1. General
    1. It is of utmost importance for Pocketcoach GmbH, Kandlgasse 19-2, 1070 Vienna, [email protected] ("Pocketcoach", "we", "us") to protect your personal data. We therefore comply with the applicable data protection provisions, in particular the General Data Protection Regulation ("GDPR"), the Austrian Data Protection Act ("DSG") and the Telecommunications Act ("TKG") concerning the protection, lawful processing and confidentiality of personal data as well as data security.
    2. This Privacy Policy explains to you the nature, extent and purposes of the processing of your personal data within the scope of our Online Services in our Websites ("Website"). In the following you will especially be informed which personal data we potentially collect, process and use when you use our Websites www.pocketcoach.co www.iamfeelinganxious.com www.coronacoa.ch
  2. Which of your data do we collect, for which purposes and on which legal basis do we process it?
    1. Contacting us

      When contact with us via e-mail or through other electronic channels (such as social media platforms), we process the data you voluntarily provided us with (name, e-mail address, nature of the enquiry respectively the subject of your message and the content of your message).

      We process the data provided within the course of contacting us solely for processing your enquiry, to get in contact with you if desired and to provide you with the requested information. This data processing is therefore necessary for the fulfilment of our (pre)contractual obligations.

    2. Access data and log files

      We collect and process the following data when you visit our Website and the connected services, that means accessing the respective server which contains the specifically requested service (so called server log files): name of the accessed site, date and time of access, transmitted quantity of data, server status codes, username, processing time, browser and client type alongside the version, your operating system, referrer URL (the previously visited site), IP-address and the requesting provider, reverse DNS, location data, connection data, source and target (network discovery or address, port numbers, protocol, e-mail address, e-mail subject, connecting server, protocol details, reputation data, reverse DNS, obvious labelling, connected servers), authentication details and e-mail meta information.

      This data is generated automatically through our servers when you visit our Website and is necessary so that we can provide you with the desired services. We therefore process server log files solely to be able to operate our Website and the connected services, to identify you as a user authorized to access, to distribute web server requests in our server pool as well as for security reasons (e.g. for clarification of abusive and fraudulent activities). Thus, this data processing activity is necessary to ensure our legitimate interests in operating a user friendly and secure Website.

    3. Usage data / Tracking

      Based on your consent declaration, we collect and process the following data about your use and interaction with our Website: IP-address of your device, the used internet browser, the browser language, your operating system, the requested files from our Website, your settings regarding Java, screen resolution, colour depth, your click behaviour on the Website (time of access, clicks) as well as the internet site from which you visit us (referrer URL).

      This data is collected through Cookies (see point 3 below). We use this usage data for (i) web analysis, (ii) improvements of our services and our Website, (iii) increasing usability. This data processing takes place on the basis of your consent to the use of Cookies on our Website. You can withdraw this consent at any time with effect for the future and free of charge.

    4. Newsletter

      On the basis of your consent declaration, we process the personal data that you provided us with voluntarily in the course of the registration for the newsletter on our Website (your e-mail address and potentially your name) (i) for sending you e-mail newsletters about our current projects, marketing and product information as well as (ii) for tracking your reading habits of our newsletter.

      Performance measurement: Our newsletters contain a mechanism for the tracking of your reading habits. With that we can determine whether our newsletter is opened, when it is opened and what links are clicked. These statistical evaluations are serving solely the detection of the reading habits of our newsletter recipients and to adjust our contents to them.

      You can withdraw your consent to the receipt of our newsletter at any time (e.g. via e-mail to [email protected] or through the unsubscribe link in our e-mail newsletters) with effect for the future and free of charge.

    5. Registration and User Account

      When you are registered on our Website and have a user account for the use of our Online Services, we process the following personal data: name, e-mail address, billing data, IP address as well as your access data.

      We process the data of your user account solely for operating your account, the provision of our Services as well as for the billing of our services. This data processing is therefore necessary for the fulfilment of our (pre)contractual obligations.

      To be able to use our services, we ask you about your current state of health. We process this health data only with your prior consent in accordance with Art 6 para 1 lit a in conjunction with Art 9 Para 2 lit a GDPR. You can revoke this consent at any time without giving any reason. However, without this consent, the use of our Services is not possible.

