Introduction

We (“we”, “us”, “our”) take the protection of the data of users (“users” or “you”) of our website and/or mobile app (the “Website” and/or the “Mobile App”) very seriously and are committed to protecting the information users provide to us in connection with the use of our Website and/or Mobile App (collectively: “digital assets”). Furthermore, we are committed to protecting and using your data in accordance with applicable law.

This Privacy Policy explains our practices regarding the collection, use, and disclosure of your information through the use of our digital assets (the “Services”) when you access the Services through your devices.

Please read this Privacy Policy carefully and ensure that you fully understand our practices regarding your data before using our Services. If you have read and fully understood this Policy and do not agree with our practices, you must stop using our digital assets and Services. By using our Services, you acknowledge the terms of this Privacy Policy. Continued use of the Services constitutes your acceptance of this Privacy Policy and any amendments thereto.

​

Data Controller

​

Melanie Eltzner
Seitenstettengasse 5/37
1010 Vienna
Austria

beyondfluidart@gmail.com

​

We appreciate your interest in our website. Protecting your privacy is very important to us. Below we provide detailed information on how your data is handled.

1. Access Data and Hosting

You may visit our website without providing any personal information. Whenever a webpage is accessed, the web server automatically stores a so-called server log file containing, for example, the name of the requested file, your IP address, date and time of access, amount of data transferred, and the requesting provider (access data), and documents the access.

This access data is evaluated exclusively for the purpose of ensuring the smooth operation of the website and improving our services. This serves to safeguard our legitimate interests in the correct presentation of our offer pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

All access data is processed for as long as necessary for the purposes described above.

​

Hosting

The services for hosting and displaying the website are partly provided by our service providers within the framework of processing on our behalf.

Unless otherwise stated in this Privacy Policy, all access data and all data collected in forms provided on this website are processed on their servers. If you have questions regarding our service providers and the basis of our cooperation with them, please contact us using the contact details provided in this Privacy Policy.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: Israel, United Kingdom, USA.

The adequacy decision for the USA serves as the basis for third-country transfers, provided the respective service provider is certified. Certification exists.

Our service providers are also located and/or use servers in: Brazil, Mexico, India, Ukraine.

For these countries, no adequacy decision by the European Commission exists. Our cooperation with them is based on the Standard Contractual Clauses of the European Union.

​

2. Data Processing for Contact Requests and Customer Communication

 

Contact Requests

As part of contacting us, we collect personal data to process your inquiries in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR if you voluntarily provide such data to us when contacting us (e.g., via contact form, live chat tool, or email).

Mandatory fields are marked as such because we require this information to process your request. Which data is collected can be seen from the respective input forms.

After your request has been fully processed, your data will be deleted unless you have expressly consented to further use of your data pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR or unless we reserve the right to use the data beyond this where legally permitted and explained in this policy.

After complete processing of your customer inquiry, your data will be restricted for further processing and deleted after expiration of tax and commercial retention periods pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR, unless you have expressly consented to further use of your data or we reserve the right to use the data beyond this where legally permitted and explained in this policy.

​

3. Advertising by Email

​

3.1 Email Newsletter with Registration and Newsletter Tracking

If you subscribe to our newsletter, we use the data required for this purpose or separately provided by you to regularly send you our email newsletter on the basis of your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.

You may unsubscribe from the newsletter at any time either by sending a message to the contact option described below or via a link provided in the newsletter.

After unsubscribing, we will delete your email address from the recipient list unless you have expressly consented to further use of your data or we reserve the right to use the data beyond this where legally permitted and explained in this policy.

Please note that we analyze user behavior when sending newsletters. For this purpose, we analyze how you interact with our newsletter by measuring, storing, and evaluating open rates and click rates for the purpose of designing future newsletter campaigns (“newsletter tracking”).

For this analysis, the emails sent contain one-pixel technologies (e.g., web beacons, tracking pixels) stored on our website.

For evaluations, we link in particular the following “newsletter data”:

• the page from which the page was requested (referrer URL),

• the date and time of access,

• the description of the type of web browser used,

• the IP address of the requesting computer,

• the email address,

• the date and time of registration and confirmation,

• and the one-pixel technologies with your email address or IP address and, if applicable, an individual ID.

