+43 (0) 664 945 0555

Data protection

+43 (0) 664 945 0555 Book appointment

Data protection

In the following, we provide information on the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g., name, address, email addresses, user behavior.

I. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states and other data protection regulations is:

Mag. Anton Fedotov (Creatore)
Gluckgasse 2, Top 1 1010 Vienna Austria
Phone: +43 664 945 0555
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

II. Name and Address of the Data Protection Officer

The data protection officer of the controller is:

Mag. Anton Fedotov (Creatore)
Gluckgasse 2, Top 1 1010 Vienna Austria
Phone: +43 664 945 0555
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

III. General Information on Data Processing

  1. Scope of the processing of personal data

We collect and use personal data from our users only to the extent necessary to provide a functional website, our content, and our services. The collection and use of personal data from our users takes place regularly only after the consent of the user. An exception applies in cases where prior consent is not possible for factual reasons and the processing of the data is permitted by law.

  1. Legal basis for the processing of personal data

If we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis for the processing of personal data.

In the processing of personal data that is necessary for the fulfillment of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

If the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

If processing is necessary to safeguard the legitimate interests of our company or a third party and the interests, fundamental rights, and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

  1. Data deletion and storage duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage is no longer fulfilled. Storage may also take place if this has been provided for by the European or national legislator in EU regulations, laws, or other provisions to which the controller is subject. The blocking or deletion of the data also takes place when a storage period prescribed by the mentioned standards expires, unless there is a necessity for the further storage of the data for a contract conclusion or a contract fulfillment.

IV. Provision of the Website and Creation of Log Files

  1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer. The following data is collected:

  • Information about the browser type and the version used
  • The user's operating system
  • The user's IP address
  • Date and time of access
  • Websites from which the user's system accesses our website

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

  1. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.

  1. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. For this purpose, the user's IP address must be stored for the duration of the session. Storage in log files takes place to ensure the functionality of the website. The data also serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

In these purposes, our legitimate interest in the processing of personal data also lies according to Art. 6 para. 1 lit. f GDPR.

4. Duration of Storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session is ended. In the case of the storage of data in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.

5. Possibility of Objection and Removal

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

V. Use of Cookies

a) Description and Scope of Data Processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that allows for the unique identification of the browser when the website is accessed again.

This website uses the following types of cookies, the scope and functionality of which are explained below:

  • Transient Cookies
  • Persistent Cookies

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. In this case, the following data is stored and transmitted in the cookies:

(1) Items in a shopping cart
(2) Login information

We also use cookies on our website that allow for an analysis of user surfing behavior. Further information on this can be found in the further course of our data protection declaration (VI - VII).

The user data collected in this way is pseudonymized by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.

When visiting our website, users are informed about the use of cookies for analysis purposes by an information banner and are referred to this data protection declaration. In addition, their consent to the processing of the personal data used in this context is obtained.

b) Legal Basis for Data Processing

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a GDPR, if the user has given his consent to this.

c) Purpose of Data Processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after a page change. We need cookies for the following applications:

(1) Shopping cart
(2) Login information when logging in to your customer account
(3) Saving search terms

The user data collected by technically necessary cookies is not used to create user profiles.

The use of analysis cookies is for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus continuously optimize our offer. You can find more information about the purpose of use in the course of our data protection declaration (VI-VII).

This is also our legitimate interest in processing personal data in accordance with Art. 6 para. 1 lit. f DSGVO.

e) Duration of storage, possibility of objection and removal

Transient cookies (see a) are automatically deleted when you close your browser. This includes session cookies in particular. These store a so-called session ID, with which different requests from your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.

Persistent cookies (see a) are automatically deleted after a predefined period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to the full extent.

The transmission of Flash cookies cannot be prevented by the browser settings, but by changing the settings of the Flash Player.

