Privacy Policy

Preamble
With the fol­low­ing pri­vacy pol­icy we would like to in­form you which types of your per­sonal data (here­inafter also ab­bre­vi­ated as “data”) we process for which pur­poses and in which scope. The pri­vacy state­ment ap­plies to all pro­cess­ing of per­sonal data car­ried out by us, both in the con­text of pro­vid­ing our ser­vices and in par­tic­u­lar on our web­sites, in mo­bile ap­pli­ca­tions and within ex­ter­nal on­line pres­ences, such as our so­cial me­dia pro­files (here­inafter col­lec­tively re­ferred to as “on­line ser­vices”).

The terms used are not gen­der-spe­cific.

The content, structure and design of the LX Design Studio e.U. website are protected by copyright. The duplication, modification, representation, distribution, transmission, publication, sale, licensing, processing, alienation or use of information or data for any purpose whatsoever, in particular the use of texts, parts of texts or images, requires the prior written consent of LX Design Studio e.U.


Legal Bases for the Processing
In the fol­low­ing, you will find an overview of the le­gal ba­sis of the GDPR on which we base the pro­cess­ing of per­sonal data. Please note that in ad­di­tion to the pro­vi­sions of the GDPR, na­tional data pro­tec­tion pro­vi­sions of your or our coun­try of res­i­dence or domi­cile may ap­ply. If, in ad­di­tion, more spe­cific le­gal bases are ap­plic­a­ble in in­di­vid­ual cases, we will in­form you of these in the data pro­tec­tion de­c­la­ra­tion.

  • Content (Article 6 (1) (a) GDPR) – The data sub­ject has given con­sent to the pro­cess­ing of his or her per­sonal data for one or more spe­cific pur­poses.
  • Performance of a contract and prior requests (Article 6 (1) (b) GDPR) – •    Per­for­mance of a con­tract to which the data sub­ject is party or in or­der to take steps at the re­quest of the data sub­ject prior to en­ter­ing into a con­tract. 
  • Compliance with a legal obligation (Article 6 (1) (c) GDPR) – Pro­cess­ing is nec­es­sary for com­pli­ance with a le­gal oblig­a­tion to which the con­troller is sub­ject. 
  • Legitimate Interests (Article 6 (1) (f) GDPR) – Pro­cess­ing is nec­es­sary for the pur­poses of the le­git­i­mate in­ter­ests pur­sued by the con­troller or by a third party, ex­cept where such in­ter­ests are over­rid­den by the in­ter­ests or fun­da­men­tal rights and free­doms of the data sub­ject which re­quire pro­tec­tion of per­sonal data.

In ad­di­tion to the data pro­tec­tion reg­u­la­tions of the Gen­eral Data Pro­tec­tion Reg­u­la­tion, na­tional reg­u­la­tions ap­ply to data pro­tec­tion in Aus­tria. This in­cludes in par­tic­u­lar the Fed­eral Act on the Pro­tec­tion of In­di­vid­u­als with re­gard to the Pro­cess­ing of Per­sonal Data (Data Pro­tec­tion Act – DSG). In par­tic­u­lar, the Data Pro­tec­tion Act con­tains spe­cial pro­vi­sions on the right of ac­cess, rec­ti­fi­ca­tion or can­cel­la­tion, pro­cess­ing of spe­cial cat­e­gories of per­sonal data, pro­cess­ing for other pur­poses and trans­mis­sion and au­to­mated de­ci­sion mak­ing in in­di­vid­ual cases.


Security Precautions
We take ap­pro­pri­ate tech­ni­cal and or­gan­i­sa­tional mea­sures in ac­cor­dance with the le­gal re­quire­ments, tak­ing into ac­count the state of the art, the costs of im­ple­men­ta­tion and the na­ture, scope, con­text and pur­poses of pro­cess­ing as well as the risk of vary­ing like­li­hood and sever­ity for the rights and free­doms of nat­ural per­sons, in or­der to en­sure a level of se­cu­rity ap­pro­pri­ate to the risk.

