Privacy Policy

Introduction and Overview

We have prepared this privacy policy (version 23.04.2026-113210183) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (short: data) we, as the controller, and the processors commissioned by us (for example providers), process, will process in the future, and what lawful options you have. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about the data we process about you.

Privacy policies usually sound very technical and use legal terminology. This privacy policy, on the other hand, is intended to describe the most important things as simply and transparently as possible. Wherever it supports transparency, technical terms are explained in a reader-friendly way, links to further information are provided, and graphics are used. We inform you in clear and simple language that, as part of our business activities, we only process personal data if there is a corresponding legal basis. This is certainly not possible if explanations are kept as short, unclear, and legalistic-technical as possible, as is often standard on the internet when it comes to data protection. We hope you find the following explanations interesting and informative and that perhaps there is one or two pieces of information you did not know yet.
If you still have questions, we would ask you to contact the responsible office named below or in the legal notice, follow the links provided, and view further information on third-party websites. Of course, our contact details can also be found in the legal notice.

Scope

This privacy policy applies to all personal data processed by us within the company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information within the meaning of Article 4 No. 1 GDPR, such as a person’s name, email address, and postal address. The processing of personal data enables us to offer and bill our services and products, whether online or offline. The scope of this privacy policy includes:

• all online presences (websites, online shops) that we operate
• social media presences and email communication
• mobile apps for smartphones and other devices

In short: This privacy policy applies to all areas in which personal data is processed in a structured manner within the company through the channels mentioned above. If we enter into legal relationships with you outside these channels, we will inform you separately if necessary.

Legal Bases

In the following privacy policy, we provide you with transparent information on the legal principles and regulations, in other words the legal bases of the General Data Protection Regulation, that allow us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course read this GDPR online on EUR-Lex, the access point to EU law, at https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex%3A32016R0679.

We only process your data if at least one of the following conditions applies:

1. Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. One example would be storing the data you enter into a contact form.
2. Contract (Article 6(1)(b) GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we require personal information in advance.
3. Legal obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally required to retain invoices for accounting purposes. These usually contain personal data.
4. Legitimate interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we must process certain data in order to operate our website securely and efficiently. This processing therefore constitutes a legitimate interest.

Other conditions such as carrying out tasks in the public interest, exercising official authority, and protecting vital interests generally do not apply to us. If such a legal basis should nevertheless be relevant, it will be indicated at the appropriate point.

In addition to the EU regulation, national laws also apply:

• In Austria, this is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Datenschutzgesetz), or DSG for short.
• In Germany, the Federal Data Protection Act, or BDSG, applies.

If other regional or national laws apply, we will inform you about them in the following sections.

Contact Details of the Controller

If you have any questions about data protection or the processing of personal data, you will find below the contact details of the controller in accordance with Article 4(7) GDPR:
Nekoman OG
Grubtal 124, 8462 Gamlitz
Austria

Email: office@nekoman.at
Phone: 0660 4932541
Legal Notice: https://nekoman.at/en/impressum

Storage Period

It is a general criterion for us that we only store personal data for as long as is absolutely necessary to provide our services and products. This means that we delete personal data as soon as the reason for processing no longer exists. In some cases, we are legally obliged to retain certain data even after the original purpose no longer applies, for example for accounting purposes.

If you wish to have your data deleted or revoke your consent to data processing, the data will be deleted as quickly as possible, provided there is no obligation to retain it.

We will inform you below about the specific duration of the respective data processing if we have further information on it.

Rights Under the GDPR

In accordance with Articles 13 and 14 GDPR, we inform you about the following rights to which you are entitled so that data is processed fairly and transparently:

• Under Article 15 GDPR, you have the right to know whether we process data concerning you. If this is the case, you have the right to receive a copy of the data and the following information:
  • for what purpose we carry out the processing;
  • the categories, that is, the types of data that are processed;
  • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
  • how long the data is stored;
  • the existence of the right to rectification, erasure, restriction of processing, and the right to object to processing;
  • that you can lodge a complaint with a supervisory authority;
  • the origin of the data if we did not collect it from you;
  • whether profiling is carried out, that is, whether data is automatically evaluated in order to create a personal profile about you.
• Under Article 16 GDPR, you have the right to rectification of data, which means that we must correct data if you find errors.
• Under Article 17 GDPR, you have the right to erasure (the right to be forgotten), which specifically means that you may request the deletion of your data.
• Under Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data and may no longer use it further.
• Under Article 20 GDPR, you have the right to data portability, which means that we will provide your data to you in a commonly used format upon request.
• Under Article 21 GDPR, you have the right to object, which, if exercised, results in a change in the processing.
  • If the processing of your data is based on Article 6(1)(e) GDPR (public interest or exercise of official authority) or Article 6(1)(f) GDPR (legitimate interest), you may object to the processing. We will then examine as quickly as possible whether we can legally comply with this objection.
  • If data is used for direct marketing, you may object to this type of data processing at any time. We may then no longer use your data for direct marketing.
  • If data is used for profiling, you may object to this type of data processing at any time. We may then no longer use your data for profiling.
• Under Article 22 GDPR, you may, under certain circumstances, have the right not to be subject to a decision based solely on automated processing.
• Under Article 77 GDPR, you have the right to lodge a complaint. This means that you may complain to the data protection authority at any time if you believe that the processing of personal data infringes the GDPR.

