cookies enhance user-friendliness. For example, they store entered locations, font sizes, or form data.
4. Advertising cookies: These cookies are also known as targeting cookies. They serve to deliver individually tailored advertising to the user. This can be very practical but can also be very annoying.

Typically, when you visit a website for the first time, you will be asked which types of cookies you want to allow. And, of course, this decision will also be stored in a cookie.

How can I delete cookies?

The decision of whether and how to use cookies is up to you. Regardless of the service or website the cookies come from, you always have the option to delete cookies, allow them partially, or disable them altogether. For example, you can block third-party cookies while allowing all other cookies.

If you want to find out which cookies are stored in your browser or if you want to change or delete cookie settings, you can do so in your browser settings:

Chrome: Clear, enable, and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Clear cookies to remove data stored by websites on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you prefer not to have any cookies at all, you can configure your browser to always notify you when a cookie is being set. This way, you can decide whether to allow or deny each individual cookie. The process may vary depending on the browser you use. It's best to search for instructions on Google using the search terms "clear cookies Chrome" or "disable cookies Chrome" if you're using Chrome, or replace the word "Chrome" with the name of your browser, such as Edge, Firefox, or Safari.

What about my privacy?

Since 2009, there have been the so-called "Cookie Directives." It is stated that storing cookies requires the consent of the website visitor (i.e., you). However, there are still varying reactions to these directives among EU countries. In Austria, for example, this directive was implemented in § 96 (3) of the Telecommunications Act (TKG).

If you want to learn more about cookies and don't mind technical documentation, we recommend referring to https://tools.ietf.org/html/rfc6265, the Request for Comments by the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism."

Storage of Personal Data

Personal data that you electronically transmit to us on this website, such as your name, email address, address, or other personal information within the context of submitting a form or commenting on the blog, will be used by us solely for the specified purpose, securely stored, and not disclosed to third parties.

We only use your personal data for communication with those visitors who explicitly request contact and for the processing of services and products offered on this website. We do not pass on your personal data without consent, but we cannot exclude the possibility that these data may be viewed in the event of unlawful behavior.

If you send us personal data via email - outside of this website - we cannot guarantee secure transmission and protection of your data. We recommend that you never transmit confidential data unencrypted via email.

The legal basis for this processing is Article 6(1)(a) of the GDPR (lawfulness of processing), as you have given us your consent to process the data you have entered. You can revoke this consent at any time - an informal email is sufficient. You can find our contact information in the imprint.

Rights under the GDPR

According to the provisions of the GDPR and the Austrian Data Protection Act (DSG), you have the following rights:

Right to rectification (Article 16 of the GDPR)

Right to erasure ("right to be forgotten") (Article 17 of the GDPR)

Right to restriction of processing (Article 18 of the GDPR)

Right to notification - obligation to notify in relation to rectification or erasure of personal data or restriction of processing (Article 19 of the GDPR)

Right to data portability (Article 20 of the GDPR)

Right to object (Article 21 of the GDPR)

Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 of the GDPR)

If you believe that the processing of your data violates data protection laws or that your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority, which in Austria is the Austrian Data Protection Authority. You can find their website at https://www.dsb.gv.at/.

Analysis of Visitor Behavior

In the following privacy policy, we will inform you whether and how we analyze data from your visit to this website. The analysis of collected data is usually anonymous, and we cannot draw any conclusions about your identity based on your behavior on this website.

To learn more about how to opt out of this analysis of visitor data, please refer to the privacy policy below.

TLS Encryption with HTTPS

We use HTTPS to transmit data securely over the internet (Privacy by Design, Article 25(1) of the GDPR). By implementing TLS (Transport Layer Security), an encryption protocol for secure data transmission over the internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock icon displayed at the top left of your browser and the use of the HTTPS scheme (instead of HTTP) as part of our website address.

