Privacy Policy

We, Zechmeister Strategic Solutions GmbH, are responsible for data processing in terms of data protection law.

Zechmeister Strategic Solutions GmbH

Am Forstgarten 4/1

9020 Klagenfurt am Wörthersee

Austria

Email: office@zechmeister-solutions.com

Represented by: Managing Director Dipl. Ing. Tibor Zajki-Zechmeister, BSc

Data Protection Officer (DPO): Not appointed

As part of your contact request, appointment booking, or your visit on our website, we collect and process certain personal data relating to you. The type, scope and purposes of this data processing are described below.

2.1 Contact / “Quick Question” Form Data

When you use our website form (e.g., “Quick Question”), we process the data you enter. This typically includes:

• Name (required)
• Email address (required)
• Company (optional)
• Subject / topic selection (optional/required depending on form setup)
• Message content (optional/required depending on form setup)

Purpose of processing: handling your request, communicating with you, and (where relevant) preparing and carrying out pre-contractual measures (e.g., clarifying whether and how we can support you).

Legal basis:

• Art. 6(1)(b) GDPR (pre-contractual measures / handling your request), and
• Art. 6(1)(f) GDPR (legitimate interests in efficient communication, documentation, and protection against abuse/spam), where applicable.

You are not legally required to provide this data. However, without the required information (in particular name and email), we generally cannot process your request.

2.2 Appointment Booking (Calendly)

If you book a consultation appointment via our scheduling process (e.g., Calendly), additional data may be processed, such as your selected time slot, time zone, and booking-related metadata. Details are provided in Section 5.

2.3 Website Usage Data (Server Logs)

When you visit our website, the web server may automatically process certain information (“server log files”), in particular:

• IP address (as processed by the hosting provider)
• Date and time of access
• Pages/files accessed
• Browser type/version
• Operating system
• Referrer URL
• Device information (where provided by your browser)

Purpose of processing: ensuring the technical operation, system security, troubleshooting, and preventing misuse/attacks.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and stable website operation).

Our hosting provider processes these data on our behalf as a processor under Art. 28 GDPR.

2.4 Newsletter

If you sign up for our newsletter, we process your name and email address for sending the newsletter based on your consent (Art. 6(1)(a) GDPR). You can withdraw consent at any time (unsubscribe link or email).

Our website uses cookies and similar technologies. Cookies are small text files stored on your device.

Under Austrian law (TKG 2021), non-essential cookies (e.g., analytics cookies) generally require your prior consent. Technically necessary cookies may be used without consent if they are required to provide the website/service you requested.

3.1 Types of Cookies We Use

• Technically Necessary Cookies: required for basic functions and security of the website.
• Analytics Cookies (Google Analytics): used only with your consent (see Section 4).

3.2 Consent / Withdrawal

Where consent is required, we obtain it via our cookie banner / consent tool.

You can withdraw or change your cookie consent at any time via:

• “Cookie settings” link in the banner, and/or
• your browser settings (note: disabling cookies may limit website functionality).

Managing Cookies in Major Browsers:

• Chrome Browser
• Mozilla Firefox
• Safari
• Internet Explorer / Edge

Our website uses Google Analytics (provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) to analyze website usage and improve our website.

4.1 Purpose and Data

Google Analytics may process information such as:

• interactions with our website (pages visited, click path, approximate location derived from IP, device/browser information),
• date/time of access, referrer URL, and
• online identifiers/cookie IDs (depending on configuration).

4.2 Legal Basis

Google Analytics is used only with your consent.

Legal basis: Art. 6(1)(a) GDPR (consent) and, where applicable for cookies/identifiers, consent requirements under TKG 2021.

If you do not consent, Google Analytics will not be used.

4.3 Withdrawal / Opt-Out

You can withdraw your consent at any time via the Cookie banner. Additionally, you may prevent Google Analytics processing using browser settings and/or Google’s opt-out tools (where available).

4.4 Data Processing / Configuration

We use Google Analytics with settings intended to minimize data.

IP Anonymisation: IP anonymisation is activated on this website. Google uses this to shorten your IP address beforehand within Member States of the European Union or in other signatories to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.

You can find more detailed information at Google Analytics Terms and Google Privacy Policy.

We use Calendly to enable you to book consultation appointments.

5.1 Purpose and Data

When you use Calendly, the following categories of data may be processed (depending on your input and configuration):

• name, email address, company (if provided),
• appointment details (time slot, time zone), and
• technical metadata necessary to provide the scheduling function.

