Privacy Policy

• In accordance with Art. 15 GDPR, you can request information about your personal data processed by us; you can also request information about the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria used to determine the storage period, the origin of your data if it was not collected from you, the existence of automated decision-making, including profiling and, where applicable, meaningful information about its details such as logic, scope and impact, the existence of a right to rectification or erasure of data concerning you, the right to restriction of processing or to object to such processing, and the right to object to such processing.
  processing, the existence of a right of appeal to the supervisory authority; finally, you have a right to information as to whether personal data has been transferred to a third country or to an international organisation and - if this is the case - about the appropriate safeguards in connection with the transfer;
• In accordance with Art. 16 GDPR, you can request the immediate correction of incorrect or the completion of your personal data stored by us;
• In accordance with Art. 17 GDPR, you can request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
• In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete it and we no longer need the data, if you no longer need the data for the assertion, exercise or defence of legal claims or if you have lodged an objection to the processing in accordance with Art. 21 GDPR, but it has not yet been determined whether our legitimate reasons for processing the data outweigh your interests;
• In accordance with Art. 20 GDPR, you may request the provision of your personal data that you have provided to us in a structured, commonly used and machine-readable format or the transfer to another controller;
• In accordance with Art. 21 GDPR, you can object to the processing of your personal data if there are reasons for this arising from your particular situation or if the objection is directed against direct advertising and the legal basis for the processing of personal data is legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR;
• In accordance with Art. 7 para. 3 GDPR, you can revoke your consent to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future;
• In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. In Austria, this is the data protection authority, whose website you can find at https://www.dsb.gv.at/

You can assert these rights directly with ANEXIA, the easiest way being to send an e- mail to data- protection@anexia-it.com.

If the processing of your data is based on your consent, you can revoke this consent at any time. However, this does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. To withdraw your consent, please contact ANEXIA directly (data-protection@anexia- it.com) or use the cookie settings with regard to cookies.

Unless otherwise stipulated in this privacy policy for individual cases, personal data that is no longer required for the purposes for which it was collected or otherwise processed and for which there are no longer any statutory retention obligations will be deleted.

We delete the personal data processed by us under the conditions of Art. 17 GDPR upon request. Personal data that is required for other and legally permissible purposes will not be deleted. This applies, for example, to personal data that is required to pursue any claims to which we are entitled and that must be retained by us for commercial or tax law reasons.

The processing of this data is restricted in accordance with Art. 18 GDPR and the data is not processed for other purposes.

When you access our website or the individual pages, the browser on your device automatically sends information to the server of our website. The following information is stored in log files:

• IP address of the requesting computer,
• Date and time of access,
• Name and URL of the retrieved file,
• Website from which the access is made (referrer URL),
• the browser used and, if applicable, the operating system of your computer,
• Status codes and amount of data transferred.

This data is processed for the following purposes:

• Provision of the website including all functions and content,
• Ensuring a smooth connection to the websites,
• To ensure a comfortable use of our websites,
• Ensuring system security and stability,
• Anonymised statistical evaluation of access,
• Optimisation of the website,
• Disclosure to law enforcement authorities if an unlawful intrusion/attack on our systems has taken place,
• other administrative purposes.

This data will be deleted or anonymised after three months if it is no longer required for other purposes (e.g. defence or assertion of claims).

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes described above.

Personal data that you transmit to us electronically on this website, such as your name, e-mail address, address or other personal details when submitting a form, will be stored securely by us together with the time and IP address and saved by us in the event of further questions.

We therefore only process your personal data for a specific purpose in the event of further questions, for communication with those visitors who expressly wish to be contacted and for the processing of the services and products offered on this website.

The legal basis for this processing is Art. 6 para. 1 lit. b and f GDPR. On the one hand, this processing is necessary for the fulfilment of a contract with you; on the other hand, the above-mentioned purpose represents a legitimate interest on our part. This data will not be passed on to third parties without your express consent, unless it is necessary for the fulfilment of pre-contractual measures or contractual obligations pursuant to Art. 6 para. 1 lit. b GDPR, for example to banks, payment service providers, credit card companies to process the payment or to safeguard our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, for example to pursue any claims to which we are entitled or defence against claims directed against us, or there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c GDPR.