The mea­sures in­clude, in par­tic­u­lar, safe­guard­ing the con­fi­den­tial­ity, in­tegrity and avail­abil­ity of data by con­trol­ling phys­i­cal and elec­tronic ac­cess to the data as well as ac­cess to, in­put, trans­mis­sion, se­cur­ing and sep­a­ra­tion of the data. In ad­di­tion, we have es­tab­lished pro­ce­dures to en­sure that data sub­jects’ rights are re­spected, that data is erased, and that we are pre­pared to re­spond to data threats rapidly. Fur­ther­more, we take the pro­tec­tion of per­sonal data into ac­count as early as the de­vel­op­ment or se­lec­tion of hard­ware, soft­ware and ser­vice providers, in ac­cor­dance with the prin­ci­ple of pri­vacy by de­sign and pri­vacy by de­fault.

SSL en­cryp­tion (https): In or­der to pro­tect your data trans­mit­ted via our on­line ser­vices in the best pos­si­ble way, we use SSL en­cryp­tion. You can rec­og­nize such en­crypted con­nec­tions by the pre­fix https:// in the ad­dress bar of your browser.  


Transmission of Personal Data
In the con­text of our pro­cess­ing of per­sonal data, it may hap­pen that the data is trans­ferred to other places, com­pa­nies or per­sons or that it is dis­closed to them. Re­cip­i­ents of this data may in­clude, for ex­am­ple, ser­vice providers com­mis­sioned with IT tasks or providers of ser­vices and con­tent that are em­bed­ded in a web­site. In such a case, the le­gal re­quire­ments will be re­spected and in par­tic­u­lar cor­re­spond­ing con­tracts or agree­ments, which serve the pro­tec­tion of your data, will be con­cluded with the re­cip­i­ents of your data.


Data Processing Third Countries
If we process data in a third coun­try (i.e. out­side the Eu­ro­pean Union (EU), the Eu­ro­pean Eco­nomic Area (EEA)) or the pro­cess­ing takes place in the con­text of the use of third party ser­vices or dis­clo­sure or trans­fer of data to other per­sons, bod­ies or com­pa­nies, this will only take place in ac­cor­dance with the le­gal re­quire­ments. 

Sub­ject to ex­press con­sent or trans­fer re­quired by con­tract or law, we process or have processed the data only in third coun­tries with a recog­nised level of data pro­tec­tion, on the ba­sis of spe­cial guar­an­tees, such as a con­trac­tual oblig­a­tion through so-called stan­dard pro­tec­tion clauses of the EU Com­mis­sion or if cer­ti­fi­ca­tions or bind­ing in­ter­nal data pro­tec­tion reg­u­la­tions jus­tify the pro­cess­ing (Ar­ti­cle 44 to 49 GDPR, in­for­ma­tion page of the EU Com­mis­sion: https://ec.eu­ropa.eu/info/law/law-topic/data-pro­tec­tion/in­ter­na­tional-di­men­sion-data-pro­tec­tion_en)


Erasure of data
The data processed by us will be erased in ac­cor­dance with the statu­tory pro­vi­sions as soon as their pro­cess­ing is re­voked or other per­mis­sions no longer ap­ply (e.g. if the pur­pose of pro­cess­ing this data no longer ap­plies or they are not re­quired for the pur­pose).

If the data is not deleted be­cause they are re­quired for other and legally per­mis­si­ble pur­poses, their pro­cess­ing is lim­ited to these pur­poses. This means that the data will be re­stricted and not processed for other pur­poses. This ap­plies, for ex­am­ple, to data that must be stored for com­mer­cial or tax rea­sons or for which stor­age is nec­es­sary to as­sert, ex­er­cise or de­fend le­gal claims or to pro­tect the rights of an­other nat­ural or le­gal per­son.
In the con­text of our in­for­ma­tion on data pro­cess­ing, we may pro­vide users with fur­ther in­for­ma­tion on the dele­tion and re­ten­tion of data that is spe­cific to the re­spec­tive pro­cess­ing op­er­a­tion. 


Use of Cookies
Cook­ies are small text files or other data records that store in­for­ma­tion on end de­vices and read in­for­ma­tion from the end de­vices. For ex­am­ple, to store the lo­gin sta­tus in a user ac­count, the con­tents of a shop­ping cart in an e-shop, the con­tents ac­cessed or the func­tions used. Cook­ies can also be used for var­i­ous pur­poses, e.g. for pur­poses of func­tion­al­ity, se­cu­rity and con­ve­nience of on­line of­fers as well as the cre­ation of analy­ses of vis­i­tor flows.


