DATA PROTECTION
The protection of your personal data is very important to us. We therefore process your data exclusively on the basis of the applicable statutory provisions (EU General Data Protection Regulation GDPR, TKG 2003). In this data protection information, we inform you about the most important aspects of data processing in the context of our activities.
As a rule, our website can be used without providing personal data. If you enter personal data, e.g. to contact us or to subscribe to a newsletter, we will pass on the necessary information to companies that process data on our behalf (e.g. send the newsletter). We only commission companies that are subject to the General Data Protection Regulation.
Encrypted transmission
For reasons of security and data protection, this website uses SSL encryption, which prevents third parties from intercepting and reading the data you have entered while it is being transmitted. You can recognize the active encryption by the padlock or similar symbols in the address bar of your browser.
Contact us
If you contact us using the form on the website, by e-mail or in any other way, the data you provide (name, e-mail address and optionally the telephone number) will be used for the purpose of processing the request and in the event of follow-up questions stored with us for one year. If the request results in a contract, the statutory retention periods apply. We do not pass on this data without your consent. The data processing takes place on the basis of Art 6 Abs 1 lit b (contract fulfillment) and Art 6 Abs 1 lit a (consent) of the GDPR.
Klaviyo
We use the email marketing service Klaviyo, 125 Summer St, Floor 6, Boston, MA 02110, United States or 49 Southwark Bridge Rd, London, SE1 9HH, United Kingdom to send our newsletter.
As soon as you have signed up for the newsletter, you will receive an e-mail with a confirmation link. The newsletter registration is only then completed. Data processing takes place on the basis of the legal provisions of § 96 Abs 3 TKG as well as Art 6 Abs 1 lit a (consent) of the GDPR.
You can cancel the newsletter at any time. Please send your cancellation to the following email address: ola@oomooi.com or use the corresponding link at the end of the newsletter. We will then immediately delete your data in connection with the newsletter dispatch.
Klaviyo only uses your data to send you newsletters on our behalf and does not pass your data on to third parties at any time. We would like to point out that Klaviyo stores, processes and manages your data on servers in the USA, among other places.
We have concluded a processor contract with Klaviyo, in which Klaviyo undertakes to comply with the standard contractual clauses defined by the EU Commission. You can find more details at https://www.klaviyo.com/legal/dpa
The Klaviyo terms of use and further information on data protection can be found under the following link: https://www.klaviyo.com/legal/privacy-policy
Server logs
The server from which this website is provided stores information that is automatically transmitted to us by your browser in so-called log files. These are:
- Browser type and browser version
- Operating system used
- The page (URL) from which you came to us
- The IP address of the accessing computer
- Time of the request
These data are used exclusively for the technical monitoring of the web server (utilization, optimization, error detection, security) and are absolutely necessary for this. They are not connected to other data sources so that they cannot be assigned to individual persons. They are deleted after three months.
The data processing takes place on the basis of Art 6 Paragraph 1 lit f (legitimate interests) of the GDPR. The legitimate interest within the meaning of the GDPR is the proper and secure functioning of the website.
Google reCaptcha
We use the “Google reCaptcha” service from Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA, to protect our website from spam and abuse.
For this purpose, data is transmitted to Google that makes it possible to differentiate between humans and robots. In most cases, this happens without a human having to answer questions or recognize images.
Google is certified under the US-EU data protection agreement "Privacy Shield".
The data processing takes place on the basis of Art 6 Paragraph 1 lit f (legitimate interest) of the GDPR.
Our concern within the meaning of the GDPR (legitimate interest) is the protection of our website against spam and misuse.
The Google terms of use and further information on the processed data can be found under the following links: https://www.google.com/analytics/terms/de.html
Google Fonts
We use fonts from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA on our website. When you look at our website, your browser downloads these fonts from Google.
The use of Google Fonts takes place without registration and no cookies are sent to Google. If you are logged in to Google when you visit our website, your Google account details will not be transmitted to Google. Google only records the use of the corresponding fonts and securely stores this data.
