+43 1 2535352
Contact

Data Protection

Data protection and thus the protection of your personal data is a primary concern for us. We process your data exclusively based on statutory regulations (GDPR, TKG 2003 (Austrian Telecommunications Act 2003)). We have provided this data protection information to inform you about the most important aspects of data processing on our website. Our data protection officer is available for any further questions about this information.

Contact details for the data protection office:

PROLIANCE GmbH

www.datenschutzexperte.de

Leopoldstr. 21

80802 Munich

Germany

datenschutzbeauftragter@datenschutzexperte.de

Please refer to the company that your inquiry is regarding when contacting the data protection office (Kaleidoscope GmbH). Please do not include sensitive information, e.g., a copy of an identify document in your inquiry. The use of our website is generally possible without providing personal data. If personal data are collected on our web pages (such as name or e-mail address), this is done on a voluntary basis where possible. Unless otherwise stated in this declaration, data are not passed on to third parties without explicit consent. We would like to point out that data transmission on the internet (e.g., communication by e-mail) may contain security gaps. Complete protection of your data against access by third parties is not possible.

Cookies

Our website uses cookies. These are small text files that are stored on your device by the browser. They do not cause any harm. We use cookies to make our website user-friendly. Some cookies remain on your device until you delete them. They allow us to recognize your browser on your next visit. If you do not wish to enable cookies, you can set up your browser so that you are informed about the storage of cookies and enable them only in specific cases, or disallow them in general and activate automatic deletion of cookies when closing the browser. If cookies are disabled, the functionality of our website may be limited.

Web Analysis – Google Analytics and Google Tag Manager

Our website uses functions from web analysis service Google Analytics from Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Cookies are therefore used, which allow usage of the website by users to be analyzed. We also use Google Tag Manager from the same company. This service enables us to manage website tags via an interface. The Google Tag Manager implements tags. No cookies are used and no personal data are collected.

IP Anonymization

We have also activated the IP anonymization function. This means that your IP address is shortened by Google within member states of the European Union or in other states which are party to the Agreement on the European Economic Area prior to being sent to the USA. Only in exceptional cases is the full IP address sent to a Google server in the USA and shortened there. These data serve as website usage analysis and are used for generating corresponding reports and services. The IP address sent by your browser as part of Google Analytics is not linked with other Google data. The user data are stored by Google for the shortest possible period of 14 months. You can disable the storage of cookies via a special setting in your browser. However, this may mean that not all functions of our website will be available to you. Following successful installation, a browser plug-in available here allows you to block the collection of data generated by the cookie and data related to your usage of the website (incl. IP address) by Google and the processing of these data by Google.

Objection to Data Collection

You can disable the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie is set, which prevents the collection of your data on future visits to this website: Deactivate Google Analytics. You can find more information on how Google Analytics processes user data here in the Google Privacy Policy. We have concluded a corresponding contract with the provider regarding order data processing. The relationship with the web analytics provider is based on the Privacy Shield Framework, which Google is bound by. Data processing is performed based on the statutory regulations of § 96 para. 3 TKG and Article 6 para. 1(a) GDPR. Our concern in the context of the GDPR is improving our services and online presence. As the privacy of our users is important to us, user data are anonymized as described above. You can find the Google Privacy Policy here.

YouTube

Our website uses plug-ins from Google-operated site YouTube. Operator of the web pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our web pages equipped with a YouTube plug-in, a connection to the YouTube servers is established. Information about which of our web pages you have visited is then shared with the YouTube server. If you are logged in to your YouTube account, you enable YouTube to assign your browsing activity directly to your personal profile. You can disable this by logging out of your YouTube account. You can find more information on the processing of user data in the YouTube Privacy Policy.

Facebook

If you are logged into your Facebook account while visiting our website, Facebook can associate this visit with your account. Should you wish to disable this, please log out of your Facebook account. We would like to point out that as the provider of the web pages, we do not receive any information regarding the content of the data transferred or its usage by Facebook. You can find more information in the Facebook Privacy Policy.