Information on consent: We use cook­ies in ac­cor­dance with the statu­tory pro­vi­sions. There­fore, we ob­tain prior con­sent from users, ex­cept when it is not re­quired by law. In par­tic­u­lar, con­sent is not re­quired if the stor­age and read­ing of in­for­ma­tion, in­clud­ing cook­ies, is strictly nec­es­sary in or­der to pro­vide an in­for­ma­tion so­ci­ety ser­vice ex­plic­itly re­quested by the sub­scriber or user. The re­vo­ca­ble con­sent will be clearly com­mu­ni­cated to the user and will con­tain the in­for­ma­tion on the re­spec­tive cookie use.


Information on legal bases under data protection law: The le­gal ba­sis un­der data pro­tec­tion law on which we process users’ per­sonal data with the use of cook­ies de­pends on whether we ask users for con­sent. If users con­sent, the le­gal ba­sis for pro­cess­ing their data is their de­clared con­sent. Oth­er­wise, the data processed with the help of cook­ies is processed on the ba­sis of our le­git­i­mate in­ter­ests (e.g. in a busi­ness op­er­a­tion of our on­line ser­vices and im­prove­ment of its us­abil­ity) or, if this is done in the con­text of the ful­fill­ment of our con­trac­tual oblig­a­tions, if the use of cook­ies is nec­es­sary to ful­fill our con­trac­tual oblig­a­tions. For which pur­poses the cook­ies are processed by us, we do clar­ify in the course of this pri­vacy pol­icy or in the con­text of our con­sent and pro­cess­ing pro­ce­dures.


Retention period: With re­gard to the re­ten­tion pe­riod, a dis­tinc­tion is drawn be­tween the fol­low­ing types of cook­ies: 

  • Temporary cookies (also known as “session cookies”): Tem­po­rary cook­ies are deleted at the lat­est af­ter a user has left an on­line ser­vice and closed his or her end de­vice (i.e. browser or mo­bile ap­pli­ca­tion). 
  • Permanent cookies: Per­ma­nent cook­ies re­main stored even af­ter the ter­mi­nal de­vice is closed. For ex­am­ple, the lo­gin sta­tus can be saved, or pre­ferred con­tent can be dis­played di­rectly when the user vis­its a web­site again. Like­wise, user data col­lected with the help of cook­ies can be used for reach mea­sure­ment. Un­less we pro­vide users with ex­plicit in­for­ma­tion about the type and stor­age du­ra­tion of cook­ies (e.g., as part of ob­tain­ing con­sent), users should as­sume that cook­ies are per­ma­nent and that the stor­age pe­riod can be up to two years.  

General information on revocation and objection (opt-out): Users can re­voke the con­sent they have given at any time and also file an ob­jec­tion to pro­cess­ing in ac­cor­dance with the le­gal re­quire­ments in Art. 21 DS­GVO (fur­ther in­for­ma­tion on ob­jec­tion is pro­vided as part of this pri­vacy pol­icy).  Users can also de­clare their ob­jec­tion by means of the set­tings of their browser, e.g. by de­ac­ti­vat­ing the use of cook­ies (whereby this may also limit the func­tion­al­ity of our on­line ser­vices). An ob­jec­tion to the use of cook­ies for on­line mar­ket­ing pur­poses, can also be de­clared via the web­sites https://optout.aboutads.info and https://www.youron­line­choices.com/. In ad­di­tion, users can re­ceive fur­ther ob­jec­tion no­tices from us at ap­pro­pri­ate points as part of the in­for­ma­tion on the ser­vice providers and cook­ies used.


Further information on processing methods, procedures and services used:

  • Processing Cookie Data on the Basis of Consent: We use a cookie man­age­ment so­lu­tion in which users’ con­sent to the use of cook­ies, or the pro­ce­dures and providers men­tioned in the cookie man­age­ment so­lu­tion, can be ob­tained, man­aged and re­voked by the users. The de­c­la­ra­tion of con­sent is stored so that it does not have to be re­trieved again and the con­sent can be proven in ac­cor­dance with the le­gal oblig­a­tion. Stor­age can take place server-sided and/or in a cookie (so-called opt-out cookie or with the aid of com­pa­ra­ble tech­nolo­gies) in or­der to be able to as­sign the con­sent to a user or and/or his/her de­vice. Sub­ject to in­di­vid­ual de­tails of the providers of cookie man­age­ment ser­vices, the fol­low­ing in­for­ma­tion ap­plies: The du­ra­tion of the stor­age of the con­sent can be up to two years. In this case, a pseu­do­ny­mous user iden­ti­fier is formed and stored with the date/time of con­sent, in­for­ma­tion on the scope of the con­sent (e.g. which cat­e­gories of cook­ies and/or ser­vice providers) as well as the browser, sys­tem and used end de­vice.  
Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. 


Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Collection of Access Data and Log Files: 

  • We, our­selves or our web host­ing provider, col­lect data on the ba­sis of each ac­cess to the server (so-called server log files). Server log files may in­clude the ad­dress and name of the web pages and files ac­cessed, the date and time of ac­cess, data vol­umes trans­ferred, no­ti­fi­ca­tion of suc­cess­ful ac­cess, browser type and ver­sion, the user’s op­er­at­ing sys­tem, re­fer­rer URL (the pre­vi­ously vis­ited page) and, as a gen­eral rule, IP ad­dresses and the re­quest­ing provider.The server log files can be used for se­cu­rity pur­poses, e.g. to avoid over­load­ing the servers (es­pe­cially in the case of abu­sive at­tacks, so-called DDoS at­tacks) and to en­sure the sta­bil­ity and op­ti­mal load bal­anc­ing of the servers; Re­ten­tion pe­riod: Log file in­for­ma­tion is stored for a max­i­mum pe­riod of 30 days and then deleted or anonymized. Data, the fur­ther stor­age of which is nec­es­sary for ev­i­dence pur­poses, are ex­cluded from dele­tion un­til the re­spec­tive in­ci­dent has been fi­nally clar­i­fied.
  • We process per­sonal data for the pur­poses of on­line mar­ket­ing, which may in­clude in par­tic­u­lar the mar­ket­ing of ad­ver­tis­ing space or the dis­play of ad­ver­tis­ing and other con­tent (col­lec­tively re­ferred to as “Con­tent”) based on the po­ten­tial in­ter­ests of users and the mea­sure­ment of their ef­fec­tive­ness.

    For these pur­poses, so-called user pro­files are cre­ated and stored in a file (so-called “cookie”) or sim­i­lar pro­ce­dure in which the rel­e­vant user in­for­ma­tion for the dis­play of the afore­men­tioned con­tent is stored. This in­for­ma­tion may in­clude, for ex­am­ple, con­tent viewed, web­sites vis­ited, on­line net­works used, com­mu­ni­ca­tion part­ners and tech­ni­cal in­for­ma­tion such as the browser used, com­puter sys­tem used and in­for­ma­tion on us­age times and used func­tions. If users have con­sented to the col­lec­tion of their side­line data, these can also be processed.

    The IP ad­dresses of the users are also stored. How­ever, we use pro­vided IP mask­ing pro­ce­dures (i.e. pseu­do­nymi­sa­tion by short­en­ing the IP ad­dress) to en­sure the pro­tec­tion of the user’s by us­ing a pseu­do­nym. In gen­eral, within the frame­work of the on­line mar­ket­ing process, no clear user data (such as e-mail ad­dresses or names) is se­cured, but pseu­do­nyms. This means that we, as well as the providers of on­line mar­ket­ing pro­ce­dures, do not know the ac­tual iden­tity of the users, but only the in­for­ma­tion stored in their pro­files.

    The in­for­ma­tion in the pro­files is usu­ally stored in the cook­ies or sim­i­lar mem­o­riz­ing pro­ce­dures. These cook­ies can later, gen­er­ally also on other web­sites that use the same on­line mar­ket­ing tech­nol­ogy, be read and an­a­lyzed for pur­poses of con­tent dis­play, as well as sup­ple­mented with other data and stored on the server of the on­line mar­ket­ing tech­nol­ogy provider.

    Ex­cep­tion­ally, clear data can be as­signed to the pro­files. This is the case, for ex­am­ple, if the users are mem­bers of a so­cial net­work whose on­line mar­ket­ing tech­nol­ogy we use and the net­work links the pro­files of the users in the afore­men­tioned data. Please note that users may en­ter into ad­di­tional agree­ments with the so­cial net­work providers or other ser­vice providers, e.g. by con­sent­ing as part of a reg­is­tra­tion process.

