Data Protection

PRIVACY POLICY 1) Controller Arche Goah e.U. Kühlhausgasse 50, 3511 Furth bei Göttweig Email: info@arche-goah.com 2) Data processed when you visit the website (server logs) When you access our website, our web server processes technically necessary access data (server log files), in particular: - IP address (or shortened/anonymised – depending on server configuration) - date and time of access - requested page/file (URL) and amount of data transferred - status codes/error messages - user agent (browser/device information) - referrer (previous page, if transmitted) Purpose: operating the website, technical security (e.g., attack prevention), troubleshooting and stability. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in security and operating a functional website). Retention: server logs are stored only as long as necessary for the purposes above and are then deleted or anonymised (typically 7-30 days). 3) Hosting / processor The website is hosted in Austria (server location: Austria). Our hosting provider processes server and content data on our behalf (processor under Art. 28 GDPR). 4) Contact (contact form / email) If you contact us via the contact form, we process the data you provide (name, email address, message) as well as metadata (time of request) in order to handle and respond to your enquiry. Purpose: communication, project initiation and project delivery. Legal basis: Art. 6(1)(b) GDPR (steps prior to entering into a contract / performance of a contract) and – depending on the content – Art. 6(1)(f) GDPR (legitimate interest in efficient communication). Retention: we store enquiries only as long as required to handle them. If an enquiry results in a business relationship, further storage may take place in accordance with statutory retention obligations. No marketing: we do not use enquiry contact data for newsletters or unsolicited marketing emails. 5) Cookies and tracking We do not use tracking or marketing cookies and we do not use web analytics tools (e.g., Google Analytics). If cookies are used at all, they are strictly limited to what is technically necessary to operate and secure the website (e.g., protection mechanisms for forms). 6) Embedded content / third parties We do not embed content that automatically transmits data to third parties (e.g., YouTube embeds, external tracking scripts). Note: if you click external links, the privacy information of the respective providers applies. 7) Your rights Subject to the legal requirements, you have the right of access, rectification, erasure, restriction, data portability, and the right to object. Please contact: info@arche-goah.com 8) Right to lodge a complaint If you believe that the processing of your data violates data protection law, you have the right to lodge a complaint with a supervisory authority. Competent authority in Austria: Austrian Data Protection Authority (DSB) Barichgasse 40–42, 1030 Vienna, Austria Email: dsb@dsb.gv.at Web: https://www.dsb.gv.at 9) Data security We apply technical and organisational measures to protect your data. Data transmission is encrypted (TLS/SSL) where supported by your browser. 10) Updates We may update this privacy policy if the website changes or legal requirements evolve.