Privacy policy
As the controller, we process your personal data in accordance with the provisions below. The controller is stonearts® GmbH, Spohrstraße 29/23/1, 1130 Vienna.
We process your personal data that fall under the following data categories:
- Name/Company
- Occupation/professional title
- Date of birth
- Company register number
- Contact person
- Business address and other addresses of the customer
- Contact details (telephone number, fax number, e-mail address, etc.)
- Bank details, credit card details
- Order data
- VAT number
- Customer service requests
You have provided us with this data about yourself voluntarily and we process this data on the basis of your consent for the following purposes:
- Processing of the order
- Customer support
- for our own advertising purposes, for example for sending offers, advertising brochures and newsletters (in paper and electronic form) and for the purpose of referring to the existing or previous business relationship with the customer (reference).
You can revoke this consent at any time. If you withdraw your consent, we will no longer process your data for the above-mentioned purposes from that point on. To withdraw your consent, please contact: [email protected].
The data provided by you is also required to fulfill the contract or to carry out pre-contractual measures. Without this data, we cannot conclude the contract with you.
We store your data until you withdraw your consent, but in any case as long as the storage of the data is necessary for the proper fulfillment of the contract or there is a legal obligation to retain the data.
We use processors for this data processing. We pass on your data to the following recipients or categories of recipients:
- Forwarding agents/logistics companies: In order to ship the ordered goods to you, we transmit the necessary data to the forwarding agent or logistics company commissioned in each case.
- Credit institution/payment service provider: We use external payment service providers in order to be able to offer you a selection of different payment methods in our online store. Depending on which payment method you select in the booking process, we pass on the data collected for the processing of payments, such as bank details or credit card data, to the credit institution commissioned with the payment or to the payment service provider commissioned by us. If some of the integrated payment service providers collect data themselves (e.g. PayPal), the respective payment service provider/payment provider itself is responsible for the data collected in connection with the payment and the data protection provisions of the respective payment service provider also apply. The legal basis for the transfer is Art. 6 para. 1 sentence 1 lit. b) GDPR (processing is necessary for the performance of a contract).
How to reach us:
stonearts® GmbH
Spohrstraße 29/23/1
1130 Vienna
E-Mail: [email protected]
Information on legal remedies
In principle, you have the right to information, rectification, erasure, restriction of processing, data portability and objection to processing. Please contact us for this. If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. In Austria, the data protection authority is responsible.
Automatic data storage
Nowadays, when you visit websites, certain information is automatically created and stored, including on this website.
When you visit our website as you are doing now, our web server (computer on which this website is stored) automatically saves data such as:
- the address (URL) of the website accessed
- Browser and browser version
- the operating system used
- the address (URL) of the previously visited page (referrer URL)
- the host name and IP address of the device from which access is made
- Date and time
in files (web server log files).
As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass this data on, but we cannot rule out the possibility of this data being viewed in the event of unlawful behavior.
Cookies
Our website uses HTTP cookies to store user-specific data. Below we explain what cookies are and why they are used so that you can better understand the following privacy policy.
What are cookies?
Whenever you surf the Internet, you use a browser. Most websites store small text files in your browser if you allow this via your browser settings. These files are called cookies.
HTTP cookies are small files that are stored by our website on your computer in the cookie folder. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to cookies, our website knows who you are and offers you your preferred settings. Cookies can be stored both as individual files and as a collective cookie file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our website, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "malware". Cookies also cannot access information on your PC.
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly explain the different types of HTTP cookies.
A distinction can be made between 4 types of cookies:
- Essential cookies: These cookies are necessary to ensure basic website functions. For example, these cookies are needed when a user places a product in the shopping cart, then continues surfing on other pages and only goes to the checkout later. These cookies ensure that the shopping cart is not deleted even if the user closes their browser window.
- Purposeful cookies: These cookies collect information about user behavior and whether the user receives any error messages. These cookies are also used to measure the loading time and the behavior of the website with different browsers.
- Targeted cookies: These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.
