Privacy Policy

General Data Protection Information

In the realm of email marketing, the conditions specified by data protection laws (in Austria: the Data Protection Act 2000, DSG 2000) apply. Within the EU, the principle of establishment applies, meaning data protection laws apply regardless of where the data is actually stored. Only personal data (which refers to data that can identify a person — in Austria, this also includes legal entities) is protected. Anonymous or aggregated data does not fall under data protection regulations. The analysis of non-personal behavioral data (such as email open rates) is not governed by the Data Protection Act (DSG) and, therefore, does not require any information or consent from the individuals concerned. However, as soon as the behavior of individual persons is analyzed, the recipients must be informed accordingly (consent is not required).

To process personal data, the following basic conditions must be met:

  • Legal Basis: The data processing must be based on a legal foundation, meaning it must be legitimate (e.g., due to a law, such as business authorization, or through a corporate contract, association statutes, etc.).

  • Purpose Limitation: Data collection must be for a specific, legitimate, and lawful purpose.

  • Data Minimization: Data collected must be relevant to the purpose and the "least intrusive" means possible.

  • Sensitive Data: Special, stricter rules apply to sensitive data (such as health, ethnicity, sexual orientation, political or religious views, etc.).

In practice, this means that only data necessary for the business activity can be collected, and it must have a relevant connection to the activity. If these basic conditions are met, data processing is allowed under the following circumstances:

  • There is a legal obligation.

  • The individual has given consent.

  • There is a legitimate interest of the controller or a third party (e.g., to fulfill a contract with the individual).

  • To protect vital interests of the individual (e.g., in a medical emergency).

  • If the data is publicly available (e.g., in a phone directory).

Conclusion for Email Marketing: As long as the data is lawfully obtained and used only for internal purposes without being shared with third parties, the individuals only need to be informed (e.g., in a privacy notice). No explicit consent is required.

Reporting Obligations

Certain data processing activities must be reported to the Data Processing Register (DVR). However, email marketing typically uses customer or prospect data, and as consent is already obtained from recipients for receiving emails, it does not require additional approval or registration. Therefore, for ME e.U., email marketing is considered a "standard application" (SA022 "Customer support and marketing for internal purposes") and is exempt from approval or registration requirements.

Data Disclosure and Transfer

ME e.U. does not share collected data in any form.

Rights of Recipients Under Data Protection Law

The Data Protection Act grants recipients several important rights. The most significant include:

  • Right to Confidentiality: Every individual has the right to have their personal data kept confidential (exceptions are detailed above).

  • Right to Information: Every individual has the right to know why and by whom their data is being collected and processed.

  • Right to Access: A recipient has the right to access their stored data, provided they can verify their identity. This access must be granted within 8 weeks and is free of charge once per year. Any request for access will be fully honored.

  • Right to Withdrawal: The recipient can withdraw their consent to the processing of their data at any time (this includes consent for receiving promotional emails).

  • Right to Rectification/Deletion: The recipient also has the right to correct inaccurate data or delete unlawfully obtained data within 8 weeks.

Media Owner and Publisher

ME e.U.
Elisabeth Strasser-Müller, MSc
Mühlwasserpromenade 23, A-1220 Vienna
Email: elisabeth@meresiliencecoach.com

Privacy

As ME e.U. specializes in personal consulting, the website uses tools for anonymous tracking of user behavior. No personal data is collected! I use Google Analytics, a web analytics service provided by Google Inc., for web analysis and site optimization. Google Analytics uses "cookies," which are text files stored on your computer and allow analysis of your use of the website. The information generated by the cookie about your use of the website (including your IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, compile reports for website operators, and provide additional services related to website and internet usage. If necessary, Google may share this information with third parties where required by law or if third parties process the data on behalf of Google. Google will never link your IP address to any other data held by Google. You can prevent the installation of cookies by adjusting your browser settings, though doing so may affect your ability to fully utilize all features of the website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes described above.