Data Protection

Privacy statement of ipcom GmbH

ipcom GmbH is responsible for the use of your personal data in accordance with the law in regard to providing anycast-services.

ipcom GmbH offers anycast-services under the trademark RcodeZero. Those services can either be purchased directly at ipcom or via a reseller. We handle your data with the utmost care and in accordance with the principles of the GDPR.


What is the GDPR?

The GDPR is the European General Data Protection Regulation, which applies directly in all EU member states as of 25 May 2018. It protects natural persons with regard to the processing of personal data, and sets out a range of obligations for those who process personal data to provide information and clarification. This means data controllers and those who process data for them. The GDPR also establishes numerous rights and legal remedies for persons whose data is processed (“data subjects”). Austria has enacted additional measures to the GDPR in its Datenschutzgesetz (Data Protection Act).

The text of the GDPR can be found here: http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679. The text of the Austrian Data Protection Act, together with a translation, can be found here: https://www.ris.bka.gv.at/Dokumente/Erv/ERV_1999_1_165/ERV_1999_1_165.pdf.

We are committed to transparent communication about the processing of your data. Below you will find details regarding the way we handle your personal data as well as your individual data protection rights.

How we handle your data
Data processing and data processing categories

If you wish to purchase our anycast-services, you can approach ipcom directly, or a reseller. This means we either receive your data directly from you, or indirectly from the party you have contracted in this regard. In either case, we require the usual data for conculding a contract, especially company name, first and last name of contact persons as well as contact details (postal address and e-mail address). A telephone number and a fax number can also be provided, but are not required.

We collect these data together with information on the specific contractual relationship including any changes, as well as the domain names and zone data and further technical data necessary to fulfil the anycast-service, especially IP-addresses, nameservers und further so called resource records.

In case of duty of payment in regard to the contract the necessary accounting and payment data will be stored.

Communications data are collected as required (including records of telephone calls, e-mails, forms, all necessary documents, log-in data, etc.).

Data are also collected and processed when you visit our website. The extent to which and the purposes for which we collect and analyse anonymous data on our website are described under “Our cookies/Third-party cookies used in our services”.


If you subscribe to our newsletter, we process the data required to send it to you and store the respective consent you have provided.

Your options for controlling your data

If you would like to check that your data as a natural person stored as ipcom is correct, you can submit an information request. Therefore we require proof of identity. We need to be sure that you are actually the person who is requesting your data. Depending on the request, we might also require additional, possibly more specific information, such as your contact details and information on whether we have a contractual relationship with you, in order to be able to send you the desired information.


Legal basis and purpose of data processing

Your data are collected and processed first and foremost for the purpose of fulfilling the contract. We send you newsletters on the basis of your consent, which you can revoke at any time.

Anonymous user behaviour provides the basis for optimising the performance of our website, as well as our interest-based advertising, in which we have a legitimate interest.

Your data will not be forwarded to third parties for their marketing purposes.


Our data recipients

nic.at GmbH is shareholder of ipcom. As ipcom has no own staff all activities of ipcom are fulfilled trough nic.at employees. Your data is therefore processed in the relevant department of nic.at.

An external tax consultant takes care of tax matters for us, and a collections agency is used to recover receivables when a counterparty to a contract with us is in serious default.

ipcom also enlists a number of processors, to whom data required for the performance of their contracted tasks are forwarded.

 

Our processors

To fulfil the anycast-services ipcom runs a worldwide network of server-locations and therefore uses various provides of such locations. Those providers only run the relevant hardware on the location; they have no access on the data of ipcom or ipcom´s customers. Ipcom concluded appropriate contracts with the location providers.

ipcom enlists a number of processors to whom data are forwarded if required for the performance of their contracted tasks. For instance, Vienna University Computer Center provides us with important technical support.

We also work with several marketing agencies. In all cases, nic.at ensures by means of contracts with processors that they comply with data protection obligations.

Information requests by third parties
A third party which claims acces to your data must submit an information request. In every case, we very carefully assess whether the request appears justified on the basis of the facts provided. The third party must have a legitimate interest in the data requested, and be able to demonstrate such an interest.

Erasure of data

We believe that data must not be stored indefinitely without good reason. We intend to store data only for as long as necessary. In our view, storage of data for the duration of a contractual relationship is definitely necessary. In addition, we store data for as long as claims arising from a contractual relationship can be enforced. Furthermore, due to various statutory requirements, such as those on proper accounting, we are obliged to store data for specific periods.


Newsletter

You receive our newsletter on the basis of the consent you provided. With subscribing to our newsletter you agree that your provided data (first name, last name, e-mail address) can be used and processed for promotions.

You can quickly and easily unsubscribe from the newsletter at any time using the "unsubscribe" link provided in every e-mail. Please note that this does not affect the lawfulness of delivery prior to your withdrawal of consent. In case you wish to cange your data, please use the "update email preferences" link provided in every e-mail.

We use the e-mail marketing tool mailworx for sending our newsletters. mailworx recods the time of delivery, the time and the duration the newsletter is opened, the ip-address and the used e-mail programme. mailworks also records the links that were clicked. The data is saved and processed in the European Union.

 

Cookies: general information

A cookie is a small text file that your browser stores on your device (PC, smartphone, etc.) when you visit a website. This text file stores information so that the website recognises your device when you visit the site again. Cookies were developed to enhance website functionality. For this reason, information is stored and transmitted in the background when you visit a website. Cookies have differing lifespans, and can be stored either temporarily for the duration of a website visit or for a longer period of time.

