• Privacy Policy

    We, Zettasecure GMBH, take data protection very seriously. In the following, we inform you about your rights and why we process which of your personal data.

  • Personal Data

    We collect, process and use your personal data only with your consent, on basis of your order for the purposes agreed with you or if there is another legal basis in accordance with the GDPR; this in compliance with data protection and civil law provisions.

    Only such personal data is collected that is required for the implementation and processing of our services or that you have voluntarily provided to us.

    Personal data are all data that contain individual details about personal or factual circumstances, for example name, address, email address, telephone number, date of birth, age, gender, social security number, video recordings, photos, voice recordings of persons as well as biometric data such as fingerprints.

  • Person in Charge

    Person responsible for data processing: Philipp Mandl, Zettasecure GMBH, Stubenring 24, 1010 Vienna, Austra, phone no.: +43 670 404 65 86, E-Mail: [email protected]

    Please address any inquiries regarding data protection to: [email protected] for the attention of Mr. Philipp Mandl

  • Purpose of data processing and processed data within the scope of the order

    In order to fulfill your order, e.g. the order of IT software, we process not only the main data (name, address, contact data, etc.) but also all data provided to us as well as data made known to us in the course of the order and collected - also by third parties - both in electronic and non-electronic form. As already stated, we only collect and process personal data that is contractually or legally required for the performance and processing of our services or that you have voluntarily provided to us.

    We process this data in accordance with:

    • Art 6 para 1 lit a) GDPR: based on your consent.
    • Art 6 para 1 lit b) GDPR: for the fulfillment of your order, thus for the fulfillment of a contract or for the execution of pre-contractual measures.
    • Art 6 para 1 lit c) GDPR: due to legal obligations
    • Art 6 para 1 lit f) GDPR: on the basis of a legitimate interest
  • Data processing in the context of website use

    During the use of our website, i.e. if you do not use the contact form or otherwise transmit information to us (e.g. contact us directly via the website), we do not collect any personal data, with the exception of the data that your browser automatically transmits (so-called server log files, which are automatically transmitted by your browser to enable you to visit our website).

    These are:

    • IP address
    • Date and time of access
    • Duration of the access
    • Source/reference from which you came to the site
    • Content of the request (which specific page was accessed)
    • Access status in case of error messages
    • Browser and browser version
    • operating system
    • Amount of data sent in bytes

    We process this data on the basis of a legitimate interest pursuant to Art 6 para 1 lit f) GDPR, namely to optimize this website in terms of user-friendliness and attractiveness of our website as well as to increase the security of our website and to be able to detect and track attacks on our website.


    We use "cookies" when operating our website in order to ensure the functionality of individual components of the website. These are small text files that are stored on your end device (e.g. PC, laptop, tablet, cell phone). Cookies serve to improve the user-friendliness of the website.

    What exactly are cookies?

    Whenever you browse the Internet, you use a browser. Popular browsers are for instance Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

    One thing can't be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, effectively the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

    Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser transmits the "user-related" information back to our site. Thanks to cookies, our site knows who you are and offers you your usual default setting. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.

    There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. Also, the expiration time of a cookie varies from a few minutes to a few years. Cookies are no software programs and do not contain viruses, Trojans or other malware. Cookies also cannot access information on your PC.

    For example, cookie data may look like this:

    • name: _ga
    • expiration time: 2 years
    • usage: Differentiation of website visitors
    • Exemplary value: GA1.2.1326744211.152221091071

    A browser should support the following minimum sizes:

    • A cookie should be able to contain at least 4096 bytes
    • At least 50 cookies should be able to be stored per domain
    • A total of at least 3000 cookies should be able to be stored

    What types of cookies are there?

    The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

    We can distinguish 4 types of cookies:

    Essential cookies

    These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user adds a product to the shopping cart, then continues surfing on other pages and later goes to the checkout. Through these cookies, the shopping cart is not deleted even if the user closes his browser window.

    Functional cookies

    These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and the behavior of the website with different browsers.

    Targeting cookies

    These cookies provide a better user experience. For example, entered locations, font sizes or form data are stored.

    Advertising cookies

    These cookies are also called targeting cookies. They are used to deliver customized advertising to the user. This can be very convenient, but also very annoying. Usually, when you visit a website for the first time, you are asked which of these cookie types you want to allow. And, of course, this decision is also stored in a cookie.

    How can I delete cookies?

    You decide how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete, only partially allow or disable cookies. For example, you can block third-party cookies, but allow all other cookies.

