Privacy Policy

Data Protection

We, the Biotic Institute Seminarzentrum und Gesundheitsprodukte GmbH, have created this privacy policy (version 17.06.2019-221096222) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act (DSG), what information we collect, how we use data, and what choices you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible in creating them.

Name and Contact Details of the Controller Responsible for Processing

Biotic Institute Seminarzentrum und Gesundheits-Produkte GmbH

Udo Kolitscher (Managing Director)

Modlisch 7-8

3900 Schwarzenau

Austria

Tel.: +43 (0) 2849 5000

E-Mail: info (at) biotic-institute.com

Personal Data

We collect, process, and use your personal data only with your consent, for room bookings, orders, or seminar participation for the purposes agreed with you.

Personal data includes information such as name, address, contact details, and date of birth.

For this reason, we process your data exclusively on the basis of legal provisions (GDPR, TKG 2003), legal obligations, or for contract fulfillment and only collect personal data that is necessary or that you voluntarily provide to us. Your data is generally not shared with third parties.

To fulfill your order in a product sale, it may also be necessary to forward your data to suppliers. Your data will only be forwarded on the basis of the GDPR, particularly to fulfill your order. If this should be the case, we will obtain separate consent from you as a customer and, of course, also inform you of the relevant supplier.

Automatic Data Storage

When you visit websites today, certain information is automatically created and stored, including on this website.

When you visit our website, as you are doing right now, our web server (the computer on which this website is stored) automatically stores data such as

• the address (URL) of the accessed web page
• browser and browser version
• the operating system used
• the address (URL) of the previously visited page (referrer URL)
• the hostname and IP address of the device from which access is made
• date and time

in files (web server log files).

Web server log files are typically stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out that this data may be viewed in the event of unlawful behavior.
The legal basis according to Article 6 Paragraph 1 f GDPR (Lawfulness of Processing) is that there is a legitimate interest in enabling the error-free operation of this website by recording web server log files.

Cookies

Our website uses HTTP cookies to store user-specific data.
Below we explain what cookies are and why they are used, so that you can better understand the following privacy policy.

What Exactly Are Cookies?

Whenever you surf the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, since there are also other cookies for other applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, essentially the ‘brain’ of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must be specified.

Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser sends the ‘user-related’ information back to our site. Thanks to cookies, our website knows who you are and offers you your usual default setting. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie needs to be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to several years. Cookies are not software programs and do not contain viruses, trojans, or other ‘malware’. Cookies also cannot access information on your PC.

For example, cookie data can look like this:

• Name: _ga
• Expiration: 2 years
• Use: Distinguishing website visitors
• Example value: GA1.2.1326744211.152221096222

A browser should support the following minimum sizes:

• A cookie should be able to contain at least 4096 bytes
• At least 50 cookies should be able to be stored per domain
• In total, at least 3000 cookies should be able to be stored

What types of cookies are there?

The question of which cookies we specifically use depends on the services used and will be clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

Four types of cookies can be distinguished:

Essential Cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user adds a product to the shopping cart, then continues browsing other pages, and later goes to the checkout. These cookies ensure that the shopping cart is not deleted even when the user closes their browser window.

Functional Cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and the behavior of the website with different browsers.

Targeting Cookies
These cookies provide better user-friendliness. For example, entered locations, font sizes, or form data are stored.

Advertising Cookies
These cookies are also called targeting cookies. They serve to deliver customized advertisements to the user. This can be very convenient, but also very annoying.

Usually, you will be asked which types of cookies you want to allow when you first visit a website. And of course, this decision is also stored in a cookie.

How can I delete cookies?

You decide for yourself whether and how you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete, partially allow, or disable cookies. For example, you can block third-party cookies but allow all other cookies.

If you want to determine which cookies have been stored in your browser, change cookie settings, or delete cookies, you can find this in your browser settings:

Chrome: Delete, enable, and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you generally don’t want cookies, you can set up your browser to always inform you when a cookie is about to be set. This way you can decide for each individual cookie whether to allow it or not. The procedure varies depending on the browser. It’s best to search for instructions in Google with the search term ‘delete cookies Chrome’ or ‘disable cookies Chrome’ in the case of a Chrome browser, or replace the word ‘Chrome’ with the name of your browser, e.g., Edge, Firefox, Safari.

What about my privacy?

