Privacy Policy

CFS – Consulting, Franchise & Sales GmbH is hereinafter referred to as CFS. CFS is part of the atempo group. The capito brand belongs to CFS. The capito network includes franchise partners in Germany, Austria and Switzerland.

CFS is the franchisor.

CFS data:
CFS – Consulting, Franchise & Sales GmbH
Heinrichstraße 145
8010 Graz
Austria

Company register number: 257236p

Telephone: 0043 316 81 47 16
office@capito.eu

CFS processes certain data about you. CFS respects and protects your rights to data protection and privacy. CFS implements all measures required by law to protect your data.

CFS is legally responsible for protecting all processed data about you.

The data protection officer is Mario Morschner.
Heinrichstraße 145
8010 Graz
datenschutz@atempo.at
0043 316 81 47 16 26

1. Implementation of non-digital services

When CFS fulfils and implements your project, it requires certain data: First name, last name, e-mail address, street, postcode, city, telephone number, customer number, company, tax number, invoice amount, texts.

CFS uses and saves this data. If necessary for the project, CFS passes it on to others:

to the franchise partners listed on the CFS website.
They save your data and use it to carry out your project. The data is always stored on a European server, usually in Austria or Germany.
to CFS cooperation partners, for example tax consulting and payroll accounting.
to agencies from which CFS receives funding, if this is necessary for the implementation of a project.
Such agencies are, for example, the Social Ministry Service (Sozialministeriumservice), the Austrian Research Promotion Agency (Österreichische Forschungsförderungsgesellschaft), the Austria Wirtschaftsservice (AWS) or the Styrian Business Promotion Agency (Steirische Wirtschaftsförderungsgesellschaft).

CFS does not sell any data to marketing companies.

It is possible that CFS will pass on the data to business partners. CFS carefully selects these business partners. The data might be used for joint programmes, for example for marketing measures. However, CFS needs your consent for this. The data will be passed on if required by law or government authorities.

If the data is passed on to external service providers, strict data protection rules apply to these providers. Your personal data will be protected in any case.

You do not have to give your data to CFS. But if you don’t, CFS may be unable to fulfil your request or inform you about other products and services. In this case, CFS will let you know.

2. Newsletter

You can subscribe to the capito newsletter by CFS. You have to agree in writing that you want to receive the newsletter. If you provide your email address, you will be added to the CFS newsletter distribution list. In order for CFS to be able to send you the newsletter, your IP address and your email address will be saved.

CFS uses the service provider MailChimp to send the newsletter. This is an online platform for sending newsletters. It belongs to the company Rocket Science Group LLC.

The contact details are:
Rocket Science Group LLC
675 Ponce De Leon Ave NE
Suite 5000
Atlanta
GA 30308
USA

You can read their privacy policy on the MailChimp website.

If data is exchanged with countries outside the European Union, the standard contractual clauses apply.

MailChimp may use the data to improve its service. For example, so that sending emails works better technically, so that the newsletters are shown correctly or so that MailChimp can create statistics. But the data must be used in such a way that it is not possible to trace which users they belong to. MailChimp itself does not write to the users and does not pass the data on to others.

It is also possible that CFS works with an advertising agency to send out newsletters.

You can unsubscribe from the newsletter at any time. You can do this directly in the newsletter or by sending an email to office@capito.eu. CFS will immediately delete the data you provided for the newsletter. By doing so, you revoke our permission to process your data. Despite this revocation, CFS had the right to process your data up to that point.

CFS does not share your personal data with others so that they can send you advertisements. Only CFS may send you its own advertisements.

3. Webshop

On the capito website, there is a webshop where you can buy courses online. CFS processes all data necessary for the online purchase: First name, last name, email address, street, postcode, city, telephone number, customer number, company, tax number, purchased online courses, progress in courses and quizzes, logins on the learning platform.

CFS needs your email address and phone number to contact you quickly if there are any questions about your order.
Immediately after placing your order, you will receive your login details by email.

CFS works together with the payment provider Stripe. If you choose a payment method from Stripe, Stripe will process your payment. The contact details are:

Stripe Payments Europe Ltd
Block 4, Harcourt Centre
Harcourt Road
Dublin 2
Ireland

We share with Stripe the information you provide when you place your order and the information about your order: name, address, account number, bank routing number, credit card number if applicable, invoice amount, currency and transaction number. This information is only shared so that Stripe can process your payment. You can find more information on their data protection here: https://stripe.com/at/privacy

4. Use of cookies

Cookies are small text files that websites store on your device. For example, settings and passwords on this website. This makes it easier for you to use a website.

