Select your language

Data Protection Declaration


NIGHTFALL GMBH  places great importance on protecting your personal data. Since data protection at NIGHTFALL GMBH  is thus also a high priority, your personal data is handled in accordance with the valid data protection regulations (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR), Data Protection Act 2018 (DPA 2018), Austrian Telecommunications Act 2003 (TKG 2003)).

In the following, we will inform you about the processing operations related to your personal data within the framework of our online content and our website.


Contact Details of the Individual Responsible

The data protection officer for the websites
 
www.nightfall.at

Nightfall GmbH
Riederstraße 35 / Halle 1 / Tor 4
A-4931 Mettmach

Company register number:  FN 509438 z

Should you have any questions regarding how NIGHTFALL GMBH processes your data, please do not hesitate to contact us as follows:

By post to the address listed above, for the attention of the data protection officer
by tel.:+43/ 660 7400671
by email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Using the contact details listed above, you can contact our data protection officer who will be happy to help you with any questions relating to data protection and rights of the affected. 

 

Data Processing – General Information

We process your personal data in a responsible manner and in accordance with the relevant data protection regulations.

Personal data is only collected if you provide it, for example, over the course of an online order, an inquiry form, or a registration.

Personal data is only passed on to third parties in accordance with legal regulations. We will only pass on users’ personal data to third parties if this takes place, for example, on the basis of your consent in accordance with Art. 6 Sec. 1 Clause a GDPR, if it is necessary for contractual purposes on the basis of Art. 6 Sec. 1 Clause b GDPR, if it is necessary on the basis of legal obligations in accordance with Art. 6 Sec. 1 Clause c GDPR, or if it takes place on the basis of legitimate interests in accordance with Art. 6 Sec. 1 Clause f GDPR (economic and effective business operation).

Processing Personal Data during a Visit to our Website

You can always visit our websites without providing personal information. When you access our website, the following information is collected and temporarily stored in a web server logfile:

  • The IP address of the requesting web-enabled device
  • The time and date of access
  • The quantity of transferred data in bytes
  • The name and the URL of the file retrieved
  • The website/application from which our website was accessed (referrer URL)
  • Your browser and potentially the operating system of your web-enabled device

We have no influence on automated data storage. The data collected will not allow for any direct conclusions about your identity, and we will not draw any conclusions.

We use the data mentioned above for the following purposes:

  • Establishing a smooth connection
  • Ensuring the website is convenient to use
  • Assessing the system security and stability
  • Statistical assessment of the data to optimize our online presence and the associated technology

The data mentioned above is stored for 120 weeks and backed up for another six months.

According to Art. 6 Sec. 1 Clause f GDPR, the legal basis for processing the listed data is our legitimate interest which results from the purposes listed above.

Contacting Us

When you contact us (via the contact form or email), the personal data you provide to process and handle the contact inquiry or to initiate and fulfill a contract is processed to carry out pre-contractual measures according to the legal basis of Art. 6 Sec. 1 Clause b GDPR.

When you contact us using the contact forms on the website, we process the following personal data:

  • Company
  • Form of address
  • Title (optional), First name, Surname
  • Email address
  • Address
  • Telephone number, fax
  • Website
  • Your individual message

Your details are stored in our customer relationship management system (CRM system) or a similar inquiry set-up.

The data is processed for the duration of the business relationship initiation. Should the business relationship end, the data shall be stored even after the end of the business relationship in accordance with the applicable legal provisions and retention requirements.


Data Security

If we receive your personal data, for example over the course of an order, it will be encrypted using the SSL process (secure socket layer). The SSL process distorts your data before it is sent to the NIGHTFALL GMBH  server so that a third party is unable to reconstruct it. This encryption process also ensures that your data is only sent to the server from which it was requested. You can find additional information under SSL Encryption.

For that matter, we will provide you with appropriate technical and organizational security measures to protect the personal data we store and to secure against loss, destruction, access, modification, and distribution by unauthorized persons, taking into account the state of the art, the implementation costs, as well as the nature, scope, circumstances and purposes of the processing and the likelihood and severity of the risk to the rights and freedoms of individuals. Our security measures are continuously improved according to technological advancements.

Cookies

We use cookies on this website which facilitate internet usage and communication. Cookies are small text files that our website sends to your browsers and are saved on your device.