  3. Cookies
    1. Cookies are files that are transmitted from our web server to your web browser and are stored on your device for later retrieval. Through such cookies, our Website can store important data to provide you with our services and to make the use of our Website more comfortable for you.
    2. Most of the cookies that are used by us are so called "session cookies" that are stored on your device for the time of your current visit of our Website, only. This temporary cookies make a conformable use of our Website possible for you (e.g. through adaptation of user settings for the sorting of references and choice of language according to your needs). Session cookies are just valid for the duration of your specific visit of our Website and are subsequently erased automatically. Moreover, we also use "persistent cookies" that stay on your device and are not erased automatically when you close your browser. You can, of course, erase these cookies yourself at any time. With persistent cookies we especially pursue the purpose to improve your user experience by customising the Website to your personal needs and thus to optimise the loading time accordingly.
    3. We use the following types of cookies on our Website:
      • "Necessary Cookies" and "Functionality Cookies" are necessary to be able to provide you with our Website and the connected services, to operate our Website and serve for the proper functionality and security of our Website. These cookies are therefore necessary to pursue our legitimate interests in the provision of a user friendly and secure Website.
      • "Tracking Cookies", "Marketing Cookies" and "Web-Analysis Cookies" record your user behaviour and your interactions with our Website. Through these Cookies, we can adapt our Online Services specifically to you as well as place advertisements suitable for you. We place such cookies only on the basis of your consent that you can withdraw at any time. You can find further details about the specifically used Tracking, Marketing and Web-Analysis Cookies in point 3.5.
    4. You can adjust your internet browser so that cookies are only placed with your specific consent or generally rejected. In this case we collect only anonymous data about your visit to our Website to e.g. be able to determine the total number of visitors to our Website. If you have prohibited the use of cookies in your browser settings, we want to point out that in this case you can potentially not use all functions of our services in their entirety.
    5. Cookies with obligatory consent
      1. Google Analytics

        Provided that you have given your consent to cookies, we use Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") on our Website. The information generated through the Google Analytics Cookie about the use of the Website are usually transmitted to the servers of Google in the United States of America and stored there.

        Google will use this information on our behalf to evaluate the usage of our Website by the users, to assemble reports about the activities on our Website and to deliver to us further services connected to the use of the Website. In doing so, pseudonymised user profiles of users can be generated from the processed data. Google will also potentially transmit the data to third parties if legally required or third parties process the data on behalf of Google.

        We use Google Analytics only with activated IP-anonymisation. This means that your IP address is shortened by Google within the member states of the European Union or in the European Economic Area. Only in exempt cases the full IP address is transmitted to a server of Google in the US and shortened there. To our knowledge, the IP address transmitted from your browser is not merged with other data of Google.

        You can prevent the use of Google Analytics by downloading and installing the browser plug-in available through the following link: https://tools.google.com/dlpage/gaoptout?hl=de. You can find out more information about the data usage through Google, setting and objection possibilities on the websites of Google: https://www.google.com/intl/de/policies/privacy/partners.

      2. Facebook Pixel

        If you visit our Websites and have given your consent, we will observe and document your user behaviour in order to display individual recommendations on our Websites based on this data. For this purpose we process the following personal data:

        • IP address
        • UU-ID
        • WEB ID
        • Device Fingerprints
        • Browser Fingerprints
        • Cookies
        • Geo IP location

        For the processing we use Facebook Pixel. Here we only use the standard functions. For further details on data processing by Facebook Pixel, we refer to the corresponding data protection declarations: Facebook pixel: https://www.facebook.com/privacy/explanation

        In connection with the use of Facebook pixels, your personal data is transferred to the USA. In the case of the USA, the EU Commission has not decided that an adequate level of data protection exists within the meaning of the DS-GVO; no such decision has been made (Art. 45 DS-GVO). However, Facebook, Inc. is subject to the EU-U.S. Privacy Shield. This ensures adequate protection of your personal data. You can access the complete text of the US Privacy Shield Framework under the following link: https://www.privacyshield.gov/servlet/servlet.FileDownload?file=015t00000004qAg

  4. Is your data transmitted to third parties?
    1. We entrust your personal data in the extent necessary to the following external service providers (data processors) that support us with the performance of our services:
      • IT-service providers and/or providers of data hosting solutions or similar services;
      • Other service providers, providers of tools and software solutions that support us in the operation of our Website , performance of our services as well and operate on our behalf (including providers of marketing tools, marketing agencies, communication service providers)
      All our data processors process your data only on our behalf and on the basis of our instructions so that we can provide you with our services.
    2. Apart from that, we transmit your personal data in the extent necessary to the following recipients (controllers):
      • Potential third parties that are participating in the provision of services to you for the fulfilment of our contractual obligations (e.g. login-services, banks for processing of the payment, payment service providers);
      • External third parties on the basis of our legitimate interests in the extent necessary (e.g. auditors and tax consultants, insurances in case of insured events, legal representatives in case of incidents);
      • Authorities and other public entities in the extent legally necessary (e.g. financial authorities).
    3. If we process your data in a third country outside the European Union (EU), or respectively the European Economic Area (EEA) or this happens within the scope of using services of third parties, this only occurs, if necessary for the fulfilment of our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. We have implemented suitable and appropriate guarantees to develop a way of transmission of your data to the respective third country compliant with data protection (e.g. for the US through the "Privacy Shield" or the conclusion of so called "Standard Data Protection Clauses"). Upon your enquiry we can transmit a copy of those suitable guarantees to you, provided that we process or let your data be processed in third countries.
  5. Retention period
    1. We store your personal data just as long as necessary for the purposes for which they are processed. Beyond that, we are potentially obligated to store your data for longer in accordance to legal retention periods.
    2. Specifically, we store your data in connection with the establishment of contact with us in accordance with legal retention periods for a time period of usually seven years.
    3. Access data and log files are stored for a maximum time period of 500 days and are erased subsequently.
    4. We store data about your user behaviour for a time period of usually three years, or respectively at the latest until the withdrawal of your consent.
    5. Provided that you have only registered for our newsletter and are, apart from that, no client of us, we store your data until the withdrawal of your consent and beyond that for a maximum of three years.
    6. We store data in connection with your registration and your user account until the end of your client relationship with us, or respectively beyond that until the expiry of the respective legal retention periods (usually for a time period of seven years).
    7. Apart from that, we also store your personal data after an incident beyond the abovementioned time periods as long as legal claims out of the relationship between you and us can be enforced, or respectively until the definitive clarification of an incident or legal dispute. This longer storage occurs for the ensuring of our overriding legitimate interests to the enforcement, clarification and defence of our legal claims.
  6. Rights of Data Subjects
    1. You have the right to access your personal data that is being processed by us (Art 15 GDPR). Apart from that, you have the right to rectification of inaccurate or incomplete data and – under certain circumstances – the right to erasure (Art 16 and Art 17 GDPR). Additionally, you have the right to restriction of processing (Art 18 GDPR) as well as the right to data portability concerning the data you have provided us with (Art 20 GDPR).
    2. Moreover, you have the right to object on grounds relating to your particular situation (art 21 GDPR). Such an objection can in particular occur relating to processing of data for the purposes of direct marketing.
    3. Additionally, you have the right to withdraw your consent at any time with effect for the future.
    4. Finally, you have the right to lodge a complaint with the responsible supervisory authority (Art 77 GDPR). The responsible supervisory authority for Austria is the Österreichische Datenschutzbehörde, Barichgasse 40-42, 1030 Vienna (www.dsb.gv.at).
    5. If you have questions relating to this or any other questions, you can contact us at:

      Pocketcoach GmbH

      Kandlgasse 19-2,

      1070 Vienna,

      [email protected]

  7. Data security

    We comply with appropriate technical and organisational security measures pursuant to Art 32 GDPR to, considering the risks, guarantee an appropriate data protection level, especially to protect your personal data against accidental or unlawful destruction, alteration or against loss and against unauthorised disclosure or unauthorised access.

  8. Amendments of our Privacy Policy

    Within the course of internet development, we will amend our Privacy Policy regularly. We will disclose amendments on our Website. Therefore, you should visit this Privacy Policy regularly to be informed about the current status.

Version: May 2020