Links contained in the newsletter may also contain this ID.

If you do not wish newsletter tracking, you may unsubscribe from the newsletter at any time as described above.

The information will be stored for as long as you are subscribed to the newsletter.

​

3.2 Newsletter Delivery

The newsletter and the newsletter tracking described above may also be sent by our service providers as part of processing on our behalf.

If you have questions regarding our service providers and the basis of our cooperation with them, please contact us using the contact details provided in this Privacy Policy.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: USA.

The adequacy decision for the USA serves as the basis for third-country transfers, provided the respective service provider is certified. Certification exists.

​

4. Cookies and Other Technologies

​

4.1 General Information

To make visiting our website attractive and to enable the use of certain functions, we use technologies including so-called cookies on various pages. Cookies are small text files that are automatically stored on your device.

Some of the cookies we use are deleted after the browser session ends, i.e., after you close your browser (session cookies). Other cookies remain on your device and enable us to recognize your browser during your next visit (persistent cookies).

Protection of Privacy on End Devices

When using our online services, we use strictly necessary technologies to provide the telemedia service expressly requested by you. The storage of information on your device or access to information already stored on your device does not require consent in this respect.

For functions that are not strictly necessary, storing information on your device or accessing information already stored on your device requires your consent. Please note that if consent is not granted, parts of the website may not be fully usable.

Any consent you have given remains valid until you adjust or reset the relevant settings on your device.

​

Subsequent Data Processing Through Cookies and Other Technologies

We use technologies that are strictly necessary for the use of certain functions of our website (e.g., website preference settings). These technologies collect and process IP address, time of visit, device and browser information, and information about your use of our website (e.g., preferences). This serves our legitimate interests in an optimized presentation of our offer pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

Furthermore, we use technologies to fulfill legal obligations (e.g., to document consent to the processing of personal data) as well as for web analytics and online marketing.

Further information, including the legal basis for data processing, can be found in the following sections of this Privacy Policy.

 

Cookie Settings

You can find the cookie settings for your browser under the following links:

• Microsoft Edge™

• Safari™

• Chrome™

• Firefox™

• Opera™

If you have consented to the use of technologies pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, you may withdraw your consent at any time by contacting us using the contact details provided in this Privacy Policy. Alternatively, you may use the cookie settings button.

 

4.2 Use of the Wix Consent Manager Tool

We use the Wix Consent Manager Tool on our website to inform you about the cookies and other technologies we use on our website and to obtain, manage, and document any consent required for the processing of your personal data through these technologies.

This is necessary pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR to fulfill our legal obligation pursuant to Art. 7 para. 1 GDPR to document your consent to the processing of your personal data.

The Wix Consent Manager Tool is provided by Wix.com Ltd., 40 Nemal St., Tel Aviv 6350671, Israel (“Wix”).

After you submit your cookie preferences on our website, Wix’s web server stores your IP address, date and time of your declaration, browser information, language, the URL from which the declaration was sent, and information about your consent behavior.

In addition, a cookie is used containing information about your consent behavior.

Your data will be deleted after 365 days unless you have expressly consented to further use of your data or unless we reserve the right to use the data beyond this where legally permitted and explained in this policy.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: Israel, United Kingdom, USA.

The adequacy decision for the USA serves as the basis for third-country transfers, provided the respective service provider is certified. Certification exists.

Our service providers are also located and/or use servers in: Brazil, Mexico, India, Ukraine.

For these countries, no adequacy decision by the European Commission exists. Our cooperation with them is based on the Standard Contractual Clauses of the European Union.

Information on Third-Country Transfers

We use technologies from service providers on our website whose headquarters and/or server locations may be in third countries outside the EU or EEA.

If no adequacy decision exists for such a country, an adequate level of data protection must be ensured through other appropriate safeguards.

Appropriate safeguards may include Standard Contractual Clauses approved by the European Commission or Binding Corporate Rules, but these require prior assessment by the contracting parties as to whether an adequate level of protection can be ensured.

According to the case law of the European Court of Justice, additional protective measures may also be required.

