Auroria e.U (hereinafter: “Auroria”) takes special concern in protecting your data, which is why Auroria observes the applicable data protection provisions, in particular the GDPR and the DSG in the processing of your personal data (e.g. master data). The collection of your personal data is essential for the conclusion of a contract as well as for fulfilment of contractual obligations and services. If Auroria is not provided the requested information, neither a successful conclusion of the contract nor further contractual services are possible.

Below you will find more information about the data processing carried out by us:

Responsible data controller

  • Auroria e.U., FN 508807 x
  • Owner: Nico Filzmoser
  • Kleinfeld 6
  • 4210 Gallneukirchen
  • E-mail: auroria@auroria.io

Since Auroria is not required by law to do so, it has not appointed a data protection officer or named one for the Data Protection Authority.

Rights of data subjects / Right to object and revoke and right to appeal

You have the following rights vis-a-vis Auroria regarding your personal data:

  • Right to information (Art. 15 GDPR): You have the right to ask for confirmation as to whether Auroria is processing personal data concerning you. If this is the case, you have a right to information about this personal data and information according to Art. 15 GDPR.
  • Right to correction (Art. 16 GDPR): You have the right to request immediate correction of personal data concerning you or to have incomplete personal data completed if necessary.
  • Right to deletion (Art. 17 GDPR): You have the right to demand the immediate deletion of personal data concerning you, if one of the reasons stated in Art. 17 GDPR applies (e.g. data processing is no longer necessary for achieving the purpose).
  • Restriction of processing (Art. 18 GDPR): You have the right to demand that we restrict the processing if one of the conditions set out in Art. 18 GDPR applies (e.g. in the case of an objection to the processing of data, as long as it is not certain that Auroria’s legitimate reasons outweigh your legitimate reasons).
  • Right to data portability (Art. 20 GDPR): You have the right to receive the personal data you have provided to Auroria in a structured, common and machine-readable format and to transmit that information to another controller without any hindrance by Auroria. However, you are entitled to this right only if the data processing is based on consent (Art. 6 (1) (a) or 9 (2) (a) GDPR) or on a contract (Art. 6 (1) (b) GDPR) and the processing is done with an automated procedure.
  • Right to object to processing (Art. 21 GDPR): If the processing of your personal data is based on a balancing of interests (Art. 6 (1) (f) GDPR: legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. When exercising your right to object, Auroria asks you to explain your reasons why Auroria should not process your personal data. Auroria examines the situation and either stops or adjusts the data processing or shows you the compelling legitimate reasons worthy of protection and continues the data processing. Auroria shall also continue to process the data if it serves the assertion, exercise or defence of legal claims. You can object to data processing for the purposes of direct mailing and data analysis at any time and free of charge. In this case Auroria stops the data processing.
  • Right to revocation: If you have given your consent to the processing of your personal data, you can revoke your consent at any time. Your revocation does not affect the legality of the data processing until revocation.

Right to revocation: If you have given your consent to the processing of your personal data, you can revoke your consent at any time. Your revocation does not affect the legality of the data processing until revocation.

  • Auroria e.U., FN 508807 x
  • Owner: Nico Filzmoser
  • auroria@auroria.io
  • Kleinfeld 6, 4210 Gallneukirchen
  • +43 (0)664 3411201

Please note that information can only be provided if you can identify yourself.

If you believe that data processing violates applicable data protection laws or Auroria violates your privacy rights, you also have the right to appeal to the supervisory authority in the Member State of your whereabouts, place of work or place of alleged infringement.

If you want to file your appeal with the supervisory authority in Austria, please contact:

  • Österreichische Datenschutzbehörde
  • Barichgasse 40-42
  • 1030 Vienna

Information about the processing of your personal data

Hosting / Third-country transfer

Purpose: The Auroria Project Management Platform is currently hosted in the EEA region (Frankfurt) for permanent and secure availability on DigitalOcean LLC servers, 101 Avenue of the Americas, 10th Floor, New York, NY 10013, (“DigitalOcean” for short). Accordingly, all data in the context of the business relationship, also personal data is stored on external servers. The data is transferred in encrypted form by the user to the servers of the processor DigitalOcean and stored in the course of processing in a secure database. At the time of transfer, due to the encrypted transfer, it is only possible for DigitalOcean to view the IP address and the time of the request. At the time of processing the request, the data packet is “decrypted” by the software and processed in memory, as soon as this processing has been completed, an encrypted connection to the database is opened again and the data is stored securely there.