- Advertising cookies: These cookies are also known as targeting cookies. They are used to deliver customized advertising to the user. When you visit a website for the first time, you are usually asked which of these types of cookie you would like to allow. This decision is also stored in a cookie.
How can I delete cookies?
You decide how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting, deactivating or only partially accepting cookies.
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
- Chrome: Delete, activate and manage cookies in Chrome
- Safari: Managing cookies and website data with Safari
- Firefox: Delete cookies to remove data that websites have stored on your computer
- Internet Explorer: Deleting and managing cookies
- Microsoft Edge: Deleting and managing cookies
If you generally do not want to use cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can then decide for each individual cookie whether or not to allow it. The procedure differs depending on the browser. You can also delete cookies that have already been set at any time via your web browser settings.
What about my data protection?
The so-called "cookie guidelines" have been in place since 2009. These stipulate that the storage of cookies requires your consent. In Austria, this directive was implemented in Section 165 (3) of the Telecommunications Act (TKG).
If you would like to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".
Evaluation of visitor behavior
In the following privacy policy, we inform you whether and how we analyze data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot draw any conclusions about your person from your behavior on this website. You can find out more about how to object to this analysis of your visit data in the following privacy policy.
TLS encryption with https
We use https to transmit data tap-proof on the Internet (data protection through technology design Article 25 (1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol at the top left of the browser and the use of the https scheme (instead of http) as part of our Internet address.
Google Fonts privacy policy
We use Google Fonts on our website. Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services in Europe.
You do not need to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account data will be transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely.
What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge. Many of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are free software licenses.
Why do we use Google Fonts on our website?
With Google Fonts, we can use fonts on our own website and do not have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage, especially for use on mobile devices. When you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can sometimes visually distort texts or entire websites. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts so that we can present our entire online service as beautifully and uniformly as possible.
What data is stored by Google?
When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to the Google server. In this way, Google also recognizes that you or your IP address is visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for the proper provision of fonts. Incidentally, API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector.
Google Fonts stores CSS and font requests securely at Google and is therefore protected. Google can use the collected usage figures to determine how well the individual fonts are received. Google publishes the results on internal analysis pages such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google web service BigQuery to analyze and move large amounts of data.
However, it should also be noted that each Google Font request also automatically transmits information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. It is not clear whether this data is also stored or whether it is clearly communicated by Google.
How long and where is the data stored?
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This allows us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example. The font files are stored by Google for one year. Google's aim is to fundamentally improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce the file size, increase language coverage and improve the design.
How can I delete my data or prevent data storage?
The data that Google stores for one day or one year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=211139540. In this case, you can only prevent data storage if you do not visit our site. Unlike other web fonts, Google allows us unrestricted access to all fonts. We can therefore design our website to be as appealing as possible. You can find out more about Google Fonts and other issues at https://developers.google.com/fonts/faq?tid=211139540. Although Google addresses data protection issues there, it does not provide any really detailed information about data storage. It is relatively difficult to obtain really precise information from Google about stored data.
You can also find out which data is generally collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
Google Analytics privacy policy
We use the analysis tracking tool Google Analytics (GA) of the American company Google Inc. on our website. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services. Google Analytics collects data about your actions on our website. For example, when you click on a link, this action is stored in a cookie and sent to Google Analytics. The reports we receive from Google Analytics help us to better tailor our website and our service to your wishes. In the following, we will go into more detail about the tracking tool and inform you in particular about what data is stored and how you can prevent this.
What is Google Analytics?
Google Analytics is a tracking tool that is used to analyze traffic on our website. For Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions that you perform on our website. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.
Google processes the data and we receive reports about your user behavior. These may include the following reports:
- Target group reports: We use target group reports to get to know our users better and know more precisely who is interested in our service.
- Ad reports: Ad reports make it easier for us to analyze and improve our online advertising.
- Acquisition reports: Acquisition reports provide us with helpful information on how we can get more people interested in our service.
- Behavioral reports: Here we learn how you interact with our website. We can track which route you take on our site and which links you click on.
