Imprint, Accessibility, Privacy Policy

Preamble

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as “data”) we process, for what purposes and to what extent. The Privacy Policy applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as the “Online Offer”).

Last updated: 15 March 2026

Responsible persons

Alina Lückl and Paul Maton

Nordberggasse 17/110

8045 Graz

E-mail-address: contact@pacificvoices.eu

Overview of processing

The following overview summarises the types of data processed and the purposes of their processing, and refers to the data subjects.

Types of data processed

• Inventory data.
• Employment data.
• Location Data.
• Contact details.
• Content Data.
• Usage Data.
• Meta, communication and procedural data.

Categories of data subjects

• Employees.
• users.
• Third Persons.
• Whistleblower.

Purposes of processing

• Communication.
• Security Measures.
• Range measurement.
• Tracking.
• Target group formation.
• Organisational and administrative procedures.
• Feedback.
• User-related information profiles.
• Provision of our online offer and user-friendliness.
• Whistleblower protection.
• Public relations.

Relevant legal bases

Relevant legal bases under the GDPR: Below you will find an overview of the legal bases of the GDPR on the basis of which we process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. Furthermore, if more specific legal bases are relevant in individual cases, we will inform you of these in the privacy policy.

• Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR) – The data subject has given his or her consent to the processing of personal data concerning him or her for a specific purpose or purposes.
• Legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR) – The processing is necessary for compliance with a legal obligation to which the controller is subject.
• Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR) – the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, provided that the interests, fundamental rights and freedoms of the data subject which require the protection of personal data are not overridden.

National data protection regulations in Austria: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Austria. These include, in particular, the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Data Protection Act – FADP). In particular, the Data Protection Act contains special provisions on the right of access, the right to rectification or erasure, the processing of special categories of personal data, processing for other purposes and transmission, as well as automated decision-making in individual cases.

Safety measures

In accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk.

Measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as access, input, disclosure, availability and separation. We have also put in place procedures to ensure that the rights of data subjects are exercised, that data is deleted and that data is compromised. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and processes in accordance with the principle of data protection, through technical design and through data protection-friendly default settings.

Securing online connections with TLS/SSL encryption technology (HTTPS): In order to protect the data of users transmitted via our online services from unauthorized access, we rely on TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt the information transmitted between the website or app and the user’s browser (or between two servers), which protects the data from unauthorized access. TLS, as the evolved and more secure version of SSL, ensures that all data transfers meet the highest security standards. If a website is secured by an SSL/TLS certificate, this is signaled by the display of HTTPS in the URL. This serves as an indicator for users that their data is being transmitted securely and encrypted.

Blogs and publication media

We use blogs or comparable means of online communication and publication (hereinafter referred to as “publication medium”). Readers’ data will only be processed for the purposes of the publication medium to the extent necessary for its presentation and communication between authors and readers or for security reasons. In addition, we refer to the information on the processing of visitors to our publication medium within the framework of this data protection notice.

• Types of data processed: inventory data (e.g. full name, residential address, contact information, customer number, etc.); Contact details (e.g. postal and email addresses or telephone numbers); Content data (e.g., textual or pictorial news and posts, and information about them, such as authorship or time of creation); Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and features). Metalogical, communication and procedural data (e.g. IP addresses, times, identification numbers, persons involved).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing and legitimate interests: Feedback (e.g. collecting feedback via online form); Provision of our online offer and user-friendliness; Security Measures. Organisational and administrative procedures.
• Retention and deletion: Deletion as specified in the section “General information on data storage and deletion”.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

• Comments and posts: If users leave comments or other contributions, their IP addresses may be stored based on our legitimate interests. This is done for our safety in case someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or contribution and are therefore interested in the identity of the author.
  
  Furthermore, we reserve the right to process the information of the users for the purpose of spam detection on the basis of our legitimate interests.
  