Since 2009, there have been the so-called ‘Cookie Guidelines’. These stipulate that the storage of cookies requires the consent of the website visitor (i.e., you). However, among EU countries, there are still very different reactions to these guidelines. In Austria, however, this directive was implemented in § 96 Para. 3 of the Telecommunications Act (TKG).

If you want to know more about cookies and don’t shy away from technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called ‘HTTP State Management Mechanism’.

Storage of Personal Data

We offer users of our blog the opportunity to leave individual comments on individual blog posts. If a user leaves a comment on the blog published on this website, in addition to the comments, information about the time of comment entry and, if applicable, the username (pseudonym) chosen by the person concerned is stored and published. In the event that the user leaves an email address, it is also stored but not published. This collected personal data will not be passed on to third parties unless such disclosure is required by law or serves the legal defense of the controller.

Personal data that you electronically transmit to us on this website, such as name, email address, address or other personal details in the context of submitting a form or comments in the blog, will be used by us only for the specified purpose, securely stored and not passed on to third parties, together with the time and IP address.

We thus use your personal data only for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We do not pass on your personal data without consent, but we cannot exclude the possibility that this data may be accessed in the event of unlawful behavior.

If you send us personal data via email – thus apart from this website – we cannot guarantee secure transmission and protection of your data. We recommend that you never transmit confidential data unencrypted via email.

The legal basis according to Article 6 Paragraph 1 a GDPR (lawfulness of processing) is that you give us consent to process the data you have entered. You can revoke this consent at any time – an informal email is sufficient, you can find our contact details in the imprint.

Analysis of Visitor Behavior

In the following privacy policy, we inform you about whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot infer your person from your behavior on this website.

You can find out more about how to object to this evaluation of visit data in the following privacy policy.

TLS Encryption with https

We use https to transmit data tap-proof on the Internet (data protection through technology design Article 25 Paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this protection of data transmission by the small lock symbol in the top left of the browser and the use of the https scheme (instead of http) as part of our Internet address.

Newsletter Privacy Policy

When you sign up for our newsletter, you submit the above-mentioned personal data and give us the right to contact you by email. We use the data stored as part of the registration for the newsletter exclusively for our newsletter and do not pass it on.

Should you wish to unsubscribe from the newsletter – you will find the link to do so at the bottom of each newsletter.

MailChimp Privacy Policy

We send newsletters with MailChimp and use functions of the newsletter service MailChimp from The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA on this website to record newsletter registrations.

General Information about MailChimp

The Rocket Science Group LLC (MailChimp) maintains online platforms that allow our users to stay in contact with their subscribers, primarily via email. They allow users to upload email addresses and other subscriber profile information, such as name, physical address, and other demographic information, to the MailChimp database. This information is used to send emails and enable the use of certain other MailChimp features for these users. In accordance with its published privacy policies, MailChimp shares some information with third-party vendors to provide and support the services MailChimp provides to users. MailChimp also shares some information with third-party advertising partners to better understand users’ needs and interests so that more relevant content and targeted advertising can be provided for those users and other users.

Newsletter Registration

When you sign up for our newsletter on our website, the entered data will be stored with MailChimp.

Deletion of Your Data

You can withdraw your consent to receive our newsletter at any time by clicking on the link at the bottom of the received email. If you have unsubscribed by clicking on the unsubscribe link, your data will be deleted from MailChimp.

Newsletter Analysis

When you receive a newsletter via MailChimp, information such as IP address, browser type, and email program is stored to provide us with information on the performance of our newsletter. MailChimp can determine if the email has arrived, if it was opened, and if links were clicked using web beacons integrated into HTML emails (details can be found at https://kb.mailchimp.com/reports/about-open-tracking). All this information is stored on MailChimp’s servers, not on this website.

MailChimp is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information about this at https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG. You can learn more about the use of cookies at MailChimp at https://mailchimp.com/legal/cookies/, and information about privacy at MailChimp can be found at https://mailchimp.com/legal/privacy/.

MailChimp Data Processing Agreement

We have concluded a data processing agreement (Data Processing Addendum) with MailChimp. This contract serves to safeguard your personal data and ensures that MailChimp adheres to the applicable data protection regulations and does not pass on your personal data to third parties.

You can find more information about this contract at: MailChimp

Google Fonts Local Privacy Policy

We use Google Fonts from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website. We have embedded the Google fonts locally, i.e., on our web server, not Google’s servers. As a result, there is no connection to Google’s servers and thus no data transfer or storage.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts that Google LLC provides for free use. With Google Fonts, one could use the fonts without uploading them to one’s own server. However, to prevent any information transfer to Google’s server, we have downloaded the fonts to our server. In this way, we act in compliance with data protection and do not forward any data to Google Fonts.