VI. Google Analytics

Our websites use Google Analytics, a web analytics service provided by Google Ireland Limited ("Google"). The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google uses "cookies," which are text files stored on your computer that enable the analysis of your use of the website. The information generated by the cookie about your use of the website, such as:

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Hostname of the accessing computer (IP address), and
  • Time of the server request,

is generally transmitted to a Google server in the USA and stored there. The website also uses Google Analytics with the "_anonymizeIp()" extension, so data is processed anonymously. The IP address is shortened by the last three digits, making it impossible to associate the IP address uniquely. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

Google will use this information on our behalf to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage. Google may also transfer this information to third parties if required by law or if third parties process the data on Google's behalf. Google will not associate your IP address with any other data held by Google. Our legitimate interest in processing personal data lies in these purposes in accordance with Article 6(1)(f) GDPR.

Data processing is based on Article 6(1)(f) GDPR. The deletion of data occurs automatically once a month after statistical evaluation.

You can prevent the installation and storage of cookies by setting your browser software accordingly. However, we point out that in this case, you may not be able to fully use all the functions of this website.

Additionally, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: tools.google.com/dlpage/gaoptout.

As an alternative to the browser add-on, especially for browsers on mobile devices, you can prevent the collection by Google Analytics by setting an opt-out cookie in your browser, which prevents the future collection of your data when visiting this website. The opt-out cookie is only valid in this browser and only for our website and will be placed on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again. More information on setting the cookie can be found here: link.

Here you can deactivate Google Analytics: Set Opt-Out Cookies (Link)

By using the website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. Further information about Google Analytics can be found on the manufacturer's website Google at the following link: link.

VII. Use of Google AdWords Conversion and Google Remarketing

We use the Google AdWords service to draw attention to our attractive offers on external websites with the help of advertising materials (so-called Google AdWords ads). We can determine the success of individual advertising measures in relation to the data from the advertising campaigns. Our goal is to show you advertisements that interest you, make our website more engaging for you, and achieve fair advertising cost calculations.

These advertisements are delivered by Google through so-called "Ad Servers." For this, we use Ad Server Cookies, which can measure certain parameters of success, such as ad impressions or clicks by users. If you reach our website via a Google ad, Google AdWords will store a cookie on your PC. These cookies usually expire after 30 days and are not intended to personally identify you. Typically, this cookie stores analysis data such as the unique cookie ID, the number of ad impressions per placement (frequency), the last impression (relevant for post-view conversions), and opt-out information (indicating that the user does not wish to be targeted anymore).

These cookies allow Google to recognize your internet browser. If a user visits certain pages of an AdWords customer's website and the stored cookie has not yet expired, Google and the customer can detect that the user clicked on the ad and was redirected to that page. Each AdWords customer is assigned a different cookie. Therefore, cookies cannot be tracked across the websites of different AdWords customers. We do not collect or process any personal data ourselves within these advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of advertising materials, particularly no information that could identify users.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google's server. We have no influence on the extent and further use of the data collected by Google through the use of this tool and inform you according to our level of knowledge: By integrating AdWords Conversion, Google receives the information that you have accessed the corresponding part of our online presence or clicked on an advertisement from us. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or are not logged in, it is possible that the provider will obtain and store your IP address.

In addition to AdWords Conversion, we use the Google Remarketing application. This is a procedure we use to address you again. Through this application, our advertisements can be displayed to you during your further internet use after visiting our website. This is done via cookies stored in your browser, through which your usage behavior is recorded and evaluated by Google when visiting various websites. This allows Google to determine your previous visit to our website. According to Google's statements, no merging of the data collected during remarketing with your personal data, which may be stored by Google, takes place. In particular, Google claims that pseudonymization is used during remarketing.

You can prevent participation in this tracking process in various ways:

a) by configuring your browser software accordingly, particularly by suppressing third-party cookies, which will result in you not receiving ads from third-party providers;

b) by disabling conversion tracking cookies by setting your browser to block cookies from the domain "www.googleadservices.com" (https://www.google.de/settings/ads), although this setting will be deleted if you delete your cookies;

c) by disabling interest-based ads from providers who are part of the self-regulatory campaign "About Ads" via the link www.aboutads.info/choices, although this setting will be deleted if you delete your cookies;

d) by permanently disabling it in your browsers Firefox, Internet Explorer, or Google Chrome via the link www.google.com/settings/ads/plugin. Please note that in this case, you may not be able to use all the functions of this offer to their full extent.

