Data protection

The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the statutory provisions: the EU General Data Protection Regulation (GDPR) and the Telecommunications Act of 2003 (TKG). This privacy policy provides information about the most important aspects of data processing within the framework of our website.


If you contact us by form on the website or by email, the information you provide will be used to process your request and stored for six months in the event of any follow-up questions. This data will not be disclosed without your consent.


1. Legal basis

1.1. The EU General Data Protection Regulation (GDPR), the Data Protection Act of 2000 and the Data Protection Adjustment Act of 2018 were created to help protect your personal data. We therefore process your data exclusively on the basis of the legal regulations (GDPR, DSG 2018, TKG 2003).

2. General

2.1. The data controller responsible for the processing of your data is youspi Consulting GmbH, Wickenburggasse 32, 8010 Graz, Austria.

2.2. It is of particular concern to us that we protect and keep all personal data that you provide to us secure. Read this document to learn more about how we use and process your personal data.

3. Purpose, legal basis, storage period and data recipients

3.1. We need the personal data we collect in order for the fulfilment of our contractual obligations, billing, assertion of contractual claims, customer service and advertising purposes. The data is collected, stored, processed and used for this purpose.

3.2. The legal bases for the processing of your personal data are contractual fulfilment (for example, awarding of contracts, placing of orders), other legitimate interests, the fulfilment of our legal or contractual obligations, and/or your consent (e.g. on the contact form, for the newsletter, or for cookies). Failure to provide the data can have different consequences.

3.3. [If data is received from a third party], We also process data that we receive from [name, contact details or categories of recipients]. Generally, this involves basic personal data such as [e.g. your name, your professional position, your date of birth and your preferred contact details (email address, address, phone number, etc.)] These come from [sources from which the data originate and, if applicable, whether it comes from publicly accessible sources].

3.4. We will process your personal data [which data] as necessary for the duration of the entire business relationship (from initiation, processing to termination of a contract) as well as in accordance with the statutory retention and documentation obligations resulting from the Austrian Corporate Code (UGB), the Austrian Tax Code (BAO), and/or until the end of any legal disputes, ongoing warranty and guarantee periods, etc.

3.5. We have commissioned Ltd. to help operate our websites. In the course of its activities, it can gain access to your personal data as needed to perform its services. This service provide has agreed to adhere to the applicable data protection regulations. Third-party data processing contracts have been concluded in accordance with Art. 28 GDPR. Further information concerning the third-party data processors we have hired can be requested by writing

3.6. [If data is disclosed to third parties] The data [which specific data] will also be passed on to [name, contact details]. [if data is transmitted to a non-European third country] The relationship to [name, contact details] is based on [e.g. standard contractual clauses/an adequacy decision of the European Commission].


4. Contact form

4.1. Any details you provide on our contact form including any personal data will be transmitted to us via our own email server in order to process your enquiry and then stored on our servers. This data will not be collected or passed on without your consent. Without this data we cannot process your enquiries.

4.2. This data processing takes place on the basis of §96 para. 3 TKG as well as Art. 6 para. 1 lit. a GDPR (Consent).

5. Newsletter

5.1. You can register for our newsletter on the website using the double opt-in procedure. After registering, you will receive an email asking you to confirm your registration. Without the disclosure of this data, we cannot send our newsletter. You can unsubscribe from the newsletter by using the unsubscribe link at the end of each newsletter.

5.2. We hire third-party data processors to send our newsletter. These have agreed to comply with the applicable data protection regulations. A third-party data processing contract has been concluded with them in accordance with Art 28 GDPR. You can find more information about our third-party data processors by writing

5.3 This data processing takes place on the basis of §96 para. 3 TKG as well as Art. 6 para. 1 lit. a GDPR (Consent).

6. Cookies, other tracking tools and web analytics (when using analytics tools such as google Analytics, eTracking, etc)

6.1 Cookies, other tracking technologies and functions of the web analytics service [only WIX or others too, Google Analytics? can be used in a variety of ways on our website. Cookies are small pieces of text information that allow users to continue to be recognised and make an analysis of their use of our website possible. The information generated in this way is transmitted to the provider’s server and stored there. They serve to make our website as a whole more user-friendly, effective and secure. Cookies are also used to measure the frequency of page views and for general navigation.

6.2 By using our website, you consent to our use of cookies. You can refuse to accept cookies in your browser settings. For full details of how this works, please read the browser manufacturer’s instructions. If you opt out of certain technical and/or functional cookies, the functionality of our website may be restricted. Some cookies will remain on your device until you delete them.

6.3. We have entered into a corresponding contract with the provider for third-party data processing. It has agreed to comply with the applicable data protection regulations. You can find more information about our third-party data processors by writing

6.4 Your IP address will be collected but pseudonymised immediately (by deleting the last 8 bits). This means that only a rough localisation will be possible.

6.5 [For non-European providers] The relationship with the web analytics provider is based on [e.g. standard contractual clauses / an adequacy decision by the European Commission].

6.6 This data processing takes place on the basis of §96 para. 3 TKG as well as Art 6 GDPR (in particular consent). Because the privacy of our users is important, the user data is pseudonymized [pseudonymization must be clarified with the web analytics service].

7. TLS encryption

1.1. TLS encryption (formerly Secure Socket Layer) – HTTPS We use https to ensure that data is transmitted securely (protected from third-party/unauthorised access) on the internet . By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the internet, we can protect secure confidential data. You can recognize the use of this protection when by the small lock symbol in the left of the browser’s address field and the use of https at the start of our URL (web address).

8. Consent and right of revocation

8.1 If your consent is necessary for the processing of your data, we will process it first with your express consent.8.2 As a matter of principle, we do not process any data belonging to underage persons and are also not entitled to do so. By giving your consent, you confirm that you are at least 14 years of age or have obtained the consent of your parent or legal guardian.

8.3 You can revoke your consent at any time by writing: In such a case, any data we have on file about you will be anonymised and subsequently only for statistical purposes without personal reference. Withdrawing your consent does not affect the legality of any processing based on your previous consent up to that time.

9. Data security

9.1 youspi Consulting GmbH uses technical and organisational security measures to protect the personal data we have on file against accidental or deliberate manipulation, loss or destruction and against access by unauthorised persons. Our security measures are being continuously improved in accordance with technical progress.

10. Your rights

10.1 In principle, you have the right to information, correction, deletion, restriction, data portability, revocation and objection. If you believe that the processing of your data violates data protection laws or your data protection rights have otherwise been violated in a way, you can complain to the supervisory authority. In Austria, this is the Data Protection Authority.

10.2 You have the right to obtain information from the data controller (youspi Consulting GmbH, Wickenburggasse 32, 8010 at any time about the personal data it is processing or has on file about you. If there is no statutory retention requirement, you have the right to have this data deleted and to object to its processing. You also have the right to correct the data or to restrict its processing, the right to data portability, and the right to complain to the Austrian Data Protection Authority (Wickenburggasse 8-10, 1080 Vienna, email:

10.3 Please contact us at or write to us at: youspi Consulting GmbH, Wickenburggasse 32, 8010 Graz if you have any concerns about your rights.