Unlike other web fonts, Google allows us unrestricted access to all fonts. We can therefore access an unlimited sea of fonts and get the best out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=221096222.

Google Fonts Privacy Policy

We use Google Fonts from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.

You do not need to log in or provide a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don’t need to worry that your Google account details are being transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and securely stores this data. We will take a detailed look at how exactly the data storage looks.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts that Google LLC provides for free use.

Many of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are free software licenses. Therefore, we can use them freely without paying license fees.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our own website without having to upload them to our own server. Google Fonts is an important component in maintaining the high quality of our website. All Google fonts are automatically optimized for the web, which saves data volume and is a big advantage especially for use on mobile devices. When you visit our site, the small file size ensures fast loading times. Furthermore, Google Fonts are so-called secure web fonts. Different image synthesis systems (rendering) in various browsers, operating systems, and mobile devices can lead to errors. Such errors can partially distort texts or entire web pages visually. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod).

We use Google Fonts so that we can present our entire online service as beautifully and consistently as possible. According to Art. 6 Para. 1 f lit. F GDPR, this already represents a ‘legitimate interest’ in the processing of personal data. In this case, ‘legitimate interest’ is understood to include legal, economic, or ideal interests recognized by the legal system.

What data is stored by Google?

When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to Google’s servers. This way, Google also recognizes that you or your IP address have visited our website. The Google Fonts API was developed to reduce the collection, storage, and use of end-user data to what is necessary for the efficient delivery of fonts. API, by the way, stands for ‘Application Programming Interface’ and serves, among other things, as a data transmitter in the software field.

Google Fonts securely stores CSS and font requests at Google and is thus protected. Through the collected usage numbers, Google can determine the popularity of the fonts. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the BigQuery database of Google Fonts. BigQuery is a Google web service for companies that want to move and analyze large amounts of data.

However, it should be noted that with every Google Font request, information such as IP address, language settings, screen resolution of the browser, browser version, and browser name are automatically transmitted to Google servers. Whether this data is also stored is not clearly determinable or unambiguously communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets for one day on their servers, which are mainly located outside the EU. This allows us to use the fonts using a Google stylesheet. A stylesheet is a format template that can be used to easily and quickly change the design or font of a website, for example.

The font files are stored by Google for one year. Google aims to improve the loading time of web pages in general. When millions of web pages refer to the same fonts, they are cached after the first visit and appear immediately on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for a day or a year cannot be easily deleted. The data is automatically transmitted to Google when the page is accessed. To be able to delete this data prematurely, you must contact Google support at https://support.google.com/?hl=en&tid=221096222. You can only prevent data storage in this case by not visiting our site.

Unlike other web fonts, Google allows us unlimited access to all fonts. We can therefore access an unlimited sea of fonts and get the optimum for our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=221096222. While Google does address privacy-related matters there, really detailed information about data storage is not included. It is relatively difficult (almost impossible) to get really precise information about stored data from Google.

You can also read about what data Google generally collects and how this data is used at https://www.google.com/intl/en/policies/privacy/.

Google Maps Privacy Policy

We use Google Maps from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.

By using the functions of this map, data is transferred to Google. You can read about what data Google collects and how this data is used at https://www.google.com/intl/en/policies/privacy/.

Google Analytics Privacy Policy

We use Google Analytics from Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on this website to statistically evaluate visitor data. Google Analytics uses targeted cookies for this purpose.

Cookies from Google Analytics

• _ga
  • Expiration: 2 years
  • Usage: Distinguishing website visitors
  • Example value: GA1.2.1326744211.152221096222
• _gid
  • Expiration: 24 hours
  • Usage: Distinguishing website visitors
  • Example value: GA1.2.1687193234.152221096222
• _gat_gtag_UA_<property-id>
  • Expiration: 1 minute
  • Usage: Used to throttle request rate. If Google Analytics is provided through Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.
  • Example value: 1

For more information on terms of use and data protection, please visit http://www.google.com/analytics/terms/en.html or https://support.google.com/analytics/answer/6004245?hl=en.

Pseudonymization

Our concern in the sense of the GDPR is the improvement of our offer and our web presence. As the privacy of our users is important to us, the user data is pseudonymized. Data processing is carried out on the basis of the legal provisions of § 96 Para. 3 TKG and Art. 6 EU GDPR Para. 1 lit a (consent) and/or f (legitimate interest) of the GDPR.