    If you want to determine which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

    • Chrome: Delete, enable and manage cookies in Chrome.
    • Safari: Manage cookies and website data with Safari.
    • Firefox: Delete cookies to remove data that websites have placed on your computer.
    • Internet Explorer: delete and manage cookies.
    • Microsoft Edge: delete and manage cookies.

    If you do not want to have any cookies in principle, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether you allow the cookie or not. The procedure varies depending on the browser. The best way is to search the instructions in Google with the search term "delete cookies Chrome" or "disable cookies Chrome" in case of a Chrome browser or exchange the word "Chrome" for the name of your browser, e.g. Edge, Firefox, Safari.

    What about my privacy?

    The so-called "Cookie Guidelines" have been in place since 2009. These state that the storage of cookies requires the consent of the website visitor (i.e. you). Within the EU countries, however, there are still very different reactions to these directives. In Austria, however, this directive was implemented in Section 96 (3) of the Telecommunications Act (TKG).

    If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Internet Engineering Task Force (IETF) Request for Comments called "HTTP State Management Mechanism".

    For more information on IP anonymization, please visit https://support.google.com/analytics/answer/2763052?hl=de.

    You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited.

    Google Analytics: Privacy and opt-out

    This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses so-called "cookies" (text files), which are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. In the case of activation of IP anonymization on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout

    General information on Google Analytics and data protection can be found in Google's Privacy Center. This website has been extended by the "anonymizeIp" function to ensure anonymized collection of IP addresses (so-called IP masking).

    Contact form

    If you use the contact form provided on our website, we process the data you provide in order to be able to answer your inquiry.The data collected in the course of using the website will not be passed on to third parties unless this is necessary in individual cases or you have consented to this transfer. Exceptions to this are transfers to order processors. These are used for the creation and maintenance as well as the hosting of our website.

    Privacy policy Cloudflare

    We use Cloudflare on this website from Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) to make our website faster and more secure. In doing so, Cloudflare uses cookies and processes user data. Cloudflare, Inc. is an American company that provides a content delivery network and various security services. These services are located between the user and our hosting provider. What this all means exactly, we will try to explain in more detail below.

    A Content Delivery Network (CDN), is nothing more than a network of connected servers. Cloudflare has distributed such servers all over the world in order to bring websites to your screen faster. Simply put, Cloudflare creates copies of our website and places them on their own servers. Now, when you visit our website, a system of load balancers ensures that the largest portions of our website are delivered from the server that can display our website to you the fastest. The distance of data transfer to your browser is significantly shortened by a CDN. Thus, the content of our website will be delivered to you by Cloudflare not only from our hosting server, but from servers all over the world. The use of Cloudflare will be especially helpful for users from abroad, as here the site can be delivered from a server nearby. Apart from fast website delivery, Cloudflare also offers various security services, such as DDoS protection or web application firewall.

    Why do we use Cloudflare on our website?

    Of course we want to offer you the best possible service with our website. Cloudflare helps us to make our website faster and more secure. Cloudflare provides us with web optimizations as well as security services, such as DDoS protection and web firewall. This also includes a reverse proxy and content distribution network (CDN). Cloudflare blocks threats and limits abusive bots and crawlers that waste our bandwidth and server resources. By storing our website on local data centers and blocking spam software, Cloudflare enables us to reduce our bandwidth usage by about 60%. Serving content through a data center near you and some web optimizations performed there reduces the average web page load time by about half. Using the "I'm Under Attack Mode" setting can mitigate further attacks, according to Cloudflare, by displaying a JavaScript computational task to solve before a user can access a web page. Overall, this makes our website much more powerful and less vulnerable to spam or other attacks.

    What data is processed by Cloudflare?

    Cloudflare generally only forwards data that is controlled by website operators. Thus, the content is not determined by Cloudflare, but always by the website operator itself. In addition, Cloudflare may collect certain information about the use of our website and process data that is sent by us or for which Cloudflare has received appropriate instructions. In most cases, Cloudflare receives data such as IP address, contact and log info, security fingerprints, and website performance data. Log data helps Cloudflare detect new threats, for example. This allows Cloudflare to provide a high level of security protection for our website. Cloudflare processes this data as part of its services in compliance with applicable laws. This also includes the General Data Protection Regulation (GDPR).

    For security reasons, Cloudflare also uses a cookie. The cookie (__cfduid) is used to identify individual users behind a shared IP address and apply security settings for each individual user. For example, this cookie becomes very useful when you use our website from a location where there are a number of infected computers. However, if your computer is trustworthy, we can recognize this from the cookie. Thus, despite infected PCs in your environment, you can surf our website unhindered and worry-free. It is also important to know that this cookie does not store any personal data. This cookie is absolutely necessary for the Cloudflare security features and cannot be disabled.

