Principles of Data Processing at TIMETOACT GROUP Austria GmbH

You reached this page via a link because you want to learn more about how we handle your personal data. In order to fulfill our information obligations pursuant to Art. 12 et seq. of the General Data Protection Regulation (GDPR), we are pleased to provide you with the following information on data protection:

The entity responsible under data protection law is TIMETOACT GROUP Österreich GmbH – Canettistraße 5, 1100 Vienna.

You can find more information about our company, details about authorized representatives, and additional contact options in the legal notice on our website:
https://www.timetoact-group.at/impressum-timetoact-group-oesterreich

 

If we have received data from you, we will generally process it only for the purposes for which we received or collected it.

Processing data for other purposes will only be considered if the necessary legal requirements pursuant to Art. 6 (4) GDPR are met. Any related information obligations under Art. 13 (3) GDPR and Art. 14 (4) GDPR will, of course, be fulfilled in such cases.

The legal basis for processing personal data is generally – insofar as there are no more specific legal provisions – Art. 6 GDPR. In particular, the following options are considered:

• Consent (Art. 6 (1) (a) GDPR)

• Data processing for the performance of contracts (Art. 6 (1) (b) GDPR)

• Data processing based on a balancing of interests (Art. 6 (1) (f) GDPR)

• Data processing to fulfill a legal obligation (Art. 6 (1) (c) GDPR)

If personal data is processed on the basis of your consent, you have the right to withdraw this consent at any time with effect for the future.

If we process data based on a balancing of interests, you as the data subject have the right to object to the processing of your personal data, taking into account the requirements of Art. 21 GDPR. The interests we pursue in such cases include, in particular:

• Preparation and billing of offers and contracts, documentation and proof of services provided and agreements made; verification of timely execution, documentation

• Communication with customers and colleagues, collaboration support, cooperative teamwork, and use of appropriate up-to-date software; procurement and offering of centrally provided services by specialists, central coordination, and provision of IT services

• Space planning, meeting and event organization, provision of internet access for visitors

• Maintenance and administration of IT systems, ensuring IT and building security, protection against data loss, protection of one’s own and third-party property

• Protection of the company’s interests, evidence in legal disputes, defense against and enforcement of legal claims, regulation of insurance events

• Marketing, co-marketing, and co-sales as a group, shared use of contacts within the group, identification of possible additional offers, avoidance of duplicate entries, prioritization and segmentation with respect to marketing efficiency, optimization of the newsletter reach and reduction of unsolicited newsletters ("spam")

• Continuous improvement and efficient operation of business processes, including centralization of tasks within the corporate group and optimization of cost structures

We process the data for as long as it is necessary for the respective purpose.

Where statutory retention obligations exist — for example, under commercial or tax law — the relevant personal data will be stored for the duration of the retention period. After the retention period has expired, it is checked whether there is still a need for further processing. If such a need no longer exists, the data will be deleted.

As a rule, we conduct a review toward the end of each calendar year to determine whether continued processing of the data is necessary. Due to the volume of data, this review focuses on specific data categories or processing purposes.

Of course, you may request information at any time (see below) about the data stored about you. In cases where storage is no longer necessary, you may request the deletion or restriction of processing.

Your personal data will generally not be transferred to third parties unless this is necessary for the performance of a contract, the transfer is permissible based on a legitimate interest as defined in Art. 6 (1) (f) GDPR, we are legally obliged to do so, or you have given your consent.

We would like to point out that, as a member of the TIMETOACT GROUP, we share data within the scope of contract execution and based on our legitimate interests with other companies affiliated with TIMETOACT GROUP. This includes our events and consulting services, so that you can benefit from the advantages and offers of all TIMETOACT GROUP companies.
This serves the purpose of avoiding redundant information and enabling us to offer you a coherent and comprehensive range of services across different TIMETOACT GROUP entities.

Your personal data is processed by us, wherever possible, exclusively in data centers located in the Republic of Austria or in data centers within the EU. Where this is not possible, we only use the services of companies with which we have contractually ensured the protection of your personal data through EU Standard Contractual Clauses.

You have the right to obtain information about the personal data concerning you that we process.

If your request for information is not made in writing, please understand that we may ask you to provide proof that you are the person you claim to be.

You also have the right to rectification, erasure, or restriction of processing, insofar as this is legally permissible.

Furthermore, you have the right to object to processing within the framework of legal requirements. The same applies to the right to data portability.

In particular, you have the right to object under Art. 21 (1) and (2) GDPR to the processing of your data in connection with direct marketing if it is based on a balancing of interests.

We have appointed a Data Protection Officer in our company. You can contact them using the following details:

TIMETOACT GROUP Österreich GmbH
Jens Stöber
Canettistraße 5
1100 Vienna
Email: [email protected]

You have the right to lodge a complaint with a supervisory authority for data protection if you believe that the processing of your personal data by us violates data protection regulations.

Last updated: November 7, 2025