5.2 Legal Basis

Legal basis: Art. 6(1)(b) GDPR (carrying out pre-contractual measures / scheduling requested by you).

Where Calendly sets non-essential cookies or loads third-party content beyond what is strictly necessary, we do so only with the required consent via our consent tool, where applicable: Calendly is loaded only after you click ‘Book a call’.

5.3 Recipient / Processor

Calendly may process personal data as our processor (Art. 28 GDPR) or as a separate controller depending on the configuration and the specific service relationship. Details: https://calendly.com/legal/privacy-notice

6.1 Use of Google Meet (Video Calls)

We use Google Meet to conduct consultation calls.

Depending on how you participate, Google Meet may process:

• participant information (name/display name, email address if used),
• meeting metadata (time, duration, technical connection data), and
• communication content (audio/video) as required to conduct the call.
• We do not record calls.

Legal basis: Art. 6(1)(b) GDPR (performing the requested call / pre-contractual communication) and, where applicable, Art. 6(1)(f) GDPR (legitimate interest in reliable communication).

We do not sell your personal data. We only share personal data where necessary for the purposes described in this policy, in particular with:

• IT/hosting providers (website operation, security, maintenance)
• Email and communication providers (to respond to inquiries)
• Google (Google Analytics, Google Meet)
• Calendly (appointment scheduling)

Where service providers process data on our behalf, we conclude data processing agreements (Art. 28 GDPR) and implement appropriate safeguards.

Some of the service providers mentioned above may process data outside the European Economic Area (EEA), in particular in the USA.

Where data is transferred to recipients outside the EEA, we ensure an adequate level of protection through appropriate safeguards, such as:

• an adequacy decision of the European Commission (where applicable), and/or
• Standard Contractual Clauses (SCCs), and/or
• other legally permitted safeguards.

Further details: EU Standard Contractual Clauses.

If the legal requirements are fulfilled, you have the following rights according to Articles 15 to 21 GDPR:

• Right of Access (Art. 15): You have the right to obtain confirmation of whether we process your personal data and to access that data.
• Right to Rectification (Art. 16): You have the right to request correction of inaccurate personal data.
• Right to Erasure (Art. 17): You have the right to request deletion of your personal data under certain circumstances (“right to be forgotten”).
• Right to Restriction (Art. 18): You have the right to request restriction of processing under certain circumstances.
• Right to Data Portability (Art. 20): You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Object (Art. 21): You have the right to object to processing based on legitimate interests; if we process data for direct marketing, you may object at any time.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the legality of the processing carried out before withdrawal.

To exercise any of these rights, please contact us using the details provided in this policy.

Automated decision-making / profiling: We do not use automated decision-making (including profiling) within the meaning of Art. 22 GDPR.

You have the right to lodge a complaint with a supervisory authority according to Art. 77 GDPR if you believe that your data is not being processed legally.

For Austria, this is the Austrian Data Protection Authority (Österreichische Datenschutzbehörde):
Barichgasse 40–42, 1030 Vienna, Austria
Web: www.dsb.gv.at
Email: dsb@dsb.gv.at

We store personal data only as long as necessary for the respective purposes and in accordance with legal retention requirements.

• Contact / form inquiries: retained for the duration needed to process your request and for documentation purposes, typically 12 months, unless longer retention is necessary (e.g., due to contract initiation, legal claims, or statutory duties).
• Appointment bookings (Calendly): Until appointment completion + 12 months, unless longer retention is necessary for contractual/legal reasons.
• Google Meet: meeting-related data are processed for the call; we do not store call content unless explicitly stated (e.g., recordings).
• Server logs: typically 30 days for security and troubleshooting, unless needed longer to investigate incidents.
• Analytics (Google Analytics): stored according to the configured retention setting.
• Legal obligations: where required by law (e.g., accounting/tax retention), data will be retained for the legally mandated period (7 years in Austria), and deleted thereafter unless further retention is necessary.

Your data is encrypted and transmitted over the Internet using SSL/TLS. We use technical and organizational measures to secure our website and other systems against loss, destruction, access, modification or dissemination of your data by unauthorized persons.

If you have any questions about this privacy policy or our data protection practices, please contact us:

Zechmeister Strategic Solutions GmbH

Am Forstgarten 4/1

9020 Klagenfurt am Wörthersee

Austria

Email: office@zechmeister-solutions.com

We generally respond to data protection inquiries without undue delay and within one month, unless a lawful extension applies.