    As a mat­ter of prin­ci­ple, we only gain ac­cess to sum­marised in­for­ma­tion about the per­for­mance of our ad­ver­tise­ments. How­ever, within the frame­work of so-called con­ver­sion mea­sure­ment, we can check which of our on­line mar­ket­ing processes have led to a so-called con­ver­sion, i.e. to the con­clu­sion of a con­tract with us. The con­ver­sion mea­sure­ment is used alone for the per­for­mance analy­sis of our mar­ket­ing ac­tiv­i­ties.

    Un­less oth­er­wise stated, we kindly ask you to con­sider that cook­ies used will be stored for a pe­riod of two years.

Contact and Inquiry Management
When con­tact­ing us (e.g. via con­tact form, e-mail, tele­phone or via so­cial me­dia) as well as in the con­text of ex­ist­ing user and busi­ness re­la­tion­ships, the in­for­ma­tion of the in­quir­ing per­sons is processed to the ex­tent nec­es­sary to re­spond to the con­tact re­quests and any re­quested mea­sures.

The re­sponse to the con­tact in­quiries as well as the man­age­ment of con­tact and in­quiry data in the con­text of con­trac­tual or pre-con­trac­tual re­la­tion­ships is car­ried out to ful­fill our con­trac­tual oblig­a­tions or to re­spond to (pre)con­trac­tual in­quiries and oth­er­wise on the ba­sis of le­git­i­mate in­ter­ests in re­spond­ing to the in­quiries and main­tain­ing user or busi­ness re­la­tion­ships. 

  • Processed data types: In­ven­tory data (e.g. names, ad­dresses); Con­tact data (e.g. e-mail, tele­phone num­bers); Con­tent data (e.g. text in­put, pho­tographs, videos).
  • Data subjects: Com­mu­ni­ca­tion part­ner (Re­cip­i­ents of e-mails, let­ters, etc.).
  • Purposes of Processing: Con­tact re­quests and com­mu­ni­ca­tion.
  • Legal Basis: Per­for­mance of a con­tract and prior re­quests (Ar­ti­cle 6 (1) (b) GDPR); Le­git­i­mate In­ter­ests (Ar­ti­cle 6 (1) (f) GDPR)

Further information on processing methods, procedures and services used:

  • Google Ad Manager: We use the “Google Mar­ket­ing Plat­form” (and ser­vices like “Google Ad Man­ager”) to place ads in the Google ad­ver­tis­ing net­work (e.g., in search re­sults, in videos, on web­sites, etc.). The Google Mar­ket­ing Plat­form” is char­ac­terised by the fact that ads are dis­played in real time ac­cord­ing to the pre­sumed in­ter­ests of the users. This al­lows us to dis­play ads for and within our on­line ser­vices in a more tar­geted man­ner in or­der to pre­sent users only with ads that po­ten­tially match their in­ter­ests. If, for ex­am­ple, a user is shown ads for prod­ucts in which he is in­ter­ested on other on­line of­fers, this is re­ferred to as “re­mar­ket­ing”; Service provider: Google Ire­land Lim­ited, Gor­don House, Bar­row Street, Dublin 4, Ire­land, par­ent com­pany: Google LLC, 1600 Am­phithe­atre Park­way, Moun­tain View, CA 94043, USA; Website: https://mar­ket­ing­plat­form.google.com; Privacy Policy:https://poli­cies.google.com/pri­vacyFurther Information: Types of pro­cess­ing and data processed:  https://pri­vacy.google.com/busi­nesses/adsser­vices; Google Ads Con­troller-Con­troller Data Pro­tec­tion Terms and stan­dard con­trac­tual clauses for data trans­fers to third coun­tries: https://busi­ness.safety.google/ad­scon­trollert­erms; where Google acts as proces­sor, Data Pro­cess­ing Con­di­tions for Google Ad­ver­tis­ing Prod­ucts and stan­dard con­trac­tual clauses for data trans­fers to third coun­tries: https://busi­ness.safety.google/ad­sproces­sorterms ap­ply.  
  • Google Ads and Conversion Tracking: We use the Google “Ads” on­line mar­ket­ing method to place ads on the Google ad­ver­tis­ing net­work (e.g., in search re­sults, videos, web­sites, etc.) so that they are dis­played to users who have an al­leged in­ter­est in the ads. We also mea­sure the con­ver­sion of the ads (so called “Kon­ver­sion”). How­ever, we only know the anony­mous to­tal num­ber of users who clicked on our ad and were redi­rected to a page tagged with a con­ver­sion track­ing tag. How­ever, we our­selves do not re­ceive any in­for­ma­tion that can be used to iden­tify users; Service provider: Google Ire­land Lim­ited, Gor­don House, Bar­row Street, Dublin 4, Ire­land, par­ent com­pany: Google LLC, 1600 Am­phithe­atre Park­way, Moun­tain View, CA 94043, USA; Website:https://mar­ket­ing­plat­form.google.comPrivacy Policy:https://poli­cies.google.com/pri­vacy; Further Informations: Types of pro­cess­ing and data processed: https://pri­vacy.google.com/busi­nesses/adsser­vices; Google Ads Con­troller-Con­troller Data Pro­tec­tion Terms and stan­dard con­trac­tual clauses for data trans­fers to third coun­tries: https://busi­ness.safety.google/ad­scon­trollert­erms.