 The legal basis for processing your data is Art. 6 para. 1 sentence 1 lit. f GDPR. For more information on Google's data protection, please visit: www.google.com/intl/de/policies/privacy and services.google.com/sitestats/de.html  

Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at www.networkadvertising.org. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

VIII. Use of Social Media Plug-Ins

This website also uses plug-ins from the providers Facebook, Twitter, and YouTube. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. An overview of Facebook plug-ins can be found here: developers.facebook.com/docs/plugins/ Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103. Further information about Twitter plug-ins can be found here: twitter.com/about/resources/buttons YouTube is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066 USA, represented by Google Ireland Limited ("Google") at the same address. Further information about YouTube plug-ins can be found, among others, here: plus.google.com/+youtube/posts

When you access a subpage of our website that includes one of the aforementioned plug-ins, a connection to the servers of the corresponding provider is established, and the plug-in is displayed on the website through a notification to your browser. This transmits to the server of the respective network provider which of our web pages you have visited. If you are logged in as a member of one of the providers, the provider assigns this information to your personal user account. When using the plug-in functions (e.g., clicking the "Like" button, leaving a comment on Facebook), this information is also assigned to your account, which you can prevent only by logging out before using the plug-in.

The plug-ins are usually activated only when you click on the corresponding buttons. If these are displayed in grey, the plug-ins are inactive. You have the option to activate the plug-ins either once or permanently. The plug-ins establish a direct connection between your browser and the plug-in providers' servers. This occurs only after the plug-in is activated. As the website operator, we have no influence on the nature and scope of the data that the plug-in transmits to the plug-in provider's servers.

For more information on the collection and use of data by network providers, your rights in this regard, and options for protecting your privacy, please refer to the respective data protection notices of the providers. Data protection notices:

Data processing via our website is based on Article 6(1)(1)(f) of the GDPR. If you do not want the network providers to directly associate the data collected via our web presence with your user profile, you must log out of your network account before visiting our website. The loading of plug-ins can also be completely prevented by using specially developed add-ons for your browser.

IX. Web Analysis by Matomo (formerly PIWIK)

  1. Scope of Data Processing:
    This website uses the open-source web analytics service Matomo. Matomo uses technologies that enable the cross-page recognition of the user for the analysis of user behavior (e.g., cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymized before storage. With the help of Matomo, we are able to collect and analyze data about the use of our website by visitors. This allows us, among other things, to find out when certain page views were made and from which region they come. We also collect various log files (e.g., IP address, referrer, used browsers and operating systems) and can measure whether our website visitors perform certain actions (e.g., clicks, purchases, etc.). The software runs exclusively on the servers of our website. Storage of this data only takes place there. The data is not passed on to third parties. The software is configured so that IP addresses are not stored in full, but the last two bytes of the IP address are masked (e.g., 192.168.xxx.xxx). In this way, it is no longer possible to assign the truncated IP address to the requesting computer.
  2. Legal Basis:
    The use of this analysis tool is based on Art. 6 (1) lit. f GDPR.
  3. Purpose of Data Processing:
    The processing of this personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. These purposes also constitute our legitimate interest in processing the data in accordance with Art. 6 (1) lit. f GDPR. By anonymizing the IP address, the interests of users in the protection of their personal data are sufficiently taken into account.
  4. Objection and Removal Options:
    We offer our users the possibility to opt-out of the analysis procedure on our website. To do this, you must follow the corresponding link. This sets a cookie on your system that signals to our system not to store the user's data. If you delete the corresponding cookie from your system in the meantime, you must set the opt-out cookie again.