    Cloudflare also works with third party service providers. These may only process personal data under the instruction of Cloudflare and in accordance with the privacy policy and other confidentiality and security measures. Cloudflare does not share personal data without explicit consent from us.

    How long and where is the data stored?

    Cloudflare stores your information primarily in the United States and the European Economic Area. Cloudflare can transfer and access the information described above from all over the world. In general, Cloudflare stores user-level data for domains in Free, Pro, and Business versions for less than 24 hours. For Enterprise domains that have Cloudflare Logs (formerly Enterprise LogShare or ELS) enabled, data can be stored for up to 7 days. However, if IP addresses trigger security alerts at Cloudflare, there may be exceptions to the above retention period.

    How can I delete my data or prevent data storage?

    Cloudflare keeps data logs only as long as necessary and this data is also deleted within 24 hours in most cases. Cloudflare also does not store any personal data, such as your IP address. However, there is information that Cloudflare stores indefinitely as part of its permanent logs in order to improve the overall performance of Cloudflare Resolver and to identify any security risks. To see exactly what permanent logs are stored, please visit https://www.cloudflare.com/application/privacypolicy/. All data that Cloudflare collects (temporary or permanent) is scrubbed of any personally identifiable information. All permanent logs are also anonymized by Cloudflare.

    Cloudflare addresses in their privacy policy that they are not responsible for the content they receive. For example, if you ask Cloudflare to update or delete your content, Cloudflare basically refers you to us as the website operator. You can also completely prevent the entire collection and processing of your data by Cloudflare by disabling the execution of script code in your browser or by installing a script blocker in your browser.

  • Information and deletion

    As a data subject, you have the right to information about your stored personal data, its origin and recipient and the purpose of data processing at any time, as well as a right to correction, data transfer, objection, restriction of processing and blocking or deletion of incorrect or inadmissibly processed data.

    If there are any changes to your personal data, please inform us accordingly.

    You have the right to revoke your consent to the use of your personal data at any time. Your request for information, deletion, correction, objection and/or data transfer, in the latter case, provided that this does not involve a disproportionate effort, can be addressed to the address stated in point 11 of this declaration.

    If you are of the opinion that the processing of your personal data by us violates applicable data protection law or that your data protection rights have been violated in some other way, you have the option of complaining to the competent supervisory authority. In Austria, the data protection authority is responsible for this.

  • Data security

    Your personal data is protected by appropriate organizational and technical precautions. These precautions relate in particular to protection against unauthorized, illegal or even accidental access, processing, loss, use and manipulation.

    Your personal data is protected by appropriate organizational and technical precautions. These precautions relate in particular to protection against unauthorized, illegal or even accidental access, processing, loss, use and manipulation.

    Please note that we therefore accept no liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and/or unauthorized access by third parties (e.g. hacking attack on email account or telephone, interception of faxes).

  • Use of the data

    We will not process the data provided to us for purposes other than those covered by the contract concluded with you or by your consent or otherwise by a provision in accordance with the GDPR. This excludes the use for statistical purposes, provided that the data provided has been anonymized.

  • Transmission of data to third parties

    In order to fulfill your order, it may also be necessary to forward your data to third parties (e.g. service providers that we use and to whom we make data available). Your data will only be forwarded on the basis of the GDPR, in particular for the fulfillment of your order or based on your prior consent.

    Some of the recipients of your personal data mentioned above are located outside your country or process your personal data there. The level of data protection in other countries may not be the same as in Austria.

    However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection. If this is not the case, we take measures to ensure that all recipients have an adequate level of data protection, for which we conclude standard contractual clauses (2010/87/EC and/or 2004/915/EC).

  • Data breach disclosure

    We strive to ensure that data breaches are identified at an early stage and, if necessary, reported to you or the responsible supervisory authority without delay (including the respective data categories affected).

  • Data retention

    We will not retain data for longer than is necessary to fulfill our contractual or legal obligations and to defend against any liability claims. In order to defend against liability claims, we generally retain your personal data for up to 30 years. In cases where such claims are excluded in any case, the retention period is at least seven years. If no other instructions are given, all documents and data will be destroyed after the retention period has expired.

  • Our contact details

    As you can see, the protection of your data is particularly important to us. In case of questions or if you no longer wish us to process your data (objection, deletion or restriction of processing), we request that you inform us informally at Philipp Mandl, Zettasecure GMBH, Stubenring 24, 1010 Vienna, Austria, telephone no.: +43 670 404 65 86, e-mail: [email protected].