In short: You have rights. Please do not hesitate to contact the responsible office listed above.

If you believe that the processing of your data violates data protection law or that your data protection claims have been infringed in any other way, you may lodge a complaint with the supervisory authority. In Austria, this is the Data Protection Authority, whose website you can find at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The following local data protection authority is responsible for our company:

Web Hosting Introduction

What is web hosting?

When you visit websites nowadays, certain information, including personal data, is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By website, we mean the entirety of all web pages on a domain, in other words everything from the homepage to the very last subpage like this one. By domain, we mean, for example, example.com or sampledomain.com.

If you want to view a website on a computer, tablet, or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. We refer to them simply as browser or web browser.

To display the website, the browser must connect to another computer where the website’s code is stored: the web server. Operating a web server is a complicated and time-consuming task, which is why it is usually handled by professional providers. They offer web hosting and therefore ensure reliable and error-free storage of website data.

When the browser on your device connects to the web server and during data transfer to and from the web server, personal data may be processed. On the one hand, your device stores data and, on the other hand, the web server must also store data for a certain period of time in order to ensure proper operation.

An image is worth a thousand words, so the following graphic illustrates the interaction between browser, internet, and hosting provider.

Why do we process personal data?

The purposes of data processing are:

1. professional hosting of the website and safeguarding of operations
2. maintaining operational and IT security
3. anonymous analysis of access behavior to improve our offering and, if necessary, to prosecute or defend legal claims

What data is processed?

Even while you are currently visiting our website, our web server, which is the computer on which this website is stored, usually automatically stores data such as:

• the full internet address (URL) of the accessed web page
• browser and browser version (for example Chrome 87)
• the operating system used (for example Windows 10)
• the address (URL) of the previously visited page (referrer URL), for example https://www.beispielquellsite.de/vondabinichgekommen/
• the host name and IP address of the device from which access is made
• date and time
• in files called web server log files

How long is data stored?

As a rule, the data mentioned above is stored for two weeks and then automatically deleted. We do not pass this data on, but we cannot rule out that it may be viewed by authorities in the event of unlawful behavior.

In short: Your visit is logged by our provider, that is, the company that runs our website on special computers (servers), but we do not pass your data on without consent.

Legal basis

The lawful basis for processing personal data in the context of web hosting arises from Art. 6(1)(f) GDPR (safeguarding legitimate interests), because the use of professional hosting with a provider is necessary in order to present the company securely and user-friendly on the internet and, if necessary, to be able to pursue attacks and claims arising from this.

There is generally a data processing agreement between us and the hosting provider in accordance with Art. 28 GDPR, which ensures compliance with data protection and guarantees data security.

External Hosting Provider Privacy Policy

Below you will find the contact details of our external hosting provider, where you can learn more about data processing in addition to the information above:

Vercel Inc.
340 S Lemon Ave #4133
Walnut, CA 91789
USA

You can learn more about data processing by this provider in the privacy policy.

Email Marketing Introduction

What is email marketing?

To keep you up to date, we also use the option of email marketing. If you have consented to receive our emails or newsletters, your data will also be processed and stored. Email marketing is a part of online marketing. News or general information about a company, products, or services is sent by email to a specific group of people interested in it.

If you would like to take part in our email marketing, usually via newsletter, you normally only need to register with your email address. To do this, you fill out an online form and submit it. However, it may also happen that we ask for your title and name so that we can address you personally.

As a rule, newsletter registration works using the so-called double opt-in procedure. After you register for our newsletter on our website, you will receive an email through which you confirm the newsletter registration. This ensures that the email address belongs to you and that nobody has registered with someone else’s email address. We or a notification tool used by us logs every single registration. This is necessary so that we can prove the legally correct registration process. As a rule, the time of registration, the time of registration confirmation, and your IP address are stored. In addition, it is also logged when you make changes to your stored data.

Why do we use email marketing?

We naturally want to stay in contact with you and always present you with the most important news about our company. For this purpose, among other things, we use email marketing, often simply called newsletters, as an essential part of our online marketing. If you agree to this or if it is permitted by law, we will send you newsletters, system emails, or other notifications by email. When we use the term newsletter in the following text, we primarily mean regularly sent emails. Of course, we do not want to bother you with our newsletter in any way. That is why we always strive to offer only relevant and interesting content. This way, you can learn more about our company, our services, or our products. Since we are always improving our offers, you will also find out through our newsletter when there is news or when we are currently offering special, attractive promotions. If we commission a service provider that offers a professional sending tool for our email marketing, we do so in order to be able to offer you fast and secure newsletters. The purpose of our email marketing is basically to inform you about new offers and also to come closer to our business goals.