You can find details on this at https://developers.google.com/fonts/faq
Please also note the Google data protection declaration at https://www.google.com/intl/de/policies/privacy/, where you can find further information on the data processed.
The data processing takes place on the basis of Art 6 Abs 1 lit f (legitimate interests) of the GDPR. The legitimate interest within the meaning of the GDPR is the appealing design of the website.
Cookies
Our website uses cookies. These small text files are stored on your device with the help of the browser. They do no harm.
We use cookies to make our offer user-friendly. Some cookies remain stored on your device until you delete them. They enable us to recognize your browser the next time you visit.
Some of these cookies are necessary for the operation of the website, are used to log in and save your consent in cookies that are not required. If you do not want the necessary cookies to be stored, you can set up your browser so that it informs you about the setting of cookies and you only allow this in individual cases.
The legal basis for the use of required cookies is Art 6 Paragraph 1 lit f (legitimate interests) of the GDPR. Legitimate interests within the meaning of the GDPR are the proper and safe functioning of the website and the optimization of our offer.
In addition, other cookies that are not absolutely necessary for the operation of the website may be stored, and only with your consent. Details on this can be found in the following sections.
Google Analytics
With your consent, our website uses functions of the web analysis service "Google Analytics" from the provider Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Cookies are used for this, which enable an analysis of the use of the website by its visitors. The information generated in this way is transferred to the provider's server and stored there.
If you have consented to the use of Google Analytics, cookies will be set in your browser that will identify you when you visit our website again and allow us to differentiate between visitors and analyse what they have viewed on previous visits to our website. Since the privacy of our users is important to us, this data is pseudonymized, i.e. we cannot assign it to any specific person and we do not know who the respective visitor was.
We have activated the "IP anonymization" function on this website. As a result, your IP address will be shortened before it is transmitted to the USA and can no longer be assigned to a specific person. Only a rough localization is possible. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
We have concluded a processor contract with Google in which Google undertakes to comply with the standard contractual clauses defined by the EU Commission.
The data processing takes place on the basis of the legal provisions of § 96 Abs 3 TKG as well as Art 6 Abs 1 lit a (consent) of the GDPR.
You can find the Google Terms of Use and further information on data protection under the following links: https://www.google.com/analytics/terms/de.html and http://www.google.com/intl/de/policies/privacy/
Facebook Pixel
With your consent, our website uses the functions of the “Facebook pixel” from Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).
With the help of this Java script, Facebook can record your activities on our site. This is used, for example, to recognize if you came to our site via a Facebook ad and purchased the advertised product there. This enables us to measure the effectiveness of Facebook ads and to further improve our offer.
For this purpose, several cookies are stored in your browser, with the help of which Facebook can match information such as your IP address or user ID with your Facebook account. If you are logged in to Facebook when visiting our website, your visit and your activities will be assigned directly to your Facebook account.
The data collected is anonymous to us, i.e. we cannot draw any conclusions about the people who have visited our website. We can also only access the evaluations in connection with Facebook advertising that we have placed. However, the data will be stored and processed by Facebook, which we will inform you about based on our level of knowledge. Facebook can use this data in accordance with Facebook's privacy policy (see https://www.facebook.com/about/privacy/).
The data processing is carried out on the basis of Art 6 Paragraph 1 lit a (consent) of the GDPR.
Hotjar
With your consent, we use the services of Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St. Julien's STJ 3141 Malta ("Hotjar") on our website.
Hotjar records the behavior of users on our site and their movement patterns. This analysis tool helps us to learn more about the user behavior of our website visitors and to statistically evaluate visitor data. This is important for us in order to receive feedback on the user-experience of our site and for improving our website and service.
The IP addresses and other personal data are automatically anonymized and never reach the Hotjar servers. With the Hotjar services, you will not be personally identified.
We have concluded a processor contract with Hotjar, in which Hotjar undertakes to comply with the standard contractual clauses defined by the EU Commission.
