Data Processing Controller

The controller for the processing of personal data on this website is:

Lukas Spitaler
info@foci.studio

General Information on Data Processing

We process your personal data only in accordance with the legal provisions of the GDPR and the Austrian Telecommunications Act (TKG 2003). Personal data is any information that relates to an identified or identifiable person.

Processed Data and Purpose of Processing

Personal data (name, email address, company) is only collected if you voluntarily provide it to us as part of a form submission. This data is used solely for processing your request.

Legal Basis for Processing

The processing of your data is based on your consent (Article 6 (1) (a) GDPR). You have the right to withdraw this consent at any time.

Disclosure of Data to Third Parties

Personal data is generally not disclosed to third parties, except when using the following external services:

• Stripe for payment processing

• Calendly for appointment scheduling

These third-party providers may set their own cookies. Please refer to their privacy policies.

Cookies

Our website does not use its own cookies. If you use the Stripe or Calendly services, these providers may set cookies. Please refer to the privacy policies of the providers for more information.

Data Retention Period

Your personal data will only be stored as long as necessary for processing your request. Once the purpose of the storage ceases, your data will be deleted unless legal retention obligations indicate otherwise.

Security of Data Processing

We implement technical and organisational security measures to protect your data against unauthorised access. This website uses SSL encryption for the secure transmission of your data.

Your Rights

You have the following rights under the GDPR:

• Right to Access (Article 15 GDPR)

• Right to Rectification (Article 16 GDPR)

• Right to Erasure (Article 17 GDPR)

• Right to Restrict Processing (Article 18 GDPR)

• Right to Object (Article 21 GDPR)

• Right to Data Portability (Article 20 GDPR)

To exercise these rights, you can contact us at any time using the contact details provided above.

Right to Lodge a Complaint with a Supervisory Authority

If you believe that the processing of your personal data violates the GDPR, you can lodge a complaint with the competent supervisory authority:

If you disagree with the way the data processing is conducted, you have the right to complain to the Austrian Data Protection Authority.