Privacy Policy

Data Controller Information

The data controller responsible for your personal data is vectronis AG, registered in Austria with registration number FN142536a. Our registered office is located at Kärntner Straße 36, 5096 Salzburg, Austria.

Data We Collect

We collect various types of personal data to provide and improve our Amazon FBA cost analysis services. The data we collect includes:

• Contact Information: Name, email address, phone number, and company details when you contact us or request our services.
• Business Information: Details about your Amazon FBA business, sales data, and product information necessary for our analysis services.
• Website Usage Data: Information about how you use our website, including IP address, browser type, pages visited, and time spent on our site.
• Communication Data: Records of our correspondence with you, including emails, phone calls, and meeting notes.
• Technical Data: Device information, browser settings, and other technical details collected through cookies and similar technologies.

How We Use Your Information

We use the personal data we collect for specific, legitimate business purposes. How we use your information depends on the services you use and your relationship with us:

• Service Provision: To provide Amazon FBA cost analysis services, create reports, and deliver the services you've requested.
• Communication: To respond to your enquiries, provide customer support, and send important updates about our services.
• Business Operations: To manage our client relationships, process payments, and maintain accurate business records.
• Website Improvement: To analyse website usage, improve user experience, and optimise our online services.
• Legal Compliance: To comply with applicable laws, regulations, and legal obligations in Austria and the European Union.
• Marketing: With your consent, to send you information about our services, industry insights, and relevant business updates.

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Contractual Necessity: Processing necessary to perform our services and fulfil our contractual obligations to you.
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services and website functionality.
• Consent: Where you have given explicit consent for specific processing activities, such as marketing communications.
• Legal Obligation: Processing required to comply with legal obligations, including tax and accounting requirements.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal data to third parties. We may share your information in the following limited circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our website and providing our services, subject to appropriate confidentiality agreements.
• Legal Requirements: When required by law, court order, or government regulation, or to protect our legal rights and interests.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.
• Consent: With your explicit consent for specific sharing purposes.

Data Retention

We retain your personal data only as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations. Our data retention periods vary depending on the type of information and the purpose for processing:

• Client Data: We retain client information for the duration of our business relationship plus seven years for accounting and legal compliance purposes.
• Website Data: Analytics and website usage data is typically retained for 26 months.
• Marketing Data: Marketing communications data is retained until you withdraw consent or for three years if there's no engagement.
• Legal Documents: Legal and contractual documents are retained as required by Austrian and EU law.

Your Rights

Under GDPR, you have several rights regarding your personal data. These rights include:

• Access: The right to request access to your personal data and information about how we process it.
• Rectification: The right to request correction of inaccurate or incomplete personal data.
• Erasure: The right to request deletion of your personal data in certain circumstances.
• Restriction: The right to request restriction of processing in certain situations.
• Portability: The right to receive your personal data in a structured, machine-readable format.
• Objection: The right to object to processing based on legitimate interests or for direct marketing purposes.
• Withdraw Consent: Where processing is based on consent, the right to withdraw that consent at any time.

Data Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication procedures
• Staff training on data protection and security
• Secure backup and disaster recovery procedures

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) where our service providers are located. When we transfer data outside the EEA, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for countries with appropriate data protection levels
• Certification schemes and codes of conduct

Children's Privacy

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of significant changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:

Supervisory Authority

You have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) if you believe we have not handled your personal data in accordance with applicable data protection laws.