The data processing takes place on the basis of the legal provisions of § 96 Abs 3 TKG as well as Art 6 Abs 1 lit a (consent) of the GDPR.The Hotjar terms of use and further information on data protection can be found under the following link: https://www.hotjar.com/legal/policies/privacy/
Data Storage
For accounting purposes, the following data of our customers are stored by us: name, address, telephone number, e-mail address and, if you have agreed to a direct debit mandate, your bank details. This data is not passed on, with the exception of the transfer to the processing bank / payment service provider for the purpose of debiting, as well as to our tax advisor for the purpose of accounting and to fulfill our tax obligations. The data will only be saved within the EU.
The data you provide are required to fulfill the contract or to carry out pre-contractual measures. Without this data, we cannot conclude and fulfill the contract with you.
All data from a contractual relationship are stored until the expiry of the retention period under tax law (7 years).
The above data is saved
- on encrypted local computer systems or portable computers secured by passwords and physical access protection.
- in encrypted and password-secured cloud solutions from Microsoft (Microsoft Ireland Operations Limited, Atrium Block B, Carmenhall Road, Sandyford Industrial Estate, Dublin 18, Ireland). The data is stored exclusively on servers within the EU. We have concluded a processor contract with Microsoft in which Microsoft undertakes to comply with the standard contractual clauses defined by the EU Commission. You can find Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement
The data processing is carried out on the basis of Art 6 Paragraph 1 lit c (statutory provisions) of the GDPR and Art 6 Paragraph 1 lit b (necessary to fulfill the contract) of the GDPR.
Data processing in the context of order fulfillment and customer care
For the purpose of fulfilling the contract, access data for online services such as web hosting, e-mail providers, office solutions, social media platforms, etc. will also be stored, if necessary for the order you have placed and actively transmitted by you.
The above data is saved
- on encrypted local computer systems or portable computers that are secured by passwords and physical access protection.
- in encrypted and password-protected cloud solutions from Microsoft (Microsoft Ireland Operations Limited, Atrium Block B, Carmenhall Road, Sandyford Industrial Estate, Dublin 18, Ireland). The data is stored exclusively on servers within the EU. We have concluded a processor contract with Microsoft in which Microsoft undertakes to comply with the standard contractual clauses definded by the EU Commission. You can find Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.
For the purpose of remote maintenance, we use the Teamviewer service from TeamViewer GmbH, Göpping, Germany.
For the purpose of social media design and social media marketing, we will publish content on your behalf on the desired social media platforms. The data to be published (images, videos, audio files) are provided by you. It is your responsibility to ensure that you have the necessary rights and consents for publication.
We use the following services to create, edit and publish social media content:
- Adobe Indesign, Adobe Systems Incorporated, USA
- Adobe Photoshop, Adobe Systems Incorported, USA
- Canva, Australia
We have concluded a processor agreement with all of the above-mentioned companies, in which these companies undertake to comply with the GDPR.
The companies based in the USA undertake to adhere to the standard contractual clauses as defined by the EU Commission.
The data you provide are required to fulfill the contract or to carry out pre-contractual measures. Without this data, we cannot conclude and fulfill the contract with you. Data will only be transmitted to third parties with your express permission.
All data from a contractual relationship are stored until the expiry of the retention period under tax law (7 years). Access data to systems used by the customer will be deleted immediately after the end of the contract.
The data processing takes place on the basis of the legal provisions of § 96 Abs 3 TKG as well as Art 6 Abs 1 lit a (consent) and / or lit b (necessary to fulfill the contract) of the GDPR.
Your Rights
You have the right to information, correction, deletion, restriction, data portability, revocation and objection. Corresponding inquiries can be addressed to the e-mail address ola@oomooi.com.
If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can complain to the supervisory authority. In Austria this is the data protection authority.
You can reach us under the following contact details:
Via e-mail at ola@oomooi.com or via the contact form on our website.