LIFE-SESSIONS

Privacy Policy

Preamble
This privacy policy outlines the type, purpose, and scope of the processing of personal data (“data”) in connection with our application. All terms are intended to be gender-neutral.
Effective Date: December 7, 2024

Table of Contents

  1. Preamble
  2. Controller
  3. Overview of Processing
  4. Legal Basis
  5. Security Measures
  6. International Data Transfers
  7. General Information on Data Retention and Deletion
  8. Rights of Data Subjects
  9. Business Services
  10. Business Processes and Procedures
  11. Provision of Online Services and Web Hosting
  12. Use of Cookies
  13. Registration, Login, and User Accounts
  14. Blogs and Publishing Media
  15. Contact and Inquiry Management
  16. Communication via Messenger
  17. Newsletters and Electronic Notifications
  18. Advertising Communication via Email, Mail, Fax, or Phone
  19. Web Analytics, Monitoring, and Optimization
  20. Online Marketing
  21. Customer Reviews and Rating Systems
  22. Social Media Presence
  23. Plugins and Embedded Features/Content
  24. Management, Organization, and Tools
  25. Changes and Updates
  26. Definitions

Controller
Peter Seifritzberger
Anton-Windhager-Strasse 31
A-5201 Seekirchen am Wallersee
Authorized Representative: Peter Seifritzberger
Email: office@life-sessions.com

Overview of Processing
Types of processed data: Personal data, payment data, contact details, content data, contractual data, usage data, meta-/communication-/process data, log data.

Categories of data subjects: Service recipients/clients, prospects, communication partners, users, business and contractual partners, course participants, customers.

Purposes of processing: Contract fulfillment, communication, security measures, direct marketing, reach measurement, tracking, office/organizational procedures, audience analysis, feedback, marketing, profiling, provision of online services, IT infrastructure, public relations, business processes.

Legal Basis (GDPR)

  • Consent (Art. 6(1)(a) GDPR)
  • Contractual obligations/pre-contractual inquiries (Art. 6(1)(b) GDPR)
  • Legal obligations (Art. 6(1)(c) GDPR)
  • Legitimate interests (Art. 6(1)(f) GDPR)

Additionally, the Austrian Data Protection Act (DSG) and Swiss data protection regulations apply for cross-border transfers.

Security Measures
We implement technical and organizational measures appropriate to the state of the art to ensure an adequate level of protection. These include access, input, transmission, availability controls, data protection by design and default, and TLS/SSL encryption (HTTPS).

International Data Transfers
Transfers to third countries only occur under legal frameworks compliant with GDPR (e.g., adequacy decisions, standard contractual clauses, consent). More information is available from the European Commission. Certain U.S. companies are certified under the Data Privacy Framework (DPF).

General Information on Data Retention and Deletion
Data is deleted when consent is withdrawn or there is no longer a legal basis for processing. Statutory retention periods (e.g., commercial or tax law) remain unaffected. When multiple retention periods apply, the longest is used.

Examples of retention periods under Austrian law:

  • 10 years for accounting documents, invoices, etc.
  • 6 years for other business documents.
  • 3 years for warranty/compensation claims.

Data no longer required is restricted to statutory obligations or securely deleted.

Rights of Data Subjects (Art. 15-21 GDPR)

  • Right to object to processing for specific reasons or direct marketing purposes.
  • Right to withdraw consent for future processing.
  • Right to access personal data processed about them.
  • Right to rectification of incorrect data.
  • Right to deletion/restriction of processing in line with legal requirements.
  • Right to data portability.
  • Right to lodge complaints with a supervisory authority.

Business Services
We process data to fulfill contracts, communicate, handle inquiries, issue invoices, safeguard rights, and maintain organizational operations. Examples include e-commerce, technical services, educational courses, and software/platform provision.

Provision of Online Services and Web Hosting
We process IP addresses, log data (server logs), and email traffic on hosted servers for operational and security purposes. Logs are typically retained for no longer than 30 days unless required for security purposes.

Use of Cookies
Cookies are used for session management, analytics, and advertising, with consent required for non-essential cookies. Session cookies expire when the browser is closed, while others may remain for up to 2 years.

Registration, Login, and User Accounts
We process registration and usage data (name, login info, IP) to provide contractual functions. IP addresses are retained for misuse prevention. Data is deleted when accounts are terminated unless required by law.

Blogs and Publishing Media
We process user data to provide publishing platforms, comment features, and feedback.

Contact and Inquiry Management
We process contact, content, and metadata to handle inquiries and manage communication.

Communication via Messenger
We process contact and content data for Messenger communications, using end-to-end encryption when available.

Newsletters and Electronic Notifications
Newsletters are sent based on consent or legal permission, tracking open/click rates to optimize delivery.

Advertising Communication
We process contact details for promotional purposes, with the right to withdraw consent at any time.

Web Analytics, Monitoring, and Optimization
Usage and metadata are analyzed to measure reach, profile audiences, and optimize services.

Online Marketing
We process usage data to serve targeted ads, create profiles, and analyze audiences.

Customer Reviews and Rating Systems
We process user and contractual data for reviews and verification.

Social Media Presence
User data is processed for communication, research, and marketing purposes.

Plugins and Embedded Content
External content (e.g., maps, videos) may process metadata or use cookies.

Management and Tools
We use third-party services (e.g., cloud tools) for organization and communication.

Changes and Updates
This privacy policy may be updated as required. Users are encouraged to review the latest version.

Definitions

  • Personal Data: Information related to an identifiable person.
  • Processing: Any action performed on personal data (e.g., collecting, storing, deleting).
  • Other terms align with legal definitions.