Privacy Policy

The controller for the processing of personal data within the meaning of the General Data Protection Regulation (GDPR) is: GO Pro Icon EMS GmbH Darwingasse 17/3/4 1020 Vienna Austria Email: info@pro-icon.com Website: https://pro-icon.com If additional or different data protection information is provided in individual processes, such specific information shall prevail for the respective procedure.

Protecting your personal data is important to us. We process personal data only in accordance with applicable data protection regulations, in particular the GDPR, the Austrian Data Protection Act (DSG), and other relevant provisions. Personal data is generally processed only to the extent necessary for providing a functional website, responding to inquiries, carrying out pre-contractual measures, contract execution, fulfilling legal obligations, safeguarding legitimate interests, or – where required – based on your consent.

Depending on the nature of your use of our website or business relationship, the following categories of personal data may be processed in particular: - Master data (e.g., name, company, contact person, address) - Contact details (e.g., email address, phone number) - Contract and order data (e.g., ordered products, scope of service, delivery address, invoice data) - Payment and billing data - Communication data (e.g., content of inquiries, correspondence, support cases) - Usage data and technical access data (e.g., IP address, browser type, device data, access time, referrer URL) - Log data and security-related data - Consent and preference data (e.g., cookie settings, marketing consents) - If applicable, data on warranty, service, and complaint cases.

We process personal data in particular for the following purposes and on the following legal bases: 4.1 Provision of the Website and IT Security For the technical provision of the website, ensuring stability, system security, prevention of misuse, error analysis, and attack detection, we process technical access data and server log data. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in a secure and functional operation of the website). 4.2 Handling of Contact Requests If you contact us via email, contact form, chat function, telephone, or in any other way, we process your information to handle your request, communicate with you, and carry out pre-contractual measures. Legal basis: Art. 6 (1) (b) GDPR (pre-contractual measures or performance of a contract) or Art. 6 (1) (f) GDPR (legitimate interest in the effective processing of general inquiries). 4.3 Contract Execution We process personal data for the initiation, execution, and completion of contracts, deliveries, warranty services, support, training, service, and maintenance services. Legal basis: Art. 6 (1) (b) GDPR. 4.4 Compliance with Legal Obligations We process data to the extent necessary to comply with commercial, tax, corporate, customs, or other legal obligations. Legal basis: Art. 6 (1) (c) GDPR. 4.5 Enforcement and Defense of Legal Claims Data may be processed to the extent necessary for the assertion, exercise, or defense of legal claims, fraud prevention, evidence preservation, or the prevention of misuse. Legal basis: Art. 6 (1) (f) GDPR. 4.6 Direct Marketing and Existing Customer Communication To the extent permitted by law, we may use contact details in connection with similar products or services for direct marketing. Further marketing measures are only carried out on the basis of your consent, where required. Legal basis: Art. 6 (1) (f) GDPR or Art. 6 (1) (a) GDPR. 4.7 Cookie and Tracking Technologies Non-essential cookies and similar technologies are only used if an effective consent has been given. Legal basis: Art. 6 (1) (a) GDPR; additionally, applicable regulations on the protection of terminal devices and consent requirements apply.

Each time you visit our website, technically necessary information is automatically recorded. This may include in particular IP address, date and time of access, URL accessed, browser used, operating system, language settings, referrer URL, and similar technical information. This data is necessary for the provision, stability, and security of the website. Server log files are generally not used to draw direct conclusions about your identity, unless this is necessary for the investigation of security incidents, misuse, or legal violations.

If you contact us, we process the data you provide only to the extent necessary to handle your request. Mandatory information in forms is usually marked as such. Without this information, the processing of your request may be restricted or impossible. Please do not transmit particularly sensitive information via unsecured communication channels unless absolutely necessary.

In the context of orders, offers, deliveries, invoices, warranty services, support processes, or other business processes, we process the personal data necessary for the execution of the respective process. This includes in particular: - Identification and contact data - Delivery and invoice addresses - Payment and accounting information - Product, serial, service, and warranty information - Communication and documentation data. This data is stored for the duration of the contractual relationship and thereafter to the extent permitted or required by law.

Personal data is generally transmitted only to recipients who need it for the respective purposes. These may include in particular: - IT and hosting service providers - Payment service providers and banks - Shipping, logistics, and delivery companies - Tax advisors, legal advisors, auditors - Software, cloud, CRM, or support service providers - Authorities, courts, or other public bodies, to the extent there is a legal obligation or it is necessary for legal enforcement. Where external service providers act as data processors, processing is carried out only on the basis of a corresponding contract pursuant to Art. 28 GDPR.

Personal data is transferred to third countries outside the European Economic Area (EEA) only if necessary for the performance of a contract, required by law, you have given explicit consent, or an adequate level of data protection is otherwise ensured, in particular by an adequacy decision or appropriate safeguards such as standard contractual clauses.

We store personal data only as long as necessary for the respective purposes or as long as statutory retention periods exist. The key criteria are: - the duration of the business relationship or contract execution, - statutory retention periods under corporate, tax, or customs law, - the duration of possible warranty, guarantee, limitation, or evidence periods, - as well as legitimate interests in documentation, IT security, and legal defense. After the respective purpose ceases or the relevant retention periods expire, data will be deleted or anonymized unless further lawful processing is required.

Data subjects have the following rights in particular under the conditions set out by law: - Right to obtain information about the personal data processed (Art. 15 GDPR) - Right to rectification of inaccurate data or completion of incomplete data (Art. 16 GDPR) - Right to erasure (Art. 17 GDPR) - Right to restriction of processing (Art. 18 GDPR) - Right to data portability (Art. 20 GDPR) - Right to object to data processing based on legitimate interests (Art. 21 GDPR) - Right to withdraw your consent at any time with effect for the future. If you wish to exercise your rights, you can contact us at any time using the contact details provided above.

If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with a data protection supervisory authority. In Austria, this is in particular the Austrian Data Protection Authority.

The provision of personal data may be required by law or contract or may be necessary for entering into a contract. Without certain data, we may not be able to process an inquiry, order, delivery, payment, warranty handling, or other business relationship, or may not be able to do so fully.

Automated decision-making including profiling within the meaning of Art. 22 GDPR does not take place unless expressly stated otherwise in this privacy policy.

We use appropriate technical and organizational security measures to protect personal data against loss, misuse, manipulation, unauthorized access, unauthorized disclosure, or other unlawful processing. These include in particular access restrictions, encryption, role concepts, data backups, and procedures to ensure system availability and integrity.

If content or functions of external providers are integrated on our website (e.g., map, video, chat, analytics, payment, or social media services), it may be that when using these functions, personal data is transmitted to the respective third-party provider or processed by them. The integration of such services takes place – to the extent required by law – only after appropriate consent or on another lawful basis. For further information, we refer to the data protection notices of the respective third-party provider.

Our website uses cookies and similar technologies. Details, including categories, purposes, storage duration, and setting options, can be found in our Cookie Policy. Non-essential technologies are only used after your active consent. You can adjust or revoke your selection at any time via the cookie settings.

We reserve the right to amend this privacy policy if necessary, in particular if legal, technical, or business circumstances change. The version published on the website is the binding version.