Secu-Tech Sicherheitslösungen

Privacy Policy

1. Controller

Security & Electronic Technologies GmbH Aumühlweg 3 / 2. Floor A-2544 Leobersdorf Austria

Phone: +43-2256-20177 Fax: +43-2256-20177-11 Email: office@secu-tech.com Website: www.secu-tech.com

If you have questions regarding the processing of your personal data, you can contact us at the contact details above.

2. Scope of this Privacy Policy

This Privacy Policy explains how we collect, use, disclose, and otherwise process personal data when you visit our website, contact us, register for downloads, create or use an account, access protected areas, subscribe to newsletters or marketing communications, participate in campaigns, interact with our content, or otherwise engage with us online.

This Privacy Policy also applies to related processing activities connected with our website, landing pages, forms, communications, analytics, security monitoring, campaign measurement, advertising and remarketing activities, business outreach, and the use of external service providers and cloud based tools, including AI supported services, where applicable.

3. Definitions

Personal data means any information relating to an identified or identifiable natural person.

Processing means any operation performed on personal data, such as collection, recording, storage, organization, use, disclosure, transmission, analysis, restriction, deletion, or destruction.

4. Categories of Personal Data We Process

Depending on how you interact with us, we may process the following categories of personal data:

Identification data, such as name, title, company name, industry, role, and language preferences
Contact data, such as email address, phone number, postal address, and communication details
Account and access data, such as login details, password hashes, account status, user role, consent status, and authentication related information
Download and registration data, such as the content requested, registration source, timestamp, and account related history
Communication data, such as inquiries, support requests, contact form submissions, emails, responses, and notes relating to communications
Marketing and subscription data, such as newsletter subscriptions, opt in records, preferences, campaign source data, and suppression or unsubscribe information
Usage data, such as pages viewed, clicks, navigation paths, referring URLs, timestamps, device data, browser data, approximate geolocation derived from IP based routing data, and interaction events
Technical and security data, such as IP address, log files, error data, security events, device identifiers, cookie and consent signals, anti abuse and anti fraud indicators, and system diagnostics
Commercial and lead related data, such as interest in products, downloads, event participation, campaign engagement, qualification indicators, deal stage context, and interaction history
Advertising and measurement data, such as campaign identifiers, audience data, conversion data, attribution data, and retargeting or remarketing related identifiers
AI input and output data, such as prompts, uploaded or submitted text, metadata, classifications, summaries, or recommendations generated with the support of cloud based AI services, where used lawfully and appropriately

We do not require you to provide personal data unless it is necessary for a particular purpose. If you do not provide required data, certain functions or services may not be available.

5. Purposes and Legal Bases of Processing

We process personal data only where we have a valid legal basis under applicable data protection law.

5.1 Website operation and delivery

We process personal data to provide the website, ensure functionality, deliver content, maintain availability, optimize performance, and protect the confidentiality, integrity, and security of our systems.

Legal basis: Art. 6(1)(f) GDPR, our legitimate interests in secure and efficient website operation. Where technically necessary storage or access technologies are used, the legal basis may also be applicable national law governing such technologies.

5.2 Contact requests and business communication

We process personal data to handle inquiries, provide requested information, respond to communications, manage business relationships, and document correspondence.

Legal basis: Art. 6(1)(b) GDPR where processing is necessary to take steps at your request prior to entering into a contract or to perform a contract. Otherwise Art. 6(1)(f) GDPR, our legitimate interests in handling business communications efficiently.

5.3 Download registration, user accounts, and protected areas

We process personal data to provide gated downloads, create and manage user accounts, authenticate users, authorize access to protected areas, manage partner access, deliver requested materials, and prevent unauthorized access or misuse.

Legal basis: Art. 6(1)(b) GDPR where processing is necessary to provide requested services or account functions. Additionally Art. 6(1)(f) GDPR for access control, fraud prevention, security, and service improvement.

We process personal data to send newsletters, product updates, event invitations, and similar communications, where permitted by law or based on your consent. We may also maintain suppression lists to ensure that unsubscribe requests and objections are respected.