X. General Data Processing in the Context of the Ordering Process

  1. Scope of Data Processing:
    During the ordering process on our website, we collect personal data such as name, address, and email address.
  2. Legal Basis for Data Processing:
    The legal basis for storing your data is Article 6(1)(1)(b) GDPR.
  3. Purpose of Data Processing:
    We use the data you provide during the ordering process exclusively for fulfilling and processing the contractual relationships established with you, without requiring separate consent. Personal data is processed by us only to the extent technically necessary. Under no circumstances will personal data be used for other purposes outside our company, sold, or otherwise transferred to third parties without your explicit and revocable consent. An exception is the transfer of your data to the shipping company entrusted with the delivery, insofar as this is necessary for delivering the goods.

To process payments, we transfer your payment data to the credit institution responsible for the payment. If you choose PayPal as the payment method, you will be automatically redirected to the online payment service PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. In this case, the PayPal terms of use apply, which can be accessed by the customer at www.paypal.com/de/webapps/mpp/ua/useragreement-full or - if no PayPal account exists - at www.paypal.com/de/webapps/mpp/ua/privacywax-full. The payment amount will then be debited from the customer's account via PayPal after entering the required data and selecting the payment method provided by PayPal (direct debit, credit card, invoice). If the customer selects "PayPal Invoice" as the payment method, the seller assigns their payment claim against the customer to PayPal within the scope of an ongoing factoring agreement. In this case, the general terms and conditions for using PayPal's purchase on account service apply, accessible at www.paypal.com/de/webapps/mpp/ua/pui-terms.

If you choose Amazon Payments as the payment method, you will be automatically redirected to the online payment service Amazon, acting under Amazon EU SARL, Amazon Services Europe SARL, and Amazon Media EU SARL, all located at 5, Rue Plaetis L 2338, Luxembourg. In this case, the Amazon terms of use and privacy conditions apply, which the customer can access at pay.amazon.com/de/help/201751600. The payment amount will then be debited from the customer's account after entering the required data and selecting the payment method provided by Amazon.

4. Duration of Storage, Objection, and Removal Options

The user has the option to object to the processing of their personal data. If the data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, an early deletion of the data is only possible insofar as no contractual or legal obligations oppose such deletion. In this case, upon complete execution of the contract and full payment of the purchase price, the user's data will be blocked from further use and deleted after the expiration of tax and commercial law regulations, unless explicit consent for further use of this data has been given.

XI. Newsletter

1. Description and scope of data processing:

On our website, it is possible to subscribe to a free newsletter. When registering for the newsletter, the data from the input mask is transmitted to us.

(1) IP address of the accessing computer

(2) Date and time of registration

Your consent is obtained for the processing of the data during the registration process, and reference is made to this privacy policy.

There is no disclosure of data to third parties in connection with the processing of data for newsletter dispatch. The data is used exclusively for sending the newsletter.

2. Legal basis for data processing:

The legal basis for processing the data after the user has registered for the newsletter, if consent has been obtained, is Art. 6 Para. 1 lit. a GDPR.

3. Purpose of data processing:

The collection of the user's email address is intended to deliver the newsletter. The collection of other personal data as part of the registration process is intended to prevent misuse of the services or the email address used.

4. Duration of storage:

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The user's email address is therefore stored for as long as the newsletter subscription is active. For newsletter registration, we use the double opt-in procedure. This means that after registering, we will send an email to the provided email address asking for confirmation that the user wishes to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month.

Other personal data collected as part of the registration process is generally deleted after a period of seven days.

5. Right to object and removal:

The newsletter subscription can be cancelled by the user at any time. For this purpose, there is a corresponding link in the footer of each newsletter. This also enables revocation of consent to the storage of personal data collected during the registration process.

 

XII. Registration

1. Description and scope of data processing:

On our website, we offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. There is no disclosure of data to third parties. Mandatory information required for the processing of contracts is marked separately, additional information is voluntary.

At the time of registration, the following data is also stored:

(1) The user's IP address

(2) Date and time of registration

As part of the registration process, consent is obtained from the user for the processing of this data.

2. Legal basis for data processing:

The legal basis for processing the data, if consent has been obtained from the user, is Art. 6 Para. 1 lit. a GDPR. If registration also serves the fulfillment of a contract of which the user is a party or the implementation of pre-contractual measures, the additional legal basis for processing the data is Art. 6 Para. 1 lit. b GDPR.

3. Purpose of data processing:

With registration or opening of a customer account, the inventory data provided by you (name, address, email address, telephone and/or fax number) is stored in a customer database. This allows you to log in and order with your username and password for future purchases without having to enter your data separately again.

4. Duration of storage:

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. This is the case for data collected during the registration process when the registration on our website is canceled or modified, and otherwise when the data is no longer required for the execution of the contract. Even after the contract has been concluded, there may be a need to store the contracting party's personal data in order to comply with contractual or legal obligations.

5. Right to object and removal:

As a user, you have the opportunity to dissolve the registration at any time. You can also have the data stored about you changed at any time. If the data is necessary for the fulfillment of a contract or for the implementation of pre-contractual measures, premature deletion of the data is only possible if there are no contractual or legal obligations preventing deletion.

 

XIII. Contact form and email contact

1. Description and scope of data processing:

There is a contact form on our website that can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored. At the time the message is sent, the following data is also stored:

(1) The user's IP address

(2) Date and time of registration

For the processing of data, your consent is obtained during the sending process, and reference is made to this privacy policy. Alternatively, contact can be made via the provided email address. In this case, the personal data of the user transmitted with the email will be stored. In this context, the data is not passed on to third parties. The data is used exclusively for processing the conversation.

2. Legal basis for data processing:

The legal basis for processing the data, if consent has been obtained from the user, is Art. 6 Para. 1 lit. a GDPR. The legal basis for processing data transmitted in the course of sending an email is Art. 6 Para. 1 lit. f GDPR. If the email contact aims to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR.

3. Purpose of data processing:

The processing of personal data from the input mask serves solely to process the contact. In the case of contact via email, there is also the necessary legitimate interest in processing the data. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of storage:

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is deemed to have ended when it can be inferred from the circumstances that the relevant facts have been finally clarified. Additional personal data collected during the sending process will be deleted no later than one month after the end of the process.

5. Right to object and removal:

The user has the opportunity to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in connection with the contact will be deleted in this case.

XIV. Online Appointment Scheduling

This website uses the online appointment booking and customer management system of Shore GmbH, Ridlerstr. 31, 80339 Munich (hereinafter referred to as "Shore"). When using the online appointment booking, personal data is transmitted to Shore as part of order processing. Various personal data must be provided by you to book an appointment (see below). You will receive a booking confirmation and a reminder of the appointment via SMS and email before the appointment. We process your data for the purpose of service provision and to remind you of the upcoming appointment.

When an online appointment is scheduled, the data entered into the input form during registration is collected. This includes: first name, last name, email address, phone/cell phone number, scheduled appointment and branch, voluntary information in the "Special Requests" field.

You will receive a booking confirmation and a reminder of the appointment via SMS and email shortly before the upcoming appointment. We process your data for the purpose of service provision and to remind you of the upcoming appointment. Your personal data will be deleted as soon as it is no longer necessary for the original processing purpose.

The information you provide is processed by Shore on our behalf. The use of Shore is based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR in fast and effective appointment booking and management. We have concluded a data processing agreement with Shore GmbH, Ridlerstr. 31, 80339 Munich within the scope of this data processing.