Google Fonts Local Privacy Policy

We use Google Fonts provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website. We have locally integrated the Google fonts on our web server, meaning they are not loaded from Google's servers. This eliminates any connection to Google's servers and thus no data transmission or storage takes place.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is an interactive directory of over 800 fonts made available for free use by Google LLC. With Google Fonts, you can use the fonts without uploading them to your own server. However, in order to prevent any information transfer to the Google server, we have downloaded the fonts to our server. This allows us to comply with data protection regulations and ensures that no data is sent to Google Fonts.

Unlike other web fonts, Google provides us with unrestricted access to all the fonts. This means we have unlimited access to a wide variety of fonts and can optimize our website accordingly. For more information about Google Fonts and for any further questions, please visit https://developers.google.com/fonts/faq?tid=111167492.

Google Fonts Privacy Policy

We use Google Fonts provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.

For the use of Google Fonts, you do not need to sign in or provide a password. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested from the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from any other Google services. If you have a Google account, you don't need to worry about your Google account data being transmitted to Google while using Google Fonts. Google records the usage of CSS (Cascading Style Sheets) and the fonts used, and securely stores this data. We will examine the exact details of data storage in more detail.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is an interactive directory of over 800 fonts made available for free use by Google LLC.

Many of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are open-source licenses, allowing us to use them freely without paying any licensing fees.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our website without uploading them to our own server. Google Fonts is an important component for maintaining the quality of our website. All Google fonts are automatically optimized for the web, which saves data volume and is especially advantageous for mobile devices. When you visit our site, the low file size ensures fast loading times. Furthermore, Google Fonts are considered secure web fonts. Different image synthesis systems (rendering) in various browsers, operating systems, and mobile devices can lead to errors. Such errors can distort texts or entire web pages visually. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform issues with Google Fonts. Google Fonts supports all popular browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod).

We use Google Fonts to present our entire online service as beautifully and consistently as possible. According to Art. 6(1)(f) lit. F of the General Data Protection Regulation (GDPR), this represents a "legitimate interest" in the processing of personal data. In this case, "legitimate interest" refers to both legal and economic or ideological interests recognized by the legal system.

What data is stored by Google?

When you visit our website, the fonts are loaded from a Google server. This external call transmits data to the Google servers, allowing Google to recognize that you or your IP address have visited our website. The Google Fonts API was developed to reduce the collection, storage, and use of end-user data to what is necessary for the efficient provision of fonts. API stands for "Application Programming Interface" and serves as a data transmitter in the software field, among other functions.

Google Fonts securely stores CSS and font requests with Google for protection. Google can determine the popularity of the fonts based on the collected usage statistics. Google publishes the results on internal analysis pages, such as Google Analytics. Additionally, Google uses data from its own web crawler to determine which websites use Google fonts. This data is published in the BigQuery database of Google Fonts. BigQuery is a Google web service for companies that need to handle and analyze large amounts of data.

It should be noted, however, that with each Google Fonts request, information such as IP address, language settings, browser screen resolution, browser version, and browser name is automatically transmitted to the Google servers. Whether this data is also stored is not clearly determinable or explicitly communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets on its servers for one day, primarily located outside the EU. This allows us to use the fonts with the help of a Google stylesheet. A stylesheet is a template that allows you to easily and quickly change the design or font of a website, for example.

The font files are stored by Google for one year. This is done with the goal of improving the loading time of web pages in general. When millions of websites refer to the same fonts, they are cached after the first visit and immediately appear on all other websites visited later. Sometimes, Google updates font files to reduce file size, increase language coverage, and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for one day or one year cannot be easily deleted. The data is automatically transmitted to Google when the page is accessed. To delete this data prematurely, you need to contact Google Support at https://support.google.com/?hl=en&tid=111167492. You can prevent data storage only by not visiting our site.

Unlike other web fonts, Google gives us unrestricted access to all the fonts. This means we have unlimited access to a wide variety of fonts and can maximize the potential for our website. For more information about Google Fonts and for additional questions, please visit https://developers.google.com/fonts/faq?tid=111167492. Although Google addresses privacy-related issues on that page, detailed information about data storage is not included. It is relatively difficult (almost impossible) to obtain precise information about stored data from Google.

You can also read about what data Google generally collects and how it is used at https://www.google.com/intl/en/policies/privacy/.