Legal basis: Art. 6(1)(a) GDPR where consent is required. Where permitted by applicable law for existing customer relationships, Art. 6(1)(f) GDPR, our legitimate interests in direct marketing. You may withdraw consent or object to marketing at any time.

5.5 Analytics, measurement, and service improvement

We process personal data to understand website usage, measure reach and performance, analyze user journeys, improve content and usability, troubleshoot problems, and assess the effectiveness of pages, campaigns, and communications.

Legal basis: Art. 6(1)(a) GDPR where consent is required for analytics or similar tracking technologies. Otherwise Art. 6(1)(f) GDPR where processing is strictly necessary, aggregated, or otherwise lawfully configured.

5.6 Advertising, campaign tracking, and remarketing

We may process personal data to measure campaign performance, understand whether users interact with ads or communications, create audience segments, limit repetitive advertising, improve relevance, and conduct remarketing or retargeting activities across websites, platforms, and channels, where legally permitted and based on your choices.

Legal basis: Art. 6(1)(a) GDPR where consent is required.

5.7 Outreach, lead management, and business development

We may process business contact and interaction data to organize and evaluate outreach activities, understand potential interest in our products or services, prioritize follow up, and manage sales and business development processes.

Legal basis: Art. 6(1)(f) GDPR, our legitimate interests in marketing our products and managing business relationships. Where required by law, we will rely on consent or another valid legal basis.

5.8 Security, abuse prevention, and legal compliance

We process personal data to detect, prevent, and investigate abuse, fraud, unauthorized access, service misuse, bot activity, security incidents, and legal violations, and to comply with legal obligations.

Legal basis: Art. 6(1)(c) GDPR where processing is required by law. Otherwise Art. 6(1)(f) GDPR, our legitimate interests in security, risk management, and enforcement of our rights.

5.9 Use of cloud based tools and AI supported services

We may use carefully selected cloud based software and AI supported services to assist with communications, support, translation, drafting, classification, summarization, data structuring, quality assurance, process automation, lead handling, analytics support, and internal business workflows. In this context, data provided by you or generated in the course of the relationship may be processed by such service providers on our behalf or, where appropriate, under separate responsibility.

Where we use AI supported services, we do so for legitimate business purposes, service delivery, efficiency, documentation, communication support, and process improvement. We seek to implement appropriate contractual, technical, and organizational safeguards. We do not use solely automated decision making that produces legal effects or similarly significant effects on you unless a valid legal basis exists and any legally required safeguards are in place.

Legal basis: Art. 6(1)(b) GDPR where necessary for requested services or pre contractual measures. Art. 6(1)(f) GDPR for our legitimate interests in efficient, scalable, and secure business processes. Art. 6(1)(a) GDPR where consent is required for a specific use case.

Our website may use cookies, local storage, pixels, tags, scripts, SDK like technologies, and similar technologies for the following purposes:

Strictly necessary website functions
Security, fraud prevention, and load balancing
Saving preferences and consent choices
Analytics and measurement
Advertising, campaign tracking, conversion measurement, and remarketing
Embedding external media, maps, forms, or similar third party content

Where required by law, we ask for your consent before using non essential technologies or before accessing information on your device for non essential purposes. You can grant, refuse, or withdraw consent at any time through our consent management tool or other settings we make available.

The fact that we use broad categories in this Privacy Policy does not limit your rights to transparency. Where legally required, more detailed information about individual tools, categories, providers, or third country transfers may also be provided in the consent layer, cookie settings, or on request.

7. Website Analytics and Measurement

We may use privacy focused and conventional analytics solutions, either separately or in combination, to measure how our website is used, which content performs best, how users navigate through our pages, whether forms and downloads are effective, and how we can improve the user experience and our services.

Depending on configuration and legal requirements, such analytics may involve cookies or cookie free measurement, pseudonymous identifiers, event based tracking, approximate location based on truncated or regionalized IP processing, campaign parameters, and conversion measurement.

Where consent is required, analytics will only be activated after consent has been given. You can withdraw your consent at any time with effect for the future.