We use https to transmit data tap-proof on the Internet. By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognise the use of this data transmission security by the small lock symbol at the top left of the browser and the use of the https scheme as part of our Internet address.

If you do not want this, you can set up your browser so that it informs you about the setting of cookies and you only allow this in individual cases.

General information about cookies

A cookie is a short data packet that is exchanged between the web browser and the web server, but is completely meaningless to them and only acquires meaning for the web application, e.g. an online shop, such as the contents of a virtual shopping basket.

There are two types of cookies: first-party cookies are created by our website, third- party cookies are created by other websites (e.g. Google Analytics).

There are three categories of cookies: strictly necessary cookies to ensure basic website functions; functional cookies to ensure the performance of the website and targeted cookies to improve the user experience.

You can delete cookies that are already on your computer or deactivate cookies at any time. The procedure for doing this differs from browser to browser; it is best to look for "Delete cookies" or "Deactivate cookies" in your browser's operating instructions.

If you generally do not allow cookies to be used, i.e. deactivate them in your browser settings, some functions and pages may not work as expected.

We use Cloudflare from Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) on our websites to improve and protect the websites. The collection of log data helps to recognise new threats, identify malicious third parties and provide the websites with more stable security protection. faster and more secure. Cloudflare uses cookies and processes visitor data, which we will inform you about below.

The Cloudflare cookie ( cfduid) is used to identify individual visitors behind a shared IP address and to apply security settings to individual visitors. For example, if a visitor to this website is in a location where there are a number of infected computers, but the particular visitor's computer is trusted, we can recognise this from the cookie. The cookie does not correspond to a user ID and does not store any personal data.

This cookie is absolutely necessary for the Cloudflare security functions and cannot be deactivated.

Cloudflare collects information from website visitors. This information may include, but is not limited to, IP addresses, system configuration information and other information about traffic to and from the website. Cloudflare collects and uses log data to operate, maintain and improve its services. For example, log data can help Cloudflare detect new threats, identify malicious third parties and provide this website with more robust security protection.

The legal basis for the above-mentioned processing is Art. 6 para. 1 lit. f GDPR, as the purpose described represents a legitimate interest on our part.

Cloudflare, as a participant in the EU-U.S. Data Privacy Framework, relies on the European Commission's adequacy decision as the legal mechanism for transferring personal data from the EEA to the United States. Should this certification lapse or otherwise become invalid, Cloudflare relies on the EU Standard Contractual Clauses, including supplemental measures required for transfers to the United States.

You can find more information on data protection and GDPR at Cloudflare at www.cloudflare.com/de-de/gdpr/introduction/ and in the Cloudflare Privacy Policy at www.cloudflare.com/de-de/privacypolicy/.

If you would like to receive our newsletter, we need your e-mail address. You can provide your name voluntarily. Data processing for the purpose of sending the newsletter is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of the consent you have voluntarily given by means of the so-called double opt-in procedure. The email address will be used for this purpose and stored until you withdraw your consent or unsubscribe from the newsletter. You cannot subscribe to our newsletter without this consent. You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your cancellation/unsubscribe request at any time to the email address stated under Section I.

We send our newsletters with a so-called tracking pixel. A tracking pixel is a miniature graphic that is embedded in the HTML format of the newsletter sent to enable an analysis of reader behaviour. In this context, we store whether and at what time a newsletter was opened by you and which of the links contained in the newsletter were called up by you. We use this data to create statistical evaluations of the success or failure of a marketing campaign in order to optimise the newsletter mailing and better tailor the content of future newsletters to your interests. The data collected will not be passed on to third parties and will be deleted after the statistical analysis.

If you use the contact form, you must provide your name and e-mail address as well as the category of your enquiry so that we can contact you personally. If you use other means of communication to send us an enquiry, we also need your name and contact details where we can reach you (e.g. e-mail address, address, telephone number or fax number). If you do not provide this data, we will not be able to process your enquiry or contact you. In addition, you can voluntarily provide your telephone number and other data.