Legal basis: Consent (Art. 6 (1) (a) GDPR), fulfilment of a contract, to carry out pre-contractual measures (Art. 6 (1) (b) GDPR, legitimate interest, especially defence, exercise and assertion of legal claims (Art. 6 (1) (f) GDPR), §96 (3) TKG 2003, Art. 49 (1) (b) or (c) GDPR.

The following data is processed: IP address, date and time of use, content of the request (concrete page), access status/HTTP status code, amount of data transferred, requesting website, browser, operating system and interface, language and version of the browser software

Storage time: Until the termination of the business relationship or until expiry of the applicable warranty, guarantee, statute of limitations and legal retention periods (in particular BAO); in addition, until the termination of any legal disputes in which the data is required as proof.

Recipient: DigitalOcean is certified under the US-EU data protection agreement “Privacy Shield” and committed to complying with European data protection requirements. For more information data protection at DigitalOcean, see: https://www.digitalocean.com/legal/privacy-policy/

Registration, customer administration, payment processing, accounting, statistical analysis, user profiles and accounting / Third-country transfer

Purpose: Processing of personal data in the context of all business dealings with customers in the course of the commercial activity “services in automatic data processing and information technology”, including the systematic recording of all business transactions relating to revenue and expenditure.

Legal basis: Consent (Art. 6 (1) (a) GDPR), fulfilment of a contract, necessary for carrying out pre-contractual measures (Art. 6 (1) (b) GDPR), fulfilment of a legal obligation (Art. 6 (1) (c) GDPR), legitimate interest, especially defence, exercise and assertion of legal claims (Art. 6 (1) (f) GDPR), explicit consent (Art. 9 (2) (a) GDPR), Art. 49 (1) (b) or (c) GDPR.

The following data is processed: Name, company, academic degree, address, e-mail address, VAT tax identification number, user identification number, bank data, account access data, payment card number including check number and expiration date, password, date and time of request, access status/HTTP status code, amount of data transferred, requesting website, browser, operating system and interface, language and version of the browser software

Storage time: Until the termination of the business relationship or until expiry of the applicable warranty, guarantee, statute of limitations and legal retention periods (in particular BAO); in addition, until the termination of any legal disputes in which the data is required as proof.

Recipient / Recipient categories: Auroria uses Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, a company of Stripe, Inc., California, 10 Townstend Street, San Francisco, California, 94103 for payment and billing purposes (collectively: “Stripe”). Stripe, Inc. is certified under the US-EU data protection agreement “Privacy Shield” and committed to complying with European data protection requirements. Stripe also transfers personal data to third counties. For more information data protection at Stripe , see: https://stripe.com/de/privacy. Other recipients / recipient categories include: Inland revenue authorities, courts and authorities, banks, legal representatives, accountants, accountants involved in disbursement to the data subject or to third parties.

Website visit

Purpose: If our website is only used for informational purposes (no registration and no transmission of other information), personal data will be collected, which will be transmitted from your browser to our server. This is technically necessary to let you view our website and to ensure the stability and security of the website.

Legal basis: legitimate interest (Art. 6 (1) (f) GDPR), Art. 96 (3) TKG 2003, Art. 49 (1) (b) or (c) GDPR

The following data is processed: IP address, date and time of the request, amount of data transferred, website request, browser, operating system and interface, language and version of the browser software

Storage time: up to one year

Recipient / Recipient categories: DigitalOcean is certified under the US-EU data protection agreement “Privacy Shield” and committed to complying with European data protection requirements. For more information data protection at DigitalOcean, see: https://www.digitalocean.com/legal/privacy-policy/

Electronic contact requests via the website, e-mail communication, customer care

Purpose: Handling contact requests and customer care via e-mail or the website contact form.

Legal basis: Fulfilment of a contract, required to carry out pre-contractual measures (Art. 6 (1) (b) GDPR), legitimate interest (Art. 6 (1) (f) GDPR), Art. 96 (3) TKG 2003, Art. 49 (1) (b) or (c) GDPR

The following data is processed: Master data, content data of the request, e-mail address, IP address. Date and time of the request, content of the request (concrete page), access status/HTTP status code, amount of data transferred, requesting website, browser, operating system and interface, language and version of the browser software

Storage time: Without business relationship, until answering the request. In the case of a business relationship, until its termination or until expiry of the applicable warranty, guarantee, statute of limitations and legal retention periods (especially BAO); furthermore, until the termination of any legal disputes in which the data is required as proof or in case of statutory retention obligations, the processing will be restricted until then.