Hotjar

In order to analyze visitor activity and thus make our website more user-friendly, we use the tracking tool from Hotjar, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta. Hotjar collects standard internet protocol information and details regarding the visitor activity to ascertain things such as the number of visitors to different parts of the website. Hotjar collects this information in such a way nobody is personally identified. You also have the option to disable or re-enable the collection of data on the Hotjar website with a click of the mouse. We have concluded a corresponding contract with Hotjar regarding order data processing.

SSL Encryption

For security reasons and to protect the transmission of confidential information, such as inquires that you send to us as the web page operator, this site uses SSL encryption. You can identify an encrypted connection if the address line in the browser changes from "http://" to "https://" and by the padlock symbol in the browser bar. If SSL encryption is activated, the data you send to us cannot be read by third parties.

Server Log Files

The web page provider automatically collects and stores information in server log files, which your browser automatically sends to us. This information is:

  • Browser type and browser version
  • Operating system in use
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request

These data cannot be associated with specific persons. These data are not merged with other data sources. We reserve the right to check these data retrospectively if we become aware of specific indications of unlawful use. We have concluded a contract with our web hosting partner All-inkl.com regarding order data processing. On the server side, the storage period is set by the provider at 7 days. In the customer's account, the storage period is 180 days.

WPML Plug-in

We use the WPML plug-in for our bilingual website. This uses cookies to identify the current language of the visitor, the language of the page most recently visited, and the language of logged-in users. While you are using the plug-in, WPML passes the website data on via the installer. No data are passed on by the user themselves.

Contact Form

If you send us your inquiry using the contact form, your details from the inquiry form, including the contact details specified by you, are stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on these data without your consent.

Comments

If visitors post comments on the website, we collect the data displayed in the comment form, as well as the IP address of the visitor and the user agent string (with which the browser is identified) in order to help detect spam. An anonymized character string can be created from the e-mail address (also called a hash) and passed on to the Gravatar service to check whether you are using it. You can find the Privacy Policy of the Gravatar service here. Once the comment has been approved, your profile picture will be publicly visible in the context of the comment. If a comment is posted on our website, this may constitute consent to store the name, e-mail address, and website of the author in cookies. This is a convenient function as the author does not have to re-enter all these data when adding another comment. These cookies are stored for a year. Comments including metadata are stored for an unlimited time period. In this way, we can automatically identify and approve follow-up comments in this manner instead of holding them in a moderation queue. Anyone who has posted one or more comments can request an export of this personal data from us, including all data that has been shared with us. You can also request the deletion of all this stored personal data. This does not include data that we must keep on file for administrative, legal, or security reasons. Visitor comments could be examined by an automated service for spam detection.

Newsletter

You can subscribe to our newsletter on the website. To do so, we require your e-mail address and confirmation that you agree to subscribe to the newsletter. As soon as you have signed up for the newsletter, we will send you a confirmation e-mail with a link to confirm your registration. This is to ensure that your e-mail address cannot be misused. No additional data are collected. We use these data exclusively to send you the required information and will not pass these on to third parties. You can cancel your subscription to the newsletter at any time using the cancellation link in every newsletter, or here by clicking on this e-mail link: We will immediately delete your data associated with the sending of the newsletter.

MailChimp

We use MailChimp, a web platform from The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000; Atlanta, GA 30308 USA to send our newsletter. Data such as e-mail addresses of the newsletter recipients are therefore stored in the USA. This company is certified in accordance with the Privacy Shield Framework. We have also concluded a contract with MailChimp regarding order data processing. MailChimp is thus obligated to protect the data of our users, to process data on our behalf in accordance with its data protection regulations, and, in particular, to not pass data on to third parties. You can view MailChimp's Privacy Policy here. Statistical collection and analysis: if a newsletter is opened, technical information (e.g., browser, system, IP address, and time) is recorded. This information is used to make technical improvements to services. It also determines if and when the newsletter is opened and which links are clicked. This information can be associated with individual recipients of the newsletter. The data allow us to identify the reading habits of our users and tailor our content accordingly or send different content according to the interests of our users.