When you contact us, we process your personal data to process your request on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR, provided that your request is necessary for the fulfilment of a contract or for the implementation of pre-contractual measures with you personally. In all other cases, the processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR and/or in our legitimate interest in the effective processing of enquiries addressed to us in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

All personal data collected in connection with contacting us will be deleted once your enquiry has been dealt with, unless it is necessary to continue storing the data for other reasons (e.g. subsequent conclusion of a contract or defence against claims asserted against us).

This website uses Friendlycaptcha. Friendlycaptcha is used to ensure that the forms provided are used by a natural person and not misused by machine or automated processes.

Friendlycaptcha records your IP address and sends a cryptogaphic task to the device you use to access our website. This cryptogaphic task is solved by your end device without any input from you. If the task is solved correctly, Friendlycaptcha confirms to the server on which our website is operated that a human and not a machine is visiting our website.

When a form that uses Friendlycaptcha is called up on our website, the following data is processed and stored by Friendlycaptcha:

• IP address of the requesting computer in anonymised form;
• the browser used and, if applicable, the operating system of your end device;
• the website from which Friendlycaptcha is accessed;
• the cryptographic task that contains information about our use;
• the Friendlycapthca software version we use;
• Date and time of access;
• Website from which access is made (referrer URL);

Friendlycaptcha stores an anonymised counter for each IP address in order to control the complexity of the cryptographic tasks and to prevent authorised users from being blocked. This data is stored separately from the other data is recorded and cannot be assigned to specific websites. For this purpose, the IP addresses are anonymised with a hash value so that users can no longer be identified.

Friendlycaptcha is offered by Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee, which operates on our behalf. Personal data is processed by this service provider on our behalf. We use this service in our legitimate interest in the security of our website and the detection of bot activity in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

We integrate elements of social media services on our website to display images, videos and texts. When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data. In the following section, we have listed all applicable social media services and linked to their respective privacy policies.

Meta

On this website, we use functions of Meta or Facebook, a social media network of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.

You can find out which functions (social plug-ins) Facebook provides at https://developers.facebook.com/docs/plugins/.

When you visit our website, information may be transmitted to Facebook. If you have a Facebook account, Facebook can assign this data to your personal account. If you do not wish this to happen, please log out of Facebook.

The privacy policy, what information Facebook collects and how they use it can be found at https://www.facebook.com/policy.php.

YouTube

We use functions of the video service YouTube, YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, on this website.

By accessing pages of our website that have integrated YouTube videos, data is transmitted to YouTube, stored and analysed.

If you have a YouTube account and are logged in, this data will be assigned to your personal account and the data stored in it.

You can find out what data is collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

X

On this website, we use functions of Twitter or X, a social network of Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.

This may also transfer personal data to Twitter. We do not monitor this data exchange and do not store anything about it.

If you would like to know more about the use of your data by Twitter, you can find all the information in the Twitter privacy policy at https://twitter.com/de/privacy.

If you have a Twitter account, you can change your privacy settings in the account settings at https://twitter.com/settings/account.

Anexia Inc., located at 152 W. 57th Street, New York, NY 10019, USA, (Anexia Inc.) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce. Anexia Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

In compliance with the EU-U.S. DPF, Anexia Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF.

If you have any questions or complaints about our handling of your personal data in accordance with the General Data Protection Regulation or about our data protection practices in general, please contact us at: data-protection@anexia-it.com. We will respond to your enquiry promptly. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you have the right to lodge a complaint with the local data protection authorities. If neither Anexia Inc. nor the relevant data protection authority resolves your complaint, you may invoke binding arbitration through the Data Privacy Framework Panel. To learn more about the Data Privacy Framework Panel, please visit this website (https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction).

Further information on the transfer of personal data can be found at https://anexia.com/en/company/about-anexia/privacy-policy.

If we disclose personal information received under the EU-U.S. Data Privacy Framework to a third party, the third party's access, use and disclosure of the personal information must also comply with our obligations under the Data Privacy Framework, and we will be liable under the EU-U.S. Data Privacy Framework for any failure of the third party to do so, unless we can prove that we are not responsible for the event giving rise to the damage.

You can view the Data Privacy Framework registrations here (https://www.dataprivacyframework.gov/s/participant-search).

Anexia Inc. is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). We may be required to disclose personal data we process under the EU-U.S. Data Privacy Framework in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.