Privacy policy

The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the applicable legal provisions (EU General Data Protection Regulation DSGVO, TKG 2003). In this data protection information, we inform you about the most important aspects of data processing within the scope of our activities. The use of our website is generally possible without providing personal data. Should you enter personal data, e.g. for the purpose of contacting us or subscribing to a newsletter, we will pass on the necessary information to companies that process data on our behalf (e.g. send the newsletter). We only commission companies that are subject to the General Data Protection Regulation.

Encrypted transmission

For security and data protection reasons, this website uses SSL encryption, which prevents third parties from intercepting and reading the data you enter during transmission. You can recognize active encryption by the padlock or similar symbols in the address bar of your browser.

Contact with us

If you contact us by form on the website, by e-mail or by other means, the data you provide (e.g. name, e-mail address, telephone number, need for advice) will be stored by us for one year for the purpose of processing the inquiry and in case of follow-up questions. Should a contract result from the inquiry, the legal retention periods apply. We do not pass on this data without your consent. The data processing is based on Art 6 para 1 lit b (performance of contract) and Art 6 para 1 lit a (consent) of the DSGVO.

Server protocols

The server from which this website is provided stores information that is automatically transmitted to us by your browser in so-called log files. These are:- Browser type and browser version- Operating system used- The page (URL) from which you came to us- The IP address of the accessing computer- Time of the requestThis data is used exclusively for technical monitoring of the web server (utilization, optimization, error detection, security) and is absolutely necessary for this purpose. They are not linked to other data sources, so that they cannot be assigned to individual persons. They are deleted after three monthsThe data processing is based on Art 6 para 1 lit f (legitimate interests) of the DSGVO. The legitimate interest in the sense of the DSGVO here is the proper and secure functioning of the website.

Google Fonts

We use fonts from Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA on our website. When you view our website, your browser downloads these fonts from Google.Google Fonts are used without login and no cookies are sent to Google. If you are logged in to Google when you visit our website, your Google account data will not be transmitted to Google. Google only records the use of the corresponding fonts and stores this data securely.You can find details about this at https://developers.google.com/fonts/faq. Please also refer to the Google privacy policy at https://www.google.com/intl/de/policies/privacy/, where you will find more information about the data processed.The data processing is based on Art 6 para 1 lit f (legitimate interests) of the DSGVO. The legitimate interest in the sense of the DSGVO is the appealing design of the website.

Cookies

Our website uses so-called cookies. These are small text files that are stored on your terminal device with the help of the browser. They do not cause any damage. We use cookies to make our offer user-friendly. Some cookies remain stored on your end device until you delete them. They enable us to recognize your browser on your next visit.Some of these cookies are necessary for the operation of the website and are used to log in and store your consent to cookies that are not necessary. If you do not want the necessary cookies to be stored, you can set up your browser so that it informs you about the setting of cookies and you only allow this in individual cases. The legal basis for the use of necessary cookies is Art 6 para 1 lit f (legitimate interests) of the DSGVO. Legitimate interests within the meaning of the DSGVO are the proper and secure functioning of the website and the optimization of our offer.

Appointment scheduling

For scheduling appointments, we use the services of Calandly Inc, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA:Calendly processes the data you enter (name, email address, and optionally information about the consulting topic) for the purpose of scheduling a consulting appointment. This information is passed on to us.Calendly also processes access logs (as described under "Server Logs"), sets cookies, and uses Google Analytics to collect statistics about the use of your website. The purpose of this data processing is to provide the service, i.e. booking appointments, to improve the product and to comply with legal requirements. Details about the use of data by Calendly can be found here: https://calendly.com/pages/privacy. The data processing is carried out on the basis of Art 6 para 1 lit b (performance of contract) and Art 6 para 1 lit f (legitimate interests) of the DSGVO. The legitimate interest in the sense of the DSGVO is here the simple and effective booking of appointments by our customers. We store the data from an appointment booking until the expiry of the retention period under tax law (7 years). Calendly stores the data only as long as it is absolutely necessary to provide the service or for the other purposes mentioned above.We have entered into a processor agreement with Calendly, in which Calendly undertakes to comply with the standard contractual clauses defined by the EU Commission.
Use of Zoom for consulting

We use the online video conferencing solution Zoom for consulting sessions with your consent. Zoom is a service provided by Zoom Video Communications Inc, San Jose, 55 Almaden Boulevard, 6th Floor, CA 95113, USA. When we communicate using Zoom, the content of the conversation (i.e., audio and video) is encrypted so that only the participants in the conversation can access it. No recordings are made. However, Zoom also processes information entered by you, such as your name, phone number or email address, and automatically collected data such as your IP address, the MAC address of the device you are using, the operating system, the client software you are using, camera, microphone and speaker type, whether you are transmitting audio via phone or VoIP, and whether you are participating in the conversation with or without video. In addition, the duration of the conversation, their name in the conversation and the content of the chat are processed. The data processing is based on Art 6 para 1 lit a or Art 9 para 1 lit a (consent) of the DSGVO. Zoom stores the data only as long as it is necessary to provide the service or for the other purposes mentioned above. We have concluded a processor agreement with Zoom, in which Zoom undertakes to comply with the standard contractual clauses defined by the EU Commission. Further details on data processing by Zoom can be found here: https://zoom.us/de-de/privacy.html

Data processing in the context of financial accounting

For the purpose of financial accounting, we store the following data of our customers: Name, address, telephone number, e-mail address, VAT. ID. If you have agreed to a direct debit order (SEPA direct debit mandate), also your bank details. This data is not passed on, with the exception of the transmission to the processing banking institutions/payment service providers for the purpose of direct debiting, as well as to our tax advisor for the purpose of accounting and to fulfill our tax obligations. The data is stored exclusively within the EU. The data provided by you is necessary for the fulfillment of the contract or for the implementation of pre-contractual measures. Without this data we cannot conclude and fulfill the contract with you. All data from a contractual relationship will be stored until the expiry of the retention period under tax law (7 years).The data processing is carried out on the basis of Art 6 para 1 lit c (legal requirements) of the DSGVO and Art 6 para 1 lit b (necessary for the performance of the contract) of the DSGVO.

Conducting consulting sessions and customer support

We treat the content of consulting sessions as strictly confidential and do not store or document any conversation content. We will only communicate confidential or sensitive information within the meaning of the GDPR in the context of encrypted Zoom conferences, in person or on the phone, unless you explicitly or implicitly request us to do so, e.g. by asking a question via email. We will communicate by email only non-sensitive information such as appointment bookings or billing. The data you provide is necessary for the performance of the contract or for the implementation of pre-contractual measures. Without this data, we cannot conclude and fulfill the contract with you. Data will only be transferred to third parties with your express permission. All data from a contractual relationship will be stored until the expiry of the retention period under tax law (7 years). Access data to systems used by the customer will be deleted immediately after the end of the contract. Data processing is based on the legal provisions of § 96 para 3 TKG and Art 9 para 1 lit a (consent) and / or Art 6 para 1 lit b (necessary for the performance of the contract) of the DSGVO.

Your rights

You are generally entitled to the rights of information, correction, deletion, restriction, data portability, revocation and objection. Corresponding requests can be addressed to the e-mail address hello@mindstories.at. If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been violated in some way, you can complain to the supervisory authority. In Austria, this is the data protection authority.

You can reach us at the following contact details:
hello@mindstories.at