8. Advertising, Conversion Tracking, and Remarketing

We may use technologies that help us measure the effectiveness of advertising, understand whether website visits or actions result from campaigns, build audience segments, and show or suppress ads on third party platforms and across digital channels.

This may include conversion tracking, audience matching, retargeting, remarketing, pixel based measurement, ad audience suppression, attribution, and related reporting. Such processing may involve providers in the areas of advertising technology, social media, campaign management, business development, enrichment, or analytics.

Where required by law, these technologies are used only on the basis of your consent.

9. Contact Forms, Requests, and Communications

When you contact us, including by email, phone, form, chat like interfaces if offered, or through other channels, we process the data you provide in order to handle your inquiry and document the communication.

This may include your name, company, role, email address, phone number, country, inquiry content, attachments, the topic of interest, and related communication history.

If your request is related to products, services, partner access, technical materials, quotes, support, demos, or downloads, we may route your request internally to the relevant team or selected service providers acting on our behalf.

10. Gated Downloads, Registration, and Accounts

Certain documents, technical materials, downloads, partner resources, or other content may only be available after registration, login, or confirmation of eligibility.

In this context, we may process:

Name
Company
Business email address
Password or password hash
Account role and permissions
Requested asset or resource
Registration timestamps
Verification and login information
Download history
Security and anti abuse data

We process this data to provide requested content, maintain your account, enable future access, administer protected resources, verify permissions, and protect against misuse.

Accounts and access rights may be restricted, suspended, or adjusted where necessary for security, compliance, misuse prevention, or rights management.

If you subscribe to our newsletter or other communications, we process your contact data, subscription source, preferences, consent records, and engagement data, such as opens, clicks, and interaction history, to the extent permitted by law and depending on the communication channel used.

We may use double opt in, preference management, unsubscribe tools, suppression lists, and records of consent or objection to ensure lawful communication.

You can unsubscribe or object to direct marketing at any time. This does not affect the lawfulness of processing that took place before your withdrawal or objection.

12. CRM, Lead Management, and Outreach Activities

We may use systems and service providers to manage contacts, leads, campaigns, outreach, business development, sales processes, relationship history, segmentation, and follow up actions.

In that context, we may combine data collected from website interactions, forms, registrations, downloads, newsletters, public business sources, existing customer relationships, and campaign responses, to the extent permitted by law.

Where required, we will obtain consent before using certain data for tracking, enrichment, remarketing, or similar purposes. We may also maintain records of lawful basis, communication preferences, consent status, objections, and do not contact requests.

13. Security, Error Monitoring, and Abuse Prevention

To maintain the security and reliability of our website and services, we may process technical and security related data, including server logs, request metadata, error reports, security events, authentication events, status information, and indicators relevant to bot detection, fraud prevention, or misuse prevention.

This may include anti spam and anti abuse checks, authentication and authorization controls, rate limiting, monitoring of failed login attempts, file access controls, suspicious request patterns, error reporting, and diagnostics.

14. Log Files and Technical Data

When you access our website, systems and infrastructure providers may automatically collect technical information in log files. This may include:

IP address
Date and time of the request
Requested URL and referrer
Browser type and version
Operating system
Device type
Host name
Response status
Data volume
Performance and error information

We process such data to ensure website delivery, maintain security, detect abuse, troubleshoot errors, monitor system stability, and document incidents. Log data is not used to identify you personally unless necessary for security, legal, or operational reasons.

Our website may contain links to third party websites or may integrate external content or functions, such as videos, maps, forms, media, social features, external fonts, or other services. When such content is activated, personal data may be transmitted to the respective third party, including your IP address and usage related data.

Where required by law, such external content will only be activated after your consent. Please also note that third party providers may process data under their own privacy policies and terms.

