PRIVACY POLICY
„AppHouseKitchen“
I. Overview
If we may welcome you as a customer or business partner, please read from point IV.
If you visit our website, please read from point II.
II. Introduction
Welcome to the website https://apphousekitchen.com/! Please get a picture of how we process your personal data when you visit our website (Art 13, Art 14 GDPR; § 165 Abs 3 TKG “Austrian Telecommunication Act”).
III. What data do we process when you visit our website?
When visiting our website, the following data may be processed:
· operating system,
· country,
· date,
· Time and duration of access,
· IP[1] address and pages visited on our website, including entry and exit pages,
· E-Mail in the course of the Newsletter-Service,
· Payment data when purchasing our Software.
The processing of this data is necessary to ensure the security of the operation of the website and to guarantee the functionality of the website from a technical point of view. The collection of this data is partly carried out via technical cookies. These technical cookies are only used to the extent necessary (§ 165 Abs 3 TKG). The processing of this data is justified by our legitimate interest in the operation of our website (Art 6 para. 1 lit f GDPR).
For the operation of our website and web stores, it may be necessary to disclose your data to the following recipients:
| Purpose of data processing
| Legal justification
| Location | Transfer in third party country[2] |
Website-Hosting | Legitimate interest (Art 6 Abs 1 lit f GDPR)
| Germany | Within the EAA | |
Google (Alphabet)
See privacy policy: Privacy Policy – Privacy & Terms – Google | Social-Media-Plattform | Consensus (Art 6 Abs 1 lit a GDPR) | USA |
Standard contractual clauses 46 Abs 2 lit c
|
Paddle.com Market Ltd | Online-Reseller | Contactual obligation (Art 6 Abs 1lit b GDPR) | GBR |
Standard contractual clauses 46 Abs 2 lit c
Art 49 Abs 1 lit b |
Sendinblue | Newsletter-Provider |
Consensus (Art 6 Abs 1 lit a GDPR) | France |
Within the EAA
|
Setapp Ltd. | Alternative App Store | Contactual obligation (Art 6 Abs 1lit b GDPR) | Ireland | Within the EAA |
III.1. Currently used „technical“ cookies
The above-mentioned data is stored via so-called “cookies”[3]. Cookies are text files that are stored on your computer and enable an analysis of the use of the website. They are used to recognize and store temporary data of the homepage visitor. We only use cookies to the extent necessary to communicate with you via the website.
These technical cookies are activated as soon as you visit our homepage.
The following cookies are used on our website based on our legitimate interest (Art 6 para 1 lit f GDPR):
Duration of storage | Location of recipient | Purpose of data transfer
| |
Cookielawinfo-checkbox-necessary | 1 year | Germany | Registers if the viewer accepted the cookie-consent |
Ultp_view_# | 1 day | Germany | Used by the webserver |
III.2. Currently used „advertising-Cookies“
In addition to the “technical cookies” described above, we also use so-called advertising cookies (including “statistical cookies”). These advertising cookies enable us to better understand and evaluate your interests. With the help of advertising cookies, we can combine your “surfing behavior” across the boundaries of our website with data from other websites. This enables us to better understand the interests of our homepage visitors and to address them more specifically.
We respect that not every visitor to the website wants this. For this reason, we only process your data in the course of advertising cookies if you agree to this (Art 6 para 1 lit a GDPR). You can revoke this consent at any time, whereby the data processing carried out up to the time of revocation remains justified.
Currently, the following advertising cookies are used:
Name of cookie | Purpose | Duration of storage | Location of recipient | Purpose of data transfer
|
_ga (Google) | Statistical purpose | 2 years | USA | Registers a unique ID that is used to generate statistical data about it, revisit he uses the site. |
_ga_# | Statistical purpose | 2 years | USA | Collects data on how often a user has visited a website, as well as data for the first and last visit. Used by Google Analytics. |
_gat (Google) | Statistical purpose | 1 day | USA | Used by Google Analytics to limit the request rate. |
_gid (Google) | Statistical purpose | 1 day | USA | Registers a unique ID that is used to generate statistical data about who uses the website again. |
IV. Why do we process your data if we are in a business relationship?
In the course of our business relationship with customers or suppliers, we process data based on contractual (handling of the contractual relationship with you, pre-contractual obligations, invoicing of services, dispatch of documents, communication for handling the contract) and legal obligations (legally required storage within the meaning of § 132 Austrian BAO) (Art 6 para. 1 lit b and c GDPR) as well as based on our legitimate interests or the basis of legitimate interests of third parties (Art 6 para. 1 lit f GDPR), namely.
– for internal administration and management of your business case to the extent necessary (e.g., processing of your business case, transfer of your business case to different departments, filing, archiving purposes, correspondence with you);
– for direct advertising (e.g., mailing, e-mailing, satisfaction surveys, letters of congratulations, statistical evaluations);
We would like to expressly inform you that you can object to the processing of your data for direct advertising.
