Privacy Policy

Effective date: April 21, 2025

Hey! We're glad you're interested in how AI-Guide handles your data. This page gives you a transparent overview of what data we collect and process, why we do it, and how you can remain in control at all times. The protection of your personal data is very important to us.


1. Who is responsible?

The controller within the meaning of data protection laws, especially the EU General Data Protection Regulation (GDPR), is:

AI-Guide
Owner: Andreea Negru
Dürckheimstraße 13
4232 Hagenberg i.M.
Austria
Phone: +43 699 19 00 55 58
Email: office@ai-guide.at
VAT ID: ATU62746826

We have not appointed a data protection officer, as we employ fewer than 20 people in regular data processing and are not legally required to. However, for any privacy-related questions, you can contact us directly.


2. Basics: Purposes, Legal Bases, Data Minimization & Recipients

We only process your personal data (e.g., name, email, IP address) if there is a legal basis and only as long as necessary for each specific purpose (data minimization & purpose limitation, Art. 5 GDPR). Key purposes include:

  • Providing this website and its features

  • Responding to your inquiries (e.g., via contact form or email)

  • Processing contracts and providing services

  • Sending newsletters (if you subscribed)

  • Analyzing user behavior to improve our offerings (anonymized/pseudonymized)

  • Marketing activities (with consent or legitimate interest)

  • Ensuring the security of our IT systems

  • Fulfilling legal obligations (e.g., retention duties)

Legal bases under GDPR:

  • Consent (Art. 6(1)(a) GDPR): e.g., newsletters, cookies

  • Contract performance/pre-contractual measures (Art. 6(1)(b) GDPR)

  • Legal obligation (Art. 6(1)(c) GDPR): e.g., tax retention requirements

  • Legitimate interest (Art. 6(1)(f) GDPR): e.g., website operation, direct marketing

Recipients of your data:

  • Internal staff who need data to perform their tasks

  • Data processors (e.g., hosting providers, email services, analytics tools) under data processing agreements

  • Third parties (e.g., authorities, if legally required or for contract performance)


3. Your Data While Browsing (Server Logfiles)

When visiting our website, the web server automatically records technical data in server log files (e.g., browser type, operating system, referrer URL, subpages visited, date/time, IP address). IP addresses are considered personal data. No merging with other data occurs.

Legal basis: our legitimate interest (Art. 6(1)(f) GDPR). Logfiles are deleted after 7 days unless needed for incident investigation.


4. Contact Form & Email

If you contact us via the form or email, we store your inputs (name, email, message) to handle your request. You can stop communication at any time.

Legal basis: Art. 6(1)(b) or (f) GDPR, or your consent (Art. 6(1)(a)) if applicable.

Data will be deleted once your request is completed and no legal retention obligations exist.


5. Newsletter

We use a double opt-in process for newsletters. Legal basis: your consent (Art. 6(1)(a) GDPR). You can unsubscribe at any time using the link provided. After unsubscribing, your data will be deleted unless other obligations apply.


6. Google Analytics

We use Google Analytics (Google Ireland Limited / Google LLC, USA) with IP anonymization (“_anonymizeIp()”). Data is only collected with your consent via the cookie banner (Art. 6(1)(a) GDPR).

Data transfers to the U.S. are based on the EU–U.S. Data Privacy Framework or Standard Contractual Clauses.

For more information, see Google’s privacy policy. You can withdraw consent or opt out via browser add-on: Google Analytics Opt-Out.

Consent logging: Your consent is recorded and available upon request.


7. Facebook Pixel

We integrate the Facebook Pixel (Meta Platforms Ireland Ltd. / Meta Platforms Inc., USA) only with your consent via the cookie banner.

Data transfers to the U.S. are based on the EU–U.S. Data Privacy Framework or Standard Contractual Clauses. More info: Facebook Data Policy.


8. YouTube Videos

Videos are embedded using YouTube’s enhanced privacy mode. Data is only transferred when videos are actively played. Legal basis: Art. 6(1)(f) and (a) GDPR. Data transfers to the U.S. as with Google Analytics.


9. Google Maps

Google Maps (Google Ireland / Google LLC) only loads after you give consent via the cookie banner. Data transfers to the U.S. follow the same rules as for Google Analytics. More info: Google Maps Terms of Use.


10. Social Media Plugins & Embedded Content

Embedded content (e.g., Instagram, LinkedIn) is only loaded after your consent (Art. 6(1)(a) GDPR). A direct connection to provider servers may transfer personal data.


11. Google Fonts (Local)

Google Fonts are hosted locally. No connection to Google servers is made.


12. Cookies & Cookie Banner

Our website uses cookies:

  • Technically necessary: Session cookies until session ends. Legal basis: Art. 6(1)(f) or § 165(3) TKG 2021

  • Statistics & marketing: Statistics cookies for 30 days, marketing cookies for 90 days – only with your consent (Art. 6(1)(a) GDPR)

Details on all cookies can be found in the cookie banner. You can change or withdraw your preferences at any time.



13. Data Retention

  • Contact inquiries: Deleted after completion unless retention laws apply

  • Newsletter data: Deleted after unsubscribe

  • Logfiles: Deleted after 7 days

  • Contract data: Stored for 7 years under § 132 BAO and § 212 UGB

  • Analytics/marketing: Stored until withdrawal or automated deletion/anonymization


14. Data Security (TOMs)

We implement technical and organizational measures (TOMs), such as SSL/TLS encryption (https://), access controls, pseudonymization, regular backups, and employee training to protect your data.


15. Data Subject Rights & Automated Decisions

You have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to withdraw consent (Art. 7(3) GDPR)

We do not use automated decision-making or profiling (Art. 22 GDPR).

To exercise your rights, email us or use the contact info in Section 1. See Section 17 for your right to lodge a complaint.


16. Data Protection Contact

For questions or to exercise your rights:
Email: office@ai-guide.at
See Section 1.


17. Complaint to Supervisory Authority

If you believe your data is being processed unlawfully, you may contact the competent data protection authority:

Austrian Data Protection Authority
Barichgasse 40–42, 1030 Vienna
Phone: +43 1 52 152‑0
Email: dsb@dsb.gv.at
Website: www.dsb.gv.at

We’d appreciate it if you contact us first. 😊


18. Changes to This Privacy Policy

We reserve the right to update this policy to reflect changes in legal requirements. Please review it periodically.


19. Records of Processing Activities

In accordance with Art. 30 GDPR, we maintain an internal record of all processing activities.


20. Data from Minors

Individuals under 16 may only provide personal data with the consent of their legal guardians.

Success message!
Warning message!
Error message!