Recipient / Recipient categories: DigitalOcean is certified under the US-EU data protection agreement “Privacy Shield” and committed to complying with European data protection requirements. For more information data protection at DigitalOcean, see: https://www.digitalocean.com/legal/privacy-policy/ Auroria uses the “G Suite” e-mail service of Google LLC, 1600 Amphitheater Pkwy, Mountain View, California 94043 and Google Ireland Limited, based in Gordon House, Barrow Street, Dublin 4, Ireland for e-mail communications (hereinafter: “Google”). Google LLC is certified under the US-EU data protection agreement “Privacy Shield” and committed to complying with European data protection requirements in connection with “G Suite”. For more information data protection at “Google”, see: https://policies.google.com/privacy?hl=de

Cookies / Web analytics

Purpose: Auroria uses cookies to improve its user identification and web analytics services. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure and are necessary to ensure certain functions on the website. Cookies are small text files that are saved on your device (computer, tablet or smartphone) and stored by your browser. There are transient and persistent cookies. Transient cookies are automatically deleted when you close the browser. These include in particular session cookies. These types of cookies store a so-called session ID, with which various requests from your browser can be assigned to the shared session. Your device will be recognized when you return to our website. The cookies are automatically deleted after the end of your visit. Persistent cookies remain stored on your device and are automatically deleted after a certain period of time, or you can also delete them by changing the security settings of your browser. You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, allow the acceptance of cookies for certain cases or generally exclude acceptance, and activate the automatic deletion of cookies when closing the browser. Cookies can be used to facilitate navigation on a website and user identification. If the user of the website and/or customer wants to prevent the use of cookies, the user can do so by making local changes to their settings in the Internet browser used on their computer, i.e. the program for opening and displaying web pages (e.g. Internet Explorer, Mozilla Firefox , Opera or Safari).

Auroria uses Google Analytics, a web analysis tool from Google, LLC for web analytics (“Google”). Google Analytics uses cookies that are stored on your computer and that allow an analysis of the use of the website by you. You may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de. This website uses Google Analytics with the extension “_anonymizeIp”. As a result, IP addresses are processed in a shortened form, so personal reference can therefore be excluded. As far as the data collected about you has a personal reference, this is therefore immediately excluded and the personal data deleted immediately.

The usage of cookies for user identification is essential for full use of the project management platform. These are so-called first-party cookies, i.e. cookies that are used exclusively by Auroria. These are cookies that, for example, serve to ensure that you, as a registered user, always remain logged in when accessing various sub-pages of our website and do not have to reenter your login data each time you open a new page.

Legal basis: Consent (Art. 6 (1) (a) GDPR), fulfilment of a contract, necessary for the implementation of pre-contractual measures (Art. 6 (1) (b) GDPR), legitimate interest, in particular to improve one’s own services in favour of users (Art. 6 (1) (f) GDPR ), § 96 (3) TKG 2003, Art. 49 (1) (b) or (c) GDPR

The following data is processed: IP address, with the extension “AnonymizeIP”, so that a direct personal reference can be excluded; the transmitted IP address will not be merged with other data collected by us.

Storage time: In the case of a business relationship, until its termination or until expiry of the applicable warranty, guarantee, statute of limitations and legal retention periods (especially BAO); furthermore, until the termination of any legal disputes in which the data is required as proof or in case of statutory retention obligations, the processing will be restricted until then; without business relationship: up to one month.

Recipient / Recipient categories: DigitalOcean is certified under the US-EU data protection agreement “Privacy Shield” and committed to complying with European data protection requirements. For more information data protection at DigitalOcean, see: https://www.digitalocean.com/legal/privacy-policy/

For web analytics, Auroria uses the web analytics service “Google” AnalyticsGoogle, LLC (Google, 1600 Amphitheater Pkwy, Mountain View, California 94043, USA, or its affiliate, Google Ireland Limited, located in Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). Google LLC is certified under the US-EU data protection agreement “Privacy Shield” and is committed to complying with European data protection requirements in connection with “Google Analytics”. In addition, Google Analytics and Google Analytics 360 are certified according to the independent safety standard ISO 27001. ISO 27001 is one of the world’s most recognised standards. The certification applies to the systems through which Google Analytics and Google Analytics 360 are provided. For more information about terms of use and privacy, please see http://www.google.com/analytics/terms/de.html or http://www.google.com/intl/de/analytics/privacyoverview.html