CFS uses cookies so that you can use the website and certain functions well. The cookies are stored on your device. When you visit the CFS website again, the website recognises your device. These are long-term cookies. For example, if you added a course to your shopping cart the last time you visited the website, the course will still be in your shopping cart the next time you visit.

CFS also creates statistics with the cookies. In the statistics, however, you cannot see which cookies belong to which user.

You can accept or reject the cookies. If you reject them, some things on the CFS website may not work well.

You can set how you want to manage cookies in your browser. Click on “Help” in your browser. There you will find a description of how to change the cookie settings in your browser.

Here you can find this help in the 3 most common browsers:

Safari™

Chrome™

Firefox™

If you wish to disable cookies on this website, click on the following button:

5.1 Google Tag Manager

CFS uses the Google Tag Manager. When you assign a tag to certain content, you assign the content to a specific category.

The Google Tag Manager allows CFS to manage the tags on the CFS website. There are no cookies in Google Tag Manager and no personal data is collected.

These tags collect cookies, but the Google Tag Manager does not access the stored data. If you have disabled cookies, this also applies to all tags that can be used to track your activities.

5.2 Google AdWords

CFS uses the Conversion Tracking of Google AdWords. This means that CFS can track what happens after you have clicked on a CFS ad. For example, whether you have signed up for the newsletter afterwards.

This is how it works: Google AdWords is an online advertising programme of Google Inc. Companies can publish ads on Google. When you click on such an ad, a cookie for conversion tracking is stored on your device. The cookies are valid for 30 days and do not contain any personal data. CFS can therefore not track, which user they belong to.

If you visit certain websites within the 30 days, Google will recognise that you have clicked on the advertisement and that you have been redirected to the CFS website.

CFS receives an individual cookie from Google AdWords for conversion tracking. Google AdWords uses the information from this cookie to create statistics. This allows CFS to see how many users clicked on the ad and were redirected to the website. But CFS does not receive any information to find out who these users are.

If you don’t want cookies to be stored on your device, you can switch this off. To do so, go to the advertisement settings on Google. You can also deactivate cookies via the settings on your computer or smartphone.

5.3 Google Remarketing

CFS uses Google AdWords Remarketing functions:

Google Remarketing for Search: Remarketing lists for search ads
Google Display Network Remarketing: Remarketing lists for display networks
This means that when you visit the CFS website, the remarketing functions store cookies on your device. You will then be shown ads that match the CFS website. This way, CFS can better adapt the marketing to your needs and you only see ads that are interesting for you.
If you don’t want that, click on this link

5.4 Google Analytics

CFS uses Google Analytics. This is an analytics service from the company Google Inc.

The contact details are:

Google Inc.
1600 Amphitheatre Parkway
Mountain View
CA 94043
USA

Google Analytics stores cookies on your device. These cookies allow us to analyse how you use the CFS website. Normally, this information is transferred to a Google server in the USA and stored there.

On the CFS website, your IP address is recorded anonymously. This works because the Google Analytics code has been extended. Your IP address is shortened within the European Economic Area and then sent to the Google server in the USA. Only in exceptional cases will the entire IP address be sent to the Google server and shortened there.

Google uses the information to analyse how people use the CFS website. Google also compiles reports on website activity and provides other services to CFS.

Your IP address is never associated with any other data held by Google.

You can change the settings in your browser so that cookies are not saved. However, if you do this, some things on the CFS website may not work well.

You can also set your browser so that your data is not sent to Google and is not processed by Google. To do this, you need to download and install an extension for your browser.

CFS uses Google Analytics to improve their services and website. The user’s privacy is important to CFS, which is why the data is used anonymously. It is not possible to trace which data belong to which user.

6. Plug-ins on social media

Plug-ins are extensions for computer programs.

6.1 Plug-ins from X (formerly Twitter)

CFS uses plug-ins by X (formerly Twitter). The contact details of X are:
X Corp. HQ
1355 Market St
Suite 900
San Francisco
CA 94103
USA

X offers the “tweet” feature. This allows you to post content from the CFS website to X.
If you use this feature, the CFS website will be linked to your X account. All X users may be able to see this. In the process, data is transferred to X.

CFS does not know what data is sent to X and how X uses this data. For more information, you can view X’s privacy policy.

You can also change your X privacy settings.