We have generally agreed on the Standard Contractual Clauses issued by the European Commission with technology providers processing personal data in third countries. Where possible, we also agree on additional safeguards to ensure adequate data protection in third countries without an adequacy decision.

Nevertheless, despite all contractual and technical measures, it may occur that the level of data protection in the third country does not correspond to that of the EU.

In such cases, where necessary, we ask for your consent pursuant to Art. 49 para. 1 lit. a GDPR within the framework of cookie consent for the transfer of your personal data to a third country.

In particular, there is a risk that local authorities in the third country may gain access to your personal data without sufficient restrictions from a European data protection perspective and that neither we as data exporter nor you as the data subject may become aware of this and/or have sufficient legal remedies available.

Countries currently considered third countries without an adequacy decision by the European Commission include, for example:

• China

• Russia

• Taiwan

Information about which third countries data may be transferred to can be found in the privacy notices for the respective tools and/or consent management services we use.

 

5. Use of Cookies and Other Technologies for Web Analytics and Advertising Purposes

We use the following cookies and other technologies from third-party providers on our website. Unless otherwise stated for individual technologies, this is done on the basis of your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.

The data collected in this context will be deleted after the respective purpose ceases and after the end of the use of the respective technology.

You may revoke your consent at any time with effect for the future.

Further information regarding your revocation options can be found in the section “Cookies and Other Technologies.”

 

5.1 Use of Google Services

We use the technologies described below from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

The information automatically collected by Google technologies about your use of our website is generally transmitted to and stored on a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Further information about data processing by Google can be found in Google’s Privacy Policy.

 

Google Analytics

For website analytics purposes, Google Analytics automatically collects and stores data (IP address, time of visit, device and browser information, and information about your use of our website) from which pseudonymized user profiles are created.

Cookies may be used for this purpose.

If you access our website from the EU, your IP address will first be stored on a server located within the EU to derive location data and then immediately deleted before the traffic is forwarded to other Google servers for processing.

Data processing is carried out on the basis of a data processing agreement with Google.

 

Google reCAPTCHA

For the purpose of protecting our web forms against misuse and spam by automated software (bots), Google reCAPTCHA collects data (IP address, time of visit, browser information, and information about your use of our website) and performs an analysis of your use of our website using JavaScript and cookies.

No personal data from the input fields of the respective form is read or stored.

 

Visitor Analytics

We use the web analytics service Visitor Analytics GmbH, Stefan-George-Ring 19, 81929 Munich, Germany (“Visitor Analytics”) to analyze and regularly improve the use of our website.

For this purpose, we collect statistical data such as:

• device type and screen size/resolution,

• approximate location,

• browser,

• operating system,

• IP addresses,

• page visits,

• bounce rates,

• conversion rates,

• conversion funnels,

• average sessions per visitor,

• average pages per session,

• average session duration,

• time spent on the website,

• and preferred website content.

From this data, pseudonymized user profiles are created.

Use of Wix Statistics for Web Analytics

For website analytics purposes, technologies from Wix Ltd., 40 Nemal St., Tel Aviv 6350671, Israel (“Wix”) automatically collect and store data (IP address, time of visit, device and browser information, location information, and information about your use of our website) from which pseudonymized user profiles are created.

Cookies may be used for this purpose.

The pseudonymized user profiles are not merged with personal data of the holder of the pseudonym without separate explicit consent.

Wix acts on our behalf as a data processor.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: Israel, United Kingdom, USA.

The adequacy decision for the USA serves as the basis for third-country transfers, provided the respective service provider is certified. Certification exists.

Our service providers are also located and/or use servers in: Brazil, Mexico, India, Ukraine.

For these countries, no adequacy decision by the European Commission exists. Our cooperation with them is based on the Standard Contractual Clauses of the European Union.

Use of Visitor Analytics for Web Analytics

To achieve the above-mentioned purposes, we use so-called fingerprinting technology.

Technical characteristics of your device or browser are analyzed in order to enable reliable analytics.

The pseudonymized user profiles are not merged with personal data without separate explicit consent.

Visitor Analytics acts on our behalf within the framework of data processing.

 

Using the Visitor Recording Tool from Visitor Analytics, statistics can also be created showing where users scroll and click on the website.

