Privacy Policy

Last updated: January 2025 | Applies to: asftravelvignett.eu

Sections

1. Data Controller
2. Data We Collect
3. Purpose of Processing
4. Legal Basis
5. Data Storage & Retention
6. Data Sharing
7. Cookies & localStorage
8. Your Rights
9. Security
10. Changes to This Policy

1. Data Controller

The data controller for asftravelvignett.eu is ASF Vignett Austria, located at Getreidegasse 8, 5020 Salzburg, Austria. For privacy-related enquiries, contact us at [email protected] or by phone at +43 662 567 890.

2. Data We Collect

We collect the following categories of personal data:

Contact form submissions: Name, email address, and message content when you use the contact form on /contacts.html.
Technical data: IP address, browser type, operating system, and pages visited, collected automatically by our web server for security and performance monitoring.
localStorage data: We store a cookie consent preference (cookieConsent_asftravelvignett.eu) in your browser's localStorage. This contains only a boolean value (accepted/declined) and no personal data.

We do not collect payment information, government identification, or sensitive personal data. We do not use third-party analytics, advertising pixels, or tracking scripts.

3. Purpose of Processing

Data Category	Purpose
Contact form data	To respond to your enquiry and provide requested information
Technical/server data	Security monitoring, abuse prevention, and server performance
localStorage (consent)	To remember your cookie consent preference and avoid repeated prompts

4. Legal Basis

We process your data on the following legal bases under GDPR (EU Regulation 2016/679):

Consent (Art. 6(1)(a)): For cookie/localStorage preferences, where you have given explicit consent via the cookie banner.
Legitimate interests (Art. 6(1)(f)): For server/technical data processed for security and performance purposes.
Contract performance (Art. 6(1)(b)): For contact form data, to respond to your enquiry.

5. Data Storage & Retention

Contact form data is retained for 12 months after the last communication, then deleted. Server logs are retained for 90 days for security purposes. localStorage data remains in your browser until you clear it or withdraw consent. We do not transfer personal data outside the European Economic Area (EEA).

7. Cookies & localStorage

This website uses browser localStorage (not traditional cookies) to store one item: cookieConsent_asftravelvignett.eu. This stores your consent preference (a simple yes/no value) and contains no personal data. It is set only after you click "Accept" on the consent banner.

We do not use tracking cookies, advertising cookies, or third-party analytics cookies. You can clear this localStorage item at any time through your browser settings (Developer Tools > Application > Local Storage).

8. Your Rights

Under GDPR, you have the following rights regarding your personal data:

Right of access: Request a copy of the personal data we hold about you.
Right to rectification: Request correction of inaccurate data.
Right to erasure: Request deletion of your data ("right to be forgotten").
Right to restriction: Request that we restrict processing of your data.
Right to data portability: Receive your data in a structured, machine-readable format.
Right to object: Object to processing based on legitimate interests.
Right to withdraw consent: Withdraw consent at any time without affecting prior processing.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde, dsb.gv.at).

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. Our website is served over HTTPS. Contact form submissions are transmitted securely. We conduct periodic security reviews of our systems.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top of this page will be revised accordingly. We recommend reviewing this page periodically. Continued use of asftravelvignett.eu after changes constitutes acceptance of the updated policy.