Impact Steps - Privacy-Policy

Privacy Policy for Impact Steps

The controller responsible for data processing is:

conui GmbH
Austraße 96, 6800 Feldkirch
+43 650 3031114
hello@conui.org
https://conui.org/

We, conui GmbH, process your personal data that arises in connection with the use of our service "Impact Steps".

1. Categories of Data Processed

We process your personal data, which may fall under the following categories:

Name / Company name

Profession / Job title

Date of birth

Company register number

Contact person

Business address and other addresses

Contact details (phone number, email address, etc.)

Bank details, credit card data

Order data, usage data in relation to "Impact Steps"

VAT number

Customer service inquiries

2. Purposes and Legal Bases of Processing

a) Performance of a contract (Art. 6 para. 1 lit. b GDPR)

The data you provide is necessary to fulfil the contract for the use of "Impact Steps" and to carry out pre-contractual measures. Without this data, we cannot conclude or execute the contract with you or provide the associated services.

b) Based on your consent (Art. 6 para. 1 lit. a GDPR)

If you have given us your consent, we process your data for the following purposes:

Customer support as a user of "Impact Steps".

For our own marketing purposes, such as sending offers, promotional materials, and newsletters (in print or electronic form).

To reference an existing or former business relationship (reference notice).

Withdrawal of consent:
You may withdraw your consent at any time. After the withdrawal, we will no longer process your data for the above-mentioned purposes. The withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
To withdraw consent, please contact us using the contact details provided above.

3. Storage Period

We store your data only as long as necessary for the purposes for which it was collected. As a rule, we retain your data for the duration of the contractual relationship.
Additionally, we are subject to statutory retention obligations (e.g., under the Austrian Commercial Code (UGB) or the Federal Fiscal Code (BAO)), which require us to retain certain data even after the contract ends. After these periods expire, your data will be deleted.

4. Data Recipients / Processors

We use external processors (e.g., IT service providers, hosting providers, payment service providers) to support our data processing. These processors are contractually obligated to keep your data confidential and to process it only on our behalf.

Your data is only shared with third parties when necessary to fulfil the contract, when required by law, or when you have provided your consent.

5. Automated Decision-Making / Profiling

We do not use automated decision-making or profiling processes that produce legal effects concerning you or significantly affect you in a similar manner.

6. Your Rights

You generally have the right to access, rectification, deletion, restriction of processing, data portability, and objection.
To exercise your rights, please contact us using the details provided above.

If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been infringed, you may file a complaint with the supervisory authority. In Austria, this is the Data Protection Authority (www.dsb.gv.at).

7. Contact Details of the Data Protection Officer

A Data Protection Officer is not required by law for conui GmbH and therefore has not been appointed. For any data protection-related questions, you may contact us directly.