– Assertion and defense of legal claims
In each case, to the required extent. The processing of your data serves as the initiation, maintenance, and handling of our business relations. If you do not provide us with this data, we will unfortunately not be able to process your business case.
V. How long do we store your data?
We will only store your data for as long as it is necessary for the purposes for which we have collected your data. In this context, legal storage obligations must be taken into account (e.g., for tax reasons, contracts and other documents from our contractual relationship must always be stored for seven years (§ 132 Austrian BAO)). In justified individual cases, such as for the assertion and defense of legal claims, we can also store your data for up to 30 years after the end of the business relationship.
We store the data of interested parties for up to three years from the time of the last contact by the interested party.
VI. Who might receive your data?
In the course of our business relationship, it may be necessary for us to transfer your data to the following recipients:
Recipient | Purpose | Legal reasoning | Location | Transfer in third-party country[4] |
Attorney at law | Operation of claims | Contractual obligations (Art 6 para 1 lit b | In most cases Austria – sometimes also third countries | If outside the EAA – Art 49 Abs 1 b and e GDPR
|
Insurance company | Operation of claims |
Contractual obligations (Art 6 para 1 lit b | Austria | Within the EAA
|
Tax advisors | Tax advisoring | Contractual obligations (Art 6 para 1 lit b | Austria | Within the EAA |
Banks | Payment obligations | Contractual obligations (Art 6 para 1 lit b | Within the EAA | Within the EAA |
Paddle.com Market Ltd | Online-Reseller | Contactual obligation (Art 6 Abs 1lit b GDPR) | GBR |
Standard contractual clauses 46 Abs 2 lit c
Art 49 Abs 1 lit b |
Sendinblue | Newsletter-Provider |
Consensus (Art 6 Abs 1 lit a GDPR) | France |
Within the EAA
|
VII. Gathering of data from external sources (Art 14 GDPR)
In the course of a business relationship, or an initiation thereof, it is naturally necessary to research the business partner. This is done exclusively to the extent necessary for this purpose. In this context, data can be retrieved and processed from the following sources:
We receive the following data: email address, name, country, and payment method from Paddle.com Market Limited, located in GBR.
VIII. Do we process data via Profiling (in terms of Art 13 para 2 lit f GDPR)?
No automated decision-making or profiling takes place in our company.
IX. Information about your data subject rights
We would like to inform you that, provided the legal requirements are met:
- You have the right to request information about which data are processed by us (see in detail Art 15 of the GDPR).
- You have the right to ask for the correction or completion of incorrect or incomplete data concerning you (see in detail Art 16 of the GDPR).
- The right to have your data deleted (see in detail Art 17 of the GDPR).
- You have the right to object (see in detail Art 21 of the GDPR) to the processing of your data that is necessary to meet our legitimate interests or those of a third party. This applies, in particular, to the processing of your data for advertising purposes.
- You have the right to obtain the transmission of the data you have provided in a structured, common, and machine-readable format.
If we process your data based on your consent, you have the right to revoke this consent at any time by post or e-mail. This does not affect the lawfulness of the data processing carried out up to this point in time (Art 7 para 3 of the GDPR).
X. Do you have a right to appeal?
If, contrary to expectations, your right to lawful processing of your data is violated, please contact us by post or e-mail. We will make every effort to process your request immediately. You also have the right to complain to the supervisory authority for data protection matters responsible to you.
The current address of the Austrian Data Protection Authority is:
Österreichische Datenschutzbehörde
Barichgasse 40-42,
1030 Vienna
XI. How can you get in contact with us?
If you have any further questions about the processing of your data, you are welcome to contact our data protection coordinator by e-mail or by post (see address below).
XII. Controller
Controller in terms of Art 4 number 7 GDPR
AppHouseKitchen GmbH
Obersdorfer Straße 31/5/11,
2120 Wolkerdorf,
Austria
Email: [email protected]
[1] An IP address is a number that is assigned to a device. Devices can communicate over the Internet using this IP address. Each IP address contains information about the Internet service provider used and the physical location of the device used. In this way, information about the user of the device can be obtained.
[2] “Third Country” includes all countries other than (1) the Member States of the European Union and (2) the Member States of the European Economic Area, which means, in addition to the EU Member States, Iceland, Liechtenstein and Norway.
[3] You may refuse the use of cookies by selecting the appropriate settings on your browser. However, we would like to point out that in this case you may not be able to use all functions of this homepage to their full extent.
[4] “Third Country” includes all countries other than (1) the Member States of the European Union and (2) the Member States of the European Economic Area, which means, in addition to the EU Member States, Iceland, Liechtenstein and Norway.