1. Setting of goals and responsible authority

This data protection policy explains the type, amount and purpose of the processing (e.g. collection, processing and use as well as obtaining of consents) of personal data within our online offer and associated webpages, features and content (hereinafter collectively as „online offer“ or „webpage“). Data protection policy applies regardless of the used domains, systems, platforms and devices (e.g. desktop or mobile) that are used for the online offer.

Provider of the online offer and authority responsible for data protection:
bbf GmbH, Wohllebengasse 4/11, 1040 Vienna – Austria (hereinafter as “we” or “us”).

The term “User” includes all visitors of our online offer. Used terms like e.g. “User” are to be understood as gender neutral.

2. Outline information on data processing

We process personal data of users only in compliance with relevant data protection provisions according to the requirements of data minimisation and data avoidance. This means that the user data are being processed only with existing authorisation by law, in particular if the data is necessary for fulfilment of our contractual obligations as well as online services or are required by law or with existing consent.

We take up-to-date organisatory, contractual and technical safety measures to ensure the compliance with the requirements of data protection act and to protect the data that we process against accidental or intentional manipulation, loss, destruction or access by unauthorised persons.

If content, tools or other sources of other vendors (hereinafter as “Third-Party Vendors”) are used within this data protection policy and they reside abroad, it is expected, that data transfer into the countries of residence of the third-party vendors is taking place. Provision of data to third-countries is taking place based on authorisation by law, user consent or special contractual provisions that guarantee data safety as required by law.

3. Processing of personal data

Personal data are being processed for the following purposes according to authorisation by law or user consent, as well as the purpose explicitly defined in this data protection policy:

for making available, realisation, maintenance, optimisation and guarantee of our services,
to ensure an effective customer service and technical support.
We provide the user data to third parties only if this is necessary for invoicing purposes (e.g. to a provider of payment method) or for other purposes if they are necessary for us to fulfil our contractual obligations towards users (e.g. provision of addresses to carriers).

If you contact us (per email), the user data are saved for the purpose of inquiry processing as well as should additional questions arise. Personal data will be deleted as soon as they fulfilled their purpose and they are not subject to any record keeping requirements by law.

4. Collection of access data

We collect data about every access to the server, where the service is located (so-called server logfiles). Access data includes name of the accessed website, file, date and time of access, transferred data volume, notification about successful access, type of browser and version, operation system of the user, referrer URL (previously visited site), IP address and requesting provider.

We are using the protocol data without matching them to a user person or other profile in compliance with legal requirements only for statistical assessment for the purposes of operation, safety and optimisation of our online offer. However, we reserve the right to proof the protocol data, if there is a reasonable suspicion of illegal usage based on concrete indications.

5. Cookies & reach measurement

Cookies are information from this website and/or third parties transferred from our webserver to the web browser of the user, where they are stored for a later use. Users are informed about the usage of cookies and have the ability to change their settings at any time.

The online offer can be viewed also with exclusion of cookies. If users do not wish to store cookies at their computer, they will be prompted to deactivate the particular feature in the system settings of their browser. Stored cookies can be removed through the system settings of the browser. Exclusion of cookies may lead to limited functionality of the online offer.

It is possible to administer many online-display-cookies of companies through US site http://www.aboutads.info/choices or EU-site http://www.youronlinechoices.com/uk/your-ad-choices/.

6. Integration of services and content of third parties

Content of third party vendors can be implemented in our online offer, e.g. city plans or fonts. Implementation of content of third party vendors always assumes, that the third-party vendor identifies IP address of the user, because they cannot send content to the browser of the user without IP address. Therefore, the IP address is necessary for showing the content. Furthermore, the providers of third party content may implement their own cookies und process the user data for their own purposes. It is possible to create user profiles from the processed user data. We will use this content in a way, that we provide as little data as possible and we will choose only third-party vendors with reliable data protection policy.

The following sections are an overview of the third-party vendors as well as their content, together with links to their data protection policy that include further information on processing of data, also partially listed here, and withdrawal options (Opt-Out):

External Fonts of Adobe Typekit, Inc., https://fonts.adobe.com/ („Adobe Fonts“). Implementation of Adobe Webfonts is made through server access by Adobe (usually in the USA). Data protection policy: https://www.adobe.com/de/privacy.html.

Maps of the service „Google Maps“ provided by third party vendor Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data protection policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.

7. User rights and data deletion

Upon request, users have the right to receive information about the personal data that we store about them free of charge. Additionally, the users are entitled to correction of false data, withdrawal of their consents, blocking and removal of their personal data as well as have the right to submit a complaint at the responsible authority in case of illegal data processing.

We delete all data stored by us as soon as they are not necessary anymore for their purpose and are not a subject to any record keeping required by law.

To request an overview of your personal data, withdraw consent or delete all personal data send an email with your request to: office@bbf-it.at

8. Amendments to the Data protection policy

We reserve the right to amend the data protection policy in order to comply with amended laws or change of our services as well as data processing. However, this applies only to declaration for data processing. If user consent is necessary or parts of the data protection policy include provisions of the contractual relationship with the user, the changes are possible only with consent of the user. Users are kindly asked to regularly read the content of the data protection policy.

Updated: March 2019