Our website uses two types of cookies. One reason for our use of cookies is to make the use of our services more comfortable for you. We therefore use session cookies to detect whether you have already visited individual pages on our website. These remain in your browser’s cookie file until you leave our website and are automatically deleted at the end of your visit. The second type we use are long-term cookies which are stored for a specified time period to improve user friendliness and enable our website to recognize your browsers next time you visit. Should you visit our website again to make use of our services, it will automatically detect that you have visited the website before and it will recall the entries and settings you configured, so you won’t have to enter these again. The storage period for the cookies depends on your purpose of use and is not the same for all users.

You can configure your browser to inform you about cookie usage so you can make individual decisions about accepting cookies, or prevent the acceptance of cookies in specified cases or in general. However, disabling cookies may lead to a limitation of our website’s functionality.

We will inform you about the usage or setting of cookies using a cookie banner. You can accept all cookies or only selected cookies under "Cookie settings". If you wish to change your cookie settings at a later date, you can do so under "Cookie settings" in the footer of the website.

The legal basis for the setting of cookies is our legitimate interest in offering online services and optimizing our website in accordance with Art. 6 Sec. 1 Clause f GDPR, as well as, where appropriate, your consent in accordance with Art. 6 Sec. 1 Clause a GDPR.

Website Optimization

Web Analyses – Google Analytics

This website uses Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, (“Google”), for the purpose of analyzing users’ website usage. Google is certified under the European Commission’s adequacy resolution (“Privacy Shield Agreement”), thus providing a guarantee to comply with European data protection law.

Google Analytics uses “cookies”, which are text files stored in your device and which enable an analysis of your website usage. The information gathered via the cookie about your usage of this website is generally transferred to a Google server in the USA and stored there. Activating IP anonymization on our website results in your IP address being shortened by Google within Member States of the European Union or in other states party to the Agreement on the European Economic Area before processing continues. Your IP address is only sent to a Google server in the USA and shortened there in exceptional cases. Google will use this information on our behalf to analyze your use of the website, to create reports about website activities, and to provide additional services related to website activity and internet usage to the website operator. The IP address communicated by your browser over the course of Google Analytics is not combined with other Google data.

You can prevent the storage of cookiesby means of a corresponding setting in our cookie banner, or by configuring your browser software accordingly. However, please note that as a result, you may be unable to make full use of all the functions on this website. In addition, you can prevent Google’s collection and processing of data generated by the cookie related to your website usage (including your IP address) by downloading the browser add-on under the following Google deactivation link (http://tools.google.com/dlpage/gaoptout?hl?=de). You can find additional information about the security and general principles of data protection related to Google Analytics on the following website: https://support.google.com/analytics/answer/6004245?hl=de.

The data is stored for 50 months.

The legal basis for our use of Google Analytics is our legitimate interest according to Art. 6 Sec. 1 Clause f GDPR. The analysis of website usage and the statistical evaluation is carried out to improve website content and make it more user friendly.

Google Retargeting

This website uses the Retargeting technology from Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, (“Google”). Google is certified under the European Commission’s adequacy resolution (“Privacy Shield Agreement”), thus providing a guarantee to comply with European data protection law.

This technology enables us to reach out in a targeted manner to internet users who have expressed an interest in our website and our products and present them with a personalized, interest-based advertisement. The overlay of interest-based advertising material is based on cookie technology and an analysis of previous usage. Google uses cookies – small files stored on your device – for this purpose. Cookies store information which enables us to individually adapt the advertisement displayed to your stored data. If you would not like to receive any interest-based advertisements, you can deactivate Google’s storage of cookies on the following page: http://www.google.com/settings/ads/. Alternatively, you can deactivate the use of cookies by third parties by accessing the following deactivation page of the network advertising initiative: http://www.networkadvertising.org/choices/. You can find additional information about Google data protection regulations on the following website: http://www.google.de/policies/privacy/.

Google AdWords and Conversion Tracking

This website uses the online advertising program Google AdWords as well as Google Conversion Tracking, an analysis service provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, (“Google”). Google is certified under the European Commission’s adequacy resolution (Privacy Shield Agreement), thus providing a guarantee to comply with European data protection law.

To this end, Google uses cookies which are stored on your device if you accessed our website via a Google advertisement. These cookies are only valid for a limited time and are not used for personal identification. If you visit specific pages on our website, we and Google – provided the cookie has not yet expired – can detect that you accessed our website via a Google advertisement. Each Google AdWords customer receives a different cookie. Cookies therefore cannot be tracked via the AdWords customer websites. Conversion statistics are created using the data gathered via conversion cookies. This allows us to gather information about the total number of users who accessed a site with a conversion tracking tag via an advertisement. However, we do not receive any personal information through which individual users could be identified. If you would like to prevent the tracking process, you can disable the storage of the required cookies by configuring your browser software accordingly. You can also deactivate cookies for Google Conversion Tracking by configuring your browser so that cookies from the domain “www.googleadservices.com” are blocked. You can find additional information about Google data protection regulations on the following website: http://www.google.de/policies/privacy/.