Google Ads (Google AdWords) Conversion Tracking Privacy Policy

We use Google Ads (formerly Google AdWords) as an online marketing measure to promote our products, offers, and services. We aim to raise awareness of the high quality of our offerings among more people on the internet. As part of our advertising efforts through Google Ads, we use Google LLC's Conversion Tracking, located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). With the help of this free tracking tool, we can better tailor our advertising offerings to your interests and needs. In the following article, we will explain in more detail why we use Conversion Tracking, what data is stored, and how you can prevent this data storage.

The legal basis for using Google Ads Conversion Tracking is Article 6(1)(f) (legitimate interest) of the General Data Protection Regulation (GDPR) as there is a legitimate interest in carrying out targeted advertising measures.

What is Google Ads Conversion Tracking?

Google Ads (formerly Google AdWords) is Google LLC's in-house online advertising system. We can create online ads via Google Ads to introduce our products or services to interested individuals. We are confident in the quality of our offerings and want as many people as possible to visit our website. Google Ads provides the best platform for this purpose in the online realm. Naturally, we also want to gain an accurate overview of the cost-benefit factor of our advertising campaigns. Therefore, we use Google Ads' Conversion Tracking tool.

But what is a conversion? A conversion occurs when a purely interested website visitor becomes an active visitor. This happens when you click on our ad and then perform another action, such as visiting our website. With Google's Conversion Tracking tool, we capture what happens after a user clicks on our Google Ads ad. For example, we can see if products are purchased, services are utilized, or if users sign up for our newsletter.

Why do we use Google Ads Conversion Tracking on our website?

We use Google Ads to raise awareness of our offerings on other websites as well. The goal is to reach only those individuals with our advertising campaigns who are interested in our products and offers. With the Conversion Tracking tool, we can see which keywords, ads, ad groups, and campaigns lead to desired customer actions. We see how many customers interact with our ads on a device or browser and then perform a conversion. With this data, we can calculate our cost-benefit factor, measure the success of individual advertising measures, and optimize our online marketing efforts accordingly. Furthermore, we can use the acquired data to make our website more interesting for you and customize our advertising offerings even more to your needs.

What data is stored with Google Ads Conversion Tracking?

We have integrated a conversion tracking tag or code snippet on our website to better analyze certain user actions. When you click on one of our Google Ads ads, a cookie called "Conversion" is stored on your computer (usually in the browser) or mobile device from a Google domain. Cookies are small text files that store information on your computer.

Here are the data details for the most important cookies used for Google Ads Conversion Tracking:

Name: Conversion Expiration: after 3 months Example value: EhMI_aySuoyv4gIVled3Ch0llweVGAEgt-mr6aXd7dYlSAGQ111167492

Name: _gac Expiration: after 3 months Example value: 1.1558695989.EAIaIQobChMIiOmEgYO04gIVj5AYCh2CBAPrEAAYASAAEgIYQfD_BwE

Note: The _gac cookie seems to be associated with Google Analytics. The above list is not exhaustive, as Google may also use other cookies for analytical evaluation.

Once you complete an action on our website, Google recognizes the cookie and stores your action as a conversion. As long as you continue to browse our website and the cookie has not expired, we and Google recognize that you found us through our Google Ads ad. The cookie is read and sent back to Google Ads with the conversion data. It is also possible that other cookies are used to measure conversions. Google Ads' Conversion Tracking can be further refined and improved using Google Analytics. For ads displayed by Google in various locations on the web, cookies with the names "__gads" or "_gac" may be set under our domain. Since September 2017, various campaign information from analytics.js has been stored using the _gac cookie. Once you visit one of our pages for which Google Ads' automatic tag labeling has been set up, the cookie stores this data. Unlike cookies set for Google domains, Google can only read these conversion cookies when you are on our website. We do not collect or receive any personally identifiable information. We receive a report from Google with statistical evaluations. For example, we learn the total number of users who clicked on our ad, and we see how well each advertising measure has been received.

How long and where are the data stored?