Deactivation of Data Collection by Google Analytics

Website visitors can prevent Google Analytics from using their data with the help of the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js).

You can prevent the collection of data generated by the cookie and related to your use of the website to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

Rights According to the General Data Protection Regulation

According to the provisions of the GDPR and the Austrian Data Protection Act (DSG), you are fundamentally entitled to the following rights:

• Right to rectification (Article 16 GDPR)
• Right to erasure (‘right to be forgotten’) (Article 17 GDPR)
• Right to restriction of processing (Article 18 GDPR)
• Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
• Right to data portability (Article 20 GDPR)
• Right to object (Article 21 GDPR)
• Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority, which in Austria is the Data Protection Authority, whose website you can find at https://www.dsb.gv.at/.

Google Analytics Reports on Demographics and Interests

We have enabled the advertising reporting features in Google Analytics. The reports on demographics and interests contain information about age, gender, and interests. This allows us – without being able to assign this data to individual persons – to get a better picture of our users. You can learn more about the advertising features at https://support.google.com/analytics/answer/3450482?hl=en_AT&utm_id=ad.

You can terminate the use of your Google Account’s activities and information under ‘Advertising Settings’ at https://adssettings.google.com/authenticated by checkbox.

Embedded Social Media Elements Privacy Policy

We integrate elements of social media services on our website to display images, videos, and texts.
By visiting pages that display these elements, data from your browser is transferred to the respective social media service and stored there. We have no access to this data.
The following links will take you to the pages of the respective social media services where they explain how they handle your data:

• Instagram Privacy Policy: https://help.instagram.com/519522125107875
• For YouTube, the Google Privacy Policy applies: https://policies.google.com/privacy?hl=en
• Facebook Data Policy: https://www.facebook.com/about/privacy
• Twitter Privacy Policy: https://twitter.com/en/privacy

Facebook Privacy Policy

We use functions of Facebook, a social media network of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, on this website.
You can read about which functions (social plugins) Facebook provides at https://developers.facebook.com/docs/plugins/.
By visiting our website, information may be transmitted to Facebook. If you have a Facebook account, Facebook can associate this data with your personal account. If you do not want this, please log out of Facebook.
You can find the privacy policies, which information Facebook collects and how they use it at https://www.facebook.com/policy.php.

YouTube Privacy Policy

We use the video service YouTube, owned by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, on this page.

By accessing pages of our website that have YouTube videos integrated, data is transferred to YouTube, stored and analyzed.
If you have a YouTube account and are logged in, this data will be associated with your personal account and the data stored in it.

You can read about what data Google collects and what this data is used for at https://www.google.com/intl/en/policies/privacy/.

Google+ Privacy Policy

We use functions of Google+, the social network of Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA), on our website.

If you want to fully use the offered functions, you need a Google account.

Even when using the functions (Google +1 Buttons, Google+ Badge, Follow button, Google+ Share button and Link, Sign-In Button, Hangout Button) without a Google account, information is already transmitted to Google.

If you are logged into your Google account while using the above-mentioned functions, your data will be published worldwide and collected and analyzed by Google, depending on the settings at https://plus.google.com/settings/.

You can read about what data Google collects and what this data is used for at https://www.google.com/intl/en/policies/privacy/.

Facebook Pixel Privacy Policy

We use the Facebook Pixel from Facebook, a social media network of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, on this website.

The code implemented on this page can evaluate the behavior of visitors who have reached this website from a Facebook advertisement. This can be used to improve Facebook advertisements, and this data is collected and stored by Facebook. The collected data is not visible to us but can only be used within the scope of advertising placements. Cookies are also set through the use of the Facebook pixel code.

By using the Facebook Pixel, the visit to this website is communicated to Facebook so that visitors can see appropriate ads on Facebook. If you have a Facebook account and are logged in, the visit to this website will be associated with your Facebook user account.

You can learn how the Facebook Pixel is used for advertising campaigns at https://www.facebook.com/business/learn/facebook-ads-pixel.

You can change your settings for advertisements on Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen if you are logged into Facebook. At http://www.youronlinechoices.com/uk/your-ad-choices you can manage your preferences regarding usage-based online advertising. You can deactivate or activate many providers at once or make settings for individual providers.

You can find more information about Facebook’s data policy at https://www.facebook.com/policy.php.

Source: Created with the Privacy Policy Generator from firmenwebseiten.at in cooperation with grueze.at