Integration of Third-Party Services and Content

Facebook

On the basis of our legitimate interests according to Art. 6 Sec. 1 Clause f GDPR (interest in the analysis, optimization, and economical operation of our online content), we use social plugins (“plugins”) for the social network facebook.com operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, (“Facebook”). The plugins include interaction elements and content (e.g., videos, graphics, or text posts) and can be recognized by one of the Facebook logos (white “f” on a blue tile, the term “Like” or a “thumbs up” symbol), or are marked with the phrase “Facebook Social Plugin”. The list and appearance of the Facebook Social Plugins can be seen here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement, thus providing a guarantee to comply with European data protection law.

If a user activates a function of this online content which contains such a plugin, their device will establish a direct connection with the Facebook servers. The content of the plugin is directly transmitted from Facebook to the user’s device and integrated in the online content. During this process, user profiles can be created for the users using the processed data. We therefore have no influence on the scope of the data collected by Facebook using this plugin and thus inform users according to our knowledge base.

By integrating these plugins, Facebook receives the information that a user has accessed the respective site of the online content. If the user is logged onto Facebook, then Facebook can allocate the visit to their Facebook account. If users interact with the plugins, for example, to click the Like button or to leave a comment, the corresponding information is directly transmitted from their device to Facebook and stored there. Even if a user is not a member of Facebook, Facebook may still learn and save their IP address. According to Facebook, only an anonymized IP address is saved in Germany.

Information regarding the purpose and scope of the data collection as well as further processing and usage of the data by Facebook, as well as the related rights and configuration options to protect the user’s privacy can be found in Facebook’s data protection notice: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not wish for Facebook to collect data about them through this online content and link it to their member data stored by Facebook, then they must log out of Facebook before using our online content and delete their cookies. Further settings and objections regarding the use of data for advertising purposes can be made via the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the American site http://www.aboutads.info/choices/ or via the EU sitehttp://www.youronlinechoices.com/. These settings are independent of the platform, i.e., they are adopted for all devices such as desktop computers and mobile devices.

 

Facebook pixel – extended data synchronization

Within our online environment, the "Facebook pixel" from the social network Facebook is used in extended data synchronization mode, which is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Facebook").

On the basis of his or her express consent, when a user clicks on an advertisement placed by us and displayed on Facebook, a suffix is added to the URL of our linked page by the Facebook pixel. Then, after the user is redirected, this URL parameter is written into the user's browser by a cookie that is set by our linked page itself. In addition, this cookie records specific customer data, such as the email address that we collect on our website linked to the Facebook advertisement during transactions such as purchases, account login, or registrations (extended data synchronization). The cookie is then read by the Facebook pixel and enables the data, including the specific customer data, to be forwarded to Facebook.

With the help of the Facebook pixel with extended data synchronization, Facebook is able to precisely determine the visitors to our online environment as a target group for the presentation of ads (so-called "Facebook ads"). Accordingly, we use the Facebook pixel with extended data synchronization in order to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offering or who exhibit certain characteristics (for example, interests in certain topics or products determined on the basis of the websites visited), which we send to Facebook (referred to as "custom audiences"). With the help of the Facebook pixel with extended data synchronization, we also wish to ensure that our Facebook ads match the potential interest of users and are not annoying. This allows us to further evaluate the effectiveness of Facebook advertisements for statistical and market research purposes, by tracking whether users were redirected to our website after clicking on a Facebook ad (what is known as "conversion"). Compared to the standard version of the Facebook pixel, the advanced data synchronization feature helps us to better measure the effectiveness of our advertising campaigns by capturing more assigned conversions.

All transmitted data is stored and processed by Facebook such that a link to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with Facebook's data policy (https://www.facebook.com/about/privacy/). The data may enable Facebook and its partners to serve advertisements both on Facebook and outside it.

These processing operations are carried out only if express consent is granted in accordance with Art. 6 Sec. 1 Clause a GDPR.