HubSpot

We use HubSpot for our online marketing activities. This is an integrated software solution with which we cover different aspects of our online marketing. We use Marketing Hub and Sales Hub. We also use:

  • Content management (blog)
  • E-mail marketing (newsletter and e-mail)
  • Social media publishing & reporting
  • Reporting (e.g., traffic sources, access)
  • Contact management
  • Contact forms

This information can be used by us to get in touch with visitors to our website and to determine which services or products they are interested in. All information collected by us is subject to this data protection regulation. HubSpot is a software company from the USA with a branch in Ireland: HubSpot Dublin, Ground Floor, Two Dockland Central, Guild Street, Dublin 1, Ireland. As personal data is sent to the USA, additional protection measures are required to ensure the GDPR data protection level. To guarantee this, we have agreed standard data protection clauses with the provider in accordance with Article 46 para. 2 (c) GDPR. The recipient of the data in the USA is obligated to process the data according to the level of protection in Europe.

Piwik PRO

We use Piwik PRO to analyze and regularly improve the use of our website. We may use the statistics obtained to improve our service and make it more interesting for you as a user. The information collected by the cookie about the use of our website is stored on Piwik PRO's servers or the servers of service providers retained by Piwik PRO in the EU. The IP address is anonymized immediately after processing and before storage.

Privacy Policy: https://piwikpro.de/datenschutz/

Opt-out: You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

GotoWebinar

We use “GoToMeeting or GoToWebinar” to conduct “online meetings” such as webinars, telephone conferences, online meetings or video conferences. We always record the webinars that we organize. The fact of the recording is displayed in the “GoToWebinar” application. We may also process the questions asked by webinar participants for the purpose of following up webinars.
In addition to your registration data, we also receive information about the duration of participation, interest in the webinar and questions or answers asked.

Participants are not permitted to make any recordings of the webinar. Sound, image or text data may not be recorded, copied or stored. You acknowledge this by entering the virtual webinar room.

Legal Basis for Data Processing

The legal basis for data processing when conducting "online meetings" is Article 6(1)(b) of the GDPR, insofar as the meetings are conducted within the framework of contractual relationships.

If no contractual relationship exists, the legal basis is Article 6(1)(f) of the GDPR. In this case, our interest is in the effective conduct of "online meetings".

Personal data processed in connection with participation in one of our webinars or events is generally not disclosed to third parties.

Regarding LogMeIn

"GoToWebinar" is a service provided by LogMeIn, Inc., which is headquartered in the United States.

If you are registered as a user with "LogMeIn", reports on "online meetings" (meeting metadata, phone dial-in data, questions and answers in webinars, webinar survey function) may be stored by "LogMeIn" for up to one month.

Note: As soon as you access the "GoToWebinar" website, its provider "LogMeIn" is responsible for data processing. You can find LogMeIn's privacy policy on their website.

To register for a webinar and meet the technical requirements for participation, you must access the appropriate GoToWebinar" website. To participate, you can download the software to use GoToWebinar", use the GoToWebinar" application, or use a browser version also available on the GoToWebinar" website.

What information is processed?

Several types of information are processed when you use GoToWebinar". The amount of data also depends on the data you enter before or during your participation in a webinar.

The following personal information is processed

  • User information: first name, last name, company, email address, personal participation link
  • Webinar metadata: Topic, description (optional), attendee IP addresses, device/hardware information
  • Text, audio, and video: You may be able to use the chat, question, or poll features in a webinar. The text you enter is processed to display it in the webinar and to log it if necessary.

In the case of webinars, we may also process the questions asked by participants for the purpose of recording and tracking webinars.
In order to participate in a "webinar" or to enter the "virtual webinar room", you must provide at least your name.

