Privacy Policy

This policy explains how personal data is processed on david-schaupp.com in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

David Schaupp
Sonntagbergerstrasse 6
3332 Rosenau am Sonntagberg, Austria
Email: schauppdavid@gmail.com

2. Purposes and Legal Bases

Personal data is processed for the following purposes:

  • Handling contact form submissions and communication (Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR).
  • Newsletter subscription management and delivery (Art. 6(1)(a) GDPR, consent).
  • Website security, reliability, and abuse prevention (Art. 6(1)(f) GDPR, legitimate interests).
  • Aggregated analytics and performance measurement (Art. 6(1)(f) GDPR, legitimate interests).

3. Categories of Data

  • Contact form data: name, email address, and message content.
  • Newsletter data: email address and subscription status.
  • Technical data: IP address, browser and device metadata, request timestamps, and logs.

4. Recipients and Processors

Data may be processed by trusted service providers required to operate this website and communication features, including hosting, storage, email delivery, and newsletter tooling. Processing is based on data processing agreements where required by law.

5. International Data Transfers

Where service providers process data outside the EEA, transfers are safeguarded by appropriate mechanisms such as adequacy decisions or Standard Contractual Clauses, as applicable.

6. Retention Periods

Personal data is stored only for as long as necessary for the stated purposes, contractual/legal obligations, or legitimate interests:

  • Contact requests are retained until the inquiry is resolved, then archived only as needed for legal documentation.
  • Newsletter data is retained until consent is withdrawn or the newsletter service is discontinued.
  • Technical logs are retained for security and operational purposes for a limited period.

7. Your Rights Under GDPR

You have the right to request:

  • Access to your personal data (Art. 15 GDPR).
  • Rectification of inaccurate data (Art. 16 GDPR).
  • Erasure of data (Art. 17 GDPR).
  • Restriction of processing (Art. 18 GDPR).
  • Data portability (Art. 20 GDPR).
  • Objection to processing (Art. 21 GDPR).
  • Withdrawal of consent at any time for consent-based processing (Art. 7(3) GDPR).

To exercise your rights, contact: schauppdavid@gmail.com

8. Right to Lodge a Complaint

You have the right to lodge a complaint with the competent supervisory authority. In Austria this is the Austrian Data Protection Authority (Datenschutzbehoerde).

9. Policy Updates

This policy may be updated when legal, technical, or organizational changes require it.

Effective date: March 20, 2026