Privacy Policy

This Privacy Policy informs you about the type, scope, and purpose of processing personal data (hereinafter referred to as “data”) within the framework of our services, our online offerings, and associated websites, features, content, as well as external online presences, such as our social media profiles (collectively referred to as “Online Offer”). With regard to the terms used, such as “processing” or “controller,” we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Controller

Goldacht e.U., Wienerbergstrasse 11/12A, 1100 Vienna, Austria

Email: privacy@goldacht.com

Owner: Mirela Vahdani

Legal Notice: https://www.goldacht.com/impressum

Types of Processed Data

• Basic Data (e.g., personal details, names, addresses).

• Contact Data (e.g., email addresses, phone numbers).

• Content Data (e.g., text entries, photographs, videos).

• Usage Data (e.g., visited websites, interest in content, access times).

• Meta/Communication Data (e.g., device information, IP addresses).

Categories of Data Subjects

Visitors and users of the online offering (hereinafter collectively referred to as “users”).

Purpose of Processing

• Providing the Online Offer, its functions, and content.

• Responding to contact requests and communicating with users.

• Implementing security measures.

• Measuring reach and marketing efforts.

Definitions

• Personal Data: Information related to an identified or identifiable natural person.

• Processing: Any operation performed on personal data, whether automated or not.

• Pseudonymization: Processing personal data so it cannot be attributed to a specific individual without additional information stored separately.

• Controller: The entity deciding the purpose and means of processing personal data.

• Processor: An entity processing personal data on behalf of the controller.

Legal Basis

Under Article 13 of the GDPR, we inform you of the legal bases for our data processing:

• Consent: Article 6(1)(a) and Article 7 GDPR.

• Contract Performance: Article 6(1)(b) GDPR.

• Legal Obligation: Article 6(1)(c) GDPR.

• Vital Interests: Article 6(1)(d) GDPR.

• Public Interest: Article 6(1)(e) GDPR.

• Legitimate Interests: Article 6(1)(f) GDPR.

Security Measures

We implement technical and organizational measures to ensure a level of protection appropriate to the risk in compliance with Article 32 of the GDPR. This includes securing confidentiality, integrity, and availability of data, monitoring access, and ensuring data separation.

Data Sharing

Data is disclosed to processors, jointly responsible parties, or third parties only based on legal permissions, consent, legal obligations, or legitimate interests.

Rights of Data Subjects

• Right to Access: Obtain information about whether data is processed and receive a copy.

• Right to Rectification: Correct or complete inaccurate data.

• Right to Erasure and Restriction: Request deletion or limitation of data processing.

• Right to Data Portability: Receive personal data in a machine-readable format.

• Right to Withdraw Consent: Withdraw previously given consent at any time.

• Right to Object: Object to data processing based on Article 6(1)(e) or (f) GDPR, including profiling.

Cookies

Cookies are small files stored on users’ devices to save session or preference information. We use both temporary and persistent cookies. Users can manage their cookie preferences through browser settings, though this may limit website functionality.

Retention Period

We delete data as soon as it is no longer necessary for its intended purpose and legal retention obligations no longer apply.

Changes to This Policy

We regularly update this policy to reflect changes in data processing. Significant updates requiring consent will be communicated explicitly.