What data is processed?

If you become a subscriber to our newsletter via our website, you confirm membership in an email list by email. In addition to IP address and email address, your title, name, address, and telephone number may also be stored. However, only if you consent to this data storage. The data marked as such is required so that you can participate in the service offered. Providing it is voluntary, but not providing it will result in you not being able to use the service. In addition, information about your device or your preferred content on our website may also be stored. You can find more about data storage when visiting a website in the section on automatic data storage. We record your declaration of consent so that we can always prove that it complies with our laws.

Duration of data processing

If you unsubscribe your email address from our email or newsletter distribution list, we may store your address for up to three years on the basis of our legitimate interests so that we can still prove your consent at that time. We may only process this data if we have to defend ourselves against possible claims.

However, if you confirm that you have given us consent to subscribe to the newsletter, you can submit an individual deletion request at any time. If you permanently object to the consent, we reserve the right to store your email address in a suppression list. As long as you have voluntarily subscribed to our newsletter, we will of course also retain your email address.

Right to object

You have the option to cancel your newsletter subscription at any time. To do this, you only need to withdraw your consent to the newsletter subscription. This usually takes only a few seconds or one or two clicks. In most cases, you will find a link directly at the end of every email to cancel the newsletter subscription. If the link really cannot be found in the newsletter, please contact us by email and we will cancel your newsletter subscription immediately.

Legal basis

Our newsletter is sent on the basis of your consent (Article 6(1)(a) GDPR). This means that we may only send you a newsletter if you have actively signed up for it beforehand. If permitted by law, we may also send you advertising messages if you have become our customer and have not objected to the use of your email address for direct advertising.

Information on specific email marketing services and how they process personal data can be found, where available, in the following sections.

Explanation of Terms Used

We always strive to write our privacy policy as clearly and understandably as possible. However, this is not always easy, especially with technical and legal topics. It often makes sense to use legal terms such as personal data or certain technical expressions such as cookies or IP address. However, we do not want to use them without explanation. Below you will now find an alphabetical list of important terms used that we may not yet have sufficiently explained in the previous privacy policy. If these terms have been taken from the GDPR and are definitions, we will also quote the GDPR texts here and add our own explanations if necessary.

Processor

Definition according to Article 4 GDPR

For the purposes of this Regulation, the term means:

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Explanation: As a company and website owner, we are responsible for all data that we process from you. In addition to controllers, there may also be so-called processors. This includes any company or person that processes personal data on our behalf. Processors can therefore include, in addition to service providers such as tax consultants, hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.

Consent

Definition according to Article 4 GDPR

For the purposes of this Regulation, the term means:

Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

Explanation: As a rule, on websites such consent is given via a cookie consent tool. You probably know this. Whenever you visit a website for the first time, you are usually asked via a banner whether you agree to or consent to data processing. You can usually also make individual settings and decide for yourself which data processing you allow and which you do not. If you do not consent, no personal data about you may be processed. In principle, consent can of course also be given in writing, not only via a tool.

Personal Data

Definition according to Article 4 GDPR

For the purposes of this Regulation, the term means:

Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Explanation: Personal data is therefore any data that can identify you as a person. This is usually data such as:

• name
• address
• email address
• postal address
• telephone number
• date of birth
• identification numbers such as social security number, tax identification number, identity card number, or student number
• bank data such as account number, credit information, account balances, and similar information

According to the Court of Justice of the European Union (CJEU), your IP address also counts as personal data. IT experts can use your IP address to determine at least the approximate location of your device and subsequently you as the connection owner. Therefore, storing an IP address also requires a legal basis within the meaning of the GDPR. There are also so-called special categories of personal data that deserve particular protection. These include:

• racial and ethnic origin
• political opinions
• religious or philosophical beliefs
• trade union membership
• genetic data such as data taken from blood or saliva samples
• biometric data
• health data
• data concerning sexual orientation or sex life

Profiling

Definition according to Article 4 GDPR

For the purposes of this Regulation, the term means:

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

Explanation: Profiling involves collecting various pieces of information about a person in order to learn more about them. On the web, profiling is often used for advertising purposes or for credit checks. Web or advertising analysis programs collect, for example, data about your behavior and interests on a website. This creates a specific user profile that can be used to target advertising to a specific audience.

Controller

Definition according to Article 4 GDPR

For the purposes of this Regulation, the term means:

Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Explanation: In our case, we are responsible for the processing of your personal data and are therefore the controller. If we pass collected data on to other service providers for processing, they are processors. For this purpose, a data processing agreement must be signed.

Processing

Definition according to Article 4 GDPR

For the purposes of this Regulation, the term means:

Processing means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Note: When we speak of processing in this privacy policy, we mean any type of data processing. As mentioned above in the original GDPR statement, this includes not only the collection but also the storage and processing of data.

All texts are protected by copyright.

Source: Privacy Policy created with the AdSimple Privacy Policy Generator for Austria