- Conversion reports: Conversion is a process in which you perform a desired action as a result of a marketing message. For example, when you go from being just a website visitor to a buyer or newsletter subscriber. With the help of these reports, we learn more about how our marketing measures are received by you. This is how we want to increase our conversion rate.
- Real-time reports: Here we always know immediately what is happening on our website. For example, we can see how many users are currently reading this text.
Why do we use Google Analytics on our website?
Our goal with this website is clear: we want to offer you the best possible service. The statistics and data from Google Analytics help us to achieve this goal.
The statistically analyzed data gives us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that it can be found more easily by interested people on Google. On the other hand, the data helps us to better understand you as a visitor. We therefore know exactly what we need to improve on our website in order to offer you the best possible service. The data also helps us to carry out our advertising and marketing measures more individually and cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.
What data is stored by Google Analytics?
Google Analytics uses a tracking code to create a random unique ID that is linked to your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our site, you will be recognized as a "returning" user. All collected data is stored together with this user ID. This is what makes it possible to evaluate pseudonymous user profiles in the first place.
Identifiers such as cookies and app instance IDs are used to measure your interactions on our website. Interactions are all types of actions that you perform on our website. If you also use other Google systems (such as a Google account), data generated via Google Analytics may be linked to third-party cookies. Google does not pass on any Google Analytics data unless we as the website operator authorize this. Exceptions may be made if required by law.
Here we show you an overview of the most important data that is collected with Google Analytics:
- Heatmaps: Google creates so-called heatmaps. Heatmaps allow you to see exactly those areas that you click on. This gives us information about where you are "traveling" on our site.
- Session duration: Google defines session duration as the time you spend on our site without leaving the page. If you have been inactive for 20 minutes, the session ends automatically.
- Bounce rate: A bounce is when you only view one page on our website and then leave our website again.
- Account creation: When you create an account on our website or place an order, Google Analytics collects this data.
- IP address: The IP address is only displayed in abbreviated form so that no clear assignment is possible.
- Location: The IP address can be used to determine the country and your approximate location. This process is also known as IP location determination.
- Technical information: Technical information includes your browser type, your internet provider or your screen resolution.
- Source of origin: Google Analytics and we are of course also interested in which website or which advertisement brought you to our site.
Other data includes contact details, any ratings, playing media (e.g. when you play a video on our site), sharing content via social media or adding it to your favorites. The list is not exhaustive and is only intended to provide a general overview of data storage by Google Analytics.
How long and where is the data stored?
Google has distributed its servers all over the world. Most of the servers are located in America and therefore your data is mostly stored on American servers. Here you can read exactly where the Google data centers are located: https://www.google.com/about/datacenters/inside/locations/?hl=de
Your data is distributed on different physical data carriers. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. There are appropriate emergency programs for your data in every Google data center. If, for example, the hardware at Google fails or natural disasters paralyze servers, the risk of a service interruption at Google remains low. Google Analytics has a standard retention period of 26 months for your user data. Your user data will then be deleted. However, we have the option of choosing the retention period for user data ourselves. Five options are available for this:
- Deletion after 14 months
- Deletion after 26 months
- Deletion after 38 months
- Deletion after 50 months
- No automatic deletion
Once the specified period has expired, the data will be deleted once a month. This retention period applies to your data linked to cookies, user recognition and advertising IDs (e.g. DoubleClick domain cookies). Reporting results are based on aggregated data and are stored independently of user data. Aggregated data is an amalgamation of individual data into a larger unit.
How can I delete my data or prevent data storage?
Under European Union data protection law, you have the right to obtain information about your data and to update, delete or restrict it. You can use the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js) to prevent Google Analytics from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only deactivates data collection by Google Analytics.
If you want to deactivate, delete or manage cookies (independently of Google Analytics), there are separate instructions for each browser:
- Chrome: Delete, activate and manage cookies in Chrome
- Safari: Managing cookies and website data with Safari
- Firefox: Delete cookies to remove data that websites have stored on your computer
- Internet Explorer: Deleting and managing cookies
- Microsoft Edge: Deleting and managing cookies
Google Analytics is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information about this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=211139540. We hope we have been able to provide you with the most important information about data processing by Google Analytics. If you would like to find out more about the tracking service, we recommend these two links: http://www.google.com/analytics/terms/de.html and https://support.google.com/analytics/answer/6004245?hl=de.
