Data Processing Controller
The controller for the processing of personal data on this website is:
Lukas Spitaler
info@foci.studio
General Information on Data Processing
We process your personal data only in accordance with the legal provisions of the GDPR and the Austrian Telecommunications Act (TKG 2003). Personal data is any information that relates to an identified or identifiable person.
Processed Data and Purpose of Processing
Personal data (such as name, email address, and company name) is only collected if you voluntarily provide it to us through a form submission. This data is used solely for processing your request or for sending you requested resources via email.
Automated responses may be sent via a third-party automation platform (Make.com), based on the information you provide.
Legal Basis for Processing
The processing of your data is based on your consent (Article 6 (1) (a) GDPR). You have the right to withdraw this consent at any time.
Disclosure of Data to Third Parties
Personal data is generally not disclosed to third parties, except when using the following external services:
Stripe for payment processing
Cal.com for appointment scheduling
Make.com for automated responses to form submissions
These third-party providers may set their own cookies. Please refer to their privacy policies.
Cookies
Our website does not use its own cookies. If you use the third-party services, these providers may set cookies. Please refer to the privacy policies of the providers for more information.
Analytics
We use Umami to collect anonymised data about website usage without setting any cookies or collecting personal data. This tool is GDPR-compliant and does not store identifiable information.
Data Retention Period
Your personal data will only be stored as long as necessary for processing your request. Once the purpose of the storage ceases, your data will be deleted unless legal retention obligations indicate otherwise.
Security of Data Processing
We implement technical and organisational security measures to protect your data against unauthorised access. This website uses SSL encryption for the secure transmission of your data.
Your Rights
You have the following rights under the GDPR:
Right to Access (Article 15 GDPR)
Right to Rectification (Article 16 GDPR)
Right to Erasure (Article 17 GDPR)
Right to Restrict Processing (Article 18 GDPR)
Right to Object (Article 21 GDPR)
Right to Data Portability (Article 20 GDPR)
To exercise these rights, you can contact us at any time using the contact details provided above.
Right to Lodge a Complaint with a Supervisory Authority
If you believe that the processing of your personal data violates the GDPR, you can lodge a complaint with the competent supervisory authority:
Austrian Data Protection Authority
Barichgasse 40–42
1030 Vienna
dsb@dsb.gv.at
www.dsb.gv.at
If you disagree with the way the data processing is conducted, you have the right to complain to the Austrian Data Protection Authority.