Privacy Policy

1. Introduction

Thank you for your interest in our website and our services.
We, Max and Me GmbH, attach great importance to the protection of your personal data. We treat all data entrusted to us with strict confidentiality and handle it responsibly. In accordance with statutory and contractual obligations—particularly the applicable data protection laws—we consider this to be a core obligation of any web and internet service provider.

For this reason, and in compliance with the relevant data protection provisions, especially the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG 2018), we hereby inform you about the processing of your data, the purposes thereof, and the resulting rights to which you are entitled.

2. Controller

The processing of data on the website www.maxandme.at is carried out at the time of data collection by the controller:

Max and Me GmbH, Mag. Tanja Gruber
Oskar-Jascha-Gasse 77, 1130 Vienna
T: +43 664 3075479
E: info@maxandme.at

You may also contact us via the above details to exercise any data subject rights.

3. Collection and Processing of Personal Data

3.1 Visit to our Website

When accessing our website for purely informational purposes—i.e., if you do not otherwise transmit personal data to us—your browser automatically transmits personal data to our servers for technical reasons. These data are required to display the website and ensure stability and security within the meaning of Art. 6(1)(f) GDPR, including traceability in case of errors and sustainable error resolution.

The following information is collected:

  • Visited pages
  • Date and time of access
  • Amount of data transmitted (bytes)
  • Referring website (source/reference URL)
  • Browser used, including language and version
  • Operating system
  • IP address

These data are stored in log files.

3.2 Purposes of Log File Processing

The data collected serve the following purposes:

  • Prevention and resolution of unlawful use of website content
  • Improvement of the website
  • Statistical analysis

3.3 Statistical Evaluation using “Advanced Web Statistics”

This website uses Matomo (formerly Piwik), an open source software for the statistical analysis of visitor access. Matomo is operated on our own server in Austria and all analysis data is not passed on to third parties.

What data is collected?

When you access our website, Matomo, among other things, uses: the following data is processed:

  • shortened/anonymized IP address
  • Pages and files accessed
  • Date and time of access
  • Referrer URL (the previously visited website)
  • browser used and the operating system
  • Device type (desktop, tablet, smartphone)
  • The IP address is anonymized before storage so that direct personal reference is no longer possible.

Matomo uses cookies. These cookies help us analyze the use of the website and improve our offering. Storage will only take place with your consent in accordance with Art. 6 Para. 1 lit. a GDPR.

Legal basis

The data is processed on the basis of Art. 6 Para. 1 lit. f GDPR (legitimate interest), as we have an interest in the anonymized analysis of user behavior in order to optimize our website.

Storage period

The stored data is only kept for as long as it is necessary for the analysis and is then automatically deleted.

Objection to data collection

You can object to the processing of your data by Matomo at any time:

  • You can prevent collection by activating the “Do Not Track” function in your browser.

4. Log Files of the Hosting Provider

The web servers operated or leased by Internetkonzepte.at GmbH store log files documenting accesses to individual pages, including date, time, and visitor IP address. These log files are stored for 30 days and then deleted.

5. Cookies

5.1 Types of Cookies Used

We use transient cookies, including session cookies, which store a session ID enabling assignment of multiple browser requests to a single session. These are deleted automatically when the browser is closed or the user logs out.

5.2 Managing Cookies

You may configure your browser to refuse third-party or all cookies. However, this may impair website functionality.

5.3 Additional Personal Data

Personal data such as name, address, phone number, or email address are only collected if you voluntarily provide them (e.g., newsletter registration, contact forms). Such data are processed solely for handling your request. No transmission to third parties occurs unless explicitly specified.

6. Data Storage, Data Access, and Data Security

6.1 Access by Third Parties

Only those companies explicitly mentioned in this Privacy Policy may access your data.

Our website is hosted by a specialized service provider, who may access data only to the technically necessary minimum extent.

