Privacy Policy

Introduction

turbomonolith GmbH ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you visit our website or use our services. As a company based in Austria, we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller

turbomonolith GmbH is the data controller responsible for your personal data. Our contact details are:

Data Collection

The data we collect from you may include the following categories of personal information:

• Contact Information: Name, email address, phone number, company name, and postal address when you contact us or request our services
• Technical Data: IP address, browser type and version, operating system, device information, and website usage patterns
• Communication Data: Records of correspondence, enquiries, and support requests
• Marketing Data: Your preferences for receiving marketing communications and information about our services
• Website Analytics: Information about how you navigate and interact with our website

How We Use Your Information

We use of your data for the following legitimate business purposes, based on our lawful grounds for processing:

• Service Delivery: To provide, maintain, and improve our enterprise software solutions and technical support
• Communication: To respond to your enquiries, provide customer support, and send service-related notifications
• Business Operations: To manage our relationship with you, process payments, and fulfil contractual obligations
• Marketing: To send you information about our services, industry insights, and promotional materials (with your consent)
• Analytics: To analyse website performance, user behaviour, and improve our services
• Legal Compliance: To comply with legal obligations, resolve disputes, and enforce our agreements

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Consent: When you have given clear consent for specific processing activities
• Contract Performance: When processing is necessary to fulfil our contractual obligations to you
• Legitimate Interests: For our legitimate business interests, such as improving services and marketing
• Legal Obligation: When we must process data to comply with legal requirements

Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

• Service Providers: Trusted third-party vendors who assist with hosting, analytics, email delivery, and payment processing
• Professional Advisors: Legal, accounting, and consulting firms when necessary for business operations
• Regulatory Authorities: When required by law or to protect our rights and interests
• Business Transfers: In connection with mergers, acquisitions, or asset sales (with appropriate safeguards)

International Data Transfers

When we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as adequacy decisions, Standard Contractual Clauses, or other approved transfer mechanisms under GDPR.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy. Our retention periods are based on business needs, legal requirements, and the nature of the data:

• Contact enquiries: Up to 3 years from last contact
• Client data: Duration of contract plus 7 years for legal compliance
• Marketing data: Until you withdraw consent or we determine it's no longer needed
• Website analytics: 26 months (Google Analytics default)

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Access: Request a copy of your personal data we hold
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your data under certain circumstances
• Restriction: Request limitation of processing in specific situations
• Data Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interests or for direct marketing
• Withdraw Consent: Withdraw consent at any time where processing is based on consent

Security Measures

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us about data protection matters, please reach out to us:

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have not handled your personal data in accordance with data protection law. In Austria, the competent authority is the Austrian Data Protection Authority (Datenschutzbehörde).

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Governing Law

This Privacy Policy is governed by Austrian law and European Union data protection regulations. Any disputes arising from this policy shall be subject to the jurisdiction of Austrian courts.