Exhibition Monday, Thursday, Friday – Sunday 11:00 am – 7:00 pm
Shopping Monday – Saturday 11:00 am – 6:00 pm
WinStage – Privacy Policy
The following privacy policy applies to the use of our online service www.winstage.at (hereinafter referred to as “Website”).
We attach great importance to data protection. The collection and processing of your personal data are carried out in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR).
1. Controller
The controller responsible for the collection, processing, and use of your personal data within the meaning of the GDPR is:
Win Admin GmbH
Wienerstraße 113/2.4
2700 Wiener Neustadt
datenschutz@winpark.at
If you wish to object to the collection, processing, or use of your data by us in accordance with this privacy policy as a whole or for individual measures, you may address your objection to the controller.
You may save and print this privacy policy at any time.
2. General Purpose of Data Processing
We process personal data for the purpose of operating our Website.
3. Data We Use and Why
3.1. Hosting
Our hosting services serve to provide the following: infrastructure and platform services, computing capacity, storage space and database services, security, and technical maintenance services that we use for the purpose of operating this Website.
In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, prospects, and visitors of this Website based on our legitimate interest in the efficient and secure provision of our Website in accordance with the GDPR.
3.2. Access Data
We collect information about you whenever you use this Website. We automatically record information about your usage behavior and your interaction with us, as well as data regarding your computer or mobile device. We collect, store, and use data about every access to our Website (so-called server log files). The access data include:
- Name and URL of the retrieved file
- Date and time of access
- Amount of data transferred
- Notification of successful retrieval (HTTP response code)
- Browser type and version
- Operating system
- Referrer URL (i.e. the previously visited page)
- Websites accessed by the user’s system via our Website
- Internet service provider of the user
- IP address and requesting provider
We use this log data without assigning it to your person or otherwise creating a profile, for statistical evaluations for the purpose of operating, securing, and optimizing our Website. This also allows us to anonymously record visitor numbers, usage volume, and user interaction. Based on this information, we can provide personalized and location-based content, analyze traffic, identify and fix errors, and improve our services.
This constitutes our legitimate interest pursuant to the GDPR.
We reserve the right to review log data retrospectively if there is specific evidence indicating unlawful use. IP addresses are stored temporarily in log files when required for security purposes, service provision, or billing. After the process is completed or payment is received, IP addresses are deleted if no longer necessary for security reasons. IP addresses may also be stored if there is a concrete suspicion of a criminal offence in connection with the use of our Website. We also store, as part of your account data, the date of your last visit (e.g. registration, login, link clicks, etc.).
3.3. Cookies
We use so-called session cookies to optimize our Website. A session cookie is a small text file sent by the respective servers when visiting a website and temporarily stored on your hard drive. This file contains a session ID, which allows different requests from your browser to be assigned to the same session. This enables your computer to be recognized when you return to our Website. These cookies are deleted when you close your browser.
We also use persistent cookies to a limited extent (small text files stored on your device), which remain stored and enable us to recognize your browser the next time you visit. These cookies delete themselves automatically after a set period (between one month and ten years). They allow us to make our offer more user-friendly, efficient, and secure, and to show you information tailored to your interests.
Our legitimate interest in using cookies in accordance with the GDPR lies in making our Website more user-friendly, effective, and secure.
Cookies may store the following data and information:
- Login information
- Language settings
- Entered search terms
- Information about the number of visits to our Website and the use of individual functions
No personal data (such as name or IP address) are stored in the cookies themselves; only pseudonymized information is obtained. You can configure your browser to inform you in advance about the setting of cookies, allow them only in individual cases, or block them entirely. This may, however, limit the functionality of our Website.
3.4. Data to Fulfil Contractual Obligations
We process personal data required to fulfil our contractual obligations, such as name, address, email address, ordered products, and billing and payment data. These are necessary for contract execution.
Data are deleted after expiry of statutory warranty and retention periods. Data linked to a user account remain stored as long as the account exists.
3.5. User Account
You may create a user account on our Website. For this, we collect master data (name, address), communication data (email), payment data (bank details), and login data (username, password). To verify your registration and prevent unauthorized access, you will receive an activation link via email. Once registered, your data are permanently stored in our system. You may request deletion of your account at any time by contacting us as stated in section 1.
3.6. Newsletter
To subscribe to our newsletter, the requested data in the sign-up form are required. You will receive a confirmation email (“double opt-in”). You may revoke your consent at any time. We retain subscription data as long as necessary for newsletter delivery and proof of consent.
3.7. Product Recommendations
We may send you regular product recommendations by email, independent of the newsletter, based on your previous purchases. You may object to this at any time by contacting us or using the unsubscribe link in each email.
3.8. Email Contact
If you contact us (e.g. via form or email), we process your data to handle your request and possible follow-ups. Processing is based on pre-contractual measures or legitimate interest in responding to your inquiry.
4. Google Analytics
We use Google Analytics, a web analytics service by Google Inc. (“Google”). Google Analytics uses cookies that enable analysis of your website use. The generated information is generally transmitted to a Google server in the USA and stored there.
Our legitimate interest under the GDPR lies in the optimization and analysis of our online services. We have enabled IP anonymization (anonymizeIp), which truncates your IP address within the EU/EEA. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there.
You can prevent the storage of cookies by adjusting your browser settings or install the browser plugin available at https://tools.google.com/dlpage/gaoptout?hl=en.
5. Storage Duration
Unless otherwise specified, we store personal data only as long as necessary for the purposes pursued. In some cases, statutory retention obligations (e.g. tax or commercial law) apply, after which data are deleted.
6. Your Rights as a Data Subject
Under the GDPR, you have various rights regarding your personal data. To exercise them, please contact us at the address provided in section 1. These rights include access, rectification, erasure, restriction of processing, data portability, objection, withdrawal of consent, and the right to lodge a complaint with a supervisory authority.
7. Data Security
We take all reasonable technical and organizational measures to protect your data according to the GDPR. Your personal data are transmitted encrypted via SSL. However, data transmission over the Internet may have security gaps, and complete protection cannot be guaranteed.
8. Disclosure of Data to Third Parties
We generally use your personal data only within our company. If third parties are involved in fulfilling contracts (e.g. logistics providers), they receive data only to the extent necessary. We contractually require all processors to handle data in compliance with GDPR. No transfer to non-EU countries takes place except as stated in section 4 (Google Analytics).
9. Data Protection Officer
If you have any questions or concerns regarding data protection, please contact our data protection officer: