Privacy Policy

Who is responsible for data processing and who can you contact?

yio gmbh
Rudolf Kaspar-Gasse 58
2511 Pfaffstätten
privacy@yio.at

General information

This service is offered exclusively to companies or organizations. However, interaction with us can also occur on a personal level. Therefore, as part of this business relationship, it may require or involve the storage and collection of personal data.

We are committed to processing only the minimum amount of personal data necessary for the use of our services or as required by law. Under no circumstances will we disclose personal data or content to third parties.

What data is processed?

We process the following personal data that we receive from you in the course of our business relationship: company name, full name of the contact person, address, email address, telephone number, date of birth, bank or payment details, information regarding the type and content of the contractual relationship.

For what purposes and on what legal basis is the data processed?

The data is necessary for the fulfillment of the services we offer.

When will my data be deleted?

• Your master data and other personal data will generally be deleted after the contractual relationship has ended. However, this will be no later than after all statutory retention obligations have expired.
• Your traffic data (logs) will be deleted within a period of six months.
• Your content data will be deleted as soon as its processing is no longer necessary for the provision of our services.
• The data may be anonymized instead of deleted.

Who receives my data?

Within our company, your data will be received by those departments or employees who require it to fulfill contractual and legal obligations and legitimate interests (e.g., customer service, technology).

In addition, we use processors commissioned by us:

Authentication

• Identification of the user for logging into our services.
• The personal data processed includes first and last name, date of birth, and municipality of primary residence.
• Name of service provider: Bundesrechenzentrum GmbH (Austria)
• https://www.brz.gv.at/impressum.html

Customer Service

• Ticket system for responding to or clarifying inquiries
• Personal data includes first and last name, email address, company name, position in the company
• Name of service provider: Zammad GmbH
• Country of provider: Germany
• https://zammad.com/de/unternehmen/datenschutz

Data Hosting

• Service provision and storage of content data. Configuration and logging of access and changes by users.
• Personal data includes the user’s username (email address, if applicable) and company name.
• Name of the service provider: various hosting providers (on request, AT, DE, CH)

All processors are legally or contractually obliged to treat your data confidentially and to process it only for the purpose of service provision.

Cookies

The cookies we use are strictly necessary for the purpose of using the service (e.g., configuration of the user environment) and are essential for technical reasons.

Server Logs

We use a hosting provider for our website that is highly sensitive to data protection. Access to our website and every retrieval of a file stored on this website is recorded in log files. The following are logged: name of the file accessed, date, time of access, amount of data transferred, notification of successful access, web browser, requesting domain, client IP address, and search terms. This data is stored exclusively for internal purposes to ensure operation.

Information on Legal Remedies

You have the right to request information, rectification, erasure, restriction, data portability, and to object to processing. Please contact us if you wish to exercise these rights. If you believe that the processing of your data violates data protection law or that your data protection rights have been infringed in any other way, you can lodge a complaint with the supervisory authority. In Austria, the Data Protection Authority is responsible.