1. Introduction and Overview

We have created this privacy policy (as of March 2024) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (short: data) we as the controller – and the processors engaged by us (e.g., providers) – process, will process in the future, and what legal options you have. The terms used are to be understood in a gender-neutral manner.

Alle Texte sind urheberrechtlich geschützt.
Source: Erstellt mit dem Datenschutz Generator von AdSimple

2. Scope of Application

This privacy policy applies to all personal data processed by us within the company and for all personal data processed by companies engaged by us (processors). By personal data, we mean information in the sense of Art. 4 No. 1 GDPR such as name, email address and postal address of a person. The processing of personal data ensures that we can offer and bill for our services and products, whether online or offline. The scope of this privacy policy encompasses:

• all online presences (websites) that we operate

• social media presences and email communication

• mobile apps for smartphones and other devices

In summary: The privacy policy applies to all areas where personal data are processed in a structured manner within the company through the mentioned channels. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

We only process your data if at least one of the following conditions is met:

1. Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of data you entered in a contact form.

2. Contract (Article 6(1)(b) GDPR): To fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase agreement with you, we require personal information in advance.

3. Legal Obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally required to retain invoices for accounting purposes. These typically contain personal data.

4. Legitimate Interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we must process certain data to operate our website securely and economically efficiently. This processing is thus a legitimate interest.

3. Duration of Storage

We store personal data only as long as it is absolutely necessary for the provision of our services and products, which applies as a general criterion for us. This means that we delete personal data as soon as the reason for processing the data is no longer present. In some cases, we are legally obligated to retain certain data even after the original purpose has ceased, for example for accounting purposes.

If you wish for your data to be deleted or revoke your consent to data processing, the data will be deleted as quickly as possible and, as long as there is no obligation to retain, deleted.

4. Your Rights under the General Data Protection Regulation

In accordance with Articles 13 and 14 GDPR, we inform you about the following rights that you are entitled to, in order to ensure fair and transparent data processing:

• You have the right under Article 15 GDPR to request information about whether we process data concerning you. If that is the case, you have the right to receive a copy of the data and to learn the following information: 

  • the purpose of the processing;

  • the categories, i.e., the types of data processed;

  • who receives this data and, if the data is transferred to third countries, how security can be ensured;

  • how long the data is stored;

  • the existence of the right to rectification, deletion or restriction of processing and the right to object to processing;

  • that you can complain to a supervisory authority (links to these authorities can be found below);

  • the origin of the data if we have not collected it from you;

  • whether profiling is conducted, i.e., whether data is automatically evaluated to arrive at a personal profile of you.

• You have the right under Article 16 GDPR to have data rectified, which means that we must correct data if you find errors.

• You have the right under Article 17 GDPR to deletion ("right to be forgotten"), which specifically means that you may request the deletion of your data.

• You have the right under Article 18 GDPR to restriction of processing, which means that we may only store the data but not further use it.

• You have the right under Article 20 GDPR to data portability, which means that we will provide your data in a commonly used format upon request.

• You have the right under Article 21 GDPR to object, which upon enforcement brings about a change in processing. 

  • If the processing of your data is based on Article 6(1)(e) (public interest, exercise of public authority) or Article 6(1)(f) (legitimate interest), you can object to the processing. We will examine as quickly as possible whether we can legally comply with this objection.

  • If data is used for direct marketing, you can object to this type of data processing at any time. We may no longer use your data for direct marketing thereafter.

  • If data is used for profiling, you can object to this type of data processing at any time. We may no longer use your data for profiling thereafter.

• You have the right under Article 22 GDPR, under certain circumstances, not to be subjected to a decision based solely on automated processing (for example, profiling).

• You have the right under Article 77 GDPR to lodge a complaint. This means that you can complain to the data protection authority at any time if you believe that the processing of personal data violates the GDPR.

5. Whose Data Do We Process and How?
   
   

6. Visitors to Our Website 

This section applies as far as we operate a website.

When you visit a website operated by us, we will process some of your personal data in connection with this visit.

In this section, we inform you about how we process your personal data.