We would like to point out that we have no influence over how Google uses the data collected through the Conversion Tracking tool. According to Google, the data is encrypted and stored on secure servers. In most cases, conversion cookies expire after 30 days and do not transmit any personally identifiable information. The cookies named "Conversion" and "_gac" (used in conjunction with Google Analytics) have a lifespan of 3 months.

How can I delete my data or prevent data storage?

You have the option to opt-out of Google Ads Conversion Tracking. By disabling the Google Conversion Tracking cookie through your browser, you can block Conversion Tracking. In this case, you will not be included in the statistics of the tracking tool. You can change the cookie settings in your browser at any time. The process varies slightly for each browser. Here is the guide on how to manage cookies in your browser:

Chrome: Clear, enable, and manage cookies in Chrome

Safari: Manage cookies and website data using Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not want to have any cookies at all, you can configure your browser to always notify you when a cookie is set. This way, you can decide for each individual cookie whether to allow it or not. By downloading and installing this browser plug-in from https://support.google.com/ads/answer/7395996, all "advertising cookies" will also be disabled. Please note that by disabling these cookies, you are not preventing the display of advertisements, but only personalized advertising.

Through its certification under the EU-U.S. Privacy Shield, the American company Google LLC is required to comply with the data protection laws applicable in the EU. If you would like to learn more about data protection at Google, we recommend consulting Google's general privacy policy: https://policies.google.com/privacy?hl=en.

Google Analytics Privacy Policy

We use Google Analytics, a service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), to analyze visitor data on this website. Google Analytics uses targeted cookies for this purpose.

Google Analytics Cookies:

• _ga

    Expiration: 2 years

    Purpose: Distinguishing website visitors

    Example value: GA1.2.1326744211.152111167492

• _gid

    Expiration: 24 hours

    Purpose: Distinguishing website visitors

    Example value: GA1.2.1687193234.152111167492

• _gat_gtag_UA_

    Expiration: 1 minute

    Purpose: Used to throttle request rate. When Google Analytics is provided through Google Tag Manager, this cookie is named _dc_gtm_.

    Example value: 1

For more information on terms of use and privacy, please visit http://www.google.com/analytics/terms/en.html or https://support.google.com/analytics/answer/6004245?hl=en.

Pseudonymization

In accordance with the GDPR, our aim is to improve our offerings and website. As we value the privacy of our users, user data is pseudonymized. Data processing is carried out in compliance with the legal provisions of § 96(3) TKG and Art. 6(1)(a) (consent) and/or (f) (legitimate interest) of the EU GDPR. Disabling data collection by Google Analytics

Using the browser add-on to disable Google Analytics JavaScript (ga.js, analytics.js, dc.js), website visitors can prevent Google Analytics from using their data.

You can prevent the collection and processing of data generated by the cookie related to your use of the website by Google by downloading and installing the browser add-on available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

Google Analytics deactivation link

By clicking on the following deactivation link, you can prevent Google from further tracking visits to this website. Note: Deleting cookies, using your browser's incognito/private mode, or using a different browser will result in data being collected again.

Deactivate Google Analytics

Google Analytics IP anonymization

We have implemented IP address anonymization for Google Analytics on this website. This feature was developed by Google to enable this website to comply with applicable privacy regulations and recommendations of local data protection authorities when they prohibit the storage of the full IP address. The anonymization or masking of IP addresses occurs as soon as they are received in the Google Analytics data collection network and before any storage or processing of the data takes place.

For more information about IP anonymization, please visit https://support.google.com/analytics/answer/2763052?hl=en.

Google Analytics reports on demographic characteristics and interests

We have enabled the advertising reporting features in Google Analytics. The reports on demographic characteristics and interests include information about age, gender, and interests. This allows us to gain a better understanding of our users without identifying individuals. Learn more about the advertising features at https://support.google.com/analytics/answer/3450482?hl=en.

You can opt out of the use of your Google account's activity and information for advertising purposes by checking the appropriate box in the "Ad Settings" section of https://adssettings.google.com/authenticated.