  On the same legal basis, we reserve the right to store the IP addresses of users for the duration of surveys and to use cookies to avoid multiple votes.
  
  The personal information provided in the context of the comments and contributions, any contact and website information as well as the content information will be permanently stored by us until the user objects; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Presence in social networks (social media)

We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.

We would like to point out that user data may be processed outside the area of the European Union. This can result in risks for users, for example, because it could make it more difficult to enforce user rights.

Furthermore, user data within social networks is usually processed for market research and advertising purposes. For example, usage profiles can be created based on the user’s usage behavior and resulting interests. The latter may in turn be used, for example, to place advertisements inside and outside the networks that presumably correspond to the interests of the users. Therefore, cookies are usually stored on the users’ computers, in which the user’s usage behaviour and interests are stored. In addition, data can also be stored in the user profiles regardless of the devices used by the users (in particular if they are members of the respective platforms and logged in there).

For a detailed description of the respective forms of processing and the options for objection (opt-out), we refer to the privacy policies and information provided by the operators of the respective networks.

In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can be asserted most effectively with the providers. Only the latter have access to the user data and can directly take appropriate measures and provide information. If you still need help, you can contact us.

• Types of data processed: contact details (e.g. postal and email addresses or telephone numbers); Content data (e.g., textual or pictorial messages and posts, and information about them, such as authorship or time of creation). Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and features).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing and legitimate interests: communication; Feedback (e.g. collecting feedback via online form). Public relations.
• Retention and deletion: Deletion as specified in the section “General information on data storage and deletion”.
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

• Instagram: social network, allows you to share photos and videos, comment on and favorite posts, send messages, subscribe to profiles and pages; Service Provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.instagram.com; Privacy Policy: https://privacycenter.instagram.com/policy/. Basis for third-country transfers: Data Privacy Framework (DPF).

Plug-ins and embedded functions and content

We integrate functional and content elements into our online offer that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). This can be, for example, graphics, videos or city maps (hereinafter referred to uniformly as “content”).

The integration always requires that the third-party providers of this content process the IP address of the users, as they would not be able to send the content to their browser without an IP address. The IP address is therefore required for the display of these contents or functions. We make every effort to use only content whose respective providers use the IP address only for the delivery of the content. Third-party service providers may also use pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information, such as visitor traffic to the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information on the browser and operating system, referring websites, the time of visit and other information on the use of our online offer, but may also be combined with such information from other sources.

Information on legal bases: If we ask users for their consent to the use of third-party providers, the legal basis for data processing is permission. Otherwise, the user data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.

• Types of Data Processed: Usage Data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and features); Metalogical, communication and procedural data (e.g. IP addresses, times, identification numbers, persons involved). Location data (information about the geographical location of a device or person).
• Data subjects: Users (e.g. website visitors, users of online services).
• Purposes of processing and legitimate interests: Provision of our online offer and user-friendliness; Reach measurement (e.g. access statistics, recognition of returning visitors); Tracking (e.g., interest/behavioral profiling, use of cookies); target group formation; Marketing. Profiles with user-related information (creating user profiles).
• Retention and deletion: Deletion as specified in the section “General information on data storage and deletion”. Storing cookies for up to 2 years (Unless otherwise specified, cookies and similar storage methods may be stored on users’ devices for a period of two years).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

• Google Maps: We integrate the maps of the “Google Maps” service of the provider Google. The data processed may include, in particular, IP addresses and location data of users; Service Provider: Google Cloud EMEA Limited, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland; Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR); Website: https://mapsplatform.google.com/; Privacy Policy: https://policies.google.com/privacy. Basis for third-country transfers: Data Privacy Framework (DPF).
• YouTube videos: video content; Service Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR); Website: https://www.youtube.com; Privacy Policy: https://policies.google.com/privacy; Basis for third-country transfers: Data Privacy Framework (DPF). Opt-out: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertisements: https://myadcenter.google.com/personalizationoff.

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke