AQUA Pearls Logo

Privacy Policy

Our organ­i­sa­tion, AQUA PEARLS For You and Planet Blue Gemeinnützige Privat­s­tiftung (here­inafter referred to as AQUA PEARLS - contact details can be found below) thanks you for visiting our website and for your interest in our activ­i­ties.

The processing of personal data is always carried out in accor­dance with the General Data Protec­tion Regu­la­tion (GDPR) and in accor­dance with the country-specific data protec­tion regu­la­tions applic­able to AQUA PEARLS. By means of this data protec­tion decla­ra­tion, our organ­i­sa­tion would like to inform the public about the type, scope and purpose of the personal data we collect, use and process and to inform you about the rights to which you are enti­tled.

We have taken appro­priate tech­nical and organ­i­sa­tional measures to protect your data against loss, manip­u­la­tion or unau­tho­rised access. The measures taken are subject to regular review and are contin­u­ously adapted to the state of the art.

The data protec­tion decla­ra­tion applies only to AQUA PEARLS and the asso­ci­ated services, but not to data processing that is controlled and oper­ated by third parties.

1. General infor­ma­tion

The AQUA PEARLS data protec­tion notice is based on the termi­nology of the GDPR.

"Personal data" means any infor­ma­tion relating to an iden­ti­fied or iden­ti­fi­able natural person (here­inafter "data subject"). An iden­ti­fi­able natural person is one who can be iden­ti­fied, directly or indi­rectly, in partic­ular by refer­ence to an iden­ti­fier such as a name, an iden­ti­fi­ca­tion number, loca­tion data, an online iden­ti­fier or to one or more factors specific to the phys­ical, phys­i­o­log­ical, genetic, mental, economic, cultural or social iden­tity of that natural person. "Non-personal data" is anonymised and is infor­ma­tion that cannot be traced back to the data subject under any circum­stances. For this reason, non-personal data is not subject to data protec­tion law.

"Data subject" means any iden­ti­fied or iden­ti­fi­able natural person whose personal data is processed by the controller.

"Processing" means any oper­a­tion or set of oper­a­tions which is performed upon personal data, whether or not by auto­matic means, such as collec­tion, recording, organ­i­sa­tion, struc­turing, storage, adap­ta­tion or alter­ation, retrieval, consul­ta­tion, use, disclo­sure by trans­mis­sion, dissem­i­na­tion or other­wise making avail­able, align­ment or combi­na­tion, restric­tion, erasure or destruc­tion.

"Controller" or "controller respon­sible for the processing" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, deter­mines the purposes and means of the processing of personal data. Where the purposes and means of such processing are deter­mined by Union or Member State law, the controller or the specific criteria for its nomi­na­tion may be provided for by Union or Member State law.

"Third party" means a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are autho­rised to process the personal data.

"Consent" means any freely given, specific, informed and unam­biguous indi­ca­tion of the data subject's wishes by which he or she, by a state­ment or by a clear affir­ma­tive action, signi­fies agree­ment to the processing of personal data relating to him or her. Personal data will only be processed by us in accor­dance with the applic­able data protec­tion regu­la­tions. When you corre­spond with us, you acknowl­edge that the data you provide will be processed for the purposes described below.

2. Name and address of the controller and contact person

The controller within the meaning of the GDPR, other data protec­tion laws applic­able in the Member States of the Euro­pean Union and other provi­sions of a data protec­tion nature is

AQUA PEARLS For You and Planet Blue Gemeinnützige Privat­s­tiftung
 Walter-Simmer-Str. 4
A-5310 Mondsee

For enquiries relating to data protec­tion, please use the above postal address or contact us via email to info@aqua­pearls.org

3. Processing of personal data

Your personal data will be processed exclu­sively for the purposes stated in this privacy policy and to the extent neces­sary to achieve these purposes. This data will not be passed on without your consent, except in the cases described in this privacy policy and in the case of manda­tory national legis­la­tion.

3.1. Website­visit aqua­pearls.org / RoPA-1088

In the context of hosting and visiting our website aqua­pearls.org, we process tech­ni­cally neces­sary personal data of visi­tors.

Respon­sible company within the BWT Group: BWT Sports & Digital Services GmbH

The data is processed by: Microsoft Azure Website Hosting, Cloud­flare Website Protec­tion, Cook­iebot, Website Storage, Cyber­se­cu­rity and Cookie-Management

The processed data are: Browser agent and IP address

Legal basis for processing: Art. 6 para. 1 lit. b (contract/contract fulfil­ment), Art. 6 para. 1 lit. f (legit­i­mate interest) and Art. 49 para. 1 lit. b (contract/contract fulfil­ment)

Purpose of processing: Tech­ni­cally neces­sary processing of IP address and browser agent (Microsoft Azure Website Hosting, Cloud­flare Website Protec­tion), cookie manage­ment (Cook­iebot)

The data is trans­ferred to a processor in the USA that is certi­fied under the EU-U.S. Data Privacy Frame­work.

The details of data processing are described in the data processing agree­ment between BWT and the processor in accor­dance with Art. 28 GDPR.

3.2. Google Analytics 4 / RoPA-1089

If you have given your consent, Google Analytics 4, a web analytics service provided by Google LLC, is used on this website. The controller for users in the EU/EEA and Switzer­land is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Google Analytics uses cookies that enable us to analyse your use of our website. The infor­ma­tion collected by the cookies about your use of this website is usually trans­ferred to a Google server in the USA and stored there.