Google Analytics Data Processing Amendment

We have entered into a direct customer agreement with Google for the use of Google Analytics by accepting the "Data Processing Amendment" in Google Analytics.

For more information about the Data Processing Amendment for Google Analytics, please visit https://support.google.com/analytics/answer/3379636?hl=en.

Google Maps Privacy Policy

We use Google Maps, a service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), on our website.

By using the features of this map, data is transmitted to Google. You can find information about the data collected by Google and how it is used at https://www.google.com/intl/en/policies/privacy/.

Hotjar Privacy Policy

We use Hotjar, a service provided by Limited (Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta), to analyze visitor data on this website. Hotjar is a service that combines analysis and feedback tools to analyze user behavior and feedback on websites. Hotjar-based websites have a tracking code integrated into their web pages, which is transmitted to our servers located in Ireland (EU). This tracking code contacts Hotjar's servers and sends a script to the computer or device you use to access the Hotjar-based website. The script collects certain data regarding the user's interaction with the respective website. This data is then sent to Hotjar's servers for processing.

For more details about the privacy policy and the types of data collected by Hotjar, please visit https://www.hotjar.com/legal/policies/privacy.

Disabling Hotjar

If you do not want Hotjar to collect your data, you can activate the Hotjar Opt Out. There, you have the option to disable or enable data collection by Hotjar with a simple click on the red "Disable Hotjar" button. Note: Deleting cookies, using your browser's incognito/private mode, or using a different browser will result in data being collected again.

Google reCAPTCHA Privacy Policy

Our top priority is to ensure that our website is as protected and secure as possible, both for you and for us. To achieve this, we use Google reCAPTCHA provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). With reCAPTCHA, we can determine whether you are indeed a human being made of flesh and blood, and not a robot or other spam software. By spam, we mean any unwanted information that comes to us through electronic means without our consent. With traditional CAPTCHAs, you often had to solve text or image puzzles for verification. With Google reCAPTCHA, we usually don't have to bother you with such puzzles. In most cases, it is sufficient for you to simply check a box to confirm that you are not a bot. With the new Invisible reCAPTCHA version, you don't even have to check a box anymore. The exact workings of reCAPTCHA and, more importantly, the data used for it are explained in this privacy policy.

The legal basis for the use of reCAPTCHA is Article 6(1)(f) (legitimate interest), as there is a legitimate interest in protecting this website from bots and spam software.

What is reCAPTCHA?

reCAPTCHA is a free captcha service provided by Google that protects websites from spam software and abuse by non-human visitors. This service is most commonly used when filling out forms on the internet. A captcha service is an automatic Turing test designed to ensure that an action on the internet is performed by a human and not a bot. In the classic Turing test (named after the computer scientist Alan Turing), a human determines the distinction between a bot and a human. With captchas, this task is taken over by a computer or software program. Traditional captchas involve solving small tasks that are easy for humans but present significant difficulties for machines. With reCAPTCHA, you no longer need to actively solve puzzles. The tool uses modern risk techniques to differentiate between humans and bots. In most cases, you only need to check the "I'm not a robot" checkbox, or with Invisible reCAPTCHA, even that is no longer necessary. reCAPTCHA inserts a JavaScript element into the source code, which then runs in the background and analyzes your user behavior. Based on these user actions, the software calculates a so-called captcha score. Using this score, Google calculates the likelihood of you being a human even before you enter the captcha. ReCAPTCHA or captchas in general are used whenever bots could manipulate or abuse certain actions such as registrations, surveys, etc.

Why do we use reCAPTCHA on our website?

We want to welcome only flesh-and-blood humans to our site. Bots or spam software of any kind can stay at home. That's why we are doing everything possible to protect ourselves and offer the best possible user experience for you. For this reason, we use Google reCAPTCHA provided by Google. This way, we can be quite confident that we will remain a "bot-free" website. By using reCAPTCHA, data is transmitted to Google, which Google uses to determine whether you are indeed a human. Thus, reCAPTCHA serves the security of our website and, consequently, your security as well. For example, without reCAPTCHA, it could happen that a bot registers as many email addresses as possible during registration in order to then "spam" forums or blogs with unwanted advertising content. With reCAPTCHA, we can prevent such bot attacks.

