Privacy Policy

Privacy Policy

Privacy Policy

Data Processing Controller

The controller for the processing of personal data on this website is:

Lukas Spitaler
info@foci.studio

General Information on Data Processing

We process your personal data only in accordance with the legal provisions of the GDPR and the Austrian Telecommunications Act (TKG 2003). Personal data is any information that relates to an identified or identifiable person.

Processed Data and Purpose of Processing

Personal data (such as name, email address, and company name) is only collected if you voluntarily provide it to us through a form submission. This data is used solely for processing your request or for sending you requested resources via email.

Automated responses may be sent via a third-party automation platform (Make.com), based on the information you provide.

Legal Basis for Processing

The processing of your data is based on your consent (Article 6 (1) (a) GDPR). You have the right to withdraw this consent at any time.

Disclosure of Data to Third Parties

Personal data is generally not disclosed to third parties, except when using the following external services:

  • Stripe for payment processing

  • Cal.com for appointment scheduling

  • Make.com for automated responses to form submissions

These third-party providers may set their own cookies. Please refer to their privacy policies.

Cookies

Our website does not use its own cookies. If you use the third-party services, these providers may set cookies. Please refer to the privacy policies of the providers for more information.

Analytics

We use Umami to collect anonymised data about website usage without setting any cookies or collecting personal data. This tool is GDPR-compliant and does not store identifiable information.

Data Retention Period

Your personal data will only be stored as long as necessary for processing your request. Once the purpose of the storage ceases, your data will be deleted unless legal retention obligations indicate otherwise.

Security of Data Processing

We implement technical and organisational security measures to protect your data against unauthorised access. This website uses SSL encryption for the secure transmission of your data.

Your Rights

You have the following rights under the GDPR:

  • Right to Access (Article 15 GDPR)

  • Right to Rectification (Article 16 GDPR)

  • Right to Erasure (Article 17 GDPR)

  • Right to Restrict Processing (Article 18 GDPR)

  • Right to Object (Article 21 GDPR)

  • Right to Data Portability (Article 20 GDPR)

To exercise these rights, you can contact us at any time using the contact details provided above.

Right to Lodge a Complaint with a Supervisory Authority

If you believe that the processing of your personal data violates the GDPR, you can lodge a complaint with the competent supervisory authority:

Austrian Data Protection Authority
Barichgasse 40–42
1030 Vienna
dsb@dsb.gv.at
www.dsb.gv.at

If you disagree with the way the data processing is conducted, you have the right to complain to the Austrian Data Protection Authority.