Hosting Provider:
INTERNETKONZEPTE.AT GmbH
FN 207077a; UID: ATU 51305902
Hochstraße 32a, 2380 Perchtoldsdorf
T: +43 1 9076127
E: office@internetkonzepte.at

They are not authorized to use or forward the data for their own purposes.

6.2 Security Measures

Your personal data are protected by:

  • Encrypted transmission (SSL/HTTPS)
  • Access-protected and externally inaccessible storage
  • Physical security measures for servers
  • Continuous technological updates
  • Regular software and hardware maintenance
  • Permanent server monitoring
  • Backup management

Physical security measures are provided by our hosting provider.

Data collected during your visit remain stored for up to 30 days unless otherwise stated in this Privacy Policy.

7. Contact via Email, Letter, Phone, or Fax

When you contact us, we store the data you provide (name, address, phone number, email address, and any case-specific information) to process your inquiry.

Data are deleted when no contract is concluded and storage is no longer required, or data processing is limited to the statutory minimum if retention obligations apply.

For newsletter registrations, contact forms, or other web-based submissions, data are stored only as long as required for the respective purpose.

8. Social Media Plug-Ins

Our website offers connections to social networks via deactivated social media plug-ins (2-click solution).
Data are transferred only after manual activation by the user.

Upon activation:

  • The selected service receives your IP address.
  • If logged into the respective service, the visit may be associated with your user account.
  • We have no knowledge of the transmitted data or its use.

You consent to data transfer by activating a plug-in.

Privacy policies of the respective services:
- Facebook Ireland Ltd.: https://de-de.facebook.com/policy.php
- Google Inc.: https://www.google.com/intl/de_ALL/policies/privacy
- Twitter International Company: https://twitter.com/privacy?lang=de
- Instagram LLC: https://help.instagram.com/155833707900388
- YouTube LLC: https://www.youtube.com/t/impressum

9. Use of Google Analytics

Our websites use Google Analytics, a web analytics service provided by Google Inc. Google Analytics uses cookies to enable analysis of website usage.

To protect your privacy, Google Analytics is configured to anonymize your IP address immediately after transmission within the EU/EEA (“anonymizeIp”).

Google processes this information on our behalf for usage analysis and reporting. IP addresses transmitted by your browser will not be combined with other Google data.

By using our website, you consent to:

  • the storage of cookies, and
  • the processing of your personal data by Google as described above.

You may prevent cookie storage via browser settings. You may also prevent Google Analytics from collecting data by installing the browser plug-in available at: http://tools.google.com/dlpage/gaoptout?hl=de.

Further information: www.google.com/intl/de/analytics/privacyoverview.html.

10. Logging of Email Communication / Webmail

For system security and malware detection, our (including leased) email servers log metadata of email traffic, including:

  • Sender/recipient email address, IP address, hostname
  • Number of recipients
  • Subject
  • Date and time
  • Names of attachments
  • Message size
  • Spam and risk classification
  • Delivery status

Spam and malware screening is automated, with manual review only in rare cases.

11. Data Security

We take all necessary and appropriate technical and organizational measures to protect your personal data against loss or misuse. Communication via our website is encrypted via HTTPS.

Please note that standard email communication is not guaranteed to be confidential. For sensitive information, please use our contact form or another secure method.

12. Your Rights

According to Art. 13(2)(b) GDPR, you have the following rights regarding your personal data:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to object to processing
  • Right to data portability

Under Art. 13(2)(d) GDPR, you also have the right to lodge a complaint with the supervisory authority.

We may require proof of identity depending on the nature of your request.

Repeated requests for information may incur fees under Art. 15(3) GDPR.
The right to receive a copy (Art. 15(1)(b) GDPR) must not affect the rights and freedoms of others.

13. Amendments

This Privacy Policy reflects the current legal situation.
We reserve the right to update or amend it in the future. We recommend reviewing it periodically to stay informed about the use of your personal data.