This function helps us improve the usability of the website and resolve technical issues.

 

6. Social Media

 

6.1 Social Buttons from Instagram (by Meta)

Our website uses social buttons from social networks. These are integrated into the page only as HTML links, meaning that no connection to the servers of the respective provider is established when our website is accessed.

If you click one of the buttons, the website of the respective social network opens in a new browser window where you can click the Like or Share button, for example.

 

6.2 Our Online Presence on Instagram (by Meta) and LinkedIn

If you have given your consent to the respective social media operator pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, your data will automatically be collected and stored for market research and advertising purposes when visiting our online presences on the above-mentioned social media platforms.

Pseudonymized user profiles are created from this data. These may be used, for example, to place advertisements inside and outside the platforms that presumably correspond to your interests.

Cookies are generally used for this purpose.

Detailed information on the processing and use of data by the respective social media operator, as well as contact options and your related rights and privacy settings, can be found in the providers’ privacy policies linked below.

Instagram (by Meta)

Instagram (by Meta) is a service provided by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland (“Meta Platforms Ireland”).

The information automatically collected by Meta Platforms Ireland regarding your use of our Instagram presence is generally transmitted to and stored on a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.

Data processing in connection with visiting an Instagram fan page is based on an agreement between joint controllers pursuant to Art. 26 GDPR.

 

Further information regarding Insights data can be found here.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection:

• USA

• Canada

• Japan

• South Korea

• New Zealand

• United Kingdom

• Argentina

The adequacy decision for the USA serves as the basis for third-country transfers, provided the respective service provider is certified.

Our service providers are also located and/or use servers in:

• Australia

• Hong Kong

• India

• Indonesia

• Malaysia

• Singapore

• Thailand

• Taiwan

• Brazil

• Mexico

For these countries, no adequacy decision by the European Commission exists. Our cooperation with them is based on the Standard Contractual Clauses of the European Commission.

LinkedIn

LinkedIn is a service provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”).

The information automatically collected by LinkedIn regarding your use of our LinkedIn presence is generally transmitted to and stored on a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.

Our service providers are located and/or use servers in the USA.

The adequacy decision for the USA serves as the basis for third-country transfers, provided the respective service provider is certified.

 

7. Contact Options and Your Rights

 

7.1 Your Rights

As a data subject, you have the following rights:

• pursuant to Art. 15 GDPR, the right to request information about your personal data processed by us;

• pursuant to Art. 16 GDPR, the right to request immediate correction of inaccurate personal data or completion of your stored personal data;

• pursuant to Art. 17 GDPR, the right to request deletion of your personal data stored by us, unless further processing is required:

  • to exercise the right to freedom of expression and information;

  • for compliance with a legal obligation;

  • for reasons of public interest; or

  • for the establishment, exercise, or defense of legal claims;

• pursuant to Art. 18 GDPR, the right to request restriction of processing of your personal data where:

  • the accuracy of the data is contested by you;

  • the processing is unlawful but you oppose deletion;

  • we no longer need the data but you require it for legal claims; or

  • you have objected to processing pursuant to Art. 21 GDPR;

• pursuant to Art. 20 GDPR, the right to receive your personal data provided to us in a structured, commonly used, and machine-readable format or to request transmission to another controller;

• pursuant to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority.

As a rule, you may contact the supervisory authority of your habitual residence, workplace, or our company headquarters.

Right to Object

Where we process personal data as explained above to safeguard our legitimate interests which prevail within the framework of a balancing of interests, you may object to such processing with effect for the future.

If processing is carried out for direct marketing purposes, you may exercise this right at any time as described above.

If processing is carried out for other purposes, you only have a right to object if there are grounds relating to your particular situation.

After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms or if processing serves the establishment, exercise, or defense of legal claims.

This does not apply if processing is carried out for direct marketing purposes. In that case, we will no longer process your personal data for such purposes.

 

7.2 Contact Options

If you have questions regarding the collection, processing, or use of your personal data, or if you wish to request information, correction, restriction, or deletion of data, revoke granted consent, or object to a particular use of data, please contact us directly using the contact details provided in our legal notice (Imprint).