Which data is stored by reCAPTCHA?

reCAPTCHA collects personal data from users to determine if the actions on our website are truly performed by humans. This may include the IP address and other data required by Google for the reCAPTCHA service, which can be sent to Google. IP addresses are usually truncated within the member states of the EU or other contracting states of the Agreement on the European Economic Area before the data is transmitted to a server in the USA. The IP address is not combined with other data from Google unless you are signed in to your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks if there are already Google cookies from other Google services (YouTube, Gmail, etc.) placed on your browser. Then reCAPTCHA sets an additional cookie in your browser and captures a snapshot of your browser window.

The following list of collected browser and user data is not exhaustive but rather provides examples of data that, to our knowledge, is processed by Google:

• Referrer URL (the address of the page the visitor came from)
• IP address (e.g., 256.123.123.1)
• Information about the operating system (the software that enables the operation of your computer. Common operating systems include Windows, Mac OS X, or Linux)
• Cookies (small text files that store data in your browser)
• Mouse and keyboard behavior (every action you perform with the mouse or keyboard is stored)
• Date and language settings (the language or date you have pre-set on your PC is stored)
• All JavaScript objects (JavaScript is a programming language that allows websites to adapt to the user. JavaScript objects can collect all sorts of data under a name)
• Screen resolution (indicates the number of pixels the image display consists of)

It is undisputed that Google uses and analyzes this data even before you click the "I am not a robot" checkbox. In the case of the Invisible reCAPTCHA version, even the checkbox is eliminated, and the entire recognition process takes place in the background. The exact amount and type of data Google stores are not detailed by Google.

The following cookies are used by reCAPTCHA: This refers to the reCAPTCHA demo version provided by Google at https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies set by Google reCAPTCHA on the demo version:

Name: IDE Expiration: after one year Use: This cookie is set by the company DoubleClick (which is also owned by Google) to register and report the user's actions on the website in relation to advertising. This allows measuring advertising effectiveness and implementing appropriate optimization measures. IDE is stored in browsers under the domain doubleclick.net. Example value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-111167492

Name: 1P_JAR Expiration: after one month Use: This cookie collects statistics about website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant ads to users. Additionally, the cookie helps prevent a user from seeing the same ad multiple times. Example value: 2019-5-14-12

Name: ANID Expiration: after nine months Use: We could not obtain much information about this cookie. In Google's privacy policy, the cookie is mentioned in relation to "advertising cookies" such as "DSID," "FLC," "AID," "TAID." ANID is stored under the domain google.com. Example value: U7j1v3dZ

How long and where are the data stored?

By integrating reCAPTCHA, data from you is transferred to Google's server. Google does not clearly indicate where exactly these data are stored, even after repeated inquiries. Without receiving confirmation from Google, it can be assumed that data such as mouse interaction, duration of stay on the website, or language settings are stored on European or American Google servers. The IP address transmitted by your browser to Google is generally not merged with other Google data from additional Google services. However, if you are logged into your Google account while using the reCAPTCHA plugin, the data will be merged. In such cases, the different privacy policies of Google apply.

How can I delete my data or prevent data storage?

If you do not want any data about you and your behavior to be transmitted to Google, you must completely log out of Google and delete all Google cookies before visiting our website or using the reCAPTCHA software. Generally, the data is automatically transmitted to Google as soon as you access our site. To delete this data, you need to contact Google Support at https://support.google.com/?hl=en&tid=111167492.

By using our website, you agree that Google LLC and its representatives automatically collect, process, and use data.

You can learn more about reCAPTCHA on Google's web developer page at https://developers.google.com/recaptcha/. While Google provides more information about the technical development of reCAPTCHA there, precise information about data storage and privacy-related topics is also elusive. For a comprehensive overview of data usage at Google, you can refer to their privacy policy at https://www.google.com/intl/en/policies/privacy/. Source: Created with the Privacy Generator of adsimple.at in cooperation with befamily.at