Privacy Policy
1. Introduction
This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, contact us, or engage with our business consulting services. We are committed to protecting your privacy and ensuring you have a positive experience on our website and when working with us. This policy complies with the General Data Protection Regulation (GDPR) and Austrian data protection laws (DSGVO).
2. Controller & Contact Information
Data Controller: No Blind Spots e.U., Seitenstettengasse 5/37, 1010 Wien
Phone: +43 676 48 093 48
Email: milanaognjenovic@noblindspots.at
3. What Personal Data We Collect
3.1 Website Visitors
- IP Address
- Browser Information
- Access Information (pages visited, time spent, referral source)
- Cookies (explained in Section 7)
3.2 Contact Forms & Direct Communication
- Name
- Email Address
- Message Content
3.3 Client Engagement
- Identification Data (name, contact details, company name)
- Professional information (role, industry)
- Meeting notes & communications
- Project documentation
- Email correspondence & call dates
3.4 Video Calls
- IP Address
- Browser Information
- Access Information (pages visited, time spent, referral source)
- Cookies (explained in Section 7)
4. Legal Basis for Processing
- Consent – Article 6(1)(a) GDPR
- Contract performance – Article 6(1)(b)
- Legitimate interest – Article 6(1)(f)
- Legal obligation – Article 6(1)(c)
5. How We Use Your Data
Service Delivery
- Providing consulting services
- Responding to inquiries
- Scheduling meetings
- Project follow-ups
Communication
- Project updates
- Appointment scheduling
- Service-related messages
Website Improvement
- Traffic analysis
- Technical performance
- User behavior optimisation
Legal & Compliance
- Tax law record-keeping (7 years)
- Compliance with Austrian authorities
We do NOT use your data for:
- Selling or sharing for marketing
- Automated decision-making
- Profiling
6. Data Storage & Retention
6.1 Storage Locations
- Email accounts (Outlook, Gmail – encrypted)
- Google Drive
- Local devices (password protected)
- Video call platforms (temporary logs)
6.2 Retention Periods
- Website analytics: 6–12 months
- Contact inquiries: 2–3 years
- Email communications: 7 years
- Client project data: 7 years
- Meeting notes: 7 years
Austrian tax law requires 7-year retention for all business-related data.
6.3 Data Deletion
Data is securely deleted or anonymized after the retention period. You may request deletion anytime except for data required by law.
7. Cookies & Tracking
7.1 What Are Cookies?
Cookies are small files used to improve your website experience.
7.2 Types of Cookies We Use
- Essential cookies: Required for functionality
- Analytics cookies: Google Analytics (non-identifiable)
- Functional cookies: Preferences & settings
- Marketing cookies: Not used
7.3 Cookie Management
You can manage cookies through your browser settings.
7.4 Google Analytics
We use anonymized Google Analytics. You may opt out here: Google Analytics Opt-Out
8. Third-Party Data Sharing
8.1 Who We Share With
- Email providers
- Cloud storage providers
- Video call platforms
- Analytics tools
- Legal authorities (only when required)
- Tax advisors (confidential)
8.2 International Transfers
Data may be transferred outside the EU under Standard Contractual Clauses (SCCs).
9. Your GDPR Rights
- Right of access
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
- Right to object
- Right to lodge a complaint
How to exercise your rights:
Email: milanaognjenovic@noblindspots.at
Phone: +43 676 48 093 48
Address: Seitenstettengasse 5/37, 1010 Wien
10. Data Security
Technical Measures
- Encrypted email
- SSL/TLS website encryption
- Secure device access
- Antivirus protection
Administrative Measures
- Restricted data access
- Confidentiality agreements
- Secure document disposal
Physical Measures
- Password-protected devices
- Secure workspace
Data Breaches
You will be notified within 72 hours if a breach affects your data.
11. Contact Forms
You must consent to this Privacy Policy when submitting forms. We use your data only to respond and follow up.
12. Special Categories of Data
If you voluntarily provide sensitive data, it is stored securely and deleted when no longer needed.
13. Children’s Data
We do not collect data from children under 16.
14. Retention Table Summary
| Data Type | Retention | Legal Basis |
|---|---|---|
| Website analytics | 6–12 months | Website improvement |
| Contact inquiries | 2–3 years | Business reference |
| Email communications | 7 years | Austrian tax law |
| Client project data | 7 years | Austrian tax law |
| Meeting notes | 7 years | Austrian tax law |
| Video call logs | 30–90 days | Technical purposes |
| Visitor logs | 3–6 months | Security |