fitpixx.design (hereinafter referred to as “FITPIXX”) is pleased that you are visiting our website. Data protection and data security when using our website are very important to us. We would therefore like to inform you about the personal data we collect during your visit to our website and while providing our services and about the intended purposes.

As changes to the law or changes to our internal processes may require an adaptation of this privacy statement, we ask you to read this privacy policy regularly. The privacy policy can be accessed any time under "Privacy Policy," saved, and printed out.

§ 1 Data controller and scope

The controller according to the EU General Data Protection Regulation (hereinafter referred to as “GDPR”) and other national data protection acts of the Member States, as well as other data protection regulations, is:

Gerald Teufl

Sonntagbergerstraße 14
A-3332 Rosenau am Sonntagberg

E‑Mail: contact@fitpixx.design
Webseite: fitpixx.design

This privacy policy applies to the online presence of FITPIXX, which is available at fitpixx.design and its various subdomains (hereinafter referred to as “our website”) as well as for the services offered by FITPIXX, if personal data are processed within the scope of these services.

§ 2 Principles of processing personal data

Personal data are all information relating to an identified or identifiable natural person. This includes information such as your name, age, address, telephone number, date of birth, email address, IP address, or user behaviour. Information that cannot (or only with disproportionate effort) be referred to your person, e.g., by anonymising the information, is not personal data. The processing of personal data (e.g., the collection, retrieval, use, storage, or transmission) always requires a legal basis or your consent.

Processed personal data will be deleted as soon as the purpose of the processing has been fulfilled and no legally prescribed retention obligations are to be observed.

In case we process your personal data for the provision of certain offers, please find below information about the specific processes, the scope and purpose of data processing, the legal basis for processing, and the respective storage period.

§ 3 Individual processing operations

1. Provision and use of our website

a. Description and scope of data processing

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a log file. When you use our website, we collect the following data, which are technically necessary for us to display our website to you and to guarantee stability and security:

• IP address of the requesting computer
• date and time of access
• name and URL of the retrieved file
• the web page from which access is made (referrer URL)
• the browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

b. Legal basis

Art. 6 para. 1 lit. f GDPR serves as the legal basis for the aforementioned data processing. The processing of the mentioned data is necessary for the provision of our website and thus serves the protection of a legitimate interest of FITPIXX.

c. Storage time

The above-mentioned data will be deleted 14 days after accessing our website. The collection of data for the provision of our website and the storage of data in log files is absolutely necessary for the operation of our website. Consequently, there is no possibility of objection on the part of the user. Further storage may take place in individual cases if this is required by law.

2. Mobile Apps

a. Type and scope of data processing

FITPIXX programs applications ("Apps") for mobile smartphones and makes them available for download in the respective app store. FITPIXX does not process personal data in this context. The Apps are only operated offline on your smartphone and do not require data transfer to FITPIXX. Please also refer to the data protection declarations of the respective App Store operators. At times, the App will access interfaces of the FITPIXX website (APIs). In this context, the data shown under § 3 sec 1 will be processed.

3. Contacting

a. Type and scope of data processing

You have the possibility to get in contact with FITPIXX via e-mail or the contact form on the website. In both cases at least your e-mail address will be processed by FITPIXX. In addition, all personal data and contents which you send us with your e-mail or with the contact form will be processed.

b. Legal basis

For the data processing mentioned above, Art. 6 para. 1 lit. b and f GDPR serve as the legal basis. The legitimate interest of FITPIXX lies in the future establishment of contact as well as in the following-up of correspondence.

c. Storage period

The above-mentioned data will be stored for up to 7 years after the end of the business relationship with FITPIXX and then, as far as legally permissible, deleted.

§ 4 Use of Cookies

a. Type and scope of data processing

Our website does not use cookies. However, in order to improve our services, we process your personal data in pseudonymised form. On the basis of your IP address and the user-agent text, a hash value is created with which your visits to the website can be tracked. The hash value does not allow any conclusions about your person. This data processing is necessary for the maintenance of the operation and improvement of the website.

b. Legal basis

Because of the purposes just described, the legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR.

c. Storage period

The personal data will be deleted after 24 hours at the latest.

§ 5 Hyperlinks

Our website contains hyperlinks to websites of other providers. When you activate these hyperlinks, you will be redirected from our website directly to the other providers’ website. You can recognise this, for example, by the change in the URL. We cannot accept any responsibility for the confidential handling of your data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. Please inform yourself about the handling of your personal data by these companies directly on their websites.

§ 6 Rights of the data subject

Under the GDPR, you, as the data subject of the processing of personal data, have the following rights:

• Pursuant to Art. 15 GDPR, you can request information about your personal data processed by us. In particular, you can request information about the purposes of the processing; the categories of personal data concerned; the categories of recipients to whom your data have been or will be disclosed; the envisaged period for which your personal data will be stored; the existence of the right to rectification, erasure, restriction of processing, or objection to such processing of your personal data; the existence of the right to lodge a complaint; the source of your data where the personal data is not collected by us; the transfer of your personal data to third countries or international organisations; as well as the existence of automated decision-making, including profiling, and if necessary, meaningful information about the logic involved.
• Pursuant to Art. 16 GDPR, you can request the immediate rectification of inaccurate personal data concerning you or the completion of incomplete personal data stored by us.
• Pursuant to Art. 17 GDPR, you can request the erasure of your personal data stored by us, provided that the processing is not necessary for exercising the right of freedom of expression and information; for compliance with a legal obligation; for reasons of public interest; or for the establishment, exercise, or defence of legal claims.
• Pursuant to Art. 18 GDPR, you can request the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful, we no longer need the data and you oppose their erasure because you require them for the establishment, exercise, or defence of legal claims. You are also entitled to the right under Art. 18 GDPR if you have objected to processing pursuant to Art. 21 GDPR.
• Pursuant to Art. 20 GDPR, you can request that the personal data you have provided us with be received in a structured, current, and machine-readable format, or you can request that the data be transmitted to another controller.
• Pursuant to Art 7 para. 3 GDPR, you can withdraw your consent at any time. As a consequence, we will in future no longer be permitted to continue the data processing based on this consent.
• Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your habitual residence or place of work, or our registered office. In Austria, the supervisory authority is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, Tel: +43-1-52 152-0, Email: dsb(at)dsb.gv.at, Web: www.dsb.gv.at.
• When processing your personal data on the basis of legitimate interests pursuant to Art. 6 para. 1 lit f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 insofar as there are reasons which arise from your particular situation or if the objection refers to direct marketing. In the case of direct marketing, you have a general right to objection, which we will implement without you needing to specify any particular situation.

§ 7 Data security and security measures

We are committed to protecting your privacy and treating your personal data confidentially. In order to avoid manipulation, loss, or misuse of your data stored by us, we take extensive technical and organisational security precautions that are regularly reviewed and adapted to technological progress. This includes, among other things, the use of recognised encryption methods (transport-layer security or TLS). However, we would like to point out that due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures may not be observed by other persons or institutions for which we are not responsible. In particular, unencrypted data – e.g., if this is done by email – can be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data provided by him/her against misuse by encryption or in any other way.

Last updated: May 2021