1. Who processes my personal data?
The controller of the processing of your personal data is me, Filip Svetlošák, EU VAT number: ATU79346209, located at Große Schiffgasse 12/215, 1020 Vienna, Austria. Email: firstname.lastname@example.org
2. Why and on what legal basis do I process your personal data?
I process your data only if
- you have given me your consent (Article 6(1)(a) DSGVO)
- you have concluded a contract with me (Article 6(1) lit. b DSGVO). For example, in the case of a purchase contract, I need personal information in advance to be able to issue the invoice.
- there is a legal obligation (Article 6(1)(c) DSGVO). For example, I am required by law to keep invoices for accounting purposes. These usually contain personal data.
- I have legitimate interests (Article 6(1) lit. f DSGVO). In order to operate this website in a secure and economically efficient manner, I process your personal data. This processing is therefore a legitimate interest.
I use your data for the following purposes:
- Communication regarding the lessons
- Provision of learning materials
3. What personal data do I process while providing services?
I process data that you provide to me yourself. Mostly these are:
Identification data: First name and surname, address of your domicile or permanent residence abroad, which you provide to me for the purpose of invoicing.In the event of a natural person who is a sole trader, further the company, place of business, and the EU VAT number.
Contact details: E-mail address, if you contact me by e-mail or enter your e-mail address in the reservation system Calendly, possibly your phone number/social media, if you decide to provide these to me.
Data that make it possible for me to account for the services rendered: Above all, identification of a payer of an amount charged for, billing address and the bank account number.
When visiting my website, your IP address, beginning and end of the session are also recorded for the duration of this session.
4. For how long will I store your personal data?
I store your data for 7 years from the end of the duration of the last contract existing between you and me.
I keep the personal data processed on the basis of given consent for a period for which the consent has been given, or until this consent is cancelled, unless I have another legal basis for processing the data.
5. To whom do I transfer your personal data?
Since I have no employees, I am the only one who has access to your personal data. I do not transfer your data to third countries (countries other than the EU).
In order to measure your behavior on this website, I use features of the web analytics service Google Analytics. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible. Cookies are used for this purpose, which enable an analysis of the use of the website by its users. The information thus generated is transferred to the provider’s server and stored there.
6. What do I do for the security of your personal data?
I have taken all technical and organizational measures necessary for ensuring sufficient protection of personal data, taking into account its nature, scope, context and purposes, as well as for the risk to the rights and freedoms of natural persons, of varying likelihood and severity. However, I draw your attention to the fact that no data transmission via the Internet or data storage technologies can ever guarantee 100% security.
7. What are your rights with regard to the processing of your personal data?
With regard to the processing of personal data, you have the following rights under the GDPR:
Right of access.When asked, I will tell you whether or not I process any personal data concerning you. If this is the case, you have the right to receive a copy of the data and in particular to know the following information: Purpose of this processing, categories of personal data concerned, categories of recipients, or the planned storage period.
Right to rectification and completion, which means that I must correct your data if you find errors.
Right to erasure (“right to be forgotten”).You may request erasure of your data. In this case, I will delete all your personal data from my database and the databases of all other processors. However, in some cases I am bound by a legal obligation, e.g. I have to keep records of invoices issued for a period specified by law. In this case, I will therefore delete all personal data that is not bound by another law.
Right to restrict the processing of personal data. In this case, I may store your data and process it only with your consent.
Right to data portability. This means that I will provide you with your data in a common format upon request.
Right to object to processing
Right not to be subject to a decision based solely on automated processing (for example, profiling).
Right to lodge a complaint. If you assume that there is unauthorised processing of your personal data, you are entitled to contact the supervisory authority. In Austria, the Data Protection Authority (Datenschutzbehörde, www.dsb.gv.at) is responsible for this.
Right to withdraw the consent given to me for the processing of personal data. You can withdraw the granted consent at any time by sending the corresponding email to email@example.com.
These privacy rules become effective on 8. 6. 2023.