Google Analytics IP anonymization
We have implemented IP address anonymization from Google Analytics on this website. This function was developed by Google so that this website can comply with the applicable data protection regulations and recommendations of the local data protection authorities if they prohibit the storage of the full IP address. The anonymization or masking of the IP takes place as soon as the IP addresses arrive in the Google Analytics data collection network and before any storage or processing of the data takes place.
You can find more information on IP anonymization at https://support.google.com/analytics/answer/2763052?hl=de.
Google Analytics reports on demographic characteristics and interests
We have activated the functions for advertising reports in Google Analytics. The reports on demographic characteristics and interests contain information on age, gender and interests. This allows us to get a better picture of our users without being able to assign this data to individual persons. You can find out more about the advertising functions at https://support.google.com/analytics/answer/3450482?hl=de_AT&utm_id=ad.
You can stop the use of the activities and information of your Google account under "Settings for advertising" at https://adssettings.google.com/authenticated via a checkbox.
Verwendung von Microsoft Clarity
Wir verwenden auf unserer Website den Dienst Microsoft Clarity, bereitgestellt von der Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA („Microsoft“), um das Nutzerverhalten auf unserer Website zu analysieren und unser Angebot entsprechend zu optimieren.
Beschreibung und Umfang der Datenverarbeitung
Microsoft Clarity ermöglicht es uns, Interaktionen von Besuchern mit unserer Website zu erfassen und auszuwerten. Dabei werden Informationen wie Mausbewegungen, Klicks, Scroll-Verhalten, besuchte Seiten und Sitzungsdauer aufgezeichnet. Diese Daten helfen uns, die Benutzerfreundlichkeit unserer Website zu verbessern. Die erfassten Informationen können mit Daten verknüpft werden, die ohne direkte Zuordnung zu Ihrer Person erhoben werden.
Rechtsgrundlage für die Datenverarbeitung
Die Verarbeitung Ihrer Daten erfolgt auf Grundlage Ihrer Einwilligung gemäß Art. 6 Abs. 1 lit. a DSGVO. Sie können Ihre Einwilligung jederzeit mit Wirkung für die Zukunft widerrufen, indem Sie Ihre Cookie-Einstellungen anpassen oder das Tracking über die entsprechende Funktion in unserem Cookie-Banner deaktivieren.
Empfänger der Daten und Übermittlung in Drittstaaten
Die erhobenen Daten werden an Server von Microsoft in den USA übertragen und dort gespeichert. Microsoft ist unter dem EU-US Data Privacy Framework zertifiziert, wodurch ein angemessenes Datenschutzniveau gewährleistet ist.
Dauer der Speicherung
Die durch Microsoft Clarity erhobenen Daten werden für einen Zeitraum von maximal 12 Monaten gespeichert und danach automatisch gelöscht.
Pflicht zur Bereitstellung der Daten
Die Bereitstellung Ihrer personenbezogenen Daten ist weder gesetzlich noch vertraglich vorgeschrieben. Sie sind nicht verpflichtet, diese Daten bereitzustellen. Die Nichtbereitstellung hat keine negativen Konsequenzen für Sie.
Automatisierte Entscheidungsfindung
Eine automatisierte Entscheidungsfindung oder Profiling findet nicht statt.
Widerruf der Einwilligung
Sie können Ihre Einwilligung zur Datenverarbeitung durch Microsoft Clarity jederzeit mit Wirkung für die Zukunft widerrufen, indem Sie auf folgenden Link klicken und das Tracking deaktivieren: [Link zu den Cookie-Einstellungen] oder die Cookies in Ihrem Browser löschen.
Weitere Informationen
Weitere Informationen zur Datenverarbeitung und zum Datenschutz bei Microsoft Clarity finden Sie in der Datenschutzerklärung von Microsoft: https://privacy.microsoft.com/de-de/privacystatement.
