Whislist [0] whishlistwhishlist hover
searchsearch

WinStage – Privacy Policy

WinStage – Privacy Policy

 

The following privacy policy applies to the use of our online service www.winstage.at (hereinafter referred to as “Website”).

 

We attach great importance to data protection. The collection and processing of your personal data are carried out in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR).

 

1. Controller

 

The controller responsible for the collection, processing, and use of your personal data within the meaning of the GDPR is:

 

Win Admin GmbH
Wienerstraße 113/2.4
2700 Wiener Neustadt
datenschutz@winpark.at

 

If you wish to object to the collection, processing, or use of your data by us in accordance with this privacy policy as a whole or for individual measures, you may address your objection to the controller.

 

You may save and print this privacy policy at any time.

 

2. General Purpose of Data Processing

 

We process personal data for the purpose of operating our Website.

 

3. Data We Use and Why

 

3.1. Hosting

 

Our hosting services serve to provide the following: infrastructure and platform services, computing capacity, storage space and database services, security, and technical maintenance services that we use for the purpose of operating this Website.

 

In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, prospects, and visitors of this Website based on our legitimate interest in the efficient and secure provision of our Website in accordance with the GDPR.

 

3.2. Access Data

 

We collect information about you whenever you use this Website. We automatically record information about your usage behavior and your interaction with us, as well as data regarding your computer or mobile device. We collect, store, and use data about every access to our Website (so-called server log files). The access data include:

 

  • Name and URL of the retrieved file
  • Date and time of access
  • Amount of data transferred
  • Notification of successful retrieval (HTTP response code)
  • Browser type and version
  • Operating system
  • Referrer URL (i.e. the previously visited page)
  • Websites accessed by the user’s system via our Website
  • Internet service provider of the user
  • IP address and requesting provider

 

We use this log data without assigning it to your person or otherwise creating a profile, for statistical evaluations for the purpose of operating, securing, and optimizing our Website. This also allows us to anonymously record visitor numbers, usage volume, and user interaction. Based on this information, we can provide personalized and location-based content, analyze traffic, identify and fix errors, and improve our services.

 

This constitutes our legitimate interest pursuant to the GDPR.

 

We reserve the right to review log data retrospectively if there is specific evidence indicating unlawful use. IP addresses are stored temporarily in log files when required for security purposes, service provision, or billing. After the process is completed or payment is received, IP addresses are deleted if no longer necessary for security reasons. IP addresses may also be stored if there is a concrete suspicion of a criminal offence in connection with the use of our Website. We also store, as part of your account data, the date of your last visit (e.g. registration, login, link clicks, etc.).

 

3.3. Cookies

 

We use so-called session cookies to optimize our Website. A session cookie is a small text file sent by the respective servers when visiting a website and temporarily stored on your hard drive. This file contains a session ID, which allows different requests from your browser to be assigned to the same session. This enables your computer to be recognized when you return to our Website. These cookies are deleted when you close your browser.

 

We also use persistent cookies to a limited extent (small text files stored on your device), which remain stored and enable us to recognize your browser the next time you visit. These cookies delete themselves automatically after a set period (between one month and ten years). They allow us to make our offer more user-friendly, efficient, and secure, and to show you information tailored to your interests.

 

Our legitimate interest in using cookies in accordance with the GDPR lies in making our Website more user-friendly, effective, and secure.

 

Cookies may store the following data and information:

 

  • Login information
  • Language settings
  • Entered search terms
  • Information about the number of visits to our Website and the use of individual functions

 

No personal data (such as name or IP address) are stored in the cookies themselves; only pseudonymized information is obtained. You can configure your browser to inform you in advance about the setting of cookies, allow them only in individual cases, or block them entirely. This may, however, limit the functionality of our Website.

 

3.4. Data to Fulfil Contractual Obligations

 

We process personal data required to fulfil our contractual obligations, such as name, address, email address, ordered products, and billing and payment data. These are necessary for contract execution.

 

Data are deleted after expiry of statutory warranty and retention periods. Data linked to a user account remain stored as long as the account exists.