16. Recipients and Categories of Recipients

We may disclose personal data to the following categories of recipients where necessary and legally permitted:

Hosting, infrastructure, CDN, and security providers
Website, application, and IT service providers
Analytics, measurement, and reporting providers
Advertising, campaign, social media, and remarketing providers
CRM, sales, outreach, communication, and newsletter providers
Authentication, account, and access management providers
Support, productivity, document, and collaboration providers
AI and automation service providers
Payment, legal, tax, audit, insurance, or compliance advisors, where relevant
Authorities, courts, counterparties, or other recipients where required by law or necessary to establish, exercise, or defend legal claims
Group companies, distributors, commercial partners, or service partners where required to handle your request or deliver the requested service, always subject to an appropriate legal basis

We only share personal data to the extent necessary for the relevant purpose.

17. Processors and Joint Responsibility

Where service providers process personal data on our behalf, we conclude data processing agreements where required by law. Where we and another party jointly determine the purposes and means of processing, the relevant parties will allocate responsibilities in accordance with applicable law.

18. International Data Transfers

Some recipients or service providers may process personal data outside the European Economic Area or in countries that do not provide an adequate level of data protection under applicable law.

Where this happens, we implement appropriate safeguards, such as adequacy decisions, Standard Contractual Clauses, supplementary safeguards, or other legally recognized transfer mechanisms, where required.

You may request more information about the safeguards relevant to a specific transfer, subject to legal and confidentiality restrictions.

19. Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, for as long as a lawful basis exists, and for as long as retention is required by statutory retention obligations, limitation periods, security needs, dispute resolution, or evidence preservation.

Retention periods may vary depending on the category of data and the purpose of processing. For example:

Contact inquiries are retained for as long as necessary to handle the request and any follow up
Contract and account related data may be retained for the duration of the relationship and applicable retention periods
Marketing consents and objections may be retained for as long as needed to demonstrate compliance and respect your preferences
Security and technical logs may be retained for the period necessary to ensure system integrity, investigate incidents, and meet operational or legal requirements
Newsletter and campaign data may be retained until consent is withdrawn, you object, or the data is no longer needed

After the applicable retention period ends, the data will be deleted, anonymized, or restricted, unless further retention is legally required.

20. Sources of Data

We may obtain personal data directly from you, through your use of our website and services, from your employer or organization where relevant to a business relationship, from publicly accessible business sources, from service providers acting on our behalf, from campaign and communication platforms, and from third parties where legally permitted.

21. No Obligation to Provide Data

You are generally not obliged to provide personal data. However, if you do not provide data required for specific services or functions, such as responding to a request, creating an account, granting access to protected content, or subscribing to communications, we may be unable to provide the relevant service.

22. Automated Decision Making and Profiling

We may use business rules, segmentation, scoring, prioritization, or AI assisted tools to support analytics, outreach, communication management, security, internal triage, service improvement, or lead handling.

However, we do not make decisions based solely on automated processing that produce legal effects concerning you or similarly significantly affect you, unless this is legally permitted and appropriate safeguards are in place.

23. Your Rights

Subject to the applicable legal requirements, you have the following rights regarding your personal data:

Right of access
Right to rectification
Right to erasure
Right to restriction of processing
Right to data portability
Right to object to processing based on legitimate interests
Right to object at any time to processing for direct marketing purposes
Right to withdraw consent at any time with effect for the future, where processing is based on consent
Right not to be subject to certain automated decisions, where applicable

To exercise your rights, please contact us using the contact details above.

24. Right to Lodge a Complaint

You also have the right to lodge a complaint with a competent supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.

The competent supervisory authority in Austria is:

Austrian Data Protection Authority (Österreichische Datenschutzbehörde) Barichgasse 40-42 1030 Vienna Austria Email: dsb@dsb.gv.at Web: dsb.gv.at

25. Data Security

We implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access. Such measures include, where appropriate, access restrictions, authentication controls, encryption, logging, role based permissions, backups, monitoring, and security review processes.

However, no method of transmission over the internet or method of electronic storage is completely secure. Therefore, absolute security cannot be guaranteed.

26. Changes to this Privacy Policy

We may update this Privacy Policy from time to time in order to reflect legal, technical, operational, or business related changes. The version published on this website is the current version.

27. Contact for Privacy Matters

If you have questions about this Privacy Policy or the processing of your personal data, please contact: