top of page
WOWNICE LOGO -SLOGAN WHITE .png.png

PRIVACY POLICY


1. Controller
 

The controller responsible for the processing of personal data within the meaning of the GDPR is:

WowNice Consulting e.U., represented by Michael Wolfgang Brauneis.
[Art. 4 No. 7 GDPR]
 

2. Collection and Use of Personal Data

Data Provided Directly
 

We collect personal data that you provide to us when contacting us, requesting offers, concluding contracts, participating in workshops, or ordering digital content.

This includes in particular: name, address, telephone number, email address, company data and, in the case of orders, payment data.

WhatsApp Business

We use WhatsApp Business for voluntary communication.

WhatsApp processes, among other things:

  • Telephone numbers

  • Profile information

  • Chat histories

  • Metadata (e.g. device information, timestamps, connection data)

Legal basis:

Art. 6(1)(a) GDPR (consent)
Art. 6(1)(f) GDPR (legitimate interest in efficient communication)

Transparency information:

  • WhatsApp acts as an independent controller and not as a processor.

  • No data processing agreement pursuant to Art. 28 GDPR exists with WhatsApp.

  • Data may be processed outside the EU/EEA.

  • Use occurs only if you voluntarily contact us via WhatsApp.

  • Alternatives: email and telephone.

WhatsApp privacy policy:
https://www.whatsapp.com/legal/business-app-privacy-policy?lang=de

Server Log Files

When accessing our website, the following data is automatically processed:

  • IP address (possibly shortened)

  • Date and time

  • Browser type and version

  • Operating system

  • Visited pages

  • Referrer URL

  • Technical server logs of the hosting provider

Purpose: functionality, error analysis, system security.
[Art. 6(1)(f) GDPR]

Online Shop Data

When ordering digital content, personal data is processed, including:

  • Billing data

  • Email address

  • Payment information

  • Download and access data

Purpose: contract fulfilment and statutory retention obligations.
[Art. 6(1)(b) and (c) GDPR]

Use of AI Tools

We use AI tools exclusively to support internal work processes.
No personal data is processed. All inputs are anonymised or neutralised in advance.
 

3. Hosting, Servers and Cloud Services
 

Website Hosting

Our website is hosted by a European hosting provider that processes personal data exclusively within the EU/EEA.
The specific provider is listed in the Legal Notice.
 

Own Server
 

Personal data is additionally stored on a dedicated server of WowNice Consulting e.U.
This server is located exclusively in Austria and secured in accordance with Art. 32 GDPR.
 

Additional Cloud Solutions
 

We also use cloud services (e.g. Apple iCloud, email services, document management), provided that they:

  • comply with the GDPR

  • use EU locations or apply standard contractual clauses

  • use encrypted connections

  • have concluded data processing agreements where required

 

4. Cookies and Consent Management
 

We use only technically necessary cookies.
Analytics or marketing cookies are set only after your explicit consent.
[Art. 6(1)(a) GDPR]

Consent management is handled via a consent management tool.

5. Security Measures
 

We implement technical and organisational measures pursuant to Art. 32 GDPR, including:

  • HTTPS encryption

  • Access restrictions

  • Secure server locations in Austria

  • Regular backups

  • Security updates

 

6. Legal Bases for Processing

  • Art. 6(1)(a) GDPR – Consent

  • Art. 6(1)(b) GDPR – Contract fulfilment

  • Art. 6(1)(c) GDPR – Legal obligation

  • Art. 6(1)(f) GDPR – Legitimate interests (communication, IT security, documentation)

 

7. Data Subject Rights


You have the right to:

  • Access (Art. 15 GDPR)

  • Rectification (Art. 16 GDPR)

  • Erasure (Art. 17 GDPR)

  • Restriction of processing (Art. 18 GDPR)

  • Data portability (Art. 20 GDPR)

  • Objection (Art. 21 GDPR)

You may withdraw your consent at any time (Art. 7(3) GDPR).

Complaints may be addressed to:

Austrian Data Protection Authority
Barichgasse 40–42
1030 Vienna
Email: dsb@dsb.gv.at
 

8. Data Transfer and Data Processing Agreements
 

Personal data is transferred only if:

  • necessary for contract fulfilment

  • legally required

  • you have given consent

Data processing agreements pursuant to Art. 28 GDPR are concluded with all service providers where required.

 

9. Retention Period

 

We store personal data only as long as necessary for the respective purposes or as required by statutory retention obligations:

  • Financial documents: 7 years

  • Contract documents: up to 10 years

  • WhatsApp data: until purpose ceases

  • Communication data: until completion plus a maximum of 6 months

 

10. Amendments
 

We reserve the right to amend this privacy policy in response to legal or technical developments.
The current version is available on our website.

bottom of page