1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how your personal data is handled when you use our website. Personal data is all data with which you can be personally identified.
1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is AlpenShield GmbH, Eckmüllnergasse 1/2/7, 1160 Vienna, Austria, Tel.: +4313618062-0, Email: office@alpenshield.io. The controller is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data.
2.1 If you use our website purely for information purposes, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the website server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:
Processing is carried out in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used for any other purpose. However, we reserve the right to subsequently review the server log files should there be concrete evidence of illegal use.
2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the responsible party), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser bar.
For the hosting of our website and the display of the site content, we use a provider who provides its services either directly or through selected subcontractors exclusively on servers within the European Union.
All data collected on our website is processed on these servers.
We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorized disclosure to third parties.
4.1 Microsoft Bookings
To provide an online appointment booking function, we use the services of the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
For the purpose of scheduling appointments, your first and last name, email address (and, if applicable, your telephone number if you would like to make an appointment by telephone) are collected and processed in accordance with Art. 6 (1) (b) GDPR. Art. 6 (1) (f) GDPR, based on our legitimate interest in effective customer management and efficient appointment management, your data will be transmitted to the provider and stored there for appointment organization.
After the appointment has been held or after the agreed appointment period has expired, your data will be deleted by the provider.
We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorized disclosure to third parties.
For data transfers to the USA, the provider has adhered to the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision of the European Commission.
4.2 For processing For customer inquiries, we use the email ticketing system of the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
If you submit contact inquiries via email via our website, these will be stored and organized in the ticket system to enable chronological processing and improve the service experience. You can always view the current status of your request using the individually assigned ticket number.
For the organization and processing of inquiries, personal data is collected according to the scope of its provision, but in any case, your last name, first name, and email address, transmitted to the provider, stored there, and read.
The legal basis for the processing of this data is our legitimate interest in the efficient design of our customer service, in the fastest possible response to your request, and in the optimization of our service offering in accordance with Art. 6 (1) (f) GDPR.
We have concluded a data processing agreement with the provider, which ensures the protection of our site visitors' data and prohibits unauthorized disclosure to third parties.
For the transfer of data to the USA, the provider relies on standard contractual clauses of the European Commission, which are intended to ensure compliance with European data protection standards.
4.3 When you contact us (e.g., via contact form or email), personal data is collected. The data collected when using a contact form can be seen in the respective contact form. This data will be stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration.
The legal basis for processing this data is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted after your request has been finally processed. This is the case if the circumstances indicate that the matter in question has been conclusively clarified and provided there are no statutory retention periods to the contrary.
5.1 Subscription to our email newsletter
If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information required to receive the newsletter is your email address. Providing additional data is voluntary and will be used to address you personally. We use the so-called double opt-in process to send the newsletter. This means that we will only send you an email newsletter if you have expressly confirmed that you consent to receiving the newsletter. We will then send you a confirmation email asking you to confirm that you wish to receive the newsletter in the future by clicking on a corresponding link.
By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 (1) (a) GDPR. When you register for the newsletter, we save your IP address entered by your Internet service provider (ISP), as well as the date and time of registration, in order to be able to trace any possible misuse of your email address at a later date. The data we collect when you register for the newsletter will be used exclusively for the purposes of advertising through the newsletter. You can unsubscribe from the newsletter at any time using the link provided in the newsletter or by sending a corresponding message to the person responsible named above. After unsubscribing, your email address will be immediately deleted from our newsletter distribution list unless you have expressly consented to further use of your data or we reserve the right to use your data in any other way that is permitted by law and about which we will inform you in this declaration.
5.2MailerLite
Our email newsletters are sent via this provider: UAB "MailerLite", J. Basanavičiaus 15, LT-03108 Vilnius, Lithuania
Based on our legitimate interest in effective and user-friendly newsletter marketing, we will pass on the data you provided when registering for the newsletter in accordance with Art. 6 (1) lit. f GDPR to this provider so that they can send the newsletter on our behalf.
Subject to your express consent in accordance with Art. 6 (1) lit. a GDPR, the provider also carries out a statistical evaluation of the success of newsletter campaigns using web beacons or tracking pixels in the emails sent, which can measure opening rates and specific interactions with the newsletter content. Device information (e.g., time of access, IP address, browser type, and operating system) is also collected and evaluated, but not merged with other data sets.
You can revoke your consent to newsletter tracking at any time with future effect.
We have concluded a data processing agreement with the provider that protects the data of our site visitors and prohibits its transfer to third parties.