 

3.5. User Account

 

You may create a user account on our Website. For this, we collect master data (name, address), communication data (email), payment data (bank details), and login data (username, password). To verify your registration and prevent unauthorized access, you will receive an activation link via email. Once registered, your data are permanently stored in our system. You may request deletion of your account at any time by contacting us as stated in section 1.

 

3.6. Newsletter

 

To subscribe to our newsletter, the requested data in the sign-up form are required. You will receive a confirmation email (“double opt-in”). You may revoke your consent at any time. We retain subscription data as long as necessary for newsletter delivery and proof of consent.

 

3.7. Product Recommendations

 

We may send you regular product recommendations by email, independent of the newsletter, based on your previous purchases. You may object to this at any time by contacting us or using the unsubscribe link in each email.

 

3.8. Email Contact

 

If you contact us (e.g. via form or email), we process your data to handle your request and possible follow-ups. Processing is based on pre-contractual measures or legitimate interest in responding to your inquiry.

 

4. Google Analytics

 

We use Google Analytics, a web analytics service by Google Inc. (“Google”). Google Analytics uses cookies that enable analysis of your website use. The generated information is generally transmitted to a Google server in the USA and stored there.

 

Our legitimate interest under the GDPR lies in the optimization and analysis of our online services. We have enabled IP anonymization (anonymizeIp), which truncates your IP address within the EU/EEA. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there.

 

You can prevent the storage of cookies by adjusting your browser settings or install the browser plugin available at https://tools.google.com/dlpage/gaoptout?hl=en.

4.1 Use of the Meta Pixel (formerly Facebook Pixel)

We use the Meta Pixel from Meta Platforms, Inc. (formerly Facebook) on this website. This tool enables us to understand the actions of users who arrive on our site after clicking on a Facebook ad. In this way, we can evaluate the effectiveness of our Facebook ads for statistical and market research purposes and serve personalized advertising on Facebook and Instagram.

Data collected

The Meta Pixel records information about your visit to our website, such as the pages you viewed, interactions with our pages, technical data (e.g., IP address, browser type, device information), as well as randomly generated user IDs. This data is transmitted to Meta to measure the effectiveness of our advertisements and to deliver personalized ads.

Purpose of processing

The data collected via the Meta Pixel is used to:

  • measure the effectiveness of our Facebook ads,

  • create custom audiences for future advertising campaigns,

  • improve and optimize the user experience on our website.

Data transfers to third countries

The data collected by the Meta Pixel may be transferred to the United States. Transfers are based on the European Commission’s Standard Contractual Clauses to ensure an adequate level of data protection. However, there is a risk that the level of data protection in the USA may not be equivalent to that in the EU.

Legal basis

Processing is carried out on the basis of your consent pursuant to Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by adjusting your cookie settings.

Opt-out options

You can decline the use of the Meta Pixel at any time by adjusting the cookie settings on our website and disabling marketing cookies. You can also use Meta’s opt-out options to disable personalized advertising: https://accountscenter.facebook.com/ad_preferences

5. Storage Duration

 

Unless otherwise specified, we store personal data only as long as necessary for the purposes pursued. In some cases, statutory retention obligations (e.g. tax or commercial law) apply, after which data are deleted.

 

6. Your Rights as a Data Subject

 

Under the GDPR, you have various rights regarding your personal data. To exercise them, please contact us at the address provided in section 1. These rights include access, rectification, erasure, restriction of processing, data portability, objection, withdrawal of consent, and the right to lodge a complaint with a supervisory authority.

 

7. Data Security

 

We take all reasonable technical and organizational measures to protect your data according to the GDPR. Your personal data are transmitted encrypted via SSL. However, data transmission over the Internet may have security gaps, and complete protection cannot be guaranteed.

 

8. Disclosure of Data to Third Parties

 

We generally use your personal data only within our company. If third parties are involved in fulfilling contracts (e.g. logistics providers), they receive data only to the extent necessary. We contractually require all processors to handle data in compliance with GDPR. No transfer to non-EU countries takes place except as stated in section 4 (Google Analytics).

 

9. Data Protection Officer

 

If you have any questions or concerns regarding data protection, please contact our data protection officer:

 

datenschutz@winpark.at