2. Categories of Processed Data and Purposes of Data Processing

During your visit to this website, we will automatically collect the following personal data about you:

• The date and time of visiting a page on our website;

• Your IP address (in truncated form, so that no unique allocation is possible);

• Technical information such as the name and version of your web browser, Internet service provider, device and screen resolution;

• Source (URL) of your visit (i.e., through which website or advertisement you arrived at our site);

• Orders including the revenue and ordered products 

• The achievement of "website goals" (e.g., contact inquiries and newsletter registrations) 

• Your behavior on the pages (for example clicks, scrolling behavior, and duration of stay) 

• Your approximate location (country and city) 

• certain cookies (see below);

In addition, we may ask you to provide personal data on our website, such as your name and email address, so that we can provide you with certain services.

There is no obligation to provide the data we request on our website. However, if you do not do so, you may not be able to use all the functions of the website.

We process your data for the following purposes:

• to provide this website to you and to continually improve and develop this website;

• to compile usage statistics;

• to display personalized page recommendations;

• to detect, prevent, and investigate attacks on our website;

• to potentially provide members with a user account on our website; and

• to be able to contact users via email. 

3. Legal Bases for Processing

We process your personal data on the basis of:

• Art. 6(1)(a) GDPR (Consent): You give us your consent to store your data and to use it further for business-related purposes;

• Art. 6(1)(b) GDPR (Contract): There is a necessity for fulfilling a contract with you or a processor such as the telephone provider, or we must process the data for pre-contractual activities, such as preparing a quote;

• our overriding legitimate interest under Art. 6(1)(f) GDPR, which consists of designing our website to be user-friendly and protecting our website from attacks.
  
  

4. Duration of Storage

We will generally store your data for a period of three months. Extended storage will only occur to the extent necessary to investigate identified attacks on our website and furthermore only until the expiry of applicable limitation periods, legal retention periods or any legal disputes, in which the data is needed as evidence.

5. Cookies (General)

Our website uses so-called cookies. A cookie is a small file that can be stored on your computer when you visit a website. In general, cookies are used to provide users with additional functions on a website. They can be used, for example, to facilitate your navigation on a website, allow you to continue using a website where you left off, and/or save your preferences and settings when you revisit the website. Cookies cannot access, read or change any other data on your computer.

Many cookies on our website are so-called session cookies. They are automatically deleted when you leave our website. Permanent cookies, on the other hand, remain on your computer until you manually delete them in your browser. We use such permanent cookies to recognize you the next time you visit our website. 

If you want to control cookies on your computer, you can configure your browser settings to receive a notification when a website wants to store cookies. You can also block or delete cookies that have already been stored on your computer. If you would like to know more about how to take these steps, please use the "Help" function in your browser. For a user-friendly handling, we additionally use a so-called "cookie management tool" that allows you to manage the placement of cookies even more easily. Please note that blocking or deleting cookies may affect your online experience and prevent you from using this website fully. 

We also use cookies to display personalized page recommendations. No IP numbers are stored in this process. During the website visit, the following data is collected: internal ID of the accessed page, attributes of the accessed page, categories of the accessed page. This data is not transmitted to anyone. 

6. Google Tag Manager

We use Google Tag Manager on our pages. The Google Tag Manager is an application that allows us to deploy small code elements (tags) on our pages based on custom rules. Such tags can serve, for example, to measure visitor behavior (Google Analytics).

The tag manager itself does not write cookies and does not collect personal data, but it can deploy tags that collect such data.

The basis for the cookie consent tool offered on our pages is the use of the Google Tag Manager, which interprets the settings made by the visitor and subsequently deploys tags on the page accordingly or not.

7. Google Analytics
   

Our website uses the functions of the web analysis service Google Analytics, which is offered by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (“Google”). Google Analytics uses cookies to help us analyze how you use this website.

The information generated by such a cookie regarding your use of this website (including your IP address and the URLs of the pages accessed as well as the attributes of the webpage) is transmitted to servers of Google in the USA and stored there.

The data obtained is used to optimize our website and advertising measures.