6.2 Plug-ins from Facebook

CFS would like to analyse and improve its online offer. Therefore, CFS uses plug-ins from Facebook.

The Facebook contact details are:
Facebook Inc.
1 Hacker Way
Menlo Park
CA 94025
USA

This means that certain functions of Facebook are integrated into the CFS website. You can recognise this by the Facebook logo and the terms “Like” and “Share”.

You can find information on all Facebook plug-ins on the Facebook website.
Facebook complies with European data protection law. When data is exchanged with countries outside the European Union, the standard contractual clauses apply. Facebook also complies with these rules.

The plug-in creates a direct connection between your browser and the Facebook servers. CFS has no influence on what data and how much data is sent to the Facebook servers. Information on this can be found on the Facebook website.

The plug-in informs Facebook that you have visited the CFS website. Your IP address may be saved in the process.
If you are logged in to Facebook while visiting the CFS website, the information will be linked to your Facebook account.

The plug-in has various functions, for example, “Like” or “Share”. If you use one of these functions and, for example, share a post from the CFS website on Facebook, the information will also be forwarded to Facebook.

Don’t you want Facebook to link this data to your Facebook account? Log out of Facebook before you visit the CFS website and delete the stored cookies. You can find out how to do this in the help function of your browser.

In your Facebook account, you can also change how and whether your data is processed for advertising.
Here you can deactivate the cookies for the American Facebook page and for the European Facebook page.

You can find information on data processing on the Facebook website. There you can find out which and how much data Facebook processes and what happens to this data. You can also read about your rights and setting options.

6.3 Plug-ins from Youtube

CFS uses plug-ins from Youtube. Youtube is operated by Google.

The contact details of Youtube are:
YouTube, LLC
901 Cherry Ave.
San Bruno
CA 94066
USA

When you visit the CFS website, a connection to the Youtube servers is established. The Youtube server is informed that you have visited the CFS website.
If you are logged into your Youtube account, this information will be linked to your account.
Log out of your Youtube account if you do not want this to happen.

See Youtube’s privacy policy for more information on how Youtube uses your data.

6.4 Plug-ins from LinkedIn

CFS uses Plug-ins by LinkedIn. The contact details of LinkedIn are:

LinkedIn Inc.
1000 West Maude Avenue
Sunnyvale
CA 94085
USA

You can recognize the plug-ins by the LinkedIn logo or the “Recommend” button. When you visit the CFS website, a connection to the LinkedIn server is established. LinkedIn receives a notification that you have visited the CFS website.
If you click the “Recommend” button and are logged into your LinkedIn account at the same time, we can link your visit to the CFS website to your account.
CFS does not know what data is sent to LinkedIn or how LinkedIn uses that data.

For more information, you can review LinkedIn’s privacy policy. It also states what rights you have and what settings you can change.

6.5 Plug-ins from XING

CFS uses plug-ins by XING.

The XING contact details are:
XING AG
Gänsemarkt 43
20354 Hamburg
Germany

You can recognize the plug-ins by the “Share” button. When you visit the CFS website, a connection to the XING server is established. This is how the “Share” function works. No personal data about you is stored in the process. XING does not store IP addresses and does not analyse what you do on the CFS website.

For more information, you can look at XING’s privacy policy.

7. Use of Facebook Pixel: Facebook Custom Audience

CFS uses the Facebook Custom Audience feature Pixel.

The Facebook contact details are:
Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland

Facebook Pixel is a code that is embedded in the CFS website. Pixel can link your activities on the CFS website with your Facebook account.
It is integrated into the website with the “advanced matching” function. As a result, your data is processed by Facebook. This allows Facebook to track which websites you have visited. This allows Facebook to show you ads that are targeted to you.

When you visit the CFS website, Facebook Pixel stores a cookie on your device. If you are logged in to your Facebook account at the same time or log in immediately afterwards, the visit is stored in your Facebook account.
Facebook stores and processes your data so that the connection to your account can be established. Facebook also uses your data for market research and advertising.
However, your data is also collected if you do not have a Facebook account or are not logged in.

Click this button if you do not want Facebook Pixel to store your visit to the CFS website:

Facebook processes your data as described in Facebook’s Data Use Policy. You can find more information in Facebook’s help section.

8. Information about capito.ai

Here you can quickly get an overview of what personal data capito.ai processes and for what purpose, and which laws apply.
You can find more information about capito.ai under point 7 of the General Terms and Conditions.