Data Processing Outside the European Union

"GoToMeeting and GoToWebinar are services provided by LogMeIn from the United States. Personal data is therefore processed in a third country. We have entered into an order processing agreement with the provider that meets the requirements of Art. 28 GDPR. An adequate level of data protection is ensured by the Privacy Shield certification and by the conclusion of the so-called EU Standard Contractual Clauses.

 

Stripe

We use Stripe (Stripe Payments Europe, Ltd.,1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) as a payment platform for our fee-based courses, events and services.

The payment data you enter is transmitted to Stripe on the basis of Art. 6 (1) (a) GDPR (consent) and Art. 6 (1) (b) GDPR (processing for the performance of a contract). You have the option to withdraw your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation.

Spotify

This website includes features of the Spotify music service. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden.

When you visit this website, a direct connection between your browser and the Spotify server is established via the plugin. Spotify receives the information that you have visited this website with your IP address. If you click the Spotify button while logged into your Spotify account, you can associate the content of this website with your Spotify profile. This will allow Spotify to associate your visit to this website with your account.

Please note that Spotify uses cookies from Google Analytics, so your usage data may also be transmitted to Google when you use Spotify. Google Analytics is a web analytics tool by Google Inc. based in the USA. Spotify is solely responsible for this integration. As the operator of this website, we have no influence on this processing.

The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the appealing acoustic design of its website. If consent has been obtained, the processing will be carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) in the sense of the TDDDG. Consent may be revoked at any time.

For more information, please see Spotify's privacy policy: https://www.spotify.com/in-en/legal/privacy-policy/.

If you do not want Spotify to associate your visit to this website with your Spotify account, please log out of your Spotify account.

Your Rights

You generally have the right to access, correction, deletion, restriction, data portability, revocation, and objection. If you make an inquiry that is not in writing, we may ask you to provide proof that you are the person you claim to be.

If you believe that the processing of your data violates data protection law or otherwise infringes on your data protection rights, you can file a complaint with the supervisory authority. In Austria, this is the Data Protection Authority.
Below, you will find information on the rights granted to you by applicable data protection law regarding the processing of your personal data:

The right to request information about your personal data processed by us, as per Article 15 of the GDPR. Specifically, you can request information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing, or objection, the existence of a right to lodge a complaint, the source of your data if it was not collected by us, and information about the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the details thereof.

The right to request the immediate correction or completion of your personal data stored by us, as per Article 16 of the GDPR.

The right to request the deletion of your personal data stored by us, as per Article 17 of the GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.
The right to request the restriction of processing of your personal data, as per Article 18 of the GDPR, if the accuracy of the data is disputed by you, the processing is unlawful, but you oppose the erasure of the data, and we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims, or if you have objected to the processing as per Article 21 of the GDPR.

The right to receive your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format, or to request its transmission to another controller, as per Article 20 of the GDPR.

The right to lodge a complaint with a supervisory authority, as per Article 77 of the GDPR. You can usually contact the supervisory authority of the state of our registered office or, if applicable, your usual place of residence or workplace.

The right to revoke consent granted, as per Article 7(3) of the GDPR: You have the right to revoke a previously granted consent to the processing of data at any time with effect for the future. In the event of revocation, we will immediately delete the affected data, unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing that occurred prior to the revocation.

Right to Object

If your personal data is processed by us on the basis of legitimate interests in accordance with Article 6(1)(f) of the GDPR, you have the right to object to the processing of your personal data, as per Article 21 of the GDPR, to the extent that this is done for reasons that arise from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right to object without the need to specify a particular situation.

If you wish to exercise your right to revoke or object, a simple email to dataprotection@kaleidoscope.at is sufficient.

Contacting Us

If you get in touch with us via a form on the website or by e-mail, we store your data for 6 months for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on these data without your consent.

Want to learn more about Kaleidoscope?

Then just get in touch with us! We'd be happy to hear from you!

Contact us!