Our website uses the IP anonymization feature offered by Google Analytics. Your IP address will therefore be shortened/anonymized by Google as soon as it receives your IP address. On our behalf, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide us with additional services related to website usage and internet usage. The IP address transmitted by your browser within the framework of Google Analytics will not be merged with other data by Google.

You can prevent the collection of your data by Google Analytics on this website via our “cookie management tool” (link “cookie settings” at the bottom of the page) (an opt-out cookie will be set that prevents future collection of your data when visiting this website).

» More information on the terms of use of Google and Google's privacy policy

1.7.1. Cookies Used by Google Analytics

CookieValidityPurposeDuration_ga1st PartyContains a randomly generated user ID, allowing Google Analytics to recognize recurring visitors on our websites and to merge them with data from previous visits.2 years_gid1st PartyContains a randomly generated user ID, allowing Google Analytics to recognize recurring visitors on our websites and to merge them with data from previous visits.24 h_gat1st PartyCertain data is sent to Google Analytics only once per minute. The cookie has a lifespan of one minute. As long as it is set, certain data transmissions are blocked.1 Min_dc_gtm_xxx1st PartyCertain data is sent to Google Analytics only once per minute. The cookie has a lifespan of one minute. As long as it is set, certain data transmissions are blocked.1 MinIDEdoubleclick.net3rd PartyContains a randomly generated user ID. This ID allows Google to recognize the user across different websites and serve personalized advertising.1 year

8. Google Ads 

We use Google Ads Conversion Tracking to measure the success of our advertising measures. After certain goal achievements on our website ("conversions") - such as the completion of an order or registration for our newsletter - this goal achievement is recorded by Google. Google can measure the number of goal achievements. Furthermore, Google assigns which ads were clicked beforehand and thus were decisive for the goal achievement based on previously set cookies. Google processes this data on servers in the USA, but will not link it with personal data from your Google account.

1.8. Cookies Used by Google Ads

CookieValidityPurposeDurationTest_cookiedoubleclick.net
3rd PartySet to test whether the browser allows cookie placement. Contains no identification features.15 MinIDEdoubleclick.net
3rd PartyContains a randomly generated user ID. This ID allows Google to recognize the user across different websites and serve personalized advertising.1 year

9. Facebook
   
   

1.9.1. Facebook Page

When you visit our Facebook page, personal data (documentation of usage behavior) is processed by Facebook through cookies. From this information, anonymized statistical data about page activity is created and automatically provided to us (Insights). We are jointly responsible with Facebook for this data processing in accordance with Article 26 of the General Data Protection Regulation. We rely on our legitimate interests for this. Without the processing of this data, our presence and optimization of our offering on Facebook would not be possible. You can find more information on the Facebook information page.

1.9.2. PlugIns

PlugIns from Facebook that we use store personal data from visitors to our website in accordance with Facebook's data usage policies. This also applies to users who are not logged in or are not members of Facebook. More information can be found in Facebook's privacy policy.

1.9.3. Facebook Pixel

We also partially use the “pixel” from Facebook on our websites. This allows the behavior of users to be tracked after they have clicked on an ad on Facebook. We evaluate ads for statistical and market research purposes and optimize future advertising measures.

Another benefit is to recognize whether and which interactions have been performed on the website (e.g. download)
(see event tracking).

This function also serves to present visitors to this website with interest-based ads on the social network Facebook (“Facebook Ads”) (see custom audiences). To this end, Facebook Pixel has been implemented on our website. When visiting the website, a direct connection to Facebook servers is established. During this process, it is transmitted to the Facebook server that you visited this website and Facebook assigns this information to your personal Facebook account.

We do not receive any personal data. At the same time, the data is also stored and processed by Facebook itself, allowing Facebook to link to the respective Facebook user profile. Facebook may use this data for its own advertising purposes, in accordance with Facebook's data use policy. Consent to this lies with Facebook and is not under our influence. For more information on the collection and use of data by Facebook as well as your related rights and options for protecting your privacy, please see Facebook's privacy notice.

