Last Updated: January 10, 2025

Table of Contents

1. Controller
2. Principles of Data Processing
3. Processing of Personal Data
4. Server Log Files and Security
5. Cookies and Technically Necessary Data
6. Purposes of Data Processing
7. Data Transfer
8. Your Rights
9. Data Security
10. Data Retention
11. Changes

1. Controller

The controller responsible for data processing is Linkplicity GmbH, represented by Patrick Taudes, Donaufelder Straße 6/6, 1210 Vienna, Austria. You can contact us by email at patrick.taudes@linkplicity.com or by phone at +43 (0) 676 636 8331.

2. Principles of Data Processing

Protecting your privacy is our primary concern. We process your personal data in accordance with applicable data protection laws and this privacy policy. Various personal data is collected when you use our service. Personal data refers to information relating to an identified or identifiable natural person. The data we collect is either provided by you directly or automatically, or with your consent, when you visit the service.

3. Processing of Personal Data

3.1 Registration and User Account

To use our service, registration is required. During registration, we collect your email address for account management and communication, your name for profile creation, and a password that we store in encrypted form. Additionally, we process contact details that you provide for integration into the QR code. This data processing is based on the performance of the contract according to Art. 6 para. 1 lit. b GDPR.

3.2 Qr Code Function

A key feature of our service is the QR code functionality. The contact details you provide for this purpose are integrated into the QR code and, when scanned by other users, are added to their digital address book. This processing is based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can withdraw at any time.

3.3 Premium Features

When you use paid premium features, we also process your payment details, billing address, and payment history. This processing is necessary for the performance of the contract and to fulfill legal obligations, particularly regarding tax-related retention requirements (Art. 6 para. 1 lit. b, c GDPR).

4. Server Log Files and Security

Our server provider automatically collects and stores data in server log files as part of our legitimate interest in ensuring the proper technical display and optimization of our website, as well as ensuring system security. This data is technically necessary to deliver our service correctly, maintain the security of our IT systems, and prevent and investigate abuse.

The processing is based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR and includes the following data:

• Browser type and version
• Operating system used
• Referrer URL (the previously visited page)
• Hostname of the accessing computer (IP address, anonymized)
• Time of the server request
• Data amount transmitted
• Successful retrieval message
• Name of the retrieved file

This data is not linked to specific individuals. It is not merged with other data sources.

5. Cookies and Technically Nescessary Data

We limit the use of cookies to what is technically necessary. We use a session cookie for authentication and session management, which is automatically deleted when the browser is closed. To protect against CSRF attacks, we use a security cookie, which is also only stored for the duration of the session. The use of these cookies is based on our legitimate interest in providing a secure and user-friendly service, according to Art. 6 para. 1 lit. f GDPR.

Additionally, for the operation of our service, we collect technically necessary protocol data, such as anonymized IP addresses, access times, visited pages, and browser and operating system information. This data is deleted automatically after seven days.

6. Purposes of Data Processing

We process your personal data only for specific purposes and in accordance with legal regulations. The specific purposes are:

1. Service provision and contract fulfillment: To make our service available to you, manage your user account, and provide the features you have requested.
2. Communication: To communicate with you, respond to your inquiries, and inform you about important changes or updates.
3. Security: To ensure the security of our service, prevent abuse, and protect our rights.
4. Legal obligations: To fulfill our legal obligations, particularly regarding the retention of business records.
5. QR Code functionality: To provide the QR code functionality you requested and integrate the contact details you have provided into the code.

7. Data Transfer

Our service is hosted by [hosting provider] in the European Union. Data transfer is carried out on the basis of standard contractual clauses. For payment processing, we use Stripe (for credit card payments) and PayPal services. The necessary payment data is transmitted securely as part of contract performance.

8. Your Rights

Under the GDPR, you have extensive rights. You may request information about the personal data we process, have it corrected or deleted, or restrict its processing. You also have the right to receive your data in a structured format. You may object to processing based on our legitimate interest. Consent you have given may be withdrawn at any time.

For questions about the processing of your data or to exercise your rights, feel free to contact us. In addition, you have the right to file a complaint with the Austrian Data Protection Authority (Barichgasse 40-42, 1030 Vienna, dsb@dsb.gv.at).

9. Data Security

Protecting your data is our top priority. We implement comprehensive technical and organizational security measures, including SSL encryption, strict access controls, regular security updates, staff training, and encrypted data storage.

10. Data Retention

Your user account and associated data are retained as long as you do not delete them. Payment-related data is subject to a statutory retention period of seven years. Log data is deleted after seven days, and email communications are deleted after three years from the last contact.

11. Changes

This privacy policy may be adjusted over time, e.g., due to changes in the legal situation or expansions of our service. Changes are made in compliance with applicable data protection regulations. The current version is always available on our website.