Privacy Policy

Information according to Article 13 and 14 of the GDPR

We are committed to the protection of personal data. The use of our website and our business activities are usually associated with the processing of personal data. To make these data processing activities transparent, we would like to inform you in our privacy policy about how we process personal data and what rights you have in this regard. If you have further questions, you will find our contact details below.

1. Who we are and how you can reach us with questions

The responsible party in terms of the General Data Protection Regulation (GDPR) is:

David Wippel
Glücksallee 8
3012 Wolfsgraben

2.1 General

We process personal data in compliance with relevant data protection regulations, particularly the General Data Protection Regulation (GDPR, Regulation [EU] 2016/679) and the Austrian Data Protection Act (DSG). Hence, processing only occurs based on a legal basis (specifically according to Article 6, Paragraph 1, points a-f of the GDPR), which will be indicated below with each data processing instance. All employees involved in the processing are obligated to maintain the confidentiality of your data (data secrecy). We do not carry out automated decision-making.

Generally, we collect personal data directly from the individual concerned. In individual cases, we collect and store personal data (especially name, contact information) due to correspondence with our clients and business partners or from publicly accessible sources (e.g., phone directory, websites, company register) based on Article 6, Paragraph 1, point f of the GDPR (and in this case, not directly from the individual concerned), if necessary for our service provision or for initiating contact and administration, which also serves our legitimate interest.

2.2 Operation of Our Website

With each access to our website (, your computer (device) or browser automatically transmits certain information to facilitate the visit or the operation of the website:

This data is stored in the log files of our system. This data is not stored together with other personal data of the user.

The legal basis for the processing of data and their temporary storage in log files is Article 6, Paragraph 1, lit f of the GDPR. The temporary storage of the listed data by the system is necessary to enable the delivery of the website to the user's device. The storage in log files is done to ensure the functionality of the website. Moreover, the data helps us in optimizing the website and in ensuring the security of our information technology systems, particularly guaranteeing the integrity, confidentiality, and availability of the data processed through our website. These purposes also constitute our legitimate interest in data processing according to Article 6, Paragraph 1, lit f of the GDPR.

Duration of Storage

The data will be deleted as soon as they are no longer necessary for the achievement of their collection purpose. In the case of collecting data to make the website available, this is when the respective session ends. Regarding the data stored in log files, this happens after a maximum of seven days, except further processing is necessary to clarify a (suspected) attack. Personal data, accrued during the operation of the website, is only transmitted by us to third parties (especially experts and relevant state authorities) for the case of a (suspected) data security incident or a criminal act (e.g., an attack), for the purposes of terminating the attack, clarification, prosecution, and the assertion of legal claims.

2.3 Social Media

We use social media to present our work through common communication channels. Each social media platform has its own policies regarding how your personal data is processed when you access their pages. For instance, when you click on a LinkedIn link, you will be asked to explicitly agree to the acceptance of LinkedIn cookies. If you have concerns or questions about the use of your personal data, you should carefully read the privacy policies of the social media providers before using these services:

2.4 Provision of Services as well as Customer Care and Information in this Context (Sales and Offer of Our Services and Administration of these Services)

We process personal data for the purpose of providing our services, customer care, and information including internal documentation and administration. The legal bases for the data processing are the fulfillment of the contract or the implementation of pre-contractual measures (Art 6 para 1 lit b GDPR), provided that the affected (natural) person becomes a direct party to the contract; complying with legal obligations (Art 6 para 1 lit c GDPR) as well as our legitimate interests (Art 6 para 1 lit f GDPR), particularly interests in asserting or defending our own legal claims and the internal administration within the company.

For a contract conclusion, the provision of certain personal data is legally or contractually required, to which the respective person affected is obligated; otherwise, no contract conclusion (and thus no service provision) is possible.

2.5 Making Contact and Online Appointment Scheduling

When you contact us (e.g., through online appointment scheduling or email), the details provided by the person making the inquiry (name, contact details, other information) are processed for the purpose of documentation, handling, and responding to the request. We offer online appointment scheduling on our website. We have marked the data necessary to respond to a request as mandatory fields. Providing additional data is voluntary.

The basis for processing this data is our legitimate interest in proper documentation, handling, and responding to the request (Art 6 para 1 lit f GDPR); in the case of contact being made within an existing customer relationship or the initiation of a business relationship, we rely on the fulfillment of the contract or the implementation of pre-contractual measures (Art 6 para 1 lit b GDPR).

If you contact us to fulfill your work or civil law obligations as an employee (service provider) for your employer or other client, we also have a legitimate interest in the proper documentation, handling, and responding to the request (Art 6 para 1 lit f GDPR), which includes your data as an external contact person; in the case of contact being made within an existing customer relationship or the initiation of a business relationship, we rely on the fulfillment of the contract or the implementation of pre-contractual measures (Art 6 para 1 lit b GDPR).

For the functionality of booking a free initial consultation, we link to the SavvyCal service provided by Unstack, LLC, 5123 W 98th St #1025, Minneapolis, MN 55437 USA. This service has its own policies governing the processing of your personal data when you visit its pages. If you use the functionality to book a free initial consultation, your personal data will be processed by SavvyCal (Unstack, LLC) according to the privacy information of SavvyCal, which you can access at the following link: If you do not wish to use the SavvyCal functionality to book a free initial consultation, please simply contact us for an appointment by phone or email using the contact details also provided on our page for booking a free initial consultation.

3. How Long Do We Store Personal Data?

Unless stated otherwise in the specific process, we basically store personal data as long as necessary to ensure the fulfillment of the mentioned purposes or as long as we are legally obliged to do so.

This means for business letters, contracts, bookings, etc., according to § 212 para 1 UGB and § 132 para 1 BAO: Until the end of the business relationship or until the expiration of the limitation and legal retention periods applicable to us (especially at least 7 years to prove compliance with tax, fee, and corporate law retention obligations); furthermore, until the conclusion of any legal disputes where the data is needed as evidence. For services where claims for damages or other titles are asserted, for the necessary duration (between 3 and 30 years). For inquiries (making contact): Personal data that you voluntarily provide to us are stored by us for a purpose-related duration for the provision of the associated processing and record-keeping (up to 3 years after completion or termination), unless a longer storage duration is necessary for the purpose of complying with a legal obligation or for asserting or defending legal claims.

4. Rights of the Affected Person

Provided the respective legal conditions are met, you can assert the following rights as an affected person:

You can revoke consents given for the processing of personal data at any time, please contact us (see our contact details). The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

4.1 Right to Complain

You have the right to file a complaint with a supervisory authority responsible for you (in Austria: Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, if you believe that the processing of personal data concerning you violates the GDPR or that your rights as an affected person have been violated. We ask you to contact us first in cases where you were not fully satisfied with us, so that we have an opportunity to correct any mistakes immediately.

GlasswiseGlasswise Logo

© 2024 Essential Code GmbH. All rights reserved.