XV. Rights of the Data Subject

If your personal data is processed, you are a data subject within the meaning of the GDPR, and you have the following rights against the controller:

  1. Right to Information
    You may request confirmation from the controller as to whether personal data concerning you is being processed. If such processing is taking place, you can request the following information from the controller:

    (1) the purposes for which the personal data are processed;
    (2) the categories of personal data processed;
    (3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
    (4) the envisaged period for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that period;
    (5) the existence of the right to rectify or erase personal data concerning you, the right to restrict processing by the controller or the right to object to such processing;
    (6) the existence of the right to lodge a complaint with a supervisory authority;
    (7) all available information on the origin of the data if the personal data were not collected from the data subject;
    (8) the existence of automated decision-making, including profiling, pursuant to Art. 22 para. 1 and 4 GDPR and, at least in these cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject. You have the right to request information as to whether the personal data concerning you will be transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR relating to the transfer.
  2. Right to Rectification
    You have the right to request the controller to correct or complete any inaccurate or incomplete personal data concerning you without delay.
  3. Right to Restriction of Processing
    Under the following conditions, you may request the restriction of processing of personal data concerning you:
    (1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
    (2) if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
    (3) if the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defense of legal claims, or
    (4) if you have objected to processing pursuant to Art. 21 para. 1 GDPR pending the verification of whether the legitimate grounds of the controller override yours.

If processing of the personal data concerning you has been restricted, such data – apart from being stored – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

  1. Right to Erasure
    a) Obligation to Erase You may request the controller to erase personal data concerning you without undue delay, and the controller shall erase such data without undue delay where one of the following grounds applies:
    (1) the personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
    (2) you withdraw consent on which the processing is based according to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal ground for the processing.
    (3) you object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para. 2 GDPR.
    (4) the personal data concerning you have been unlawfully processed.
    (5) the erasure of personal data concerning you is required to fulfill a legal obligation under Union or Member State law to which the controller is subject.
    (6) the personal data concerning you have been collected in relation to the offer of information society services referred to in Art. 8 para. 1 GDPR.

    b) Information to Third Parties Where the controller has made the personal data concerning you public and is obliged pursuant to Art. 17 para. 1 GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers processing the personal data that you have requested erasure by such controllers of any links to, or copy or replication of, those personal data.

    c) Exceptions The right to erasure does not apply to the extent that processing is necessary
    (1) for exercising the right of freedom of expression and information;
    (2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
    (3) for reasons of public interest in the area of public health pursuant to Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
    (4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89 para. 1 GDPR insofar as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
    (5) for the establishment, exercise or defense of legal claims.

  2. Right to Information
    If you have exercised your right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of data or restriction of processing, unless this proves impossible or involves disproportionate effort.

    You have the right to be informed by the controller about these recipients.

 

  1. Right to Data Portability
    You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data have been provided, where:
    (1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR, and
    (2) the processing is carried out by automated means.

    In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others. The right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

 

  1. Right to Object
    You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data, which is carried out based on Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions. The controller will no longer process your personal data unless they can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims.

    If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling to the extent that it is related to such direct marketing. If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

    You have the option, in connection with the use of information society services and notwithstanding Directive 2002/58/EC, to exercise your right to object by automated means using technical specifications.

 

  1. Right to Withdraw
    Consent You have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

  2. Automated Individual Decision-Making, Including Profiling
    You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision:
    (1) is necessary for entering into or performance of a contract between you and the controller,
    (2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
    (3) is based on your explicit consent.

    However, these decisions shall not be based on special categories of personal data referred to in Article 9(1) GDPR, unless Article 9(2)(a) or (g) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place. With regard to the cases referred to in (1) and (3), the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view, and to contest the decision.

  3. Right to Lodge a Complaint with a Supervisory Authority
    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

    The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.
+43 (0) 664 945 0555
Address: Gluckgasse 2, 1010 Vienna
Show on the map
The parking garage Neuer Markt is 50 meters away from our shop.
By appointment only
MON-FRI 11:00 - 20:00
SAT 11:00 - 18:00
Email: info@creatore.at
To make your visit as comfortable as possible, please call us in advance or complete the 
Book an appointment for the fitting today and get a free custom shirt for your first order of a custom-made suit or a jacket.
We listen to your preferences and wishes, take measurements and create exactly what you want.
Leave your details and we will contact you to clarify all the details.
Book an appointment