We use the User ID func­tion. With the help of the user ID, we can assign a unique, perma­nent ID to one or more sessions (and the activ­i­ties within these sessions) and analyse user behav­iour across devices

We use Google Signals. This allows Google Analytics to collect addi­tional infor­ma­tion about users who have acti­vated person­alised ads (inter­ests and demo­graphic data) and ads can be deliv­ered to these users in cross-device remar­keting campaigns.

In Google Analytics 4, the anonymi­sa­tion of IP addresses is acti­vated by default. Due to IP anonymi­sa­tion, your IP address will be trun­cated by Google within member states of the Euro­pean Union or in other signa­tory states to the Agree­ment on the Euro­pean Economic Area. Only in excep­tional cases will the full IP address be trans­mitted to a Google server in the USA and trun­cated there. According to Google, the IP address trans­mitted by your browser as part of Google Analytics will not be merged with other Google data. During your visit to the website, your user behav­iour is recorded in the form of "events". Events can be
  • Page views
  • First visit to the website
  • Start of the session
  • Visited web pages
  • Your "click path", inter­ac­tion with the website
  • Scrolls (when­ever a user scrolls to the bottom of the page (90%))
  • Clicks on external links
  • Internal search queries
  • Inter­ac­tion with videos
  • file down­loads
  • Ads viewed / clicked on
  • language setting

Also recorded:

  • Your approx­i­mate loca­tion (region)
  • Date and time of your visit
  • Your IP address (in trun­cated form)
  • Tech­nical infor­ma­tion about your browser and the end devices you use (e.g. language setting, screen reso­lu­tion) -
  • Your internet provider
  • the referrer URL (via which website/adver­tising medium you came to this website)

Responsible company within the BWT Group: BWT Sports & Digital Services GmbH

The data is processed by: Recipients of the data are/may be Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor pursuant to Art. 28 GDPR)

Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

The data processed are: Browser agent, IP address and cookies Legal basis of the processing: Art. 6 para. 1 lit. a (Consent)

Purpose of processing: On behalf of the operator of this website, Google will use this information to analyse your pseudonymous use of the website and to compile reports on website activity. The reports provided by Google Analytics are used to analyse the performance of our website.

The data is transmitted to a processor in the USA that is certified under the EU-U.S. Data Privacy Framework.

The storage of the data ends with the option to delete your data independently.

The details of data processing are described in the data processing agreement between BWT and the processor in accordance with Art. 28 GDPR.

3.3. Payment Service / RoPA-1098

We use the payment service provider Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, Netherlands (hereinafter referred to as "Mollie") to control payments. As part of the fulfilment of contracts, we use Mollie on the basis of Art. 6 para. 1 lit. b. GDPR. Otherwise, we use Mollie on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR in order to offer our users effective and secure payment options. The data you enter as part of payment processing is controlled directly by Mollie and is not transmitted to us. Further information on Mollie's data protection can be found in Mollie's privacy policy.

Responsible company within the BWT Group: BWT Sports & Digital Services GmbH

The data is controlled by: Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, The Netherlands, Mollie processes the data as controller, not as processor.

The processed data are: Payment data, Name and Address. Date of birth, E-Mail Address Legal basis for processing: Art. 6 para. 1 lit. a (Consent), Art. 6 para. 1 lit. b (Contract fulfilment) and Art. 6 para. 1 lit. f (legitimate interest)

Purpose of processing: realisation of donation payments

The storage of the data ends after your cancellation.

4. Storage duration

Unless otherwise stated, we store your personal data, if necessary, for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) and beyond, in accordance with the statutory retention and documentation obligations or for the defence of legal claims. The retention period therefore results from the statutory retention periods or limitation periods. According to the Austrian Commercial Code (UGB) and the Austrian Federal Fiscal Code (BAO), these are 7 7 years and according to the Equal Treatment Act (GIBG) six months. In certain cases, a longer retention period may also be required for the defence of legal claims or due to limitation periods.

5. Rights of data subjects

With regard to the data processing described in more detail below, users and data subjects have the right

  • to confirmation as to whether data concerning them is being processed, to information about the processed data, to further information about the data processing and to copies of the data (cf. also Art. 15 GDPR);
  • to rectification or completion of incorrect or incomplete data (see also Art. 16 GDPR);
  • the immediate erasure of the data concerning them (see also Art. 17 GDPR) or, alternatively, if further processing is required in accordance with Art. 17 para. 3 GDPR, the restriction of processing in accordance with Art. 18 GDPR;
  • to receive the data concerning them and provided by them and to transfer this data to other providers/controllers (cf. also Art. 20 GDPR)
  • to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection regulations (see also Art. 77 GDPR). In Austria, this is the data protection authority
  • In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or the restriction of processing that takes place on the basis of Art. 16, 17 para. 1, 18 GDPR. However, this obligation does not apply if this notification is impossible or involves a disproportionate effort. Notwithstanding this, the user has a right to information about these recipients.
  • Users and data subjects also have the right to object to the future processing of data concerning them in accordance with Art. 21 GDPR, provided that the data is processed by the provider in accordance with Art. 6 para. 1 lit. f) GDPR. In particular, you have the right to object to data processing for the purpose of direct marketing.
  • You can assert these rights at any time in writing directly to AQUA PEARLS, [email protected].
  • Please note that we can only provide information about personal data if you can provide appropriate proof of your identity.

 

08/07/2024