The information generated by Facebook is usually transferred to a Facebook server and stored there; it may also be transferred to the servers of Facebook Inc. in the USA. Facebook Inc., with registered offices in the USA, is certified in line with the US-European "Privacy Shield" data protection agreement, which guarantees compliance with the data protection level applicable in the EU.

Google Maps

Our website uses Google Maps to display maps and create route plans. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, (“Google”). Google is certified under the European Commission’s adequacy resolution (Privacy Shield Agreement), thus providing a guarantee to comply with European data protection law.

By using this website, the user consents to the gathering, processing, and usage of automatically collected data as well as the data provided by the user (including the IP address) by Google, one of their representatives, or a third party.

You can find the terms of use for Google Maps via the following link: https://www.google.de/intl/de/policies/terms/regional.html. Detailed information regarding transparency and options as well as the privacy policy can be found on the google.de data protection center: https://www.google.de/intl/de/policies/privacy/?fg=1.

Google Tag Manager

On the basis of our legitimate interests according to Art. 6 Sec. 1 Clause f GDPR (interest in the analysis, optimization, and economical operation of our online content), our website uses the Google Tag Manager. Website tags can be managed on one interface using this service. The Google Tag Manager only implements tags. It does not set cookies or gather personal information. The Google Tag Manager activates other tags which may gather data. The Google Tag Manager does not access this data. If a deactivation has been configured at the domain or cookie level, then this remains in place for all tracking tags insofar as these are implemented with the Google Tag Manager. You can find more information about the Google Tag Manager via the following link: http://www.google.de/tagmanager/use-policy.html

The user has the option to prevent the Google Tag Manager from sending any tags. To do this, the user must set up the deactivation browser add-on within their browser: https://tools.google.com/dlpage/gaoptout?hl=de

YouTube

On the basis of our legitimate interests according to Art. 6 Sec. 1 Clause f GDPR (interest in the analysis, optimization, and economical operation of our online content), functions of the YouTube service are integrated in our website to display and replay videos. These functions are provided by YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA. You can find additional information in the YouTube data protection guidelines.

The extended data protection mode is used here, which only initiates storage of user information once the video(s) is/are played according to the supplier’s statement. Should the replay of integrated YouTube videos be started, YouTube will use cookies to gather information about user behavior. According to YouTube, these are used for purposes including recording video statistics, improving user friendliness, and preventing improper usage. Independently of whether the integrated videos are replayed, a connection to the Google network “DoubleClick” is established every time you access our website which could lead to further data processing operations without our influence.

You can find additional information about YouTube’s use of cookies within the YouTube privacy policy at: https://www.google.de/intl/de/policies/privacy/

Your Rights

We will naturally be happy to inform you about the processing of your personal data. According to the data protection regulations, you have the following rights and remedies as an affected person:

  • The right to informationabout your personal data which we have stored according to Art. 15 GDPR. To provide this information, we may require you to verify your identity in a suitable manner.
  • Right to the correctionof incorrect personal data or the completion of incomplete personal data according to Art. 16 GDPR.
  • Right to the deletionof your personal data according to Art. 17 GDPR insofar as the reasons outlined in Art. 17 Sec. 1 Clause a to f GDPR (e.g. cessation of the reason for processing) exist and the processing of your personal data is not required according to Art. 17 Sec. 3 GDPR.
  • Right to the limitationof the processing of your personal data according to Art. 18 GDPR.
  • Right to data portabilityaccording to Art. 20 GDPR.
  • Right to the objection against the processing of your personal data according to Art. 21 GDPR.
  • Right to the revocation of the consent declarations grantedaccording to Art. 7 GDPR.
  • Right to appeal: You have the right to appeal to a regulatory authority. You can generally contact the regulatory authority of your usual place of residence or work, or our company headquarters. In Austria, this is:

Austrian data protection authority

Barichgasse 40-42

1030 Vienna

Tel: +43 1 52 152-0

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

  

In order to assert your rights against NIGHTFALL GMBH , or in the event of any questions, please contact us:


by letter to the above address, for the attention of the data protection officer. 

by tel.: +43/ 660 7400671

by email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Should you take action to enforce your GDPR-related rights as listed above, NIGHTFALL GMBH  must respond to the application (or, if the legal requirements are met, comply with the application) no later than one month after receipt of your application for the requested measure.

Scope of application / links

This data protection declaration applies exclusively to NIGHTFALL GMBH  websites. We have no influence on the layout or content of websites connected to our website via links and we are unable to control how the operators of the linked websites handle your information. As a result, our data protection declaration and our area of responsibility does not include their websites.