1.9.4. Cookies Used by Facebook Pixel

CookieValidityPurposeDuration_fbp1st PartyUsed to display a range of advertising products.6 monthsactfacebook.com
3rd PartyContains a timestamp when the user logged into Facebook.Sessiondprfacebook.com
3rd PartyNo further information about the use known.1 weekwdfacebook.com
3rd PartyStores the dimensions of the browser window and is used to optimize the rendering of the page.1 weekspinfacebook.com
3rd PartyNo further information about the use known.1 dayxsfacebook.com
3rd PartyContains various information about the user's session3 monthsc_userfacebook.com
3rd PartyContains the user ID of the currently logged-in user.3 monthspresencefacebook.com
3rd PartyContains the user's chat status (e.g. whether chat tabs are open)Sessionsbfacebook.com
3rd PartyContains information about the browser.2 yearslocalefacebook.com
3rd PartyContains information about the display area scheme1 weekdatrfacebook.com
3rd Party Serves to identify the web browser among other things.2 yearsfrfacebook.com
3rd PartyUsed to display a range of advertising products.3 months

1.10. LinkedIn Pixel

We also partially use the LinkedIn Insight Tag on our websites. The LinkedIn Insight Tag uses browser cookies to collect data on our websites, including page activities, URL, referrer URL, IP address, device and browser properties, as well as timestamps, if the user is an active LinkedIn member. IP addresses are shortened or hashed. This allows the behavior of users to be tracked after they have clicked on an ad on LinkedIn. We evaluate ads for statistical and market research purposes and optimize future advertising measures. See also the Cookie Policy of LinkedIn.

1.10.1. Cookies Used by LinkedIn Pixel

CookieValidityPurposeDurationUserMatchHistory3rd PartyMeasures the advertising performance of LinkedIn ads.30 daysli_sugr3rd PartyContains browser ID3 monthsli-oatml3rd PartyLinkedIn member recognition for conversion tracking, retargeting, analytics1 monthli_fat_id1st PartyLinkedIn member recognition for conversion tracking, retargeting, analytics1 monthU3rd PartyBrowser recognition3 monthsbcookie3rd PartyIdentifies the browser ID1 yearbscookie3rd PartyIdentifies a secure browser ID1 year

2. Our Customers 

1. Insofar as the provider (Ads By You) can access personal data of the customer or from their area, they will act solely as a processor and will only process and use this data for the execution of the contract. The provider will observe the customer's instructions for handling this data. The customer will bear any negative consequences of such instructions for contract execution.
   
   
   

2. The customer acknowledges, understands, and irrevocably agrees that the provider may use the customer data transmitted to the price comparison platform or collected by the provider on an anonymized basis for any purpose, process and use it. 

3. The provider processes personal data of the customer that is necessary for accessing the Google Content API for Shopping. Personal data of the customer will generally not be disclosed to third parties. Data retained by the provider will include:

 Email addresses and access to shop data, expressed in the following scopes: 

(i) “https://googleapis.com/auth/userinfo.profile”
(ii) “https://googleapis.com/auth/userinfo.email”
(iii) “https://googleapis.com/auth/content” 

4. The customer remains responsible both in general in the contractual relationship and in the data protection sense. If the customer processes personal data in connection with the contract (including collection and use), they guarantee that they are entitled to do so under the applicable, particularly data protection regulations and shall indemnify the provider against claims from third parties in the event of a violation.
   
   
   

5. For the relationship between the provider and the customer, the responsibility for the processing (including collection and use) of personal data lies with the customer, unless the provider has to represent any claims of the data subject due to a breach of duty attributable to them. The customer will professionally examine, process, and respond to any inquiries, requests, and claims from the data subject. This also applies in case of a claim being made against the provider by the data subject.
   
   
   

VI. International Data Transfers

Some of the above-mentioned recipients may be located outside of Austria or the EU or process your personal data there. The level of data protection in other countries may not correspond with that of Austria. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection, or we take measures to ensure that all recipients have an adequate level of data protection. To this end, we conclude standard contractual clauses (2010/87/EC and/or 2004/915/EC). The agreements concluded may be available upon request.

VII. Contact Details of the Controller

If you have questions about data protection or the processing of personal data, you will find below the contact details of the responsible person or authority:

AdsByYou OG
Peter Pick

E-Mail: office(at)labelupnow.com

Imprint: labelupnow.com/impressum