CFS also informs you about who may receive your data and what rights you have according to the General Data Protection Regulation. You can contact CFS at any time if you have questions or feedback about data protection or if you want to exercise your rights. The contact details are at the beginning of this privacy information.

8.1 Registration and paid use of capito.ai

In order for you to register with capito.ai and use capito.ai, CFS stores and processes personal data. CFS also needs the data to communicate with you. These are the following data: First name, last name, email address, street, postal code, city, state, country, phone number, company, tax number. If you do not provide this information, CFS may not be able to fulfil its obligations:

• The obligations according to the contract: capito.ai provides services and invoices the services to you.
• The obligations according to company and tax laws.

8.2 Processed data

When you register with capito.ai, you provide data that CFS then processes.

CFS also processes the following data:
• Order data. This also includes the data if you waive your right of withdrawal. You can find more information under point 7 of the General Terms and Conditions.
• Data regarding the contract with capito.ai. This includes information about which services CFS has to provide, your access data, your customer number, and possibly also information about termination. If you use the API of capito.ai, the version of the API is also part of this data. With an API, the core functions of capito.ai can be integrated into other applications of a company.
• Data on the service that CFS provides. This includes data about the agreed service and the use of the API. It may also include data about your use of capito.ai. However, this data is then made anonymous.
• Billing data. This includes payment data.
• Possibly data about whether you comply with our terms of use or not.
• CFS sales partners also advertise capito.ai. When you buy capito.ai for the first time through a sales partner, CFS sees this. Your account will then be assigned to this sales partner.
• You can buy capito.ai for 1, 5, 15 or more users. CFS connects the users in its database so that CFS knows which users belong together.
• capito.ai analyzes and simplifies the texts you enter. The texts you enter are not saved and are only processed for the purpose of analysis and simplification.
• You can place an additional order with CFS through capito.ai. For example, your text to be simplified by capito translators. CFS stores these orders and passes them on to the franchise partners. This is also stated in point 1 and point 7 of the general terms and conditions.

8.3 Legal basis

Article 6, paragraph 1 in the General Data Protection Regulation is the legal basis for CFS to process your data. CFS processes your data so that CFS can fulfil the contract and so that CFS can fulfil its obligations under the Corporate and Tax Law.

8.4 Anonymization

CFS anonymizes your data to be used for the analysis. The legal basis for this is Article 6, paragraph 1 in the General Data Protection Regulation.
CFS has a legitimate interest in analysing your data. With this data, CFS can further develop and improve capito.ai.
capito.ai analyses texts and “translates” texts into easy-to-understand language. If capito.ai becomes better, this can also be good for you as a user.

It is possible that you have the right to object to this processing of your data. You can find more information under point 8.9.1.

8.5 Storage of data

Your data will be saved for 6 years. This is required by the Corporate and Tax Law.

8.6 Profiling

CFS does not do automated decision-making and profiling according to Article 22, paragraphs 1 and 4 in the General Data Protection Regulation. This means that personal data is not processed automatically to find out more about the interests and behaviour of users.

8.7 Other service providers

CFS works with other service providers to make capito.ai work. These service providers may have access to your data. However, they are bound by contract to strictly comply with all data protection regulations.

8.7.1 Stripe

CFS works together with the payment provider Stripe. If you choose a payment method from Stripe, Stripe will process your payment. The contact details are:

Stripe Payments Europe Ltd
Block 4, Harcourt Centre
Harcourt Road
Dublin 2
Ireland

8.7.2 Auth0

To enable CFS to verify the identity of users, CFS uses the Auth0 programme. The contact details are:

Auth0
10900 NE 8th Street
Bellevue
WA 98004
USA

Auth0 saves and manages the email addresses and passwords. When data is exchanged with countries outside the European Union, the standard contractual clauses apply. Auth0 complies with these rules.
You can find more information on data protection in Auth0’s privacy policy and in the section “Resources for Privacy and Data Protection“.

8.7.3 Google Sign-In

You can also log in to capito.ai with your Google account. This is only possible if you expressly agree to it, as required by the General Data Protection Regulation in Article 6, Paragraph 1, Letter a.

Google Sign-In is a service provided by Google. The contact information is:
Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

When you sign in with Google Sign-In, you will be redirected to the Google website. There you can register or log in to your Google account.
This digitally links your Google profile and your Google email address with capito. As a result, CFS automatically receives the following data from Google:
• your first and last name
• your user name
• your email address
• your profile picture

More information about Google Sign-In and your privacy settings can be found in the privacy policy and terms of use of Google Ireland Limited.