Profiles in Social Networks (Social Media)
We main­tain on­line pres­ences within so­cial net­works and process user data in this con­text in or­der to com­mu­ni­cate with the users ac­tive there or to of­fer in­for­ma­tion about us.

We would like to point out that user data may be processed out­side the Eu­ro­pean Union. This may en­tail risks for users, e.g. by mak­ing it more dif­fi­cult to en­force users’ rights.

In ad­di­tion, user data is usu­ally processed within so­cial net­works for mar­ket re­search and ad­ver­tis­ing pur­poses. For ex­am­ple, user pro­files can be cre­ated on the ba­sis of user be­hav­iour and the as­so­ci­ated in­ter­ests of users. The user pro­files can then be used, for ex­am­ple, to place ad­ver­tise­ments within and out­side the net­works which are pre­sumed to cor­re­spond to the in­ter­ests of the users. For these pur­poses, cook­ies are usu­ally stored on the user’s com­puter, in which the user’s us­age be­hav­iour and in­ter­ests are stored. Fur­ther­more, data can be stored in the user pro­files in­de­pen­dently of the de­vices used by the users (es­pe­cially if the users are mem­bers of the re­spec­tive net­works or will be­come mem­bers later on).

For a de­tailed de­scrip­tion of the re­spec­tive pro­cess­ing op­er­a­tions and the opt-out op­tions, please re­fer to the re­spec­tive data pro­tec­tion de­c­la­ra­tions and in­for­ma­tion pro­vided by the providers of the re­spec­tive net­works.

Also in the case of re­quests for in­for­ma­tion and the ex­er­cise of rights of data sub­jects, we point out that these can be most ef­fec­tively pur­sued with the providers. Only the providers have ac­cess to the data of the users and can di­rectly take ap­pro­pri­ate mea­sures and pro­vide in­for­ma­tion. If you still need help, please do not hes­i­tate to con­tact us.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

  • reCAPTCHA: We in­te­grate the “re­CAPTCHA” func­tion to be able to recog­nise whether en­tries (e.g. in on­line forms) are made by hu­mans and not by au­to­mat­i­cally op­er­at­ing ma­chines (so-called “bots”). The data processed may in­clude IP ad­dresses, in­for­ma­tion on op­er­at­ing sys­tems, de­vices or browsers used, lan­guage set­tings, lo­ca­tion, mouse move­ments, key­strokes, time spent on web­sites, pre­vi­ously vis­ited web­sites, in­ter­ac­tions with Re­Captcha on other web­sites, pos­si­bly cook­ies and re­sults of man­ual recog­ni­tion processes (e.g. an­swer­ing ques­tions asked or se­lect­ing ob­jects in im­ages). The data pro­cess­ing is based on our le­git­i­mate in­ter­est to pro­tect our on­line ser­vices from abu­sive au­to­mated crawl­ing and spam; Ser­vice provider: Google Ire­land Lim­ited, Gor­don House, Bar­row Street, Dublin 4, Ire­land, , par­ent com­pany: Google LLC, 1600 Am­phithe­atre Park­way, Moun­tain View, CA 94043, USA; Web­site: https://www.google.com/re­captcha/Privacy Policy:https://poli­cies.google.com/pri­vacyOpt-Out: Opt-Out-Plu­gin: https://tools.google.com/dl­page/gaoptout?hl=de,  Set­tings for the Dis­play of Ad­ver­tise­ments: https://ads­set­tings.google.com/au­then­ti­cated.