Cookies have various uses, ranging from technologically helpful and essential cookies to profiling cookies. Technologically essential cookies enhance convenience, allowing you to visit websites without interference and to shop online, for example. Third-party cookies can be used to profile your surfing behaviour online, and this information is normally used for tailored advertising.

You can delete cookies and limit the possibilities for them being installed in your browser settings. Most browsers give you the option of

finding out what cookies are stored on your device;
erasing individual cookies;
blocking cookies from third parties;
blocking cookies from certain websites;
blocking all cookies;
erasing all cookies when you close your browser.
Please note that if you choose to erase cookies, all of your session data will be lost. In addition, our website does not function properly if you block cookies. Therefore, we recommend that you do not block all cookies.

It should also be noted that cookies usually cannot be stored for use in different browsers. For example, cookies saved in Chrome do not automatically work in Firefox. This means that you should configure the settings separately for each browser you use.

Nowadays, it is standard practice to use cookies on websites. Without cookies, it would not be possible to make use of services on websites. However, the purpose for which cookies are used is important, because there are now various ways in which they can be misused.

 

Our Cookies

When you visit our website, cookies are primarily used where they are technologically necessary, so that you can access the information you are looking for quickly, easily and in a user-friendly manner. The cookies we use include session cookies, which mean that you do not have to reload data during your visit to our site, and security cookies, which attach data allocated specifically and temporarily when you send forms. These cookies are only stored for a very short time. In contrast, the consent cookie that records whether you have consented to the use of cookies on our website has a lifespan of several years, so that you are not asked for your consent every time you visit our site. Thanks to the technical assistance we receive from Vienna University Computer Center, a load balancer ensures the efficient distribution of load when many users visit the site at the same time. When you first access our website, the relevant cookie records the “information flow path” (via various servers) for the duration of your visit.

Third-party cookies used in our services

We use the open-source web analysis service Matomo (formerly Piwik; see https://matomo.org/) to continuously optimise our website. Analysing visitor information helps us to identify potential sources of errors and less user-friendly interfaces, and rectify them. The analysis-tool cookie allocates a user ID under which your IP address is stored in a database in pseudonymised form together with information on your surfing behaviour (traffic data). Abstract user behaviour (under the allocated ID number) is of interest to us, not information on a specific person. We use plug-ins produced by third parties for various purposes, including to evaluate the effectiveness of our marketing. This requires geolocalisation, and this information is derived from your IP address and stored (prior to pseudonymisation). In itself, this information does not allow an individual user’s location to be determined. It only provides vague information on the country or federal province in which your IP address was registered. We store and analyse this data exclusively for our own use. This data is not shared with third parties for outside marketing.

This Website also uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google Analytics uses cookies, which are text files stored in your computer, that enable analysis of the way you use the website. This information, including your IP-address will be forwarded to a Google server in the USA and stored there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for us, and providing other services relating to website activity and Internet usage. Google will forward this infomation also to third parties if required by law or if those third parties process data on behalf of Google.
The data transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google. You can prevent the storage of cookies by selecting the appropriate settings in your browser software. However, we wish to point out that, in this case, you may not be able to use the full functionality of this website.


Technical data security measures

Information security is an extremely important aspect of data protection. nic.at GmbH, who ist the shareholder of ipcom GmbH, is certified in accordance with the international ISO 27001 standard in order to provide the highest possible level of security. This standard is also applied on all ipcom activities. If you have any further questions on the use of your data, please contact ipcom GmbH[BS1] .

 


Your data protection rights:

The GDPR includes an extensive package of protective rights for natural persons whose data are processed (i.e. collected, stored, transferred, restricted, erased, etc.).

Right of access

Under Article 15 GDPR, you have the right to obtain information on the categories of personal data we process and for what purpose, the recipients of this data, (where possible) the period for which data will be stored, any information on the source of personal data not collected from you, as well as whether automated decision-making, including profiling, is carried out and how this works. On request, we will send you an overview of these data processing activities free of charge, and inform you of your additional rights.

Right to rectification

You have the right to have inaccurate or incomplete personal data rectified and/or completed (Article 16 GDPR).

Right to erasure (‘right to be forgotten’)

You have the ‘right to be forgotten’ (Article 17 GDPR). This means we will erase your personal data on request when the data is no longer required for the purposes for which it was collected and processed, and there is no other ground for continued storage of the data. The same applies if you object to or withdraw your consent to the processing of your data, or your data was unlawfully processed.

Right to restriction of processing

You have the right to restrict processing of your data (Article 18 GDPR), for example if you contest the accuracy of your personal data or the lawfulness of data processing, or because the data is required to exercise legal claims. Austrian legislators have also provided for restricted data processing in cases where data cannot be rectified or erased without delay for technical or financial reasons.

Right to object

Under Article 21 of the GDPR, if your data is processed on the basis of legitimate public or private interests, you have the right to object to processing at any time. The same applies to profiling and direct advertising. Therefore, you have the right to object at any time to the cookies that help us to use your personal data – even in pseudonymised form – in order to carry out interest-based advertising.

Right to data portability

You have the right to receive your personal data from us, and to have the data transmitted to another controller, provided this is technically feasible.

Right to withdraw consent

The right to withdraw consent means that you can unsubscribe from our newsletter at any time. By withdrawing your consent, you restrict processing of your data in future (in this case, delivery of the newsletter). This does not affect the lawfulness of data processing carried out before you withdraw your consent.

Right to lodge a complaint with a supervisory authority

If you believe that your data has not been processed in accordance with the GDPR, Article 77 of the Regulation and section 24 Austrian Data Protection Act give you the right to lodge a complaint with the Austrian Data Protection Authority (https://www.data-protection-authority.gv.at/).