8.7.4 Amazon Web Services

CFS uses the servers of Amazon Web Services. The database and web content are stored there. The contact details of Amazon Web Services are:

Amazon Web Services, Inc.
P.O. Box 81226
Seattle
WA 98108-1226
USA

However, the data is not stored in the USA, but only in the data centre in Frankfurt am Main in Germany. The data centre is certified according to the following standards: ISO 27001, 27017, 2018 and PCI DSS Level 1.

CFS has tightly restricted access to the data and the data is automatically encrypted.
When data is exchanged with countries outside the European Union, the standard contractual clauses apply. Amazon Web Services complies with these rules.

You can find more information about data protection on the Amazon Web Services website:
Data Protection
Privacy

We use AWS SES (Simple Email Service) to send email notifications, for example verification emails, password reset emails and contact forms. The data centre we use is located in Germany (Frankfurt, EU-CENTRAL-1).

Amazon Web Services, Inc.
410 Terry Avenue North
Seattle WA 98109

8.7.5 Sentry

CFS uses the Sentry service. Sentry monitors whether capito.ai is stable and looks for errors in the code. This improves the stability of capito.ai.
The contact details of Sentry are:

Sentry
1501 Mariposa St
Suite 408
San Francisco
CA 94107
USA

CFS only uses Sentry to improve stability. Sentry does not use data for advertising.
User data is collected anonymously. During processing, it is not possible to trace to whom the data belongs. Afterwards, the data is deleted.
Such data can be, for example, which device you are using or when the error occurred.

You can find more information in Sentry’s privacy policy.

8.7.6 Exoscale/A1 Telekom Austria AG

A large part of capito.ai services is hosted in Austria. We use the cloud infrastructure of Exoscale for this. This is operated by A1 Telekom Austria AG.

A1 Telekom Austria AG
Lassallestraße 9
1020 Vienna
Austria

8.7.7 Digital Ocean

Some of our software services are hosted on infrastructure provided by Digital Ocean. Digital Ocean’s contact details are:

Digital Ocean
101 6th Ave
New York
NY 10013
USA

Although Digital Ocean is an American company, our software services are hosted in the European judicial area. More information provided by Digital Ocean can be found here: https://www.digitalocean.com/legal/data-processing-agreement

8.7.8 Vercel

CFS uses Vercel to host the frontend. This involves sharing a user’s IP address with Vercel. The contact details are:

Vercel Inc.
440 N Barranca Ave #4133
Covina
CA 91723
USA

CFS uses Vercel to make the software available to users. The IP address is not used for any other purpose than to display the software to users. More information from Vercel can be found here: https://vercel.com/legal/dpa

8.7.9 Cloudflare

CFS uses Cloudflare Pages as a security layer to defend against DDos attacks. For this, we share IP addresses with Cloudflare. The contact details of Cloudflare are:

Cloudflare, Inc.
101 Townsend St.
San Francisco
CA 94107
USA

You can find more information about Cloudflare’s privacy policy here: https://www.cloudflare.com/de-de/cloudflare-customer-dpa/

8.7.10 Microsoft Azure

Our simplification service is hosted by Microsoft in Amsterdam. The contact details are:

Microsoft Europe
1775 TK Middenmeer
Netherlands

8.8 Further processing of personal data

CFS is working on software that can automatically simplify texts. CFS needs data to research and develop the software. CFS uses your entered texts, your changes, your activities in capito.ai and the topic categories of your texts. All data is used anonymously. The data cannot be assigned to specific users.

CFS passes the data on to the Department of Computational Linguistics at the University of Zurich:

University of Zurich
Department of Computational Linguistics
Andreasstrasse 15
8050 Zurich
Switzerland

The University of Zurich is bound by contract to keep the data confidential and to comply with the General Data Protection Regulation.

8.9 Rights under the General Data Protection Regulation

8.9.1 Right to withdraw your consent

In certain cases, you must consent to CFS processing your data. You have the right to withdraw this consent at any time. Despite this withdrawal, CFS had the right to process your data up to that point.

With any consent, CFS must specify how you can withdraw consent. You can send CFS an email or letter if you wish to withdraw consent. You will find the contact details at the very beginning of this privacy policy.