Changes and updates to the privacy policy

We encourage you to periodically review the content of our Privacy Policy. We will adjust the privacy statement if changes in our data processing practices make this necessary. We will inform you as soon as the changes require your involvement (e.g. consent) or other individual notification.

When we provide addresses and contact information for companies and organizations in this Privacy Statement, we ask that you note that the addresses may change over time and verify the information before contacting us.


Rights of the data subjects

As a data subject, you have various rights under the GDPR, in particular under Articles 15 to 21 of the GDPR:

Right to object: you have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions. If personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purposes of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

Right to withdraw consent: You have the right to revoke consents at any time.

Right to information: you have the right to request confirmation as to whether the data in question is being processed and to be informed about it, as well as to receive further information and a copy of the data in accordance with the law.

Right to rectification: you have the right to request, in accordance with the law, that the data concerning you be completed or that inaccurate data concerning you be rectified.

Right to erasure and right to restriction of processing: you have the right, in accordance with the law, to request the immediate erasure of the data concerned or, alternatively, to request the restriction of the processing of the data in accordance with the law.

Right to data portability: you have the right to receive the data concerning you that you have provided to us in a structured, common and machine-readable format in accordance with the legal requirements or to request that it be transferred to another controller.

Complaint to the supervisory authority: In accordance with the legal provisions and without prejudice to any other administrative or judicial remedy, you also have the right to lodge a complaint with a data protection supervisory authority, in particular with a supervisory authority of the Member State in which you have your habitual residence, with the supervisory authority of your place of work or of the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.


Terminology and Definitions

This section provides an overview of the terms used in this Privacy Policy. Many of the terms are taken from the law and are mainly defined in Article 4 GDPR. The legal definitions are binding. The following explanations, on the other hand, are primarily for the purpose of understanding. The terms are listed in alphabetical order.


Affiliate Tracking: Custom Audiences refers to the process of determining target groups for advertising purposes, e.g., the display of advertisements. For example, based on a user’s interest in certain products or topics on the Internet, it can be concluded that the user is interested in advertising for similar products or the online store where the user viewed the products. “Lookalike Audiences” is the term used to describe content deemed appropriate by users whose profiles or interests are believed to match those of the users for whom the profiles were created. Cookies and web beacons are typically used to create Custom Audiences and Lookalike Audiences.

Controller: “Controller” means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. 

Conversion Tracking: Conversion tracking is a method of evaluating the effectiveness of marketing activities. For this purpose, a cookie is usually stored on users’ devices within the websites on which the marketing measures take place and then retrieved on the target website (this enables us, for example, to track whether the advertising we have placed on other websites has been successful). 


Custom Audiences: Targeting (or “Custom Audiences”) is the term used when target groups are determined for advertising purposes, e.g., for displaying advertisements. For example, based on a user’s interest in certain products or topics on the Internet, it can be concluded that this user is interested in advertising for similar products or the online store where he or she viewed the products. Lookalike Audiences” (or similar audiences) is the term used to describe content that is considered appropriate by users whose profiles or interests are believed to match those of the users for whom the profiles were created. Cookies are typically used to create Custom Audiences and Lookalike Audiences. Audiences can be created by processing visitors to an online service or uploaded via upload to the provider of an online marketing technology (which is usually done pseudonymously). 

Personal data: “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. 

Processing: the term “processing” covers a broad spectrum and virtually any handling of data, whether collection, analysis, storage, transmission or deletion. 

Profiles with user-related information: Processing of “profiles with user-related information,” or “profiles” for short, includes any type of automated processing of personal data that consists of using such personal data to analyze, evaluate, or predict certain personal aspects relating to a natural person (depending on the type of profiling, this may include various information on demographics, behavior, and interests, such as interaction with websites and their content, etc.) (e.g., interest in certain content or products, click behavior on a website, or location). Cookies and web beacons are often used for profiling. 

Remarketing: “Remarketing” or “retargeting” is used, for example, to indicate for advertising purposes which products a user was interested in on a website in order to remind him or her of these products on other websites, e.g. in ads.


This company/website is owned and operated by LX Design Studio e.U. Lobna Elgheriani.

You may contact us regarding the privacy policy through our contact page.