5.3 Our email newsletters are sent via the Microsoft Dynamics 365 service of the provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Based on our legitimate interest in effective and user-friendly newsletter marketing, we pass on the data you provided when registering for the newsletter in accordance with Art. 6 (1) (f) GDPR to this provider so that they can send the newsletter on our behalf.
Subject to your express consent in accordance with Art. 6 (1) (a) GDPR, the provider also carries out a statistical evaluation of the success of newsletter campaigns using web beacons or tracking pixels in the emails sent, which can measure opening rates and specific interactions with the newsletter content. Device information (e.g., time of access, IP address, browser type, and operating system) is also collected and evaluated, but not merged with other databases.
You can revoke your consent to newsletter tracking at any time with future effect.
We have concluded a data processing agreement with the provider that protects the data of our site visitors and prohibits its transfer to third parties.
For data transfers to the USA, the provider has adhered to the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision of the European Commission.
6.1 Google Analytics 4
This website uses Google Analytics 4, a web analysis service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which enables an analysis of your use of our website.
By default, Google Analytics 4 does not use cookies when you visit the website unless you expressly consent to cookies. Instead, information about your usage behavior is collected and processed through so-called pings (small data packets sent to the host of a terminal device). This information also includes your IP address, which is, however, truncated by Google to prevent direct personal reference.
The information is transferred to Google servers and processed there. Transfers to Google LLC, based in the USA, are also possible.
Google uses the information collected on our behalf to evaluate your use of the website, compile reports on website activity for us, and provide other services related to website activity and internet usage. The IP address transmitted and shortened by your browser as part of Google Analytics will not be merged with other Google data. The data collected as part of the use of Google Analytics 4 will be stored for a period of two months and then deleted.
All processing described above, including data transmission via "pings," is carried out by Google on behalf of the provider of the website. and the possible setting of Google Analytics cookies, only take place if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR.
Without your consent, Google Analytics 4 will not be used during your visit to the site. You can revoke your consent at any time with future effect. To exercise your right of withdrawal, please deactivate this service using the "Cookie Consent Tool" provided on the website.
We have concluded a data processing agreement with Google that ensures the protection of our site visitors' data and prohibits unauthorized disclosure to third parties.
Further legal information regarding Google Analytics 4 can be found at https://business.safety.google
Demographic Features
Google Analytics 4 uses the special "demographic features" feature and can create statistics that provide information about the age, gender, and interests of site visitors. This is done by analyzing advertising and information from third parties. This allows target groups for marketing activities to be identified. However, the collected data cannot be assigned to a specific person and will be deleted after being stored for a period of two months.
Google Signals
As an extension to Google Analytics 4, Google Signals can be used on this website to create cross-device reports. If you have enabled personalized ads and have linked your devices to your Google Account, Google can analyze your usage behavior across devices and create database models, including those for cross-device conversions, subject to your consent to the use of Google Analytics in accordance with Art. 6 (1) (a) GDPR. We do not receive any personal data from Google, only statistics. If you would like to stop cross-device analysis, you can deactivate the "Personalized Advertising" function in your Google Account settings. To do so, follow the instructions on this page: https://support.google.com
UserIDs
As an extension to Google Analytics 4, the "UserIDs" function can be used on this website. If you have consented to the use of Google Analytics 4 in accordance with Art. 6 (1) (a) GDPR, have set up an account on this website, and log in with this account on various devices, your activities, including conversions, can be analyzed across devices.
For data transfers to the USA, the provider has adhered to the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision of the European Commission.
6.2 Matomo
This website uses a web analysis service from the following provider: InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. ("Matomo“)
To protect site visitors, Matomo uses a so-called "config_id" to enable various analyses of site usage within a short time window of up to 24 hours. The "config_id" is a randomly generated, time-limited hash of a limited set of visitor settings and attributes. The config_id or config hash is a character string calculated for a visitor based on their operating system, browser, browser plug-ins, IP address, and browser language. Matomo does not use device fingerprinting and uses an anonymized IP address of the site visitor to create the "config_id".
If the information processed in this way includes personal user data, the processing is carried out in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes. To object to the processing of your visitor data in the future, we provide you with a separate opt-out option on our website.
Data will only be transferred to the provider if the service itself is not hosted on our servers. In the case of self-hosting, data collected via the service will not be transmitted to the provider.
If the service is not hosted on our servers, we have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorized disclosure to third parties.
For data transfers to New Zealand, an adequacy decision of the EU Commission applies in this case, which attests to compliance with European data protection standards for international data transfers.
7.1 Google Web Fonts
This site uses so-called web fonts from the following provider for the uniform display of fonts: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
When you access a page, your browser loads the required web fonts into your browser cache to display text and fonts correctly and establishes a direct connection to the provider's servers. Certain browser information, including your IP address, is transmitted to the provider.
Data may also be transmitted to: Google LLC, USA
The processing of personal data when establishing contact with the font provider will only take place if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect by deactivating this service using the "Cookie Consent Tool" provided on the website. If your browser does not support web fonts, a standard font from your computer will be used.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision of the European Commission.
Further information on Google's privacy policy can be found here: https://business.safety.google
7.2 Microsoft Teams
For the implementation For online meetings, video conferences, and/or webinars, we use this provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA.
The provider processes various types of data, whereby the scope of the data processed depends on which data you provide before or during participation in an online meeting, video conference, or webinar. Your data as a communication participant is processed and stored on the provider's servers. This can include, in particular, your login data (name, email address, telephone number (optional), and password) and session data (topic, participant IP address, device information, description (optional)).
In addition, participants' image and audio contributions as well as voice inputs in chats may be processed.
Art. 6 (1) (b) GDPR serves as the legal basis for the processing of personal data necessary for the fulfillment of a contract with you (this also applies to processing operations necessary for the implementation of pre-contractual measures). If you have given us your consent to process your data, the processing will be based on Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.
Furthermore, the legal basis for data processing when conducting online meetings, video conferences, or webinars is our legitimate interest pursuant to Art. 6 (1) (f) GDPR in the effective conduct of the online meeting, webinar, or video conference.
We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.
For data transfers to the USA, the provider has adhered to the EU-US Data Privacy Framework, which, based on an adequacy decision of the European Commission, ensures compliance with the European ensures high levels of data protection.
7.3 Microsoft Forms
To conduct surveys or online forms, we use the services of the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
The provider enables us to design and evaluate surveys and online forms. In addition to the personal data you enter into the forms, information about your operating system, browser, the date and time of your visit, the referrer URL, and your IP address is collected, transmitted to the provider, and stored on the provider's servers.
The information you enter into the forms is stored password-protected to ensure that third-party access is excluded and only we can evaluate the data for the purpose stated in the form.
For the processing of personal data necessary to fulfill a contract with you (this also applies to processing operations necessary to carry out pre-contractual measures), Art. 6 (1) (b) GDPR serves as the legal basis. If you have given us your consent to process your data, the processing will be carried out on the basis of Art. 6 (1) (a) GDPR. Consent given can be revoked at any time with future effect.
We have concluded a data processing agreement with the provider, which ensures the protection of our site visitors' data and prohibits unauthorized disclosure to third parties.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision of the European Commission.
8.1 Applicable data protection law grants you the following data subject rights (rights to information and intervention) vis-à-vis the controller with regard to the processing of your personal data. The conditions for exercising this right are referred to the legal basis stated:
8.2 RIGHT OF OBJECTION
If we process your personal data based on our overriding legitimate interest as part of a balancing of interests, you have the right to object to this processing at any time, with effect for the future, for reasons arising from your particular situation.
If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to further processing if we can demonstrate compelling legitimate grounds for the processing that override your interests, fundamental rights, and fundamental freedoms, or if the processing serves to assert, exercise, or defend legal claims.
If your personal data is processed by us for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for such marketing purposes. YOU CAN EXERCISE YOUR OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT OF OBJECTION, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.
The duration of storage of personal data is determined by the respective legal basis, the purpose of processing and - where applicable - also by the respective statutory retention period (e.g. retention periods under commercial and tax law).
When processing personal data on the basis of express consent in accordance with Art. 6 (1) (a) GDPR, the data in question will be stored until you revoke your consent.
If statutory retention periods exist for data processed within the framework of legal or similar obligations on the basis of Art. 6 (1) (b) GDPR, this data will be routinely deleted after the retention periods have expired, provided it is no longer required to fulfill or initiate a contract and/or we no longer have a legitimate interest in continued storage.
When processing personal data on the basis of Art. 6 (1) (f) GDPR, this data will be stored until you exercise your right of objection in accordance with Art. 21 (1) GDPR, unless we can demonstrate compelling demonstrate legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
When personal data is processed for the purpose of direct marketing on the basis of Art. 6 (1) (f) GDPR, this data will be stored until you exercise your right of objection in accordance with Art. 21 (2) GDPR.
Unless the other information in this declaration on specific processing situations indicates otherwise, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.
