FACT IS FACT - Privacy Policy

The protection of data is of particular concern to us. We therefore treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. In this privacy policy, we inform you about the most important aspects of data processing in the context of our cooperation with clients and our website www.factisfact.eu.

1. Note on the responsible body

The responsible body for data processing is:

FACT IS FACT e.U.
Axel Suppantschitsch, MSc
Idlhofgasse 32/9
8020 Graz
+43 670 4008500
hello@factisfact.eu

A responsible body is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

2. General data processing

2.1 Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

2.2 Right to object to the collection of data (Art. 21 GDPR)

If data processing is carried out on the basis of Art. 6 (1) lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR).

If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).

2.3 Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, affected persons have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

2.4 Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

2.5 Information, blocking, erasure and rectification

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.

2.6 Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we generally need time to verify this. For the duration of the review, you have the right to request that the processing of your personal data be restricted.
If the processing of your personal data was/is carried out unlawfully, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
If you have lodged an objection in accordance with Art. 21 (1) GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data - apart from its storage - may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

3. Data processing on the website www.factisfact.eu

3.1 SSL and TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of public and confidential content. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data transmitted between you and the website cannot be read by third parties.

3.2 Cookies

This website deliberately does not use cookies. For your benefit.

When you visit a website, small files called cookies are usually stored on your computer. These files contain information about your preferences and activities on the website. The website can use this information to customize and improve the website for you.

Cookies have both advantages and disadvantages. One disadvantage is that cookies can compromise your privacy. Cookies can collect information about your behavior on various websites and transmit it to third parties. These third parties can then combine this information, evaluate it and ultimately use it for purposes other than the original purpose. This may be undesirable for you if you value your privacy.

Another disadvantage is that cookies can take up memory space on your computer and reduce the speed of the website. This can cause difficulties, especially for users with slow internet connections or older computers.

3.3 Privacy policy for Porkbun

We use the registrar Porkbun for our domain "factisfact.eu". A registrar is a company (usually an Internet service provider) that registers Internet domains. As soon as you call up the domain "factisfact.eu", the DNS server addresses entered for the domain are sent back to your computer for name resolution. This service is essential for the technical function of the domain and website.

The provider of the service is the North American company Porkbun LLC, 21370 SW Langer Farms Parkway, Suite 142-429, Sherwood, OR 97140, United States of America. You can find out in detail which data is processed by using Porkbun in Porkbun's privacy policy (): https://porkbun.com/legal/agreement/privacy_policy.

3.4 Privacy policy for easyname

We use the web hosting provider easyname for our website "factisfact.eu". It provides the open-source software "WordPress", which we use to create and publish the website.

easyname automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.

The provider of the service is the Austrian company easyname GmbH, Canettigasse 5/10, 1100 Vienna, Austria. You can find out in detail which data is processed by using easyname in easyname's privacy policy (): https://www.easyname.at/download/data-protection-policy-en-v4.pdf.

4. Data processing in the Microsoft 365 Cloud

4.1 Microsoft privacy policy

We use the "Microsoft 365" service for our communication (including e-mail), the creation of documentation and collaboration with our clients. The service is a comprehensive solution that provides Office applications, cloud services and security solutions. The service offers users the opportunity to work from any supported end device, regardless of location. All personal data and other data that you exchange with us via the "Microsoft 365" service, e.g. by email, is stored in Microsoft's data centers.

The provider of the service is the North American company Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, United States of America. You can find out in detail which data is processed by using “Microsoft 365” in Microsoft's privacy policy (): https://privacy.microsoft.com/en-us/privacystatement.

5. Social media presences

5.1 Data processing by social networks

We maintain publicly accessible profiles in social networks. The individual social networks we use are listed below.

Social networks such as Facebook, Google+ etc. can generally analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or have been logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

5.2 Legal basis

Our social media presence is intended to ensure the widest possible presence on the internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) lit. a GDPR).

5.3 Who is responsible

If you visit one of our social media sites (e.g. LinkedIn), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. LinkedIn).

Please note that, despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options depend largely on the company policy of the respective provider.

5.4 Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.

We have no influence on the storage period of your data that is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

6. Social networks in detail

6.1 LinkedIn

We have a profile on LinkedIn.

The provider of the service is the Irish company LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies. If you wish to deactivate LinkedIn advertising cookies, please use the following link (): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Details on how they handle your personal data can be found in LinkedIn's privacy policy (): https://www.linkedin.com/legal/privacy-policy.

6.2 XING

We have a profile on XING.

The provider of the service is the German company XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Details on how they handle your personal data can be found in XING's privacy policy (): https://privacy.xing.com/en/privacy-policy.

7. Amendment of the data protection provisions

We reserve the right to amend this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy. Status as of December 01, 2023.

GT&C

IMPRINT