8.9.2 Right of Access

You may ask CFS to confirm whether CFS is processing personal data about you. If CFS processes data, CFS must send you a copy of that data. CFS must also tell you:

• what CFS processes the data for.
• what category of personal data CFS processes.
• to whom CFS has given or will give your personal data.
• if it can, how long CFS will retain the data. If this is not possible, CFS must tell you how CFS determines the storage period.
• that you have the following rights:
o that the data will be rectified.
o that the data will be deleted.
o that the data may only be processed for certain purposes.
o that you can object to the processing of your data.
• that you can complain to a supervisory authority.
• where the data is collected, if the data is collected elsewhere. You must be given all available information about this.
• whether your data is used for automated decision-making and profiling. You can find more information about this under point 8.6.

CFS can send you a copy of the personal data that is being processed. If you require additional copies, CFS may charge you for administrative costs.

If you request the copy by email, CFS must send you the copy in a standard electronic format. Unless you specify otherwise.

8.9.3 Right to correction an deletion

If CFS processes incorrect data about you, you have the right to request that CFS correct the data immediately.

If CFS processes incomplete data about you, you may request that CFS completes your data. You can also do this with an additional statement.

You can also ask CFS to delete your data immediately. CFS must delete your data immediately for any of these reasons:
• The data has been collected and processed for a specific purpose. CFS no longer needs the data for this purpose.
• You withdraw your consent for CFS to process your data. There is also no other legal basis for CFS to process your data.
• You object to the processing of your data. You can find more information on this under point 8.9.6.
• CFS has violated a law by carrying out the processing.
• CFS must delete the data to follow a law.
• It was a child who gave consent.

CFS does not have to delete your data,
• if CFS needs your data to fulfil a legal obligation.
• if CFS needs your data to exercise a legal right.

8.9.4 Right to restrict processing

You may request CFS to restrict the processing of your data. To do so, one of these conditions must be met:

• You state or have stated that your data is incorrect. CFS has had time to check whether your data is correct.
• The processing violates a law. But you don’t want the data to be deleted, you want the data to be processed in a restricted way.
• CFS no longer needs the data for processing. But you need the data so that you can exercise a legal claim, and you can justify this.
• You object to the processing. Processing is then restricted until it is determined whether CFS may still process your data. You can find more information under point 8.9.6.

If CFS is only allowed to process your data in a restricted manner, CFS may store your data and process it only in these cases:

• You consent to CFS processing the data.
• CFS needs the data so that it can exercise a legal right.
• Another natural or legal person needs to be protected. A legal person is, for example, an association.
• The processing is important for the society of the European Union or a Member State.
CFS might be allowed to process your data again later without restriction. CFS will inform you about this.

8.9.5 Right to transferability of data

CFS must send you your data in a common format that is structured and that computers can process. This applies,
• if CFS is allowed to process your data because you have consented or because it is in a contract.
• if the data is processed automatically.

You can also request that CFS send the data directly to another responsible person if this is technically possible.

8.9.6 Right to object

You can object to your data being processed for these purposes at any time:
• so that a task can be implemented
• in the public interest or for public administration
• to protect the legitimate interests of CFS or others.

CFS will then no longer process your data. Unless CFS can prove
• that CFS needs to process the data and that there are very important reasons for doing so. The reasons must be more important than your interests, rights and freedoms.
• CFS needs your data in order to be able to exercise a legal claim.
If CFS sends you an advertisement based on your data, you can object to the processing at any time. Then your data will not be used for such advertising.

8.9.7 Right to complain to a supervisory authority

If you think that CFS is violating a law by processing your data, you can protect yourself. There are various ways to do this, such as filing a complaint.
In addition, you can complain to a supervisory authority. The best place is the supervisory authority in the country where you live, where you work or where laws are violated in data processing.

The details of the supervisory authority in Austria are:

Austrian Data Protection Authority
Barichgasse 40-42
1030 Vienna
Telephone: +43 1 52 15 20
E-mail: dsb@dsb.gv.at

9. Security

CFS keeps your data safe. CFS makes sure that no one can steal, misuse or change the data.

CFS also has contracts with other companies so that CFS can provide its services. These companies may have access to your data. The contracts oblige the companies to keep your data confidential. They are not allowed to use your data for any other purpose.

10. Duration of storage

Your data will be stored and changed as long as CFS is allowed to use your data. This means until you unsubscribe from the newsletter or until the contract between you and CFS is over. CFS may also use your data after the contract if this is necessary so that the contractual relationship can be finished. Or if claims still exist after the contract.

For certain purposes, it may be specified how long CFS may use your data.